Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Arestocrat virus/malware refuses to be removed [Solved]


  • This topic is locked This topic is locked

#1
fenrir818

fenrir818

    Member

  • Member
  • PipPip
  • 11 posts
This site seems to be the only place where people have reported it and have had it resolved. Basically it blocks my entire screen with a window telling me to go buy a software and pay them hundreds of dollars to release my computer. Any help whatsoever is much appreciated.

Edit: My apologies, I forgot to mention that my computer's OS is Windows 7 home premium.

OTL.txt file:

OTL logfile created on: 4/8/2013 8:04:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fafnir\Documents\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 6.98 Gb Available Physical Memory | 88.41% Memory free
15.79 Gb Paging File | 14.92 Gb Available in Paging File | 94.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922.32 Gb Total Space | 478.36 Gb Free Space | 51.86% Space Free | Partition Type: NTFS
Drive D: | 8.73 Gb Total Space | 8.49 Gb Free Space | 97.17% Space Free | Partition Type: NTFS

Computer Name: FAFNIR-GAMEPC | User Name: Fafnir | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/08 20:02:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fafnir\My Documents\OTL\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2011/12/15 07:36:08 | 000,014,664 | ---- | M] (Alienware) [Auto | Stopped] -- C:\Program Files\Alienware\Command Center\AlienFusionService.exe -- (AlienFusionService)
SRV:64bit: - [2011/09/27 12:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010/10/26 14:24:36 | 000,403,536 | ---- | M] (Logitech, Inc.) [Auto | Stopped] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV:64bit: - [2009/11/17 19:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Stopped] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/28 22:19:58 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/14 13:58:00 | 004,694,056 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2013/03/12 12:37:34 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 16:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/18 07:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/12/14 02:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/08/13 14:07:03 | 000,107,520 | ---- | M] () [Auto | Stopped] -- C:\Users\Fafnir\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe -- (DefaultTabUpdate)
SRV - [2012/07/01 20:05:37 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012/06/28 20:37:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/06/28 17:44:30 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/10/04 17:42:30 | 000,076,800 | ---- | M] (Micro-Star Int'l Co., Ltd.) [Auto | Stopped] -- c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe -- (MSI_ODD_Service)
SRV - [2010/03/18 10:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/12/09 02:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/26 15:38:00 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/10 15:12:24 | 000,312,480 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2012/07/10 15:12:24 | 000,043,168 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2012/05/21 06:10:51 | 000,188,776 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012/04/19 16:00:55 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012/04/19 16:00:55 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/10 18:04:14 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/10/20 04:14:54 | 000,291,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2011/10/20 01:20:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/09/15 12:15:00 | 000,216,064 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV:64bit: - [2011/09/15 12:14:58 | 000,100,352 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3hub.sys -- (rusb3hub)
DRV:64bit: - [2011/09/01 23:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011/09/01 23:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011/09/01 23:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011/09/01 23:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011/07/26 12:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/06/10 16:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/06/03 09:38:32 | 002,727,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/11/20 20:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 20:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 20:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/14 21:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/02/26 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/08 11:28:46 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV - [2010/01/18 11:36:44 | 000,014,136 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys -- (NTIOLib_X64)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://AlienwareArena.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylo...0007ce9d36f0141
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultenginename,S: S", ""
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.order.1,S: S", ""
FF - prefs.js..browser.search.selectedEngine: ""
FF - prefs.js..browser.search.selectedEngine,S: S", ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.90
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Fafnir\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012/04/23 16:53:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/28 22:19:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/30 14:31:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012/07/09 06:39:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Extensions
[2013/04/01 12:07:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions
[2013/03/13 11:22:37 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2013/04/01 11:24:07 | 000,000,000 | ---D | M] (Broowsee22save) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\[email protected]
[2013/01/08 18:09:04 | 000,000,000 | ---D | M] (CouponAmazing) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\[email protected]
[2013/04/01 12:07:52 | 000,000,000 | ---D | M] (Browse22save) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\[email protected]
[2013/04/01 11:33:04 | 000,000,000 | ---D | M] (Browse22save) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\[email protected]
[2013/03/28 22:20:01 | 000,531,916 | ---- | M] () (No name found) -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/08/13 14:19:33 | 000,001,982 | ---- | M] () -- C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\searchplugins\search-here.xml
[2013/02/05 15:43:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/28 22:19:58 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/09/30 09:09:01 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 15:56:40 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - Extension: Browse22save = C:\Users\Fafnir\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhpndbmiphkeejnifhmkngnholhdklln\1\
CHR - Extension: Browse22save = C:\Users\Fafnir\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdmlbheogeedkjkakdfckihdjdhpofjf\1\
CHR - Extension: Broowsee22save = C:\Users\Fafnir\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnbkpmnjdmooldnkbpomfdhbindndlm\1\
CHR - Extension: Amazing Coupons = C:\Users\Fafnir\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjildcbkilmkddbbpbjljljdmmlfeppl\5.0_0\

O1 HOSTS File: ([2012/07/09 08:33:29 | 000,443,048 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15219 more lines...
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (Browse22save) - {00F963BC-099D-2A91-6FBF-15FEEF9B6E69} - C:\ProgramData\Browse22save\5159e32729e43.dll ()
O2 - BHO: (CouponAmazing) - {06254D77-9929-402A-A1B2-99993325FB1A} - C:\Users\Fafnir\AppData\Local\couponamazing\ie\couponamazing_1357693502.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Browse22save) - {7334F699-350B-26FF-679A-426D34CA214F} - C:\ProgramData\Browse22save\5159daf009045.dll ()
O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Fafnir\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [Command Center Controllers] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe (Alienware)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DisplaySwitch] C:\ProgramData\DisplaySwitch.exe (Корпорация Майкрософт)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Fafnir\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - Startup: C:\Users\Fafnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk = C:\Program Files (x86)\Impulse\Now\GameStopNow.exe (GameStop Corp.)
O4 - Startup: C:\Users\Fafnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {7623BE59-D4CF-4379-ABC4-B39E11854D66} http://nxcache.nexon...b.2010.5.03.cab (MabinogiWebAvatarRenderer Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.1.0)
O16 - DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_01)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{77072862-BC76-4BD0-85DA-74DE057788C0}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FB672FAB-D075-4B67-8813-876340A7BBDA}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\windows\syswow64\nvinit.dll) - c:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\sprote~1.dll) - c:\Program Files (x86)\BrowseToSave\sprotector.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\ProgramData\DisplaySwitch.exe) - C:\ProgramData\DisplaySwitch.exe (Корпорация Майкрософт)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O31 - SafeBoot: AlternateShell - C:\ProgramData\DisplaySwitch.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/08 20:04:04 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\Documents\OTL
[2013/04/08 17:14:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/04/08 17:02:05 | 000,041,984 | ---- | C] (Корпорация Майкрософт) -- C:\ProgramData\DisplaySwitch.exe
[2013/04/05 11:53:49 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\Documents\Insurance Notes
[2013/04/01 12:07:34 | 000,000,000 | ---D | C] -- C:\ProgramData\BetterSoft
[2013/04/01 11:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse22save
[2013/04/01 11:32:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Browse22save
[2013/04/01 11:24:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe
[2013/04/01 11:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BrowseToSave
[2013/04/01 11:23:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Broowsee22save
[2013/04/01 11:22:52 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/03/31 09:58:30 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\Documents\Raiderz
[2013/03/31 09:58:24 | 004,694,056 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2013/03/31 09:58:05 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2013/03/31 09:57:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2013/03/31 09:04:53 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
[2013/03/31 09:01:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013/03/31 09:00:59 | 000,000,000 | ---D | C] -- C:\Perfect World Entertainment
[2013/03/31 01:22:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RaiderZ_Installer_20121022
[2013/03/31 01:18:57 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\.swt
[2013/03/28 10:05:38 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\AppData\Local\Unity
[2013/03/28 10:05:31 | 000,643,520 | ---- | C] (Unity Technologies ApS) -- C:\UnityWebPlayer.exe
[2013/03/27 12:17:55 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\AppData\Local\SKIDROW
[2013/03/27 12:10:44 | 000,000,000 | ---D | C] -- C:\Games
[2013/03/25 13:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tomb Raider
[2013/03/20 10:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Motive
[2013/03/20 10:46:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Motive
[2013/03/12 20:54:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
[2013/03/12 09:44:09 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\AppData\Local\Aeria Games
[2013/03/12 09:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2013/03/11 23:01:47 | 000,000,000 | ---D | C] -- C:\Users\Fafnir\AppData\Local\Akamai
[2013/03/11 23:01:45 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2013/03/11 23:01:11 | 000,551,448 | ---- | C] (Aeria Games & Entertainment) -- C:\scarletblade_us_downloader.exe
[2012/08/06 20:03:44 | 1993,810,496 | ---- | C] (Nexon) -- C:\Program Files (x86)\DFOSetup49.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/08 20:02:24 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/08 20:02:24 | 000,660,068 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/08 20:02:24 | 000,120,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/08 19:58:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/08 19:58:03 | 2064,748,543 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/08 19:56:56 | 000,001,173 | ---- | M] () -- C:\Users\Fafnir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk
[2013/04/08 19:56:18 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\schedule!3036567561.job
[2013/04/08 17:18:18 | 537,160,089 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/04/08 17:12:22 | 002,250,054 | ---- | M] () -- C:\ProgramData\1.bmp
[2013/04/08 17:12:10 | 000,302,806 | ---- | M] () -- C:\ProgramData\1.jpg
[2013/04/08 17:02:04 | 000,041,984 | ---- | M] (Корпорация Майкрософт) -- C:\ProgramData\DisplaySwitch.exe
[2013/04/08 16:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 08:03:18 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 08:03:18 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/03/31 01:18:53 | 003,029,928 | ---- | M] () -- C:\RaiderZ_Downloader_20121022.exe
[2013/03/28 10:05:32 | 000,643,520 | ---- | M] (Unity Technologies ApS) -- C:\UnityWebPlayer.exe
[2013/03/27 12:16:27 | 000,001,669 | ---- | M] () -- C:\Users\Fafnir\Desktop\Play Tomb Rader 2013.lnk
[2013/03/14 13:58:00 | 004,694,056 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2013/03/12 20:57:09 | 000,001,103 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/03/12 10:41:40 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Alienware Command Center.lnk
[2013/03/11 23:01:14 | 000,551,448 | ---- | M] (Aeria Games & Entertainment) -- C:\scarletblade_us_downloader.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/08 17:14:18 | 537,160,089 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/04/08 17:12:22 | 002,250,054 | ---- | C] () -- C:\ProgramData\1.bmp
[2013/04/08 17:12:08 | 000,302,806 | ---- | C] () -- C:\ProgramData\1.jpg
[2013/04/01 11:23:49 | 000,000,418 | -H-- | C] () -- C:\Windows\tasks\schedule!3036567561.job
[2013/03/31 09:58:05 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2013/03/31 01:18:48 | 003,029,928 | ---- | C] () -- C:\RaiderZ_Downloader_20121022.exe
[2013/03/27 12:16:27 | 000,001,669 | ---- | C] () -- C:\Users\Fafnir\Desktop\Play Tomb Rader 2013.lnk
[2013/03/12 20:54:14 | 000,001,103 | ---- | C] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2013/02/14 23:00:53 | 000,002,304 | ---- | C] () -- C:\Windows\SysWow64\HtsysmNT.sys
[2012/08/06 19:24:49 | 2943,133,256 | ---- | C] () -- C:\Program Files (x86)\MabinogiSetup114R.exe
[2012/06/28 17:44:42 | 000,428,904 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2012/04/24 19:02:19 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/04/19 15:49:17 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012/04/19 15:49:16 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012/04/19 15:49:15 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/04/19 15:49:14 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012/04/19 15:49:13 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011/12/15 07:46:08 | 000,021,320 | ---- | C] () -- C:\Windows\SysWow64\LightFX.dll
[2011/09/28 14:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011/07/01 08:17:22 | 000,098,232 | ---- | C] () -- C:\Windows\SysWow64\CCBiosSupportAPI.dll

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/01/04 03:44:25 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 01:59:38 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 20:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/28 22:06:17 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\BitTorrent
[2013/02/19 18:43:22 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Bundysoft
[2012/08/26 15:39:07 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\DAEMON Tools Lite
[2012/08/06 16:55:55 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\DarkBlood ServiceNa
[2012/08/13 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\DefaultTab
[2012/04/23 16:47:22 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Leadertech
[2012/06/17 07:47:15 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\LolClient
[2012/06/15 18:30:51 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\LolClient2
[2012/12/31 12:14:40 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Mumble
[2012/08/07 07:08:52 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\NeopleLauncherDFO
[2012/05/09 18:06:26 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\OpenOffice.org
[2012/04/24 11:02:06 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\PCDr
[2013/01/18 21:10:14 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\PowerISO
[2013/02/04 10:33:50 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\PyxelEdit
[2012/04/23 16:40:02 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Stardock
[2012/10/19 20:42:47 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Thunderbird
[2012/06/04 12:07:08 | 000,000,000 | ---D | M] -- C:\Users\Fafnir\AppData\Roaming\Trillian

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >


Extras.txt file:

OTL Extras logfile created on: 4/8/2013 8:04:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fafnir\Documents\OTL
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.90 Gb Total Physical Memory | 6.98 Gb Available Physical Memory | 88.41% Memory free
15.79 Gb Paging File | 14.92 Gb Available in Paging File | 94.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 922.32 Gb Total Space | 478.36 Gb Free Space | 51.86% Space Free | Partition Type: NTFS
Drive D: | 8.73 Gb Total Space | 8.49 Gb Free Space | 97.17% Space Free | Partition Type: NTFS

