Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IE is Being Hijacked, Homepage is Hao123.com Now [Solved]


  • This topic is locked This topic is locked

#1
WyffGoaL

WyffGoaL

    Member

  • Member
  • PipPip
  • 57 posts
Hi everyone,

I believe my Internet Explorer is being hijacked, no matter how I change the homepage URL, it will always redirect to www.hao123.com.

It's really annoying and hopefully someone here could help me out.

Your help will be very much appreciated.

Thanks in advance!


OTL Log:

OTL logfile created on: 3/31/2013 2:39:47 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Wyatt.Wyatt-PC\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

5.91 Gb Total Physical Memory | 3.92 Gb Available Physical Memory | 66.25% Memory free
11.82 Gb Paging File | 9.78 Gb Available in Paging File | 82.78% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 304.53 Gb Total Space | 258.51 Gb Free Space | 84.89% Space Free | Partition Type: NTFS
Drive E: | 146.48 Gb Total Space | 142.07 Gb Free Space | 96.99% Space Free | Partition Type: NTFS

Computer Name: WYATT-PC | User Name: Wyatt | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/03/31 02:39:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt.Wyatt-PC\Desktop\OTL.exe
PRC - [2013/03/07 21:48:32 | 001,234,544 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
PRC - [2013/01/28 11:21:00 | 000,081,840 | ---- | M] (Shenzhen QVOD Technology Co.,Ltd) -- C:\Program Files (x86)\QvodPlayer\QvodMon.exe
PRC - [2012/12/19 03:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/10/08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/05/19 15:16:46 | 001,335,360 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/05/19 15:16:34 | 000,839,744 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
PRC - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 13:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe


========== Modules (No Company Name) ==========

MOD - [2013/03/10 23:08:00 | 000,475,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll
MOD - [2013/03/10 23:08:00 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll
MOD - [2013/03/10 22:48:16 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/03/10 22:47:50 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/03/10 22:47:45 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/03/10 22:47:36 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/03/10 22:47:33 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/03/10 22:47:30 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/03/10 22:47:30 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/03/10 22:47:21 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2011/04/23 00:13:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2011/09/16 08:41:28 | 001,518,352 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/09/16 08:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/09/16 08:24:52 | 000,844,560 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/09/15 23:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/06/04 02:51:38 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2011/01/25 17:57:18 | 000,296,448 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010/11/30 05:00:56 | 000,149,504 | ---- | M] (Intel® Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/03/03 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV - [2013/03/13 16:57:59 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/07 22:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/19 03:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/10/08 11:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/10/02 13:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/05/13 13:30:40 | 000,018,432 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe -- (wampapache)
SRV - [2012/04/19 16:02:32 | 008,177,664 | ---- | M] () [On_Demand | Stopped] -- c:\wamp\bin\mysql\mysql5.5.24\bin\mysqld.exe -- (wampmysqld)
SRV - [2011/05/19 15:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/05/19 15:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/05/19 15:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/11/06 13:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/06 11:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/10/06 11:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/03/19 03:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/14 16:49:28 | 000,024,176 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/08 11:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012/10/08 11:42:14 | 000,284,008 | ---- | M] (NVIDIA Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\nvkflt.sys -- (nvkflt)
DRV:64bit: - [2012/08/23 22:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 22:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 22:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/09/18 16:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011/09/15 23:48:24 | 000,299,008 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011/07/21 06:21:50 | 000,406,336 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tixhci.sys -- (tixhci)
DRV:64bit: - [2011/07/21 06:21:50 | 000,136,000 | ---- | M] (Texas Instruments Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\tihub3.sys -- (tihub3)
DRV:64bit: - [2011/07/20 08:54:06 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/07/20 05:13:42 | 000,282,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/06/22 05:19:14 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011/06/22 05:19:12 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/19 15:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/19 15:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011/05/13 16:28:46 | 000,363,856 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2011/04/11 03:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 14:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 14:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 13:29:20 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/01/25 17:57:18 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011/01/21 01:20:46 | 000,176,096 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2010/11/30 05:00:04 | 000,016,120 | ---- | M] (Intel® Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010/11/21 11:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/07 07:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/30 08:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010/10/19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/03/19 17:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/09/25 10:36:14 | 000,238,848 | ---- | M] (Sensible Vision ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\facap.sys -- (FACAP)
DRV:64bit: - [2006/11/02 02:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {2F1E335A-858A-4BE9-8F6B-D0AF1D018B53}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.http: "187.185.71.90"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodInsert: C:\Program Files (x86)\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@qvod.com/QvodShare: C:\Program Files (x86)\QvodPlayer\npShareModule.dll (Shenzhen QVOD Technology Co.,Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\KuaiWanInsert: C:\Program Files (x86)\QvodPlayer\AddIn\KWWebgame\npKWWebGame.dll (Shenzhen QVOD Technology Co.,Ltd)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/11 00:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2013/03/10 15:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\mozilla\Extensions
[2013/03/10 15:42:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/07 22:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 22:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 22:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.172\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Docs = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: MeasureIt! = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aonjhmdcgbgikgjapjckfkefpphjpgma\1.1.3_0\
CHR - Extension: Google Drive = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: PageSpeed Insights (by Google) = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli\2.0.2.3_0\
CHR - Extension: PageRank Status = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn\7.3.0_0\
CHR - Extension: Eye Dropper = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.2.6_0\
CHR - Extension: Session Manager = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc\3.4.5_0\
CHR - Extension: Google Mail Checker = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Ghostery = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: SEO Global For Google Search\u2122 = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojgmigafbpedhdilmemphfklkbghlphi\5.1_0\
CHR - Extension: Gmail = C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/03/13 12:22:37 | 000,000,909 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 p202backup1
O1 - Hosts: 127.0.0.1 p202backup2
O2:64bit: - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D298} - C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll (Shenzhen QVOD Technology Co.,Ltd)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (QvodExtend) - {A8502600-B272-4F68-A67B-A0305D46D297} - C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll (Shenzhen QVOD Technology Co.,Ltd)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [QvodTerminal] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe (Shenzhen QVOD Technology Co.,Ltd)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Wunderlist] C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apps\2.0\2TGTCL6G.YC7\GT3KOM2A.7H7\wund..tion_45ec1bcecca77a53_0002.0000_764351e8af09666f\Wunderlist.exe (6 Wunderkinder GmbH)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4DEFA122-E95D-462F-9299-AD5B16D1B808}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\WINDOWS\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\WINDOWS\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\WINDOWS\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/03/31 02:39:03 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Wyatt.Wyatt-PC\Desktop\OTL.exe
[2013/03/29 21:43:22 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop\New folder
[2013/03/28 12:01:20 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\ElevatedDiagnostics
[2013/03/27 18:53:31 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop\Dragon_City_Mobile_Applift
[2013/03/21 12:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\purevpn
[2013/03/21 12:30:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureVPN
[2013/03/21 12:30:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PureVPN
[2013/03/20 15:09:52 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop\Stack Adwords Banners
[2013/03/19 13:15:22 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\FileZilla
[2013/03/19 13:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/03/19 13:15:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013/03/19 10:51:02 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop\StackIdeas Facebook
[2013/03/17 21:59:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/17 17:31:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Baidu
[2013/03/17 17:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\KuaiWan
[2013/03/17 17:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\QvodPlayer
[2013/03/17 17:30:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QvodPlayer
[2013/03/14 11:16:34 | 000,000,000 | --SD | C] -- C:\Users\Wyatt.Wyatt-PC\Google Drive
[2013/03/14 11:14:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/03/13 20:19:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/13 20:18:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/13 20:18:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/13 18:07:05 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\com.springbox.mobilizer
[2013/03/13 18:07:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobilizer
[2013/03/13 12:21:51 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/13 12:21:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/13 12:21:49 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Notepad++
[2013/03/13 12:21:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/03/13 12:15:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
[2013/03/13 12:13:57 | 000,000,000 | ---D | C] -- C:\wamp
[2013/03/12 13:37:14 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Macromedia
[2013/03/12 12:46:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\6_Wunderkinder_GmbH
[2013/03/12 11:30:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/03/12 11:30:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/03/11 17:36:11 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop\StackIdeas
[2013/03/11 15:56:45 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\NVIDIA
[2013/03/11 00:33:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apple Computer
[2013/03/11 00:33:55 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Apple Computer
[2013/03/11 00:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/03/11 00:33:50 | 000,000,000 | ---D | C] -- C:\windows\SysNative\DRVSTORE
[2013/03/11 00:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/03/11 00:33:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/03/11 00:33:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/03/11 00:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/03/11 00:32:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/03/11 00:32:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/03/11 00:32:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/11 00:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/11 00:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/03/11 00:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/03/11 00:31:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/03/11 00:31:05 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apple
[2013/03/11 00:31:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/03/11 00:31:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/11 00:26:09 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\TechSmith
[2013/03/11 00:25:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
[2013/03/11 00:25:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TechSmith
[2013/03/11 00:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/11 00:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2013/03/11 00:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2013/03/10 23:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/10 23:56:01 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2013/03/10 23:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/10 23:51:41 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2013/03/10 23:31:17 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Wat
[2013/03/10 23:31:17 | 000,000,000 | ---D | C] -- C:\windows\SysNative\Wat
[2013/03/10 21:38:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2013/03/10 21:34:46 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\KeePass
[2013/03/10 21:33:28 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\6Wunderkinder
[2013/03/10 21:32:58 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\6 Wunderkinder GmbH
[2013/03/10 21:31:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/10 21:30:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Works
[2013/03/10 21:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio
[2013/03/10 21:29:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/10 21:28:19 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2013/03/10 21:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/10 21:26:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/03/10 21:25:48 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Microsoft Help
[2013/03/10 21:25:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/10 21:25:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/03/10 21:25:35 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/03/10 21:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/03/10 21:18:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/03/10 21:11:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeePass Password Safe 2
[2013/03/10 21:10:40 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/10 21:10:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013/03/10 21:10:35 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\WinRAR
[2013/03/10 21:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2013/03/10 21:04:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/10 21:02:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Adobe
[2013/03/10 21:02:08 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Skype
[2013/03/10 20:59:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileHippo.com
[2013/03/10 20:59:13 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Malwarebytes
[2013/03/10 20:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/10 20:59:00 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Programs
[2013/03/10 20:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/03/10 20:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/03/10 20:57:19 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Support Center
[2013/03/10 16:37:16 | 000,000,000 | ---D | C] -- C:\windows\SMINST
[2013/03/10 15:42:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Mozilla
[2013/03/10 15:42:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/10 15:42:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/10 15:42:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/10 15:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/10 15:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/10 15:38:56 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Google
[2013/03/10 15:38:37 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apps
[2013/03/10 15:38:35 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Deployment
[2013/03/10 15:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/03/10 15:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/03/10 14:05:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Downloaded Installations
[2013/03/10 14:01:24 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\PCDr
[2013/03/10 14:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\PCDr
[2013/03/10 13:45:06 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Nero_AG
[2013/03/10 13:35:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Roxio Log Files
[2013/03/10 13:34:49 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Mozilla
[2013/03/10 13:33:08 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Macromedia
[2013/03/10 13:33:07 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Adobe
[2013/03/10 13:30:11 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Fingertapps
[2013/03/10 13:30:11 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Dell
[2013/03/10 13:30:05 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Dell
[2013/03/10 13:29:52 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Intel Corporation
[2013/03/10 13:29:44 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Dell Touch Zone
[2013/03/10 13:29:32 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Roxio
[2013/03/10 13:29:20 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Creative
[2013/03/10 13:28:53 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/10 13:28:53 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Searches
[2013/03/10 13:28:53 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/10 13:28:53 | 000,000,000 | -H-D | C] -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/10 13:28:43 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Identities
[2013/03/10 13:28:40 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Contacts
[2013/03/10 13:28:38 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013/03/10 13:28:34 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\VirtualStore
[2013/03/10 13:24:18 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Intel
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Temporary Internet Files
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Templates
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Start Menu
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\SendTo
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Recent
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\PrintHood
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\NetHood
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Documents\My Videos
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Documents\My Pictures
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Documents\My Music
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\My Documents
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Local Settings
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\History
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Cookies
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\Application Data
[2013/03/10 13:24:16 | 000,000,000 | -HSD | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Application Data
[2013/03/10 13:24:15 | 000,000,000 | --SD | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Videos
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Saved Games
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Pictures
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Music
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Links
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Favorites
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Downloads
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Documents
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\Desktop
[2013/03/10 13:24:15 | 000,000,000 | R--D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/10 13:24:15 | 000,000,000 | -H-D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData
[2013/03/10 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Temp
[2013/03/10 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\SoftThinks
[2013/03/10 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\Roaming
[2013/03/10 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Microsoft
[2013/03/10 13:24:15 | 000,000,000 | ---D | C] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Media Center Programs

========== Files - Modified Within 30 Days ==========

[2013/03/31 02:39:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Wyatt.Wyatt-PC\Desktop\OTL.exe
[2013/03/31 01:54:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/31 01:44:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/30 16:40:37 | 000,000,954 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\coreavc.ini
[2013/03/30 15:44:02 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/30 15:29:45 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/03/30 15:29:45 | 000,020,928 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/30 13:41:51 | 000,800,318 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/03/30 13:41:51 | 000,675,892 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/03/30 13:41:51 | 000,126,500 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/03/30 13:37:18 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/03/30 13:37:14 | 464,711,679 | -HS- | M] () -- C:\hiberfil.sys
[2013/03/27 18:48:02 | 004,465,753 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Dragon_City_Mobile_Applift.zip
[2013/03/27 12:10:09 | 000,018,746 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\bad_bad_bad.png
[2013/03/27 11:56:13 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/27 11:17:14 | 000,001,456 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/03/21 12:30:51 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\PureVPN.lnk
[2013/03/19 13:15:15 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/03/18 19:19:07 | 000,045,084 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample.jpg
[2013/03/18 19:12:15 | 000,071,062 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample2.jpg
[2013/03/18 19:00:37 | 000,051,903 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample3.jpg
[2013/03/15 10:45:29 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/14 18:18:06 | 000,813,816 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/03/14 11:16:34 | 000,001,708 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Google Drive Folder.lnk
[2013/03/13 18:07:03 | 000,000,883 | ---- | M] () -- C:\Users\Public\Desktop\Mobilizer.lnk
[2013/03/13 12:21:51 | 000,001,067 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Notepad++.lnk
[2013/03/13 12:15:34 | 000,000,591 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\WampServer.lnk
[2013/03/12 11:31:21 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2013/03/11 17:48:41 | 000,000,000 | -H-- | M] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/11 04:21:07 | 000,108,227 | ---- | M] () -- C:\windows\SysWow64\license.rtf
[2013/03/11 04:21:07 | 000,108,227 | ---- | M] () -- C:\windows\SysNative\license.rtf
[2013/03/11 00:33:53 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/03/11 00:20:20 | 005,037,928 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013/03/11 00:15:36 | 000,001,109 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
[2013/03/10 23:56:05 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/10 21:32:59 | 000,000,326 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Wunderlist.appref-ms
[2013/03/10 21:11:28 | 000,001,107 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\KeePass 2.lnk
[2013/03/10 20:59:35 | 000,001,971 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Update Checker.lnk
[2013/03/10 15:54:10 | 000,002,281 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/10 15:42:11 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/10 15:36:49 | 000,001,439 | ---- | M] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

========== Files Created - No Company Name ==========

[2013/03/27 18:47:50 | 004,465,753 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Dragon_City_Mobile_Applift.zip
[2013/03/27 12:10:09 | 000,018,746 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\bad_bad_bad.png
[2013/03/21 12:30:51 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\PureVPN.lnk
[2013/03/19 13:15:15 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2013/03/18 19:00:37 | 000,051,903 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample3.jpg
[2013/03/18 18:37:33 | 000,071,062 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample2.jpg
[2013/03/17 17:37:02 | 000,000,954 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\coreavc.ini
[2013/03/14 11:16:34 | 000,001,708 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Google Drive Folder.lnk
[2013/03/13 18:07:03 | 000,000,895 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobilizer.lnk
[2013/03/13 18:07:03 | 000,000,883 | ---- | C] () -- C:\Users\Public\Desktop\Mobilizer.lnk
[2013/03/13 12:21:51 | 000,001,067 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Notepad++.lnk
[2013/03/13 12:15:34 | 000,000,591 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\WampServer.lnk
[2013/03/12 13:37:06 | 000,000,830 | ---- | C] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/03/12 11:31:21 | 000,001,945 | ---- | C] () -- C:\windows\epplauncher.mif
[2013/03/12 11:31:11 | 000,002,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/03/11 19:37:20 | 000,045,084 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\DraftExample.jpg
[2013/03/11 19:27:45 | 000,001,456 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/03/11 17:48:41 | 000,000,000 | -H-- | C] () -- C:\windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/11 01:45:45 | 464,711,679 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/11 00:33:53 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/03/11 00:31:04 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/11 00:14:16 | 000,001,109 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Adobe Photoshop CS6 (64 Bit).lnk
[2013/03/11 00:10:57 | 000,001,077 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
[2013/03/11 00:09:26 | 000,001,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
[2013/03/11 00:07:54 | 000,001,039 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
[2013/03/11 00:06:48 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
[2013/03/11 00:00:44 | 000,001,355 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
[2013/03/11 00:00:32 | 000,001,521 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
[2013/03/10 23:56:04 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/10 22:20:15 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/10 22:01:56 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/10 21:32:59 | 000,000,326 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Wunderlist.appref-ms
[2013/03/10 21:18:10 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/10 21:11:28 | 000,001,119 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass 2.lnk
[2013/03/10 21:11:28 | 000,001,107 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\KeePass 2.lnk
[2013/03/10 20:59:35 | 000,002,001 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2013/03/10 20:59:35 | 000,001,971 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Desktop\Update Checker.lnk
[2013/03/10 20:58:55 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/10 15:42:10 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/10 15:42:10 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/10 15:40:19 | 000,002,281 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/10 15:40:19 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/10 15:39:04 | 000,000,896 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/10 15:39:02 | 000,000,892 | ---- | C] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/10 15:36:49 | 000,001,439 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/10 13:28:58 | 000,001,411 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2013/03/10 13:28:54 | 000,001,445 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/10 13:28:10 | 000,001,975 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Help Documentation.lnk
[2013/03/10 13:24:15 | 000,000,290 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/10 13:24:15 | 000,000,272 | ---- | C] () -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/02/01 13:52:34 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/02/01 13:52:34 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/02/01 13:52:34 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/02/01 13:52:33 | 013,356,032 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/02/01 13:52:33 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/02/01 12:28:00 | 000,017,776 | ---- | C] () -- C:\windows\EvtMessage.dll
[2012/02/01 12:23:20 | 000,008,192 | ---- | C] () -- C:\windows\SysWow64\drivers\IntelMEFWVer.dll
[2011/11/17 04:49:04 | 000,000,096 | ---- | C] () -- C:\windows\LaunApp.ini
[2011/11/17 04:49:01 | 000,000,325 | ---- | C] () -- C:\windows\Prelaunch.ini
[2011/11/17 04:49:01 | 000,000,271 | ---- | C] () -- C:\windows\WisPriority.ini
[2011/11/17 04:49:01 | 000,000,035 | ---- | C] () -- C:\windows\DELL_LANGCODE.ini
[2011/11/17 04:49:01 | 000,000,033 | ---- | C] () -- C:\windows\DELL_OSTYPE.ini
[2011/11/17 04:49:01 | 000,000,032 | ---- | C] () -- C:\windows\WisHWDest.ini
[2011/11/17 04:49:01 | 000,000,028 | ---- | C] () -- C:\windows\WisLangCode.ini
[2011/11/17 04:49:01 | 000,000,023 | ---- | C] () -- C:\windows\WisSysInfo.ini
[2011/11/17 03:25:01 | 000,813,816 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

========== ZeroAccess Check ==========

[2009/07/14 12:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\shell32.dll -- [2012/06/09 13:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 12:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\fastprox.dll -- [2009/07/14 09:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 11:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\WINDOWS\SysNative\wbem\wbemess.dll -- [2009/07/14 09:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/10 21:33:28 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\6Wunderkinder
[2013/03/13 18:07:05 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\com.springbox.mobilizer
[2013/03/19 13:50:02 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\FileZilla
[2013/03/10 13:30:11 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Fingertapps
[2013/03/29 12:47:12 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\KeePass
[2013/03/13 12:22:39 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\Notepad++
[2013/03/10 14:03:09 | 000,000,000 | ---D | M] -- C:\Users\Wyatt.Wyatt-PC\AppData\Roaming\PCDr

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2013/03/17 17:31:26 | 000,000,000 | ---D | C](C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\快播软件
[2013/03/17 17:31:25 | 000,001,943 | ---- | M] ()(C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\快播.lnk
[2013/03/17 17:31:25 | 000,001,943 | ---- | C] ()(C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\??.lnk) -- C:\Users\Wyatt.Wyatt-PC\Application Data\Microsoft\Internet Explorer\Quick Launch\快播.lnk

< End of report >
  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello WyffGoaL

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#3
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

Thank you so much for helping me out!

Below is my checkuptxt log:

Results of screen317's Security Check version 0.99.61
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java 7 Update 17
Adobe Flash Player 11.6.602.180
Adobe Reader XI
Mozilla Firefox (19.0.2)
Google Chrome 25.0.1364.160
Google Chrome 25.0.1364.172
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#4
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
AdwCleaner[S1].txt Log

# AdwCleaner v2.115 - Logfile created 03/31/2013 at 04:27:22
# Updated 17/03/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Wyatt - WYATT-PC
# Boot Mode : Normal
# Running from : C:\Users\Wyatt.Wyatt-PC\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16470

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

-\\ Google Chrome v25.0.1364.172

*************************

AdwCleaner[S1].txt - [599 octets] - [31/03/2013 04:27:22]

########## EOF - C:\AdwCleaner[S1].txt - [658 octets] ##########



RKreport[1].txt Log

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Wyatt [Admin rights]
Mode : Scan -- Date : 03/31/2013 04:32:28
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] Wunderlist.exe -- C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apps\2.0\2TGTCL6G.YC7\GT3KOM2A.7H7\wund..tion_45ec1bcecca77a53_0002.0000_764351e8af09666f\Wunderlist.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 8 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : Wunderlist ("C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apps\2.0\2TGTCL6G.YC7\GT3KOM2A.7H7\wund..tion_45ec1bcecca77a53_0002.0000_764351e8af09666f\Wunderlist.exe" /silent) [-] -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-1415409250-421658165-2567368482-1002[...]\Run : Wunderlist ("C:\Users\Wyatt.Wyatt-PC\AppData\Local\Apps\2.0\2TGTCL6G.YC7\GT3KOM2A.7H7\wund..tion_45ec1bcecca77a53_0002.0000_764351e8af09666f\Wunderlist.exe" /silent) [-] -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 p202backup1
127.0.0.1 p202backup2


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST500LM012 HN-M500MBB +++++
--- User ---
[MBR] 2a87387b1cd746a77c58fcc452b032ef
[BSP] 36db342c1c2622103e68161d3408b21f : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 311838 Mo
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 669573120 | Size: 149999 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_03312013_02d0432.txt >>
RKreport[1]_S_03312013_02d0432.txt

Edited by WyffGoaL, 30 March 2013 - 02:38 PM.

  • 0

#5
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello WyffGoaL

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#6
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

After following all of the instructions, now the www.hao123.com is STILL there once I open my IE... that's really annoying.

Still, thank you so much for all the help, do you have idea what's going on now?

Thanks once again.



Anyway, below is my ComboFix's Log:

ComboFix 13-03-30.01 - Wyatt 03/31/2013 5:15.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6052.4478 [GMT 8:00]
Running from: c:\users\Wyatt.Wyatt-PC\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\173c4dd2-e93c-4725-b006-db1d8f465192.dll
c:\programdata\PCDr\6032\AddOnDownloaded\378deb7f-049e-4a5e-83b2-5381dcd9e928.dll
c:\programdata\PCDr\6032\AddOnDownloaded\4804ced5-915b-48a3-a465-b8a5e02714bf.dll
c:\programdata\PCDr\6032\AddOnDownloaded\62d1f0b0-bc9a-4f6c-bad7-93b19a91276a.dll
c:\programdata\PCDr\6032\AddOnDownloaded\739db3eb-d3cd-4c86-a6ea-01a49984fa3b.dll
c:\programdata\PCDr\6032\AddOnDownloaded\7bd83798-7a02-4f50-83a2-b91cabcbd1f9.dll
c:\programdata\PCDr\6032\AddOnDownloaded\934f6059-2d35-4bd9-a130-a17cb5563507.dll
c:\programdata\PCDr\6032\AddOnDownloaded\a61f44a8-21a3-4c4a-a04b-993dfb73bf96.dll
c:\programdata\PCDr\6032\AddOnDownloaded\ddb9fe5d-525c-4d5d-ac37-0bd10f2864f8.dll
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Files Created from 2013-02-28 to 2013-03-30 )))))))))))))))))))))))))))))))
.
.
2013-03-30 21:20 . 2013-03-30 21:20 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-03-30 21:20 . 2013-03-30 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-03-30 18:02 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpengine.dll
2013-03-30 08:19 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-03-21 07:25 . 2013-03-12 03:35 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-03-21 07:25 . 2013-03-12 03:35 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6B2FAD06-B9B3-4948-928F-49DB39AC1677}\gapaengine.dll
2013-03-21 04:30 . 2013-03-21 04:32 -------- d-----w- c:\programdata\purevpn
2013-03-21 04:30 . 2013-03-21 04:44 -------- d-----w- c:\program files (x86)\PureVPN
2013-03-21 02:29 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-19 05:15 . 2013-03-19 05:15 -------- d-----w- c:\program files (x86)\FileZilla FTP Client
2013-03-17 13:59 . 2013-03-17 13:59 -------- d-----w- c:\program files (x86)\Common Files\Skype
2013-03-17 09:31 . 2013-03-17 09:31 -------- d--h--w- c:\users\Public\Device
2013-03-17 09:31 . 2013-03-17 11:57 -------- d-----w- c:\program files (x86)\Baidu
2013-03-17 09:31 . 2013-03-17 09:31 -------- d-----w- c:\programdata\KuaiWan
2013-03-17 09:30 . 2013-03-30 20:34 -------- d-----w- c:\programdata\QvodPlayer
2013-03-17 09:30 . 2013-03-17 09:31 -------- d-----w- c:\program files (x86)\QvodPlayer
2013-03-13 12:18 . 2013-03-13 12:18 -------- d-----w- c:\program files\Microsoft Silverlight
2013-03-13 12:18 . 2013-03-13 12:18 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2013-03-13 10:07 . 2013-03-13 10:07 -------- d-----w- c:\program files (x86)\Mobilizer
2013-03-13 04:21 . 2013-03-13 04:21 -------- d-----w- c:\program files (x86)\Notepad++
2013-03-13 04:13 . 2013-03-13 04:16 -------- d-----w- C:\wamp
2013-03-12 05:37 . 2013-03-13 08:57 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-12 03:30 . 2013-03-12 03:30 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2013-03-12 03:30 . 2013-03-12 03:31 -------- d-----w- c:\program files\Microsoft Security Client
2013-03-11 12:04 . 2013-03-11 12:04 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2013-03-11 10:34 . 2013-02-18 19:57 9162192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{27115797-172C-40BC-9061-4F509152C09F}\mpengine.dll
2013-03-10 16:33 . 2013-03-10 16:33 -------- dc----w- c:\windows\system32\DRVSTORE
2013-03-10 16:33 . 2012-08-21 05:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-03-10 16:33 . 2013-03-10 16:33 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-10 16:33 . 2013-03-10 16:33 -------- d-----w- c:\program files\iTunes
2013-03-10 16:31 . 2013-03-10 16:31 -------- d-----w- c:\program files (x86)\QuickTime
2013-03-10 16:31 . 2013-03-10 16:33 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-03-10 16:31 . 2013-03-10 16:31 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-03-10 16:31 . 2013-03-10 16:32 -------- d-----w- c:\programdata\Apple
2013-03-10 16:25 . 2013-03-10 16:25 -------- d-----w- c:\program files (x86)\TechSmith
2013-03-10 16:11 . 2013-03-10 16:11 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-03-10 16:07 . 2013-03-10 16:10 -------- d-----w- c:\program files\Adobe
2013-03-10 15:56 . 2013-03-10 15:56 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-03-10 15:56 . 2012-12-14 08:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-10 15:51 . 2013-03-10 16:10 -------- d-----w- c:\program files\Common Files\Adobe
2013-03-10 15:45 . 2012-08-24 18:09 458712 ----a-w- c:\windows\system32\drivers\cng.sys
2013-03-10 15:45 . 2012-08-24 18:05 340992 ----a-w- c:\windows\system32\schannel.dll
2013-03-10 15:45 . 2012-08-24 16:57 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2013-03-10 15:45 . 2012-08-24 18:13 154480 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-03-10 15:45 . 2012-08-24 18:03 1448448 ----a-w- c:\windows\system32\lsasrv.dll
2013-03-10 15:45 . 2012-08-24 16:57 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2013-03-10 15:45 . 2012-08-24 16:53 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2013-03-10 15:45 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2013-03-10 15:45 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2013-03-10 15:31 . 2013-03-10 15:31 -------- d-----w- c:\windows\SysWow64\Wat
2013-03-10 15:31 . 2013-03-10 15:31 -------- d-----w- c:\windows\system32\Wat
2013-03-10 14:23 . 2013-03-13 12:20 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-10 14:20 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-03-10 14:20 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-03-10 14:20 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2013-03-10 14:20 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-03-10 14:15 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-10 14:15 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-03-10 14:03 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-03-10 14:03 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-03-10 14:03 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-03-10 14:03 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-03-10 14:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-03-10 14:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-03-10 14:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-03-10 14:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-03-10 14:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-03-10 14:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-03-10 14:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-03-10 13:56 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-03-10 13:56 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-03-10 13:56 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-03-10 13:56 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-03-10 13:56 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-03-10 13:46 . 2012-11-30 05:41 424448 ----a-w- c:\windows\system32\KernelBase.dll
2013-03-10 13:45 . 2012-10-03 17:44 70656 ----a-w- c:\windows\system32\nlaapi.dll
2013-03-10 13:44 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-03-10 13:43 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-03-10 13:42 . 2012-06-02 05:41 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-03-10 13:42 . 2012-06-02 04:36 1159680 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-03-10 13:42 . 2012-06-02 05:41 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-03-10 13:42 . 2012-06-02 05:41 140288 ----a-w- c:\windows\system32\cryptnet.dll
2013-03-10 13:42 . 2012-06-02 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-03-10 13:42 . 2012-06-02 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-03-10 13:38 . 2013-03-19 10:06 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2013-03-10 13:30 . 2013-03-10 15:27 -------- d-----w- c:\program files (x86)\Microsoft Works
2013-03-10 13:28 . 2013-03-10 13:28 -------- d-----w- c:\windows\PCHEALTH
2013-03-10 13:26 . 2013-03-10 13:26 -------- d-----w- c:\program files\Microsoft Office
2013-03-10 13:26 . 2013-03-10 13:26 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2013-03-10 13:25 . 2013-03-13 12:20 -------- d-----w- c:\programdata\Microsoft Help
2013-03-10 13:25 . 2013-03-10 13:25 -------- d-----r- C:\MSOCache
2013-03-10 13:18 . 2013-03-10 16:04 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2013-03-10 13:11 . 2013-03-10 13:11 -------- d-----w- c:\program files (x86)\KeePass Password Safe 2
2013-03-10 12:59 . 2013-03-10 12:59 -------- d-----w- c:\program files (x86)\FileHippo.com
2013-03-10 12:59 . 2013-03-10 12:59 -------- d-----w- c:\programdata\Malwarebytes
2013-03-10 12:58 . 2013-03-27 03:56 -------- d-----w- c:\program files\CCleaner
2013-03-10 12:57 . 2013-03-10 12:57 -------- d-----w- c:\program files\Dell Support Center
2013-03-10 08:37 . 2013-03-10 08:58 -------- d-----w- c:\windows\SMINST
2013-03-10 07:42 . 2013-03-10 07:42 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-03-10 07:39 . 2013-03-14 03:14 -------- d-----w- c:\program files (x86)\Google
2013-03-10 07:38 . 2013-03-10 07:38 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-03-10 07:38 . 2013-03-10 07:37 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-10 07:37 . 2013-03-10 07:37 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-10 07:37 . 2013-03-10 07:37 -------- d-----w- c:\program files (x86)\Java
2013-03-10 06:00 . 2013-03-10 10:51 -------- d-----w- c:\programdata\PCDr
2013-03-10 05:33 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-03-10 05:33 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-03-10 05:33 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-03-10 05:26 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-03-10 05:26 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-03-10 05:26 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-03-10 05:26 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-03-10 05:26 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-03-10 05:26 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-03-10 05:26 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-03-10 05:25 . 2012-06-02 07:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-03-10 05:25 . 2012-06-02 07:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-03-10 05:24 . 2013-03-14 03:16 -------- d-----w- c:\users\Wyatt.Wyatt-PC
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 08:57 . 2012-02-01 04:24 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-10 07:37 . 2012-02-01 04:24 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-12 05:45 . 2013-03-13 06:51 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 06:51 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 06:51 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 06:51 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 06:51 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 06:51 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-20 07:59 . 2013-01-20 07:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-01-20 07:59 . 2013-01-20 07:59 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-01-04 04:43 . 2013-03-10 13:44 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A8502600-B272-4F68-A67B-A0305D46D297}]
2013-02-04 03:25 217520 ----a-w- c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DownloadIcon]
@="{A8502600-B272-4F68-A67B-A0305D46D297}"
[HKEY_CLASSES_ROOT\CLSID\{A8502600-B272-4F68-A67B-A0305D46D297}]
2013-02-04 03:25 217520 ----a-w- c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-11-06 283160]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"QvodTerminal"="c:\program files (x86)\QvodPlayer\QvodTerminal.exe" [2013-03-07 1234544]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-05-19 995392]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-09-15 299008]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-05-19 1335360]
R3 FACAP;facap, FastAccess Video Capture;c:\windows\system32\DRIVERS\facap.sys [2008-09-25 238848]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-06-21 34200]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-09-16 340240]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-10-30 250984]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys [2011-07-20 136000]
R3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys [2011-07-20 406336]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-10 1255736]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-08 30056]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2012-10-08 284008]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-09-15 1166848]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-05-19 921664]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-02 382824]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-09-15 299008]
S3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys [2011-05-19 51712]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-05-19 53248]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-07-19 282624]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2011-01-20 176096]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-07-20 59904]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-06-21 25496]
S3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-09 539240]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-03-15 02:45 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.172\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-03-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-12 08:57]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-10 07:38]
.
2013-03-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-10 07:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A8502600-B272-4F68-A67B-A0305D46D298}]
2013-02-04 03:25 330160 ----a-w- c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DownloadIcon]
@="{A8502600-B272-4F68-A67B-A0305D46D298}"
[HKEY_CLASSES_ROOT\CLSID\{A8502600-B272-4F68-A67B-A0305D46D298}]
2013-02-04 03:25 330160 ----a-w- c:\program files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 08:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 08:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 08:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 08:31 776144 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-20 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-20 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-20 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-25 525312]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-04-12 609144]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-03 446392]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.my/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Wyatt.Wyatt-PC\AppData\Roaming\Mozilla\Firefox\Profiles\cqddnvzr.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.http - 187.185.71.90
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-03-31 05:22:42
ComboFix-quarantined-files.txt 2013-03-30 21:22
.
Pre-Run: 277,207,384,064 bytes free
Post-Run: 277,051,035,648 bytes free
.
- - End Of File - - 4E336B9B0309ADF05B6B1B45DE6142EB

Edited by WyffGoaL, 30 March 2013 - 03:32 PM.

  • 0

#7
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello WyffGoaL

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE


Gringo
  • 0

#8
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

Unfortunately, I still do not have any luck after following the above instructions. Once I restart the IE, the www.hao123.com is still hijacking my IE... that's really bad =(

What should I do next?

Thank you so much once again.
  • 0

#9
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello WyffGoaL


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#10
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

Thanks once again for the help.

All of the logs are as below.