Computer Name: FAFNIR-GAMEPC | User Name: Fafnir | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0178E1D0-F57A-4994-A98C-6AB6D2997529}" = lport=139 | protocol=6 | dir=in | app=system |
"{01A401DC-6AF2-4344-92AD-E563DFA65C8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{052D41E8-E481-4BDD-90A6-167B1EBF18D1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0B78981C-6E0D-4663-9164-11F9459044A4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1006C160-C843-451E-BF43-B761915D2BFA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{39215CE0-4FAF-48FE-A283-0CD1011CE9B6}" = lport=137 | protocol=17 | dir=in | app=system |
"{4B4733D2-3820-4861-8FA5-98A9AF36CCE0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5525E6E8-6B44-4860-BD65-8904ED42E7C5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{5EC3B6AF-38F4-4EBC-9BB3-1CEEAEBB07BD}" = rport=138 | protocol=17 | dir=out | app=system |
"{607B7BC5-272B-4E11-BCDD-79094BA0D5A9}" = rport=139 | protocol=6 | dir=out | app=system |
"{64916C16-8AC8-4F52-8AE2-7E5B2B18DAB5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6FEAD1B7-484F-41F9-93BE-A746CF82A955}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{73B3F04B-B592-4BB9-8FF1-B39A01C162F0}" = lport=49221 | protocol=6 | dir=in | name=akamai netsession interface |
"{95D379A1-3F5C-42BC-A02D-C66655B0F28F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{99BC9592-90DC-48E9-BE7D-5A787A8590E6}" = rport=445 | protocol=6 | dir=out | app=system |
"{9AC0D3C2-6567-4A86-B636-6EA85C897207}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A5FBDFCA-265E-441F-8851-7219ECA043B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AD286615-6C67-40E5-94F4-8D3C6DD76593}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D1733F9A-44EC-4837-9F6E-1F9105557EF9}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D29BB757-218F-4B8F-B787-C87F0246DB69}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{D49F0A8F-F73A-4F7E-92B7-0E0EAE8AB643}" = rport=137 | protocol=17 | dir=out | app=system |
"{DDEED841-CAC6-44AA-A9C7-4F40020D0F50}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{E742E565-D116-4129-B7A0-F08D9C5EDA2B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{EEEE20E7-7EEF-4947-A95A-04A57871069C}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{F328B22C-48E6-425E-AC8D-69D4560FFFC0}" = lport=49175 | protocol=6 | dir=in | name=akamai netsession interface |
"{F5241D70-60C8-4882-86AD-2B14E498ADF5}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{010CD52F-165F-4A8D-91D9-B799DCAADA5E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{0315D30A-5BDA-4417-98DB-7CB07BEB6289}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{04E438D3-C444-4370-BD12-08D6702F489B}" = protocol=17 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{055FF792-0CF1-4C4C-8165-6B552F92CEF7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{0715A1CE-C51C-4424-AF30-1FBD711D49A9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{08032952-CD68-46CE-813F-2248FB935430}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{086579E0-4F99-41FA-8CA3-95714066834D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{08922185-8D07-4D07-BF4B-01C765F7310D}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{08E30BA4-88B1-4409-A622-366FEBD768AF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{0B3F966E-C6AD-4A80-85AF-99C4C03E8D56}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{0BA7F48C-1137-4FA5-83EF-D9C1E98D36EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rusty hearts\clientlauncher.exe |
"{0FFA665E-BC1E-4C21-98BA-5E180A12DBCD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{1044A5D3-5AE7-4A9A-A1F1-D5EE916F987B}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\client\tera.exe |
"{1182D5BC-E39A-4AAB-8732-6A382503EE03}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{11F9060E-3FD4-4C6C-A40F-08F3BC81ADC6}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{14E9578C-ED1E-4431-86A0-98EB05A8A72C}" = protocol=17 | dir=in | app=c:\program files (x86)\outspark\darkblood\darkblood.exe |
"{16412EFA-5555-4D6F-845F-BC0D03F0F870}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage64.exe |
"{167BFFF9-C33E-45BC-9C5A-DE24A8C34896}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{16DBF489-6936-451E-A272-9903C97565B2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{17E15CF7-EC47-46CD-8503-89F3C87C836B}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{19B6A3FD-25B5-4052-A3CA-9993693D6075}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1F42F38E-9568-4135-9798-AE4891F2EA90}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{25EAC56D-C4FF-41F4-AC5E-7B72D27B8B47}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{27809152-854F-46B6-87BC-8EB9C70C12A3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{28D0D06D-7A46-491C-9C5C-EAF92C5AA73E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{2F4CEC96-ECC6-46F1-84B5-C14E887421A9}" = protocol=6 | dir=in | app=c:\program files (x86)\nexon\vindictus\en-us\nmservice.exe |
"{326B3E01-FAB2-462A-B6EC-28731C2311B2}" = protocol=6 | dir=in | app=c:\program files (x86)\kill3rcombo\elsword\data\x2.exe |
"{3457FC6C-8176-42A3-A34D-DEF32050CB72}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{38413DF7-62DA-425A-87D0-5E917CBBF2F2}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pandorasaga\steamintegrator.exe |
"{3B0D4726-82D1-4FDC-9009-D0534F1BE089}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{3D41E4E4-D63B-49B7-BCBE-D99A621CA59B}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{3D4B9841-58F8-49C2-9646-662B9C56650F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{406E12EC-F13E-4C14-A49C-00998D32FEFF}" = protocol=58 | dir=in | [email protected],-28545 |
"{42D65D0E-1FBF-43C7-A4C6-21D3A416E3CA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{44905ED3-ACD8-4DBF-9430-03D1B94A91DC}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{468210CA-0E02-4D98-8B2D-B7A7365D5A3D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{46A7B212-F57A-4472-8057-B0E30EEBCB08}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{46EDCDCF-7C8B-486A-B9B2-7E6F9592405E}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{479DE42F-83C5-40C7-B150-A01492CD30FD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\magicka\magicka.exe |
"{498A1EC3-76EF-41D1-9FC5-E7E8933FDB86}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{4DA07D5B-F07B-4F7F-A166-6E52755CBA13}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rhythm zone\rhythmzone.exe |
"{4E5C8E83-2C9E-46CC-A436-DDD2A9B9FB82}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\beathazard.exe |
"{528CC828-1DA8-4CB2-ACFE-229B7EEB3FF6}" = protocol=58 | dir=out | [email protected],-28546 |
"{52E20308-A37B-48CD-84AF-0B0D4461D2ED}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{53556B7E-F183-435C-B0C1-6B7CBB34CD0C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rusty hearts\clientlauncher.exe |
"{54F77B86-DE4B-4232-9B74-5F041BC12A48}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\tera-launcher.exe |
"{566858B3-CB84-4222-BD6D-1402F2FAC11B}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\client\tl.exe |
"{5887C759-E66E-4224-9CFF-E0C81E0296E0}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{59DA9AB2-30CF-4E52-8171-58CD1FE98FA8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{5B901D25-6454-4384-8B10-7822B6E55BC1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\pandorasaga\steamintegrator.exe |
"{65D02FA0-2D10-4B0B-9552-C8BB5B8E0523}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{6613D8CA-24B5-427E-AE9D-9856727E8BFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{67EA3525-F890-4604-884F-BF0DD24C68F4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6B9D129A-97DF-40C4-8D7D-2C3C669D4B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{6CFBBB7D-44AB-4DA4-9B02-D4FADD0B1A09}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft games\halo 2\halo2.exe |
"{6E020B0C-E896-478A-A39A-3CEC7129D82E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{6E192167-EB39-480B-BBAD-9DC6C367004D}" = protocol=17 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire.exe |
"{6E5EC650-A749-47EE-B008-784D5D722F90}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{779C3E2F-0630-4895-BCC3-687DC39D4A41}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{7CA7A62D-AAFE-46AD-89A1-E1BD998BADD3}" = protocol=17 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire diplomacy.exe |
"{7E8861CF-3880-44C5-AE2F-A7B0A9818ADC}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{80C8C9E6-B497-4BD5-AC13-C179355939AA}" = protocol=6 | dir=in | app=c:\program files (x86)\outspark\darkblood\darkblood.exe |
"{80F20686-23F5-4CBD-B5BB-706D83C3840F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{81C66260-BF34-4042-9803-3A02B7951082}" = protocol=17 | dir=out | app=c:\program files (x86)\tera\client\tera.exe |
"{81E817F0-92FB-430E-9A6F-88B9BB851347}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe |
"{8276289E-3EBF-4CC2-957A-0D1C278AE429}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\tera-launcher.exe |
"{8592F0F9-A367-480E-BF2E-B10ED4AED76B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8922B91B-63DA-4F2B-A68D-C1C6E49AB932}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{8A97E756-0495-488B-8E14-7E78B96441A3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{8AF27B81-EAED-470F-AF95-5454453E9510}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{8B0CF3E1-6532-4D0A-876A-2162474C216A}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"{8B77F0A5-4A82-42E9-BA4C-2A6BB405A8FE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{8C25BBA4-6988-406A-996F-78EB1F4CC430}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{92BD8678-730A-43D1-8E88-A1EC2A86A7D4}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe |
"{931F8319-D8DB-4655-ACB2-F27EA9214E8F}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{9373A6E6-0C1F-4390-848F-239B43D8B4F6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{97ABCEC5-9B14-419F-8FEE-590C63EC03FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe |
"{9884FE83-42DC-4CE1-B57E-3A63BBD40028}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9AA17A50-9357-46BF-A546-D8195EC253D9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{9B6EAC60-9A0C-4751-B3AF-D88FCD66D2B2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{9DD08940-3B51-4CBC-AFC5-873D121CD1CE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"{A1710227-41B3-4E0D-95E1-ED9775B0EEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{A1A1927F-F4CC-47D9-8240-3F9AB6242CA7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{A23B797D-3ABB-40E2-84CE-43D206184F7E}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"{A5702C44-3C19-4878-AE22-D4FD3E6A885F}" = protocol=6 | dir=out | app=c:\program files (x86)\tera\client\tl.exe |
"{A5DAAECE-AFFA-4AFE-A7EB-DC8300D1FAF9}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{A733550B-2260-41EC-9A91-B1F30DE7E6D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\brink\brink.exe |
"{A74E55FF-8E69-4FEF-B9E9-2759A5D22170}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{A8F206C7-C193-4B13-A893-36830C7424C6}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe |
"{A9D81112-D8EA-49D2-BC8D-A2D1EBFCADC8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{AAC679BB-7CC2-464A-B094-985C6A1D9D7E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1675\agent.exe |
"{AB3ADF77-E54D-4ABF-A2C9-B0CC08560EC2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{AC4F869F-A1CE-4BC3-A976-47D2231BE328}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sins of a solar empire rebellion\sins of a solar empire rebellion.exe |
"{AEDE1DE0-982F-43CB-90D0-B3B577699608}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe |
"{AF835AE7-C402-497A-B06B-7EF130198ECE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{B23BE884-F4EE-4818-B509-CC79355325CD}" = protocol=17 | dir=in | app=c:\program files (x86)\kill3rcombo\elsword\data\x2.exe |
"{B37A62CC-1BAA-43F3-8E5B-2BD3C97C5938}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\audiosurf\engine\questviewer.exe |
"{B51AA759-B7AC-405D-8F81-7E438C32A3B9}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{B69F01C0-882A-430A-A487-068BD1AC4BC6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\beat hazard\runme.exe |
"{B73576C3-46C6-431B-A4DF-6838DBCC72EA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{B9727AB6-FB9B-414B-A224-7107D75A343E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\torchlight2.exe |
"{BA48F2C6-AFA7-480D-A2C8-6D3E7A5A502A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{BB068141-7052-4E51-A439-8EE47A6CC977}" = protocol=6 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire diplomacy.exe |
"{BCC1499F-273B-4128-B344-44A7F5AC1A24}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{BDA5FA7A-F061-46A1-8527-981064D0A672}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1544\agent.exe |
"{BE2D5C1F-B942-48A6-B802-2680A738CC24}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C1AFDB82-9F11-41B0-AD33-5B73E3F29C59}" = protocol=17 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire entrenchment.exe |
"{C2A0E08D-0B58-4349-B405-9C718D34397E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\champions online\champions online.exe |
"{C3A0E2A9-32A7-4BE6-BD19-589F1DCB3713}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\client\tera.exe |
"{C69D0BD1-092C-46E4-B61A-DEAE3D442709}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage64.exe |
"{C7D5A2A2-051F-4D59-B251-75694EFA28D3}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage.exe |
"{C971D11C-A156-4E4D-AB02-6168BA47C448}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C9F5EFCB-B9E6-4F00-AAB1-14473780D7F2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"{CB1C7A06-9581-4490-883F-6784492B5837}" = protocol=17 | dir=in | app=c:\program files (x86)\nexon\vindictus\en-us\nmservice.exe |
"{CBABC5E4-A493-4581-97DF-D381F2F0835C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{CE0FBACF-FB94-4FE2-A2DC-97C73FE55DCF}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D164E721-39A3-458B-9D9E-193856C933D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands\binaries\borderlands.exe |
"{D44791C9-A99E-42D7-8DFA-5CBBC59400A3}" = protocol=6 | dir=in | app=c:\programdata\nexonus\ngm\ngm.exe |
"{D456E367-7168-4F6A-9594-240C9B2DA3A8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{D5D61E40-D83C-48FA-B7F6-0C2062E15028}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{D7B9FAE4-01D6-4D7F-84CD-91FBA031892A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D7D1FD95-2D1B-467C-B358-F0164310107A}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D84C52BB-334E-4D24-BA52-4EF2FB161C92}" = protocol=1 | dir=out | [email protected],-28544 |
"{DAA4DA02-84EE-41A4-B32D-494F7F314536}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DFD37334-4B08-489C-9184-584FDC64BBD8}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe |
"{E1865334-1204-4B10-A3A6-2293079E2743}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{E576C428-1A2A-4F9A-B838-DCE496700BFE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\rage\rage.exe |
"{E6079BD5-54AB-4C6F-8480-137ED042E867}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dungeondefenders.exe |
"{E6661943-0796-4163-92C6-2F29CF5C65DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E6FCB8CD-E703-473D-8C45-13AAC9A4F988}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{E915B11E-3677-4301-96B6-DFE3CBE855AF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{EABE4A19-2DA1-40AF-9E3C-8AD333FECA78}" = protocol=6 | dir=out | app=system |
"{EBE53182-8102-47FD-B4CA-AACB817CFED0}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\client\tera.exe |
"{ECC6829A-0170-4617-A37B-9D24AADEC114}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\tera-launcher.exe |
"{EEF2A14B-5134-40D3-803E-F7335C4B6923}" = protocol=17 | dir=in | app=c:\program files (x86)\tera\client\tl.exe |
"{EFAA7C2E-6225-4FD3-9487-B30E47FB99DF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\nmservice.exe |
"{F0F03097-1FB3-4A29-87C4-5C95A9B08537}" = protocol=6 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire.exe |
"{F15A1D92-FD5E-434A-9E62-5156C430CCAC}" = protocol=1 | dir=in | [email protected],-28543 |
"{F754984B-B72A-47E2-B4FB-ED2AE09EFD91}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{F7D8AA0A-8DE5-47DB-AB87-5C0C3C77CB0C}" = protocol=6 | dir=in | app=c:\program files (x86)\tera\client\tl.exe |
"{FA7B50D5-E4ED-4C08-BF0F-7ECC9178C44B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FB34D561-40AD-4F3B-A886-505CA5CB9D77}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{FB6543AC-3BF3-440F-A4AE-C0398B980F9D}" = protocol=6 | dir=in | app=c:\program files (x86)\stardock games\sins of a solar empire - trinity\sins of a solar empire entrenchment.exe |
"{FF82DF86-5263-4A56-A36B-A288FA1B04BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vslauncher.exe |
"TCP Query User{2240DCC0-4357-424D-9944-8D74298DE2B7}C:\program files (x86)\square enix\final fantasy xi\ffxi-boot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\ffxi-boot.exe |
"TCP Query User{2721D81B-3C04-42FF-A204-D5D71847587C}C:\program files (x86)\square enix\final fantasy xiv\ffxivboot.exe" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\final fantasy xiv\ffxivboot.exe |
"TCP Query User{3A50E414-6797-4805-BEF5-D83C49F726E6}C:\downloader_starcraft_combo_enus.exe" = protocol=6 | dir=in | app=c:\downloader_starcraft_combo_enus.exe |
"TCP Query User{3F8A6AA1-A06F-477C-A4A9-D6FF868395E0}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe |
"TCP Query User{3FFE04A8-26BE-41B7-9553-D88E1BB9B818}C:\program files (x86)\square enix\mxi_9_1-darkstar\mxi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\mxi_9_1-darkstar\mxi.exe |
"TCP Query User{417D2A1D-5BD4-4BC1-A0A9-1D5CA8D34B7D}C:\program files (x86)\square enix\final fantasy xi\mxi_9_1-darkstar\mxi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\mxi_9_1-darkstar\mxi.exe |
"TCP Query User{485737A9-FA4B-45A2-80B3-75ED48CE3A30}C:\users\fafnir\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\fafnir\appdata\local\akamai\netsession_win.exe |
"TCP Query User{532E27B3-4538-4AD9-A8E1-1B382BC1DF72}C:\program files (x86)\trillian\trillian.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |
"TCP Query User{6A96E608-E8BC-4FA1-B65F-C137E7936861}C:\users\fafnir\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\fafnir\appdata\local\akamai\netsession_win.exe |
"TCP Query User{6B06B4FC-E4D3-4539-9870-7211ABD578F3}C:\users\fafnir\appdata\local\temp\gw2.exe" = protocol=6 | dir=in | app=c:\users\fafnir\appdata\local\temp\gw2.exe |
"TCP Query User{86C34175-9CF6-4DA3-AD95-989D04600C23}C:\nexon\dfo\dfo.exe" = protocol=6 | dir=in | app=c:\nexon\dfo\dfo.exe |
"TCP Query User{8C02D5AD-45DC-4CC7-A535-7662A1A29EC9}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"TCP Query User{8FD9F312-0ED9-4DA2-A60B-7FB5AF053679}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"TCP Query User{934123CF-D3B0-43D7-B94A-33FDA78AE4EC}C:\program files (x86)\guild wars 2 beta\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2 beta\gw2.exe |
"TCP Query User{A764BF30-1A9C-4E95-AD0C-21F165E65308}C:\program files (x86)\starcraft\starcraft.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"TCP Query User{ADD8C947-764D-4A03-A924-98D810A6FEC1}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B5B29A4A-9590-4EEC-9523-56183B514836}C:\gw2.exe" = protocol=6 | dir=in | app=c:\gw2.exe |
"TCP Query User{BEDBDFBF-23D7-4044-AC6E-81BF462D46E3}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"TCP Query User{C2ECB07C-AF61-4AD0-890F-30D602CD0075}C:\program files (x86)\playonline\squareenix\playonlineviewer\pol.exe" = protocol=6 | dir=in | app=c:\program files (x86)\playonline\squareenix\playonlineviewer\pol.exe |
"TCP Query User{D1353A33-EEE0-44C0-9A9E-F33110E13D4B}C:\program files (x86)\nexon\vindictus\en-us\vindictus.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nexon\vindictus\en-us\vindictus.exe |
"TCP Query User{D950703E-F961-4CC6-B686-F56FF5417EB5}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=6 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |
"TCP Query User{DE2A3759-588D-4C71-B0BB-BD7AF4FA2F04}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{EA817129-5629-4290-84AB-2625131456FD}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"TCP Query User{F656AB92-C8BB-4776-A241-9A4D07B947A7}C:\program files (x86)\square enix\final fantasy xi\mxi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\mxi.exe |
"TCP Query User{F96E7485-4B08-4E43-A451-F1960CA36B12}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{0B26621C-C499-486B-9D59-E9652B51A52E}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe |
"UDP Query User{10A48CC4-C3C1-42D5-BBB0-16A7A3843AE5}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base21029\sc2.exe |
"UDP Query User{19B35073-3001-43D4-992C-CAF979449967}C:\users\fafnir\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\fafnir\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2BF0E55E-AF17-45DB-AEDA-403F268097B8}C:\nexon\dfo\dfo.exe" = protocol=17 | dir=in | app=c:\nexon\dfo\dfo.exe |
"UDP Query User{2E1C6564-758B-4608-922D-70A80D27CB3A}C:\program files (x86)\the witcher 2\bin\witcher2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\the witcher 2\bin\witcher2.exe |
"UDP Query User{30F19A92-C26A-4575-AEE8-9F235A623D0E}C:\program files (x86)\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2\gw2.exe |
"UDP Query User{3B42FAA5-1806-4AAE-8046-40D6C550EAE2}C:\program files (x86)\square enix\final fantasy xi\mxi_9_1-darkstar\mxi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\mxi_9_1-darkstar\mxi.exe |
"UDP Query User{43CBCB9B-8861-4493-AAC6-DF708EDEDA01}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{45FED66A-867C-4828-9EC0-DD29E2048D39}C:\program files (x86)\starcraft\starcraft.exe" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft\starcraft.exe |
"UDP Query User{4E97066D-0FAB-45DF-8487-1E41456CB244}C:\program files (x86)\square enix\mxi_9_1-darkstar\mxi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\mxi_9_1-darkstar\mxi.exe |
"UDP Query User{5335AAD2-BBC9-4F8C-BCEB-3A2BEC4BFA43}C:\users\fafnir\appdata\local\temp\gw2.exe" = protocol=17 | dir=in | app=c:\users\fafnir\appdata\local\temp\gw2.exe |
"UDP Query User{6D0EB2B8-E4FB-48EB-81C3-1ACFC09BF987}C:\program files (x86)\square enix\final fantasy xi\mxi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\mxi.exe |
"UDP Query User{6E9D94EA-8BDA-463D-A38F-5945B0306F3D}C:\program files (x86)\nexon\vindictus\en-us\vindictus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nexon\vindictus\en-us\vindictus.exe |
"UDP Query User{71095155-54B6-4C24-A019-33AF0194ADA2}C:\gw2.exe" = protocol=17 | dir=in | app=c:\gw2.exe |
"UDP Query User{7A8F2065-ABFD-4CB9-B4F9-EBEE63E5C81D}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe |
"UDP Query User{8DF3A902-B58E-48ED-A6F2-9E96872A5560}C:\downloader_starcraft_combo_enus.exe" = protocol=17 | dir=in | app=c:\downloader_starcraft_combo_enus.exe |
"UDP Query User{941B2BC7-0A84-49B1-ADB1-74BBABC97E04}C:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\vindictus\en-us\vindictus.exe |
"UDP Query User{AF157E66-7816-4E15-B08B-F5E9FD6F3D5C}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{BD17945E-C255-402D-A49D-F56B036D274B}C:\users\fafnir\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\fafnir\appdata\local\akamai\netsession_win.exe |
"UDP Query User{C1B859AA-928F-4637-A3C6-1D892DA69BDD}C:\program files (x86)\playonline\squareenix\playonlineviewer\pol.exe" = protocol=17 | dir=in | app=c:\program files (x86)\playonline\squareenix\playonlineviewer\pol.exe |
"UDP Query User{C29F874A-EB94-4ED6-9607-9B8571C40B0D}C:\program files (x86)\guild wars 2 beta\gw2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\guild wars 2 beta\gw2.exe |
"UDP Query User{C597E797-A4EA-42E7-9FA1-97BB274294DE}C:\program files (x86)\square enix\final fantasy xi\ffxi-boot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\final fantasy xi\ffxi-boot.exe |
"UDP Query User{D49110B3-0260-4C74-91F3-2DF82CFF8826}C:\program files (x86)\trillian\plugins\skypekit.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\plugins\skypekit.exe |
"UDP Query User{E0E92BF2-6C96-4579-8F85-D152EB390E73}C:\program files (x86)\square enix\final fantasy xiv\ffxivboot.exe" = protocol=17 | dir=in | app=c:\program files (x86)\square enix\final fantasy xiv\ffxivboot.exe |
"UDP Query User{F9D3F3A4-2D0A-4BC1-8623-1AE402D801F5}C:\program files (x86)\trillian\trillian.exe" = protocol=17 | dir=in | app=c:\program files (x86)\trillian\trillian.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{131A7AD3-1078-4B08-95E6-B457D18C40DF}" = Alienware Command Center
"{22D8AE6F-3C6B-47E8-8F04-629F23DBE978}" = iTunes
"{26A24AE4-039D-4CA4-87B4-2F86417001FF}" = Java™ 7 Update 1 (64-bit)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 304.79
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.17.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"OptimizerPro" = OptimizerPro
"PC-Doctor for Windows" = AlienAutopsy
"Sn1" = Logitech Flow Scroll 4.0
"SolarApp" = Logitech Solar App 1.0
"sp6" = Logitech SetPoint 6.32