TDSSKiller Log:

05:55:07.0715 0388 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
05:55:08.0417 0388 ============================================================
05:55:08.0417 0388 Current date / time: 2013/03/31 05:55:08.0417
05:55:08.0417 0388 SystemInfo:
05:55:08.0417 0388
05:55:08.0417 0388 OS Version: 6.1.7601 ServicePack: 1.0
05:55:08.0417 0388 Product type: Workstation
05:55:08.0417 0388 ComputerName: WYATT-PC
05:55:08.0417 0388 UserName: Wyatt
05:55:08.0417 0388 Windows directory: C:\windows
05:55:08.0417 0388 System windows directory: C:\windows
05:55:08.0417 0388 Running under WOW64
05:55:08.0417 0388 Processor architecture: Intel x64
05:55:08.0417 0388 Number of processors: 8
05:55:08.0417 0388 Page size: 0x1000
05:55:08.0417 0388 Boot type: Normal boot
05:55:08.0417 0388 ============================================================
05:55:08.0994 0388 BG loaded
05:55:09.0509 0388 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
05:55:09.0587 0388 ============================================================
05:55:09.0587 0388 \Device\Harddisk0\DR0:
05:55:09.0618 0388 MBR partitions:
05:55:09.0618 0388 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
05:55:09.0618 0388 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x2610F030
05:55:09.0696 0388 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27E8E800, BlocksNum 0x124F7000
05:55:09.0696 0388 ============================================================
05:55:09.0774 0388 C: <-> \Device\Harddisk0\DR0\Partition2
05:55:10.0071 0388 E: <-> \Device\Harddisk0\DR0\Partition3
05:55:10.0071 0388 ============================================================
05:55:10.0071 0388 Initialize success
05:55:10.0071 0388 ============================================================
05:56:45.0031 5640 ============================================================
05:56:45.0046 5640 Scan started
05:56:45.0046 5640 Mode: Manual; SigCheck; TDLFS;
05:56:45.0046 5640 ============================================================
05:56:47.0761 5640 ================ Scan system memory ========================
05:56:47.0761 5640 System memory - ok
05:56:47.0761 5640 ================ Scan services =============================
05:56:48.0400 5640 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
05:56:48.0775 5640 1394ohci - ok
05:56:48.0837 5640 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
05:56:48.0837 5640 ACPI - ok
05:56:48.0868 5640 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
05:56:48.0962 5640 AcpiPmi - ok
05:56:49.0102 5640 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
05:56:49.0134 5640 AdobeARMservice - ok
05:56:49.0258 5640 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
05:56:49.0290 5640 AdobeFlashPlayerUpdateSvc - ok
05:56:49.0414 5640 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
05:56:49.0446 5640 adp94xx - ok
05:56:49.0555 5640 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
05:56:49.0570 5640 adpahci - ok
05:56:49.0633 5640 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
05:56:49.0680 5640 adpu320 - ok
05:56:49.0976 5640 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
05:56:51.0068 5640 AeLookupSvc - ok
05:56:51.0286 5640 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
05:56:51.0380 5640 AESTFilters - ok
05:56:51.0583 5640 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
05:56:51.0801 5640 AFD - ok
05:56:51.0864 5640 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
05:56:51.0879 5640 agp440 - ok
05:56:51.0957 5640 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
05:56:52.0207 5640 ALG - ok
05:56:52.0269 5640 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
05:56:52.0285 5640 aliide - ok
05:56:52.0316 5640 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
05:56:52.0316 5640 amdide - ok
05:56:52.0332 5640 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
05:56:52.0363 5640 AmdK8 - ok
05:56:52.0378 5640 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
05:56:52.0441 5640 AmdPPM - ok
05:56:52.0472 5640 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
05:56:52.0488 5640 amdsata - ok
05:56:52.0550 5640 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
05:56:52.0597 5640 amdsbs - ok
05:56:52.0597 5640 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
05:56:52.0612 5640 amdxata - ok
05:56:52.0659 5640 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\windows\system32\DRIVERS\AMPPAL.sys
05:56:52.0737 5640 AMPPAL - ok
05:56:52.0737 5640 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\windows\system32\DRIVERS\amppal.sys
05:56:52.0737 5640 AMPPALP - ok
05:56:52.0956 5640 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
05:56:53.0002 5640 AMPPALR3 - ok
05:56:53.0080 5640 [ 24ED0EB2B2558970176ECEE680F8F806 ] ApfiltrService C:\windows\system32\DRIVERS\Apfiltr.sys
05:56:53.0096 5640 ApfiltrService - ok
05:56:53.0127 5640 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
05:56:53.0299 5640 AppID - ok
05:56:53.0346 5640 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
05:56:53.0392 5640 AppIDSvc - ok
05:56:53.0424 5640 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
05:56:53.0502 5640 Appinfo - ok
05:56:53.0580 5640 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:56:53.0595 5640 Apple Mobile Device - ok
05:56:53.0626 5640 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
05:56:53.0642 5640 arc - ok
05:56:53.0673 5640 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
05:56:53.0673 5640 arcsas - ok
05:56:53.0782 5640 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
05:56:53.0814 5640 aspnet_state - ok
05:56:53.0845 5640 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
05:56:53.0907 5640 AsyncMac - ok
05:56:53.0970 5640 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
05:56:54.0001 5640 atapi - ok
05:56:54.0032 5640 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
05:56:54.0141 5640 AudioEndpointBuilder - ok
05:56:54.0172 5640 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
05:56:54.0235 5640 AudioSrv - ok
05:56:54.0250 5640 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
05:56:54.0344 5640 AxInstSV - ok
05:56:54.0422 5640 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
05:56:54.0500 5640 b06bdrv - ok
05:56:54.0594 5640 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
05:56:54.0656 5640 b57nd60a - ok
05:56:54.0718 5640 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
05:56:54.0781 5640 BDESVC - ok
05:56:54.0859 5640 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
05:56:54.0937 5640 Beep - ok
05:56:55.0015 5640 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
05:56:55.0062 5640 BFE - ok
05:56:55.0233 5640 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
05:56:55.0296 5640 BITS - ok
05:56:55.0358 5640 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
05:56:55.0420 5640 blbdrive - ok
05:56:55.0530 5640 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
05:56:55.0592 5640 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
05:56:55.0592 5640 Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
05:56:55.0654 5640 [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
05:56:55.0764 5640 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
05:56:55.0764 5640 Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
05:56:56.0044 5640 [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
05:56:56.0138 5640 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
05:56:56.0138 5640 Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
05:56:56.0278 5640 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
05:56:56.0310 5640 Bonjour Service - ok
05:56:56.0388 5640 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
05:56:56.0450 5640 bowser - ok
05:56:56.0481 5640 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
05:56:56.0544 5640 BrFiltLo - ok
05:56:56.0590 5640 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
05:56:56.0622 5640 BrFiltUp - ok
05:56:56.0668 5640 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
05:56:56.0762 5640 BridgeMP - ok
05:56:56.0840 5640 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
05:56:56.0902 5640 Browser - ok
05:56:56.0996 5640 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
05:56:57.0136 5640 Brserid - ok
05:56:57.0168 5640 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
05:56:57.0214 5640 BrSerWdm - ok
05:56:57.0230 5640 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
05:56:57.0292 5640 BrUsbMdm - ok
05:56:57.0355 5640 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
05:56:57.0386 5640 BrUsbSer - ok
05:56:57.0417 5640 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
05:56:57.0480 5640 BthEnum - ok
05:56:57.0526 5640 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
05:56:57.0542 5640 BTHMODEM - ok
05:56:57.0589 5640 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
05:56:57.0620 5640 BthPan - ok
05:56:57.0682 5640 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
05:56:57.0776 5640 BTHPORT - ok
05:56:57.0823 5640 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
05:56:57.0963 5640 bthserv - ok
05:56:57.0994 5640 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
05:56:57.0994 5640 BTHSSecurityMgr - ok
05:56:58.0026 5640 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
05:56:58.0057 5640 BTHUSB - ok
05:56:58.0150 5640 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio C:\windows\system32\drivers\btmaud.sys
05:56:58.0228 5640 btmaudio - ok
05:56:58.0260 5640 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
05:56:58.0322 5640 btmaux - ok
05:56:58.0353 5640 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
05:56:58.0416 5640 btmhsf - ok
05:56:58.0462 5640 catchme - ok
05:56:58.0494 5640 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
05:56:58.0572 5640 cdfs - ok
05:56:58.0650 5640 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
05:56:58.0696 5640 cdrom - ok
05:56:58.0728 5640 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
05:56:58.0806 5640 CertPropSvc - ok
05:56:58.0852 5640 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
05:56:58.0899 5640 circlass - ok
05:56:58.0915 5640 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
05:56:58.0962 5640 CLFS - ok
05:56:59.0024 5640 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:56:59.0071 5640 clr_optimization_v2.0.50727_32 - ok
05:56:59.0118 5640 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
05:56:59.0149 5640 clr_optimization_v2.0.50727_64 - ok
05:56:59.0242 5640 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:56:59.0336 5640 clr_optimization_v4.0.30319_32 - ok
05:56:59.0367 5640 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:56:59.0398 5640 clr_optimization_v4.0.30319_64 - ok
05:56:59.0430 5640 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
05:56:59.0476 5640 CmBatt - ok
05:56:59.0523 5640 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
05:56:59.0539 5640 cmdide - ok
05:56:59.0570 5640 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\windows\system32\Drivers\cng.sys
05:56:59.0586 5640 CNG - ok
05:56:59.0617 5640 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
05:56:59.0632 5640 Compbatt - ok
05:56:59.0664 5640 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
05:56:59.0710 5640 CompositeBus - ok
05:56:59.0742 5640 COMSysApp - ok
05:56:59.0742 5640 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
05:56:59.0757 5640 crcdisk - ok
05:56:59.0788 5640 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll
05:56:59.0851 5640 CryptSvc - ok
05:56:59.0913 5640 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\windows\system32\DRIVERS\CtClsFlt.sys
05:56:59.0960 5640 CtClsFlt - ok
05:57:00.0022 5640 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
05:57:00.0132 5640 DcomLaunch - ok
05:57:00.0178 5640 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
05:57:00.0225 5640 defragsvc - ok
05:57:00.0256 5640 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
05:57:00.0303 5640 DfsC - ok
05:57:00.0350 5640 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
05:57:00.0428 5640 Dhcp - ok
05:57:00.0444 5640 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
05:57:00.0522 5640 discache - ok
05:57:00.0568 5640 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
05:57:00.0600 5640 Disk - ok
05:57:00.0631 5640 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
05:57:00.0662 5640 Dnscache - ok
05:57:00.0693 5640 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
05:57:00.0756 5640 dot3svc - ok
05:57:00.0771 5640 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
05:57:00.0802 5640 DPS - ok
05:57:00.0834 5640 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
05:57:00.0880 5640 drmkaud - ok
05:57:00.0927 5640 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
05:57:00.0958 5640 DXGKrnl - ok
05:57:00.0990 5640 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
05:57:01.0021 5640 EapHost - ok
05:57:01.0114 5640 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
05:57:01.0255 5640 ebdrv - ok
05:57:01.0317 5640 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
05:57:01.0380 5640 EFS - ok
05:57:01.0442 5640 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
05:57:01.0536 5640 ehRecvr - ok
05:57:01.0536 5640 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
05:57:01.0551 5640 ehSched - ok
05:57:01.0598 5640 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
05:57:01.0629 5640 elxstor - ok
05:57:01.0645 5640 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
05:57:01.0676 5640 ErrDev - ok
05:57:01.0770 5640 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
05:57:01.0832 5640 EventSystem - ok
05:57:01.0926 5640 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
05:57:01.0957 5640 EvtEng - ok
05:57:02.0004 5640 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
05:57:02.0050 5640 exfat - ok
05:57:02.0113 5640 [ 2C1D443E14F376E8331F52F135DCA9EF ] FACAP C:\windows\system32\DRIVERS\facap.sys
05:57:02.0144 5640 FACAP - ok
05:57:02.0160 5640 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
05:57:02.0222 5640 fastfat - ok
05:57:02.0300 5640 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
05:57:02.0394 5640 Fax - ok
05:57:02.0440 5640 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
05:57:02.0503 5640 fdc - ok
05:57:02.0565 5640 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
05:57:02.0612 5640 fdPHost - ok
05:57:02.0643 5640 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
05:57:02.0659 5640 FDResPub - ok
05:57:02.0690 5640 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
05:57:02.0690 5640 FileInfo - ok
05:57:02.0721 5640 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
05:57:02.0799 5640 Filetrace - ok
05:57:02.0846 5640 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
05:57:02.0862 5640 flpydisk - ok
05:57:02.0893 5640 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
05:57:02.0893 5640 FltMgr - ok
05:57:02.0971 5640 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\windows\system32\FntCache.dll
05:57:03.0018 5640 FontCache - ok
05:57:03.0064 5640 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
05:57:03.0096 5640 FontCache3.0.0.0 - ok
05:57:03.0127 5640 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
05:57:03.0142 5640 FsDepends - ok
05:57:03.0174 5640 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
05:57:03.0205 5640 Fs_Rec - ok
05:57:03.0252 5640 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
05:57:03.0267 5640 fvevol - ok
05:57:03.0298 5640 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
05:57:03.0298 5640 gagp30kx - ok
05:57:03.0345 5640 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
05:57:03.0361 5640 GEARAspiWDM - ok
05:57:03.0423 5640 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
05:57:03.0470 5640 gpsvc - ok
05:57:03.0532 5640 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:57:03.0548 5640 gupdate - ok
05:57:03.0579 5640 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:57:03.0595 5640 gupdatem - ok
05:57:03.0626 5640 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
05:57:03.0688 5640 hcw85cir - ok
05:57:03.0720 5640 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
05:57:03.0766 5640 HdAudAddService - ok
05:57:03.0798 5640 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
05:57:03.0844 5640 HDAudBus - ok
05:57:03.0876 5640 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
05:57:03.0922 5640 HidBatt - ok
05:57:03.0969 5640 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
05:57:04.0016 5640 HidBth - ok
05:57:04.0047 5640 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
05:57:04.0110 5640 HidIr - ok
05:57:04.0125 5640 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
05:57:04.0203 5640 hidserv - ok
05:57:04.0250 5640 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
05:57:04.0250 5640 HidUsb - ok
05:57:04.0281 5640 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
05:57:04.0344 5640 hkmsvc - ok
05:57:04.0375 5640 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
05:57:04.0437 5640 HomeGroupListener - ok
05:57:04.0453 5640 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
05:57:04.0484 5640 HomeGroupProvider - ok
05:57:04.0531 5640 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
05:57:04.0562 5640 HpSAMD - ok
05:57:04.0609 5640 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
05:57:04.0671 5640 HTTP - ok
05:57:04.0687 5640 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
05:57:04.0687 5640 hwpolicy - ok
05:57:04.0718 5640 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
05:57:04.0749 5640 i8042prt - ok
05:57:04.0780 5640 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
05:57:04.0812 5640 iaStor - ok
05:57:04.0858 5640 [ 8FFF9083252C16FE3960173722605E9E ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
05:57:04.0874 5640 IAStorDataMgrSvc - ok
05:57:04.0936 5640 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
05:57:04.0983 5640 iaStorV - ok
05:57:05.0014 5640 [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex C:\windows\system32\DRIVERS\iBtFltCoex.sys
05:57:05.0046 5640 iBtFltCoex - ok
05:57:05.0124 5640 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
05:57:05.0139 5640 idsvc - ok
05:57:05.0389 5640 [ 174BCAC474DE13B2650E444CF124828E ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
05:57:05.0670 5640 igfx - ok
05:57:05.0716 5640 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
05:57:05.0748 5640 iirsp - ok
05:57:05.0794 5640 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
05:57:05.0857 5640 IKEEXT - ok
05:57:05.0919 5640 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
05:57:05.0950 5640 intaud_WaveExtensible - ok
05:57:05.0950 5640 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
05:57:05.0966 5640 intelide - ok
05:57:05.0997 5640 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
05:57:06.0044 5640 intelppm - ok
05:57:06.0075 5640 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
05:57:06.0138 5640 IPBusEnum - ok
05:57:06.0153 5640 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
05:57:06.0184 5640 IpFilterDriver - ok
05:57:06.0231 5640 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
05:57:06.0294 5640 iphlpsvc - ok
05:57:06.0325 5640 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
05:57:06.0372 5640 IPMIDRV - ok
05:57:06.0387 5640 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
05:57:06.0450 5640 IPNAT - ok
05:57:06.0496 5640 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
05:57:06.0543 5640 iPod Service - ok
05:57:06.0559 5640 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
05:57:06.0590 5640 IRENUM - ok
05:57:06.0637 5640 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
05:57:06.0652 5640 isapnp - ok
05:57:06.0699 5640 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
05:57:06.0762 5640 iScsiPrt - ok
05:57:06.0793 5640 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys
05:57:06.0824 5640 iwdbus - ok
05:57:06.0824 5640 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
05:57:06.0840 5640 kbdclass - ok
05:57:06.0855 5640 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
05:57:06.0871 5640 kbdhid - ok
05:57:06.0902 5640 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
05:57:06.0918 5640 KeyIso - ok
05:57:06.0964 5640 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
05:57:06.0996 5640 KSecDD - ok
05:57:07.0027 5640 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
05:57:07.0058 5640 KSecPkg - ok
05:57:07.0089 5640 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
05:57:07.0152 5640 ksthunk - ok
05:57:07.0198 5640 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
05:57:07.0261 5640 KtmRm - ok
05:57:07.0308 5640 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
05:57:07.0386 5640 LanmanServer - ok
05:57:07.0417 5640 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
05:57:07.0448 5640 LanmanWorkstation - ok
05:57:07.0510 5640 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
05:57:07.0573 5640 lltdio - ok
05:57:07.0604 5640 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
05:57:07.0682 5640 lltdsvc - ok
05:57:07.0713 5640 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
05:57:07.0729 5640 lmhosts - ok
05:57:07.0791 5640 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
05:57:07.0822 5640 LMS - ok
05:57:07.0869 5640 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
05:57:07.0900 5640 LSI_FC - ok
05:57:07.0900 5640 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
05:57:07.0916 5640 LSI_SAS - ok
05:57:07.0932 5640 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
05:57:07.0932 5640 LSI_SAS2 - ok
05:57:07.0947 5640 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
05:57:07.0963 5640 LSI_SCSI - ok
05:57:07.0978 5640 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
05:57:08.0010 5640 luafv - ok
05:57:08.0056 5640 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys
05:57:08.0056 5640 MBAMProtector - ok
05:57:08.0119 5640 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:57:08.0134 5640 MBAMScheduler - ok
05:57:08.0197 5640 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:57:08.0228 5640 MBAMService - ok
05:57:08.0244 5640 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
05:57:08.0290 5640 Mcx2Svc - ok
05:57:08.0306 5640 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
05:57:08.0306 5640 megasas - ok
05:57:08.0368 5640 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
05:57:08.0400 5640 MegaSR - ok
05:57:08.0431 5640 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
05:57:08.0462 5640 MEIx64 - ok
05:57:08.0540 5640 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
05:57:08.0571 5640 Microsoft Office Groove Audit Service - ok
05:57:08.0587 5640 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
05:57:08.0649 5640 MMCSS - ok
05:57:08.0680 5640 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
05:57:08.0712 5640 Modem - ok
05:57:08.0743 5640 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
05:57:08.0790 5640 monitor - ok
05:57:08.0821 5640 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
05:57:08.0852 5640 mouclass - ok
05:57:08.0883 5640 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
05:57:08.0930 5640 mouhid - ok
05:57:08.0946 5640 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
05:57:08.0977 5640 mountmgr - ok
05:57:09.0039 5640 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
05:57:09.0102 5640 MozillaMaintenance - ok
05:57:09.0164 5640 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
05:57:09.0211 5640 MpFilter - ok
05:57:09.0273 5640 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
05:57:09.0304 5640 mpio - ok
05:57:09.0320 5640 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
05:57:09.0351 5640 mpsdrv - ok
05:57:09.0476 5640 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
05:57:09.0538 5640 MpsSvc - ok
05:57:09.0554 5640 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
05:57:09.0570 5640 MRxDAV - ok
05:57:09.0601 5640 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
05:57:09.0648 5640 mrxsmb - ok
05:57:09.0679 5640 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
05:57:09.0679 5640 mrxsmb10 - ok
05:57:09.0694 5640 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
05:57:09.0710 5640 mrxsmb20 - ok
05:57:09.0726 5640 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
05:57:09.0726 5640 msahci - ok
05:57:09.0741 5640 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
05:57:09.0772 5640 msdsm - ok
05:57:09.0804 5640 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
05:57:09.0850 5640 MSDTC - ok
05:57:09.0897 5640 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
05:57:09.0944 5640 Msfs - ok
05:57:09.0944 5640 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
05:57:09.0991 5640 mshidkmdf - ok
05:57:10.0006 5640 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
05:57:10.0006 5640 msisadrv - ok
05:57:10.0053 5640 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
05:57:10.0131 5640 MSiSCSI - ok
05:57:10.0131 5640 msiserver - ok
05:57:10.0147 5640 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
05:57:10.0209 5640 MSKSSRV - ok
05:57:10.0287 5640 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
05:57:10.0318 5640 MsMpSvc - ok
05:57:10.0350 5640 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
05:57:10.0412 5640 MSPCLOCK - ok
05:57:10.0412 5640 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
05:57:10.0459 5640 MSPQM - ok
05:57:10.0474 5640 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
05:57:10.0474 5640 MsRPC - ok
05:57:10.0506 5640 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
05:57:10.0506 5640 mssmbios - ok
05:57:10.0521 5640 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
05:57:10.0552 5640 MSTEE - ok
05:57:10.0584 5640 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
05:57:10.0584 5640 MTConfig - ok
05:57:10.0615 5640 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
05:57:10.0646 5640 Mup - ok
05:57:10.0693 5640 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
05:57:10.0724 5640 MyWiFiDHCPDNS - ok
05:57:10.0755 5640 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
05:57:10.0833 5640 napagent - ok
05:57:10.0896 5640 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
05:57:10.0958 5640 NativeWifiP - ok
05:57:11.0005 5640 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys
05:57:11.0052 5640 NDIS - ok
05:57:11.0083 5640 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
05:57:11.0098 5640 NdisCap - ok
05:57:11.0130 5640 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
05:57:11.0145 5640 NdisTapi - ok
05:57:11.0176 5640 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
05:57:11.0223 5640 Ndisuio - ok
05:57:11.0239 5640 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
05:57:11.0270 5640 NdisWan - ok
05:57:11.0286 5640 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
05:57:11.0317 5640 NDProxy - ok
05:57:11.0332 5640 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
05:57:11.0379 5640 NetBIOS - ok
05:57:11.0395 5640 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
05:57:11.0426 5640 NetBT - ok
05:57:11.0426 5640 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
05:57:11.0442 5640 Netlogon - ok
05:57:11.0473 5640 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
05:57:11.0535 5640 Netman - ok
05:57:11.0551 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:57:11.0629 5640 NetMsmqActivator - ok
05:57:11.0660 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:57:11.0676 5640 NetPipeActivator - ok
05:57:11.0707 5640 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
05:57:11.0754 5640 netprofm - ok
05:57:11.0754 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:57:11.0754 5640 NetTcpActivator - ok
05:57:11.0769 5640 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
05:57:11.0769 5640 NetTcpPortSharing - ok
05:57:11.0956 5640 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys
05:57:12.0050 5640 NETwNs64 - ok
05:57:12.0112 5640 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
05:57:12.0128 5640 nfrd960 - ok
05:57:12.0175 5640 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
05:57:12.0206 5640 NisDrv - ok
05:57:12.0237 5640 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
05:57:12.0268 5640 NisSrv - ok
05:57:12.0300 5640 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll
05:57:12.0331 5640 NlaSvc - ok
05:57:12.0346 5640 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
05:57:12.0393 5640 Npfs - ok
05:57:12.0518 5640 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
05:57:12.0580 5640 nsi - ok
05:57:12.0612 5640 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
05:57:12.0627 5640 nsiproxy - ok
05:57:12.0674 5640 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
05:57:12.0736 5640 Ntfs - ok
05:57:12.0736 5640 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
05:57:12.0768 5640 Null - ok
05:57:12.0814 5640 [ F2662FDC20518EE8A8EED4F61BA42349 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys
05:57:12.0846 5640 NVHDA - ok
05:57:12.0892 5640 [ 65E6BB06A644533118BE007E9601B2C2 ] nvkflt C:\windows\system32\DRIVERS\nvkflt.sys
05:57:12.0924 5640 nvkflt - ok
05:57:13.0204 5640 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys
05:57:13.0345 5640 nvlddmkm - ok
05:57:13.0392 5640 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\windows\system32\DRIVERS\nvpciflt.sys
05:57:13.0423 5640 nvpciflt - ok
05:57:13.0454 5640 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
05:57:13.0485 5640 nvraid - ok
05:57:13.0516 5640 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
05:57:13.0532 5640 nvstor - ok
05:57:13.0610 5640 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\windows\system32\nvvsvc.exe
05:57:13.0626 5640 NVSvc - ok
05:57:13.0735 5640 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:57:13.0766 5640 nvUpdatusService - ok
05:57:13.0782 5640 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
05:57:13.0813 5640 nv_agp - ok
05:57:13.0938 5640 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:57:13.0984 5640 odserv - ok
05:57:14.0000 5640 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
05:57:14.0016 5640 ohci1394 - ok
05:57:14.0047 5640 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:57:14.0078 5640 ose - ok
05:57:14.0109 5640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
05:57:14.0187 5640 p2pimsvc - ok
05:57:14.0218 5640 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
05:57:14.0250 5640 p2psvc - ok
05:57:14.0281 5640 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
05:57:14.0312 5640 Parport - ok
05:57:14.0359 5640 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
05:57:14.0390 5640 partmgr - ok
05:57:14.0406 5640 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
05:57:14.0437 5640 PcaSvc - ok
05:57:14.0452 5640 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
05:57:14.0484 5640 pci - ok
05:57:14.0530 5640 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
05:57:14.0530 5640 pciide - ok
05:57:14.0546 5640 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
05:57:14.0562 5640 pcmcia - ok
05:57:14.0577 5640 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
05:57:14.0593 5640 pcw - ok
05:57:14.0640 5640 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
05:57:14.0702 5640 PEAUTH - ok
05:57:14.0780 5640 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
05:57:14.0827 5640 PerfHost - ok
05:57:14.0905 5640 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
05:57:14.0967 5640 pla - ok
05:57:15.0014 5640 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
05:57:15.0076 5640 PlugPlay - ok
05:57:15.0123 5640 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
05:57:15.0186 5640 PNRPAutoReg - ok
05:57:15.0217 5640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
05:57:15.0248 5640 PNRPsvc - ok
05:57:15.0279 5640 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
05:57:15.0342 5640 PolicyAgent - ok
05:57:15.0357 5640 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\windows\system32\umpo.dll
05:57:15.0420 5640 Power - ok
05:57:15.0466 5640 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
05:57:15.0513 5640 PptpMiniport - ok
05:57:15.0544 5640 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
05:57:15.0607 5640 Processor - ok
05:57:15.0638 5640 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
05:57:15.0700 5640 ProfSvc - ok
05:57:15.0732 5640 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
05:57:15.0747 5640 ProtectedStorage - ok
05:57:15.0778 5640 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
05:57:15.0825 5640 Psched - ok
05:57:15.0872 5640 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
05:57:15.0903 5640 PxHlpa64 - ok
05:57:15.0981 5640 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
05:57:16.0012 5640 ql2300 - ok
05:57:16.0028 5640 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
05:57:16.0028 5640 ql40xx - ok
05:57:16.0059 5640 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
05:57:16.0075 5640 QWAVE - ok
05:57:16.0090 5640 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
05:57:16.0122 5640 QWAVEdrv - ok
05:57:16.0137 5640 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
05:57:16.0200 5640 RasAcd - ok
05:57:16.0246 5640 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
05:57:16.0293 5640 RasAgileVpn - ok
05:57:16.0309 5640 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
05:57:16.0356 5640 RasAuto - ok
05:57:16.0371 5640 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
05:57:16.0418 5640 Rasl2tp - ok
05:57:16.0449 5640 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
05:57:16.0496 5640 RasMan - ok
05:57:16.0512 5640 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
05:57:16.0574 5640 RasPppoe - ok
05:57:16.0590 5640 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
05:57:16.0621 5640 RasSstp - ok
05:57:16.0636 5640 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
05:57:16.0668 5640 rdbss - ok
05:57:16.0683 5640 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
05:57:16.0699 5640 rdpbus - ok
05:57:16.0730 5640 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
05:57:16.0777 5640 RDPCDD - ok
05:57:16.0792 5640 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
05:57:16.0824 5640 RDPENCDD - ok
05:57:16.0839 5640 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
05:57:16.0855 5640 RDPREFMP - ok
05:57:16.0917 5640 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
05:57:16.0964 5640 RdpVideoMiniport - ok
05:57:16.0995 5640 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
05:57:17.0042 5640 RDPWD - ok
05:57:17.0058 5640 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
05:57:17.0104 5640 rdyboost - ok
05:57:17.0214 5640 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
05:57:17.0229 5640 RegSrvc - ok
05:57:17.0260 5640 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
05:57:17.0323 5640 RemoteAccess - ok
05:57:17.0354 5640 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
05:57:17.0370 5640 RemoteRegistry - ok
05:57:17.0416 5640 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
05:57:17.0463 5640 RFCOMM - ok
05:57:17.0479 5640 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
05:57:17.0526 5640 RpcEptMapper - ok
05:57:17.0541 5640 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
05:57:17.0541 5640 RpcLocator - ok
05:57:17.0588 5640 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
05:57:17.0635 5640 RpcSs - ok
05:57:17.0666 5640 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
05:57:17.0682 5640 rspndr - ok
05:57:17.0744 5640 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
05:57:17.0775 5640 RSUSBSTOR - ok
05:57:17.0806 5640 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
05:57:17.0838 5640 RTL8167 - ok
05:57:17.0853 5640 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
05:57:17.0869 5640 SamSs - ok
05:57:17.0869 5640 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
05:57:17.0884 5640 sbp2port - ok
05:57:17.0916 5640 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
05:57:17.0931 5640 SCardSvr - ok
05:57:17.0947 5640 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
05:57:17.0978 5640 scfilter - ok
05:57:18.0040 5640 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
05:57:18.0118 5640 Schedule - ok
05:57:18.0165 5640 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
05:57:18.0212 5640 SCPolicySvc - ok
05:57:18.0228 5640 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
05:57:18.0290 5640 SDRSVC - ok
05:57:18.0321 5640 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
05:57:18.0399 5640 secdrv - ok
05:57:18.0415 5640 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
05:57:18.0446 5640 seclogon - ok
05:57:18.0462 5640 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
05:57:18.0540 5640 SENS - ok
05:57:18.0586 5640 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
05:57:18.0618 5640 SensrSvc - ok
05:57:18.0649 5640 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
05:57:18.0696 5640 Serenum - ok
05:57:18.0727 5640 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
05:57:18.0789 5640 Serial - ok
05:57:18.0789 5640 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
05:57:18.0820 5640 sermouse - ok
05:57:18.0867 5640 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
05:57:18.0930 5640 SessionEnv - ok
05:57:18.0961 5640 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
05:57:18.0961 5640 sffdisk - ok
05:57:18.0976 5640 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
05:57:19.0008 5640 sffp_mmc - ok
05:57:19.0039 5640 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
05:57:19.0070 5640 sffp_sd - ok
05:57:19.0101 5640 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
05:57:19.0117 5640 sfloppy - ok
05:57:19.0164 5640 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
05:57:19.0210 5640 SharedAccess - ok
05:57:19.0273 5640 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
05:57:19.0335 5640 ShellHWDetection - ok
05:57:19.0351 5640 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
05:57:19.0366 5640 SiSRaid2 - ok
05:57:19.0382 5640 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
05:57:19.0413 5640 SiSRaid4 - ok
05:57:19.0522 5640 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
05:57:19.0554 5640 SkypeUpdate - ok
05:57:19.0585 5640 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
05:57:19.0647 5640 Smb - ok
05:57:19.0694 5640 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
05:57:19.0741 5640 SNMPTRAP - ok
05:57:19.0756 5640 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
05:57:19.0756 5640 spldr - ok
05:57:19.0788 5640 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
05:57:19.0803 5640 Spooler - ok
05:57:19.0897 5640 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
05:57:19.0959 5640 sppsvc - ok
05:57:20.0022 5640 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
05:57:20.0053 5640 sppuinotify - ok
05:57:20.0131 5640 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
05:57:20.0209 5640 srv - ok
05:57:20.0256 5640 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
05:57:20.0334 5640 srv2 - ok
05:57:20.0365 5640 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
05:57:20.0365 5640 srvnet - ok
05:57:20.0427 5640 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
05:57:20.0474 5640 SSDPSRV - ok
05:57:20.0505 5640 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
05:57:20.0552 5640 SstpSvc - ok
05:57:20.0708 5640 [ B2D8B364A831427A5741F6C408FA8AE3 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
05:57:20.0755 5640 STacSV - ok
05:57:20.0895 5640 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:57:20.0942 5640 Stereo Service - ok
05:57:20.0989 5640 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
05:57:20.0989 5640 stexstor - ok
05:57:21.0160 5640 [ EF5ACDE92BA3F691BBFEF781CB063501 ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
05:57:21.0192 5640 STHDA - ok
05:57:21.0301 5640 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
05:57:21.0332 5640 stisvc - ok
05:57:21.0363 5640 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys
05:57:21.0363 5640 swenum - ok
05:57:21.0550 5640 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
05:57:21.0613 5640 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
05:57:21.0613 5640 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
05:57:21.0675 5640 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
05:57:21.0769 5640 swprv - ok
05:57:21.0831 5640 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
05:57:21.0878 5640 SysMain - ok
05:57:21.0894 5640 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
05:57:21.0925 5640 TabletInputService - ok
05:57:21.0940 5640 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
05:57:21.0972 5640 TapiSrv - ok
05:57:22.0018 5640 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
05:57:22.0065 5640 TBS - ok
05:57:22.0143 5640 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys
05:57:22.0190 5640 Tcpip - ok
05:57:22.0268 5640 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
05:57:22.0299 5640 TCPIP6 - ok
05:57:22.0330 5640 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
05:57:22.0346 5640 tcpipreg - ok
05:57:22.0377 5640 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
05:57:22.0440 5640 TDPIPE - ok
05:57:22.0455 5640 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
05:57:22.0502 5640 TDTCP - ok
05:57:22.0533 5640 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
05:57:22.0596 5640 tdx - ok
05:57:22.0611 5640 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys
05:57:22.0627 5640 TermDD - ok
05:57:22.0658 5640 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
05:57:22.0705 5640 TermService - ok
05:57:22.0720 5640 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
05:57:22.0736 5640 Themes - ok
05:57:22.0767 5640 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
05:57:22.0814 5640 THREADORDER - ok
05:57:22.0845 5640 [ 68FE3D89829E27D4FD5EEA7BD2C41985 ] tihub3 C:\windows\system32\DRIVERS\tihub3.sys
05:57:22.0861 5640 tihub3 - ok
05:57:22.0892 5640 [ 0102C9633CE1F18A6AC021F28B734DB5 ] tixhci C:\windows\system32\DRIVERS\tixhci.sys
05:57:22.0923 5640 tixhci - ok
05:57:22.0954 5640 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
05:57:23.0017 5640 TrkWks - ok
05:57:23.0064 5640 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
05:57:23.0079 5640 TrustedInstaller - ok
05:57:23.0095 5640 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
05:57:23.0126 5640 tssecsrv - ok
05:57:23.0188 5640 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
05:57:23.0251 5640 TsUsbFlt - ok
05:57:23.0266 5640 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
05:57:23.0298 5640 TsUsbGD - ok
05:57:23.0329 5640 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
05:57:23.0376 5640 tunnel - ok
05:57:23.0407 5640 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\windows\system32\DRIVERS\TurboB.sys
05:57:23.0422 5640 TurboB - ok
05:57:23.0454 5640 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
05:57:23.0500 5640 TurboBoost - ok
05:57:23.0516 5640 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
05:57:23.0532 5640 uagp35 - ok
05:57:23.0547 5640 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
05:57:23.0594 5640 udfs - ok
05:57:23.0625 5640 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
05:57:23.0656 5640 UI0Detect - ok
05:57:23.0703 5640 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
05:57:23.0734 5640 uliagpkx - ok
05:57:23.0750 5640 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
05:57:23.0797 5640 umbus - ok
05:57:23.0812 5640 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
05:57:23.0875 5640 UmPass - ok
05:57:24.0031 5640 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
05:57:24.0062 5640 UNS - ok
05:57:24.0093 5640 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
05:57:24.0171 5640 upnphost - ok