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0CA38F52-F0FA-4B9F-8A36-EC8A9609FBBC}" = Halo 2 for Windows Vista
"{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B}" = TERA
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217001FF}" = Java™ 7 Update 1
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3C0619B4-4A2C-4244-8077-488E420DF907}" = FINAL FANTASY XI: Chains of Promathia
"{3C6A9286-2A4B-43DF-A322-01ABFFDCD248}" = Ragnarok Online2
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{5B037ED7-0755-48D4-9554-808E5AF50F17}" = FINAL FANTASY XI: Wings of the Goddess
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{678F6475-D227-432A-94FF-806178A34520}" = FINAL FANTASY XI
"{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}" = FINAL FANTASY XI: Rise of the Zilart
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A606C6FF-12E7-40BE-B777-D8F360FF00CD}" = FINAL FANTASY XI: Treasures of Aht Urhgan
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.6) MUI
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}" = Mumble 1.2.3
"{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}" = MSI ODD Monitor
"{BD4B02C1-0271-4D7D-A850-19DE2E5CDF83}" = Banctec Service Agreement
"{BE4F0189-E950-4533-88C1-FC70714DB2B5}" = DarkBloodOnline
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1" = Elsword version 1.34
"{E6B87DC4-2B3D-4483-ADFF-E483BF718991}" = OpenOffice.org 3.1
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse®
"{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}" = The Witcher 2
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}" = The Witcher Enhanced Edition
"{F2C4E6E0-EB78-4824-A212-6DF6AF0E8E82}" = FINAL FANTASY XIV
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"BitTorrent" = BitTorrent
"couponamazing" = couponamazing
"DAEMON Tools Lite" = DAEMON Tools Lite
"DefaultTab" = DefaultTab
"DFO" = DFOLauncher
"Diablo III" = Diablo III
"FINAL FANTASY XIV" = FINAL FANTASY XIV
"FlashDevelop" = FlashDevelop 4.2.4
"Guild Wars 2" = Guild Wars 2
"Halo 2" = Halo 2 for Windows Vista
"Impulse®" = Impulse®
"InstallShield_{131A7AD3-1078-4B08-95E6-B457D18C40DF}" = Alienware Command Center
"InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}" = PlayOnline Viewer & Tetra Master
"InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}" = MSI ODD Monitor
"Mabinogi" = Mabinogi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 19.0.2 (x86 en-US)" = Mozilla Firefox 19.0.2 (x86 en-US)
"Mozilla Thunderbird 16.0.1 (x86 en-US)" = Mozilla Thunderbird 16.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"pcsx2-r5350" = PCSX2 - Playstation 2 Emulator
"PowerISO" = PowerISO
"RaiderZ" = RaiderZ
"Sins of a Solar Empire - Trinity" = Sins of a Solar Empire - Trinity
"SP_f2a323db" = BrowseToSave 1.74
"StarCraft" = StarCraft
"StarCraft II" = StarCraft II
"Steam App 106010" = Pandora Saga: Weapons of Balance
"Steam App 10660" = Stormrise
"Steam App 113420" = Fallen Earth
"Steam App 12900" = Audiosurf
"Steam App 200710" = Torchlight II
"Steam App 204880" = Sins of a Solar Empire: Rebellion
"Steam App 212160" = Vindictus
"Steam App 22350" = Brink
"Steam App 36630" = Rusty Hearts
"Steam App 38900" = Rhythm Zone
"Steam App 400" = Portal
"Steam App 42910" = Magicka
"Steam App 49600" = Beat Hazard
"Steam App 550" = Left 4 Dead 2
"Steam App 65800" = Dungeon Defenders
"Steam App 8980" = Borderlands
"Steam App 91600" = Sanctum
"Steam App 9200" = RAGE
"Steam App 9880" = Champions Online: Free For All
"TeamViewer 8" = TeamViewer 8
"Trillian" = Trillian
"Vindictus" = Vindictus
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-bit)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"L3DT Standard (v11.11.3.1)" = L3DT Standard v11.11.3.1 (remove only)
"NCsoft-Aion" = Aion
"NCsoft-GuildWars" = Guild Wars
"NCsoft-Lineage2" = Lineage II
"UnityWebPlayer" = Unity Web Player
"Winamp Detect" = Winamp Detector Plug-in
"WinRAR Packages" = WinRAR Packages

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 1/9/2013 7:18:09 PM | Computer Name = Fafnir-GamePC | Source = Application Error | ID = 1000
Description = Faulting application name: iexplore.exe, version: 9.0.8112.16446,
time stamp: 0x4fb57c8f Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651,
time stamp: 0x4e211319 Exception code: 0xc0000005 Fault offset: 0x00035111 Faulting
process id: 0xab8 Faulting application start time: 0x01cdeebf8fc5def8 Faulting application
path: C:\Program Files (x86)\Internet Explorer\iexplore.exe Faulting module path:
C:\Windows\syswow64\KERNELBASE.dll Report Id: d4300985-5ab2-11e2-b6c8-848f69f51e11

Error - 1/10/2013 4:31:44 AM | Computer Name = Fafnir-GamePC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 1/10/2013 9:36:14 PM | Computer Name = Fafnir-GamePC | Source = Application Hang | ID = 1002
Description = The program Vindictus.exe version 1.0.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 1b0c Start
Time: 01cdef9989691973 Termination Time: 67 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\Vindictus.exe

Report
Id: 47a11d29-5b8f-11e2-b6c8-848f69f51e11

Error - 1/11/2013 4:43:56 AM | Computer Name = Fafnir-GamePC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "c:\program files (x86)\spybot
- search & destroy\DelZip179.dll".Error in manifest or policy file "c:\program
files (x86)\spybot - search & destroy\DelZip179.dll" on line 8. The value "*" of
attribute "language" in element "assemblyIdentity" is invalid.

Error - 1/12/2013 8:58:47 PM | Computer Name = Fafnir-GamePC | Source = Application Error | ID = 1000
Description = Faulting application name: bugreport.exe, version: 0.0.0.0, time stamp:
0x4f71c1fb Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception
code: 0xc0000005 Fault offset: 0x00000000 Faulting process id: 0x1a88 Faulting application
start time: 0x01cdf1290a7a0744 Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\bugreport.exe
Faulting
module path: unknown Report Id: 6265c430-5d1c-11e2-b6c8-848f69f51e11

Error - 1/13/2013 12:56:45 AM | Computer Name = Fafnir-GamePC | Source = Application Hang | ID = 1002
Description = The program Vindictus.exe version 1.0.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 24b0 Start
Time: 01cdf12a793ae9b6 Termination Time: 176 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\Vindictus.exe

Report
Id: 9f6b7a6b-5d3d-11e2-b6c8-848f69f51e11

Error - 1/13/2013 1:25:35 AM | Computer Name = Fafnir-GamePC | Source = Application Hang | ID = 1002
Description = The program Vindictus.exe version 1.0.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: da4 Start
Time: 01cdf14e2263bcdc Termination Time: 52 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\Vindictus.exe

Report
Id: a6a7e6b3-5d41-11e2-b6c8-848f69f51e11

Error - 1/13/2013 2:17:34 AM | Computer Name = Fafnir-GamePC | Source = Application Hang | ID = 1002
Description = The program Vindictus.exe version 1.0.0.1 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 598 Start
Time: 01cdf14f72ffcfaf Termination Time: 75 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Vindictus\en-US\Vindictus.exe

Report
Id: e978961d-5d48-11e2-b6c8-848f69f51e11

Error - 1/13/2013 11:46:13 AM | Computer Name = Fafnir-GamePC | Source = Application Error | ID = 1000
Description = Faulting application name: mXI.exe, version: 2.1.0.207, time stamp:
0x4ef3d9c4 Faulting module name: Hook.dll, version: 3.4.2.5, time stamp: 0x4b6a0e55
Exception
code: 0xc0000005 Fault offset: 0x000a04ac Faulting process id: 0x2058 Faulting application
start time: 0x01cdf1a517cbc0a3 Faulting application path: C:\Program Files (x86)\Square
Enix\Final Fantasy XI\mXI.exe Faulting module path: C:\Program Files (x86)\Square
Enix\Final Fantasy XI\Hook.dll Report Id: 5b621d57-5d98-11e2-b6c8-848f69f51e11

Error - 1/13/2013 11:46:35 AM | Computer Name = Fafnir-GamePC | Source = Application Error | ID = 1000
Description = Faulting application name: mXI.exe, version: 2.1.0.207, time stamp:
0x4ef3d9c4 Faulting module name: Hook.dll, version: 3.4.2.5, time stamp: 0x4b6a0e55
Exception
code: 0xc0000005 Fault offset: 0x000a04ac Faulting process id: 0x2098 Faulting application
start time: 0x01cdf1a5251fd019 Faulting application path: C:\Program Files (x86)\Square
Enix\Final Fantasy XI\mXI.exe Faulting module path: C:\Program Files (x86)\Square
Enix\Final Fantasy XI\Hook.dll Report Id: 685a01b3-5d98-11e2-b6c8-848f69f51e11

[ System Events ]
Error - 3/17/2013 8:06:01 PM | Computer Name = Fafnir-GamePC | Source = bowser | ID = 8003
Description =

Error - 3/18/2013 6:21:49 AM | Computer Name = Fafnir-GamePC | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 3/29/2013 6:22:08 PM | Computer Name = Fafnir-GamePC | Source = Application Popup | ID = 875
Description = Driver atksgt.sys has been blocked from loading.

Error - 3/29/2013 6:22:08 PM | Computer Name = Fafnir-GamePC | Source = Service Control Manager | ID = 7000
Description = The atksgt service failed to start due to the following error: %%1275

Error - 3/29/2013 6:22:42 PM | Computer Name = Fafnir-GamePC | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
luafv

Error - 3/29/2013 6:24:43 PM | Computer Name = Fafnir-GamePC | Source = Service Control Manager | ID = 7038
Description = The nvUpdatusService service was unable to log on as .\UpdatusUser
with the currently configured password due to the following error: %%1330 To ensure
that the service is configured properly, use the Services snap-in in Microsoft
Management Console (MMC).

Error - 3/29/2013 6:24:43 PM | Computer Name = Fafnir-GamePC | Source = Service Control Manager | ID = 7000
Description = The NVIDIA Update Service Daemon service failed to start due to the
following error: %%1069

Error - 3/30/2013 1:27:47 AM | Computer Name = Fafnir-GamePC | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.

Error - 3/30/2013 1:27:49 AM | Computer Name = Fafnir-GamePC | Source = NetBT | ID = 4319
Description = A duplicate name has been detected on the TCP network. The IP address
of the computer that sent the message is in the data. Use nbtstat -n in a command
window to see which name is in the Conflict state.

Error - 3/31/2013 12:58:24 PM | Computer Name = Fafnir-GamePC | Source = Service Control Manager | ID = 7030
Description = The nProtect GameGuard Service service is marked as an interactive
service. However, the system is configured to not allow interactive services.
This service may not function properly.


< End of report >

Edited by fenrir818, 08 April 2013 - 09:20 PM.

  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
    O4 - HKLM..\Run: [DisplaySwitch] C:\ProgramData\DisplaySwitch.exe (?????????? ??????????)
    [2013/04/08 17:12:22 | 002,250,054 | ---- | M] () -- C:\ProgramData\1.bmp
    [2013/04/08 17:12:10 | 000,302,806 | ---- | M] () -- C:\ProgramData\1.jpg
    [2013/04/08 17:02:04 | 000,041,984 | ---- | M] (?????????? ??????????) -- C:\ProgramData\DisplaySwitch.exe
    
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo
  • 0

#3
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Thank you very much for the quick response. The fix worked beautifully.
The text file didn't pop up after my computer rebooted, but the file was right where you said it would be.

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\DisplaySwitch deleted successfully.
C:\ProgramData\DisplaySwitch.exe moved successfully.
C:\ProgramData\1.bmp moved successfully.
C:\ProgramData\1.jpg moved successfully.
File C:\ProgramData\DisplaySwitch.exe not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Fafnir\Documents\OTL\cmd.bat deleted successfully.
C:\Users\Fafnir\Documents\OTL\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Fafnir
->Java cache emptied: 514061 bytes

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Fafnir
->Flash cache emptied: 769 bytes

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04082013_204416
  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#5
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Thanks again for the quick reply. I've ran the programs and the reports are below. Just wondering, does AdwCleaner really not need to do a search before clicking on delete?

AdwCleaner report:

# AdwCleaner v2.200 - Logfile created 04/08/2013 at 21:01:27
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Fafnir - FAFNIR-GAMEPC
# Boot Mode : Normal
# Running from : C:\Users\Fafnir\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : DefaultTabUpdate

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\BetterSoft
File Deleted : C:\END
File Deleted : C:\user.js
File Deleted : C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\searchplugins\search-here.xml
Folder Deleted : C:\Program Files (x86)\BrowseToSave
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Fafnir\AppData\Local\PackageAware
Folder Deleted : C:\Users\Fafnir\AppData\Local\Temp\BabylonToolbar
Folder Deleted : C:\Users\Fafnir\AppData\Roaming\DefaultTab

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\sprote~1.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16446

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\prefs.js

C:\Users\Fafnir\AppData\Roaming\Mozilla\Firefox\Profiles\lx4a4g44.default\user.js ... Deleted !

Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Deleted : user_pref("aol_toolbar.default.search.check", false);
Deleted : user_pref("extensions.5159d0734bf97.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.5159daf008f5c.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.5159e32729d5d.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Fafnir\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [5717 octets] - [08/04/2013 21:01:27]

########## EOF - C:\AdwCleaner[S1].txt - [5777 octets] ##########


RogueKiller report:

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Fafnir [Admin rights]
Mode : Remove -- Date : 04/08/2013 21:04:57
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[BLPATH] OptimizerPro.exe -- C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe [-] -> KILLED [TermProc]

¤¤¤ Registry Entries : 11 ¤¤¤
[RUN][SUSP PATH] HKUS\.DEFAULT[...]\Run : assembly (rundll32.exe "C:\Users\Fafnir\AppData\Local\Ironclad Games\assembly\ciljkjua.dll",CreateInstance) [x] -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-19[...]\Run : assembly (rundll32.exe "C:\Users\Fafnir\AppData\Local\Ironclad Games\assembly\ciljkjua.dll",CreateInstance) [x] -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-20[...]\Run : assembly (rundll32.exe "C:\Users\Fafnir\AppData\Local\Ironclad Games\assembly\ciljkjua.dll",CreateInstance) [x] -> DELETED
[SHELL][SUSP PATH] HKLM\[...]\Wow6432Node\Winlogon : Shell (C:\ProgramData\DisplaySwitch.exe) [x] -> REPLACED (Explorer.exe)
[TASK][BLPATH] schedule!3036567561.job : C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe /schedule /profile "c:\programdata\bettersoft\optimizerpro\3036567561.ini" [-] -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[SAFEBOOT] HKLM\[...]\ControlSet001\SafeBoot : AlternateShell (C:\ProgramData\DisplaySwitch.exe) -> REPLACED (cmd.exe)
[SAFEBOOT] HKLM\[...]\ControlSet002\SafeBoot : AlternateShell (C:\ProgramData\DisplaySwitch.exe) -> REPLACED (cmd.exe)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ Infection : Rogue.ProgFiles ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
[...]


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] 765e2b83b6cd64f6a8d371271b2905b4
[BSP] e0d5dfd4c7977946c817ffd908f63fbf : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_04082013_02d2104.txt >>
RKreport[1]_S_04082013_02d2104.txt ; RKreport[2]_D_04082013_02d2104.txt
  • 0

#6
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818


AdwCleaner has a list of junkware that it removes

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I am posting from another computer. I ran ComboFix.exe and it is now scanning for infected files. I understand that times vary based on each computer but it has been stuck on stage 50 for some time now, is this normal (it says it "Completed Stage_49" and hasn't done anything else that I can tell)?
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
give it some more time - let me know in 30 min
  • 0

#9
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
It's been more than 30 minutes, and it is still stuck at stage 50.
  • 0

#10
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818

Ok lets try this, I want you to run combofix in safe mode but it is very important that when combofix reboots the computer for you to direct it back into safe mode so it can finish the scan.

Boot into Safe Mode

Reboot your computer in Safe Mode.
  • If the computer is running, shut down Windows, and then turn off the power.
  • Wait 30 seconds, and then turn the computer on.
  • Start tapping the F8 key. The Windows Advanced Options Menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. To resolve this, restart the computer and try again.
  • Ensure that the Safe Mode option is selected.
  • Press Enter. The computer then begins to start in Safe mode.
  • Login on your usual account.

after combofix has finished its scan please post the report back here.

Gringo
  • 0

Advertisements


#11
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
It continues to be stuck. Should I try leaving it on overnight to see if it's just being really slow?
  • 0

#12
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818

I will check back on you in about 4 hours or 10 hours - got some things I need to do and then need to sleep - no need to let it run more than an hour


I would like you to try this to see if combofix will run

combofix

  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
ComboFix /nombr
  • click ok

copy and paste the report into this topic for me to review

Gringo
  • 0

#13
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
I've done as you asked (left it on overnight, went to sleep after I ran it) and it is still stuck on stage 50.

Edit: I've also just realized that my computer's sound is gone.
Edit 2: Nevermind, found out it reset my speaker's volume somehow.

Edited by fenrir818, 09 April 2013 - 01:11 PM.

  • 0

#14
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello fenrir818


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

#15
fenrir818

fenrir818

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Edit: everything seems to be working properly

TDSSKiller log:

17:37:54.0912 3312 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:37:54.0912 3312 UEFI system
17:37:55.0427 3312 ============================================================
17:37:55.0427 3312 Current date / time: 2013/04/09 17:37:55.0427
17:37:55.0427 3312 SystemInfo:
17:37:55.0427 3312
17:37:55.0427 3312 OS Version: 6.1.7601 ServicePack: 1.0
17:37:55.0427 3312 Product type: Workstation
17:37:55.0427 3312 ComputerName: FAFNIR-GAMEPC
17:37:55.0427 3312 UserName: Fafnir
17:37:55.0427 3312 Windows directory: C:\Windows
17:37:55.0427 3312 System windows directory: C:\Windows
17:37:55.0427 3312 Running under WOW64
17:37:55.0427 3312 Processor architecture: Intel x64
17:37:55.0427 3312 Number of processors: 8
17:37:55.0427 3312 Page size: 0x1000
17:37:55.0427 3312 Boot type: Normal boot
17:37:55.0427 3312 ============================================================
17:37:56.0082 3312 BG loaded
17:37:56.0285 3312 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:56.0285 3312 ============================================================
17:37:56.0285 3312 \Device\Harddisk0\DR0:
17:37:56.0285 3312 GPT partitions:
17:37:56.0285 3312 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D2787DDC-7D37-41C3-A20C-11906520FCCE}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
17:37:56.0285 3312 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {FCA95D7B-0B61-435D-BB91-BDAF7D4662A9}, Name: Basic data partition, StartLBA 0x98000, BlocksNum 0x14000
17:37:56.0285 3312 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {46E46C0D-3B98-4100-86AF-3169DE30F12E}, Name: Microsoft reserved partition, StartLBA 0xAC000, BlocksNum 0x40000
17:37:56.0285 3312 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7E618CFA-9DE5-44D4-A2E0-E05A236A018B}, Name: Basic data partition, StartLBA 0xEC000, BlocksNum 0x1178000
17:37:56.0285 3312 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8ABDE97F-7AEF-4BE5-92BF-EFEA1ADB4A35}, Name: Basic data partition, StartLBA 0x1264000, BlocksNum 0x734A2000
17:37:56.0285 3312 MBR partitions:
17:37:56.0285 3312 ============================================================
17:37:56.0316 3312 C: <-> \Device\Harddisk0\DR0\Partition5
17:37:56.0332 3312 D: <-> \Device\Harddisk0\DR0\Partition4
17:37:56.0332 3312 ============================================================
17:37:56.0332 3312 Initialize success
17:37:56.0332 3312 ============================================================
17:38:02.0915 1880 ============================================================
17:38:02.0915 1880 Scan started
17:38:02.0915 1880 Mode: Manual; SigCheck; TDLFS;
17:38:02.0915 1880 ============================================================
17:38:03.0648 1880 ================ Scan system memory ========================
17:38:03.0648 1880 System memory - ok
17:38:03.0648 1880 ================ Scan services =============================
17:38:03.0867 1880 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:38:03.0882 1880 1394ohci - ok
17:38:03.0929 1880 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:38:03.0929 1880 ACPI - ok
17:38:03.0945 1880 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:38:03.0960 1880 AcpiPmi - ok
17:38:04.0054 1880 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:04.0070 1880 AdobeARMservice - ok
17:38:04.0163 1880 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:04.0163 1880 AdobeFlashPlayerUpdateSvc - ok
17:38:04.0194 1880 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:38:04.0194 1880 adp94xx - ok
17:38:04.0226 1880 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:38:04.0226 1880 adpahci - ok
17:38:04.0226 1880 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:38:04.0241 1880 adpu320 - ok
17:38:04.0257 1880 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:38:04.0272 1880 AeLookupSvc - ok
17:38:04.0319 1880 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:38:04.0319 1880 AERTFilters - ok
17:38:04.0382 1880 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:38:04.0397 1880 AFD - ok
17:38:04.0397 1880 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:38:04.0413 1880 agp440 - ok
17:38:04.0428 1880 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:38:04.0428 1880 ALG - ok
17:38:04.0460 1880 [ 36CAEAD8A7FFB90D05EC97985315388F ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
17:38:04.0475 1880 AlienFusionService - ok
17:38:04.0475 1880 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:38:04.0491 1880 aliide - ok
17:38:04.0491 1880 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:38:04.0491 1880 amdide - ok
17:38:04.0491 1880 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:38:04.0506 1880 AmdK8 - ok
17:38:04.0506 1880 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:38:04.0506 1880 AmdPPM - ok
17:38:04.0522 1880 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:38:04.0522 1880 amdsata - ok
17:38:04.0538 1880 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:38:04.0553 1880 amdsbs - ok
17:38:04.0569 1880 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:38:04.0569 1880 amdxata - ok
17:38:04.0584 1880 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:38:04.0600 1880 AppID - ok
17:38:04.0616 1880 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:38:04.0631 1880 AppIDSvc - ok
17:38:04.0662 1880 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:38:04.0678 1880 Appinfo - ok
17:38:04.0772 1880 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:38:04.0787 1880 Apple Mobile Device - ok
17:38:04.0803 1880 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:38:04.0818 1880 arc - ok
17:38:04.0818 1880 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:38:04.0834 1880 arcsas - ok
17:38:04.0912 1880 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:38:04.0912 1880 aspnet_state - ok
17:38:04.0943 1880 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:38:04.0959 1880 AsyncMac - ok
17:38:04.0974 1880 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:38:04.0990 1880 atapi - ok
17:38:05.0068 1880 [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:38:05.0084 1880 athr - ok
17:38:05.0130 1880 [ 09149D03629A44F4773E621C432D1D89 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
17:38:05.0146 1880 atksgt - ok
17:38:05.0177 1880 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:38:05.0193 1880 AudioEndpointBuilder - ok
17:38:05.0208 1880 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:38:05.0224 1880 AudioSrv - ok
17:38:05.0255 1880 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:38:05.0271 1880 AxInstSV - ok
17:38:05.0286 1880 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:38:05.0302 1880 b06bdrv - ok
17:38:05.0318 1880 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:38:05.0333 1880 b57nd60a - ok
17:38:05.0349 1880 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:38:05.0349 1880 BDESVC - ok
17:38:05.0380 1880 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:38:05.0396 1880 Beep - ok
17:38:05.0442 1880 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:38:05.0458 1880 BFE - ok
17:38:05.0489 1880 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:38:05.0520 1880 BITS - ok
17:38:05.0536 1880 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:05.0536 1880 blbdrive - ok
17:38:05.0614 1880 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:38:05.0630 1880 Bonjour Service - ok
17:38:05.0676 1880 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:05.0692 1880 bowser - ok
17:38:05.0692 1880 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:38:05.0692 1880 BrFiltLo - ok
17:38:05.0692 1880 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:38:05.0708 1880 BrFiltUp - ok
17:38:05.0708 1880 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:38:05.0739 1880 BridgeMP - ok
17:38:05.0770 1880 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:38:05.0786 1880 Browser - ok
17:38:05.0786 1880 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:38:05.0786 1880 Brserid - ok
17:38:05.0817 1880 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:05.0832 1880 BrSerWdm - ok
17:38:05.0832 1880 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:05.0832 1880 BrUsbMdm - ok
17:38:05.0848 1880 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:05.0848 1880 BrUsbSer - ok
17:38:05.0879 1880 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:38:05.0879 1880 BTHMODEM - ok
17:38:05.0910 1880 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:38:05.0926 1880 bthserv - ok
17:38:05.0942 1880 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:05.0973 1880 cdfs - ok
17:38:05.0988 1880 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:05.0988 1880 cdrom - ok
17:38:06.0004 1880 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:06.0020 1880 CertPropSvc - ok
17:38:06.0035 1880 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:38:06.0035 1880 circlass - ok
17:38:06.0051 1880 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:38:06.0066 1880 CLFS - ok
17:38:06.0176 1880 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:06.0176 1880 clr_optimization_v2.0.50727_32 - ok
17:38:06.0222 1880 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:06.0222 1880 clr_optimization_v2.0.50727_64 - ok
17:38:06.0300 1880 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:06.0316 1880 clr_optimization_v4.0.30319_32 - ok
17:38:06.0363 1880 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:06.0363 1880 clr_optimization_v4.0.30319_64 - ok
17:38:06.0378 1880 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:38:06.0394 1880 CmBatt - ok
17:38:06.0410 1880 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:38:06.0410 1880 cmdide - ok
17:38:06.0456 1880 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:38:06.0472 1880 CNG - ok
17:38:06.0488 1880 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:38:06.0488 1880 Compbatt - ok
17:38:06.0503 1880 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:38:06.0503 1880 CompositeBus - ok
17:38:06.0503 1880 COMSysApp - ok
17:38:06.0519 1880 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:38:06.0519 1880 crcdisk - ok
17:38:06.0581 1880 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:06.0581 1880 CryptSvc - ok
17:38:06.0612 1880 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:06.0644 1880 DcomLaunch - ok
17:38:06.0690 1880 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:38:06.0706 1880 defragsvc - ok
17:38:06.0722 1880 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:06.0737 1880 DfsC - ok
17:38:06.0753 1880 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:38:06.0768 1880 Dhcp - ok
17:38:06.0768 1880 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:38:06.0784 1880 discache - ok
17:38:06.0800 1880 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:38:06.0800 1880 Disk - ok
17:38:06.0831 1880 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:06.0831 1880 Dnscache - ok
17:38:06.0846 1880 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:06.0862 1880 dot3svc - ok
17:38:06.0862 1880 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:38:06.0893 1880 DPS - ok
17:38:06.0924 1880 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:06.0924 1880 drmkaud - ok
17:38:06.0987 1880 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
17:38:06.0987 1880 dtsoftbus01 - ok
17:38:07.0018 1880 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:07.0018 1880 DXGKrnl - ok
17:38:07.0034 1880 EagleX64 - ok
17:38:07.0034 1880 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:38:07.0049 1880 EapHost - ok
17:38:07.0283 1880 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:38:07.0299 1880 ebdrv - ok
17:38:07.0330 1880 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:38:07.0346 1880 EFS - ok
17:38:07.0377 1880 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:07.0392 1880 ehRecvr - ok
17:38:07.0424 1880 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:38:07.0424 1880 ehSched - ok
17:38:07.0439 1880 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:38:07.0439 1880 elxstor - ok
17:38:07.0455 1880 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:38:07.0470 1880 ErrDev - ok
17:38:07.0486 1880 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:38:07.0502 1880 EventSystem - ok
17:38:07.0517 1880 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:07.0533 1880 exfat - ok
17:38:07.0548 1880 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:07.0580 1880 fastfat - ok
17:38:07.0595 1880 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:38:07.0595 1880 Fax - ok
17:38:07.0611 1880 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:38:07.0611 1880 fdc - ok
17:38:07.0626 1880 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:07.0642 1880 fdPHost - ok
17:38:07.0658 1880 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:07.0673 1880 FDResPub - ok
17:38:07.0689 1880 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:07.0689 1880 FileInfo - ok
17:38:07.0704 1880 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:07.0720 1880 Filetrace - ok
17:38:07.0736 1880 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:38:07.0736 1880 flpydisk - ok
17:38:07.0751 1880 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:07.0767 1880 FltMgr - ok
17:38:07.0798 1880 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:38:07.0814 1880 FontCache - ok
17:38:07.0845 1880 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:07.0860 1880 FontCache3.0.0.0 - ok
17:38:07.0860 1880 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:38:07.0876 1880 FsDepends - ok
17:38:07.0892 1880 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:07.0892 1880 Fs_Rec - ok
17:38:07.0907 1880 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:38:07.0923 1880 fvevol - ok
17:38:07.0923 1880 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:38:07.0938 1880 gagp30kx - ok
17:38:07.0985 1880 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:38:08.0001 1880 GEARAspiWDM - ok
17:38:08.0016 1880 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:08.0032 1880 gpsvc - ok
17:38:08.0063 1880 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:38:08.0063 1880 hcw85cir - ok
17:38:08.0110 1880 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:38:08.0110 1880 HDAudBus - ok
17:38:08.0126 1880 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:38:08.0126 1880 HidBatt - ok
17:38:08.0141 1880 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:38:08.0157 1880 HidBth - ok
17:38:08.0172 1880 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:38:08.0172 1880 HidIr - ok
17:38:08.0204 1880 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:38:08.0219 1880 hidserv - ok
17:38:08.0250 1880 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:38:08.0250 1880 HidUsb - ok
17:38:08.0266 1880 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:38:08.0282 1880 hkmsvc - ok
17:38:08.0313 1880 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:08.0313 1880 HomeGroupListener - ok
17:38:08.0328 1880 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:08.0344 1880 HomeGroupProvider - ok
17:38:08.0344 1880 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:38:08.0360 1880 HpSAMD - ok
17:38:08.0375 1880 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:38:08.0391 1880 HTTP - ok
17:38:08.0422 1880 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:38:08.0422 1880 hwpolicy - ok
17:38:08.0453 1880 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:38:08.0469 1880 i8042prt - ok
17:38:08.0500 1880 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:38:08.0500 1880 iaStorV - ok
17:38:08.0547 1880 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:08.0562 1880 idsvc - ok
17:38:08.0734 1880 [ 10BB0DC3361C9420CC1B0B2128BB89DB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:38:08.0812 1880 igfx - ok
17:38:08.0843 1880 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:38:08.0843 1880 iirsp - ok
17:38:08.0859 1880 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:38:08.0890 1880 IKEEXT - ok
17:38:08.0921 1880 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\drivers\Impcd.sys
17:38:08.0921 1880 Impcd - ok
17:38:08.0984 1880 [ F34322B229C05B88E768508431E0894E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:38:09.0015 1880 IntcAzAudAddService - ok
17:38:09.0093 1880 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:38:09.0093 1880 IntcDAud - ok
17:38:09.0124 1880 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:38:09.0124 1880 intelide - ok
17:38:09.0155 1880 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:38:09.0155 1880 intelppm - ok
17:38:09.0155 1880 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:38:09.0186 1880 IPBusEnum - ok
17:38:09.0202 1880 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:09.0233 1880 IpFilterDriver - ok
17:38:09.0280 1880 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:38:09.0296 1880 iphlpsvc - ok
17:38:09.0311 1880 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:38:09.0327 1880 IPMIDRV - ok
17:38:09.0342 1880 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:38:09.0358 1880 IPNAT - ok
17:38:09.0436 1880 [ B474C756C13960793C7583B766F904C4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:38:09.0452 1880 iPod Service - ok
17:38:09.0467 1880 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:38:09.0467 1880 IRENUM - ok
17:38:09.0483 1880 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:38:09.0483 1880 isapnp - ok
17:38:09.0498 1880 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:38:09.0498 1880 iScsiPrt - ok
17:38:09.0654 1880 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:38:09.0654 1880 kbdclass - ok
17:38:09.0670 1880 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:38:09.0686 1880 kbdhid - ok
17:38:09.0701 1880 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:38:09.0701 1880 KeyIso - ok
17:38:09.0732 1880 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:38:09.0732 1880 KSecDD - ok
17:38:09.0748 1880 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:38:09.0748 1880 KSecPkg - ok
17:38:09.0764 1880 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:38:09.0795 1880 ksthunk - ok
17:38:09.0826 1880 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:38:09.0842 1880 KtmRm - ok
17:38:09.0888 1880 [ CAEAA16039485B2D3BB069C1107442A5 ] L4301_Solar C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
17:38:09.0904 1880 L4301_Solar - ok
17:38:09.0935 1880 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:38:09.0951 1880 LanmanServer - ok
17:38:09.0966 1880 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:09.0982 1880 LanmanWorkstation - ok
17:38:10.0044 1880 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:38:10.0044 1880 LBTServ - ok
17:38:10.0091 1880 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
17:38:10.0091 1880 LEqdUsb - ok
17:38:10.0107 1880 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
17:38:10.0122 1880 LHidEqd - ok
17:38:10.0138 1880 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:38:10.0138 1880 LHidFilt - ok
17:38:10.0185 1880 [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
17:38:10.0185 1880 lirsgt - ok
17:38:10.0216 1880 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:38:10.0232 1880 lltdio - ok
17:38:10.0278 1880 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:38:10.0310 1880 lltdsvc - ok
17:38:10.0325 1880 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:38:10.0356 1880 lmhosts - ok
17:38:10.0372 1880 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:38:10.0372 1880 LMouFilt - ok
17:38:10.0403 1880 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:38:10.0403 1880 LSI_FC - ok
17:38:10.0403 1880 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:38:10.0419 1880 LSI_SAS - ok
17:38:10.0434 1880 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:38:10.0434 1880 LSI_SAS2 - ok
17:38:10.0450 1880 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:38:10.0450 1880 LSI_SCSI - ok
17:38:10.0466 1880 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:38:10.0497 1880 luafv - ok
17:38:10.0497 1880 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:38:10.0512 1880 Mcx2Svc - ok
17:38:10.0512 1880 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:38:10.0512 1880 megasas - ok
17:38:10.0544 1880 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:38:10.0544 1880 MegaSR - ok
17:38:10.0575 1880 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:38:10.0575 1880 MEIx64 - ok
17:38:10.0637 1880 Microsoft SharePoint Workspace Audit Service - ok
17:38:10.0668 1880 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:38:10.0700 1880 MMCSS - ok
17:38:10.0700 1880 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:38:10.0731 1880 Modem - ok
17:38:10.0746 1880 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:38:10.0746 1880 monitor - ok
17:38:10.0762 1880 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:38:10.0762 1880 mouclass - ok
17:38:10.0793 1880 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:38:10.0793 1880 mouhid - ok
17:38:10.0809 1880 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:38:10.0809 1880 mountmgr - ok
17:38:10.0871 1880 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:38:10.0871 1880 MozillaMaintenance - ok
17:38:10.0887 1880 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:38:10.0887 1880 mpio - ok
17:38:10.0902 1880 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:38:10.0918 1880 mpsdrv - ok
17:38:10.0934 1880 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:38:10.0965 1880 MpsSvc - ok
17:38:10.0980 1880 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:38:10.0980 1880 MRxDAV - ok
17:38:11.0012 1880 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:11.0012 1880 mrxsmb - ok
17:38:11.0027 1880 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:11.0043 1880 mrxsmb10 - ok
17:38:11.0043 1880 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:11.0058 1880 mrxsmb20 - ok
17:38:11.0074 1880 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:38:11.0074 1880 msahci - ok
17:38:11.0105 1880 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:38:11.0105 1880 msdsm - ok
17:38:11.0152 1880 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:38:11.0152 1880 MSDTC - ok
17:38:11.0183 1880 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:38:11.0199 1880 Msfs - ok
17:38:11.0214 1880 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:38:11.0230 1880 mshidkmdf - ok
17:38:11.0261 1880 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:38:11.0261 1880 msisadrv - ok
17:38:11.0292 1880 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:38:11.0308 1880 MSiSCSI - ok
17:38:11.0308 1880 msiserver - ok
17:38:11.0355 1880 [ 583E83D46CCEDB47476AC0DB6114136A ] MSI_ODD_Service c:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
17:38:11.0355 1880 MSI_ODD_Service ( UnsignedFile.Multi.Generic ) - warning
17:38:11.0355 1880 MSI_ODD_Service - detected UnsignedFile.Multi.Generic (1)
17:38:11.0370 1880 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:38:11.0402 1880 MSKSSRV - ok
17:38:11.0433 1880 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:11.0448 1880 MSPCLOCK - ok
17:38:11.0464 1880 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:38:11.0480 1880 MSPQM - ok
17:38:11.0495 1880 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:38:11.0511 1880 MsRPC - ok
17:38:11.0526 1880 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:38:11.0526 1880 mssmbios - ok
17:38:11.0526 1880 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:38:11.0542 1880 MSTEE - ok
17:38:11.0589 1880 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:38:11.0589 1880 MTConfig - ok
17:38:11.0604 1880 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:38:11.0604 1880 Mup - ok
17:38:11.0620 1880 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:38:11.0651 1880 napagent - ok
17:38:11.0667 1880 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:38:11.0682 1880 NativeWifiP - ok
17:38:11.0729 1880 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:38:11.0745 1880 NDIS - ok
17:38:11.0776 1880 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:11.0792 1880 NdisCap - ok
17:38:11.0807 1880 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:11.0838 1880 NdisTapi - ok
17:38:11.0854 1880 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:11.0870 1880 Ndisuio - ok
17:38:11.0885 1880 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:11.0901 1880 NdisWan - ok
17:38:11.0916 1880 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:38:11.0932 1880 NDProxy - ok
17:38:11.0932 1880 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:38:11.0963 1880 NetBIOS - ok