05:57:24.0234 5640 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
05:57:24.0296 5640 USBAAPL64 - ok
05:57:24.0312 5640 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
05:57:24.0374 5640 usbccgp - ok
05:57:24.0405 5640 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
05:57:24.0452 5640 usbcir - ok
05:57:24.0468 5640 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
05:57:24.0499 5640 usbehci - ok
05:57:24.0530 5640 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
05:57:24.0577 5640 usbhub - ok
05:57:24.0593 5640 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
05:57:24.0655 5640 usbohci - ok
05:57:24.0655 5640 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\drivers\usbprint.sys
05:57:24.0686 5640 usbprint - ok
05:57:24.0702 5640 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
05:57:24.0780 5640 USBSTOR - ok
05:57:24.0795 5640 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
05:57:24.0827 5640 usbuhci - ok
05:57:24.0873 5640 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
05:57:24.0905 5640 usbvideo - ok
05:57:24.0920 5640 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
05:57:24.0998 5640 UxSms - ok
05:57:25.0029 5640 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
05:57:25.0045 5640 VaultSvc - ok
05:57:25.0076 5640 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
05:57:25.0107 5640 vdrvroot - ok
05:57:25.0123 5640 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
05:57:25.0154 5640 vds - ok
05:57:25.0185 5640 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
05:57:25.0217 5640 vga - ok
05:57:25.0232 5640 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
05:57:25.0295 5640 VgaSave - ok
05:57:25.0326 5640 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
05:57:25.0341 5640 vhdmp - ok
05:57:25.0357 5640 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
05:57:25.0357 5640 viaide - ok
05:57:25.0388 5640 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
05:57:25.0388 5640 volmgr - ok
05:57:25.0419 5640 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
05:57:25.0435 5640 volmgrx - ok
05:57:25.0451 5640 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
05:57:25.0466 5640 volsnap - ok
05:57:25.0513 5640 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
05:57:25.0544 5640 vsmraid - ok
05:57:25.0607 5640 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
05:57:25.0685 5640 VSS - ok
05:57:25.0700 5640 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
05:57:25.0716 5640 vwifibus - ok
05:57:25.0747 5640 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
05:57:25.0809 5640 vwififlt - ok
05:57:25.0825 5640 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
05:57:25.0825 5640 vwifimp - ok
05:57:25.0856 5640 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
05:57:25.0903 5640 W32Time - ok
05:57:25.0903 5640 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
05:57:25.0919 5640 WacomPen - ok
05:57:26.0012 5640 [ 5D81DFEDC21830764B02F12415AFAE2B ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
05:57:26.0090 5640 wampapache ( UnsignedFile.Multi.Generic ) - warning
05:57:26.0090 5640 wampapache - detected UnsignedFile.Multi.Generic (1)
05:57:26.0153 5640 wampmysqld - ok
05:57:26.0215 5640 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
05:57:26.0277 5640 WANARP - ok
05:57:26.0277 5640 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
05:57:26.0309 5640 Wanarpv6 - ok
05:57:26.0387 5640 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
05:57:26.0418 5640 WatAdminSvc - ok
05:57:26.0449 5640 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
05:57:26.0527 5640 wbengine - ok
05:57:26.0558 5640 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
05:57:26.0558 5640 WbioSrvc - ok
05:57:26.0589 5640 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
05:57:26.0621 5640 wcncsvc - ok
05:57:26.0636 5640 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
05:57:26.0667 5640 WcsPlugInService - ok
05:57:26.0683 5640 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
05:57:26.0699 5640 Wd - ok
05:57:26.0761 5640 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
05:57:26.0792 5640 Wdf01000 - ok
05:57:26.0808 5640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
05:57:26.0886 5640 WdiServiceHost - ok
05:57:26.0886 5640 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
05:57:26.0901 5640 WdiSystemHost - ok
05:57:26.0933 5640 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
05:57:26.0995 5640 WebClient - ok
05:57:27.0011 5640 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
05:57:27.0042 5640 Wecsvc - ok
05:57:27.0057 5640 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
05:57:27.0089 5640 wercplsupport - ok
05:57:27.0104 5640 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
05:57:27.0135 5640 WerSvc - ok
05:57:27.0167 5640 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
05:57:27.0182 5640 WfpLwf - ok
05:57:27.0229 5640 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys
05:57:27.0260 5640 WimFltr - ok
05:57:27.0291 5640 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
05:57:27.0323 5640 WIMMount - ok
05:57:27.0338 5640 WinDefend - ok
05:57:27.0354 5640 WinHttpAutoProxySvc - ok
05:57:27.0416 5640 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
05:57:27.0463 5640 Winmgmt - ok
05:57:27.0525 5640 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
05:57:27.0572 5640 WinRM - ok
05:57:27.0635 5640 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
05:57:27.0666 5640 WinUsb - ok
05:57:27.0713 5640 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
05:57:27.0744 5640 Wlansvc - ok
05:57:27.0775 5640 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
05:57:27.0806 5640 WmiAcpi - ok
05:57:27.0837 5640 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
05:57:27.0884 5640 wmiApSrv - ok
05:57:27.0915 5640 WMPNetworkSvc - ok
05:57:27.0978 5640 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
05:57:28.0025 5640 WPCSvc - ok
05:57:28.0025 5640 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
05:57:28.0040 5640 WPDBusEnum - ok
05:57:28.0071 5640 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
05:57:28.0118 5640 ws2ifsl - ok
05:57:28.0134 5640 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
05:57:28.0165 5640 wscsvc - ok
05:57:28.0165 5640 WSearch - ok
05:57:28.0243 5640 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
05:57:28.0290 5640 wuauserv - ok
05:57:28.0305 5640 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
05:57:28.0352 5640 WudfPf - ok
05:57:28.0399 5640 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
05:57:28.0430 5640 WUDFRd - ok
05:57:28.0461 5640 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll
05:57:28.0493 5640 wudfsvc - ok
05:57:28.0524 5640 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
05:57:28.0555 5640 WwanSvc - ok
05:57:28.0571 5640 ================ Scan global ===============================
05:57:28.0602 5640 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
05:57:28.0633 5640 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
05:57:28.0649 5640 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll
05:57:28.0680 5640 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
05:57:28.0711 5640 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
05:57:28.0727 5640 [Global] - ok
05:57:28.0727 5640 ================ Scan MBR ==================================
05:57:28.0742 5640 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
05:57:29.0288 5640 \Device\Harddisk0\DR0 - ok
05:57:29.0288 5640 ================ Scan VBR ==================================
05:57:29.0288 5640 [ B4A651EA79A9998884DA67ECFFB5E2E7 ] \Device\Harddisk0\DR0\Partition1
05:57:29.0288 5640 \Device\Harddisk0\DR0\Partition1 - ok
05:57:29.0319 5640 [ 71CCB192E8F0C77BE4F7C14C9FAACED1 ] \Device\Harddisk0\DR0\Partition2
05:57:29.0319 5640 \Device\Harddisk0\DR0\Partition2 - ok
05:57:29.0351 5640 [ 24472FCA5997D8302E06A2DC8857DDA1 ] \Device\Harddisk0\DR0\Partition3
05:57:29.0351 5640 \Device\Harddisk0\DR0\Partition3 - ok
05:57:29.0351 5640 ================ Scan active images ========================
05:57:29.0351 5640 [ 3E588B60EC061686BA05D33574A344C6 ] C:\WINDOWS\System32\drivers\crashdmp.sys
05:57:29.0351 5640 C:\WINDOWS\System32\drivers\crashdmp.sys - ok
05:57:29.0366 5640 [ D7921D5A870B11CC1ADAB198A519D50A ] C:\WINDOWS\System32\drivers\iaStor.sys
05:57:29.0366 5640 C:\WINDOWS\System32\drivers\iaStor.sys - ok
05:57:29.0366 5640 [ 814DB88F2641691575A455CF25354098 ] C:\WINDOWS\System32\drivers\dumpfve.sys
05:57:29.0366 5640 C:\WINDOWS\System32\drivers\dumpfve.sys - ok
05:57:29.0382 5640 [ 16A47CE2DECC9B099349A5F840654746 ] C:\WINDOWS\System32\drivers\beep.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\beep.sys - ok
05:57:29.0382 5640 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\WINDOWS\System32\drivers\cdrom.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\cdrom.sys - ok
05:57:29.0382 5640 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\WINDOWS\System32\drivers\null.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\null.sys - ok
05:57:29.0382 5640 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\WINDOWS\System32\drivers\RDPCDD.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\RDPCDD.sys - ok
05:57:29.0382 5640 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\WINDOWS\System32\drivers\vga.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\vga.sys - ok
05:57:29.0382 5640 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\WINDOWS\System32\drivers\videoprt.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\videoprt.sys - ok
05:57:29.0382 5640 [ FC438D1430B28618E2D0C7C332A710AD ] C:\WINDOWS\System32\drivers\watchdog.sys
05:57:29.0382 5640 C:\WINDOWS\System32\drivers\watchdog.sys - ok
05:57:29.0397 5640 [ BB5971A4F00659529A5C44831AF22365 ] C:\WINDOWS\System32\drivers\RDPENCDD.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\RDPENCDD.sys - ok
05:57:29.0397 5640 [ 216F3FA57533D98E1F74DED70113177A ] C:\WINDOWS\System32\drivers\RDPREFMP.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\RDPREFMP.sys - ok
05:57:29.0397 5640 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\WINDOWS\System32\drivers\msfs.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\msfs.sys - ok
05:57:29.0397 5640 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\WINDOWS\System32\drivers\npfs.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\npfs.sys - ok
05:57:29.0397 5640 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\WINDOWS\System32\drivers\tdi.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\tdi.sys - ok
05:57:29.0397 5640 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\WINDOWS\System32\drivers\tdx.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\tdx.sys - ok
05:57:29.0397 5640 [ 09594D1089C523423B32A4229263F068 ] C:\WINDOWS\System32\drivers\netbt.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\netbt.sys - ok
05:57:29.0397 5640 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\WINDOWS\System32\drivers\afd.sys
05:57:29.0397 5640 C:\WINDOWS\System32\drivers\afd.sys - ok
05:57:29.0413 5640 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\WINDOWS\System32\drivers\ws2ifsl.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\ws2ifsl.sys - ok
05:57:29.0413 5640 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\WINDOWS\System32\drivers\netbios.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\netbios.sys - ok
05:57:29.0413 5640 [ 0557CF5A2556BD58E26384169D72438D ] C:\WINDOWS\System32\drivers\pacer.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\pacer.sys - ok
05:57:29.0413 5640 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\WINDOWS\System32\drivers\vwififlt.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\vwififlt.sys - ok
05:57:29.0413 5640 [ 356AFD78A6ED4457169241AC3965230C ] C:\WINDOWS\System32\drivers\wanarp.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\wanarp.sys - ok
05:57:29.0413 5640 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\WINDOWS\System32\drivers\wfplwf.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\wfplwf.sys - ok
05:57:29.0413 5640 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\WINDOWS\System32\drivers\termdd.sys
05:57:29.0413 5640 C:\WINDOWS\System32\drivers\termdd.sys - ok
05:57:29.0429 5640 [ 77F665941019A1594D887A74F301FA2F ] C:\WINDOWS\System32\drivers\rdbss.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\rdbss.sys - ok
05:57:29.0429 5640 [ 65E6BB06A644533118BE007E9601B2C2 ] C:\WINDOWS\System32\drivers\nvkflt.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\nvkflt.sys - ok
05:57:29.0429 5640 [ F5BEE30450E18E6B83A5012C100616FD ] C:\WINDOWS\System32\drivers\dxgkrnl.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\dxgkrnl.sys - ok
05:57:29.0429 5640 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\WINDOWS\System32\drivers\dxgmms1.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\dxgmms1.sys - ok
05:57:29.0429 5640 [ E7F5AE18AF4168178A642A9247C63001 ] C:\WINDOWS\System32\drivers\nsiproxy.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\nsiproxy.sys - ok
05:57:29.0429 5640 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\WINDOWS\System32\drivers\dfsc.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\dfsc.sys - ok
05:57:29.0429 5640 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\WINDOWS\System32\drivers\discache.sys
05:57:29.0429 5640 C:\WINDOWS\System32\drivers\discache.sys - ok
05:57:29.0444 5640 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\WINDOWS\System32\drivers\mssmbios.sys
05:57:29.0444 5640 C:\WINDOWS\System32\drivers\mssmbios.sys - ok
05:57:29.0444 5640 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\WINDOWS\System32\drivers\blbdrive.sys
05:57:29.0444 5640 C:\WINDOWS\System32\drivers\blbdrive.sys - ok
05:57:29.0444 5640 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\WINDOWS\System32\drivers\tunnel.sys
05:57:29.0444 5640 C:\WINDOWS\System32\drivers\tunnel.sys - ok
05:57:29.0444 5640 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\WINDOWS\System32\ntdll.dll
05:57:29.0444 5640 C:\WINDOWS\System32\ntdll.dll - ok
05:57:29.0444 5640 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\WINDOWS\System32\smss.exe
05:57:29.0444 5640 C:\WINDOWS\System32\smss.exe - ok
05:57:29.0444 5640 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\WINDOWS\System32\autochk.exe
05:57:29.0444 5640 C:\WINDOWS\System32\autochk.exe - ok
05:57:29.0444 5640 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\WINDOWS\System32\drivers\nvlddmkm.sys
05:57:29.0444 5640 C:\WINDOWS\System32\drivers\nvlddmkm.sys - ok
05:57:29.0444 5640 [ 53883A0057063F9695475186A81BF001 ] C:\WINDOWS\System32\drivers\nvBridge.kmd
05:57:29.0444 5640 C:\WINDOWS\System32\drivers\nvBridge.kmd - ok
05:57:29.0460 5640 [ 174BCAC474DE13B2650E444CF124828E ] C:\WINDOWS\System32\drivers\igdkmd64.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\igdkmd64.sys - ok
05:57:29.0460 5640 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\WINDOWS\System32\drivers\HECIx64.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\HECIx64.sys - ok
05:57:29.0460 5640 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\WINDOWS\System32\drivers\usbport.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\usbport.sys - ok
05:57:29.0460 5640 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\WINDOWS\System32\drivers\hdaudbus.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\hdaudbus.sys - ok
05:57:29.0460 5640 [ C025055FE7B87701EB042095DF1A2D7B ] C:\WINDOWS\System32\drivers\usbehci.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\usbehci.sys - ok
05:57:29.0460 5640 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\WINDOWS\System32\drivers\Rt64win7.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\Rt64win7.sys - ok
05:57:29.0460 5640 [ 9FD1BE1881446D954FF77244AE58FBCB ] C:\WINDOWS\System32\drivers\NETwNs64.sys
05:57:29.0460 5640 C:\WINDOWS\System32\drivers\NETwNs64.sys - ok
05:57:29.0475 5640 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\WINDOWS\System32\drivers\vwifibus.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\vwifibus.sys - ok
05:57:29.0475 5640 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\WINDOWS\System32\drivers\i8042prt.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\i8042prt.sys - ok
05:57:29.0475 5640 [ 24ED0EB2B2558970176ECEE680F8F806 ] C:\WINDOWS\System32\drivers\Apfiltr.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\Apfiltr.sys - ok
05:57:29.0475 5640 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\WINDOWS\System32\drivers\kbdclass.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\kbdclass.sys - ok
05:57:29.0475 5640 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\WINDOWS\System32\drivers\mouclass.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\mouclass.sys - ok
05:57:29.0475 5640 [ 8E98D21EE06192492A5671A6144D092F ] C:\WINDOWS\System32\drivers\GEARAspiWDM.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\GEARAspiWDM.sys - ok
05:57:29.0475 5640 [ F6FF8944478594D0E414D3F048F0D778 ] C:\WINDOWS\System32\drivers\wmiacpi.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\wmiacpi.sys - ok
05:57:29.0475 5640 [ ADA036632C664CAA754079041CF1F8C1 ] C:\WINDOWS\System32\drivers\intelppm.sys
05:57:29.0475 5640 C:\WINDOWS\System32\drivers\intelppm.sys - ok
05:57:29.0491 5640 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\WINDOWS\System32\drivers\CmBatt.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\CmBatt.sys - ok
05:57:29.0491 5640 [ 3BC90482A834F998C3B7A9C934A20342 ] C:\WINDOWS\System32\drivers\AmpPal.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\AmpPal.sys - ok
05:57:29.0491 5640 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\WINDOWS\System32\drivers\agilevpn.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\agilevpn.sys - ok
05:57:29.0491 5640 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\WINDOWS\System32\drivers\CompositeBus.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\CompositeBus.sys - ok
05:57:29.0491 5640 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\WINDOWS\System32\drivers\ndistapi.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\ndistapi.sys - ok
05:57:29.0491 5640 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\WINDOWS\System32\drivers\ndiswan.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\ndiswan.sys - ok
05:57:29.0491 5640 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\WINDOWS\System32\drivers\rasl2tp.sys
05:57:29.0491 5640 C:\WINDOWS\System32\drivers\rasl2tp.sys - ok
05:57:29.0507 5640 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\WINDOWS\System32\drivers\raspppoe.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\raspppoe.sys - ok
05:57:29.0507 5640 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\WINDOWS\System32\drivers\raspptp.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\raspptp.sys - ok
05:57:29.0507 5640 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\WINDOWS\System32\drivers\rassstp.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\rassstp.sys - ok
05:57:29.0507 5640 [ 716F66336F10885D935B08174DC54242 ] C:\WINDOWS\System32\drivers\iwdbus.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\iwdbus.sys - ok
05:57:29.0507 5640 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\WINDOWS\System32\drivers\ks.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\ks.sys - ok
05:57:29.0507 5640 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\WINDOWS\System32\drivers\swenum.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\swenum.sys - ok
05:57:29.0507 5640 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\WINDOWS\System32\drivers\umbus.sys
05:57:29.0507 5640 C:\WINDOWS\System32\drivers\umbus.sys - ok
05:57:29.0522 5640 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\WINDOWS\System32\drivers\usbhub.sys
05:57:29.0522 5640 C:\WINDOWS\System32\drivers\usbhub.sys - ok
05:57:29.0522 5640 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\WINDOWS\System32\drivers\ndproxy.sys
05:57:29.0522 5640 C:\WINDOWS\System32\drivers\ndproxy.sys - ok
05:57:29.0522 5640 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\WINDOWS\System32\imm32.dll
05:57:29.0522 5640 C:\WINDOWS\System32\imm32.dll - ok
05:57:29.0522 5640 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\WINDOWS\System32\ws2_32.dll
05:57:29.0522 5640 C:\WINDOWS\System32\ws2_32.dll - ok
05:57:29.0522 5640 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\WINDOWS\System32\rpcrt4.dll
05:57:29.0522 5640 C:\WINDOWS\System32\rpcrt4.dll - ok
05:57:29.0522 5640 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\WINDOWS\System32\msvcrt.dll
05:57:29.0522 5640 C:\WINDOWS\System32\msvcrt.dll - ok
05:57:29.0522 5640 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\WINDOWS\System32\iertutil.dll
05:57:29.0522 5640 C:\WINDOWS\System32\iertutil.dll - ok
05:57:29.0538 5640 [ C06B32165E23A72A898B7A89679AD754 ] C:\WINDOWS\System32\oleaut32.dll
05:57:29.0538 5640 C:\WINDOWS\System32\oleaut32.dll - ok
05:57:29.0538 5640 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\WINDOWS\System32\imagehlp.dll
05:57:29.0538 5640 C:\WINDOWS\System32\imagehlp.dll - ok
05:57:29.0538 5640 [ D202223587518B13D72D68937B7E3F70 ] C:\WINDOWS\System32\lpk.dll
05:57:29.0538 5640 C:\WINDOWS\System32\lpk.dll - ok
05:57:29.0538 5640 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\WINDOWS\System32\sechost.dll
05:57:29.0538 5640 C:\WINDOWS\System32\sechost.dll - ok
05:57:29.0538 5640 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\WINDOWS\System32\msctf.dll
05:57:29.0538 5640 C:\WINDOWS\System32\msctf.dll - ok
05:57:29.0538 5640 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\WINDOWS\System32\normaliz.dll
05:57:29.0538 5640 C:\WINDOWS\System32\normaliz.dll - ok
05:57:29.0538 5640 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\WINDOWS\System32\nsi.dll
05:57:29.0538 5640 C:\WINDOWS\System32\nsi.dll - ok
05:57:29.0538 5640 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\WINDOWS\System32\comdlg32.dll
05:57:29.0538 5640 C:\WINDOWS\System32\comdlg32.dll - ok
05:57:29.0553 5640 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\WINDOWS\System32\gdi32.dll
05:57:29.0553 5640 C:\WINDOWS\System32\gdi32.dll - ok
05:57:29.0553 5640 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\WINDOWS\System32\clbcatq.dll
05:57:29.0553 5640 C:\WINDOWS\System32\clbcatq.dll - ok
05:57:29.0553 5640 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\WINDOWS\System32\Wldap32.dll
05:57:29.0553 5640 C:\WINDOWS\System32\Wldap32.dll - ok
05:57:29.0553 5640 [ F7CE0C81C545364020ED8203CF0A633E ] C:\WINDOWS\System32\difxapi.dll
05:57:29.0553 5640 C:\WINDOWS\System32\difxapi.dll - ok
05:57:29.0553 5640 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\WINDOWS\System32\psapi.dll
05:57:29.0553 5640 C:\WINDOWS\System32\psapi.dll - ok
05:57:29.0553 5640 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\WINDOWS\System32\shell32.dll
05:57:29.0553 5640 C:\WINDOWS\System32\shell32.dll - ok
05:57:29.0553 5640 [ 65C113214F7B05820F6D8A65B1485196 ] C:\WINDOWS\System32\kernel32.dll
05:57:29.0553 5640 C:\WINDOWS\System32\kernel32.dll - ok
05:57:29.0553 5640 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\WINDOWS\System32\shlwapi.dll
05:57:29.0553 5640 C:\WINDOWS\System32\shlwapi.dll - ok
05:57:29.0569 5640 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\WINDOWS\System32\urlmon.dll
05:57:29.0569 5640 C:\WINDOWS\System32\urlmon.dll - ok
05:57:29.0569 5640 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\WINDOWS\System32\advapi32.dll
05:57:29.0569 5640 C:\WINDOWS\System32\advapi32.dll - ok
05:57:29.0569 5640 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\WINDOWS\System32\ole32.dll
05:57:29.0569 5640 C:\WINDOWS\System32\ole32.dll - ok
05:57:29.0569 5640 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\WINDOWS\System32\user32.dll
05:57:29.0569 5640 C:\WINDOWS\System32\user32.dll - ok
05:57:29.0569 5640 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\WINDOWS\System32\setupapi.dll
05:57:29.0569 5640 C:\WINDOWS\System32\setupapi.dll - ok
05:57:29.0569 5640 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\WINDOWS\System32\usp10.dll
05:57:29.0569 5640 C:\WINDOWS\System32\usp10.dll - ok
05:57:29.0569 5640 [ FA274190682AA41A46B285208ED46A74 ] C:\WINDOWS\System32\wininet.dll
05:57:29.0569 5640 C:\WINDOWS\System32\wininet.dll - ok
05:57:29.0569 5640 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\WINDOWS\System32\crypt32.dll
05:57:29.0569 5640 C:\WINDOWS\System32\crypt32.dll - ok
05:57:29.0585 5640 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\WINDOWS\System32\cfgmgr32.dll
05:57:29.0585 5640 C:\WINDOWS\System32\cfgmgr32.dll - ok
05:57:29.0585 5640 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\System32\comctl32.dll
05:57:29.0585 5640 C:\WINDOWS\System32\comctl32.dll - ok
05:57:29.0585 5640 [ 06FEC9E8117103BB1141A560E98077DA ] C:\WINDOWS\System32\devobj.dll
05:57:29.0585 5640 C:\WINDOWS\System32\devobj.dll - ok
05:57:29.0585 5640 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\WINDOWS\System32\KernelBase.dll
05:57:29.0585 5640 C:\WINDOWS\System32\KernelBase.dll - ok
05:57:29.0585 5640 [ AA06902362B1422D7A7DA7061E07C624 ] C:\WINDOWS\System32\wintrust.dll
05:57:29.0585 5640 C:\WINDOWS\System32\wintrust.dll - ok
05:57:29.0585 5640 [ 884415BD4269C02EAF8E2613BF85500D ] C:\WINDOWS\System32\msasn1.dll
05:57:29.0585 5640 C:\WINDOWS\System32\msasn1.dll - ok
05:57:29.0585 5640 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\WINDOWS\System32\drivers\drmk.sys
05:57:29.0585 5640 C:\WINDOWS\System32\drivers\drmk.sys - ok
05:57:29.0600 5640 [ 6869281E78CB31A43E969F06B57347C4 ] C:\WINDOWS\System32\drivers\ksthunk.sys
05:57:29.0600 5640 C:\WINDOWS\System32\drivers\ksthunk.sys - ok
05:57:29.0600 5640 [ 32E11315B5126921FFD9074840EF13D3 ] C:\WINDOWS\System32\drivers\portcls.sys
05:57:29.0600 5640 C:\WINDOWS\System32\drivers\portcls.sys - ok
05:57:29.0600 5640 [ EF5ACDE92BA3F691BBFEF781CB063501 ] C:\WINDOWS\System32\drivers\stwrt64.sys
05:57:29.0600 5640 C:\WINDOWS\System32\drivers\stwrt64.sys - ok
05:57:29.0600 5640 [ 9C278785347BCC991F8EA2999D90F58D ] C:\WINDOWS\SysWOW64\normaliz.dll
05:57:29.0600 5640 C:\WINDOWS\SysWOW64\normaliz.dll - ok
05:57:29.0600 5640 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\WINDOWS\System32\drivers\dxapi.sys
05:57:29.0600 5640 C:\WINDOWS\System32\drivers\dxapi.sys - ok
05:57:29.0600 5640 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\WINDOWS\System32\win32k.sys
05:57:29.0600 5640 C:\WINDOWS\System32\win32k.sys - ok
05:57:29.0600 5640 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\WINDOWS\System32\csrss.exe
05:57:29.0600 5640 C:\WINDOWS\System32\csrss.exe - ok
05:57:29.0600 5640 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\WINDOWS\System32\csrsrv.dll
05:57:29.0600 5640 C:\WINDOWS\System32\csrsrv.dll - ok
05:57:29.0616 5640 [ BA0CD8C393E8C9F83354106093832C7B ] C:\WINDOWS\System32\basesrv.dll
05:57:29.0616 5640 C:\WINDOWS\System32\basesrv.dll - ok
05:57:29.0616 5640 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\WINDOWS\System32\winsrv.dll
05:57:29.0616 5640 C:\WINDOWS\System32\winsrv.dll - ok
05:57:29.0616 5640 [ 8A4EC1C3F10385181B1066120C610AE5 ] C:\WINDOWS\System32\drivers\iBtFltCoex.sys
05:57:29.0616 5640 C:\WINDOWS\System32\drivers\iBtFltCoex.sys - ok
05:57:29.0616 5640 [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] C:\WINDOWS\System32\drivers\btmhsf.sys
05:57:29.0616 5640 C:\WINDOWS\System32\drivers\btmhsf.sys - ok
05:57:29.0616 5640 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\WINDOWS\System32\drivers\bthport.sys
05:57:29.0616 5640 C:\WINDOWS\System32\drivers\bthport.sys - ok
05:57:29.0616 5640 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\WINDOWS\System32\drivers\usbd.sys
05:57:29.0616 5640 C:\WINDOWS\System32\drivers\usbd.sys - ok
05:57:29.0616 5640 [ F188B7394D81010767B6DF3178519A37 ] C:\WINDOWS\System32\drivers\BTHUSB.SYS
05:57:29.0616 5640 C:\WINDOWS\System32\drivers\BTHUSB.SYS - ok
05:57:29.0631 5640 [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\WINDOWS\System32\drivers\usbccgp.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\usbccgp.sys - ok
05:57:29.0631 5640 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\WINDOWS\System32\drivers\usbvideo.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\usbvideo.sys - ok
05:57:29.0631 5640 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] C:\WINDOWS\System32\drivers\CtClsFlt.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\CtClsFlt.sys - ok
05:57:29.0631 5640 [ CF98190A94F62E405C8CB255018B2315 ] C:\WINDOWS\System32\drivers\bthenum.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\bthenum.sys - ok
05:57:29.0631 5640 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\WINDOWS\System32\drivers\bthpan.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\bthpan.sys - ok
05:57:29.0631 5640 [ 3DD798846E2C28102B922C56E71B7932 ] C:\WINDOWS\System32\drivers\rfcomm.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\rfcomm.sys - ok
05:57:29.0631 5640 [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] C:\WINDOWS\System32\drivers\btmaud.sys
05:57:29.0631 5640 C:\WINDOWS\System32\drivers\btmaud.sys - ok
05:57:29.0647 5640 [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] C:\WINDOWS\System32\drivers\btmaux.sys
05:57:29.0647 5640 C:\WINDOWS\System32\drivers\btmaux.sys - ok
05:57:29.0647 5640 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\WINDOWS\System32\drivers\monitor.sys
05:57:29.0647 5640 C:\WINDOWS\System32\drivers\monitor.sys - ok
05:57:29.0647 5640 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\WINDOWS\System32\sxssrv.dll
05:57:29.0647 5640 C:\WINDOWS\System32\sxssrv.dll - ok
05:57:29.0647 5640 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\WINDOWS\System32\tsddd.dll
05:57:29.0647 5640 C:\WINDOWS\System32\tsddd.dll - ok
05:57:29.0647 5640 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\WINDOWS\System32\wininit.exe
05:57:29.0647 5640 C:\WINDOWS\System32\wininit.exe - ok
05:57:29.0647 5640 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\WINDOWS\System32\profapi.dll
05:57:29.0647 5640 C:\WINDOWS\System32\profapi.dll - ok
05:57:29.0647 5640 [ 05569A79BF4693670B709144382D02D4 ] C:\WINDOWS\System32\cdd.dll
05:57:29.0647 5640 C:\WINDOWS\System32\cdd.dll - ok
05:57:29.0647 5640 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\WINDOWS\System32\KBDUS.DLL
05:57:29.0647 5640 C:\WINDOWS\System32\KBDUS.DLL - ok
05:57:29.0663 5640 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\WINDOWS\System32\RpcRtRemote.dll
05:57:29.0663 5640 C:\WINDOWS\System32\RpcRtRemote.dll - ok
05:57:29.0663 5640 [ B26B1801356760841C3BC69F9F91537F ] C:\WINDOWS\System32\WlS0WndH.dll
05:57:29.0663 5640 C:\WINDOWS\System32\WlS0WndH.dll - ok
05:57:29.0663 5640 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\WINDOWS\System32\sxs.dll
05:57:29.0663 5640 C:\WINDOWS\System32\sxs.dll - ok
05:57:29.0663 5640 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\WINDOWS\System32\cryptbase.dll
05:57:29.0663 5640 C:\WINDOWS\System32\cryptbase.dll - ok
05:57:29.0663 5640 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\WINDOWS\System32\apphelp.dll
05:57:29.0663 5640 C:\WINDOWS\System32\apphelp.dll - ok
05:57:29.0663 5640 [ C118A82CD78818C29AB228366EBF81C3 ] C:\WINDOWS\System32\lsass.exe
05:57:29.0663 5640 C:\WINDOWS\System32\lsass.exe - ok
05:57:29.0663 5640 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\WINDOWS\System32\services.exe
05:57:29.0663 5640 C:\WINDOWS\System32\services.exe - ok
05:57:29.0663 5640 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\WINDOWS\System32\sspisrv.dll
05:57:29.0663 5640 C:\WINDOWS\System32\sspisrv.dll - ok
05:57:29.0678 5640 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\WINDOWS\System32\sspicli.dll
05:57:29.0678 5640 C:\WINDOWS\System32\sspicli.dll - ok
05:57:29.0678 5640 [ 9662EE182644511439F1C53745DC1C88 ] C:\WINDOWS\System32\lsm.exe
05:57:29.0678 5640 C:\WINDOWS\System32\lsm.exe - ok
05:57:29.0678 5640 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\WINDOWS\System32\scext.dll
05:57:29.0678 5640 C:\WINDOWS\System32\scext.dll - ok
05:57:29.0678 5640 [ 68083118797CAF30FB2EA3E71494D67E ] C:\WINDOWS\System32\sysntfy.dll
05:57:29.0678 5640 C:\WINDOWS\System32\sysntfy.dll - ok
05:57:29.0678 5640 [ DEE7267C5D232A3B816866872CE199E6 ] C:\WINDOWS\System32\wmsgapi.dll
05:57:29.0678 5640 C:\WINDOWS\System32\wmsgapi.dll - ok
05:57:29.0678 5640 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\WINDOWS\System32\secur32.dll
05:57:29.0678 5640 C:\WINDOWS\System32\secur32.dll - ok
05:57:29.0678 5640 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\WINDOWS\System32\scesrv.dll
05:57:29.0678 5640 C:\WINDOWS\System32\scesrv.dll - ok
05:57:29.0678 5640 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\WINDOWS\System32\srvcli.dll
05:57:29.0678 5640 C:\WINDOWS\System32\srvcli.dll - ok
05:57:29.0694 5640 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\WINDOWS\System32\aelupsvc.dll
05:57:29.0694 5640 C:\WINDOWS\System32\aelupsvc.dll - ok
05:57:29.0694 5640 [ 3290D6946B5E30E70414990574883DDB ] C:\WINDOWS\System32\alg.exe
05:57:29.0694 5640 C:\WINDOWS\System32\alg.exe - ok
05:57:29.0694 5640 [ 0BC381A15355A3982216F7172F545DE1 ] C:\WINDOWS\System32\appidsvc.dll
05:57:29.0694 5640 C:\WINDOWS\System32\appidsvc.dll - ok
05:57:29.0694 5640 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\WINDOWS\System32\appinfo.dll
05:57:29.0694 5640 C:\WINDOWS\System32\appinfo.dll - ok
05:57:29.0694 5640 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\WINDOWS\System32\rascfg.dll
05:57:29.0694 5640 C:\WINDOWS\System32\rascfg.dll - ok
05:57:29.0694 5640 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\WINDOWS\System32\audiosrv.dll
05:57:29.0694 5640 C:\WINDOWS\System32\audiosrv.dll - ok
05:57:29.0694 5640 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\WINDOWS\System32\AxInstSv.dll
05:57:29.0694 5640 C:\WINDOWS\System32\AxInstSv.dll - ok
05:57:29.0694 5640 [ FDE360167101B4E45A96F939F388AEB0 ] C:\WINDOWS\System32\bdesvc.dll
05:57:29.0694 5640 C:\WINDOWS\System32\bdesvc.dll - ok
05:57:29.0709 5640 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\WINDOWS\System32\BFE.DLL
05:57:29.0709 5640 C:\WINDOWS\System32\BFE.DLL - ok
05:57:29.0709 5640 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\WINDOWS\System32\qmgr.dll
05:57:29.0709 5640 C:\WINDOWS\System32\qmgr.dll - ok
05:57:29.0709 5640 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\WINDOWS\System32\browser.dll
05:57:29.0709 5640 C:\WINDOWS\System32\browser.dll - ok
05:57:29.0709 5640 [ 2D066FBE63F7026C43C662C094B98076 ] C:\WINDOWS\System32\bridgeres.dll
05:57:29.0709 5640 C:\WINDOWS\System32\bridgeres.dll - ok
05:57:29.0709 5640 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\WINDOWS\System32\bthserv.dll
05:57:29.0709 5640 C:\WINDOWS\System32\bthserv.dll - ok
05:57:29.0709 5640 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\WINDOWS\System32\certprop.dll
05:57:29.0709 5640 C:\WINDOWS\System32\certprop.dll - ok
05:57:29.0709 5640 [ FE1EC06F2253F691FE36217C592A0206 ] C:\WINDOWS\System32\clfs.sys
05:57:29.0709 5640 C:\WINDOWS\System32\clfs.sys - ok
05:57:29.0709 5640 [ 1A47D52E303B7543E4E6026595B95422 ] C:\WINDOWS\System32\comres.dll
05:57:29.0709 5640 C:\WINDOWS\System32\comres.dll - ok
05:57:29.0725 5640 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\WINDOWS\System32\cryptsvc.dll
05:57:29.0725 5640 C:\WINDOWS\System32\cryptsvc.dll - ok
05:57:29.0725 5640 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\WINDOWS\System32\oleres.dll
05:57:29.0725 5640 C:\WINDOWS\System32\oleres.dll - ok
05:57:29.0725 5640 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\WINDOWS\System32\defragsvc.dll
05:57:29.0725 5640 C:\WINDOWS\System32\defragsvc.dll - ok
05:57:29.0725 5640 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\WINDOWS\System32\dhcpcore.dll
05:57:29.0725 5640 C:\WINDOWS\System32\dhcpcore.dll - ok
05:57:29.0725 5640 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\WINDOWS\System32\lsasrv.dll
05:57:29.0725 5640 C:\WINDOWS\System32\lsasrv.dll - ok
05:57:29.0725 5640 [ A744BA6E04C8AA4592818178DBF89521 ] C:\WINDOWS\System32\samsrv.dll
05:57:29.0725 5640 C:\WINDOWS\System32\samsrv.dll - ok
05:57:29.0725 5640 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\WINDOWS\System32\cryptdll.dll
05:57:29.0725 5640 C:\WINDOWS\System32\cryptdll.dll - ok
05:57:29.0725 5640 [ 3C073B0C596A0AF84933E7406766B040 ] C:\WINDOWS\System32\wevtapi.dll
05:57:29.0725 5640 C:\WINDOWS\System32\wevtapi.dll - ok
05:57:29.0741 5640 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\WINDOWS\System32\authz.dll
05:57:29.0741 5640 C:\WINDOWS\System32\authz.dll - ok
05:57:29.0741 5640 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\WINDOWS\System32\cngaudit.dll
05:57:29.0741 5640 C:\WINDOWS\System32\cngaudit.dll - ok
05:57:29.0741 5640 [ 5F3307352216618221A17CFEF273EEE2 ] C:\WINDOWS\System32\ncrypt.dll
05:57:29.0741 5640 C:\WINDOWS\System32\ncrypt.dll - ok
05:57:29.0741 5640 [ B9A95365E52F421A20E1501935FADDA5 ] C:\WINDOWS\System32\bcrypt.dll
05:57:29.0741 5640 C:\WINDOWS\System32\bcrypt.dll - ok
05:57:29.0741 5640 [ 02B64609F865A39365FF88580DF11738 ] C:\WINDOWS\System32\msprivs.dll
05:57:29.0741 5640 C:\WINDOWS\System32\msprivs.dll - ok
05:57:29.0741 5640 [ C6505DE3561537BA1004D638C2F93F2F ] C:\WINDOWS\System32\netjoin.dll
05:57:29.0741 5640 C:\WINDOWS\System32\netjoin.dll - ok
05:57:29.0741 5640 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\WINDOWS\System32\negoexts.dll
05:57:29.0741 5640 C:\WINDOWS\System32\negoexts.dll - ok
05:57:29.0741 5640 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\WINDOWS\System32\kerberos.dll
05:57:29.0741 5640 C:\WINDOWS\System32\kerberos.dll - ok
05:57:29.0756 5640 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\WINDOWS\System32\cryptsp.dll
05:57:29.0756 5640 C:\WINDOWS\System32\cryptsp.dll - ok
05:57:29.0756 5640 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\WINDOWS\System32\mswsock.dll
05:57:29.0756 5640 C:\WINDOWS\System32\mswsock.dll - ok
05:57:29.0756 5640 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\WINDOWS\System32\wship6.dll
05:57:29.0756 5640 C:\WINDOWS\System32\wship6.dll - ok
05:57:29.0756 5640 [ EF12B8385AA2849999008A977918F96B ] C:\WINDOWS\System32\msv1_0.dll
05:57:29.0756 5640 C:\WINDOWS\System32\msv1_0.dll - ok
05:57:29.0756 5640 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\WINDOWS\System32\netlogon.dll
05:57:29.0756 5640 C:\WINDOWS\System32\netlogon.dll - ok
05:57:29.0756 5640 [ 492D07D79E7024CA310867B526D9636D ] C:\WINDOWS\System32\dnsapi.dll
05:57:29.0756 5640 C:\WINDOWS\System32\dnsapi.dll - ok
05:57:29.0756 5640 [ 8FFE297B8449386E7B6851458B6E474E ] C:\WINDOWS\System32\logoncli.dll
05:57:29.0756 5640 C:\WINDOWS\System32\logoncli.dll - ok
05:57:29.0756 5640 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\WINDOWS\System32\schannel.dll
05:57:29.0756 5640 C:\WINDOWS\System32\schannel.dll - ok
05:57:29.0772 5640 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\WINDOWS\System32\wdigest.dll
05:57:29.0772 5640 C:\WINDOWS\System32\wdigest.dll - ok
05:57:29.0772 5640 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\WINDOWS\System32\rsaenh.dll
05:57:29.0772 5640 C:\WINDOWS\System32\rsaenh.dll - ok
05:57:29.0772 5640 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\WINDOWS\System32\TSpkg.dll
05:57:29.0772 5640 C:\WINDOWS\System32\TSpkg.dll - ok
05:57:29.0772 5640 [ E08088A97F95345E181C3DFCE2C615EF ] C:\WINDOWS\System32\pku2u.dll
05:57:29.0772 5640 C:\WINDOWS\System32\pku2u.dll - ok
05:57:29.0772 5640 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\WINDOWS\System32\atmfd.dll
05:57:29.0772 5640 C:\WINDOWS\System32\atmfd.dll - ok
05:57:29.0772 5640 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\WINDOWS\System32\bcryptprimitives.dll
05:57:29.0772 5640 C:\WINDOWS\System32\bcryptprimitives.dll - ok
05:57:29.0772 5640 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\WINDOWS\System32\credssp.dll
05:57:29.0772 5640 C:\WINDOWS\System32\credssp.dll - ok
05:57:29.0787 5640 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\WINDOWS\System32\efslsaext.dll
05:57:29.0787 5640 C:\WINDOWS\System32\efslsaext.dll - ok
05:57:29.0787 5640 [ ED78427259134C63ED69804D2132B86C ] C:\WINDOWS\System32\scecli.dll
05:57:29.0787 5640 C:\WINDOWS\System32\scecli.dll - ok
05:57:29.0787 5640 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\WINDOWS\System32\winlogon.exe
05:57:29.0787 5640 C:\WINDOWS\System32\winlogon.exe - ok
05:57:29.0787 5640 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\WINDOWS\System32\winsta.dll
05:57:29.0787 5640 C:\WINDOWS\System32\winsta.dll - ok
05:57:29.0787 5640 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\WINDOWS\System32\dot3svc.dll
05:57:29.0787 5640 C:\WINDOWS\System32\dot3svc.dll - ok
05:57:29.0787 5640 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\WINDOWS\System32\dps.dll
05:57:29.0787 5640 C:\WINDOWS\System32\dps.dll - ok
05:57:29.0787 5640 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\WINDOWS\System32\eapsvc.dll
05:57:29.0787 5640 C:\WINDOWS\System32\eapsvc.dll - ok
05:57:29.0787 5640 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\WINDOWS\System32\efssvc.dll
05:57:29.0787 5640 C:\WINDOWS\System32\efssvc.dll - ok
05:57:29.0803 5640 [ C4002B6B41975F057D98C439030CEA07 ] C:\WINDOWS\ehome\ehrecvr.exe
05:57:29.0803 5640 C:\WINDOWS\ehome\ehrecvr.exe - ok
05:57:29.0803 5640 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\WINDOWS\ehome\ehsched.exe
05:57:29.0803 5640 C:\WINDOWS\ehome\ehsched.exe - ok
05:57:29.0803 5640 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\WINDOWS\System32\wevtsvc.dll
05:57:29.0803 5640 C:\WINDOWS\System32\wevtsvc.dll - ok
05:57:29.0803 5640 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\WINDOWS\System32\FXSRESM.dll
05:57:29.0803 5640 C:\WINDOWS\System32\FXSRESM.dll - ok
05:57:29.0803 5640 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\WINDOWS\System32\fdPHost.dll
05:57:29.0803 5640 C:\WINDOWS\System32\fdPHost.dll - ok
05:57:29.0803 5640 [ 802496CB59A30349F9A6DD22D6947644 ] C:\WINDOWS\System32\FDResPub.dll
05:57:29.0803 5640 C:\WINDOWS\System32\FDResPub.dll - ok
05:57:29.0803 5640 [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\WINDOWS\System32\drivers\fileinfo.sys
05:57:29.0803 5640 C:\WINDOWS\System32\drivers\fileinfo.sys - ok
05:57:29.0803 5640 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\WINDOWS\System32\drivers\filetrace.sys
05:57:29.0803 5640 C:\WINDOWS\System32\drivers\filetrace.sys - ok
05:57:29.0819 5640 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\WINDOWS\System32\drivers\fltMgr.sys
05:57:29.0819 5640 C:\WINDOWS\System32\drivers\fltMgr.sys - ok
05:57:29.0819 5640 [ C4C183E6551084039EC862DA1C945E3D ] C:\WINDOWS\System32\FntCache.dll
05:57:29.0819 5640 C:\WINDOWS\System32\FntCache.dll - ok
05:57:29.0819 5640 [ 8A1846C0817513AD18BA48B4427771FC ] C:\WINDOWS\System32\PresentationHost.exe
05:57:29.0819 5640 C:\WINDOWS\System32\PresentationHost.exe - ok
05:57:29.0819 5640 [ D43703496149971890703B4B1B723EAC ] C:\WINDOWS\System32\drivers\fsdepends.sys
05:57:29.0819 5640 C:\WINDOWS\System32\drivers\fsdepends.sys - ok
05:57:29.0819 5640 [ 1F7B25B858FA27015169FE95E54108ED ] C:\WINDOWS\System32\drivers\fvevol.sys
05:57:29.0819 5640 C:\WINDOWS\System32\drivers\fvevol.sys - ok
05:57:29.0819 5640 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\WINDOWS\System32\gpapi.dll
05:57:29.0819 5640 C:\WINDOWS\System32\gpapi.dll - ok
05:57:29.0819 5640 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\WINDOWS\System32\hidserv.dll
05:57:29.0819 5640 C:\WINDOWS\System32\hidserv.dll - ok
05:57:29.0819 5640 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\WINDOWS\System32\KMSVC.DLL
05:57:29.0819 5640 C:\WINDOWS\System32\KMSVC.DLL - ok
05:57:29.0834 5640 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\WINDOWS\System32\ListSvc.dll
05:57:29.0834 5640 C:\WINDOWS\System32\ListSvc.dll - ok
05:57:29.0834 5640 [ 908ACB1F594274965A53926B10C81E89 ] C:\WINDOWS\System32\provsvc.dll
05:57:29.0834 5640 C:\WINDOWS\System32\provsvc.dll - ok
05:57:29.0834 5640 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\WINDOWS\System32\drivers\http.sys
05:57:29.0834 5640 C:\WINDOWS\System32\drivers\http.sys - ok
05:57:29.0834 5640 [ B9E2DAF71E44626011D70B4889171504 ] C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
05:57:29.0834 5640 C:\WINDOWS\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
05:57:29.0834 5640 [ A5462BD6884960C9DC85ED49D34FF392 ] C:\WINDOWS\System32\drivers\hwpolicy.sys
05:57:29.0834 5640 C:\WINDOWS\System32\drivers\hwpolicy.sys - ok
05:57:29.0834 5640 [ FCD84C381E0140AF901E58D48882D26B ] C:\WINDOWS\System32\IKEEXT.DLL
05:57:29.0834 5640 C:\WINDOWS\System32\IKEEXT.DLL - ok
05:57:29.0834 5640 [ 098A91C54546A3B878DAD6A7E90A455B ] C:\WINDOWS\System32\IPBusEnum.dll
05:57:29.0834 5640 C:\WINDOWS\System32\IPBusEnum.dll - ok
05:57:29.0850 5640 [ 08C2957BB30058E663720C5606885653 ] C:\WINDOWS\System32\iphlpsvc.dll
05:57:29.0850 5640 C:\WINDOWS\System32\iphlpsvc.dll - ok
05:57:29.0850 5640 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\WINDOWS\System32\drivers\irenum.sys
05:57:29.0850 5640 C:\WINDOWS\System32\drivers\irenum.sys - ok
05:57:29.0850 5640 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\WINDOWS\System32\keyiso.dll
05:57:29.0850 5640 C:\WINDOWS\System32\keyiso.dll - ok
05:57:29.0850 5640 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\WINDOWS\System32\srvsvc.dll
05:57:29.0850 5640 C:\WINDOWS\System32\srvsvc.dll - ok
05:57:29.0850 5640 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\WINDOWS\System32\wkssvc.dll
05:57:29.0850 5640 C:\WINDOWS\System32\wkssvc.dll - ok
05:57:29.0850 5640 [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\WINDOWS\System32\lltdres.dll
05:57:29.0850 5640 C:\WINDOWS\System32\lltdres.dll - ok
05:57:29.0850 5640 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\WINDOWS\System32\drivers\luafv.sys
05:57:29.0850 5640 C:\WINDOWS\System32\drivers\luafv.sys - ok
05:57:29.0865 5640 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\WINDOWS\System32\lmhsvc.dll
05:57:29.0865 5640 C:\WINDOWS\System32\lmhsvc.dll - ok
05:57:29.0865 5640 [ E5DE3FFD785B6730291AD98E491D58BA ] C:\WINDOWS\ehome\ehres.dll
05:57:29.0865 5640 C:\WINDOWS\ehome\ehres.dll - ok
05:57:29.0865 5640 [ E40E80D0304A73E8D269F7141D77250B ] C:\WINDOWS\System32\mmcss.dll
05:57:29.0865 5640 C:\WINDOWS\System32\mmcss.dll - ok
05:57:29.0865 5640 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\WINDOWS\System32\drivers\mountmgr.sys
05:57:29.0865 5640 C:\WINDOWS\System32\drivers\mountmgr.sys - ok
05:57:29.0865 5640 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\WINDOWS\System32\FirewallAPI.dll
05:57:29.0865 5640 C:\WINDOWS\System32\FirewallAPI.dll - ok
05:57:29.0865 5640 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\WINDOWS\System32\WebClnt.dll
05:57:29.0865 5640 C:\WINDOWS\System32\WebClnt.dll - ok
05:57:29.0865 5640 [ F9D215A46A8B9753F61767FA72A20326 ] C:\WINDOWS\System32\drivers\mshidkmdf.sys
05:57:29.0865 5640 C:\WINDOWS\System32\drivers\mshidkmdf.sys - ok
05:57:29.0865 5640 [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\WINDOWS\System32\iscsidsc.dll
05:57:29.0865 5640 C:\WINDOWS\System32\iscsidsc.dll - ok
05:57:29.0881 5640 [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\WINDOWS\System32\drivers\mup.sys
05:57:29.0881 5640 C:\WINDOWS\System32\drivers\mup.sys - ok
05:57:29.0881 5640 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\WINDOWS\System32\msimsg.dll
05:57:29.0881 5640 C:\WINDOWS\System32\msimsg.dll - ok
05:57:29.0881 5640 [ 582AC6D9873E31DFA28A4547270862DD ] C:\WINDOWS\System32\QAGENTRT.DLL
05:57:29.0881 5640 C:\WINDOWS\System32\QAGENTRT.DLL - ok
05:57:29.0881 5640 [ 760E38053BF56E501D562B70AD796B88 ] C:\WINDOWS\System32\drivers\ndis.sys
05:57:29.0881 5640 C:\WINDOWS\System32\drivers\ndis.sys - ok
05:57:29.0881 5640 [ 847D3AE376C0817161A14A82C8922A9E ] C:\WINDOWS\System32\netman.dll
05:57:29.0881 5640 C:\WINDOWS\System32\netman.dll - ok
05:57:29.0881 5640 [ 5DE1EB779116F20869B732CEF1DC689A ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll
05:57:29.0881 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll - ok
05:57:29.0881 5640 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\WINDOWS\System32\netprofm.dll
05:57:29.0881 5640 C:\WINDOWS\System32\netprofm.dll - ok
05:57:29.0897 5640 [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
05:57:29.0897 5640 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
05:57:29.0897 5640 [ 8AD77806D336673F270DB31645267293 ] C:\WINDOWS\System32\nlasvc.dll
05:57:29.0897 5640 C:\WINDOWS\System32\nlasvc.dll - ok
05:57:29.0897 5640 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\WINDOWS\System32\nsisvc.dll
05:57:29.0897 5640 C:\WINDOWS\System32\nsisvc.dll - ok
05:57:29.0897 5640 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\WINDOWS\System32\pnrpsvc.dll
05:57:29.0897 5640 C:\WINDOWS\System32\pnrpsvc.dll - ok
05:57:29.0897 5640 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\WINDOWS\System32\p2psvc.dll
05:57:29.0897 5640 C:\WINDOWS\System32\p2psvc.dll - ok
05:57:29.0897 5640 [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\WINDOWS\System32\drivers\partmgr.sys
05:57:29.0897 5640 C:\WINDOWS\System32\drivers\partmgr.sys - ok
05:57:29.0897 5640 [ 3AEAA8B561E63452C655DC0584922257 ] C:\WINDOWS\System32\pcasvc.dll
05:57:29.0897 5640 C:\WINDOWS\System32\pcasvc.dll - ok
05:57:29.0912 5640 [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\WINDOWS\System32\pla.dll
05:57:29.0912 5640 C:\WINDOWS\System32\pla.dll - ok
05:57:29.0912 5640 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\WINDOWS\System32\umpnpmgr.dll
05:57:29.0912 5640 C:\WINDOWS\System32\umpnpmgr.dll - ok
05:57:29.0912 5640 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\WINDOWS\System32\pnrpauto.dll
05:57:29.0912 5640 C:\WINDOWS\System32\pnrpauto.dll - ok
05:57:29.0912 5640 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\WINDOWS\System32\polstore.dll
05:57:29.0912 5640 C:\WINDOWS\System32\polstore.dll - ok
05:57:29.0912 5640 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\WINDOWS\System32\umpo.dll
05:57:29.0912 5640 C:\WINDOWS\System32\umpo.dll - ok
05:57:29.0912 5640 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\WINDOWS\System32\profsvc.dll
05:57:29.0912 5640 C:\WINDOWS\System32\profsvc.dll - ok
05:57:29.0912 5640 [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\WINDOWS\System32\psbase.dll
05:57:29.0912 5640 C:\WINDOWS\System32\psbase.dll - ok
05:57:29.0912 5640 [ 906191634E99AEA92C4816150BDA3732 ] C:\WINDOWS\System32\qwave.dll
05:57:29.0912 5640 C:\WINDOWS\System32\qwave.dll - ok
05:57:29.0928 5640 [ 76707BB36430888D9CE9D705398ADB6C ] C:\WINDOWS\System32\drivers\qwavedrv.sys
05:57:29.0928 5640 C:\WINDOWS\System32\drivers\qwavedrv.sys - ok
05:57:29.0928 5640 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\WINDOWS\System32\rasauto.dll
05:57:29.0928 5640 C:\WINDOWS\System32\rasauto.dll - ok
05:57:29.0928 5640 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\WINDOWS\System32\rasmans.dll
05:57:29.0928 5640 C:\WINDOWS\System32\rasmans.dll - ok
05:57:29.0928 5640 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\WINDOWS\System32\sstpsvc.dll
05:57:29.0928 5640 C:\WINDOWS\System32\sstpsvc.dll - ok
05:57:29.0928 5640 [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\WINDOWS\System32\mprdim.dll
05:57:29.0928 5640 C:\WINDOWS\System32\mprdim.dll - ok
05:57:29.0928 5640 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\WINDOWS\System32\regsvc.dll
05:57:29.0928 5640 C:\WINDOWS\System32\regsvc.dll - ok
05:57:29.0928 5640 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\WINDOWS\System32\RpcEpMap.dll
05:57:29.0928 5640 C:\WINDOWS\System32\RpcEpMap.dll - ok
05:57:29.0928 5640 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\WINDOWS\System32\Locator.exe
05:57:29.0928 5640 C:\WINDOWS\System32\Locator.exe - ok
05:57:29.0943 5640 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\WINDOWS\System32\SCardSvr.dll
05:57:29.0943 5640 C:\WINDOWS\System32\SCardSvr.dll - ok
05:57:29.0943 5640 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\WINDOWS\System32\drivers\scfilter.sys
05:57:29.0943 5640 C:\WINDOWS\System32\drivers\scfilter.sys - ok
05:57:29.0943 5640 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\WINDOWS\System32\schedsvc.dll
05:57:29.0943 5640 C:\WINDOWS\System32\schedsvc.dll - ok
05:57:29.0943 5640 [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\WINDOWS\System32\sdrsvc.dll
05:57:29.0943 5640 C:\WINDOWS\System32\sdrsvc.dll - ok
05:57:29.0943 5640 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\WINDOWS\System32\seclogon.dll
05:57:29.0943 5640 C:\WINDOWS\System32\seclogon.dll - ok
05:57:29.0943 5640 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\WINDOWS\System32\Sens.dll
05:57:29.0943 5640 C:\WINDOWS\System32\Sens.dll - ok
05:57:29.0943 5640 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\WINDOWS\System32\sensrsvc.dll
05:57:29.0943 5640 C:\WINDOWS\System32\sensrsvc.dll - ok
05:57:29.0959 5640 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\WINDOWS\System32\SessEnv.dll
05:57:29.0959 5640 C:\WINDOWS\System32\SessEnv.dll - ok
05:57:29.0959 5640 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\WINDOWS\System32\ipnathlp.dll
05:57:29.0959 5640 C:\WINDOWS\System32\ipnathlp.dll - ok
05:57:29.0959 5640 [ AAF932B4011D14052955D4B212A4DA8D ] C:\WINDOWS\System32\shsvcs.dll
05:57:29.0959 5640 C:\WINDOWS\System32\shsvcs.dll - ok
05:57:29.0959 5640 [ 55DE45B116711881C852D2841E4C84DD ] C:\WINDOWS\System32\tcpipcfg.dll
05:57:29.0959 5640 C:\WINDOWS\System32\tcpipcfg.dll - ok
05:57:29.0959 5640 [ 6313F223E817CC09AA41811DAA7F541D ] C:\WINDOWS\System32\snmptrap.exe
05:57:29.0959 5640 C:\WINDOWS\System32\snmptrap.exe - ok
05:57:29.0959 5640 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\WINDOWS\System32\spoolsv.exe
05:57:29.0959 5640 C:\WINDOWS\System32\spoolsv.exe - ok
05:57:29.0959 5640 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\WINDOWS\System32\sppsvc.exe
05:57:29.0959 5640 C:\WINDOWS\System32\sppsvc.exe - ok
05:57:29.0959 5640 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\WINDOWS\System32\sppuinotify.dll
05:57:29.0959 5640 C:\WINDOWS\System32\sppuinotify.dll - ok
05:57:29.0975 5640 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\WINDOWS\System32\ssdpsrv.dll
05:57:29.0975 5640 C:\WINDOWS\System32\ssdpsrv.dll - ok
05:57:29.0975 5640 [ 78506F306C9BB2323B73F0ED7A3CEAA2 ] C:\WINDOWS\System32\stlang64.dll
05:57:29.0975 5640 C:\WINDOWS\System32\stlang64.dll - ok
05:57:29.0975 5640 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\WINDOWS\System32\wiaservc.dll
05:57:29.0975 5640 C:\WINDOWS\System32\wiaservc.dll - ok
05:57:29.0975 5640 [ E08E46FDD841B7184194011CA1955A0B ] C:\WINDOWS\System32\swprv.dll
05:57:29.0975 5640 C:\WINDOWS\System32\swprv.dll - ok
05:57:29.0975 5640 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\WINDOWS\System32\sysmain.dll
05:57:29.0975 5640 C:\WINDOWS\System32\sysmain.dll - ok
05:57:29.0975 5640 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\WINDOWS\System32\TabSvc.dll
05:57:29.0975 5640 C:\WINDOWS\System32\TabSvc.dll - ok
05:57:29.0975 5640 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\WINDOWS\System32\tapisrv.dll
05:57:29.0975 5640 C:\WINDOWS\System32\tapisrv.dll - ok
05:57:29.0975 5640 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\WINDOWS\System32\tbssvc.dll
05:57:29.0975 5640 C:\WINDOWS\System32\tbssvc.dll - ok
05:57:29.0990 5640 [ 2E648163254233755035B46DD7B89123 ] C:\WINDOWS\System32\termsrv.dll
05:57:29.0990 5640 C:\WINDOWS\System32\termsrv.dll - ok
05:57:29.0990 5640 [ F0344071948D1A1FA732231785A0664C ] C:\WINDOWS\System32\themeservice.dll
05:57:29.0990 5640 C:\WINDOWS\System32\themeservice.dll - ok
05:57:29.0990 5640 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\WINDOWS\System32\trkwks.dll
05:57:29.0990 5640 C:\WINDOWS\System32\trkwks.dll - ok
05:57:29.0990 5640 [ 773212B2AAA24C1E31F10246B15B276C ] C:\WINDOWS\servicing\TrustedInstaller.exe
05:57:29.0990 5640 C:\WINDOWS\servicing\TrustedInstaller.exe - ok
05:57:29.0990 5640 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\WINDOWS\System32\drivers\tssecsrv.sys
05:57:29.0990 5640 C:\WINDOWS\System32\drivers\tssecsrv.sys - ok
05:57:29.0990 5640 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\WINDOWS\System32\UI0Detect.exe
05:57:29.0990 5640 C:\WINDOWS\System32\UI0Detect.exe - ok
05:57:29.0990 5640 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\WINDOWS\System32\upnphost.dll
05:57:29.0990 5640 C:\WINDOWS\System32\upnphost.dll - ok
05:57:30.0006 5640 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\WINDOWS\System32\dwm.exe
05:57:30.0006 5640 C:\WINDOWS\System32\dwm.exe - ok
05:57:30.0006 5640 [ 567BC1309E05FCFA680ADB6E02260736 ] C:\WINDOWS\System32\vaultsvc.dll
05:57:30.0006 5640 C:\WINDOWS\System32\vaultsvc.dll - ok
05:57:30.0006 5640 [ 8D6B481601D01A456E75C3210F1830BE ] C:\WINDOWS\System32\vds.exe
05:57:30.0006 5640 C:\WINDOWS\System32\vds.exe - ok
05:57:30.0006 5640 [ A255814907C89BE58B79EF2F189B843B ] C:\WINDOWS\System32\drivers\volmgrx.sys
05:57:30.0006 5640 C:\WINDOWS\System32\drivers\volmgrx.sys - ok
05:57:30.0006 5640 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\WINDOWS\System32\VSSVC.exe
05:57:30.0006 5640 C:\WINDOWS\System32\VSSVC.exe - ok
05:57:30.0006 5640 [ 1C9D80CC3849B3788048078C26486E1A ] C:\WINDOWS\System32\w32time.dll
05:57:30.0006 5640 C:\WINDOWS\System32\w32time.dll - ok
05:57:30.0006 5640 [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\WINDOWS\System32\Wat\WatUX.exe
05:57:30.0006 5640 C:\WINDOWS\System32\Wat\WatUX.exe - ok
05:57:30.0006 5640 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\WINDOWS\System32\wbengine.exe
05:57:30.0006 5640 C:\WINDOWS\System32\wbengine.exe - ok
05:57:30.0021 5640 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\WINDOWS\System32\wbiosrvc.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wbiosrvc.dll - ok
05:57:30.0021 5640 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\WINDOWS\System32\wcncsvc.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wcncsvc.dll - ok
05:57:30.0021 5640 [ 20F7441334B18CEE52027661DF4A6129 ] C:\WINDOWS\System32\WcsPlugInService.dll
05:57:30.0021 5640 C:\WINDOWS\System32\WcsPlugInService.dll - ok
05:57:30.0021 5640 [ 442783E2CB0DA19873B7A63833FF4CB4 ] C:\WINDOWS\System32\drivers\Wdf01000.sys
05:57:30.0021 5640 C:\WINDOWS\System32\drivers\Wdf01000.sys - ok
05:57:30.0021 5640 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\WINDOWS\System32\wdi.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wdi.dll - ok
05:57:30.0021 5640 [ C749025A679C5103E575E3B48E092C43 ] C:\WINDOWS\System32\wecsvc.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wecsvc.dll - ok
05:57:30.0021 5640 [ 7E591867422DC788B9E5BD337A669A08 ] C:\WINDOWS\System32\wercplsupport.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wercplsupport.dll - ok
05:57:30.0021 5640 [ 6D137963730144698CBD10F202E9F251 ] C:\WINDOWS\System32\wersvc.dll
05:57:30.0021 5640 C:\WINDOWS\System32\wersvc.dll - ok
05:57:30.0037 5640 [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
05:57:30.0037 5640 C:\Program Files\Windows Defender\MsMpRes.dll - ok
05:57:30.0037 5640 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\WINDOWS\System32\winhttp.dll
05:57:30.0037 5640 C:\WINDOWS\System32\winhttp.dll - ok
05:57:30.0037 5640 [ 19B07E7E8915D701225DA41CB3877306 ] C:\WINDOWS\System32\wbem\WMIsvc.dll
05:57:30.0037 5640 C:\WINDOWS\System32\wbem\WMIsvc.dll - ok
05:57:30.0037 5640 [ BCB1310604AA415C4508708975B3931E ] C:\WINDOWS\System32\WsmSvc.dll
05:57:30.0037 5640 C:\WINDOWS\System32\WsmSvc.dll - ok
05:57:30.0037 5640 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\WINDOWS\System32\wlansvc.dll
05:57:30.0037 5640 C:\WINDOWS\System32\wlansvc.dll - ok
05:57:30.0037 5640 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\WINDOWS\System32\wbem\WmiApSrv.exe
05:57:30.0037 5640 C:\WINDOWS\System32\wbem\WmiApSrv.exe - ok
05:57:30.0037 5640 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
05:57:30.0037 5640 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
05:57:30.0053 5640 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\WINDOWS\System32\wpcsvc.dll
05:57:30.0053 5640 C:\WINDOWS\System32\wpcsvc.dll - ok
05:57:30.0053 5640 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\WINDOWS\System32\wpdbusenum.dll
05:57:30.0053 5640 C:\WINDOWS\System32\wpdbusenum.dll - ok
05:57:30.0053 5640 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\WINDOWS\System32\wscsvc.dll
05:57:30.0053 5640 C:\WINDOWS\System32\wscsvc.dll - ok
05:57:30.0053 5640 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\WINDOWS\System32\SearchIndexer.exe
05:57:30.0053 5640 C:\WINDOWS\System32\SearchIndexer.exe - ok
05:57:30.0053 5640 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\WINDOWS\System32\wuaueng.dll
05:57:30.0053 5640 C:\WINDOWS\System32\wuaueng.dll - ok
05:57:30.0053 5640 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\WINDOWS\System32\drivers\WUDFPf.sys
05:57:30.0053 5640 C:\WINDOWS\System32\drivers\WUDFPf.sys - ok
05:57:30.0053 5640 [ B20F051B03A966392364C83F009F7D17 ] C:\WINDOWS\System32\WUDFSvc.dll
05:57:30.0053 5640 C:\WINDOWS\System32\WUDFSvc.dll - ok
05:57:30.0053 5640 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\WINDOWS\System32\wwansvc.dll
05:57:30.0053 5640 C:\WINDOWS\System32\wwansvc.dll - ok
05:57:30.0068 5640 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\WINDOWS\System32\ubpm.dll
05:57:30.0068 5640 C:\WINDOWS\System32\ubpm.dll - ok
05:57:30.0068 5640 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\WINDOWS\System32\SPInf.dll
05:57:30.0068 5640 C:\WINDOWS\System32\SPInf.dll - ok
05:57:30.0068 5640 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\WINDOWS\System32\svchost.exe
05:57:30.0068 5640 C:\WINDOWS\System32\svchost.exe - ok
05:57:30.0068 5640 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\WINDOWS\System32\devrtl.dll
05:57:30.0068 5640 C:\WINDOWS\System32\devrtl.dll - ok
05:57:30.0068 5640 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\WINDOWS\System32\userenv.dll
05:57:30.0068 5640 C:\WINDOWS\System32\userenv.dll - ok
05:57:30.0068 5640 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\WINDOWS\System32\pcwum.dll
05:57:30.0068 5640 C:\WINDOWS\System32\pcwum.dll - ok
05:57:30.0068 5640 [ 716175021BDA290504CE434273F666BC ] C:\WINDOWS\System32\powrprof.dll
05:57:30.0068 5640 C:\WINDOWS\System32\powrprof.dll - ok
05:57:30.0068 5640 [ 92EB844D90615CB266F84C3202B8786E ] C:\WINDOWS\System32\drivers\mbam.sys
05:57:30.0068 5640 C:\WINDOWS\System32\drivers\mbam.sys - ok
05:57:30.0084 5640 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\WINDOWS\System32\nvvsvc.exe
05:57:30.0084 5640 C:\WINDOWS\System32\nvvsvc.exe - ok
05:57:30.0084 5640 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\WINDOWS\System32\wtsapi32.dll
05:57:30.0084 5640 C:\WINDOWS\System32\wtsapi32.dll - ok
05:57:30.0084 5640 [ F0359F7CE712D69ACEF0886BDB4792ED ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
05:57:30.0084 5640 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
05:57:30.0084 5640 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\WINDOWS\SysWOW64\ntdll.dll
05:57:30.0084 5640 C:\WINDOWS\SysWOW64\ntdll.dll - ok
05:57:30.0084 5640 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\WINDOWS\System32\wow64.dll
05:57:30.0084 5640 C:\WINDOWS\System32\wow64.dll - ok
05:57:30.0084 5640 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\WINDOWS\System32\wow64win.dll
05:57:30.0084 5640 C:\WINDOWS\System32\wow64win.dll - ok
05:57:30.0084 5640 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\WINDOWS\System32\wow64cpu.dll
05:57:30.0084 5640 C:\WINDOWS\System32\wow64cpu.dll - ok
05:57:30.0084 5640 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\WINDOWS\SysWOW64\kernel32.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\kernel32.dll - ok
05:57:30.0099 5640 [ E954A79D6A754A5475582CACED1565E6 ] C:\WINDOWS\SysWOW64\KernelBase.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\KernelBase.dll - ok
05:57:30.0099 5640 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\WINDOWS\SysWOW64\msvcrt.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\msvcrt.dll - ok
05:57:30.0099 5640 [ 702254574E7E52052DE39408457B7149 ] C:\WINDOWS\SysWOW64\version.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\version.dll - ok
05:57:30.0099 5640 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\WINDOWS\SysWOW64\setupapi.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\setupapi.dll - ok
05:57:30.0099 5640 [ 95E2376B3323F062EB562B8586D0F14A ] C:\WINDOWS\SysWOW64\advapi32.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\advapi32.dll - ok
05:57:30.0099 5640 [ F436E847FA799ECD75AD8C313673F450 ] C:\WINDOWS\SysWOW64\cfgmgr32.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\cfgmgr32.dll - ok
05:57:30.0099 5640 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\WINDOWS\SysWOW64\cryptbase.dll
05:57:30.0099 5640 C:\WINDOWS\SysWOW64\cryptbase.dll - ok
05:57:30.0115 5640 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\WINDOWS\SysWOW64\gdi32.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\gdi32.dll - ok
05:57:30.0115 5640 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\WINDOWS\SysWOW64\rpcrt4.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\rpcrt4.dll - ok
05:57:30.0115 5640 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\WINDOWS\SysWOW64\sechost.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\sechost.dll - ok
05:57:30.0115 5640 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\WINDOWS\SysWOW64\sspicli.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\sspicli.dll - ok
05:57:30.0115 5640 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\WINDOWS\SysWOW64\user32.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\user32.dll - ok
05:57:30.0115 5640 [ 384721EF4024890092625E20CADFAF85 ] C:\WINDOWS\SysWOW64\lpk.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\lpk.dll - ok
05:57:30.0115 5640 [ 928CF7268086631F54C3D8E17238C6DD ] C:\WINDOWS\SysWOW64\ole32.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\ole32.dll - ok
05:57:30.0115 5640 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\WINDOWS\SysWOW64\oleaut32.dll
05:57:30.0115 5640 C:\WINDOWS\SysWOW64\oleaut32.dll - ok
05:57:30.0131 5640 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\WINDOWS\SysWOW64\usp10.dll
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\usp10.dll - ok
05:57:30.0131 5640 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\WINDOWS\SysWOW64\devobj.dll
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\devobj.dll - ok
05:57:30.0131 5640 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\WINDOWS\SysWOW64\imm32.dll
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\imm32.dll - ok
05:57:30.0131 5640 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\WINDOWS\SysWOW64\msctf.dll
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\msctf.dll - ok
05:57:30.0131 5640 [ C205B0FF13FEBFB34312444DBCECE379 ] C:\WINDOWS\SysWOW64\nvinit.dll
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\nvinit.dll - ok
05:57:30.0131 5640 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\WINDOWS\SysWOW64\winspool.drv
05:57:30.0131 5640 C:\WINDOWS\SysWOW64\winspool.drv - ok
05:57:30.0131 5640 [ 145E7826A07D98628924A9B06F6273AB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
05:57:30.0131 5640 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
05:57:30.0131 5640 [ 7AD857422AFA068A39A4B4BBF7FCC49C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
05:57:30.0131 5640 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
05:57:30.0146 5640 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\WINDOWS\System32\rpcss.dll
05:57:30.0146 5640 C:\WINDOWS\System32\rpcss.dll - ok
05:57:30.0146 5640 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\WINDOWS\SysWOW64\crypt32.dll
05:57:30.0146 5640 C:\WINDOWS\SysWOW64\crypt32.dll - ok
05:57:30.0146 5640 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\WINDOWS\SysWOW64\wintrust.dll
05:57:30.0146 5640 C:\WINDOWS\SysWOW64\wintrust.dll - ok
05:57:30.0146 5640 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\WINDOWS\System32\wshqos.dll
05:57:30.0146 5640 C:\WINDOWS\System32\wshqos.dll - ok
05:57:30.0146 5640 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\WINDOWS\System32\WSHTCPIP.DLL
05:57:30.0146 5640 C:\WINDOWS\System32\WSHTCPIP.DLL - ok
05:57:30.0146 5640 [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
05:57:30.0146 5640 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
05:57:30.0146 5640 [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
05:57:30.0146 5640 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
05:57:30.0162 5640 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\WINDOWS\System32\LogonUI.exe
05:57:30.0162 5640 C:\WINDOWS\System32\LogonUI.exe - ok
05:57:30.0162 5640 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\WINDOWS\System32\version.dll
05:57:30.0162 5640 C:\WINDOWS\System32\version.dll - ok
05:57:30.0162 5640 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\WINDOWS\System32\authui.dll
05:57:30.0162 5640 C:\WINDOWS\System32\authui.dll - ok
05:57:30.0162 5640 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\WINDOWS\SysWOW64\msasn1.dll
05:57:30.0162 5640 C:\WINDOWS\SysWOW64\msasn1.dll - ok
05:57:30.0162 5640 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\WINDOWS\SysWOW64\ntmarta.dll
05:57:30.0162 5640 C:\WINDOWS\SysWOW64\ntmarta.dll - ok
05:57:30.0162 5640 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\WINDOWS\SysWOW64\Wldap32.dll
05:57:30.0162 5640 C:\WINDOWS\SysWOW64\Wldap32.dll - ok
05:57:30.0162 5640 [ 162D247E995EAEBF3EF4289069E1111C ] C:\WINDOWS\SysWOW64\devrtl.dll
05:57:30.0162 5640 C:\WINDOWS\SysWOW64\devrtl.dll - ok
05:57:30.0162 5640 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\WINDOWS\SysWOW64\SPInf.dll
05:57:30.0162 5640 C:\WINDOWS\SysWOW64\SPInf.dll - ok
05:57:30.0177 5640 [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
05:57:30.0177 5640 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
05:57:30.0177 5640 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\WINDOWS\System32\ntmarta.dll
05:57:30.0177 5640 C:\WINDOWS\System32\ntmarta.dll - ok
05:57:30.0177 5640 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\WINDOWS\System32\cryptui.dll
05:57:30.0177 5640 C:\WINDOWS\System32\cryptui.dll - ok
05:57:30.0177 5640 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
05:57:30.0177 5640 C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
05:57:30.0177 5640 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\WINDOWS\System32\samlib.dll
05:57:30.0177 5640 C:\WINDOWS\System32\samlib.dll - ok
05:57:30.0177 5640 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\WINDOWS\System32\shacct.dll
05:57:30.0177 5640 C:\WINDOWS\System32\shacct.dll - ok
05:57:30.0177 5640 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\WINDOWS\System32\propsys.dll
05:57:30.0177 5640 C:\WINDOWS\System32\propsys.dll - ok
05:57:30.0177 5640 [ D29E998E8277666982B4F0303BF4E7AF ] C:\WINDOWS\System32\uxtheme.dll
05:57:30.0177 5640 C:\WINDOWS\System32\uxtheme.dll - ok
05:57:30.0193 5640 [ 179E8401224D557ECFF3695F2016EA5B ] C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
05:57:30.0193 5640 C:\WINDOWS\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
05:57:30.0193 5640 [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
05:57:30.0193 5640 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
05:57:30.0193 5640 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\WINDOWS\System32\dui70.dll
05:57:30.0193 5640 C:\WINDOWS\System32\dui70.dll - ok
05:57:30.0193 5640 [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
05:57:30.0193 5640 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
05:57:30.0193 5640 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\WINDOWS\System32\adtschema.dll
05:57:30.0193 5640 C:\WINDOWS\System32\adtschema.dll - ok
05:57:30.0193 5640 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\WINDOWS\System32\duser.dll
05:57:30.0193 5640 C:\WINDOWS\System32\duser.dll - ok
05:57:30.0193 5640 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\WINDOWS\System32\MMDevAPI.dll
05:57:30.0193 5640 C:\WINDOWS\System32\MMDevAPI.dll - ok
05:57:30.0209 5640 [ B2D8B364A831427A5741F6C408FA8AE3 ] C:\Program Files\IDT\WDM\stacsv64.exe
05:57:30.0209 5640 C:\Program Files\IDT\WDM\stacsv64.exe - ok
05:57:30.0209 5640 [ 78A1E65207484B7F8D3217507745F47C ] C:\WINDOWS\System32\avrt.dll
05:57:30.0209 5640 C:\WINDOWS\System32\avrt.dll - ok
05:57:30.0209 5640 [ 58775492FFD419248B08325E583C527F ] C:\WINDOWS\System32\atl.dll
05:57:30.0209 5640 C:\WINDOWS\System32\atl.dll - ok
05:57:30.0209 5640 [ 9110FFAD124283F37D38771BB60556AF ] C:\WINDOWS\System32\dsound.dll
05:57:30.0209 5640 C:\WINDOWS\System32\dsound.dll - ok
05:57:30.0209 5640 [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
05:57:30.0209 5640 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
05:57:30.0209 5640 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\WINDOWS\System32\drivers\MpFilter.sys
05:57:30.0209 5640 C:\WINDOWS\System32\drivers\MpFilter.sys - ok
05:57:30.0209 5640 [ F3D202F53A222D5F6944D459B73CF967 ] C:\WINDOWS\System32\fltLib.dll
05:57:30.0209 5640 C:\WINDOWS\System32\fltLib.dll - ok
05:57:30.0209 5640 [ D7F1EF374A90709B31591823B002F918 ] C:\WINDOWS\System32\SndVolSSO.dll
05:57:30.0209 5640 C:\WINDOWS\System32\SndVolSSO.dll - ok
05:57:30.0224 5640 [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
05:57:30.0224 5640 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
05:57:30.0224 5640 [ 747E9FD93A32202BE6DC5D1321BE977C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpengine.dll
05:57:30.0224 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpengine.dll - ok
05:57:30.0224 5640 [ DA1B7075260F3872585BFCDD668C648B ] C:\WINDOWS\System32\dwmapi.dll
05:57:30.0224 5640 C:\WINDOWS\System32\dwmapi.dll - ok
05:57:30.0224 5640 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\WINDOWS\System32\hid.dll
05:57:30.0224 5640 C:\WINDOWS\System32\hid.dll - ok
05:57:30.0224 5640 [ 50544D04AD845C43130B70212EC05CCD ] C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll
05:57:30.0224 5640 C:\WINDOWS\System32\microsoft-windows-kernel-power-events.dll - ok
05:57:30.0224 5640 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\WINDOWS\System32\PSHED.DLL
05:57:30.0224 5640 C:\WINDOWS\System32\PSHED.DLL - ok
05:57:30.0224 5640 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\WINDOWS\System32\xmllite.dll
05:57:30.0224 5640 C:\WINDOWS\System32\xmllite.dll - ok
05:57:30.0224 5640 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\WINDOWS\System32\MPSSVC.dll
05:57:30.0224 5640 C:\WINDOWS\System32\MPSSVC.dll - ok
05:57:30.0240 5640 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\WINDOWS\System32\WindowsCodecs.dll
05:57:30.0240 5640 C:\WINDOWS\System32\WindowsCodecs.dll - ok
05:57:30.0240 5640 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\WINDOWS\System32\winmm.dll
05:57:30.0240 5640 C:\WINDOWS\System32\winmm.dll - ok
05:57:30.0240 5640 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll
05:57:30.0240 5640 C:\WINDOWS\System32\microsoft-windows-kernel-processor-power-events.dll - ok
05:57:30.0240 5640 [ 08C51283030681670AAF0975E34D1852 ] C:\WINDOWS\System32\stapi64.dll
05:57:30.0240 5640 C:\WINDOWS\System32\stapi64.dll - ok
05:57:30.0240 5640 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\WINDOWS\System32\audiodg.exe
05:57:30.0240 5640 C:\WINDOWS\System32\audiodg.exe - ok
05:57:30.0240 5640 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\WINDOWS\System32\VaultCredProvider.dll
05:57:30.0240 5640 C:\WINDOWS\System32\VaultCredProvider.dll - ok
05:57:30.0240 5640 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\WINDOWS\System32\winbrand.dll
05:57:30.0240 5640 C:\WINDOWS\System32\winbrand.dll - ok
05:57:30.0255 5640 [ CA2985996BB49924B677113DF95CFEA7 ] C:\WINDOWS\System32\SmartcardCredentialProvider.dll
05:57:30.0255 5640 C:\WINDOWS\System32\SmartcardCredentialProvider.dll - ok
05:57:30.0255 5640 [ 1473768973453DE50DC738C2955FC4DD ] C:\WINDOWS\System32\wdmaud.drv
05:57:30.0255 5640 C:\WINDOWS\System32\wdmaud.drv - ok
05:57:30.0255 5640 [ BF352E73615F5461AA6884472435A544 ] C:\WINDOWS\System32\BioCredProv.dll
05:57:30.0255 5640 C:\WINDOWS\System32\BioCredProv.dll - ok
05:57:30.0255 5640 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\WINDOWS\System32\ksuser.dll
05:57:30.0255 5640 C:\WINDOWS\System32\ksuser.dll - ok
05:57:30.0255 5640 [ 8F4C253E8191FAB93446EFAAE4847189 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll
05:57:30.0255 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slapoi64.dll - ok
05:57:30.0255 5640 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\WINDOWS\System32\AudioSes.dll
05:57:30.0255 5640 C:\WINDOWS\System32\AudioSes.dll - ok
05:57:30.0255 5640 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\WINDOWS\System32\winbio.dll
05:57:30.0255 5640 C:\WINDOWS\System32\winbio.dll - ok
05:57:30.0255 5640 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\WINDOWS\System32\AudioEng.dll
05:57:30.0255 5640 C:\WINDOWS\System32\AudioEng.dll - ok
05:57:30.0271 5640 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\WINDOWS\System32\credui.dll
05:57:30.0271 5640 C:\WINDOWS\System32\credui.dll - ok
05:57:30.0271 5640 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\WINDOWS\System32\netapi32.dll
05:57:30.0271 5640 C:\WINDOWS\System32\netapi32.dll - ok
05:57:30.0271 5640 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\WINDOWS\System32\netutils.dll
05:57:30.0271 5640 C:\WINDOWS\System32\netutils.dll - ok
05:57:30.0271 5640 [ 44B9C66177651F3F53C87B665D58D17A ] C:\WINDOWS\System32\vaultcli.dll
05:57:30.0271 5640 C:\WINDOWS\System32\vaultcli.dll - ok
05:57:30.0271 5640 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\WINDOWS\System32\wkscli.dll
05:57:30.0271 5640 C:\WINDOWS\System32\wkscli.dll - ok
05:57:30.0271 5640 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\WINDOWS\System32\samcli.dll
05:57:30.0271 5640 C:\WINDOWS\System32\samcli.dll - ok
05:57:30.0271 5640 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\WINDOWS\System32\certCredProvider.dll
05:57:30.0271 5640 C:\WINDOWS\System32\certCredProvider.dll - ok
05:57:30.0271 5640 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\WINDOWS\System32\rasplap.dll
05:57:30.0271 5640 C:\WINDOWS\System32\rasplap.dll - ok
05:57:30.0287 5640 [ C1395286B822E306B4FE1568A8A77813 ] C:\WINDOWS\System32\AUDIOKSE.dll
05:57:30.0287 5640 C:\WINDOWS\System32\AUDIOKSE.dll - ok
05:57:30.0287 5640 [ 0ED7C82943956E2B6F24F97A047692DD ] C:\WINDOWS\System32\stapo64.dll
05:57:30.0287 5640 C:\WINDOWS\System32\stapo64.dll - ok
05:57:30.0287 5640 [ 019CD868461B646E09BDF04474C19341 ] C:\WINDOWS\System32\rasapi32.dll
05:57:30.0287 5640 C:\WINDOWS\System32\rasapi32.dll - ok
05:57:30.0287 5640 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\WINDOWS\System32\rasman.dll
05:57:30.0287 5640 C:\WINDOWS\System32\rasman.dll - ok
05:57:30.0287 5640 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\WINDOWS\System32\msacm32.dll
05:57:30.0287 5640 C:\WINDOWS\System32\msacm32.dll - ok
05:57:30.0287 5640 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\WINDOWS\System32\msacm32.drv
05:57:30.0287 5640 C:\WINDOWS\System32\msacm32.drv - ok
05:57:30.0287 5640 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\WINDOWS\System32\rtutils.dll
05:57:30.0287 5640 C:\WINDOWS\System32\rtutils.dll - ok
05:57:30.0302 5640 [ CA2A0750ED830678997695FF61B04C30 ] C:\WINDOWS\System32\midimap.dll
05:57:30.0302 5640 C:\WINDOWS\System32\midimap.dll - ok
05:57:30.0302 5640 [ CF636C92B762B26F0B39B38E92380A09 ] C:\WINDOWS\System32\oleacc.dll
05:57:30.0302 5640 C:\WINDOWS\System32\oleacc.dll - ok
05:57:30.0302 5640 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\WINDOWS\System32\UIAutomationCore.dll
05:57:30.0302 5640 C:\WINDOWS\System32\UIAutomationCore.dll - ok
05:57:30.0302 5640 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\WINDOWS\System32\WMALFXGFXDSP.dll
05:57:30.0302 5640 C:\WINDOWS\System32\WMALFXGFXDSP.dll - ok
05:57:30.0302 5640 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\WINDOWS\System32\mfplat.dll
05:57:30.0302 5640 C:\WINDOWS\System32\mfplat.dll - ok
05:57:30.0302 5640 [ 5AA23E8DEF8D777A997D7357E1A722D9 ] C:\WINDOWS\System32\imapo64.dll
05:57:30.0302 5640 C:\WINDOWS\System32\imapo64.dll - ok
05:57:30.0302 5640 [ 2B81776DA02017A37FE26C662827470E ] C:\WINDOWS\System32\IPHLPAPI.DLL
05:57:30.0302 5640 C:\WINDOWS\System32\IPHLPAPI.DLL - ok
05:57:30.0302 5640 [ 90F4D286C592EE0AD634A87EE4DAF24E ] C:\WINDOWS\System32\imthx64.dll
05:57:30.0302 5640 C:\WINDOWS\System32\imthx64.dll - ok
05:57:30.0318 5640 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\WINDOWS\System32\winnsi.dll
05:57:30.0318 5640 C:\WINDOWS\System32\winnsi.dll - ok
05:57:30.0318 5640 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\WINDOWS\System32\AESTAR64.dll
05:57:30.0318 5640 C:\WINDOWS\System32\AESTAR64.dll - ok
05:57:30.0318 5640 [ BCCF175A78C61FBF67F790CEBFB6A728 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll
05:57:30.0318 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll - ok
05:57:30.0318 5640 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\WINDOWS\System32\msdmo.dll
05:57:30.0318 5640 C:\WINDOWS\System32\msdmo.dll - ok
05:57:30.0318 5640 [ C4A70E6F579B2608050953A063632188 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll
05:57:30.0318 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll - ok
05:57:30.0318 5640 [ AF0A120BC5627F976B0204B97CA6DA1C ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll
05:57:30.0318 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll - ok
05:57:30.0318 5640 [ 016D12E022FF2E2B3CD1722F98D2EB2E ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll
05:57:30.0318 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll - ok
05:57:30.0333 5640 [ 1461D162739C37F6E34B88E1F162890C ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll
05:57:30.0333 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll - ok
05:57:30.0333 5640 [ 8EB045D6EBB1DECB5A5AE210FDBBE556 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll
05:57:30.0333 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll - ok
05:57:30.0333 5640 [ A0045693F0D778EC6ACF91D2603DF801 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll
05:57:30.0333 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll - ok
05:57:30.0333 5640 [ B671D12EFA1DC9797B7C87F99D0D05DD ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slinit64.dll
05:57:30.0333 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slinit64.dll - ok
05:57:30.0333 5640 [ A58F4E888905822C479B4CDC642AE278 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpasbase.vdm
05:57:30.0333 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpasbase.vdm - ok
05:57:30.0333 5640 [ 3B62D08FB160A87FB2120A2B954C3D38 ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll
05:57:30.0333 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll - ok
05:57:30.0333 5640 [ 9DFF52A8CA8BEE122F2BA2135FDB08DD ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slprop64.dll
05:57:30.0349 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slprop64.dll - ok
05:57:30.0349 5640 [ F5AEE0FB07C39D2A5812B7F02C17365F ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll
05:57:30.0349 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll - ok
05:57:30.0349 5640 [ 5C931DA850514236ECB3D2582EE7855D ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll
05:57:30.0349 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll - ok
05:57:30.0349 5640 [ 10CE97D8A334E2962E9FAECA2CBCB8AB ] C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll
05:57:30.0349 5640 C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll - ok
05:57:30.0349 5640 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\WINDOWS\System32\gpsvc.dll
05:57:30.0349 5640 C:\WINDOWS\System32\gpsvc.dll - ok
05:57:30.0349 5640 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\WINDOWS\System32\es.dll
05:57:30.0349 5640 C:\WINDOWS\System32\es.dll - ok
05:57:30.0349 5640 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\WINDOWS\System32\dsrole.dll
05:57:30.0349 5640 C:\WINDOWS\System32\dsrole.dll - ok
05:57:30.0349 5640 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\WINDOWS\System32\nlaapi.dll
05:57:30.0349 5640 C:\WINDOWS\System32\nlaapi.dll - ok
05:57:30.0365 5640 [ 1538831CF8AD2979A04C423779465827 ] C:\WINDOWS\System32\drivers\lltdio.sys
05:57:30.0365 5640 C:\WINDOWS\System32\drivers\lltdio.sys - ok
05:57:30.0365 5640 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\WINDOWS\System32\drivers\nwifi.sys
05:57:30.0365 5640 C:\WINDOWS\System32\drivers\nwifi.sys - ok
05:57:30.0365 5640 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\WINDOWS\System32\slc.dll
05:57:30.0365 5640 C:\WINDOWS\System32\slc.dll - ok
05:57:30.0365 5640 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\WINDOWS\System32\uxsms.dll
05:57:30.0365 5640 C:\WINDOWS\System32\uxsms.dll - ok
05:57:30.0365 5640 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\WINDOWS\System32\dhcpcore6.dll
05:57:30.0365 5640 C:\WINDOWS\System32\dhcpcore6.dll - ok
05:57:30.0365 5640 [ 136185F9FB2CC61E573E676AA5402356 ] C:\WINDOWS\System32\drivers\ndisuio.sys
05:57:30.0365 5640 C:\WINDOWS\System32\drivers\ndisuio.sys - ok
05:57:30.0365 5640 [ DDC86E4F8E7456261E637E3552E804FF ] C:\WINDOWS\System32\drivers\rspndr.sys
05:57:30.0365 5640 C:\WINDOWS\System32\drivers\rspndr.sys - ok
05:57:30.0365 5640 [ FD24F98D2898BE093FE926604BE7DB99 ] C:\WINDOWS\System32\drivers\TurboB.sys
05:57:30.0365 5640 C:\WINDOWS\System32\drivers\TurboB.sys - ok
05:57:30.0380 5640 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\WINDOWS\System32\nrpsrv.dll
05:57:30.0380 5640 C:\WINDOWS\System32\nrpsrv.dll - ok
05:57:30.0380 5640 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\WINDOWS\System32\dnsrslvr.dll
05:57:30.0380 5640 C:\WINDOWS\System32\dnsrslvr.dll - ok
05:57:30.0380 5640 [ 87356377F31DA5F20A833811CD59499C ] C:\WINDOWS\System32\eapphost.dll
05:57:30.0380 5640 C:\WINDOWS\System32\eapphost.dll - ok
05:57:30.0380 5640 [ 0040C486584A8E582C861CFB57AB5387 ] C:\WINDOWS\System32\FWPUCLNT.DLL
05:57:30.0380 5640 C:\WINDOWS\System32\FWPUCLNT.DLL - ok
05:57:30.0380 5640 [ 138BE04BF17193B27184DEDFE3028548 ] C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll
05:57:30.0380 5640 C:\Program Files (x86)\Cisco\Cisco LEAP Module\CiscoEapLeap.dll - ok
05:57:30.0380 5640 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\WINDOWS\System32\UXInit.dll
05:57:30.0380 5640 C:\WINDOWS\System32\UXInit.dll - ok
05:57:30.0380 5640 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\WINDOWS\System32\dhcpcsvc.dll
05:57:30.0380 5640 C:\WINDOWS\System32\dhcpcsvc.dll - ok
05:57:30.0396 5640 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\WINDOWS\System32\dnsext.dll
05:57:30.0396 5640 C:\WINDOWS\System32\dnsext.dll - ok
05:57:30.0396 5640 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\WINDOWS\System32\dhcpcsvc6.dll
05:57:30.0396 5640 C:\WINDOWS\System32\dhcpcsvc6.dll - ok
05:57:30.0396 5640 [ A9B830EAF03F07CD92B045E613379117 ] C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll
05:57:30.0396 5640 C:\Program Files (x86)\Cisco\Cisco PEAP Module\CiscoEapPeap.dll - ok
05:57:30.0396 5640 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\WINDOWS\System32\imageres.dll
05:57:30.0396 5640 C:\WINDOWS\System32\imageres.dll - ok
05:57:30.0396 5640 [ A371EC60804CF07B4D052C295BE9FB9B ] C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll
05:57:30.0396 5640 C:\Program Files (x86)\Cisco\Cisco EAP-FAST Module\CiscoEapFast.dll - ok