17:38:11.0963 1880 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:38:11.0979 1880 NetBT - ok
17:38:11.0994 1880 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:38:11.0994 1880 Netlogon - ok
17:38:12.0026 1880 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:38:12.0057 1880 Netman - ok
17:38:12.0088 1880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:12.0088 1880 NetMsmqActivator - ok
17:38:12.0088 1880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:12.0104 1880 NetPipeActivator - ok
17:38:12.0150 1880 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:38:12.0182 1880 netprofm - ok
17:38:12.0182 1880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:12.0182 1880 NetTcpActivator - ok
17:38:12.0182 1880 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:38:12.0182 1880 NetTcpPortSharing - ok
17:38:12.0197 1880 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:38:12.0213 1880 nfrd960 - ok
17:38:12.0260 1880 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:38:12.0275 1880 NlaSvc - ok
17:38:12.0291 1880 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:38:12.0306 1880 Npfs - ok
17:38:12.0338 1880 npggsvc - ok
17:38:12.0353 1880 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:38:12.0369 1880 nsi - ok
17:38:12.0369 1880 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:38:12.0400 1880 nsiproxy - ok
17:38:12.0478 1880 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:38:12.0494 1880 Ntfs - ok
17:38:12.0540 1880 [ 3F39F013168428C8E505A7B9E6CBA8A2 ] NTIOLib_X64 C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
17:38:12.0556 1880 NTIOLib_X64 - ok
17:38:12.0556 1880 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:38:12.0572 1880 Null - ok
17:38:12.0603 1880 [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:38:12.0618 1880 NVHDA - ok
17:38:12.0806 1880 [ 39DEFE644321F9A4B7F527664F628DEA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:38:12.0930 1880 nvlddmkm - ok
17:38:12.0962 1880 [ ECAF81AC8637F9BCBFCB6658A31E1109 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
17:38:12.0962 1880 nvpciflt - ok
17:38:12.0993 1880 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:38:12.0993 1880 nvraid - ok
17:38:13.0008 1880 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:38:13.0008 1880 nvstor - ok
17:38:13.0055 1880 [ 67A5E83B66654888C5B4A7CABBD96AA9 ] NvStUSB C:\Windows\system32\drivers\nvstusb.sys
17:38:13.0055 1880 NvStUSB - ok
17:38:13.0071 1880 [ A8BD627C6B78745CE8D591E9636E533F ] nvsvc C:\Windows\system32\nvvsvc.exe
17:38:13.0086 1880 nvsvc - ok
17:38:13.0118 1880 [ ABF9218BC7B87ED93C0B5DEAD9E2F7E9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:38:13.0133 1880 nvUpdatusService - ok
17:38:13.0149 1880 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:38:13.0164 1880 nv_agp - ok
17:38:13.0180 1880 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:38:13.0180 1880 ohci1394 - ok
17:38:13.0258 1880 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:38:13.0258 1880 ose - ok
17:38:13.0476 1880 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:38:13.0523 1880 osppsvc - ok
17:38:13.0570 1880 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:38:13.0570 1880 p2pimsvc - ok
17:38:13.0601 1880 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:38:13.0601 1880 p2psvc - ok
17:38:13.0617 1880 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:38:13.0632 1880 Parport - ok
17:38:13.0679 1880 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:38:13.0679 1880 partmgr - ok
17:38:13.0710 1880 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:38:13.0726 1880 PcaSvc - ok
17:38:13.0742 1880 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:38:13.0742 1880 pci - ok
17:38:13.0757 1880 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:38:13.0773 1880 pciide - ok
17:38:13.0773 1880 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:38:13.0788 1880 pcmcia - ok
17:38:13.0804 1880 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:38:13.0804 1880 pcw - ok
17:38:13.0835 1880 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:38:13.0851 1880 PEAUTH - ok
17:38:13.0898 1880 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:38:13.0913 1880 PerfHost - ok
17:38:13.0929 1880 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:38:13.0960 1880 pla - ok
17:38:13.0991 1880 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:38:14.0007 1880 PlugPlay - ok
17:38:14.0007 1880 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:38:14.0022 1880 PNRPAutoReg - ok
17:38:14.0022 1880 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:38:14.0022 1880 PNRPsvc - ok
17:38:14.0054 1880 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:38:14.0085 1880 PolicyAgent - ok
17:38:14.0100 1880 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:38:14.0100 1880 Power - ok
17:38:14.0132 1880 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:38:14.0147 1880 PptpMiniport - ok
17:38:14.0163 1880 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:38:14.0163 1880 Processor - ok
17:38:14.0241 1880 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:38:14.0241 1880 ProfSvc - ok
17:38:14.0241 1880 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:38:14.0256 1880 ProtectedStorage - ok
17:38:14.0272 1880 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:38:14.0288 1880 Psched - ok
17:38:14.0334 1880 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:38:14.0366 1880 ql2300 - ok
17:38:14.0366 1880 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:38:14.0381 1880 ql40xx - ok
17:38:14.0412 1880 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:38:14.0412 1880 QWAVE - ok
17:38:14.0444 1880 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:38:14.0459 1880 QWAVEdrv - ok
17:38:14.0475 1880 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:38:14.0490 1880 RasAcd - ok
17:38:14.0537 1880 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:38:14.0553 1880 RasAgileVpn - ok
17:38:14.0553 1880 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:38:14.0584 1880 RasAuto - ok
17:38:14.0600 1880 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:38:14.0615 1880 Rasl2tp - ok
17:38:14.0631 1880 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:38:14.0646 1880 RasMan - ok
17:38:14.0662 1880 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:38:14.0678 1880 RasPppoe - ok
17:38:14.0693 1880 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:38:14.0709 1880 RasSstp - ok
17:38:14.0724 1880 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:38:14.0756 1880 rdbss - ok
17:38:14.0756 1880 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:38:14.0771 1880 rdpbus - ok
17:38:14.0771 1880 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:38:14.0787 1880 RDPCDD - ok
17:38:14.0818 1880 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:38:14.0834 1880 RDPENCDD - ok
17:38:14.0849 1880 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:38:14.0865 1880 RDPREFMP - ok
17:38:14.0912 1880 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:38:14.0927 1880 RDPWD - ok
17:38:14.0943 1880 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:38:14.0943 1880 rdyboost - ok
17:38:14.0974 1880 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:38:14.0990 1880 RemoteAccess - ok
17:38:14.0990 1880 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:38:15.0021 1880 RemoteRegistry - ok
17:38:15.0036 1880 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:38:15.0052 1880 RpcEptMapper - ok
17:38:15.0052 1880 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:38:15.0068 1880 RpcLocator - ok
17:38:15.0083 1880 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:38:15.0099 1880 RpcSs - ok
17:38:15.0114 1880 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:38:15.0130 1880 rspndr - ok
17:38:15.0161 1880 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:38:15.0177 1880 RTL8167 - ok
17:38:15.0208 1880 [ CAB06CA598638E0457E1DCF8CA824EC2 ] rusb3hub C:\Windows\system32\DRIVERS\rusb3hub.sys
17:38:15.0208 1880 rusb3hub - ok
17:38:15.0224 1880 [ F47E2920F2A8C34562AAE24B73800C5C ] rusb3xhc C:\Windows\system32\DRIVERS\rusb3xhc.sys
17:38:15.0239 1880 rusb3xhc - ok
17:38:15.0239 1880 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:38:15.0239 1880 SamSs - ok
17:38:15.0255 1880 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:38:15.0255 1880 sbp2port - ok
17:38:15.0380 1880 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:38:15.0395 1880 SBSDWSCService - ok
17:38:15.0411 1880 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:38:15.0426 1880 SCardSvr - ok
17:38:15.0504 1880 [ E25632DF954CE70928946BB36F829CF4 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
17:38:15.0520 1880 SCDEmu - ok
17:38:15.0536 1880 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:38:15.0567 1880 scfilter - ok
17:38:15.0629 1880 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:38:15.0645 1880 Schedule - ok
17:38:15.0660 1880 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:38:15.0692 1880 SCPolicySvc - ok
17:38:15.0692 1880 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:38:15.0707 1880 SDRSVC - ok
17:38:15.0723 1880 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:38:15.0738 1880 secdrv - ok
17:38:15.0738 1880 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:38:15.0754 1880 seclogon - ok
17:38:15.0770 1880 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:38:15.0785 1880 SENS - ok
17:38:15.0816 1880 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:38:15.0816 1880 SensrSvc - ok
17:38:15.0848 1880 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:38:15.0848 1880 Serenum - ok
17:38:15.0863 1880 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:38:15.0863 1880 Serial - ok
17:38:15.0879 1880 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:38:15.0879 1880 sermouse - ok
17:38:15.0894 1880 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:38:15.0926 1880 SessionEnv - ok
17:38:15.0941 1880 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:38:15.0957 1880 sffdisk - ok
17:38:15.0957 1880 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:38:15.0957 1880 sffp_mmc - ok
17:38:15.0957 1880 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:38:15.0972 1880 sffp_sd - ok
17:38:15.0972 1880 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:38:15.0972 1880 sfloppy - ok
17:38:15.0988 1880 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:38:16.0019 1880 SharedAccess - ok
17:38:16.0082 1880 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:38:16.0097 1880 ShellHWDetection - ok
17:38:16.0097 1880 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:38:16.0113 1880 SiSRaid2 - ok
17:38:16.0128 1880 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:38:16.0128 1880 SiSRaid4 - ok
17:38:16.0206 1880 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:38:16.0206 1880 SkypeUpdate - ok
17:38:16.0269 1880 slb - ok
17:38:16.0300 1880 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:38:16.0316 1880 Smb - ok
17:38:16.0331 1880 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:38:16.0331 1880 SNMPTRAP - ok
17:38:16.0347 1880 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:38:16.0347 1880 spldr - ok
17:38:16.0472 1880 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:38:16.0487 1880 Spooler - ok
17:38:16.0643 1880 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:38:16.0690 1880 sppsvc - ok
17:38:16.0706 1880 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:38:16.0721 1880 sppuinotify - ok
17:38:16.0752 1880 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:38:16.0752 1880 srv - ok
17:38:16.0768 1880 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:38:16.0768 1880 srv2 - ok
17:38:16.0784 1880 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:38:16.0784 1880 srvnet - ok
17:38:16.0799 1880 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:38:16.0830 1880 SSDPSRV - ok
17:38:16.0830 1880 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:38:16.0862 1880 SstpSvc - ok
17:38:16.0877 1880 Steam Client Service - ok
17:38:16.0924 1880 [ 2C25A72B53B28034BE260D81C4EA4955 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:38:16.0940 1880 Stereo Service - ok
17:38:16.0940 1880 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:38:16.0955 1880 stexstor - ok
17:38:16.0986 1880 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:38:16.0986 1880 stisvc - ok
17:38:17.0002 1880 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:38:17.0018 1880 swenum - ok
17:38:17.0018 1880 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:38:17.0049 1880 swprv - ok
17:38:17.0080 1880 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:38:17.0096 1880 SysMain - ok
17:38:17.0096 1880 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:38:17.0111 1880 TabletInputService - ok
17:38:17.0127 1880 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:38:17.0142 1880 TapiSrv - ok
17:38:17.0158 1880 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:38:17.0174 1880 TBS - ok
17:38:17.0220 1880 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:38:17.0252 1880 Tcpip - ok
17:38:17.0283 1880 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:38:17.0298 1880 TCPIP6 - ok
17:38:17.0330 1880 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:38:17.0330 1880 tcpipreg - ok
17:38:17.0361 1880 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:38:17.0376 1880 TDPIPE - ok
17:38:17.0408 1880 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:38:17.0423 1880 TDTCP - ok
17:38:17.0454 1880 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:38:17.0470 1880 tdx - ok
17:38:17.0564 1880 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:38:17.0610 1880 TeamViewer8 - ok
17:38:17.0626 1880 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:38:17.0642 1880 TermDD - ok
17:38:17.0657 1880 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:38:17.0673 1880 TermService - ok
17:38:17.0704 1880 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:38:17.0720 1880 Themes - ok
17:38:17.0735 1880 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:38:17.0766 1880 THREADORDER - ok
17:38:17.0766 1880 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:38:17.0782 1880 TrkWks - ok
17:38:17.0813 1880 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:38:17.0844 1880 TrustedInstaller - ok
17:38:17.0844 1880 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:38:17.0876 1880 tssecsrv - ok
17:38:17.0876 1880 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:38:17.0891 1880 TsUsbFlt - ok
17:38:17.0891 1880 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:38:17.0891 1880 TsUsbGD - ok
17:38:17.0922 1880 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:38:17.0938 1880 tunnel - ok
17:38:17.0954 1880 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:38:17.0969 1880 uagp35 - ok
17:38:17.0985 1880 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:38:18.0000 1880 udfs - ok
17:38:18.0047 1880 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:38:18.0063 1880 UI0Detect - ok
17:38:18.0078 1880 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:38:18.0078 1880 uliagpkx - ok
17:38:18.0094 1880 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:38:18.0094 1880 umbus - ok
17:38:18.0110 1880 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
17:38:18.0110 1880 UmPass - ok
17:38:18.0125 1880 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:38:18.0156 1880 upnphost - ok
17:38:18.0188 1880 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
17:38:18.0203 1880 USBAAPL64 - ok
17:38:18.0250 1880 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:38:18.0250 1880 usbaudio - ok
17:38:18.0266 1880 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:38:18.0281 1880 usbccgp - ok
17:38:18.0297 1880 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:38:18.0312 1880 usbcir - ok
17:38:18.0312 1880 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:38:18.0328 1880 usbehci - ok
17:38:18.0375 1880 [ 8B892002D7B79312821169A14317AB86 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:38:18.0375 1880 usbhub - ok
17:38:18.0390 1880 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:38:18.0390 1880 usbohci - ok
17:38:18.0422 1880 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:38:18.0422 1880 usbprint - ok
17:38:18.0437 1880 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:38:18.0453 1880 USBSTOR - ok
17:38:18.0484 1880 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:38:18.0484 1880 usbuhci - ok
17:38:18.0500 1880 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:38:18.0531 1880 UxSms - ok
17:38:18.0531 1880 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:38:18.0531 1880 VaultSvc - ok
17:38:18.0562 1880 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:38:18.0562 1880 vdrvroot - ok
17:38:18.0562 1880 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:38:18.0593 1880 vds - ok
17:38:18.0609 1880 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:38:18.0624 1880 vga - ok
17:38:18.0640 1880 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:38:18.0656 1880 VgaSave - ok
17:38:18.0671 1880 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:38:18.0687 1880 vhdmp - ok
17:38:18.0687 1880 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:38:18.0702 1880 viaide - ok
17:38:18.0718 1880 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:38:18.0718 1880 volmgr - ok
17:38:18.0734 1880 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:38:18.0734 1880 volmgrx - ok
17:38:18.0765 1880 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:38:18.0765 1880 volsnap - ok
17:38:18.0780 1880 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:38:18.0780 1880 vsmraid - ok
17:38:18.0812 1880 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:38:18.0843 1880 VSS - ok
17:38:18.0890 1880 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:38:18.0905 1880 vwifibus - ok
17:38:18.0921 1880 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:38:18.0921 1880 vwififlt - ok
17:38:18.0936 1880 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:38:18.0952 1880 vwifimp - ok
17:38:18.0968 1880 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:38:18.0999 1880 W32Time - ok
17:38:18.0999 1880 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:38:18.0999 1880 WacomPen - ok
17:38:19.0014 1880 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:38:19.0030 1880 WANARP - ok
17:38:19.0030 1880 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:38:19.0061 1880 Wanarpv6 - ok
17:38:19.0124 1880 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:38:19.0139 1880 WatAdminSvc - ok
17:38:19.0170 1880 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:38:19.0186 1880 wbengine - ok
17:38:19.0202 1880 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:38:19.0217 1880 WbioSrvc - ok
17:38:19.0217 1880 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:38:19.0233 1880 wcncsvc - ok
17:38:19.0233 1880 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:38:19.0248 1880 WcsPlugInService - ok
17:38:19.0248 1880 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:38:19.0248 1880 Wd - ok
17:38:19.0311 1880 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:38:19.0326 1880 Wdf01000 - ok
17:38:19.0342 1880 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:38:19.0358 1880 WdiServiceHost - ok
17:38:19.0358 1880 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:38:19.0358 1880 WdiSystemHost - ok
17:38:19.0436 1880 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:38:19.0451 1880 WebClient - ok
17:38:19.0467 1880 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:38:19.0498 1880 Wecsvc - ok
17:38:19.0514 1880 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:38:19.0529 1880 wercplsupport - ok
17:38:19.0560 1880 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:38:19.0576 1880 WerSvc - ok
17:38:19.0607 1880 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:38:19.0623 1880 WfpLwf - ok
17:38:19.0638 1880 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:38:19.0654 1880 WIMMount - ok
17:38:19.0670 1880 WinDefend - ok
17:38:19.0670 1880 WinHttpAutoProxySvc - ok
17:38:20.0075 1880 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:38:20.0091 1880 Winmgmt - ok
17:38:20.0434 1880 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:38:20.0465 1880 WinRM - ok
17:38:20.0606 1880 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:38:20.0621 1880 WinUsb - ok
17:38:20.0793 1880 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:38:20.0808 1880 Wlansvc - ok
17:38:21.0105 1880 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:38:21.0136 1880 wlidsvc - ok
17:38:21.0152 1880 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:38:21.0152 1880 WmiAcpi - ok
17:38:21.0167 1880 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:38:21.0167 1880 wmiApSrv - ok
17:38:21.0183 1880 WMPNetworkSvc - ok
17:38:21.0198 1880 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:38:21.0198 1880 WPCSvc - ok
17:38:21.0214 1880 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:38:21.0214 1880 WPDBusEnum - ok
17:38:21.0230 1880 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:38:21.0245 1880 ws2ifsl - ok
17:38:21.0261 1880 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:38:21.0276 1880 wscsvc - ok
17:38:21.0276 1880 WSearch - ok
17:38:21.0339 1880 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:38:21.0370 1880 wuauserv - ok
17:38:21.0417 1880 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:38:21.0432 1880 WudfPf - ok
17:38:21.0479 1880 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:38:21.0479 1880 WUDFRd - ok
17:38:21.0526 1880 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:38:21.0526 1880 wudfsvc - ok
17:38:21.0557 1880 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:38:21.0573 1880 WwanSvc - ok
17:38:21.0635 1880 X6va008 - ok
17:38:21.0682 1880 X6va009 - ok
17:38:21.0729 1880 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
17:38:21.0729 1880 xusb21 - ok
17:38:21.0744 1880 ================ Scan global ===============================
17:38:21.0760 1880 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:38:21.0791 1880 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:38:21.0791 1880 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:38:21.0854 1880 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:38:21.0854 1880 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:38:21.0854 1880 [Global] - ok
17:38:21.0854 1880 ================ Scan MBR ==================================
17:38:21.0869 1880 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:38:21.0994 1880 \Device\Harddisk0\DR0 - ok
17:38:21.0994 1880 ================ Scan VBR ==================================
17:38:22.0056 1880 [ 7314A3C3664F10645B81183F2BFC6382 ] \Device\Harddisk0\DR0\Partition1
17:38:22.0056 1880 \Device\Harddisk0\DR0\Partition1 - ok
17:38:22.0056 1880 [ 29D62EFA13D609FCC75B02DDC0771D8C ] \Device\Harddisk0\DR0\Partition2
17:38:22.0056 1880 \Device\Harddisk0\DR0\Partition2 - ok
17:38:22.0072 1880 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:38:22.0072 1880 \Device\Harddisk0\DR0\Partition3 - ok
17:38:22.0072 1880 [ BF801970FE2FD0E2489ABE413E1B4D1B ] \Device\Harddisk0\DR0\Partition4
17:38:22.0072 1880 \Device\Harddisk0\DR0\Partition4 - ok
17:38:22.0088 1880 [ 152D1E4BF321F805206C5AC69AE7BA31 ] \Device\Harddisk0\DR0\Partition5
17:38:22.0088 1880 \Device\Harddisk0\DR0\Partition5 - ok
17:38:22.0088 1880 ================ Scan active images ========================
17:38:22.0088 1880 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:38:22.0088 1880 C:\Windows\System32\drivers\crashdmp.sys - ok
17:38:22.0088 1880 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
17:38:22.0088 1880 C:\Windows\System32\drivers\Dumpata.sys - ok
17:38:22.0088 1880 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:38:22.0088 1880 C:\Windows\System32\drivers\dumpfve.sys - ok
17:38:22.0088 1880 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
17:38:22.0088 1880 C:\Windows\System32\drivers\msahci.sys - ok
17:38:22.0103 1880 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
17:38:22.0103 1880 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\beep.sys - ok
17:38:22.0103 1880 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\cdrom.sys - ok
17:38:22.0103 1880 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\luafv.sys - ok
17:38:22.0103 1880 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\msfs.sys - ok
17:38:22.0103 1880 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\npfs.sys - ok
17:38:22.0103 1880 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\null.sys - ok