05:57:30.0396 5640 [ 7373DE70D405FF08DC53336B83989138 ] C:\WINDOWS\System32\rastls.dll
05:57:30.0396 5640 C:\WINDOWS\System32\rastls.dll - ok
05:57:30.0396 5640 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\WINDOWS\System32\raschap.dll
05:57:30.0396 5640 C:\WINDOWS\System32\raschap.dll - ok
05:57:30.0411 5640 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\WINDOWS\System32\umb.dll
05:57:30.0411 5640 C:\WINDOWS\System32\umb.dll - ok
05:57:30.0411 5640 [ A648C4A06DE367065B24056D067B4460 ] C:\WINDOWS\System32\wlanmsm.dll
05:57:30.0411 5640 C:\WINDOWS\System32\wlanmsm.dll - ok
05:57:30.0411 5640 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\WINDOWS\System32\wlansec.dll
05:57:30.0411 5640 C:\WINDOWS\System32\wlansec.dll - ok
05:57:30.0411 5640 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\WINDOWS\System32\onex.dll
05:57:30.0411 5640 C:\WINDOWS\System32\onex.dll - ok
05:57:30.0411 5640 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\WINDOWS\System32\eappprxy.dll
05:57:30.0411 5640 C:\WINDOWS\System32\eappprxy.dll - ok
05:57:30.0411 5640 [ 0D753307D274F3688BD21C377B616700 ] C:\WINDOWS\System32\eappcfg.dll
05:57:30.0411 5640 C:\WINDOWS\System32\eappcfg.dll - ok
05:57:30.0427 5640 [ 97E43F324BE1503CB2FFB058534688DA ] C:\WINDOWS\System32\l2gpstore.dll
05:57:30.0427 5640 C:\WINDOWS\System32\l2gpstore.dll - ok
05:57:30.0427 5640 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\WINDOWS\System32\WinSCard.dll
05:57:30.0427 5640 C:\WINDOWS\System32\WinSCard.dll - ok
05:57:30.0427 5640 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\WINDOWS\System32\wlanutil.dll
05:57:30.0427 5640 C:\WINDOWS\System32\wlanutil.dll - ok
05:57:30.0427 5640 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\WINDOWS\System32\wlgpclnt.dll
05:57:30.0427 5640 C:\WINDOWS\System32\wlgpclnt.dll - ok
05:57:30.0427 5640 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\WINDOWS\System32\msxml6.dll
05:57:30.0427 5640 C:\WINDOWS\System32\msxml6.dll - ok
05:57:30.0427 5640 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\WINDOWS\System32\ktmw32.dll
05:57:30.0427 5640 C:\WINDOWS\System32\ktmw32.dll - ok
05:57:30.0427 5640 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\WINDOWS\System32\wlanext.exe
05:57:30.0427 5640 C:\WINDOWS\System32\wlanext.exe - ok
05:57:30.0427 5640 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\WINDOWS\System32\conhost.exe
05:57:30.0427 5640 C:\WINDOWS\System32\conhost.exe - ok
05:57:30.0443 5640 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\WINDOWS\System32\fveapi.dll
05:57:30.0443 5640 C:\WINDOWS\System32\fveapi.dll - ok
05:57:30.0443 5640 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\WINDOWS\System32\fvecerts.dll
05:57:30.0443 5640 C:\WINDOWS\System32\fvecerts.dll - ok
05:57:30.0443 5640 [ 694865362F0965779F92BCFE97712323 ] C:\WINDOWS\System32\tbs.dll
05:57:30.0443 5640 C:\WINDOWS\System32\tbs.dll - ok
05:57:30.0443 5640 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\WINDOWS\System32\taskcomp.dll
05:57:30.0443 5640 C:\WINDOWS\System32\taskcomp.dll - ok
05:57:30.0443 5640 [ 4649AD42F19BB552353B061C9EAB5C83 ] C:\WINDOWS\System32\iwmssvc.dll
05:57:30.0443 5640 C:\WINDOWS\System32\iwmssvc.dll - ok
05:57:30.0443 5640 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
05:57:30.0443 5640 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
05:57:30.0443 5640 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\WINDOWS\System32\nvsvc64.dll
05:57:30.0443 5640 C:\WINDOWS\System32\nvsvc64.dll - ok
05:57:30.0458 5640 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\WINDOWS\System32\wiarpc.dll
05:57:30.0458 5640 C:\WINDOWS\System32\wiarpc.dll - ok
05:57:30.0458 5640 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\WINDOWS\System32\drivers\bowser.sys
05:57:30.0458 5640 C:\WINDOWS\System32\drivers\bowser.sys - ok
05:57:30.0458 5640 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\WINDOWS\System32\drivers\mpsdrv.sys
05:57:30.0458 5640 C:\WINDOWS\System32\drivers\mpsdrv.sys - ok
05:57:30.0458 5640 [ A5D9106A73DC88564C825D317CAC68AC ] C:\WINDOWS\System32\drivers\mrxsmb.sys
05:57:30.0458 5640 C:\WINDOWS\System32\drivers\mrxsmb.sys - ok
05:57:30.0458 5640 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\WINDOWS\System32\drivers\mrxsmb10.sys
05:57:30.0458 5640 C:\WINDOWS\System32\drivers\mrxsmb10.sys - ok
05:57:30.0458 5640 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\WINDOWS\System32\drivers\mrxsmb20.sys
05:57:30.0458 5640 C:\WINDOWS\System32\drivers\mrxsmb20.sys - ok
05:57:30.0458 5640 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
05:57:30.0458 5640 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
05:57:30.0458 5640 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\WINDOWS\System32\wfapigp.dll
05:57:30.0458 5640 C:\WINDOWS\System32\wfapigp.dll - ok
05:57:30.0474 5640 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\WINDOWS\System32\mscms.dll
05:57:30.0474 5640 C:\WINDOWS\System32\mscms.dll - ok
05:57:30.0474 5640 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\WINDOWS\SysWOW64\shell32.dll
05:57:30.0474 5640 C:\WINDOWS\SysWOW64\shell32.dll - ok
05:57:30.0474 5640 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\WINDOWS\System32\RdpGroupPolicyExtension.dll
05:57:30.0474 5640 C:\WINDOWS\System32\RdpGroupPolicyExtension.dll - ok
05:57:30.0474 5640 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
05:57:30.0474 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
05:57:30.0474 5640 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\WINDOWS\System32\winspool.drv
05:57:30.0474 5640 C:\WINDOWS\System32\winspool.drv - ok
05:57:30.0474 5640 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
05:57:30.0474 5640 C:\WINDOWS\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
05:57:30.0474 5640 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
05:57:30.0474 5640 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
05:57:30.0489 5640 [ D844B11545F53AA0C10F78763381D9EC ] C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll
05:57:30.0489 5640 C:\Program Files\Common Files\Intel\WirelessCommon\libeay32.dll - ok
05:57:30.0489 5640 [ 357BE883C5236BFC7341CB9E82308908 ] C:\WINDOWS\System32\wlanapi.dll
05:57:30.0489 5640 C:\WINDOWS\System32\wlanapi.dll - ok
05:57:30.0489 5640 [ BA2A5166BE7CFAE5F5EEE5767FA3A07D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpasdlta.vdm
05:57:30.0489 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpasdlta.vdm - ok
05:57:30.0489 5640 [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpavbase.vdm
05:57:30.0489 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpavbase.vdm - ok
05:57:30.0489 5640 [ F7E60700374C55AF8F4083E65C07CACB ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpavdlta.vdm
05:57:30.0489 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{16197353-6CF4-4328-AE46-6E3E3022DAF9}\mpavdlta.vdm - ok
05:57:30.0489 5640 [ 0A32B7F625FD24FD460E3D48B3C48DF0 ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
05:57:30.0489 5640 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
05:57:30.0489 5640 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\WINDOWS\System32\msimg32.dll
05:57:30.0489 5640 C:\WINDOWS\System32\msimg32.dll - ok
05:57:30.0505 5640 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\WINDOWS\System32\nvapi64.dll
05:57:30.0505 5640 C:\WINDOWS\System32\nvapi64.dll - ok
05:57:30.0505 5640 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\WINDOWS\System32\wsock32.dll
05:57:30.0505 5640 C:\WINDOWS\System32\wsock32.dll - ok
05:57:30.0505 5640 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\WINDOWS\System32\nvsvcr.dll
05:57:30.0505 5640 C:\WINDOWS\System32\nvsvcr.dll - ok
05:57:30.0505 5640 [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
05:57:30.0505 5640 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
05:57:30.0505 5640 [ 218A400108F280428FA22282D3268BBC ] C:\WINDOWS\System32\wscapi.dll
05:57:30.0505 5640 C:\WINDOWS\System32\wscapi.dll - ok
05:57:30.0505 5640 [ FA43D418BC945D27D0625B697B8442B5 ] C:\WINDOWS\System32\cabinet.dll
05:57:30.0505 5640 C:\WINDOWS\System32\cabinet.dll - ok
05:57:30.0505 5640 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\WINDOWS\System32\p2pcollab.dll
05:57:30.0505 5640 C:\WINDOWS\System32\p2pcollab.dll - ok
05:57:30.0505 5640 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\WINDOWS\System32\fveui.dll
05:57:30.0505 5640 C:\WINDOWS\System32\fveui.dll - ok
05:57:30.0521 5640 [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
05:57:30.0521 5640 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
05:57:30.0521 5640 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\WINDOWS\System32\slwga.dll
05:57:30.0521 5640 C:\WINDOWS\System32\slwga.dll - ok
05:57:30.0521 5640 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\WINDOWS\System32\sppc.dll
05:57:30.0521 5640 C:\WINDOWS\System32\sppc.dll - ok
05:57:30.0521 5640 [ BC2A18841494B3756894627FF279C65E ] C:\WINDOWS\System32\nvcpl.dll
05:57:30.0521 5640 C:\WINDOWS\System32\nvcpl.dll - ok
05:57:30.0521 5640 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
05:57:30.0521 5640 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
05:57:30.0521 5640 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
05:57:30.0521 5640 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
05:57:30.0521 5640 [ 50C2DD1FE6FD298C37E9080C9A115AE9 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll
05:57:30.0521 5640 C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.dll - ok
05:57:30.0536 5640 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
05:57:30.0536 5640 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
05:57:30.0536 5640 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
05:57:30.0536 5640 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
05:57:30.0536 5640 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\WINDOWS\System32\nvumdshimx.dll
05:57:30.0536 5640 C:\WINDOWS\System32\nvumdshimx.dll - ok
05:57:30.0536 5640 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\WINDOWS\SysWOW64\shlwapi.dll
05:57:30.0536 5640 C:\WINDOWS\SysWOW64\shlwapi.dll - ok
05:57:30.0536 5640 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
05:57:30.0536 5640 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
05:57:30.0536 5640 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Program Files\IDT\WDM\AESTSr64.exe
05:57:30.0536 5640 C:\Program Files\IDT\WDM\AESTSr64.exe - ok
05:57:30.0536 5640 [ DDD4774738FDA8074192512A2E04795D ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
05:57:30.0536 5640 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
05:57:30.0552 5640 [ 8764A082AB0431A8AB9EFD7EE3ECFC0C ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll
05:57:30.0552 5640 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\IHVWPSPlugin.dll - ok
05:57:30.0552 5640 [ 9DD991FB99258DDB9EF0C28488CE7CA8 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll
05:57:30.0552 5640 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\P2PSupplicantPlugin.dll - ok
05:57:30.0552 5640 [ B9BF1F6871829B462AE986FC87D78952 ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll
05:57:30.0552 5640 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\PanAuthenticator.dll - ok
05:57:30.0552 5640 [ 03706015DB44368375AEBE6339490E66 ] C:\WINDOWS\System32\netcfgx.dll
05:57:30.0552 5640 C:\WINDOWS\System32\netcfgx.dll - ok
05:57:30.0552 5640 [ DD81D91FF3B0763C392422865C9AC12E ] C:\WINDOWS\System32\rundll32.exe
05:57:30.0552 5640 C:\WINDOWS\System32\rundll32.exe - ok
05:57:30.0552 5640 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
05:57:30.0552 5640 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe - ok
05:57:30.0552 5640 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
05:57:30.0552 5640 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
05:57:30.0567 5640 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
05:57:30.0567 5640 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
05:57:30.0567 5640 [ 78505DE35E4C4034441285C94BC81041 ] C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll
05:57:30.0567 5640 C:\Program Files\Intel\BluetoothHS\UsR3IoPort.dll - ok
05:57:30.0567 5640 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
05:57:30.0567 5640 C:\WINDOWS\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
05:57:30.0567 5640 [ 80942B137077DA7D2375B3041DA9127F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
05:57:30.0567 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
05:57:30.0567 5640 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
05:57:30.0567 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
05:57:30.0567 5640 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
05:57:30.0567 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
05:57:30.0583 5640 [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
05:57:30.0583 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
05:57:30.0583 5640 [ 6377051C63D5552A311935C67E9FDFDC ] C:\WINDOWS\SysWOW64\nsi.dll
05:57:30.0583 5640 C:\WINDOWS\SysWOW64\nsi.dll - ok
05:57:30.0583 5640 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\WINDOWS\SysWOW64\ws2_32.dll
05:57:30.0583 5640 C:\WINDOWS\SysWOW64\ws2_32.dll - ok
05:57:30.0583 5640 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
05:57:30.0583 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
05:57:30.0583 5640 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\WINDOWS\SysWOW64\wsock32.dll
05:57:30.0583 5640 C:\WINDOWS\SysWOW64\wsock32.dll - ok
05:57:30.0583 5640 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
05:57:30.0583 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
05:57:30.0583 5640 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
05:57:30.0583 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
05:57:30.0599 5640 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\WINDOWS\SysWOW64\winmm.dll
05:57:30.0599 5640 C:\WINDOWS\SysWOW64\winmm.dll - ok
05:57:30.0599 5640 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
05:57:30.0599 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
05:57:30.0599 5640 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
05:57:30.0599 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
05:57:30.0599 5640 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
05:57:30.0599 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
05:57:30.0599 5640 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
05:57:30.0599 5640 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
05:57:30.0599 5640 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\WINDOWS\SysWOW64\profapi.dll
05:57:30.0599 5640 C:\WINDOWS\SysWOW64\profapi.dll - ok
05:57:30.0599 5640 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\WINDOWS\SysWOW64\userenv.dll
05:57:30.0599 5640 C:\WINDOWS\SysWOW64\userenv.dll - ok
05:57:30.0614 5640 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\WINDOWS\SysWOW64\wtsapi32.dll
05:57:30.0614 5640 C:\WINDOWS\SysWOW64\wtsapi32.dll - ok
05:57:30.0614 5640 [ 2B6C0B955F2C690FDF9D046A9BC78CF0 ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
05:57:30.0614 5640 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
05:57:30.0614 5640 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\WINDOWS\SysWOW64\dnssd.dll
05:57:30.0614 5640 C:\WINDOWS\SysWOW64\dnssd.dll - ok
05:57:30.0614 5640 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
05:57:30.0614 5640 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
05:57:30.0614 5640 [ EB86F15BBA9C923E5833660F063EA594 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
05:57:30.0614 5640 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
05:57:30.0614 5640 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\WINDOWS\SysWOW64\mswsock.dll
05:57:30.0614 5640 C:\WINDOWS\SysWOW64\mswsock.dll - ok
05:57:30.0614 5640 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\WINDOWS\SysWOW64\WSHTCPIP.DLL
05:57:30.0614 5640 C:\WINDOWS\SysWOW64\WSHTCPIP.DLL - ok
05:57:30.0630 5640 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\WINDOWS\SysWOW64\wininet.dll
05:57:30.0630 5640 C:\WINDOWS\SysWOW64\wininet.dll - ok
05:57:30.0630 5640 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\WINDOWS\SysWOW64\iertutil.dll
05:57:30.0630 5640 C:\WINDOWS\SysWOW64\iertutil.dll - ok
05:57:30.0630 5640 [ 180D098704551DE37C6299AA888D6821 ] C:\WINDOWS\SysWOW64\urlmon.dll
05:57:30.0630 5640 C:\WINDOWS\SysWOW64\urlmon.dll - ok
05:57:30.0630 5640 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
05:57:30.0630 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
05:57:30.0630 5640 [ 2D0157B482115B37F1D84D69A22790D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
05:57:30.0630 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
05:57:30.0630 5640 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
05:57:30.0630 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
05:57:30.0630 5640 [ A90DC9ABD65DB1A8902F361103029952 ] C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
05:57:30.0630 5640 C:\WINDOWS\SysWOW64\IPHLPAPI.DLL - ok
05:57:30.0645 5640 [ CFF35B879D1618D42C86644C717BA947 ] C:\WINDOWS\SysWOW64\winnsi.dll
05:57:30.0645 5640 C:\WINDOWS\SysWOW64\winnsi.dll - ok
05:57:30.0645 5640 [ E8F932E855CBF23ED4632439A35E7354 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
05:57:30.0645 5640 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
05:57:30.0645 5640 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\WINDOWS\System32\drivers\vwifimp.sys
05:57:30.0645 5640 C:\WINDOWS\System32\drivers\vwifimp.sys - ok
05:57:30.0645 5640 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\WINDOWS\System32\dllhost.exe
05:57:30.0645 5640 C:\WINDOWS\System32\dllhost.exe - ok
05:57:30.0645 5640 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\WINDOWS\System32\IDStore.dll
05:57:30.0645 5640 C:\WINDOWS\System32\IDStore.dll - ok
05:57:30.0645 5640 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
05:57:30.0645 5640 C:\Program Files\Bonjour\mdnsNSP.dll - ok
05:57:30.0645 5640 [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
05:57:30.0645 5640 C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe - ok
05:57:30.0661 5640 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\WINDOWS\System32\netshell.dll
05:57:30.0661 5640 C:\WINDOWS\System32\netshell.dll - ok
05:57:30.0661 5640 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\WINDOWS\System32\mpr.dll
05:57:30.0661 5640 C:\WINDOWS\System32\mpr.dll - ok
05:57:30.0661 5640 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\WINDOWS\System32\rasadhlp.dll
05:57:30.0661 5640 C:\WINDOWS\System32\rasadhlp.dll - ok
05:57:30.0661 5640 [ 639774C9ACD063F028F6084ABF5593AD ] C:\WINDOWS\System32\taskhost.exe
05:57:30.0661 5640 C:\WINDOWS\System32\taskhost.exe - ok
05:57:30.0661 5640 [ E3D5E244807AD655787FCD25477CC1BC ] C:\WINDOWS\SysWOW64\bthprops.cpl
05:57:30.0661 5640 C:\WINDOWS\SysWOW64\bthprops.cpl - ok
05:57:30.0661 5640 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\WINDOWS\System32\localspl.dll
05:57:30.0661 5640 C:\WINDOWS\System32\localspl.dll - ok
05:57:30.0661 5640 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\WINDOWS\System32\userinit.exe
05:57:30.0661 5640 C:\WINDOWS\System32\userinit.exe - ok
05:57:30.0661 5640 [ 352B3DC62A0D259A82A052238425C872 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
05:57:30.0661 5640 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
05:57:30.0677 5640 [ 9E31089E2546516EDCD4E247C4FB3D1B ] C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll
05:57:30.0677 5640 C:\Program Files\Intel\WiFi\bin\P2PSupplicant.dll - ok
05:57:30.0677 5640 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\WINDOWS\System32\PlaySndSrv.dll
05:57:30.0677 5640 C:\WINDOWS\System32\PlaySndSrv.dll - ok
05:57:30.0677 5640 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\WINDOWS\System32\taskeng.exe
05:57:30.0677 5640 C:\WINDOWS\System32\taskeng.exe - ok
05:57:30.0677 5640 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\WINDOWS\explorer.exe
05:57:30.0677 5640 C:\WINDOWS\explorer.exe - ok
05:57:30.0677 5640 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\WINDOWS\System32\TSChannel.dll
05:57:30.0677 5640 C:\WINDOWS\System32\TSChannel.dll - ok
05:57:30.0677 5640 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\WINDOWS\System32\spoolss.dll
05:57:30.0677 5640 C:\WINDOWS\System32\spoolss.dll - ok
05:57:30.0677 5640 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\WINDOWS\System32\PrintIsolationProxy.dll
05:57:30.0677 5640 C:\WINDOWS\System32\PrintIsolationProxy.dll - ok
05:57:30.0677 5640 [ 19E41CCCEE697CC9465396B370929792 ] C:\WINDOWS\System32\FXSMON.dll
05:57:30.0677 5640 C:\WINDOWS\System32\FXSMON.dll - ok
05:57:30.0692 5640 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\WINDOWS\System32\tcpmon.dll
05:57:30.0692 5640 C:\WINDOWS\System32\tcpmon.dll - ok
05:57:30.0692 5640 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\WINDOWS\System32\snmpapi.dll
05:57:30.0692 5640 C:\WINDOWS\System32\snmpapi.dll - ok
05:57:30.0692 5640 [ FFF9D00CF16397C64317F213484F94BD ] C:\WINDOWS\System32\wsnmp32.dll
05:57:30.0692 5640 C:\WINDOWS\System32\wsnmp32.dll - ok
05:57:30.0692 5640 [ DF72A9936D0C3F517083119648814B09 ] C:\WINDOWS\System32\usbmon.dll
05:57:30.0692 5640 C:\WINDOWS\System32\usbmon.dll - ok
05:57:30.0692 5640 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
05:57:30.0692 5640 C:\Program Files\Bonjour\mDNSResponder.exe - ok
05:57:30.0692 5640 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\WINDOWS\System32\WSDMon.dll
05:57:30.0692 5640 C:\WINDOWS\System32\WSDMon.dll - ok
05:57:30.0692 5640 [ FF5688D309347F2720911D8796912834 ] C:\WINDOWS\SysWOW64\clbcatq.dll
05:57:30.0692 5640 C:\WINDOWS\SysWOW64\clbcatq.dll - ok
05:57:30.0692 5640 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\WINDOWS\SysWOW64\cryptsp.dll
05:57:30.0692 5640 C:\WINDOWS\SysWOW64\cryptsp.dll - ok
05:57:30.0708 5640 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\WINDOWS\SysWOW64\RpcRtRemote.dll
05:57:30.0708 5640 C:\WINDOWS\SysWOW64\RpcRtRemote.dll - ok
05:57:30.0708 5640 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\WINDOWS\SysWOW64\rsaenh.dll
05:57:30.0708 5640 C:\WINDOWS\SysWOW64\rsaenh.dll - ok
05:57:30.0708 5640 [ 9E2AF97302B9F4BF97E952A865EB31AE ] C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
05:57:30.0708 5640 C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe - ok
05:57:30.0708 5640 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\WINDOWS\System32\shfolder.dll
05:57:30.0708 5640 C:\WINDOWS\System32\shfolder.dll - ok
05:57:30.0708 5640 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\WINDOWS\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
05:57:30.0708 5640 C:\WINDOWS\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
05:57:30.0708 5640 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\WINDOWS\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
05:57:30.0708 5640 C:\WINDOWS\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
05:57:30.0708 5640 [ 79488508B1DB86A2E2B2C89DFC0CC34B ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll
05:57:30.0708 5640 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\BTSupplicantPlugin.dll - ok
05:57:30.0723 5640 [ B20A788579E443F768AAB1A24F705D0A ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
05:57:30.0723 5640 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
05:57:30.0723 5640 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\WINDOWS\System32\cryptnet.dll
05:57:30.0723 5640 C:\WINDOWS\System32\cryptnet.dll - ok
05:57:30.0723 5640 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\WINDOWS\System32\taskschd.dll
05:57:30.0723 5640 C:\WINDOWS\System32\taskschd.dll - ok
05:57:30.0723 5640 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\WINDOWS\System32\vssapi.dll
05:57:30.0723 5640 C:\WINDOWS\System32\vssapi.dll - ok
05:57:30.0723 5640 [ 0F0BF1380A72A6CF0BE0E9449C83526C ] C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll
05:57:30.0723 5640 C:\Program Files\Intel\BluetoothHS\KmmdlPlugins\PanAuthenticator.dll - ok
05:57:30.0723 5640 [ F1B205F932F62F94506A5F332C895DAF ] C:\WINDOWS\System32\WSDApi.dll
05:57:30.0723 5640 C:\WINDOWS\System32\WSDApi.dll - ok
05:57:30.0723 5640 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\WINDOWS\System32\webservices.dll
05:57:30.0723 5640 C:\WINDOWS\System32\webservices.dll - ok
05:57:30.0739 5640 [ EED05D42D91835064703E2318552ED25 ] C:\WINDOWS\System32\ExplorerFrame.dll
05:57:30.0739 5640 C:\WINDOWS\System32\ExplorerFrame.dll - ok
05:57:30.0739 5640 [ E34D070DF6F3574B3EF5336EA021A216 ] C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll
05:57:30.0739 5640 C:\Program Files\Intel\BluetoothHS\BTHSSupplicant.dll - ok
05:57:30.0739 5640 [ FFFE3731E4D80643115DE5CC14E3EFB4 ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
05:57:30.0739 5640 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
05:57:30.0739 5640 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
05:57:30.0739 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
05:57:30.0739 5640 [ 659FB8CF351C6D92F441703BD9347CC1 ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
05:57:30.0739 5640 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
05:57:30.0739 5640 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\WINDOWS\System32\fundisc.dll
05:57:30.0739 5640 C:\WINDOWS\System32\fundisc.dll - ok
05:57:30.0739 5640 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\WINDOWS\System32\vpnikeapi.dll
05:57:30.0739 5640 C:\WINDOWS\System32\vpnikeapi.dll - ok
05:57:30.0755 5640 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\WINDOWS\System32\fdPnp.dll
05:57:30.0755 5640 C:\WINDOWS\System32\fdPnp.dll - ok
05:57:30.0755 5640 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll
05:57:30.0755 5640 C:\WINDOWS\System32\spool\prtprocs\x64\winprint.dll - ok
05:57:30.0755 5640 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
05:57:30.0755 5640 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
05:57:30.0755 5640 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
05:57:30.0755 5640 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
05:57:30.0755 5640 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
05:57:30.0755 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
05:57:30.0755 5640 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
05:57:30.0755 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
05:57:30.0755 5640 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\WINDOWS\System32\webio.dll
05:57:30.0755 5640 C:\WINDOWS\System32\webio.dll - ok
05:57:30.0770 5640 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\WINDOWS\System32\win32spl.dll
05:57:30.0770 5640 C:\WINDOWS\System32\win32spl.dll - ok
05:57:30.0770 5640 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\WINDOWS\System32\httpapi.dll
05:57:30.0770 5640 C:\WINDOWS\System32\httpapi.dll - ok
05:57:30.0770 5640 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\WINDOWS\System32\vsstrace.dll
05:57:30.0770 5640 C:\WINDOWS\System32\vsstrace.dll - ok
05:57:30.0770 5640 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\WINDOWS\System32\HotStartUserAgent.dll
05:57:30.0770 5640 C:\WINDOWS\System32\HotStartUserAgent.dll - ok
05:57:30.0770 5640 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\WINDOWS\System32\dwmredir.dll
05:57:30.0770 5640 C:\WINDOWS\System32\dwmredir.dll - ok
05:57:30.0770 5640 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\WINDOWS\System32\inetpp.dll
05:57:30.0770 5640 C:\WINDOWS\System32\inetpp.dll - ok
05:57:30.0770 5640 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\WINDOWS\System32\cscapi.dll
05:57:30.0770 5640 C:\WINDOWS\System32\cscapi.dll - ok
05:57:30.0770 5640 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
05:57:30.0770 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
05:57:30.0786 5640 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
05:57:30.0786 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
05:57:30.0786 5640 [ 5A64BE7CAD4CC77A1F9F784D691908B9 ] C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll
05:57:30.0786 5640 C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend_x64.dll - ok
05:57:30.0786 5640 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\WINDOWS\System32\oledlg.dll
05:57:30.0786 5640 C:\WINDOWS\System32\oledlg.dll - ok
05:57:30.0786 5640 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\WINDOWS\SysWOW64\mpr.dll
05:57:30.0786 5640 C:\WINDOWS\SysWOW64\mpr.dll - ok
05:57:30.0786 5640 [ A543AC1F7138376D778D630A35FCBC4C ] C:\WINDOWS\SysWOW64\psapi.dll
05:57:30.0786 5640 C:\WINDOWS\SysWOW64\psapi.dll - ok
05:57:30.0786 5640 [ 1727B2A2F379A32B864C096FA794AADC ] C:\WINDOWS\System32\aepic.dll
05:57:30.0786 5640 C:\WINDOWS\System32\aepic.dll - ok
05:57:30.0786 5640 [ 162100E0BC8377710F9D170631921C03 ] C:\WINDOWS\System32\drivers\NisDrvWFP.sys
05:57:30.0786 5640 C:\WINDOWS\System32\drivers\NisDrvWFP.sys - ok
05:57:30.0786 5640 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\WINDOWS\System32\ncsi.dll
05:57:30.0786 5640 C:\WINDOWS\System32\ncsi.dll - ok
05:57:30.0801 5640 [ FB24438F64BAF5198EE7648B51FD3AB0 ] C:\WINDOWS\System32\cacls.exe
05:57:30.0801 5640 C:\WINDOWS\System32\cacls.exe - ok
05:57:30.0801 5640 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\WINDOWS\System32\drivers\PEAuth.sys
05:57:30.0801 5640 C:\WINDOWS\System32\drivers\PEAuth.sys - ok
05:57:30.0801 5640 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\WINDOWS\System32\ssdpapi.dll
05:57:30.0801 5640 C:\WINDOWS\System32\ssdpapi.dll - ok
05:57:30.0801 5640 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\WINDOWS\System32\sfc.dll
05:57:30.0801 5640 C:\WINDOWS\System32\sfc.dll - ok
05:57:30.0801 5640 [ 895C9AB0A855547445C4181195230757 ] C:\WINDOWS\System32\sfc_os.dll
05:57:30.0801 5640 C:\WINDOWS\System32\sfc_os.dll - ok
05:57:30.0801 5640 [ 418E881201583A3039D81F43E39E6C78 ] C:\WINDOWS\SysWOW64\winsta.dll
05:57:30.0801 5640 C:\WINDOWS\SysWOW64\winsta.dll - ok
05:57:30.0801 5640 [ B9A0810D16EA7935B10A5499ABA61DC3 ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
05:57:30.0801 5640 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
05:57:30.0817 5640 [ 8B7E089BCCE7284C70D5A3ACC8B5AD84 ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
05:57:30.0817 5640 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
05:57:30.0817 5640 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\WINDOWS\System32\EhStorShell.dll
05:57:30.0817 5640 C:\WINDOWS\System32\EhStorShell.dll - ok
05:57:30.0817 5640 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
05:57:30.0817 5640 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
05:57:30.0817 5640 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\WINDOWS\System32\drivers\secdrv.sys
05:57:30.0817 5640 C:\WINDOWS\System32\drivers\secdrv.sys - ok
05:57:30.0817 5640 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\WINDOWS\SysWOW64\apphelp.dll
05:57:30.0817 5640 C:\WINDOWS\SysWOW64\apphelp.dll - ok
05:57:30.0817 5640 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\WINDOWS\System32\drivers\srvnet.sys
05:57:30.0817 5640 C:\WINDOWS\System32\drivers\srvnet.sys - ok
05:57:30.0817 5640 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\WINDOWS\System32\wiatrace.dll
05:57:30.0817 5640 C:\WINDOWS\System32\wiatrace.dll - ok
05:57:30.0817 5640 [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
05:57:30.0817 5640 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
05:57:30.0833 5640 [ 793B0574D7EF6EF95DB888BF0FE1FBFB ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
05:57:30.0833 5640 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
05:57:30.0833 5640 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\WINDOWS\System32\dwmcore.dll
05:57:30.0833 5640 C:\WINDOWS\System32\dwmcore.dll - ok
05:57:30.0833 5640 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\WINDOWS\System32\MsCtfMonitor.dll
05:57:30.0833 5640 C:\WINDOWS\System32\MsCtfMonitor.dll - ok
05:57:30.0833 5640 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\WINDOWS\System32\msutb.dll
05:57:30.0833 5640 C:\WINDOWS\System32\msutb.dll - ok
05:57:30.0833 5640 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\WINDOWS\System32\d3d10_1.dll
05:57:30.0833 5640 C:\WINDOWS\System32\d3d10_1.dll - ok
05:57:30.0833 5640 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\WINDOWS\System32\d3d10_1core.dll
05:57:30.0833 5640 C:\WINDOWS\System32\d3d10_1core.dll - ok
05:57:30.0833 5640 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\WINDOWS\System32\dxgi.dll
05:57:30.0833 5640 C:\WINDOWS\System32\dxgi.dll - ok
05:57:30.0833 5640 [ C53C3C84B04355E1C36B6E1F237CAC43 ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
05:57:30.0848 5640 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
05:57:30.0848 5640 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\WINDOWS\System32\d3d11.dll
05:57:30.0848 5640 C:\WINDOWS\System32\d3d11.dll - ok
05:57:30.0848 5640 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\WINDOWS\System32\wbemcomn.dll
05:57:30.0848 5640 C:\WINDOWS\System32\wbemcomn.dll - ok
05:57:30.0848 5640 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\WINDOWS\System32\wbem\wbemprox.dll
05:57:30.0848 5640 C:\WINDOWS\System32\wbem\wbemprox.dll - ok
05:57:30.0848 5640 [ 2464A119FD0EC783B344309BBE7F4DBC ] C:\WINDOWS\System32\igd10umd64.dll
05:57:30.0848 5640 C:\WINDOWS\System32\igd10umd64.dll - ok
05:57:30.0848 5640 [ 037A719DAD50603202C978CD802623E4 ] C:\WINDOWS\System32\ntshrui.dll
05:57:30.0848 5640 C:\WINDOWS\System32\ntshrui.dll - ok
05:57:30.0848 5640 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\WINDOWS\SysWOW64\netapi32.dll
05:57:30.0848 5640 C:\WINDOWS\SysWOW64\netapi32.dll - ok
05:57:30.0848 5640 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\WINDOWS\System32\drivers\tcpipreg.sys
05:57:30.0848 5640 C:\WINDOWS\System32\drivers\tcpipreg.sys - ok
05:57:30.0864 5640 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\WINDOWS\System32\wbem\WinMgmtR.dll
05:57:30.0864 5640 C:\WINDOWS\System32\wbem\WinMgmtR.dll - ok
05:57:30.0864 5640 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\WINDOWS\System32\wbem\WmiDcPrv.dll
05:57:30.0864 5640 C:\WINDOWS\System32\wbem\WmiDcPrv.dll - ok
05:57:30.0864 5640 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\WINDOWS\System32\wbem\wbemcore.dll
05:57:30.0864 5640 C:\WINDOWS\System32\wbem\wbemcore.dll - ok
05:57:30.0864 5640 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\WINDOWS\System32\wbem\fastprox.dll
05:57:30.0864 5640 C:\WINDOWS\System32\wbem\fastprox.dll - ok
05:57:30.0864 5640 [ 20427929646784A482DF34EF8C4FED23 ] C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
05:57:30.0864 5640 C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe - ok
05:57:30.0864 5640 [ EE26D130808D16C0E417BBBED0451B34 ] C:\WINDOWS\System32\ntdsapi.dll
05:57:30.0864 5640 C:\WINDOWS\System32\ntdsapi.dll - ok
05:57:30.0864 5640 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\WINDOWS\System32\aeevts.dll
05:57:30.0864 5640 C:\WINDOWS\System32\aeevts.dll - ok
05:57:30.0864 5640 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\WINDOWS\System32\drivers\srv2.sys
05:57:30.0864 5640 C:\WINDOWS\System32\drivers\srv2.sys - ok
05:57:30.0879 5640 [ 087D8668C71634A3A3761135ABF16EEE ] C:\WINDOWS\System32\wbem\esscli.dll
05:57:30.0879 5640 C:\WINDOWS\System32\wbem\esscli.dll - ok
05:57:30.0879 5640 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\WINDOWS\System32\drivers\srv.sys
05:57:30.0879 5640 C:\WINDOWS\System32\drivers\srv.sys - ok
05:57:30.0879 5640 [ 27B9E163740A226B65E4B9E186117911 ] C:\WINDOWS\System32\sqmapi.dll
05:57:30.0879 5640 C:\WINDOWS\System32\sqmapi.dll - ok
05:57:30.0879 5640 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\WINDOWS\System32\netmsg.dll
05:57:30.0879 5640 C:\WINDOWS\System32\netmsg.dll - ok
05:57:30.0879 5640 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\WINDOWS\System32\wbem\wbemsvc.dll
05:57:30.0879 5640 C:\WINDOWS\System32\wbem\wbemsvc.dll - ok
05:57:30.0879 5640 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\WINDOWS\System32\wdscore.dll
05:57:30.0879 5640 C:\WINDOWS\System32\wdscore.dll - ok
05:57:30.0879 5640 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\WINDOWS\System32\rastapi.dll
05:57:30.0879 5640 C:\WINDOWS\System32\rastapi.dll - ok
05:57:30.0895 5640 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\WINDOWS\System32\tapi32.dll
05:57:30.0895 5640 C:\WINDOWS\System32\tapi32.dll - ok
05:57:30.0895 5640 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\WINDOWS\System32\wbem\wmiutils.dll
05:57:30.0895 5640 C:\WINDOWS\System32\wbem\wmiutils.dll - ok
05:57:30.0895 5640 [ 3B367397320C26DBA890B260F80D1B1B ] C:\WINDOWS\System32\hnetcfg.dll
05:57:30.0895 5640 C:\WINDOWS\System32\hnetcfg.dll - ok
05:57:30.0895 5640 [ 81749E073AC5857B044A686B406E5244 ] C:\WINDOWS\System32\clusapi.dll
05:57:30.0895 5640 C:\WINDOWS\System32\clusapi.dll - ok
05:57:30.0895 5640 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\WINDOWS\System32\sscore.dll
05:57:30.0895 5640 C:\WINDOWS\System32\sscore.dll - ok
05:57:30.0895 5640 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\WINDOWS\System32\unimdm.tsp
05:57:30.0895 5640 C:\WINDOWS\System32\unimdm.tsp - ok
05:57:30.0895 5640 [ AC122407B29378FF9646F03404AC7C54 ] C:\WINDOWS\SysWOW64\wshbth.dll
05:57:30.0895 5640 C:\WINDOWS\SysWOW64\wshbth.dll - ok
05:57:30.0911 5640 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\WINDOWS\System32\resutils.dll
05:57:30.0911 5640 C:\WINDOWS\System32\resutils.dll - ok
05:57:30.0911 5640 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\WINDOWS\System32\wbem\repdrvfs.dll
05:57:30.0911 5640 C:\WINDOWS\System32\wbem\repdrvfs.dll - ok
05:57:30.0911 5640 [ 94B7DF336815B47236724019FAB24B7C ] C:\WINDOWS\System32\uniplat.dll
05:57:30.0911 5640 C:\WINDOWS\System32\uniplat.dll - ok
05:57:30.0911 5640 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\WINDOWS\System32\kmddsp.tsp
05:57:30.0911 5640 C:\WINDOWS\System32\kmddsp.tsp - ok
05:57:30.0911 5640 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\WINDOWS\System32\ndptsp.tsp
05:57:30.0911 5640 C:\WINDOWS\System32\ndptsp.tsp - ok
05:57:30.0911 5640 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\WINDOWS\System32\hidphone.tsp
05:57:30.0911 5640 C:\WINDOWS\System32\hidphone.tsp - ok
05:57:30.0911 5640 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\WINDOWS\System32\rasppp.dll
05:57:30.0911 5640 C:\WINDOWS\System32\rasppp.dll - ok
05:57:30.0911 5640 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\WINDOWS\System32\vpnike.dll
05:57:30.0911 5640 C:\WINDOWS\System32\vpnike.dll - ok
05:57:30.0926 5640 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\WINDOWS\System32\mprapi.dll
05:57:30.0926 5640 C:\WINDOWS\System32\mprapi.dll - ok
05:57:30.0926 5640 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\WINDOWS\System32\wbem\WmiPrvSD.dll
05:57:30.0926 5640 C:\WINDOWS\System32\wbem\WmiPrvSD.dll - ok
05:57:30.0926 5640 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\WINDOWS\System32\ncobjapi.dll
05:57:30.0926 5640 C:\WINDOWS\System32\ncobjapi.dll - ok
05:57:30.0926 5640 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\WINDOWS\System32\wbem\wbemess.dll
05:57:30.0926 5640 C:\WINDOWS\System32\wbem\wbemess.dll - ok
05:57:30.0926 5640 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\WINDOWS\System32\wbem\unsecapp.exe
05:57:30.0926 5640 C:\WINDOWS\System32\wbem\unsecapp.exe - ok
05:57:30.0926 5640 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\WINDOWS\System32\perftrack.dll
05:57:30.0926 5640 C:\WINDOWS\System32\perftrack.dll - ok
05:57:30.0926 5640 [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
05:57:30.0926 5640 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
05:57:30.0942 5640 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\WINDOWS\System32\wbem\WmiPrvSE.exe
05:57:30.0942 5640 C:\WINDOWS\System32\wbem\WmiPrvSE.exe - ok
05:57:30.0942 5640 [ 220159496484D34009DE71CA1A68E0D4 ] C:\WINDOWS\System32\wbem\NCProv.dll
05:57:30.0942 5640 C:\WINDOWS\System32\wbem\NCProv.dll - ok
05:57:30.0942 5640 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\WINDOWS\System32\ndiscapCfg.dll
05:57:30.0942 5640 C:\WINDOWS\System32\ndiscapCfg.dll - ok
05:57:30.0942 5640 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\WINDOWS\System32\wer.dll
05:57:30.0942 5640 C:\WINDOWS\System32\wer.dll - ok
05:57:30.0942 5640 [ 6477C69FC49D97C7BF406D27E81FC17F ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
05:57:30.0942 5640 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll - ok
05:57:30.0942 5640 [ 3AECE0085C022EF7869679C695CA9365 ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
05:57:30.0942 5640 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll - ok
05:57:30.0942 5640 [ 1D63F4366288B8A7595397E27010FD44 ] C:\WINDOWS\System32\IconCodecService.dll
05:57:30.0942 5640 C:\WINDOWS\System32\IconCodecService.dll - ok
05:57:30.0942 5640 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\WINDOWS\SysWOW64\imagehlp.dll
05:57:30.0942 5640 C:\WINDOWS\SysWOW64\imagehlp.dll - ok
05:57:30.0957 5640 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\WINDOWS\SysWOW64\netutils.dll
05:57:30.0957 5640 C:\WINDOWS\SysWOW64\netutils.dll - ok
05:57:30.0957 5640 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\WINDOWS\SysWOW64\srvcli.dll
05:57:30.0957 5640 C:\WINDOWS\SysWOW64\srvcli.dll - ok
05:57:30.0957 5640 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\WINDOWS\SysWOW64\wkscli.dll
05:57:30.0957 5640 C:\WINDOWS\SysWOW64\wkscli.dll - ok
05:57:30.0957 5640 [ F7073C962C4FB7C415565DDE109DE49F ] C:\WINDOWS\System32\npmproxy.dll
05:57:30.0957 5640 C:\WINDOWS\System32\npmproxy.dll - ok
05:57:30.0957 5640 [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
05:57:30.0957 5640 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
05:57:30.0957 5640 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\WINDOWS\System32\PortableDeviceApi.dll
05:57:30.0957 5640 C:\WINDOWS\System32\PortableDeviceApi.dll - ok
05:57:30.0957 5640 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\WINDOWS\System32\mprmsg.dll
05:57:30.0957 5640 C:\WINDOWS\System32\mprmsg.dll - ok
05:57:30.0973 5640 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\WINDOWS\System32\Apphlpdm.dll
05:57:30.0973 5640 C:\WINDOWS\System32\Apphlpdm.dll - ok
05:57:30.0973 5640 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\WINDOWS\System32\dimsjob.dll
05:57:30.0973 5640 C:\WINDOWS\System32\dimsjob.dll - ok
05:57:30.0973 5640 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\WINDOWS\System32\PortableDeviceConnectApi.dll
05:57:30.0973 5640 C:\WINDOWS\System32\PortableDeviceConnectApi.dll - ok
05:57:30.0973 5640 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\WINDOWS\SysWOW64\msi.dll
05:57:30.0973 5640 C:\WINDOWS\SysWOW64\msi.dll - ok
05:57:30.0973 5640 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\WINDOWS\SysWOW64\cscapi.dll
05:57:30.0973 5640 C:\WINDOWS\SysWOW64\cscapi.dll - ok
05:57:30.0973 5640 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\WINDOWS\SysWOW64\dbghelp.dll
05:57:30.0973 5640 C:\WINDOWS\SysWOW64\dbghelp.dll - ok
05:57:30.0973 5640 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
05:57:30.0973 5640 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
05:57:30.0973 5640 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
05:57:30.0973 5640 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
05:57:30.0989 5640 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\WINDOWS\SysWOW64\mstask.dll
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\mstask.dll - ok
05:57:30.0989 5640 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\WINDOWS\System32\dbghelp.dll
05:57:30.0989 5640 C:\WINDOWS\System32\dbghelp.dll - ok
05:57:30.0989 5640 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\FWPUCLNT.DLL - ok
05:57:30.0989 5640 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\WINDOWS\SysWOW64\npmproxy.dll
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\npmproxy.dll - ok
05:57:30.0989 5640 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\WINDOWS\SysWOW64\netprofm.dll
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\netprofm.dll - ok
05:57:30.0989 5640 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\WINDOWS\SysWOW64\wbem\wbemsvc.dll
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\wbem\wbemsvc.dll - ok
05:57:30.0989 5640 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\WINDOWS\SysWOW64\nlaapi.dll
05:57:30.0989 5640 C:\WINDOWS\SysWOW64\nlaapi.dll - ok
05:57:31.0004 5640 [ 5610B0425518D185331CB8E968D060E6 ] C:\WINDOWS\SysWOW64\wbem\wmiutils.dll
05:57:31.0004 5640 C:\WINDOWS\SysWOW64\wbem\wmiutils.dll - ok
05:57:31.0004 5640 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\WINDOWS\SysWOW64\pautoenr.dll
05:57:31.0004 5640 C:\WINDOWS\SysWOW64\pautoenr.dll - ok
05:57:31.0004 5640 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\WINDOWS\SysWOW64\tcpipcfg.dll
05:57:31.0004 5640 C:\WINDOWS\SysWOW64\tcpipcfg.dll - ok
05:57:31.0004 5640 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\WINDOWS\System32\pautoenr.dll
05:57:31.0004 5640 C:\WINDOWS\System32\pautoenr.dll - ok
05:57:31.0004 5640 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\WINDOWS\SysWOW64\certcli.dll
05:57:31.0004 5640 C:\WINDOWS\SysWOW64\certcli.dll - ok
05:57:31.0004 5640 [ A113AFEED3159A1ED52D78CB0226006D ] C:\WINDOWS\SysWOW64\secur32.dll
05:57:31.0004 5640 C:\WINDOWS\SysWOW64\secur32.dll - ok
05:57:31.0004 5640 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\WINDOWS\System32\certcli.dll
05:57:31.0004 5640 C:\WINDOWS\System32\certcli.dll - ok
05:57:31.0004 5640 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\WINDOWS\System32\wbem\wmiprov.dll
05:57:31.0004 5640 C:\WINDOWS\System32\wbem\wmiprov.dll - ok
05:57:31.0020 5640 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\WINDOWS\SysWOW64\atl.dll
05:57:31.0020 5640 C:\WINDOWS\SysWOW64\atl.dll - ok
05:57:31.0020 5640 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\WINDOWS\SysWOW64\oleacc.dll
05:57:31.0020 5640 C:\WINDOWS\SysWOW64\oleacc.dll - ok
05:57:31.0020 5640 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\WINDOWS\SysWOW64\wbem\esscli.dll
05:57:31.0020 5640 C:\WINDOWS\SysWOW64\wbem\esscli.dll - ok
05:57:31.0020 5640 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B2FAD06-B9B3-4948-928F-49DB39AC1677}\gapaengine.dll
05:57:31.0020 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B2FAD06-B9B3-4948-928F-49DB39AC1677}\gapaengine.dll - ok
05:57:31.0020 5640 [ C86FB080A0A66A5D19735DD07696B4F8 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B2FAD06-B9B3-4948-928F-49DB39AC1677}\nisfull.vdm
05:57:31.0020 5640 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6B2FAD06-B9B3-4948-928F-49DB39AC1677}\nisfull.vdm - ok
05:57:31.0020 5640 [ 29BC473072568C072EC8B176498DE996 ] C:\WINDOWS\SysWOW64\CertEnroll.dll
05:57:31.0020 5640 C:\WINDOWS\SysWOW64\CertEnroll.dll - ok
05:57:31.0020 5640 [ CA9F7888B524D8100B977C81F44C3234 ] C:\WINDOWS\SysWOW64\winhttp.dll
05:57:31.0020 5640 C:\WINDOWS\SysWOW64\winhttp.dll - ok
05:57:31.0035 5640 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\WINDOWS\System32\wshbth.dll
05:57:31.0035 5640 C:\WINDOWS\System32\wshbth.dll - ok
05:57:31.0035 5640 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\WINDOWS\SysWOW64\credssp.dll
05:57:31.0035 5640 C:\WINDOWS\SysWOW64\credssp.dll - ok
05:57:31.0035 5640 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\WINDOWS\SysWOW64\ncrypt.dll
05:57:31.0035 5640 C:\WINDOWS\SysWOW64\ncrypt.dll - ok
05:57:31.0035 5640 [ 263B26106606A010CF877472B535E4BB ] C:\WINDOWS\System32\CertEnroll.dll
05:57:31.0035 5640 C:\WINDOWS\System32\CertEnroll.dll - ok
05:57:31.0035 5640 [ FEB91B4DA0D540865260A33838654FA3 ] C:\WINDOWS\System32\nci.dll
05:57:31.0035 5640 C:\WINDOWS\System32\nci.dll - ok
05:57:31.0035 5640 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\WINDOWS\SysWOW64\dsrole.dll
05:57:31.0035 5640 C:\WINDOWS\SysWOW64\dsrole.dll - ok
05:57:31.0035 5640 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\WINDOWS\SysWOW64\nci.dll
05:57:31.0035 5640 C:\WINDOWS\SysWOW64\nci.dll - ok
05:57:31.0035 5640 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\WINDOWS\System32\wlaninst.dll
05:57:31.0035 5640 C:\WINDOWS\System32\wlaninst.dll - ok
05:57:31.0051 5640 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\WINDOWS\SysWOW64\wlaninst.dll
05:57:31.0051 5640 C:\WINDOWS\SysWOW64\wlaninst.dll - ok
05:57:31.0051 5640 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\WINDOWS\System32\wwaninst.dll
05:57:31.0051 5640 C:\WINDOWS\System32\wwaninst.dll - ok
05:57:31.0051 5640 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\WINDOWS\SysWOW64\rundll32.exe
05:57:31.0051 5640 C:\WINDOWS\SysWOW64\rundll32.exe - ok
05:57:31.0051 5640 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\WINDOWS\SysWOW64\dllhost.exe
05:57:31.0051 5640 C:\WINDOWS\SysWOW64\dllhost.exe - ok
05:57:31.0051 5640 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\WINDOWS\SysWOW64\dnsapi.dll
05:57:31.0051 5640 C:\WINDOWS\SysWOW64\dnsapi.dll - ok
05:57:31.0051 5640 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\WINDOWS\SysWOW64\NapiNSP.dll
05:57:31.0051 5640 C:\WINDOWS\SysWOW64\NapiNSP.dll - ok
05:57:31.0051 5640 [ 58A0CDABEA255616827B1C22C9994466 ] C:\WINDOWS\System32\NapiNSP.dll
05:57:31.0051 5640 C:\WINDOWS\System32\NapiNSP.dll - ok
05:57:31.0051 5640 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\WINDOWS\System32\pnrpnsp.dll
05:57:31.0051 5640 C:\WINDOWS\System32\pnrpnsp.dll - ok
05:57:31.0067 5640 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\WINDOWS\SysWOW64\pnrpnsp.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\pnrpnsp.dll - ok
05:57:31.0067 5640 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\WINDOWS\System32\winrnr.dll
05:57:31.0067 5640 C:\WINDOWS\System32\winrnr.dll - ok
05:57:31.0067 5640 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\WINDOWS\SysWOW64\winrnr.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\winrnr.dll - ok
05:57:31.0067 5640 [ 2F03490092C032392FB6FF635222B9B2 ] C:\WINDOWS\SysWOW64\apisetschema.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\apisetschema.dll - ok
05:57:31.0067 5640 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\WINDOWS\SysWOW64\rasadhlp.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\rasadhlp.dll - ok
05:57:31.0067 5640 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\WINDOWS\SysWOW64\wship6.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\wship6.dll - ok
05:57:31.0067 5640 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\WINDOWS\SysWOW64\netshell.dll
05:57:31.0067 5640 C:\WINDOWS\SysWOW64\netshell.dll - ok
05:57:31.0082 5640 [ 90B4FDF61459637D9D46C9F91DBCA1D3 ] C:\WINDOWS\System32\nvinitx.dll
05:57:31.0082 5640 C:\WINDOWS\System32\nvinitx.dll - ok
05:57:31.0082 5640 [ 9A7B54D57594233EEB17892BAD309970 ] C:\WINDOWS\SysWOW64\mprmsg.dll
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\mprmsg.dll - ok
05:57:31.0082 5640 [ F14A9B1778376D0B1788E402AC1F831A ] C:\WINDOWS\SysWOW64\shacct.dll
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\shacct.dll - ok
05:57:31.0082 5640 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\WINDOWS\SysWOW64\IDStore.dll
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\IDStore.dll - ok
05:57:31.0082 5640 [ D44741F65A1D71F65814A12CF6E2400A ] C:\WINDOWS\SysWOW64\runonce.exe
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\runonce.exe - ok
05:57:31.0082 5640 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\WINDOWS\System32\runonce.exe
05:57:31.0082 5640 C:\WINDOWS\System32\runonce.exe - ok
05:57:31.0082 5640 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\WINDOWS\SysWOW64\actxprxy.dll
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\actxprxy.dll - ok
05:57:31.0082 5640 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\WINDOWS\SysWOW64\spfileq.dll
05:57:31.0082 5640 C:\WINDOWS\SysWOW64\spfileq.dll - ok
05:57:31.0098 5640 [ 1F74B33DC1296273C07F329466B8BE0F ] C:\WINDOWS\SysWOW64\en-US\runonce.exe.mui
05:57:31.0098 5640 C:\WINDOWS\SysWOW64\en-US\runonce.exe.mui - ok
05:57:31.0098 5640 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\WINDOWS\System32\spfileq.dll
05:57:31.0098 5640 C:\WINDOWS\System32\spfileq.dll - ok
05:57:31.0098 5640 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\WINDOWS\System32\diagperf.dll
05:57:31.0098 5640 C:\WINDOWS\System32\diagperf.dll - ok
05:57:31.0098 5640 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\WINDOWS\System32\actxprxy.dll
05:57:31.0098 5640 C:\WINDOWS\System32\actxprxy.dll - ok
05:57:31.0098 5640 [ 8F585EEFEAD6DE3A04AE6F3D5311C96B ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
05:57:31.0098 5640 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll - ok
05:57:31.0098 5640 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\WINDOWS\SysWOW64\uxtheme.dll
05:57:31.0098 5640 C:\WINDOWS\SysWOW64\uxtheme.dll - ok
05:57:31.0098 5640 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\WINDOWS\System32\pnpts.dll
05:57:31.0098 5640 C:\WINDOWS\System32\pnpts.dll - ok
05:57:31.0098 5640 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\WINDOWS\SysWOW64\dhcpcsvc.dll
05:57:31.0098 5640 C:\WINDOWS\SysWOW64\dhcpcsvc.dll - ok
05:57:31.0113 5640 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
05:57:31.0113 5640 C:\WINDOWS\SysWOW64\dhcpcsvc6.dll - ok
05:57:31.0113 5640 [ 7FFD52D73352806969D424EF327D10A7 ] C:\WINDOWS\SysWOW64\radardt.dll
05:57:31.0113 5640 C:\WINDOWS\SysWOW64\radardt.dll - ok
05:57:31.0113 5640 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\WINDOWS\System32\radardt.dll
05:57:31.0113 5640 C:\WINDOWS\System32\radardt.dll - ok
05:57:31.0113 5640 [ E811F8510B133E70CF6E509FB809824F ] C:\WINDOWS\System32\wdiasqmmodule.dll
05:57:31.0113 5640 C:\WINDOWS\System32\wdiasqmmodule.dll - ok
05:57:31.0113 5640 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\WINDOWS\SysWOW64\msxml6.dll
05:57:31.0113 5640 C:\WINDOWS\SysWOW64\msxml6.dll - ok
05:57:31.0113 5640 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\WINDOWS\SysWOW64\xmllite.dll
05:57:31.0113 5640 C:\WINDOWS\SysWOW64\xmllite.dll - ok
05:57:31.0113 5640 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\WINDOWS\SysWOW64\propsys.dll
05:57:31.0113 5640 C:\WINDOWS\SysWOW64\propsys.dll - ok
05:57:31.0129 5640 [ 30DB64D316F502558DB2380F7343C9FD ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
05:57:31.0129 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
05:57:31.0129 5640 [ 207204AF80505AF51271FE164B56F662 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll
05:57:31.0129 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveUtil.dll - ok
05:57:31.0129 5640 [ 30EFEBDC960A482E3E188B9960B286E2 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll
05:57:31.0129 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveNew.dll - ok
05:57:31.0129 5640 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll
05:57:31.0129 5640 C:\WINDOWS\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.dll - ok
05:57:31.0129 5640 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\WINDOWS\SysWOW64\msimg32.dll
05:57:31.0129 5640 C:\WINDOWS\SysWOW64\msimg32.dll - ok
05:57:31.0129 5640 [ B39B8CC163C41B12FE83E777199F3378 ] C:\WINDOWS\SysWOW64\tzres.dll
05:57:31.0129 5640 C:\WINDOWS\SysWOW64\tzres.dll - ok
05:57:31.0129 5640 [ D8C2B95BC2353E1F18850D6B8F5DBA13 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
05:57:31.0129 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll - ok
05:57:31.0145 5640 [ 533AECD1B5356870AE2D905B4D3B42B7 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll
05:57:31.0145 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMisc.dll - ok
05:57:31.0145 5640 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\WINDOWS\SysWOW64\msxml3.dll
05:57:31.0145 5640 C:\WINDOWS\SysWOW64\msxml3.dll - ok
05:57:31.0145 5640 [ CE7803953FE7314061B3F9188D310EB2 ] C:\WINDOWS\SysWOW64\en-US\KernelBase.dll.mui
05:57:31.0145 5640 C:\WINDOWS\SysWOW64\en-US\KernelBase.dll.mui - ok
05:57:31.0145 5640 [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\WINDOWS\SysWOW64\msxml3r.dll
05:57:31.0145 5640 C:\WINDOWS\SysWOW64\msxml3r.dll - ok
05:57:31.0145 5640 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
05:57:31.0145 5640 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
05:57:31.0145 5640 [ 2F486A48FDEB4502395851FD68EFA617 ] C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe
05:57:31.0145 5640 C:\Program Files (x86)\QvodPlayer\QvodTerminal.exe - ok
05:57:31.0145 5640 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\WINDOWS\SysWOW64\cmd.exe
05:57:31.0145 5640 C:\WINDOWS\SysWOW64\cmd.exe - ok
05:57:31.0145 5640 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\WINDOWS\SysWOW64\winbrand.dll
05:57:31.0145 5640 C:\WINDOWS\SysWOW64\winbrand.dll - ok
05:57:31.0160 5640 [ 0297BC851D4C2187E80466362E0D5FA8 ] C:\WINDOWS\SysWOW64\sort.exe
05:57:31.0160 5640 C:\WINDOWS\SysWOW64\sort.exe - ok
05:57:31.0160 5640 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\WINDOWS\winsxs\wow64_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.17974_none_746011233d79b9a7\AcLayers.dll
05:57:31.0160 5640 C:\WINDOWS\winsxs\wow64_microsoft-windows-a..ence-mitigations-c5_31bf3856ad364e35_6.1.7601.17974_none_746011233d79b9a7\AcLayers.dll - ok
05:57:31.0160 5640 [ B998AB59D5541777A1E43175A9ACBE83 ] C:\WINDOWS\System32\en-US\conhost.exe.mui
05:57:31.0160 5640 C:\WINDOWS\System32\en-US\conhost.exe.mui - ok
05:57:31.0160 5640 [ C43AFA13B552BCC4352106193F008229 ] C:\WINDOWS\SysWOW64\ieUnatt.exe
05:57:31.0160 5640 C:\WINDOWS\SysWOW64\ieUnatt.exe - ok
05:57:31.0160 5640 [ D875FF86664F102B97A4BD5746AD40F5 ] C:\WINDOWS\SysWOW64\en-US\msctf.dll.mui
05:57:31.0160 5640 C:\WINDOWS\SysWOW64\en-US\msctf.dll.mui - ok
05:57:31.0160 5640 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\WINDOWS\SysWOW64\ieframe.dll
05:57:31.0160 5640 C:\WINDOWS\SysWOW64\ieframe.dll - ok
05:57:31.0160 5640 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\WINDOWS\SysWOW64\shdocvw.dll
05:57:31.0160 5640 C:\WINDOWS\SysWOW64\shdocvw.dll - ok
05:57:31.0176 5640 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Wyatt.Wyatt-PC\AppData\Local\Temp\F9E4AD7B-207D-4E56-BCD8-A5A33BD01AB8.exe
05:57:31.0176 5640 C:\Users\Wyatt.Wyatt-PC\AppData\Local\Temp\F9E4AD7B-207D-4E56-BCD8-A5A33BD01AB8.exe - ok
05:57:31.0176 5640 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\WINDOWS\SysWOW64\bcrypt.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\bcrypt.dll - ok
05:57:31.0176 5640 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\WINDOWS\SysWOW64\bcryptprimitives.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\bcryptprimitives.dll - ok
05:57:31.0176 5640 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\WINDOWS\SysWOW64\gpapi.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\gpapi.dll - ok
05:57:31.0176 5640 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\WINDOWS\SysWOW64\cryptnet.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\cryptnet.dll - ok
05:57:31.0176 5640 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\WINDOWS\SysWOW64\SensApi.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\SensApi.dll - ok
05:57:31.0176 5640 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\WINDOWS\SysWOW64\webio.dll
05:57:31.0176 5640 C:\WINDOWS\SysWOW64\webio.dll - ok
05:57:31.0176 5640 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
05:57:31.0176 5640 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
05:57:31.0191 5640 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
05:57:31.0191 5640 C:\Program Files\Windows Defender\MpClient.dll - ok
05:57:31.0191 5640 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\WINDOWS\SysWOW64\WindowsCodecs.dll
05:57:31.0191 5640 C:\WINDOWS\SysWOW64\WindowsCodecs.dll - ok
05:57:31.0191 5640 [ 0BAD4EC927A69FB947946D70D7C1BEDB ] C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll
05:57:31.0191 5640 C:\Program Files (x86)\QvodPlayer\QvodExtend\5.0.83.0\QvodExtend.dll - ok
05:57:31.0191 5640 [ 846D0E4DB261CFAF363902E41498E961 ] C:\WINDOWS\SysWOW64\EhStorShell.dll
05:57:31.0191 5640 C:\WINDOWS\SysWOW64\EhStorShell.dll - ok
05:57:31.0191 5640 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
05:57:31.0191 5640 C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
05:57:31.0191 5640 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\WINDOWS\SysWOW64\ntshrui.dll
05:57:31.0191 5640 C:\WINDOWS\SysWOW64\ntshrui.dll - ok
05:57:31.0191 5640 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\WINDOWS\SysWOW64\slc.dll
05:57:31.0191 5640 C:\WINDOWS\SysWOW64\slc.dll - ok
05:57:31.0207 5640 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\WINDOWS\SysWOW64\imageres.dll
05:57:31.0207 5640 C:\WINDOWS\SysWOW64\imageres.dll - ok
05:57:31.0207 5640 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\WINDOWS\SysWOW64\powrprof.dll
05:57:31.0207 5640 C:\WINDOWS\SysWOW64\powrprof.dll - ok
05:57:31.0207 5640 [ B6663FC132F0262A5EF48DB2D0187DE3 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
05:57:31.0207 5640 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
05:57:31.0207 5640 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
05:57:31.0207 5640 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
05:57:31.0207 5640 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\WINDOWS\SysWOW64\comdlg32.dll
05:57:31.0207 5640 C:\WINDOWS\SysWOW64\comdlg32.dll - ok
05:57:31.0207 5640 [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\WINDOWS\SysWOW64\oleaccrc.dll
05:57:31.0207 5640 C:\WINDOWS\SysWOW64\oleaccrc.dll - ok
05:57:31.0207 5640 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\WINDOWS\SysWOW64\dwmapi.dll
05:57:31.0207 5640 C:\WINDOWS\SysWOW64\dwmapi.dll - ok
05:57:31.0207 5640 [ AE0A2DE2BB518D204F94DDCF93BBCC4C ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
05:57:31.0207 5640 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
05:57:31.0223 5640 [ B720B4D1C97FBE02BE32812B580F1849 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
05:57:31.0223 5640 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
05:57:31.0223 5640 [ EC248BC9C9C225FD289F250756503146 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
05:57:31.0223 5640 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
05:57:31.0223 5640 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\WINDOWS\SysWOW64\sfc.dll
05:57:31.0223 5640 C:\WINDOWS\SysWOW64\sfc.dll - ok
05:57:31.0223 5640 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\WINDOWS\SysWOW64\sfc_os.dll
05:57:31.0223 5640 C:\WINDOWS\SysWOW64\sfc_os.dll - ok
05:57:31.0223 5640 [ B519848DFA30AE2B306576B51321D102 ] C:\WINDOWS\System32\ie4uinit.exe
05:57:31.0223 5640 C:\WINDOWS\System32\ie4uinit.exe - ok
05:57:31.0223 5640 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\WINDOWS\System32\iedkcs32.dll
05:57:31.0223 5640 C:\WINDOWS\System32\iedkcs32.dll - ok
05:57:31.0223 5640 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\WINDOWS\SysWOW64\SndVolSSO.dll
05:57:31.0223 5640 C:\WINDOWS\SysWOW64\SndVolSSO.dll - ok
05:57:31.0238 5640 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\WINDOWS\SysWOW64\hid.dll
05:57:31.0238 5640 C:\WINDOWS\SysWOW64\hid.dll - ok
05:57:31.0238 5640 [ 243974EC02F7AE49E4179C54624143AB ] C:\WINDOWS\SysWOW64\MMDevAPI.dll
05:57:31.0238 5640 C:\WINDOWS\SysWOW64\MMDevAPI.dll - ok
05:57:31.0238 5640 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\WINDOWS\SysWOW64\timedate.cpl
05:57:31.0238 5640 C:\WINDOWS\SysWOW64\timedate.cpl - ok
05:57:31.0238 5640 [ FB10715E4099AF9FA389C71873245226 ] C:\WINDOWS\System32\timedate.cpl
05:57:31.0238 5640 C:\WINDOWS\System32\timedate.cpl - ok
05:57:31.0238 5640 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\WINDOWS\System32\shdocvw.dll
05:57:31.0238 5640 C:\WINDOWS\System32\shdocvw.dll - ok
05:57:31.0238 5640 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\WINDOWS\System32\linkinfo.dll
05:57:31.0238 5640 C:\WINDOWS\System32\linkinfo.dll - ok
05:57:31.0238 5640 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\WINDOWS\SysWOW64\linkinfo.dll
05:57:31.0238 5640 C:\WINDOWS\SysWOW64\linkinfo.dll - ok
05:57:31.0238 5640 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\WINDOWS\SysWOW64\msutb.dll
05:57:31.0238 5640 C:\WINDOWS\SysWOW64\msutb.dll - ok
05:57:31.0254 5640 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\WINDOWS\SysWOW64\samlib.dll
05:57:31.0254 5640 C:\WINDOWS\SysWOW64\samlib.dll - ok
05:57:31.0254 5640 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\WINDOWS\SysWOW64\samcli.dll
05:57:31.0254 5640 C:\WINDOWS\SysWOW64\samcli.dll - ok
05:57:31.0254 5640 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\WINDOWS\SysWOW64\gameux.dll
05:57:31.0254 5640 C:\WINDOWS\SysWOW64\gameux.dll - ok
05:57:31.0254 5640 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\WINDOWS\System32\gameux.dll
05:57:31.0254 5640 C:\WINDOWS\System32\gameux.dll - ok
05:57:31.0254 5640 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\WINDOWS\SysWOW64\msftedit.dll
05:57:31.0254 5640 C:\WINDOWS\SysWOW64\msftedit.dll - ok
05:57:31.0254 5640 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\WINDOWS\SysWOW64\wer.dll
05:57:31.0254 5640 C:\WINDOWS\SysWOW64\wer.dll - ok
05:57:31.0254 5640 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\WINDOWS\System32\msftedit.dll
05:57:31.0254 5640 C:\WINDOWS\System32\msftedit.dll - ok
05:57:31.0269 5640 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\WINDOWS\System32\msls31.dll
05:57:31.0269 5640 C:\WINDOWS\System32\msls31.dll - ok
05:57:31.0269 5640 [ 35AAE2E841AA1A949775168E119482C9 ] C:\WINDOWS\SysWOW64\msls31.dll
05:57:31.0269 5640 C:\WINDOWS\SysWOW64\msls31.dll - ok
05:57:31.0269 5640 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
05:57:31.0269 5640 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
05:57:31.0269 5640 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\WINDOWS\SysWOW64\authui.dll
05:57:31.0269 5640 C:\WINDOWS\SysWOW64\authui.dll - ok
05:57:31.0269 5640 [ 28CA821606669BB9215CE010767720FA ] C:\WINDOWS\SysWOW64\cryptui.dll
05:57:31.0269 5640 C:\WINDOWS\SysWOW64\cryptui.dll - ok
05:57:31.0269 5640 [ 69754747274B76E7FAF287239333D7E6 ] C:\WINDOWS\System32\msiltcfg.dll
05:57:31.0269 5640 C:\WINDOWS\System32\msiltcfg.dll - ok
05:57:31.0269 5640 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\WINDOWS\SysWOW64\msiltcfg.dll
05:57:31.0269 5640 C:\WINDOWS\SysWOW64\msiltcfg.dll - ok
05:57:31.0269 5640 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\WINDOWS\System32\msi.dll
05:57:31.0269 5640 C:\WINDOWS\System32\msi.dll - ok
05:57:31.0285 5640 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\WINDOWS\System32\DeviceCenter.dll
05:57:31.0285 5640 C:\WINDOWS\System32\DeviceCenter.dll - ok
05:57:31.0285 5640 [ 1E31601B50CB0307CB890D42BE58817D ] C:\WINDOWS\System32\igfxtray.exe
05:57:31.0285 5640 C:\WINDOWS\System32\igfxtray.exe - ok
05:57:31.0285 5640 [ 45420ED072CD78487A0FDDBE3A1F6026 ] C:\WINDOWS\System32\hkcmd.exe
05:57:31.0285 5640 C:\WINDOWS\System32\hkcmd.exe - ok
05:57:31.0285 5640 [ 518318A103C888001054EFA1236E5033 ] C:\WINDOWS\SysWOW64\dfshim.dll
05:57:31.0285 5640 C:\WINDOWS\SysWOW64\dfshim.dll - ok
05:57:31.0285 5640 [ E1DCEE9E3EC0522DF24397BE1A64E449 ] C:\WINDOWS\System32\dfshim.dll
05:57:31.0285 5640 C:\WINDOWS\System32\dfshim.dll - ok
05:57:31.0285 5640 [ 1A2217ABEAA0E31AB8B0D3D969F39D6C ] C:\WINDOWS\System32\hccutils.dll
05:57:31.0285 5640 C:\WINDOWS\System32\hccutils.dll - ok
05:57:31.0285 5640 [ 20D8BA8F96D26E84081C6562B7C0D0DC ] C:\WINDOWS\System32\igfxsrvc.dll
05:57:31.0285 5640 C:\WINDOWS\System32\igfxsrvc.dll - ok
05:57:31.0301 5640 [ A664AA8FCBF0A9EAED4FC77DFC9F2AB4 ] C:\WINDOWS\System32\igfxrenu.lrc
05:57:31.0301 5640 C:\WINDOWS\System32\igfxrenu.lrc - ok
05:57:31.0301 5640 [ 351565413C40A8611715BD96BCB462FF ] C:\WINDOWS\System32\igfxress.dll
05:57:31.0301 5640 C:\WINDOWS\System32\igfxress.dll - ok
05:57:31.0301 5640 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\WINDOWS\SysWOW64\mscoree.dll
05:57:31.0301 5640 C:\WINDOWS\SysWOW64\mscoree.dll - ok
05:57:31.0301 5640 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\WINDOWS\System32\mscoree.dll
05:57:31.0301 5640 C:\WINDOWS\System32\mscoree.dll - ok
05:57:31.0301 5640 [ 56A3D5432E9CFB8E3443BED8C1CB14A1 ] C:\WINDOWS\System32\igfxpers.exe
05:57:31.0301 5640 C:\WINDOWS\System32\igfxpers.exe - ok
05:57:31.0301 5640 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
05:57:31.0301 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
05:57:31.0301 5640 [ 759CDFE07A593142AD7FD5029E582FE3 ] C:\Program Files\IDT\WDM\sttray64.exe
05:57:31.0301 5640 C:\Program Files\IDT\WDM\sttray64.exe - ok
05:57:31.0301 5640 [ 20437681A7678D440BBEE38C0453B852 ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
05:57:31.0301 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll - ok
05:57:31.0316 5640 [ 46C5646D7C4FD75E443A6E19D22B0130 ] C:\WINDOWS\System32\igfxsrvc.exe
05:57:31.0316 5640 C:\WINDOWS\System32\igfxsrvc.exe - ok
05:57:31.0316 5640 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\clr.dll
05:57:31.0316 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
05:57:31.0316 5640 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\WINDOWS\System32\drivers\10734299.sys
05:57:31.0316 5640 C:\WINDOWS\System32\drivers\10734299.sys - ok
05:57:31.0316 5640 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\WINDOWS\SysWOW64\mfc42u.dll
05:57:31.0316 5640 C:\WINDOWS\SysWOW64\mfc42u.dll - ok
05:57:31.0316 5640 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
05:57:31.0316 5640 C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll - ok
05:57:31.0316 5640 [ CB21CD39637AC13F3455454B2F648257 ] C:\WINDOWS\System32\msvcr100_clr0400.dll
05:57:31.0316 5640 C:\WINDOWS\System32\msvcr100_clr0400.dll - ok
05:57:31.0316 5640 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\WINDOWS\SysWOW64\odbc32.dll
05:57:31.0316 5640 C:\WINDOWS\SysWOW64\odbc32.dll - ok
05:57:31.0332 5640 [ 78506F306C9BB2323B73F0ED7A3CEAA2 ] C:\Program Files\IDT\WDM\stlang64.dll
05:57:31.0332 5640 C:\Program Files\IDT\WDM\stlang64.dll - ok
05:57:31.0332 5640 [ 3F1C67C99FF157349E04DCE25E1EDDA7 ] C:\Program Files\DellTPad\Apoint.exe
05:57:31.0332 5640 C:\Program Files\DellTPad\Apoint.exe - ok
05:57:31.0332 5640 [ 672D7C5080ACB003343006405DA2E621 ] C:\WINDOWS\SysWOW64\thumbcache.dll
05:57:31.0332 5640 C:\WINDOWS\SysWOW64\thumbcache.dll - ok
05:57:31.0332 5640 [ 24F4B480F335A6C724AF352253C5D98B ] C:\WINDOWS\System32\thumbcache.dll
05:57:31.0332 5640 C:\WINDOWS\System32\thumbcache.dll - ok
05:57:31.0332 5640 [ 4A98FF2EDD8C72CEEB42E0BA24330BE1 ] C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
05:57:31.0332 5640 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll - ok
05:57:31.0332 5640 [ B6911957008FE1FE6333283573BBA59A ] C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
05:57:31.0332 5640 C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll - ok
05:57:31.0332 5640 [ 8886E0697B0A93C521F99099EF643450 ] C:\WINDOWS\System32\wscript.exe
05:57:31.0332 5640 C:\WINDOWS\System32\wscript.exe - ok
05:57:31.0347 5640 [ D1AB72DB2BEDD2F255D35DA3DA0D4B16 ] C:\WINDOWS\SysWOW64\wscript.exe
05:57:31.0347 5640 C:\WINDOWS\SysWOW64\wscript.exe - ok
05:57:31.0347 5640 [ 84AB0E0EFB4E3EE9EF0133959779A26A ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
05:57:31.0347 5640 C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe - ok
05:57:31.0347 5640 [ 61CD9799267577F8FB8FFA836ABC8B52 ] C:\Program Files\DellTPad\Apoint.dll
05:57:31.0347 5640 C:\Program Files\DellTPad\Apoint.dll - ok
05:57:31.0347 5640 [ 9B9AF03EB8B05DCF343673CCCD4A853C ] C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
05:57:31.0347 5640 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll - ok
05:57:31.0347 5640 [ 180CD33E94A878E8287C9A537166F5C7 ] C:\WINDOWS\System32\igfxdev.dll
05:57:31.0347 5640 C:\WINDOWS\System32\igfxdev.dll - ok
05:57:31.0347 5640 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\WINDOWS\SysWOW64\networkexplorer.dll
05:57:31.0347 5640 C:\WINDOWS\SysWOW64\networkexplorer.dll - ok
05:57:31.0347 5640 [ E3343396869DED44E28975C1EBA10CCB ] C:\WINDOWS\System32\Vxdif.dll
05:57:31.0347 5640 C:\WINDOWS\System32\Vxdif.dll - ok
05:57:31.0363 5640 [ D4F264FE23F8953D840904418220C15E ] C:\WINDOWS\SysWOW64\dxgi.dll
05:57:31.0363 5640 C:\WINDOWS\SysWOW64\dxgi.dll - ok
05:57:31.0363 5640 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\WINDOWS\System32\networkexplorer.dll
05:57:31.0363 5640 C:\WINDOWS\System32\networkexplorer.dll - ok
05:57:31.0363 5640 [ 67611DEA70471375E1913A4CFC6A6575 ] C:\Program Files\DellTPad\EzAuto.dll
05:57:31.0363 5640 C:\Program Files\DellTPad\EzAuto.dll - ok
05:57:31.0363 5640 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\WINDOWS\SysWOW64\odbcint.dll
05:57:31.0363 5640 C:\WINDOWS\SysWOW64\odbcint.dll - ok
05:57:31.0363 5640 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\WINDOWS\SysWOW64\sxs.dll
05:57:31.0363 5640 C:\WINDOWS\SysWOW64\sxs.dll - ok
05:57:31.0363 5640 [ 0E92BD6EBE215FA80288AFA7996A622B ] C:\WINDOWS\System32\vbscript.dll
05:57:31.0363 5640 C:\WINDOWS\System32\vbscript.dll - ok
05:57:31.0363 5640 [ C9A2D460FD5E409C9320B4CE68A81549 ] C:\WINDOWS\SysWOW64\vbscript.dll
05:57:31.0363 5640 C:\WINDOWS\SysWOW64\vbscript.dll - ok
05:57:31.0363 5640 [ 105CFE016CCB20175BEACEC146F175AB ] C:\WINDOWS\System32\IccLibDll_x64.dll
05:57:31.0363 5640 C:\WINDOWS\System32\IccLibDll_x64.dll - ok
05:57:31.0379 5640 [ BC0A3C03E1DF23746F999F0576690B75 ] C:\Program Files\DellTPad\ApMsgFwd.exe
05:57:31.0379 5640 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
05:57:31.0379 5640 [ 9358ED3561201D0392E749A114686A5F ] C:\WINDOWS\System32\GfxUI.exe
05:57:31.0379 5640 C:\WINDOWS\System32\GfxUI.exe - ok
05:57:31.0379 5640 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\WINDOWS\System32\consent.exe
05:57:31.0379 5640 C:\WINDOWS\System32\consent.exe - ok
05:57:31.0379 5640 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\WINDOWS\SysWOW64\oledlg.dll
05:57:31.0379 5640 C:\WINDOWS\SysWOW64\oledlg.dll - ok
05:57:31.0379 5640 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\WINDOWS\SysWOW64\wdmaud.drv
05:57:31.0379 5640 C:\WINDOWS\SysWOW64\wdmaud.drv - ok
05:57:31.0379 5640 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\WINDOWS\SysWOW64\ksuser.dll
05:57:31.0379 5640 C:\WINDOWS\SysWOW64\ksuser.dll - ok
05:57:31.0379 5640 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\WINDOWS\SysWOW64\msisip.dll
05:57:31.0379 5640 C:\WINDOWS\SysWOW64\msisip.dll - ok
05:57:31.0379 5640 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\WINDOWS\System32\msisip.dll
05:57:31.0379 5640 C:\WINDOWS\System32\msisip.dll - ok
05:57:31.0394 5640 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\WINDOWS\SysWOW64\avrt.dll
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\avrt.dll - ok
05:57:31.0394 5640 [ E8F6851E4600CD3674422487EE240941 ] C:\WINDOWS\SysWOW64\wshext.dll
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\wshext.dll - ok
05:57:31.0394 5640 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\WINDOWS\System32\wshext.dll
05:57:31.0394 5640 C:\WINDOWS\System32\wshext.dll - ok
05:57:31.0394 5640 [ C940F2F5C60B3727C5F18840735B229C ] C:\WINDOWS\SysWOW64\AudioSes.dll
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\AudioSes.dll - ok
05:57:31.0394 5640 [ 2D542FEEEE1644365BCE3327E91A5798 ] C:\WINDOWS\SysWOW64\scrobj.dll
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\scrobj.dll - ok
05:57:31.0394 5640 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\WINDOWS\System32\scrobj.dll
05:57:31.0394 5640 C:\WINDOWS\System32\scrobj.dll - ok
05:57:31.0394 5640 [ 07393A09C46083588E751B63B03C8301 ] C:\WINDOWS\SysWOW64\msacm32.drv
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\msacm32.drv - ok
05:57:31.0394 5640 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\WINDOWS\SysWOW64\msacm32.dll
05:57:31.0394 5640 C:\WINDOWS\SysWOW64\msacm32.dll - ok
05:57:31.0410 5640 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\WINDOWS\SysWOW64\wmsgapi.dll
05:57:31.0410 5640 C:\WINDOWS\SysWOW64\wmsgapi.dll - ok
05:57:31.0410 5640 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\WINDOWS\SysWOW64\midimap.dll
05:57:31.0410 5640 C:\WINDOWS\SysWOW64\midimap.dll - ok
05:57:31.0410 5640 [ 244C6722289F4869068992FD7D8A8832 ] C:\WINDOWS\SysWOW64\wbem\wbemdisp.dll
05:57:31.0410 5640 C:\WINDOWS\SysWOW64\wbem\wbemdisp.dll - ok
05:57:31.0410 5640 [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
05:57:31.0410 5640 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
05:57:31.0410 5640 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\WINDOWS\System32\wbem\wbemdisp.dll
05:57:31.0410 5640 C:\WINDOWS\System32\wbem\wbemdisp.dll - ok
05:57:31.0410 5640 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\WINDOWS\SysWOW64\wbemcomn.dll
05:57:31.0410 5640 C:\WINDOWS\SysWOW64\wbemcomn.dll - ok
05:57:31.0410 5640 [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
05:57:31.0410 5640 C:\Program Files\Microsoft Security Client\msseces.exe - ok
05:57:31.0425 5640 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\WINDOWS\SysWOW64\riched20.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\riched20.dll - ok
05:57:31.0425 5640 [ C5B0324DB461559ADD070E632A6919FA ] C:\WINDOWS\SysWOW64\wbem\wbemprox.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\wbem\wbemprox.dll - ok
05:57:31.0425 5640 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\WINDOWS\SysWOW64\ExplorerFrame.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\ExplorerFrame.dll - ok
05:57:31.0425 5640 [ CE17313C46E90FF4D80D475E920F995E ] C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll
05:57:31.0425 5640 C:\Program Files\Common Files\Intel\WirelessCommon\CustomUIResource.dll - ok
05:57:31.0425 5640 [ B43687C534A49700BF4B3C9898763752 ] C:\WINDOWS\SysWOW64\MsCtfMonitor.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\MsCtfMonitor.dll - ok
05:57:31.0425 5640 [ 19F9B524A525D202194247E96656CB88 ] C:\WINDOWS\System32\mfc42u.dll
05:57:31.0425 5640 C:\WINDOWS\System32\mfc42u.dll - ok
05:57:31.0425 5640 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\WINDOWS\SysWOW64\esent.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\esent.dll - ok
05:57:31.0425 5640 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\WINDOWS\SysWOW64\duser.dll
05:57:31.0425 5640 C:\WINDOWS\SysWOW64\duser.dll - ok
05:57:31.0441 5640 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\WINDOWS\System32\esent.dll
05:57:31.0441 5640 C:\WINDOWS\System32\esent.dll - ok
05:57:31.0441 5640 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\WINDOWS\System32\odbc32.dll
05:57:31.0441 5640 C:\WINDOWS\System32\odbc32.dll - ok
05:57:31.0441 5640 [ EE06B85BC69F18826302348A2AD089E0 ] C:\WINDOWS\SysWOW64\dui70.dll
05:57:31.0441 5640 C:\WINDOWS\SysWOW64\dui70.dll - ok
05:57:31.0441 5640 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\WINDOWS\SysWOW64\wbem\fastprox.dll
05:57:31.0441 5640 C:\WINDOWS\SysWOW64\wbem\fastprox.dll - ok
05:57:31.0441 5640 [ F16D9E8E2538A6E13A4E23F6D2E583B7 ] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll
05:57:31.0441 5640 C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll - ok
05:57:31.0441 5640 [ E3E811471DE781900FF21C1FD84E941E ] C:\WINDOWS\SysWOW64\ntdsapi.dll
05:57:31.0441 5640 C:\WINDOWS\SysWOW64\ntdsapi.dll - ok
05:57:31.0441 5640 [ 806351D7F3579B4537761F91AB577040 ] C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll
05:57:31.0441 5640 C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\PanTray.dll - ok
05:57:31.0457 5640 [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\WINDOWS\SysWOW64\UIAnimation.dll
05:57:31.0457 5640 C:\WINDOWS\SysWOW64\UIAnimation.dll - ok
05:57:31.0457 5640 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\WINDOWS\System32\UIAnimation.dll
05:57:31.0457 5640 C:\WINDOWS\System32\UIAnimation.dll - ok
05:57:31.0457 5640 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe
05:57:31.0457 5640 C:\WINDOWS\SysWOW64\wbem\WmiPrvSE.exe - ok
05:57:31.0457 5640 [ B010CF886420EE29C2C276646721D255 ] C:\WINDOWS\SysWOW64\wlanapi.dll
05:57:31.0457 5640 C:\WINDOWS\SysWOW64\wlanapi.dll - ok
05:57:31.0457 5640 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\WINDOWS\SysWOW64\wlanutil.dll
05:57:31.0457 5640 C:\WINDOWS\SysWOW64\wlanutil.dll - ok
05:57:31.0457 5640 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\WINDOWS\System32\odbcint.dll
05:57:31.0457 5640 C:\WINDOWS\System32\odbcint.dll - ok
05:57:31.0457 5640 [ AD182369DFB2083077E65D398C79B950 ] C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL
05:57:31.0457 5640 C:\Program Files\Intel\WiFi\bin\WiMAXCoEx.DLL - ok
05:57:31.0457 5640 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\WINDOWS\System32\SensApi.dll
05:57:31.0457 5640 C:\WINDOWS\System32\SensApi.dll - ok
05:57:31.0472 5640 [ FE97FF062800186474BDF32565FD4BD6 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\ara.dll
05:57:31.0472 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\ara.dll - ok
05:57:31.0472 5640 [ C98C09073A2A1E4355E86F690CDF21AC ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
05:57:31.0472 5640 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
05:57:31.0472 5640 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\WINDOWS\SysWOW64\stobject.dll
05:57:31.0472 5640 C:\WINDOWS\SysWOW64\stobject.dll - ok
05:57:31.0472 5640 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\WINDOWS\System32\stobject.dll
05:57:31.0472 5640 C:\WINDOWS\System32\stobject.dll - ok
05:57:31.0472 5640 [ 309A9B2AB264D17404D627CAEB1C68DB ] C:\Program Files (x86)\Intel\Bluetooth\Resources\chs.dll
05:57:31.0472 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\chs.dll - ok
05:57:31.0472 5640 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\WINDOWS\SysWOW64\batmeter.dll
05:57:31.0472 5640 C:\WINDOWS\SysWOW64\batmeter.dll - ok
05:57:31.0472 5640 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\WINDOWS\System32\batmeter.dll
05:57:31.0472 5640 C:\WINDOWS\System32\batmeter.dll - ok
05:57:31.0472 5640 [ 633EDA472BDBE34C71D603C4E4211DFB ] C:\Program Files (x86)\Intel\Bluetooth\Resources\cht.dll
05:57:31.0472 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\cht.dll - ok
05:57:31.0488 5640 [ 952D24D3C676223322885D75E5F16D3F ] C:\Program Files (x86)\Intel\Bluetooth\Resources\csy.dll
05:57:31.0488 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\csy.dll - ok
05:57:31.0488 5640 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\WINDOWS\SysWOW64\es.dll
05:57:31.0488 5640 C:\WINDOWS\SysWOW64\es.dll - ok
05:57:31.0488 5640 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\WINDOWS\SysWOW64\prnfldr.dll
05:57:31.0488 5640 C:\WINDOWS\SysWOW64\prnfldr.dll - ok
05:57:31.0488 5640 [ 829EF7CA57BF22DA8FD18DF022B22E95 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\dan.dll
05:57:31.0488 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\dan.dll - ok
05:57:31.0488 5640 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\WINDOWS\System32\prnfldr.dll
05:57:31.0488 5640 C:\WINDOWS\System32\prnfldr.dll - ok
05:57:31.0488 5640 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\WINDOWS\SysWOW64\taskschd.dll
05:57:31.0488 5640 C:\WINDOWS\SysWOW64\taskschd.dll - ok
05:57:31.0488 5640 [ 75EB974222F293159427F9A77A5F3C6A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
05:57:31.0488 5640 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll - ok
05:57:31.0503 5640 [ A4CC7227A452C4909F9499D91B184364 ] C:\WINDOWS\SysWOW64\ncobjapi.dll
05:57:31.0503 5640 C:\WINDOWS\SysWOW64\ncobjapi.dll - ok
05:57:31.0503 5640 [ 94334F41713196D488017B160851F57D ] C:\Program Files\Intel\WiFi\bin\PanApi.dll
05:57:31.0503 5640 C:\Program Files\Intel\WiFi\bin\PanApi.dll - ok
05:57:31.0503 5640 [ 2F4891D4858D4633D85DBEE98CE9641F ] C:\Program Files (x86)\Intel\Bluetooth\Resources\deu.dll
05:57:31.0503 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\deu.dll - ok
05:57:31.0503 5640 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\WINDOWS\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
05:57:31.0503 5640 C:\WINDOWS\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
05:57:31.0503 5640 [ B795C1B7F0616969E3060409BC960D3B ] C:\Program Files (x86)\Intel\Bluetooth\Resources\ell.dll
05:57:31.0503 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\ell.dll - ok
05:57:31.0503 5640 [ A8C05DD686FD7521914AAE742DECB0DA ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
05:57:31.0503 5640 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
05:57:31.0503 5640 [ 7E22F8800563C84762D68AF2E4ECE630 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\esn.dll
05:57:31.0503 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\esn.dll - ok
05:57:31.0519 5640 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\WINDOWS\System32\drivers\hidusb.sys
05:57:31.0519 5640 C:\WINDOWS\System32\drivers\hidusb.sys - ok
05:57:31.0519 5640 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\WINDOWS\System32\DXP.dll
05:57:31.0519 5640 C:\WINDOWS\System32\DXP.dll - ok
05:57:31.0519 5640 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\WINDOWS\SysWOW64\Syncreg.dll
05:57:31.0519 5640 C:\WINDOWS\SysWOW64\Syncreg.dll - ok
05:57:31.0519 5640 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\WINDOWS\System32\drivers\hidclass.sys
05:57:31.0519 5640 C:\WINDOWS\System32\drivers\hidclass.sys - ok
05:57:31.0519 5640 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\WINDOWS\System32\Syncreg.dll
05:57:31.0519 5640 C:\WINDOWS\System32\Syncreg.dll - ok
05:57:31.0519 5640 [ 51E05020343002B6A4671422FAF9DDC2 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\fin.dll
05:57:31.0519 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\fin.dll - ok
05:57:31.0519 5640 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\WINDOWS\System32\drivers\hidparse.sys
05:57:31.0519 5640 C:\WINDOWS\System32\drivers\hidparse.sys - ok
05:57:31.0519 5640 [ C836175870E00ACC546066632E15BD10 ] C:\WINDOWS\ehome\ehSSO.dll
05:57:31.0519 5640 C:\WINDOWS\ehome\ehSSO.dll - ok
05:57:31.0535 5640 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\WINDOWS\System32\wbem\cimwin32.dll
05:57:31.0535 5640 C:\WINDOWS\System32\wbem\cimwin32.dll - ok
05:57:31.0535 5640 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\WINDOWS\SysWOW64\dxtrans.dll
05:57:31.0535 5640 C:\WINDOWS\SysWOW64\dxtrans.dll - ok
05:57:31.0535 5640 [ 5228150A21E254A73677A0E74C80055D ] C:\Program Files (x86)\Intel\Bluetooth\Resources\fra.dll
05:57:31.0535 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\fra.dll - ok
05:57:31.0535 5640 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\WINDOWS\System32\dxtrans.dll
05:57:31.0535 5640 C:\WINDOWS\System32\dxtrans.dll - ok
05:57:31.0535 5640 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\WINDOWS\SysWOW64\framedynos.dll
05:57:31.0535 5640 C:\WINDOWS\SysWOW64\framedynos.dll - ok
05:57:31.0535 5640 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\WINDOWS\System32\drivers\mouhid.sys
05:57:31.0535 5640 C:\WINDOWS\System32\drivers\mouhid.sys - ok
05:57:31.0535 5640 [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
05:57:31.0535 5640 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
05:57:31.0550 5640 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\WINDOWS\SysWOW64\AltTab.dll
05:57:31.0550 5640 C:\WINDOWS\SysWOW64\AltTab.dll - ok
05:57:31.0550 5640 [ B64A1034060DB465099E729810AEA061 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\heb.dll
05:57:31.0550 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\heb.dll - ok
05:57:31.0550 5640 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\WINDOWS\System32\AltTab.dll
05:57:31.0550 5640 C:\WINDOWS\System32\AltTab.dll - ok
05:57:31.0550 5640 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\WINDOWS\System32\imgutil.dll
05:57:31.0550 5640 C:\WINDOWS\System32\imgutil.dll - ok
05:57:31.0550 5640 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\WINDOWS\SysWOW64\imgutil.dll