17:38:22.0103 1880 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:38:22.0103 1880 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:38:22.0103 1880 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:38:22.0119 1880 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:38:22.0119 1880 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\vga.sys - ok
17:38:22.0119 1880 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\videoprt.sys - ok
17:38:22.0119 1880 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\watchdog.sys - ok
17:38:22.0119 1880 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\afd.sys - ok
17:38:22.0119 1880 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\netbt.sys - ok
17:38:22.0119 1880 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\pacer.sys - ok
17:38:22.0119 1880 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\tdi.sys - ok
17:38:22.0119 1880 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:38:22.0119 1880 C:\Windows\System32\drivers\tdx.sys - ok
17:38:22.0134 1880 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\vwififlt.sys - ok
17:38:22.0134 1880 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\wfplwf.sys - ok
17:38:22.0134 1880 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\ws2ifsl.sys - ok
17:38:22.0134 1880 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\blbdrive.sys - ok
17:38:22.0134 1880 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\dfsc.sys - ok
17:38:22.0134 1880 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\discache.sys - ok
17:38:22.0134 1880 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\mssmbios.sys - ok
17:38:22.0134 1880 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:38:22.0134 1880 C:\Windows\System32\drivers\netbios.sys - ok
17:38:22.0150 1880 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:38:22.0150 1880 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\rdbss.sys - ok
17:38:22.0150 1880 [ E25632DF954CE70928946BB36F829CF4 ] C:\Windows\System32\drivers\scdemu.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\scdemu.sys - ok
17:38:22.0150 1880 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\termdd.sys - ok
17:38:22.0150 1880 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\wanarp.sys - ok
17:38:22.0150 1880 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:38:22.0150 1880 C:\Windows\System32\drivers\tunnel.sys - ok
17:38:22.0150 1880 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:38:22.0150 1880 C:\Windows\System32\ntdll.dll - ok
17:38:22.0150 1880 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:38:22.0150 1880 C:\Windows\System32\smss.exe - ok
17:38:22.0150 1880 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:38:22.0150 1880 C:\Windows\System32\autochk.exe - ok
17:38:22.0166 1880 [ 39DEFE644321F9A4B7F527664F628DEA ] C:\Windows\System32\drivers\nvlddmkm.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\nvlddmkm.sys - ok
17:38:22.0166 1880 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\fastfat.sys - ok
17:38:22.0166 1880 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:38:22.0166 1880 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:38:22.0166 1880 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:38:22.0166 1880 [ 10BB0DC3361C9420CC1B0B2128BB89DB ] C:\Windows\System32\drivers\igdkmd64.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:38:22.0166 1880 [ 6B01B7414A105B9E51652089A03027CF ] C:\Windows\System32\drivers\HECIx64.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\HECIx64.sys - ok
17:38:22.0166 1880 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\usbehci.sys - ok
17:38:22.0166 1880 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:38:22.0166 1880 C:\Windows\System32\drivers\usbport.sys - ok
17:38:22.0181 1880 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\Rt64win7.sys - ok
17:38:22.0181 1880 [ F47E2920F2A8C34562AAE24B73800C5C ] C:\Windows\System32\drivers\rusb3xhc.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\rusb3xhc.sys - ok
17:38:22.0181 1880 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\usbd.sys - ok
17:38:22.0181 1880 [ 5493ED5D300AFC7A9A0A87FCA08E5381 ] C:\Windows\System32\drivers\athrx.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\athrx.sys - ok
17:38:22.0181 1880 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\vwifibus.sys - ok
17:38:22.0181 1880 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
17:38:22.0181 1880 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\intelppm.sys - ok
17:38:22.0181 1880 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:38:22.0181 1880 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:38:22.0181 1880 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:38:22.0197 1880 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\agilevpn.sys - ok
17:38:22.0197 1880 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\ndistapi.sys - ok
17:38:22.0197 1880 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:38:22.0197 1880 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\ndiswan.sys - ok
17:38:22.0197 1880 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\raspppoe.sys - ok
17:38:22.0197 1880 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\raspptp.sys - ok
17:38:22.0197 1880 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\kbdclass.sys - ok
17:38:22.0197 1880 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:38:22.0197 1880 C:\Windows\System32\drivers\mouclass.sys - ok
17:38:22.0212 1880 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\rassstp.sys - ok
17:38:22.0212 1880 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\ks.sys - ok
17:38:22.0212 1880 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\swenum.sys - ok
17:38:22.0212 1880 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\umbus.sys - ok
17:38:22.0212 1880 [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\usbhub.sys - ok
17:38:22.0212 1880 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\ndproxy.sys - ok
17:38:22.0212 1880 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\drmk.sys - ok
17:38:22.0212 1880 [ 5F1FF880ADACF7E0FF7C27BA188B05DA ] C:\Windows\System32\drivers\nvhda64v.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\nvhda64v.sys - ok
17:38:22.0212 1880 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:38:22.0212 1880 C:\Windows\System32\drivers\portcls.sys - ok
17:38:22.0228 1880 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:38:22.0228 1880 C:\Windows\System32\drivers\ksthunk.sys - ok
17:38:22.0228 1880 [ CAB06CA598638E0457E1DCF8CA824EC2 ] C:\Windows\System32\drivers\rusb3hub.sys
17:38:22.0228 1880 C:\Windows\System32\drivers\rusb3hub.sys - ok
17:38:22.0228 1880 [ F34322B229C05B88E768508431E0894E ] C:\Windows\System32\drivers\RTKVHD64.sys
17:38:22.0228 1880 C:\Windows\System32\drivers\RTKVHD64.sys - ok
17:38:22.0228 1880 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
17:38:22.0228 1880 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:38:22.0228 1880 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:38:22.0228 1880 C:\Windows\System32\msvcrt.dll - ok
17:38:22.0228 1880 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:38:22.0228 1880 C:\Windows\System32\sechost.dll - ok
17:38:22.0228 1880 [ FF1AAEDD4A1A0FC3C5ED66B4EE0B254A ] C:\Windows\System32\urlmon.dll
17:38:22.0228 1880 C:\Windows\System32\urlmon.dll - ok
17:38:22.0228 1880 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:38:22.0228 1880 C:\Windows\System32\ole32.dll - ok
17:38:22.0228 1880 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:38:22.0228 1880 C:\Windows\System32\Wldap32.dll - ok
17:38:22.0244 1880 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:38:22.0244 1880 C:\Windows\System32\lpk.dll - ok
17:38:22.0244 1880 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:38:22.0244 1880 C:\Windows\System32\advapi32.dll - ok
17:38:22.0244 1880 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:38:22.0244 1880 C:\Windows\System32\shlwapi.dll - ok
17:38:22.0244 1880 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:38:22.0244 1880 C:\Windows\System32\oleaut32.dll - ok
17:38:22.0244 1880 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:38:22.0244 1880 C:\Windows\System32\rpcrt4.dll - ok
17:38:22.0244 1880 [ FA274190682AA41A46B285208ED46A74 ] C:\Windows\System32\wininet.dll
17:38:22.0244 1880 C:\Windows\System32\wininet.dll - ok
17:38:22.0244 1880 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:38:22.0244 1880 C:\Windows\System32\ws2_32.dll - ok
17:38:22.0244 1880 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:38:22.0244 1880 C:\Windows\System32\shell32.dll - ok
17:38:22.0244 1880 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:38:22.0244 1880 C:\Windows\System32\comdlg32.dll - ok
17:38:22.0259 1880 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:38:22.0259 1880 C:\Windows\System32\difxapi.dll - ok
17:38:22.0259 1880 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:38:22.0259 1880 C:\Windows\System32\clbcatq.dll - ok
17:38:22.0259 1880 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:38:22.0259 1880 C:\Windows\System32\imagehlp.dll - ok
17:38:22.0259 1880 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:38:22.0259 1880 C:\Windows\System32\setupapi.dll - ok
17:38:22.0259 1880 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
17:38:22.0259 1880 C:\Windows\System32\usp10.dll - ok
17:38:22.0259 1880 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:38:22.0259 1880 C:\Windows\System32\psapi.dll - ok
17:38:22.0259 1880 [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
17:38:22.0259 1880 C:\Windows\System32\drivers\usbccgp.sys - ok
17:38:22.0259 1880 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
17:38:22.0259 1880 C:\Windows\System32\drivers\hidparse.sys - ok
17:38:22.0259 1880 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
17:38:22.0259 1880 C:\Windows\System32\kernel32.dll - ok
17:38:22.0275 1880 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
17:38:22.0275 1880 C:\Windows\System32\drivers\hidclass.sys - ok
17:38:22.0275 1880 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
17:38:22.0275 1880 C:\Windows\System32\drivers\hidusb.sys - ok
17:38:22.0275 1880 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
17:38:22.0275 1880 C:\Windows\System32\drivers\kbdhid.sys - ok
17:38:22.0275 1880 [ 241F2648ADF090E2A10095BD6D6F5DCB ] C:\Windows\System32\drivers\LHidFilt.Sys
17:38:22.0275 1880 C:\Windows\System32\drivers\LHidFilt.Sys - ok
17:38:22.0275 1880 [ 342ED5A4B3326014438F36D22D803737 ] C:\Windows\System32\drivers\LMouFilt.Sys
17:38:22.0275 1880 C:\Windows\System32\drivers\LMouFilt.Sys - ok
17:38:22.0275 1880 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
17:38:22.0275 1880 C:\Windows\System32\drivers\mouhid.sys - ok
17:38:22.0275 1880 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:38:22.0275 1880 C:\Windows\System32\imm32.dll - ok
17:38:22.0275 1880 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:38:22.0275 1880 C:\Windows\System32\normaliz.dll - ok
17:38:22.0275 1880 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:38:22.0275 1880 C:\Windows\System32\user32.dll - ok
17:38:22.0290 1880 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:38:22.0290 1880 C:\Windows\System32\msctf.dll - ok
17:38:22.0290 1880 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:38:22.0290 1880 C:\Windows\System32\nsi.dll - ok
17:38:22.0290 1880 [ A54A16DAE7497CDCB8C5A021C0F6FEB8 ] C:\Windows\System32\iertutil.dll
17:38:22.0290 1880 C:\Windows\System32\iertutil.dll - ok
17:38:22.0290 1880 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:38:22.0290 1880 C:\Windows\System32\gdi32.dll - ok
17:38:22.0290 1880 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:38:22.0290 1880 C:\Windows\System32\devobj.dll - ok
17:38:22.0290 1880 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:38:22.0290 1880 C:\Windows\System32\crypt32.dll - ok
17:38:22.0290 1880 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:38:22.0290 1880 C:\Windows\System32\comctl32.dll - ok
17:38:22.0290 1880 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
17:38:22.0290 1880 C:\Windows\System32\KernelBase.dll - ok
17:38:22.0290 1880 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:38:22.0290 1880 C:\Windows\System32\cfgmgr32.dll - ok
17:38:22.0306 1880 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:38:22.0306 1880 C:\Windows\System32\msasn1.dll - ok
17:38:22.0306 1880 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:38:22.0306 1880 C:\Windows\System32\wintrust.dll - ok
17:38:22.0306 1880 [ 38F55D07B1D3391065C40EC065F984E2 ] C:\Windows\System32\drivers\xusb21.sys
17:38:22.0306 1880 C:\Windows\System32\drivers\xusb21.sys - ok
17:38:22.0306 1880 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:38:22.0306 1880 C:\Windows\SysWOW64\normaliz.dll - ok
17:38:22.0306 1880 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:38:22.0306 1880 C:\Windows\System32\drivers\dxapi.sys - ok
17:38:22.0306 1880 [ 59E21156113E438D1D91AF4FC0C3B19F ] C:\Windows\System32\win32k.sys
17:38:22.0306 1880 C:\Windows\System32\win32k.sys - ok
17:38:22.0306 1880 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:38:22.0306 1880 C:\Windows\System32\csrsrv.dll - ok
17:38:22.0306 1880 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:38:22.0306 1880 C:\Windows\System32\csrss.exe - ok
17:38:22.0306 1880 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:38:22.0306 1880 C:\Windows\System32\basesrv.dll - ok
17:38:22.0322 1880 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
17:38:22.0322 1880 C:\Windows\System32\winsrv.dll - ok
17:38:22.0322 1880 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:38:22.0322 1880 C:\Windows\System32\drivers\monitor.sys - ok
17:38:22.0322 1880 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:38:22.0322 1880 C:\Windows\System32\sxssrv.dll - ok
17:38:22.0322 1880 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:38:22.0322 1880 C:\Windows\System32\tsddd.dll - ok
17:38:22.0322 1880 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:38:22.0322 1880 C:\Windows\System32\wininit.exe - ok
17:38:22.0322 1880 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:38:22.0322 1880 C:\Windows\System32\cdd.dll - ok
17:38:22.0322 1880 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:38:22.0322 1880 C:\Windows\System32\profapi.dll - ok
17:38:22.0322 1880 [ 5B0B86BD58D4C5C783DCFE9357A1273E ] C:\Windows\System32\nvinitx.dll
17:38:22.0322 1880 C:\Windows\System32\nvinitx.dll - ok
17:38:22.0322 1880 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:38:22.0322 1880 C:\Windows\System32\KBDUS.DLL - ok
17:38:22.0337 1880 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:38:22.0337 1880 C:\Windows\System32\RpcRtRemote.dll - ok
17:38:22.0337 1880 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:38:22.0337 1880 C:\Windows\System32\apphelp.dll - ok
17:38:22.0337 1880 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:38:22.0337 1880 C:\Windows\System32\WlS0WndH.dll - ok
17:38:22.0337 1880 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:38:22.0337 1880 C:\Windows\System32\services.exe - ok
17:38:22.0337 1880 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:38:22.0337 1880 C:\Windows\System32\winlogon.exe - ok
17:38:22.0337 1880 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:38:22.0337 1880 C:\Windows\System32\winsta.dll - ok
17:38:22.0337 1880 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:38:22.0337 1880 C:\Windows\System32\sxs.dll - ok
17:38:22.0337 1880 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:38:22.0337 1880 C:\Windows\System32\cryptbase.dll - ok
17:38:22.0337 1880 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:38:22.0337 1880 C:\Windows\System32\lsass.exe - ok
17:38:22.0353 1880 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:38:22.0353 1880 C:\Windows\System32\sspicli.dll - ok
17:38:22.0353 1880 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:38:22.0353 1880 C:\Windows\System32\lsasrv.dll - ok
17:38:22.0353 1880 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:38:22.0353 1880 C:\Windows\System32\lsm.exe - ok
17:38:22.0353 1880 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:38:22.0353 1880 C:\Windows\System32\scesrv.dll - ok
17:38:22.0353 1880 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:38:22.0353 1880 C:\Windows\System32\scext.dll - ok
17:38:22.0353 1880 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:38:22.0353 1880 C:\Windows\System32\secur32.dll - ok
17:38:22.0353 1880 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:38:22.0353 1880 C:\Windows\System32\sspisrv.dll - ok
17:38:22.0353 1880 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:38:22.0353 1880 C:\Windows\System32\samsrv.dll - ok
17:38:22.0353 1880 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:38:22.0353 1880 C:\Windows\System32\sysntfy.dll - ok
17:38:22.0368 1880 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:38:22.0368 1880 C:\Windows\System32\wmsgapi.dll - ok
17:38:22.0368 1880 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:38:22.0368 1880 C:\Windows\System32\cryptdll.dll - ok
17:38:22.0368 1880 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:38:22.0368 1880 C:\Windows\System32\srvcli.dll - ok
17:38:22.0368 1880 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:38:22.0368 1880 C:\Windows\System32\authz.dll - ok
17:38:22.0368 1880 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:38:22.0368 1880 C:\Windows\System32\cngaudit.dll - ok
17:38:22.0368 1880 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:38:22.0368 1880 C:\Windows\System32\wevtapi.dll - ok
17:38:22.0368 1880 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
17:38:22.0368 1880 C:\Windows\System32\ncrypt.dll - ok
17:38:22.0368 1880 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:38:22.0368 1880 C:\Windows\System32\bcrypt.dll - ok
17:38:22.0368 1880 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:38:22.0368 1880 C:\Windows\System32\msprivs.dll - ok
17:38:22.0384 1880 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:38:22.0384 1880 C:\Windows\System32\negoexts.dll - ok
17:38:22.0384 1880 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:38:22.0384 1880 C:\Windows\System32\netjoin.dll - ok
17:38:22.0384 1880 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:38:22.0384 1880 C:\Windows\System32\kerberos.dll - ok
17:38:22.0384 1880 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:38:22.0384 1880 C:\Windows\System32\cryptsp.dll - ok
17:38:22.0384 1880 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:38:22.0384 1880 C:\Windows\System32\msv1_0.dll - ok
17:38:22.0384 1880 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:38:22.0384 1880 C:\Windows\System32\mswsock.dll - ok
17:38:22.0384 1880 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:38:22.0384 1880 C:\Windows\System32\wship6.dll - ok
17:38:22.0384 1880 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:38:22.0384 1880 C:\Windows\System32\netlogon.dll - ok
17:38:22.0384 1880 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
17:38:22.0384 1880 C:\Windows\System32\atmfd.dll - ok
17:38:22.0400 1880 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:38:22.0400 1880 C:\Windows\System32\dnsapi.dll - ok
17:38:22.0400 1880 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:38:22.0400 1880 C:\Windows\System32\logoncli.dll - ok
17:38:22.0400 1880 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:38:22.0400 1880 C:\Windows\System32\schannel.dll - ok
17:38:22.0400 1880 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:38:22.0400 1880 C:\Windows\System32\wdigest.dll - ok
17:38:22.0400 1880 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:38:22.0400 1880 C:\Windows\System32\bcryptprimitives.dll - ok
17:38:22.0400 1880 [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
17:38:22.0400 1880 C:\Windows\System32\LIVESSP.DLL - ok
17:38:22.0400 1880 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:38:22.0400 1880 C:\Windows\System32\pku2u.dll - ok
17:38:22.0400 1880 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:38:22.0400 1880 C:\Windows\System32\rsaenh.dll - ok
17:38:22.0400 1880 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:38:22.0400 1880 C:\Windows\System32\TSpkg.dll - ok
17:38:22.0415 1880 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:38:22.0415 1880 C:\Windows\System32\efslsaext.dll - ok
17:38:22.0415 1880 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:38:22.0415 1880 C:\Windows\System32\credssp.dll - ok
17:38:22.0415 1880 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:38:22.0415 1880 C:\Windows\System32\scecli.dll - ok
17:38:22.0415 1880 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:38:22.0415 1880 C:\Windows\System32\ubpm.dll - ok
17:38:22.0415 1880 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:38:22.0415 1880 C:\Windows\System32\devrtl.dll - ok
17:38:22.0415 1880 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:38:22.0415 1880 C:\Windows\System32\SPInf.dll - ok
17:38:22.0415 1880 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:38:22.0415 1880 C:\Windows\System32\svchost.exe - ok
17:38:22.0415 1880 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:38:22.0415 1880 C:\Windows\System32\umpnpmgr.dll - ok
17:38:22.0415 1880 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:38:22.0415 1880 C:\Windows\System32\gpapi.dll - ok
17:38:22.0431 1880 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:38:22.0431 1880 C:\Windows\System32\userenv.dll - ok
17:38:22.0431 1880 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:38:22.0431 1880 C:\Windows\System32\pcwum.dll - ok
17:38:22.0431 1880 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
17:38:22.0431 1880 C:\Windows\System32\umpo.dll - ok
17:38:22.0431 1880 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
17:38:22.0431 1880 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:38:22.0431 1880 [ A8BD627C6B78745CE8D591E9636E533F ] C:\Windows\System32\nvvsvc.exe
17:38:22.0431 1880 C:\Windows\System32\nvvsvc.exe - ok
17:38:22.0431 1880 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:38:22.0431 1880 C:\Windows\System32\powrprof.dll - ok
17:38:22.0431 1880 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:38:22.0431 1880 C:\Windows\System32\wtsapi32.dll - ok
17:38:22.0431 1880 [ 2C25A72B53B28034BE260D81C4EA4955 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:38:22.0431 1880 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
17:38:22.0431 1880 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:38:22.0431 1880 C:\Windows\SysWOW64\ntdll.dll - ok
17:38:22.0446 1880 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
17:38:22.0446 1880 C:\Windows\System32\wow64.dll - ok
17:38:22.0446 1880 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
17:38:22.0446 1880 C:\Windows\System32\wow64cpu.dll - ok
17:38:22.0446 1880 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
17:38:22.0446 1880 C:\Windows\System32\wow64win.dll - ok
17:38:22.0446 1880 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\kernel32.dll - ok
17:38:22.0446 1880 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\KernelBase.dll - ok
17:38:22.0446 1880 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\msvcrt.dll - ok
17:38:22.0446 1880 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\version.dll - ok
17:38:22.0446 1880 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\setupapi.dll - ok
17:38:22.0446 1880 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:38:22.0446 1880 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:38:22.0462 1880 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:38:22.0462 1880 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\advapi32.dll - ok
17:38:22.0462 1880 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\cryptbase.dll - ok
17:38:22.0462 1880 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\sechost.dll - ok
17:38:22.0462 1880 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\sspicli.dll - ok
17:38:22.0462 1880 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\gdi32.dll - ok
17:38:22.0462 1880 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\user32.dll - ok
17:38:22.0462 1880 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\lpk.dll - ok
17:38:22.0462 1880 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
17:38:22.0462 1880 C:\Windows\SysWOW64\usp10.dll - ok
17:38:22.0478 1880 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\ole32.dll - ok
17:38:22.0478 1880 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\oleaut32.dll - ok
17:38:22.0478 1880 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\devobj.dll - ok
17:38:22.0478 1880 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
17:38:22.0478 1880 C:\Windows\SysWOW64\winspool.drv - ok
17:38:22.0478 1880 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\imm32.dll - ok
17:38:22.0478 1880 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\msctf.dll - ok
17:38:22.0478 1880 [ C195095CF5763B0BE03327C292CE9948 ] C:\Windows\SysWOW64\nvinit.dll
17:38:22.0478 1880 C:\Windows\SysWOW64\nvinit.dll - ok
17:38:22.0478 1880 [ 0FE5CB22018CA4CEB02C55BC0A209D50 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
17:38:22.0478 1880 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
17:38:22.0478 1880 [ 38B12BA9AD510D21259219DA7D263F10 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
17:38:22.0478 1880 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
17:38:22.0493 1880 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:38:22.0493 1880 C:\Windows\System32\rpcss.dll - ok
17:38:22.0493 1880 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:38:22.0493 1880 C:\Windows\SysWOW64\wintrust.dll - ok
17:38:22.0493 1880 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:38:22.0493 1880 C:\Windows\SysWOW64\crypt32.dll - ok
17:38:22.0493 1880 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:38:22.0493 1880 C:\Windows\SysWOW64\msasn1.dll - ok
17:38:22.0493 1880 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
17:38:22.0493 1880 C:\Windows\SysWOW64\ntmarta.dll - ok
17:38:22.0493 1880 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
17:38:22.0493 1880 C:\Windows\SysWOW64\Wldap32.dll - ok
17:38:22.0493 1880 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:38:22.0493 1880 C:\Windows\System32\RpcEpMap.dll - ok
17:38:22.0493 1880 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:38:22.0493 1880 C:\Windows\System32\WSHTCPIP.DLL - ok
17:38:22.0493 1880 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:38:22.0493 1880 C:\Windows\System32\wshqos.dll - ok
17:38:22.0509 1880 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:38:22.0509 1880 C:\Windows\System32\FirewallAPI.dll - ok
17:38:22.0509 1880 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:38:22.0509 1880 C:\Windows\System32\version.dll - ok
17:38:22.0509 1880 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:38:22.0509 1880 C:\Windows\System32\authui.dll - ok
17:38:22.0509 1880 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:38:22.0509 1880 C:\Windows\System32\LogonUI.exe - ok
17:38:22.0509 1880 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:38:22.0509 1880 C:\Windows\System32\wevtsvc.dll - ok
17:38:22.0509 1880 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
17:38:22.0509 1880 C:\Windows\SysWOW64\devrtl.dll - ok
17:38:22.0509 1880 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
17:38:22.0509 1880 C:\Windows\SysWOW64\SPInf.dll - ok
17:38:22.0509 1880 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:38:22.0509 1880 C:\Windows\System32\cryptui.dll - ok
17:38:22.0509 1880 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:38:22.0509 1880 C:\Windows\System32\audiosrv.dll - ok
17:38:22.0524 1880 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:38:22.0524 1880 C:\Windows\System32\avrt.dll - ok
17:38:22.0524 1880 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:38:22.0524 1880 C:\Windows\System32\mmcss.dll - ok
17:38:22.0524 1880 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:38:22.0524 1880 C:\Windows\System32\MMDevAPI.dll - ok
17:38:22.0524 1880 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:38:22.0524 1880 C:\Windows\System32\propsys.dll - ok
17:38:22.0524 1880 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:38:22.0524 1880 C:\Windows\System32\netprofm.dll - ok
17:38:22.0524 1880 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:38:22.0524 1880 C:\Windows\System32\ntmarta.dll - ok
17:38:22.0524 1880 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:38:22.0524 1880 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:38:22.0524 1880 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:38:22.0524 1880 C:\Windows\System32\samlib.dll - ok
17:38:22.0524 1880 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:38:22.0524 1880 C:\Windows\System32\shacct.dll - ok
17:38:22.0540 1880 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
17:38:22.0540 1880 C:\Windows\System32\audiodg.exe - ok
17:38:22.0540 1880 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:38:22.0540 1880 C:\Windows\System32\uxtheme.dll - ok
17:38:22.0540 1880 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
17:38:22.0540 1880 C:\Windows\System32\gpsvc.dll - ok
17:38:22.0540 1880 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:38:22.0540 1880 C:\Windows\System32\atl.dll - ok
17:38:22.0540 1880 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:38:22.0540 1880 C:\Windows\System32\dsrole.dll - ok
17:38:22.0540 1880 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:38:22.0540 1880 C:\Windows\System32\nlaapi.dll - ok
17:38:22.0540 1880 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:38:22.0540 1880 C:\Windows\System32\profsvc.dll - ok
17:38:22.0540 1880 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:38:22.0540 1880 C:\Windows\System32\slc.dll - ok
17:38:22.0540 1880 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
17:38:22.0540 1880 C:\Windows\System32\themeservice.dll - ok
17:38:22.0556 1880 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:38:22.0556 1880 C:\Windows\System32\es.dll - ok
17:38:22.0556 1880 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
17:38:22.0556 1880 C:\Windows\System32\Sens.dll - ok
17:38:22.0556 1880 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
17:38:22.0556 1880 C:\Windows\System32\uxsms.dll - ok
17:38:22.0556 1880 [ CAEAA16039485B2D3BB069C1107442A5 ] C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
17:38:22.0556 1880 C:\Program Files\Logitech\SolarApp\L4301_Solar.exe - ok
17:38:22.0556 1880 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:38:22.0556 1880 C:\Windows\System32\hid.dll - ok
17:38:22.0556 1880 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:38:22.0556 1880 C:\Windows\System32\comres.dll - ok
17:38:22.0556 1880 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
17:38:22.0556 1880 C:\Windows\System32\WUDFSvc.dll - ok
17:38:22.0556 1880 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
17:38:22.0556 1880 C:\Windows\System32\WUDFPlatform.dll - ok
17:38:22.0556 1880 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
17:38:22.0556 1880 C:\Windows\System32\drivers\lltdio.sys - ok
17:38:22.0571 1880 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:38:22.0571 1880 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:38:22.0571 1880 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
17:38:22.0571 1880 C:\Windows\System32\drivers\nwifi.sys - ok
17:38:22.0571 1880 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:38:22.0571 1880 C:\Windows\System32\dhcpcore.dll - ok
17:38:22.0571 1880 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
17:38:22.0571 1880 C:\Windows\System32\drivers\ndisuio.sys - ok
17:38:22.0571 1880 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
17:38:22.0571 1880 C:\Windows\System32\drivers\rspndr.sys - ok
17:38:22.0571 1880 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:38:22.0571 1880 C:\Windows\System32\IPHLPAPI.DLL - ok
17:38:22.0571 1880 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:38:22.0571 1880 C:\Windows\System32\lmhsvc.dll - ok
17:38:22.0571 1880 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:38:22.0571 1880 C:\Windows\System32\nrpsrv.dll - ok
17:38:22.0571 1880 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:38:22.0571 1880 C:\Windows\System32\nsisvc.dll - ok
17:38:22.0587 1880 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:38:22.0587 1880 C:\Windows\System32\winnsi.dll - ok
17:38:22.0587 1880 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:38:22.0587 1880 C:\Windows\System32\dnsrslvr.dll - ok
17:38:22.0587 1880 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
17:38:22.0587 1880 C:\Windows\System32\eapphost.dll - ok
17:38:22.0587 1880 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:38:22.0587 1880 C:\Windows\System32\eapsvc.dll - ok
17:38:22.0587 1880 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:38:22.0587 1880 C:\Windows\System32\FWPUCLNT.DLL - ok
17:38:22.0587 1880 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:38:22.0587 1880 C:\Windows\System32\keyiso.dll - ok
17:38:22.0587 1880 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:38:22.0587 1880 C:\Windows\System32\dui70.dll - ok
17:38:22.0587 1880 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:38:22.0587 1880 C:\Windows\System32\dhcpcore6.dll - ok
17:38:22.0587 1880 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:38:22.0587 1880 C:\Windows\System32\dnsext.dll - ok
17:38:22.0602 1880 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:38:22.0602 1880 C:\Windows\System32\dhcpcsvc6.dll - ok
17:38:22.0602 1880 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:38:22.0602 1880 C:\Windows\System32\dhcpcsvc.dll - ok
17:38:22.0602 1880 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
17:38:22.0602 1880 C:\Windows\System32\wlanmsm.dll - ok
17:38:22.0602 1880 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
17:38:22.0602 1880 C:\Windows\System32\wlansec.dll - ok
17:38:22.0602 1880 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
17:38:22.0602 1880 C:\Windows\System32\wlansvc.dll - ok
17:38:22.0602 1880 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:38:22.0602 1880 C:\Windows\System32\eappcfg.dll - ok
17:38:22.0602 1880 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:38:22.0602 1880 C:\Windows\System32\eappprxy.dll - ok
17:38:22.0602 1880 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:38:22.0602 1880 C:\Windows\System32\onex.dll - ok
17:38:22.0602 1880 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
17:38:22.0602 1880 C:\Windows\System32\l2gpstore.dll - ok
17:38:22.0618 1880 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
17:38:22.0618 1880 C:\Windows\System32\WinSCard.dll - ok
17:38:22.0618 1880 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:38:22.0618 1880 C:\Windows\System32\wlanutil.dll - ok
17:38:22.0618 1880 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
17:38:22.0618 1880 C:\Windows\System32\wlgpclnt.dll - ok
17:38:22.0618 1880 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
17:38:22.0618 1880 C:\Windows\System32\msxml6.dll - ok
17:38:22.0618 1880 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
17:38:22.0618 1880 C:\Windows\System32\umb.dll - ok
17:38:22.0618 1880 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:38:22.0618 1880 C:\Windows\System32\duser.dll - ok
17:38:22.0618 1880 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:38:22.0618 1880 C:\Windows\System32\dwmapi.dll - ok
17:38:22.0618 1880 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:38:22.0618 1880 C:\Windows\System32\SndVolSSO.dll - ok
17:38:22.0618 1880 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
17:38:22.0618 1880 C:\Windows\System32\shsvcs.dll - ok
17:38:22.0634 1880 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:38:22.0634 1880 C:\Windows\System32\schedsvc.dll - ok
17:38:22.0634 1880 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
17:38:22.0634 1880 C:\Windows\System32\netapi32.dll - ok
17:38:22.0634 1880 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:38:22.0634 1880 C:\Windows\System32\netcfgx.dll - ok
17:38:22.0634 1880 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
17:38:22.0634 1880 C:\Windows\System32\drivers\vwifimp.sys - ok
17:38:22.0634 1880 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:38:22.0634 1880 C:\Windows\System32\xmllite.dll - ok
17:38:22.0634 1880 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
17:38:22.0634 1880 C:\Windows\System32\WindowsCodecs.dll - ok
17:38:22.0634 1880 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
17:38:22.0634 1880 C:\Windows\System32\ktmw32.dll - ok
17:38:22.0634 1880 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:38:22.0634 1880 C:\Windows\System32\netutils.dll - ok
17:38:22.0634 1880 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:38:22.0634 1880 C:\Windows\System32\wkscli.dll - ok
17:38:22.0649 1880 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:38:22.0649 1880 C:\Windows\System32\winbrand.dll - ok
17:38:22.0649 1880 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
17:38:22.0649 1880 C:\Windows\System32\fveapi.dll - ok
17:38:22.0649 1880 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
17:38:22.0649 1880 C:\Windows\System32\fvecerts.dll - ok
17:38:22.0649 1880 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
17:38:22.0649 1880 C:\Windows\System32\tbs.dll - ok
17:38:22.0649 1880 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
17:38:22.0649 1880 C:\Windows\System32\wiarpc.dll - ok
17:38:22.0649 1880 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
17:38:22.0649 1880 C:\Windows\System32\taskcomp.dll - ok
17:38:22.0649 1880 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:38:22.0649 1880 C:\Windows\System32\drivers\http.sys - ok
17:38:22.0649 1880 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
17:38:22.0649 1880 C:\Windows\System32\spoolsv.exe - ok
17:38:22.0649 1880 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
17:38:22.0649 1880 C:\Windows\System32\adtschema.dll - ok
17:38:22.0665 1880 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:38:22.0665 1880 C:\Windows\System32\BFE.DLL - ok
17:38:22.0665 1880 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:38:22.0665 1880 C:\Windows\System32\drivers\bowser.sys - ok
17:38:22.0665 1880 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:38:22.0665 1880 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:38:22.0665 1880 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:38:22.0665 1880 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:38:22.0665 1880 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:38:22.0665 1880 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:38:22.0665 1880 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:38:22.0665 1880 C:\Windows\System32\VaultCredProvider.dll - ok
17:38:22.0665 1880 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
17:38:22.0665 1880 C:\Windows\System32\BioCredProv.dll - ok
17:38:22.0665 1880 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
17:38:22.0665 1880 C:\Windows\System32\credui.dll - ok
17:38:22.0665 1880 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
17:38:22.0665 1880 C:\Windows\System32\vaultcli.dll - ok
17:38:22.0680 1880 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
17:38:22.0680 1880 C:\Windows\System32\winbio.dll - ok
17:38:22.0680 1880 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:38:22.0680 1880 C:\Windows\System32\samcli.dll - ok
17:38:22.0680 1880 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:38:22.0680 1880 C:\Windows\System32\MPSSVC.dll - ok
17:38:22.0680 1880 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
17:38:22.0680 1880 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
17:38:22.0680 1880 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:38:22.0680 1880 C:\Windows\System32\wfapigp.dll - ok
17:38:22.0680 1880 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:38:22.0680 1880 C:\Windows\System32\drivers\fltMgr.sys - ok
17:38:22.0680 1880 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:38:22.0680 1880 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:38:22.0680 1880 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:38:22.0680 1880 C:\Windows\System32\PSHED.DLL - ok
17:38:22.0680 1880 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:38:22.0680 1880 C:\Windows\System32\mscms.dll - ok
17:38:22.0696 1880 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:38:22.0696 1880 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:38:22.0696 1880 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:38:22.0696 1880 C:\Windows\System32\pcasvc.dll - ok
17:38:22.0696 1880 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:38:22.0696 1880 C:\Windows\System32\snmptrap.exe - ok
17:38:22.0696 1880 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
17:38:22.0696 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
17:38:22.0696 1880 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:38:22.0696 1880 C:\Windows\System32\sstpsvc.dll - ok
17:38:22.0696 1880 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
17:38:22.0696 1880 C:\Windows\System32\certCredProvider.dll - ok
17:38:22.0696 1880 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:38:22.0696 1880 C:\Windows\System32\provsvc.dll - ok
17:38:22.0696 1880 [ FB25067C233B686B50F29ABD688B2A6D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:38:22.0696 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:38:22.0712 1880 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
17:38:22.0712 1880 C:\Windows\System32\rasplap.dll - ok
17:38:22.0712 1880 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:38:22.0712 1880 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:38:22.0712 1880 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:38:22.0712 1880 C:\Windows\System32\rasapi32.dll - ok
17:38:22.0712 1880 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:38:22.0712 1880 C:\Windows\System32\rasman.dll - ok
17:38:22.0712 1880 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:38:22.0712 1880 C:\Windows\System32\rtutils.dll - ok
17:38:22.0712 1880 [ F1A5CB63321AED8BD0B181D9AF6734CC ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
17:38:22.0712 1880 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
17:38:22.0712 1880 [ B10882A1021481C37FEF6EDC00083785 ] C:\Windows\System32\nvsvc64.dll
17:38:22.0712 1880 C:\Windows\System32\nvsvc64.dll - ok
17:38:22.0712 1880 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:38:22.0712 1880 C:\Windows\System32\UXInit.dll - ok
17:38:22.0712 1880 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:38:22.0712 1880 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:38:22.0727 1880 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:38:22.0727 1880 C:\Windows\System32\wkssvc.dll - ok
17:38:22.0727 1880 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
17:38:22.0727 1880 C:\Windows\System32\msimg32.dll - ok
17:38:22.0727 1880 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:38:22.0727 1880 C:\Windows\System32\winmm.dll - ok
17:38:22.0727 1880 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:38:22.0727 1880 C:\Windows\System32\oleacc.dll - ok
17:38:22.0727 1880 [ E7344C0AC61C68D3A14293790E5EDC8F ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
17:38:22.0727 1880 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
17:38:22.0727 1880 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
17:38:22.0727 1880 C:\Windows\System32\UIAutomationCore.dll - ok
17:38:22.0727 1880 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:38:22.0727 1880 C:\Windows\System32\imageres.dll - ok
17:38:22.0727 1880 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:38:22.0727 1880 C:\Windows\System32\dllhost.exe - ok
17:38:22.0727 1880 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:38:22.0727 1880 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:38:22.0743 1880 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:38:22.0743 1880 C:\Windows\System32\IDStore.dll - ok
17:38:22.0743 1880 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
17:38:22.0743 1880 C:\Windows\System32\taskhost.exe - ok
17:38:22.0743 1880 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:38:22.0743 1880 C:\Windows\System32\mpr.dll - ok
17:38:22.0743 1880 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
17:38:22.0743 1880 C:\Windows\System32\PlaySndSrv.dll - ok
17:38:22.0743 1880 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:38:22.0743 1880 C:\Windows\System32\userinit.exe - ok
17:38:22.0743 1880 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
17:38:22.0743 1880 C:\Windows\System32\dwm.exe - ok
17:38:22.0743 1880 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
17:38:22.0743 1880 C:\Windows\System32\dwmredir.dll - ok
17:38:22.0743 1880 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
17:38:22.0743 1880 C:\Windows\System32\dwmcore.dll - ok
17:38:22.0743 1880 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
17:38:22.0743 1880 C:\Windows\System32\HotStartUserAgent.dll - ok
17:38:22.0758 1880 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:38:22.0758 1880 C:\Windows\System32\MsCtfMonitor.dll - ok
17:38:22.0758 1880 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:38:22.0758 1880 C:\Windows\System32\msutb.dll - ok
17:38:22.0758 1880 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
17:38:22.0758 1880 C:\Windows\System32\d3d10_1.dll - ok
17:38:22.0758 1880 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
17:38:22.0758 1880 C:\Windows\System32\d3d10_1core.dll - ok
17:38:22.0758 1880 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
17:38:22.0758 1880 C:\Windows\System32\dxgi.dll - ok
17:38:22.0758 1880 [ 3824B8FA50723274798AE27BFB803EFB ] C:\Windows\System32\nvapi64.dll
17:38:22.0758 1880 C:\Windows\System32\nvapi64.dll - ok
17:38:22.0758 1880 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:38:22.0758 1880 C:\Windows\explorer.exe - ok
17:38:22.0758 1880 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:38:22.0758 1880 C:\Windows\System32\ExplorerFrame.dll - ok
17:38:22.0758 1880 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:38:22.0758 1880 C:\Windows\System32\EhStorShell.dll - ok
17:38:22.0774 1880 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
17:38:22.0774 1880 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
17:38:22.0774 1880 [ 8BE05C346183670253E084B16D79D8E2 ] C:\Windows\System32\nvsvcr.dll
17:38:22.0774 1880 C:\Windows\System32\nvsvcr.dll - ok
17:38:22.0774 1880 [ 0A888754C63C3A5D8CD8F7492C62B40D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:38:22.0774 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:38:22.0774 1880 [ CCB22051FC63BCA3C27A5D2D9D54E33E ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
17:38:22.0774 1880 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
17:38:22.0774 1880 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:38:22.0774 1880 C:\Windows\System32\winspool.drv - ok
17:38:22.0774 1880 [ D745A911E85CA6E94320502305D8E5A9 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
17:38:22.0774 1880 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
17:38:22.0774 1880 [ E3EFAD6F3372277F69CBF4DC04679CCF ] C:\Windows\System32\nvumdshimx.dll
17:38:22.0774 1880 C:\Windows\System32\nvumdshimx.dll - ok
17:38:22.0774 1880 [ 4575A315DF021413CFC55882E6931412 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
17:38:22.0774 1880 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
17:38:22.0774 1880 [ 888E6D20EE22DD495D38E62488CE20A0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
17:38:22.0774 1880 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
17:38:22.0790 1880 [ 9E5031EE58AFF6C1CDD553CA3B61CBCD ] C:\Windows\System32\nvcpl.dll
17:38:22.0790 1880 C:\Windows\System32\nvcpl.dll - ok
17:38:22.0790 1880 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:38:22.0790 1880 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
17:38:22.0790 1880 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:38:22.0790 1880 C:\Windows\SysWOW64\shell32.dll - ok
17:38:22.0790 1880 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
17:38:22.0790 1880 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
17:38:22.0790 1880 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
17:38:22.0790 1880 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
17:38:22.0790 1880 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:38:22.0790 1880 C:\Windows\SysWOW64\shlwapi.dll - ok
17:38:22.0790 1880 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:38:22.0790 1880 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:38:22.0790 1880 [ C4BC93916CF5B88B1D051C95A62FACC5 ] C:\Windows\System32\nvwgf2umx.dll
17:38:22.0790 1880 C:\Windows\System32\nvwgf2umx.dll - ok
17:38:22.0790 1880 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
17:38:22.0790 1880 C:\Windows\System32\uDWM.dll - ok
17:38:22.0805 1880 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
17:38:22.0805 1880 C:\Program Files\Bonjour\mdnsNSP.dll - ok
17:38:22.0805 1880 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
17:38:22.0805 1880 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
17:38:22.0805 1880 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:38:22.0805 1880 C:\Windows\System32\rasadhlp.dll - ok
17:38:22.0805 1880 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:38:22.0805 1880 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
17:38:22.0805 1880 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
17:38:22.0805 1880 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
17:38:22.0805 1880 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
17:38:22.0805 1880 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
17:38:22.0805 1880 [ 5937E46ECDCD514C7A74D64E4EF5E21D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
17:38:22.0805 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
17:38:22.0805 1880 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
17:38:22.0805 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
17:38:22.0805 1880 [ C3DA214AB5FB2E66E61FD8F63F72839F ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
17:38:22.0805 1880 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
17:38:22.0821 1880 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
17:38:22.0821 1880 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
17:38:22.0821 1880 [ 48019BD50A809545C202053313CD4B57 ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
17:38:22.0821 1880 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
17:38:22.0821 1880 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
17:38:22.0821 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
17:38:22.0821 1880 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
17:38:22.0821 1880 C:\Windows\System32\localspl.dll - ok
17:38:22.0821 1880 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:38:22.0821 1880 C:\Windows\SysWOW64\ws2_32.dll - ok
17:38:22.0821 1880 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
17:38:22.0821 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
17:38:22.0821 1880 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
17:38:22.0821 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
17:38:22.0821 1880 [ 1F942930893ED98204AE67260E03EE26 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
17:38:22.0821 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
17:38:22.0836 1880 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:38:22.0836 1880 C:\Windows\SysWOW64\nsi.dll - ok
17:38:22.0836 1880 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
17:38:22.0836 1880 C:\Windows\SysWOW64\wsock32.dll - ok
17:38:22.0836 1880 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
17:38:22.0836 1880 C:\Windows\SysWOW64\winmm.dll - ok
17:38:22.0836 1880 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:38:22.0836 1880 C:\Windows\System32\ntshrui.dll - ok
17:38:22.0836 1880 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:38:22.0836 1880 C:\Windows\System32\cscapi.dll - ok
17:38:22.0836 1880 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:38:22.0836 1880 C:\Windows\System32\IconCodecService.dll - ok
17:38:22.0836 1880 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:38:22.0836 1880 C:\Windows\System32\runonce.exe - ok
17:38:22.0836 1880 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:38:22.0836 1880 C:\Windows\SysWOW64\runonce.exe - ok
17:38:22.0836 1880 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:38:22.0836 1880 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:38:22.0852 1880 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:38:22.0852 1880 C:\Windows\SysWOW64\uxtheme.dll - ok
17:38:22.0852 1880 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:38:22.0852 1880 C:\Windows\SysWOW64\clbcatq.dll - ok
17:38:22.0852 1880 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
17:38:22.0852 1880 C:\Windows\SysWOW64\propsys.dll - ok
17:38:22.0852 1880 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:38:22.0852 1880 C:\Windows\SysWOW64\profapi.dll - ok
17:38:22.0852 1880 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
17:38:22.0852 1880 C:\Windows\SysWOW64\apphelp.dll - ok
17:38:22.0852 1880 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
17:38:22.0852 1880 C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL - ok
17:38:22.0852 1880 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
17:38:22.0852 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
17:38:22.0852 1880 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
17:38:22.0852 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
17:38:22.0868 1880 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
17:38:22.0868 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
17:38:22.0868 1880 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
17:38:22.0868 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
17:38:22.0868 1880 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
17:38:22.0868 1880 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
17:38:22.0868 1880 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
17:38:22.0868 1880 C:\Windows\SysWOW64\dnssd.dll - ok
17:38:22.0868 1880 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:38:22.0868 1880 C:\Windows\SysWOW64\userenv.dll - ok
17:38:22.0868 1880 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
17:38:22.0868 1880 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:38:22.0868 1880 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
17:38:22.0868 1880 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:38:22.0868 1880 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
17:38:22.0868 1880 C:\Windows\System32\spoolss.dll - ok
17:38:22.0868 1880 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
17:38:22.0868 1880 C:\Windows\System32\FXSMON.dll - ok
17:38:22.0868 1880 [ 09149D03629A44F4773E621C432D1D89 ] C:\Windows\System32\drivers\atksgt.sys
17:38:22.0868 1880 C:\Windows\System32\drivers\atksgt.sys - ok
17:38:22.0883 1880 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
17:38:22.0883 1880 C:\Windows\System32\rundll32.exe - ok
17:38:22.0883 1880 [ 674B9AD48FB33A39D2550B2874BB768F ] C:\Windows\System32\hotplug.dll
17:38:22.0883 1880 C:\Windows\System32\hotplug.dll - ok
17:38:22.0883 1880 [ 2110CE8CB4C6937200A973AD0B70F33D ] C:\Windows\AppPatch\AcRes.dll
17:38:22.0883 1880 C:\Windows\AppPatch\AcRes.dll - ok
17:38:22.0883 1880 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
17:38:22.0883 1880 C:\Windows\System32\tcpmon.dll - ok
17:38:22.0883 1880 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:38:22.0883 1880 C:\Windows\SysWOW64\mswsock.dll - ok
17:38:22.0883 1880 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:38:22.0883 1880 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:38:22.0883 1880 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
17:38:22.0883 1880 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
17:38:22.0883 1880 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\SysWOW64\wininet.dll
17:38:22.0883 1880 C:\Windows\SysWOW64\wininet.dll - ok
17:38:22.0883 1880 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\SysWOW64\iertutil.dll
17:38:22.0883 1880 C:\Windows\SysWOW64\iertutil.dll - ok
17:38:22.0899 1880 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\SysWOW64\urlmon.dll
17:38:22.0899 1880 C:\Windows\SysWOW64\urlmon.dll - ok
17:38:22.0899 1880 [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
17:38:22.0899 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
17:38:22.0899 1880 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
17:38:22.0899 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
17:38:22.0899 1880 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:38:22.0899 1880 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:38:22.0899 1880 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:38:22.0899 1880 C:\Windows\SysWOW64\winnsi.dll - ok
17:38:22.0899 1880 [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
17:38:22.0899 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
17:38:22.0899 1880 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
17:38:22.0899 1880 C:\Program Files\Bonjour\mDNSResponder.exe - ok
17:38:22.0899 1880 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:38:22.0899 1880 C:\Windows\System32\cryptsvc.dll - ok
17:38:22.0899 1880 [ 583E83D46CCEDB47476AC0DB6114136A ] C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe
17:38:22.0899 1880 C:\Program Files (x86)\msi\ODD Monitor\ODD_Monitor.exe - ok
17:38:22.0914 1880 [ 5EA407821BB3104C31A705175AB4F309 ] C:\Windows\System32\drivers\lirsgt.sys
17:38:22.0914 1880 C:\Windows\System32\drivers\lirsgt.sys - ok
17:38:22.0914 1880 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
17:38:22.0914 1880 C:\Windows\System32\FDResPub.dll - ok
17:38:22.0914 1880 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
17:38:22.0914 1880 C:\Windows\System32\aepic.dll - ok
17:38:22.0914 1880 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:38:22.0914 1880 C:\Windows\System32\cryptnet.dll - ok
17:38:22.0914 1880 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:38:22.0914 1880 C:\Windows\System32\sfc.dll - ok
17:38:22.0914 1880 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:38:22.0914 1880 C:\Windows\System32\nlasvc.dll - ok
17:38:22.0914 1880 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:38:22.0914 1880 C:\Windows\System32\ncsi.dll - ok
17:38:22.0914 1880 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:38:22.0914 1880 C:\Windows\System32\sfc_os.dll - ok
17:38:22.0914 1880 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
17:38:22.0914 1880 C:\Windows\System32\snmpapi.dll - ok
17:38:22.0914 1880 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
17:38:22.0914 1880 C:\Windows\System32\usbmon.dll - ok
17:38:22.0930 1880 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
17:38:22.0930 1880 C:\Windows\System32\wsnmp32.dll - ok
17:38:22.0930 1880 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:38:22.0930 1880 C:\Windows\System32\dps.dll - ok
17:38:22.0930 1880 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
17:38:22.0930 1880 C:\Windows\System32\WSDMon.dll - ok
17:38:22.0930 1880 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:38:22.0930 1880 C:\Windows\System32\webio.dll - ok
17:38:22.0930 1880 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:38:22.0930 1880 C:\Windows\System32\winhttp.dll - ok
17:38:22.0930 1880 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:38:22.0930 1880 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:38:22.0930 1880 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:38:22.0930 1880 C:\Windows\SysWOW64\cryptsp.dll - ok
17:38:22.0930 1880 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
17:38:22.0930 1880 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
17:38:22.0930 1880 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
17:38:22.0930 1880 C:\Windows\SysWOW64\rsaenh.dll - ok
17:38:22.0946 1880 [ 74624AEE2D3814E91F60619827DAD662 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
17:38:22.0946 1880 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
17:38:22.0946 1880 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
17:38:22.0946 1880 C:\Windows\System32\WSDApi.dll - ok
17:38:22.0946 1880 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
17:38:22.0946 1880 C:\Windows\System32\drivers\PEAuth.sys - ok
17:38:22.0946 1880 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:38:22.0946 1880 C:\Windows\System32\drivers\secdrv.sys - ok
17:38:22.0946 1880 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
17:38:22.0946 1880 C:\Windows\System32\seclogon.dll - ok
17:38:22.0946 1880 [ 0F575481EAD4CDD41AA82ED38BC8F6B3 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
17:38:22.0946 1880 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
17:38:22.0946 1880 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:38:22.0946 1880 C:\Windows\SysWOW64\psapi.dll - ok
17:38:22.0946 1880 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
17:38:22.0946 1880 C:\Windows\System32\drivers\srvnet.sys - ok
17:38:22.0946 1880 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:38:22.0946 1880 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:38:22.0961 1880 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
17:38:22.0961 1880 C:\Windows\System32\wiaservc.dll - ok
17:38:22.0961 1880 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
17:38:22.0961 1880 C:\Windows\System32\wiatrace.dll - ok
17:38:22.0961 1880 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
17:38:22.0961 1880 C:\Windows\System32\sysmain.dll - ok
17:38:22.0961 1880 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:38:22.0961 1880 C:\Windows\System32\taskschd.dll - ok
17:38:22.0961 1880 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
17:38:22.0961 1880 C:\Windows\System32\webservices.dll - ok
17:38:22.0961 1880 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:38:22.0961 1880 C:\Windows\System32\fundisc.dll - ok
17:38:22.0961 1880 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
17:38:22.0961 1880 C:\Windows\System32\fdPnp.dll - ok
17:38:22.0961 1880 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:38:22.0961 1880 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:38:22.0977 1880 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
17:38:22.0977 1880 C:\Windows\System32\win32spl.dll - ok
17:38:22.0977 1880 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
17:38:22.0977 1880 C:\Windows\System32\inetpp.dll - ok
17:38:22.0977 1880 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
17:38:22.0977 1880 C:\Windows\System32\httpapi.dll - ok
17:38:22.0977 1880 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:38:22.0977 1880 C:\Windows\System32\vssapi.dll - ok
17:38:22.0977 1880 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:38:22.0977 1880 C:\Windows\System32\ssdpapi.dll - ok
17:38:22.0977 1880 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:38:22.0977 1880 C:\Windows\System32\vsstrace.dll - ok
17:38:22.0977 1880 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
17:38:22.0977 1880 C:\Windows\System32\aeevts.dll - ok
17:38:22.0977 1880 [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
17:38:22.0977 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
17:38:22.0977 1880 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
17:38:22.0977 1880 C:\Windows\SysWOW64\secur32.dll - ok
17:38:22.0977 1880 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
17:38:22.0977 1880 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:38:22.0992 1880 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
17:38:22.0992 1880 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
17:38:22.0992 1880 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
17:38:22.0992 1880 C:\Windows\System32\mgmtapi.dll - ok
17:38:22.0992 1880 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
17:38:22.0992 1880 C:\Windows\System32\PrintIsolationHost.exe - ok
17:38:22.0992 1880 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
17:38:22.0992 1880 C:\Windows\System32\tcpmib.dll - ok
17:38:22.0992 1880 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\unidrv.dll
17:38:22.0992 1880 C:\Windows\System32\spool\drivers\x64\3\unidrv.dll - ok
17:38:22.0992 1880 [ 9F3E7CABE86BBDECA009DE291DB6D9E2 ] C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
17:38:22.0992 1880 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe - ok
17:38:22.0992 1880 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
17:38:22.0992 1880 C:\Windows\SysWOW64\mpr.dll - ok
17:38:22.0992 1880 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
17:38:22.0992 1880 C:\Windows\SysWOW64\cmd.exe - ok
17:38:22.0992 1880 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
17:38:22.0992 1880 C:\Windows\System32\conhost.exe - ok
17:38:23.0008 1880 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\winbrand.dll - ok
17:38:23.0008 1880 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\SysWOW64\ieframe.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\ieframe.dll - ok
17:38:23.0008 1880 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\oleacc.dll - ok
17:38:23.0008 1880 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\shdocvw.dll - ok
17:38:23.0008 1880 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\imagehlp.dll - ok
17:38:23.0008 1880 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
17:38:23.0008 1880 C:\Windows\SysWOW64\SensApi.dll - ok
17:38:23.0008 1880 [ 98F138897EF4246381D197CB81846D62 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:38:23.0008 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:38:23.0008 1880 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
17:38:23.0008 1880 C:\Program Files\Windows Defender\MpSvc.dll - ok
17:38:23.0008 1880 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
17:38:23.0008 1880 C:\Program Files\Windows Defender\MpClient.dll - ok
17:38:23.0024 1880 [ 57B736E990BA15568FAFAE9262C0AE6B ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:38:23.0024 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:38:23.0024 1880 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:38:23.0024 1880 C:\Windows\System32\SensApi.dll - ok
17:38:23.0024 1880 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Fafnir\AppData\Local\Temp\C646FDA4-85EA-4DDD-8004-E4990E5EE332.exe
17:38:23.0024 1880 C:\Users\Fafnir\AppData\Local\Temp\C646FDA4-85EA-4DDD-8004-E4990E5EE332.exe - ok
17:38:23.0024 1880 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
17:38:23.0024 1880 C:\Windows\System32\esent.dll - ok
17:38:23.0024 1880 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
17:38:23.0024 1880 C:\Windows\System32\trkwks.dll - ok
17:38:23.0024 1880 [ 33D933951E1DD39BA9A973CA5651BC90 ] C:\Windows\SysWOW64\d3d11.dll
17:38:23.0024 1880 C:\Windows\SysWOW64\d3d11.dll - ok
17:38:23.0024 1880 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:38:23.0024 1880 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:38:23.0024 1880 [ F6E85F0EB6F349E31F6C97A5FFE4F0F4 ] C:\Windows\System32\spool\drivers\x64\3\BRUUI23A.DLL
17:38:23.0024 1880 C:\Windows\System32\spool\drivers\x64\3\BRUUI23A.DLL - ok
17:38:23.0024 1880 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:38:23.0024 1880 C:\Windows\System32\wbemcomn.dll - ok
17:38:23.0039 1880 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\dxgi.dll - ok
17:38:23.0039 1880 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:38:23.0039 1880 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:38:23.0039 1880 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:38:23.0039 1880 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:38:23.0039 1880 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\dciman32.dll - ok
17:38:23.0039 1880 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\ddraw.dll - ok
17:38:23.0039 1880 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\dwmapi.dll - ok
17:38:23.0039 1880 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\netapi32.dll - ok
17:38:23.0039 1880 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\netutils.dll - ok
17:38:23.0039 1880 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
17:38:23.0039 1880 C:\Windows\SysWOW64\srvcli.dll - ok
17:38:23.0055 1880 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
17:38:23.0055 1880 C:\Windows\SysWOW64\winsta.dll - ok
17:38:23.0055 1880 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
17:38:23.0055 1880 C:\Windows\SysWOW64\wkscli.dll - ok
17:38:23.0055 1880 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:38:23.0055 1880 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:38:23.0055 1880 [ F3F571288CDE445881102E385BF3471F ] C:\Windows\SysWOW64\Magnification.dll
17:38:23.0055 1880 C:\Windows\SysWOW64\Magnification.dll - ok
17:38:23.0055 1880 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:38:23.0055 1880 C:\Windows\System32\iphlpsvc.dll - ok
17:38:23.0055 1880 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:38:23.0055 1880 C:\Windows\System32\ntdsapi.dll - ok
17:38:23.0055 1880 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
17:38:23.0055 1880 C:\Windows\System32\wscsvc.dll - ok
17:38:23.0055 1880 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:38:23.0055 1880 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:38:23.0055 1880 [ A1CF0ED4315C7EBFF0B8E86C36B86FE6 ] C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll
17:38:23.0055 1880 C:\ProgramData\Microsoft\IdentityCRL\production\wlidui.dll - ok
17:38:23.0070 1880 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
17:38:23.0070 1880 C:\Windows\System32\sqmapi.dll - ok
17:38:23.0070 1880 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
17:38:23.0070 1880 C:\Windows\System32\msxml3.dll - ok
17:38:23.0070 1880 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
17:38:23.0070 1880 C:\Windows\System32\wdscore.dll - ok
17:38:23.0070 1880 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:38:23.0070 1880 C:\Windows\System32\hnetcfg.dll - ok
17:38:23.0070 1880 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:38:23.0070 1880 C:\Windows\System32\actxprxy.dll - ok
17:38:23.0070 1880 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:38:23.0070 1880 C:\Windows\System32\wbem\wbemprox.dll - ok
17:38:23.0070 1880 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
17:38:23.0070 1880 C:\Windows\System32\nci.dll - ok
17:38:23.0070 1880 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
17:38:23.0070 1880 C:\Windows\SysWOW64\d3d9.dll - ok
17:38:23.0070 1880 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
17:38:23.0070 1880 C:\Windows\SysWOW64\ncrypt.dll - ok
17:38:23.0070 1880 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
17:38:23.0070 1880 C:\Windows\SysWOW64\bcrypt.dll - ok
17:38:23.0086 1880 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:38:23.0086 1880 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:38:23.0086 1880 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
17:38:23.0086 1880 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:38:23.0086 1880 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
17:38:23.0086 1880 C:\Windows\SysWOW64\gpapi.dll - ok
17:38:23.0086 1880 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
17:38:23.0086 1880 C:\Windows\SysWOW64\cryptnet.dll - ok
17:38:23.0086 1880 [ 499147F015E87AC2C2EBAA368F6BFE96 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:38:23.0086 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:38:23.0086 1880 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:38:23.0086 1880 C:\Windows\System32\wbem\fastprox.dll - ok
17:38:23.0086 1880 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:38:23.0086 1880 C:\Windows\System32\dbghelp.dll - ok
17:38:23.0086 1880 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
17:38:23.0086 1880 C:\Windows\System32\drivers\srv2.sys - ok
17:38:23.0086 1880 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
17:38:23.0086 1880 C:\Windows\System32\drivers\srv.sys - ok
17:38:23.0102 1880 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:38:23.0102 1880 C:\Windows\System32\wbem\wbemcore.dll - ok
17:38:23.0102 1880 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:38:23.0102 1880 C:\Windows\System32\wbem\esscli.dll - ok
17:38:23.0102 1880 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
17:38:23.0102 1880 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
17:38:23.0102 1880 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\msimg32.dll - ok
17:38:23.0102 1880 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\wer.dll - ok
17:38:23.0102 1880 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\Faultrep.dll - ok
17:38:23.0102 1880 [ 6B44700917F45B19B96B46B345B6F0E7 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe
17:38:23.0102 1880 C:\Program Files (x86)\Spybot - Search & Destroy\SDMain.exe - ok
17:38:23.0102 1880 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\sxs.dll - ok
17:38:23.0102 1880 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:38:23.0102 1880 [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
17:38:23.0102 1880 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
17:38:23.0117 1880 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:38:23.0117 1880 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:38:23.0117 1880 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
17:38:23.0117 1880 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
17:38:23.0117 1880 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
17:38:23.0117 1880 C:\Program Files\Windows Defender\MpRTP.dll - ok
17:38:23.0117 1880 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
17:38:23.0117 1880 C:\Windows\System32\tdh.dll - ok
17:38:23.0117 1880 [ 76A11F575782DBAE74F05B8796EF7F9D ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpengine.dll
17:38:23.0117 1880 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpengine.dll - ok
17:38:23.0117 1880 [ 436EB2742ED35C1ED