05:57:31.0550 5640 C:\WINDOWS\SysWOW64\imgutil.dll - ok
05:57:31.0550 5640 [ 46D4933E6B693661528AECCB800DB2BD ] C:\Program Files\Intel\WiFi\bin\DbEngine.dll
05:57:31.0550 5640 C:\Program Files\Intel\WiFi\bin\DbEngine.dll - ok
05:57:31.0550 5640 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
05:57:31.0550 5640 C:\WINDOWS\SysWOW64\WPDShServiceObj.dll - ok
05:57:31.0550 5640 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\WINDOWS\System32\WPDShServiceObj.dll
05:57:31.0550 5640 C:\WINDOWS\System32\WPDShServiceObj.dll - ok
05:57:31.0566 5640 [ BAB9EF9A340113666F678AA2474904B6 ] C:\WINDOWS\SysWOW64\ddrawex.dll
05:57:31.0566 5640 C:\WINDOWS\SysWOW64\ddrawex.dll - ok
05:57:31.0566 5640 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\WINDOWS\System32\ddrawex.dll
05:57:31.0566 5640 C:\WINDOWS\System32\ddrawex.dll - ok
05:57:31.0566 5640 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\WINDOWS\SysWOW64\pnidui.dll
05:57:31.0566 5640 C:\WINDOWS\SysWOW64\pnidui.dll - ok
05:57:31.0566 5640 [ BB3464FE0CE326AA096B424D583A017B ] C:\Program Files (x86)\Intel\Bluetooth\Resources\hun.dll
05:57:31.0566 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\hun.dll - ok
05:57:31.0566 5640 [ 198552AEFECA69D646867EC8D792DE95 ] C:\WINDOWS\SysWOW64\ddraw.dll
05:57:31.0566 5640 C:\WINDOWS\SysWOW64\ddraw.dll - ok
05:57:31.0566 5640 [ E6E271C5BCEADA7DE47B83B08B765A17 ] C:\WINDOWS\Branding\Basebrd\basebrd.dll
05:57:31.0566 5640 C:\WINDOWS\Branding\Basebrd\basebrd.dll - ok
05:57:31.0566 5640 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\WINDOWS\System32\ddraw.dll
05:57:31.0566 5640 C:\WINDOWS\System32\ddraw.dll - ok
05:57:31.0581 5640 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\WINDOWS\System32\pnidui.dll
05:57:31.0581 5640 C:\WINDOWS\System32\pnidui.dll - ok
05:57:31.0581 5640 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\WINDOWS\System32\drivers\fastfat.sys
05:57:31.0581 5640 C:\WINDOWS\System32\drivers\fastfat.sys - ok
05:57:31.0581 5640 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\WINDOWS\SysWOW64\dciman32.dll
05:57:31.0581 5640 C:\WINDOWS\SysWOW64\dciman32.dll - ok
05:57:31.0581 5640 [ 9A954CEF76F70B16B1C4730084DCF732 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\ita.dll
05:57:31.0581 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\ita.dll - ok
05:57:31.0581 5640 [ 29C22748937F45C26590909E9F8E7137 ] C:\WINDOWS\System32\dciman32.dll
05:57:31.0581 5640 C:\WINDOWS\System32\dciman32.dll - ok
05:57:31.0581 5640 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\WINDOWS\SysWOW64\eappcfg.dll
05:57:31.0581 5640 C:\WINDOWS\SysWOW64\eappcfg.dll - ok
05:57:31.0581 5640 [ 04A8B2F67825380BC0C7C46D56776133 ] C:\WINDOWS\SysWOW64\pngfilt.dll
05:57:31.0581 5640 C:\WINDOWS\SysWOW64\pngfilt.dll - ok
05:57:31.0581 5640 [ BD626EF05967D14C772B8096292731A3 ] C:\WINDOWS\SysWOW64\QUTIL.DLL
05:57:31.0581 5640 C:\WINDOWS\SysWOW64\QUTIL.DLL - ok
05:57:31.0597 5640 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\WINDOWS\System32\pngfilt.dll
05:57:31.0597 5640 C:\WINDOWS\System32\pngfilt.dll - ok
05:57:31.0597 5640 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\WINDOWS\System32\QUTIL.DLL
05:57:31.0597 5640 C:\WINDOWS\System32\QUTIL.DLL - ok
05:57:31.0597 5640 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\WINDOWS\SysWOW64\eappprxy.dll
05:57:31.0597 5640 C:\WINDOWS\SysWOW64\eappprxy.dll - ok
05:57:31.0597 5640 [ 13B4001B833150F04CE6B270E80E4871 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\jpn.dll
05:57:31.0597 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\jpn.dll - ok
05:57:31.0597 5640 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\WINDOWS\SysWOW64\wevtapi.dll
05:57:31.0597 5640 C:\WINDOWS\SysWOW64\wevtapi.dll - ok
05:57:31.0597 5640 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\WINDOWS\SysWOW64\browcli.dll
05:57:31.0597 5640 C:\WINDOWS\SysWOW64\browcli.dll - ok
05:57:31.0597 5640 [ 17BAEB8134CFA7942F5E31B8668D6764 ] C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui
05:57:31.0597 5640 C:\Program Files\Microsoft Security Client\en-us\MsMpRes.dll.mui - ok
05:57:31.0613 5640 [ 1F1F60D2D5D29A8C342182EBB88E3B43 ] C:\WINDOWS\SysWOW64\wbem\stdprov.dll
05:57:31.0613 5640 C:\WINDOWS\SysWOW64\wbem\stdprov.dll - ok
05:57:31.0613 5640 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\WINDOWS\SysWOW64\PortableDeviceTypes.dll
05:57:31.0613 5640 C:\WINDOWS\SysWOW64\PortableDeviceTypes.dll - ok
05:57:31.0613 5640 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\WINDOWS\System32\PortableDeviceTypes.dll
05:57:31.0613 5640 C:\WINDOWS\System32\PortableDeviceTypes.dll - ok
05:57:31.0613 5640 [ C2A9093E56551AACD417926F14F848E8 ] C:\WINDOWS\SysWOW64\msxml6r.dll
05:57:31.0613 5640 C:\WINDOWS\SysWOW64\msxml6r.dll - ok
05:57:31.0613 5640 [ 7F9B9908DE0AF3B8E6FEE4AE063A4FE0 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\kor.dll
05:57:31.0613 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\kor.dll - ok
05:57:31.0613 5640 [ 8BEC079A8FB4D1753984980902C0B6AD ] C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.DLL
05:57:31.0613 5640 C:\Program Files\Intel\WiFi\bin\LangResources\enu\PanTrENU.DLL - ok
05:57:31.0613 5640 [ 76EB0222590D5DCD050CF862237F414A ] C:\WINDOWS\SysWOW64\tdc.ocx
05:57:31.0613 5640 C:\WINDOWS\SysWOW64\tdc.ocx - ok
05:57:31.0628 5640 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
05:57:31.0628 5640 C:\Program Files\Internet Explorer\ieproxy.dll - ok
05:57:31.0628 5640 [ C6F4D03BAF96659E5A6B56EC66C4702E ] C:\Program Files (x86)\Intel\Bluetooth\Resources\nld.dll
05:57:31.0628 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\nld.dll - ok
05:57:31.0628 5640 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
05:57:31.0628 5640 C:\WINDOWS\SysWOW64\PortableDeviceApi.dll - ok
05:57:31.0628 5640 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\WINDOWS\SysWOW64\ActionCenter.dll
05:57:31.0628 5640 C:\WINDOWS\SysWOW64\ActionCenter.dll - ok
05:57:31.0628 5640 [ 36AAFCF1C7C030C834436EA003202A57 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\nor.dll
05:57:31.0628 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\nor.dll - ok
05:57:31.0628 5640 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\WINDOWS\System32\ActionCenter.dll
05:57:31.0628 5640 C:\WINDOWS\System32\ActionCenter.dll - ok
05:57:31.0628 5640 [ FD97807051658AE27799BE3A557D3776 ] C:\Program Files\DellTPad\ApntEx.exe
05:57:31.0628 5640 C:\Program Files\DellTPad\ApntEx.exe - ok
05:57:31.0628 5640 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\WINDOWS\SysWOW64\srchadmin.dll
05:57:31.0628 5640 C:\WINDOWS\SysWOW64\srchadmin.dll - ok
05:57:31.0644 5640 [ 8569E35D00F45972E506502EEE622BA4 ] C:\WINDOWS\System32\srchadmin.dll
05:57:31.0644 5640 C:\WINDOWS\System32\srchadmin.dll - ok
05:57:31.0644 5640 [ 86E29F1E293853628039AF8F4B72432A ] C:\Program Files (x86)\Intel\Bluetooth\Resources\plk.dll
05:57:31.0644 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\plk.dll - ok
05:57:31.0644 5640 [ 1B0E5412AB8F30B8ED2AEAC2C530EB90 ] C:\Program Files\DellTPad\hidfind.exe
05:57:31.0644 5640 C:\Program Files\DellTPad\hidfind.exe - ok
05:57:31.0644 5640 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\WINDOWS\SysWOW64\SearchIndexer.exe
05:57:31.0644 5640 C:\WINDOWS\SysWOW64\SearchIndexer.exe - ok
05:57:31.0644 5640 [ E7A339805B237AF4237AFFCDE5FF1AB5 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\ptb.dll
05:57:31.0644 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\ptb.dll - ok
05:57:31.0644 5640 [ 254EEFA92A3438879E2A80BD76B0378F ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
05:57:31.0644 5640 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
05:57:31.0644 5640 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\WINDOWS\SysWOW64\tquery.dll
05:57:31.0644 5640 C:\WINDOWS\SysWOW64\tquery.dll - ok
05:57:31.0659 5640 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\WINDOWS\System32\wbem\stdprov.dll
05:57:31.0659 5640 C:\WINDOWS\System32\wbem\stdprov.dll - ok
05:57:31.0659 5640 [ 0241CB16136B9A4939CA0395768AE286 ] C:\WINDOWS\SysWOW64\mssrch.dll
05:57:31.0659 5640 C:\WINDOWS\SysWOW64\mssrch.dll - ok
05:57:31.0659 5640 [ 2927F7FC0DB5AFCDE4F1E4F19AC74FA5 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\ptg.dll
05:57:31.0659 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\ptg.dll - ok
05:57:31.0659 5640 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\WINDOWS\SysWOW64\d3d9.dll
05:57:31.0659 5640 C:\WINDOWS\SysWOW64\d3d9.dll - ok
05:57:31.0659 5640 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\WINDOWS\SysWOW64\mssprxy.dll
05:57:31.0659 5640 C:\WINDOWS\SysWOW64\mssprxy.dll - ok
05:57:31.0659 5640 [ 1591CB4F5DA9A79C96DEB39352D650EE ] C:\Program Files (x86)\Intel\Bluetooth\Resources\rus.dll
05:57:31.0659 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\rus.dll - ok
05:57:31.0659 5640 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\WINDOWS\System32\d3d9.dll
05:57:31.0659 5640 C:\WINDOWS\System32\d3d9.dll - ok
05:57:31.0659 5640 [ E22B4E9891F5F502B276381BD1E02DD7 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\sve.dll
05:57:31.0659 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\sve.dll - ok
05:57:31.0675 5640 [ 77B1471A490B53B24EFE136F09F76550 ] C:\WINDOWS\SysWOW64\d3d8thk.dll
05:57:31.0675 5640 C:\WINDOWS\SysWOW64\d3d8thk.dll - ok
05:57:31.0675 5640 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\WINDOWS\System32\d3d8thk.dll
05:57:31.0675 5640 C:\WINDOWS\System32\d3d8thk.dll - ok
05:57:31.0675 5640 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\WINDOWS\System32\msxml3.dll
05:57:31.0675 5640 C:\WINDOWS\System32\msxml3.dll - ok
05:57:31.0675 5640 [ 02A2EFAA512BA45A2F4D86D0B56D2155 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\tha.dll
05:57:31.0675 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\tha.dll - ok
05:57:31.0675 5640 [ 4A73AB8412D3AA6CFAD24051FF9DBFA7 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
05:57:31.0675 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
05:57:31.0675 5640 [ 8BC51E8C935D5730E452B975FCE94C78 ] C:\Program Files\Windows Photo Viewer\PhotoBase.dll
05:57:31.0675 5640 C:\Program Files\Windows Photo Viewer\PhotoBase.dll - ok
05:57:31.0675 5640 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\WINDOWS\System32\FXSST.dll
05:57:31.0675 5640 C:\WINDOWS\System32\FXSST.dll - ok
05:57:31.0691 5640 [ 30967D55BFA2D7805C2045B001363E88 ] C:\Program Files (x86)\Intel\Bluetooth\Resources\trk.dll
05:57:31.0691 5640 C:\Program Files (x86)\Intel\Bluetooth\Resources\trk.dll - ok
05:57:31.0691 5640 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\WINDOWS\SysWOW64\FXSAPI.dll
05:57:31.0691 5640 C:\WINDOWS\SysWOW64\FXSAPI.dll - ok
05:57:31.0691 5640 [ 0E34B7BB1FCF22BCC1E394D16F9E992B ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
05:57:31.0691 5640 C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe - ok
05:57:31.0691 5640 [ 650CAEA856943E29F25A25D31E004B18 ] C:\WINDOWS\System32\FXSAPI.dll
05:57:31.0691 5640 C:\WINDOWS\System32\FXSAPI.dll - ok
05:57:31.0691 5640 [ F577910A133A592234EBAAD3F3AFA258 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
05:57:31.0691 5640 C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - ok
05:57:31.0691 5640 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\WINDOWS\System32\tquery.dll
05:57:31.0691 5640 C:\WINDOWS\System32\tquery.dll - ok
05:57:31.0691 5640 [ C4096CA42199428B3D63DC206C197F0E ] C:\WINDOWS\SysWOW64\FXSRESM.dll
05:57:31.0691 5640 C:\WINDOWS\SysWOW64\FXSRESM.dll - ok
05:57:31.0706 5640 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
05:57:31.0706 5640 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
05:57:31.0706 5640 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
05:57:31.0706 5640 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
05:57:31.0706 5640 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
05:57:31.0706 5640 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
05:57:31.0706 5640 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\WINDOWS\System32\bthprops.cpl
05:57:31.0706 5640 C:\WINDOWS\System32\bthprops.cpl - ok
05:57:31.0706 5640 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
05:57:31.0706 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
05:57:31.0706 5640 [ 140D9F911182357626165EA0BEB98C4F ] C:\WINDOWS\SysWOW64\ncsi.dll
05:57:31.0706 5640 C:\WINDOWS\SysWOW64\ncsi.dll - ok
05:57:31.0706 5640 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\WINDOWS\System32\mssrch.dll
05:57:31.0706 5640 C:\WINDOWS\System32\mssrch.dll - ok
05:57:31.0706 5640 [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\WINDOWS\SysWOW64\stdole2.tlb
05:57:31.0706 5640 C:\WINDOWS\SysWOW64\stdole2.tlb - ok
05:57:31.0722 5640 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\WINDOWS\System32\FXSSVC.exe
05:57:31.0722 5640 C:\WINDOWS\System32\FXSSVC.exe - ok
05:57:31.0722 5640 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
05:57:31.0722 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
05:57:31.0722 5640 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
05:57:31.0722 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
05:57:31.0722 5640 [ D39DA70FEA6BD713682F70635587DA9E ] C:\WINDOWS\SysWOW64\rasdlg.dll
05:57:31.0722 5640 C:\WINDOWS\SysWOW64\rasdlg.dll - ok
05:57:31.0722 5640 [ F6A4C495CF98D918AE290D1E87A8B97A ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
05:57:31.0722 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
05:57:31.0722 5640 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\WINDOWS\System32\msidle.dll
05:57:31.0722 5640 C:\WINDOWS\System32\msidle.dll - ok
05:57:31.0722 5640 [ D2155709E336C3BC15729EB87FEC6064 ] C:\WINDOWS\System32\rasdlg.dll
05:57:31.0722 5640 C:\WINDOWS\System32\rasdlg.dll - ok
05:57:31.0737 5640 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\WINDOWS\SysWOW64\KBDUS.DLL
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\KBDUS.DLL - ok
05:57:31.0737 5640 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\WINDOWS\SysWOW64\msidle.dll
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\msidle.dll - ok
05:57:31.0737 5640 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\WINDOWS\SysWOW64\mprapi.dll
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\mprapi.dll - ok
05:57:31.0737 5640 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
05:57:31.0737 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
05:57:31.0737 5640 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\WINDOWS\SysWOW64\rasapi32.dll
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\rasapi32.dll - ok
05:57:31.0737 5640 [ 3F50200237961034FACE602373838980 ] C:\WINDOWS\SysWOW64\FirewallAPI.dll
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\FirewallAPI.dll - ok
05:57:31.0737 5640 [ CE058AD307B80A5C0F2789E4EF43EEA3 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
05:57:31.0737 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
05:57:31.0737 5640 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\WINDOWS\SysWOW64\rasman.dll
05:57:31.0737 5640 C:\WINDOWS\SysWOW64\rasman.dll - ok
05:57:31.0753 5640 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\WINDOWS\SysWOW64\rtutils.dll
05:57:31.0753 5640 C:\WINDOWS\SysWOW64\rtutils.dll - ok
05:57:31.0753 5640 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\WINDOWS\System32\mssprxy.dll
05:57:31.0753 5640 C:\WINDOWS\System32\mssprxy.dll - ok
05:57:31.0753 5640 [ A1E6D51A4911CB972F8E62BF98B8D864 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll
05:57:31.0753 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ab54c04b3df40416205883b4049fe273\IAStorUtil.ni.dll - ok
05:57:31.0753 5640 [ 6383C60EC0133B14F5705F96369421B2 ] C:\WINDOWS\SysWOW64\hnetcfg.dll
05:57:31.0753 5640 C:\WINDOWS\SysWOW64\hnetcfg.dll - ok
05:57:31.0753 5640 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
05:57:31.0753 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
05:57:31.0753 5640 [ 99A3716D6114F48DD9066CE70FE8380C ] C:\Program Files\Windows Photo Viewer\ImagingEngine.dll
05:57:31.0753 5640 C:\Program Files\Windows Photo Viewer\ImagingEngine.dll - ok
05:57:31.0753 5640 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\WINDOWS\SysWOW64\en-US\tquery.dll.mui
05:57:31.0753 5640 C:\WINDOWS\SysWOW64\en-US\tquery.dll.mui - ok
05:57:31.0769 5640 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
05:57:31.0769 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
05:57:31.0769 5640 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\WINDOWS\System32\en-US\tquery.dll.mui
05:57:31.0769 5640 C:\WINDOWS\System32\en-US\tquery.dll.mui - ok
05:57:31.0769 5640 [ E43D73CAF1023976EFBA1D0F0E69E271 ] C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
05:57:31.0769 5640 C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe - ok
05:57:31.0769 5640 [ 7F8678C59F188528D60104E697C2361E ] C:\WINDOWS\SysWOW64\mscms.dll
05:57:31.0769 5640 C:\WINDOWS\SysWOW64\mscms.dll - ok
05:57:31.0769 5640 [ 04B88428A872390D235BE52D38A9D4EF ] C:\WINDOWS\SysWOW64\dot3api.dll
05:57:31.0769 5640 C:\WINDOWS\SysWOW64\dot3api.dll - ok
05:57:31.0769 5640 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\WINDOWS\System32\dot3api.dll
05:57:31.0769 5640 C:\WINDOWS\System32\dot3api.dll - ok
05:57:31.0769 5640 [ 13337A3FB17F2242487FD45488ED0485 ] C:\WINDOWS\SysWOW64\vssapi.dll
05:57:31.0769 5640 C:\WINDOWS\SysWOW64\vssapi.dll - ok
05:57:31.0784 5640 [ 8063046AA70B97CA9985672B8848FB2E ] C:\WINDOWS\SysWOW64\wlanhlp.dll
05:57:31.0784 5640 C:\WINDOWS\SysWOW64\wlanhlp.dll - ok
05:57:31.0784 5640 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
05:57:31.0784 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
05:57:31.0784 5640 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\WINDOWS\System32\wlanhlp.dll
05:57:31.0784 5640 C:\WINDOWS\System32\wlanhlp.dll - ok
05:57:31.0784 5640 [ 4EC734D688ACD424A5133113B60B15F7 ] C:\WINDOWS\System32\igdumd64.dll
05:57:31.0784 5640 C:\WINDOWS\System32\igdumd64.dll - ok
05:57:31.0784 5640 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\WINDOWS\SysWOW64\webcheck.dll
05:57:31.0784 5640 C:\WINDOWS\SysWOW64\webcheck.dll - ok
05:57:31.0784 5640 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
05:57:31.0784 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
05:57:31.0784 5640 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\WINDOWS\System32\webcheck.dll
05:57:31.0784 5640 C:\WINDOWS\System32\webcheck.dll - ok
05:57:31.0800 5640 [ B940289C83121046BD6A60ACC6028593 ] C:\WINDOWS\SysWOW64\vsstrace.dll
05:57:31.0800 5640 C:\WINDOWS\SysWOW64\vsstrace.dll - ok
05:57:31.0800 5640 [ 141E93B169B4B08C1F0121A1FB375F90 ] C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.0.2.26\SetupAdmin.exe
05:57:31.0800 5640 C:\ProgramData\Apple Computer\Installer Cache\iTunes 11.0.2.26\SetupAdmin.exe - ok
05:57:31.0800 5640 [ A0617B5753E31126AD29C03154F4F329 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
05:57:31.0800 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
05:57:31.0800 5640 [ 0966BBFD98EB7EDDE999B6739B8B449A ] C:\WINDOWS\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
05:57:31.0800 5640 C:\WINDOWS\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
05:57:31.0800 5640 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\WINDOWS\System32\ieframe.dll
05:57:31.0800 5640 C:\WINDOWS\System32\ieframe.dll - ok
05:57:31.0800 5640 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\WINDOWS\SysWOW64\icm32.dll
05:57:31.0800 5640 C:\WINDOWS\SysWOW64\icm32.dll - ok
05:57:31.0800 5640 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
05:57:31.0800 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
05:57:31.0800 5640 [ E1AC89F6C5252057E6062843E36A6701 ] C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
05:57:31.0800 5640 C:\WINDOWS\SysWOW64\SearchProtocolHost.exe - ok
05:57:31.0815 5640 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\WINDOWS\System32\SearchProtocolHost.exe
05:57:31.0815 5640 C:\WINDOWS\System32\SearchProtocolHost.exe - ok
05:57:31.0815 5640 [ 1D296F090ED401967B30BD2B970DC306 ] C:\WINDOWS\System32\icm32.dll
05:57:31.0815 5640 C:\WINDOWS\System32\icm32.dll - ok
05:57:31.0815 5640 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
05:57:31.0815 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
05:57:31.0815 5640 [ 62A6EB5771580CAE445804389F3F7432 ] C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
05:57:31.0815 5640 C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll - ok
05:57:31.0815 5640 [ 8ADBD72F4DC0EB90CFD37763BE3ECB27 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll
05:57:31.0815 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\1033\cscompui.dll - ok
05:57:31.0815 5640 [ F1C19F0AA151B90A7416FA1D50DDB582 ] C:\WINDOWS\System32\WindowsCodecsExt.dll
05:57:31.0815 5640 C:\WINDOWS\System32\WindowsCodecsExt.dll - ok
05:57:31.0815 5640 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\WINDOWS\SysWOW64\msshooks.dll
05:57:31.0815 5640 C:\WINDOWS\SysWOW64\msshooks.dll - ok
05:57:31.0831 5640 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
05:57:31.0831 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
05:57:31.0831 5640 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\WINDOWS\System32\msshooks.dll
05:57:31.0831 5640 C:\WINDOWS\System32\msshooks.dll - ok
05:57:31.0831 5640 [ 5259D6B68ABB8253792458FE94D9D006 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll
05:57:31.0831 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorlib.dll - ok
05:57:31.0831 5640 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\WINDOWS\SysWOW64\SearchFilterHost.exe
05:57:31.0831 5640 C:\WINDOWS\SysWOW64\SearchFilterHost.exe - ok
05:57:31.0831 5640 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\WINDOWS\SysWOW64\mlang.dll
05:57:31.0831 5640 C:\WINDOWS\SysWOW64\mlang.dll - ok
05:57:31.0831 5640 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\WINDOWS\System32\SearchFilterHost.exe
05:57:31.0831 5640 C:\WINDOWS\System32\SearchFilterHost.exe - ok
05:57:31.0831 5640 [ 85B757B3EFCD1393543EC8E2EC17A15F ] C:\Program Files\CCleaner\CCleaner64.exe
05:57:31.0831 5640 C:\Program Files\CCleaner\CCleaner64.exe - ok
05:57:31.0847 5640 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
05:57:31.0847 5640 C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
05:57:31.0847 5640 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\WINDOWS\System32\mlang.dll
05:57:31.0847 5640 C:\WINDOWS\System32\mlang.dll - ok
05:57:31.0847 5640 [ E955300DF949977878C705EC8681009A ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
05:57:31.0847 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
05:57:31.0847 5640 [ 5C6B7132835A59DD310CB0D06827A0A6 ] C:\WINDOWS\SysWOW64\en-US\nci.dll.mui
05:57:31.0847 5640 C:\WINDOWS\SysWOW64\en-US\nci.dll.mui - ok
05:57:31.0847 5640 [ 2D7434EE1C4AA6FE0F26F2CD2C221EA2 ] C:\WINDOWS\SysWOW64\en-US\ddraw.dll.mui
05:57:31.0847 5640 C:\WINDOWS\SysWOW64\en-US\ddraw.dll.mui - ok
05:57:31.0847 5640 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\WINDOWS\SysWOW64\SyncCenter.dll
05:57:31.0847 5640 C:\WINDOWS\SysWOW64\SyncCenter.dll - ok
05:57:31.0847 5640 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
05:57:31.0847 5640 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
05:57:31.0847 5640 [ DB67C7C62038BDE813CB6486581A7611 ] C:\WINDOWS\SysWOW64\mssph.dll
05:57:31.0847 5640 C:\WINDOWS\SysWOW64\mssph.dll - ok
05:57:31.0862 5640 [ 101797BA603D227946B4B5109867EB19 ] C:\WINDOWS\System32\SyncCenter.dll
05:57:31.0862 5640 C:\WINDOWS\System32\SyncCenter.dll - ok
05:57:31.0862 5640 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\WINDOWS\System32\mssph.dll
05:57:31.0862 5640 C:\WINDOWS\System32\mssph.dll - ok
05:57:31.0862 5640 [ 12395E528456DFE82979ACFEA96D290C ] C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui
05:57:31.0862 5640 C:\Program Files\Windows Media Player\en-US\wmpnscfg.exe.mui - ok
05:57:31.0862 5640 [ ED797D8DC2C92401985D162E42FFA450 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
05:57:31.0862 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
05:57:31.0862 5640 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
05:57:31.0862 5640 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
05:57:31.0862 5640 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\WINDOWS\SysWOW64\mapi32.dll
05:57:31.0862 5640 C:\WINDOWS\SysWOW64\mapi32.dll - ok
05:57:31.0862 5640 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\WINDOWS\System32\mapi32.dll
05:57:31.0862 5640 C:\WINDOWS\System32\mapi32.dll - ok
05:57:31.0878 5640 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\WINDOWS\SysWOW64\wmp.dll
05:57:31.0878 5640 C:\WINDOWS\SysWOW64\wmp.dll - ok
05:57:31.0878 5640 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\WINDOWS\SysWOW64\authz.dll
05:57:31.0878 5640 C:\WINDOWS\SysWOW64\authz.dll - ok
05:57:31.0878 5640 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\WINDOWS\SysWOW64\shfolder.dll
05:57:31.0878 5640 C:\WINDOWS\SysWOW64\shfolder.dll - ok
05:57:31.0878 5640 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\WINDOWS\SysWOW64\imapi2.dll
05:57:31.0878 5640 C:\WINDOWS\SysWOW64\imapi2.dll - ok
05:57:31.0878 5640 [ 8189D2FDFF0BA4F507834FCD34422DE5 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
05:57:31.0878 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
05:57:31.0878 5640 [ 715C62B9A059001BFA2A0224F4691AFD ] C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
05:57:31.0878 5640 C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe - ok
05:57:31.0878 5640 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\WINDOWS\SysWOW64\wmploc.DLL
05:57:31.0878 5640 C:\WINDOWS\SysWOW64\wmploc.DLL - ok
05:57:31.0878 5640 [ 8130391F82D52D36C0441F714136957F ] C:\WINDOWS\System32\imapi2.dll
05:57:31.0878 5640 C:\WINDOWS\System32\imapi2.dll - ok
05:57:31.0893 5640 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\WINDOWS\SysWOW64\dsound.dll
05:57:31.0893 5640 C:\WINDOWS\SysWOW64\dsound.dll - ok
05:57:31.0893 5640 [ 7717F84F483002815490033BF069DABD ] C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
05:57:31.0893 5640 C:\WINDOWS\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
05:57:31.0893 5640 [ 199880EC3D0032F70353B82233323623 ] C:\Program Files (x86)\QvodPlayer\QvodStatistic.dll
05:57:31.0893 5640 C:\Program Files (x86)\QvodPlayer\QvodStatistic.dll - ok
05:57:31.0893 5640 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\WINDOWS\SysWOW64\WWanAPI.dll
05:57:31.0893 5640 C:\WINDOWS\SysWOW64\WWanAPI.dll - ok
05:57:31.0893 5640 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\WINDOWS\SysWOW64\pcwum.dll
05:57:31.0893 5640 C:\WINDOWS\SysWOW64\pcwum.dll - ok
05:57:31.0893 5640 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\WINDOWS\System32\WWanAPI.dll
05:57:31.0893 5640 C:\WINDOWS\System32\WWanAPI.dll - ok
05:57:31.0893 5640 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\WINDOWS\SysWOW64\wwapi.dll
05:57:31.0893 5640 C:\WINDOWS\SysWOW64\wwapi.dll - ok
05:57:31.0909 5640 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\WINDOWS\System32\wwapi.dll
05:57:31.0909 5640 C:\WINDOWS\System32\wwapi.dll - ok
05:57:31.0909 5640 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\WINDOWS\SysWOW64\wmdrmdev.dll
05:57:31.0909 5640 C:\WINDOWS\SysWOW64\wmdrmdev.dll - ok
05:57:31.0909 5640 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\WINDOWS\SysWOW64\QAGENT.DLL
05:57:31.0909 5640 C:\WINDOWS\SysWOW64\QAGENT.DLL - ok
05:57:31.0909 5640 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\WINDOWS\SysWOW64\drmv2clt.dll
05:57:31.0909 5640 C:\WINDOWS\SysWOW64\drmv2clt.dll - ok
05:57:31.0909 5640 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\WINDOWS\System32\QAGENT.DLL
05:57:31.0909 5640 C:\WINDOWS\System32\QAGENT.DLL - ok
05:57:31.0909 5640 [ 885450CE44F8DC905203FCCC6E51784F ] C:\Program Files (x86)\QvodPlayer\QvodRes.dll
05:57:31.0909 5640 C:\Program Files (x86)\QvodPlayer\QvodRes.dll - ok
05:57:31.0909 5640 [ C7952D0A4C43A965A1741916BB134751 ] C:\WINDOWS\SysWOW64\hgcpl.dll
05:57:31.0909 5640 C:\WINDOWS\SysWOW64\hgcpl.dll - ok
05:57:31.0909 5640 [ 01C7F6D51C93148D2B74B34C4D29FD0E ] C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui
05:57:31.0909 5640 C:\Program Files\Windows Media Player\en-US\wmpnetwk.exe.mui - ok
05:57:31.0925 5640 [ C3670CD073CAF4866F600CDA2E8CD0E5 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
05:57:31.0925 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll - ok
05:57:31.0925 5640 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\WINDOWS\System32\hgcpl.dll
05:57:31.0925 5640 C:\WINDOWS\System32\hgcpl.dll - ok
05:57:31.0925 5640 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\WINDOWS\SysWOW64\mfplat.dll
05:57:31.0925 5640 C:\WINDOWS\SysWOW64\mfplat.dll - ok
05:57:31.0925 5640 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
05:57:31.0925 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
05:57:31.0925 5640 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\WINDOWS\SysWOW64\provsvc.dll
05:57:31.0925 5640 C:\WINDOWS\SysWOW64\provsvc.dll - ok
05:57:31.0925 5640 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\WINDOWS\SysWOW64\blackbox.dll
05:57:31.0925 5640 C:\WINDOWS\SysWOW64\blackbox.dll - ok
05:57:31.0925 5640 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\WINDOWS\SysWOW64\upnp.dll
05:57:31.0925 5640 C:\WINDOWS\SysWOW64\upnp.dll - ok
05:57:31.0940 5640 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\WINDOWS\SysWOW64\ssdpapi.dll
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\ssdpapi.dll - ok
05:57:31.0940 5640 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\WINDOWS\SysWOW64\wmpps.dll
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\wmpps.dll - ok
05:57:31.0940 5640 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\WINDOWS\SysWOW64\wmpmde.dll
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\wmpmde.dll - ok
05:57:31.0940 5640 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\WINDOWS\SysWOW64\httpapi.dll
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\httpapi.dll - ok
05:57:31.0940 5640 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\WINDOWS\SysWOW64\WinSATAPI.dll
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\WinSATAPI.dll - ok
05:57:31.0940 5640 [ 13F728C9310A50E8163DF02046632C7F ] C:\Program Files (x86)\QvodPlayer\QvodMon.exe
05:57:31.0940 5640 C:\Program Files (x86)\QvodPlayer\QvodMon.exe - ok
05:57:31.0940 5640 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
05:57:31.0940 5640 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
05:57:31.0940 5640 [ 330A6E9A4A6FA657EBB094FCD82EFA9D ] C:\WINDOWS\SysWOW64\en-US\WinSATAPI.dll.mui
05:57:31.0940 5640 C:\WINDOWS\SysWOW64\en-US\WinSATAPI.dll.mui - ok
05:57:31.0956 5640 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
05:57:31.0956 5640 C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL - ok
05:57:31.0956 5640 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
05:57:31.0956 5640 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
05:57:31.0956 5640 [ 7069AAB8536F29ED7323140973A2894B ] C:\WINDOWS\SysWOW64\msdmo.dll
05:57:31.0956 5640 C:\WINDOWS\SysWOW64\msdmo.dll - ok
05:57:31.0956 5640 [ 03AA82C3772DE28C96E4C83A4A07AF61 ] C:\WINDOWS\SysWOW64\en-US\FirewallAPI.dll.mui
05:57:31.0956 5640 C:\WINDOWS\SysWOW64\en-US\FirewallAPI.dll.mui - ok
05:57:31.0956 5640 [ 423982DD851406A52B6399DDB196C606 ] C:\WINDOWS\System32\wmdrmdev.dll
05:57:31.0956 5640 C:\WINDOWS\System32\wmdrmdev.dll - ok
05:57:31.0956 5640 [ 2C1055E2C6D42753241FB2A129136994 ] C:\WINDOWS\System32\drmv2clt.dll
05:57:31.0956 5640 C:\WINDOWS\System32\drmv2clt.dll - ok
05:57:31.0956 5640 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\WINDOWS\SysWOW64\fdWSD.dll
05:57:31.0956 5640 C:\WINDOWS\SysWOW64\fdWSD.dll - ok
05:57:31.0971 5640 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\WINDOWS\System32\blackbox.dll
05:57:31.0971 5640 C:\WINDOWS\System32\blackbox.dll - ok
05:57:31.0971 5640 [ 171D7DB433314A868507C4326E8209DC ] C:\WINDOWS\System32\fdWSD.dll
05:57:31.0971 5640 C:\WINDOWS\System32\fdWSD.dll - ok
05:57:31.0971 5640 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\WINDOWS\System32\upnp.dll
05:57:31.0971 5640 C:\WINDOWS\System32\upnp.dll - ok
05:57:31.0971 5640 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\WINDOWS\SysWOW64\WSDApi.dll
05:57:31.0971 5640 C:\WINDOWS\SysWOW64\WSDApi.dll - ok
05:57:31.0971 5640 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\WINDOWS\SysWOW64\webservices.dll
05:57:31.0971 5640 C:\WINDOWS\SysWOW64\webservices.dll - ok
05:57:31.0971 5640 [ 674611721264013DB169EC12AFC9C3B6 ] C:\WINDOWS\SysWOW64\fdSSDP.dll
05:57:31.0971 5640 C:\WINDOWS\SysWOW64\fdSSDP.dll - ok
05:57:31.0971 5640 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\WINDOWS\System32\fdSSDP.dll
05:57:31.0971 5640 C:\WINDOWS\System32\fdSSDP.dll - ok
05:57:31.0971 5640 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\WINDOWS\SysWOW64\fundisc.dll
05:57:31.0971 5640 C:\WINDOWS\SysWOW64\fundisc.dll - ok
05:57:31.0987 5640 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\WINDOWS\System32\wmp.dll
05:57:31.0987 5640 C:\WINDOWS\System32\wmp.dll - ok
05:57:31.0987 5640 [ 3FF0FA0A81910617739644A06D06D016 ] C:\WINDOWS\SysWOW64\fdProxy.dll
05:57:31.0987 5640 C:\WINDOWS\SysWOW64\fdProxy.dll - ok
05:57:31.0987 5640 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\WINDOWS\System32\fdProxy.dll
05:57:31.0987 5640 C:\WINDOWS\System32\fdProxy.dll - ok
05:57:31.0987 5640 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\WINDOWS\SysWOW64\P2P.dll
05:57:31.0987 5640 C:\WINDOWS\SysWOW64\P2P.dll - ok
05:57:31.0987 5640 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\WINDOWS\System32\IdListen.dll
05:57:31.0987 5640 C:\WINDOWS\System32\IdListen.dll - ok
05:57:31.0987 5640 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\WINDOWS\System32\P2P.dll
05:57:31.0987 5640 C:\WINDOWS\System32\P2P.dll - ok
05:57:31.0987 5640 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\WINDOWS\System32\hgprint.dll
05:57:31.0987 5640 C:\WINDOWS\System32\hgprint.dll - ok
05:57:31.0987 5640 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\WINDOWS\SysWOW64\p2pcollab.dll
05:57:31.0987 5640 C:\WINDOWS\SysWOW64\p2pcollab.dll - ok
05:57:32.0003 5640 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\WINDOWS\SysWOW64\svchost.exe
05:57:32.0003 5640 C:\WINDOWS\SysWOW64\svchost.exe - ok
05:57:32.0003 5640 [ 1372E8E8FD066002131E3D509275E697 ] C:\WINDOWS\SysWOW64\P2PGraph.dll
05:57:32.0003 5640 C:\WINDOWS\SysWOW64\P2PGraph.dll - ok
05:57:32.0003 5640 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\WINDOWS\SysWOW64\sqmapi.dll
05:57:32.0003 5640 C:\WINDOWS\SysWOW64\sqmapi.dll - ok
05:57:32.0003 5640 [ DA4F4927E92DC21B14A42EE59F7038D4 ] C:\WINDOWS\SysWOW64\en-US\dnsapi.dll.mui
05:57:32.0003 5640 C:\WINDOWS\SysWOW64\en-US\dnsapi.dll.mui - ok
05:57:32.0003 5640 [ 937FE1D6BBD29A35139746E93806D7EF ] C:\WINDOWS\System32\en-US\p2psvc.dll.mui
05:57:32.0003 5640 C:\WINDOWS\System32\en-US\p2psvc.dll.mui - ok
05:57:32.0003 5640 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\WINDOWS\System32\P2PGraph.dll
05:57:32.0003 5640 C:\WINDOWS\System32\P2PGraph.dll - ok
05:57:32.0003 5640 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\WINDOWS\System32\wmploc.DLL
05:57:32.0003 5640 C:\WINDOWS\System32\wmploc.DLL - ok
05:57:32.0003 5640 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\WINDOWS\System32\wmpps.dll
05:57:32.0003 5640 C:\WINDOWS\System32\wmpps.dll - ok
05:57:32.0018 5640 [ F149E8CAE538DBF7059B00326673F602 ] C:\WINDOWS\System32\wmpmde.dll
05:57:32.0018 5640 C:\WINDOWS\System32\wmpmde.dll - ok
05:57:32.0018 5640 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\WINDOWS\System32\WinSATAPI.dll
05:57:32.0018 5640 C:\WINDOWS\System32\WinSATAPI.dll - ok
05:57:32.0018 5640 [ AF78F66116814FDD6677CEBD73035CDD ] C:\WINDOWS\SysWOW64\schannel.dll
05:57:32.0018 5640 C:\WINDOWS\SysWOW64\schannel.dll - ok
05:57:32.0018 5640 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\WINDOWS\System32\MSMPEG2ENC.DLL
05:57:32.0018 5640 C:\WINDOWS\System32\MSMPEG2ENC.DLL - ok
05:57:32.0018 5640 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\WINDOWS\SysWOW64\dssenh.dll
05:57:32.0018 5640 C:\WINDOWS\SysWOW64\dssenh.dll - ok
05:57:32.0018 5640 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\WINDOWS\System32\dssenh.dll
05:57:32.0018 5640 C:\WINDOWS\System32\dssenh.dll - ok
05:57:32.0018 5640 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\WINDOWS\SysWOW64\devenum.dll
05:57:32.0018 5640 C:\WINDOWS\SysWOW64\devenum.dll - ok
05:57:32.0034 5640 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\WINDOWS\System32\devenum.dll
05:57:32.0034 5640 C:\WINDOWS\System32\devenum.dll - ok
05:57:32.0034 5640 [ 833FBB672460EFCE8011D262175FAD33 ] C:\WINDOWS\SysWOW64\upnphost.dll
05:57:32.0034 5640 C:\WINDOWS\SysWOW64\upnphost.dll - ok
05:57:32.0034 5640 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\WINDOWS\SysWOW64\udhisapi.dll
05:57:32.0034 5640 C:\WINDOWS\SysWOW64\udhisapi.dll - ok
05:57:32.0034 5640 [ 71E68F2443A80BD4DA89181889C457EA ] C:\WINDOWS\System32\udhisapi.dll
05:57:32.0034 5640 C:\WINDOWS\System32\udhisapi.dll - ok
05:57:32.0034 5640 [ D6692338B985D4A0CA52B828314D897D ] C:\WINDOWS\SysWOW64\drprov.dll
05:57:32.0034 5640 C:\WINDOWS\SysWOW64\drprov.dll - ok
05:57:32.0034 5640 [ 5F639198C4137075DA50E61C23963C11 ] C:\WINDOWS\System32\drprov.dll
05:57:32.0034 5640 C:\WINDOWS\System32\drprov.dll - ok
05:57:32.0034 5640 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\WINDOWS\SysWOW64\ntlanman.dll
05:57:32.0034 5640 C:\WINDOWS\SysWOW64\ntlanman.dll - ok
05:57:32.0034 5640 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\WINDOWS\System32\ntlanman.dll
05:57:32.0034 5640 C:\WINDOWS\System32\ntlanman.dll - ok
05:57:32.0049 5640 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\WINDOWS\SysWOW64\davclnt.dll
05:57:32.0049 5640 C:\WINDOWS\SysWOW64\davclnt.dll - ok
05:57:32.0049 5640 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\WINDOWS\System32\davclnt.dll
05:57:32.0049 5640 C:\WINDOWS\System32\davclnt.dll - ok
05:57:32.0049 5640 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\WINDOWS\SysWOW64\davhlpr.dll
05:57:32.0049 5640 C:\WINDOWS\SysWOW64\davhlpr.dll - ok
05:57:32.0049 5640 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\WINDOWS\System32\davhlpr.dll
05:57:32.0049 5640 C:\WINDOWS\System32\davhlpr.dll - ok
05:57:32.0049 5640 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\WINDOWS\SysWOW64\drttransport.dll
05:57:32.0049 5640 C:\WINDOWS\SysWOW64\drttransport.dll - ok
05:57:32.0049 5640 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\WINDOWS\System32\drttransport.dll
05:57:32.0049 5640 C:\WINDOWS\System32\drttransport.dll - ok
05:57:32.0049 5640 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\WINDOWS\SysWOW64\drt.dll
05:57:32.0049 5640 C:\WINDOWS\SysWOW64\drt.dll - ok
05:57:32.0065 5640 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\WINDOWS\System32\drt.dll
05:57:32.0065 5640 C:\WINDOWS\System32\drt.dll - ok
05:57:32.0065 5640 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
05:57:32.0065 5640 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
05:57:32.0065 5640 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
05:57:32.0065 5640 C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
05:57:32.0065 5640 [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
05:57:32.0065 5640 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
05:57:32.0065 5640 [ 8FFF9083252C16FE3960173722605E9E ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
05:57:32.0065 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
05:57:32.0065 5640 [ 759AD41B5EA72D1B268681F2854053BC ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
05:57:32.0065 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
05:57:32.0065 5640 [ DF43B7C577FD1561B9002B2B55AC22AB ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\88cc978bbecb34e9fa7ee1e078f4c755\IAStorDataMgrSvc.ni.exe
05:57:32.0065 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\88cc978bbecb34e9fa7ee1e078f4c755\IAStorDataMgrSvc.ni.exe - ok
05:57:32.0081 5640 [ 7765680E25E329708CB034B180CF9FCD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
05:57:32.0081 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll - ok
05:57:32.0081 5640 [ 8656FE7DE569ED2DE1E1AD88F9668A38 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
05:57:32.0081 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
05:57:32.0081 5640 [ CD23EC224D53A2CB562818163688CEBD ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ac841a56fec73c5084368c12e86a641d\IAStorDataMgr.ni.dll
05:57:32.0081 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ac841a56fec73c5084368c12e86a641d\IAStorDataMgr.ni.dll - ok
05:57:32.0081 5640 [ ADF4F7F8A8342CBCCC1F44BB4988DE69 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\955913dda3b983010042d291163ac01c\IsdiInterop.ni.dll
05:57:32.0081 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IsdiInterop\955913dda3b983010042d291163ac01c\IsdiInterop.ni.dll - ok
05:57:32.0081 5640 [ DC9C8D03A73CD0737E9BAE341BDC3BB4 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
05:57:32.0081 5640 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
05:57:32.0081 5640 [ D34A527493F39AF4491B3E909DC697CA ] C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
05:57:32.0081 5640 C:\WINDOWS\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
05:57:32.0081 5640 [ 1A1AD07741376454410B61AF233862B3 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll
05:57:32.0096 5640 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorrc.dll - ok
05:57:32.0096 5640 [ FBA4773ECFEFFC6566FB2AD13CEC4940 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
05:57:32.0096 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll - ok
05:57:32.0096 5640 [ FD66847402279E051CE39A4E016FA2C2 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll
05:57:32.0096 5640 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4d6518ef6ae8d6f005c49ab1c86de7fe\IAStorCommon.ni.dll - ok
05:57:32.0096 5640 [ 0803906D607A9B83184447B75B60ECC2 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
05:57:32.0096 5640 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
05:57:32.0096 5640 [ 84E035225474E48CD3A6A3CE52332095 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
05:57:32.0096 5640 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe - ok
05:57:32.0096 5640 [ B5B2896034D8ADEBD79E0C281B52508F ] C:\WINDOWS\AppPatch\AcGenral.dll
05:57:32.0096 5640 C:\WINDOWS\AppPatch\AcGenral.dll - ok
05:57:32.0096 5640 [ D047A7918EBE38B4E957C47E1C1CD00D ] C:\ProgramData\NVIDIA\Updatus\Packages\00000000\updatus.15212173_RUNASUSER.exe
05:57:32.0096 5640 C:\ProgramData\NVIDIA\Updatus\Packages\00000000\updatus.15212173_RUNASUSER.exe - ok
05:57:32.0112 5640 [ F66726ADBCC20A2D1D6B31476B9BCA63 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
05:57:32.0112 5640 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe - ok
05:57:32.0112 5640 ============================================================
05:57:32.0112 5640 Scan finished
05:57:32.0112 5640 ============================================================
05:57:32.0112 5624 Detected object count: 5
05:57:32.0112 5624 Actual detected object count: 5
05:58:11.0829 5624 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
05:58:11.0829 5624 Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:58:11.0829 5624 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:58:11.0829 5624 Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:58:11.0829 5624 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
05:58:11.0829 5624 Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:58:11.0829 5624 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
05:58:11.0829 5624 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:58:11.0829 5624 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
05:58:11.0829 5624 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
05:58:28.0817 3476 Deinitialize success




MBAR Log:


Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org

Database version: v2013.03.30.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wyatt :: WYATT-PC [administrator]

3/31/2013 6:10:55 AM
mbar-log-2013-03-31 (06-10-55).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30261
Time elapsed: 7 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

Advertisements


#11
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

I've also found that after all of the scans, clean ups and deletions, the hao123.com is somehow still in my registry.

Please visit this link to see it in picture:

http://screencast.com/t/CEhp9Nxtvwq

Is it the virus/malware somewhat cannot be terminated or something?
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


is it still in IE?
  • 0

#13
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

Yes, it's still in IE....

Thanks.
  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello WyffGoaL

first I would like you to go here and click on the fixit button - http://support.microsoft.com/kb/923737


Then I want you to do the following

  • Start Internet Explorer.
  • click on "safety"
  • click on "Delete Browsing History"
  • make sure all boxes are checked
  • click on "Delete"
  • click on "Tools",
  • click "Internet Options".
  • On the "Advanced" tab, click "Reset"
  • put a check mark next to "Delete Personal Settings"
  • click "Reset" to confirm
  • when complete click the "Close" button
  • restart IE


Gringo
  • 0

#15
WyffGoaL

WyffGoaL

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts
Hi Gringo,

It's still here after doing this again...

Please see the screenshot below:

http://screencast.com/t/Zhj8WbagY

Thanks.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP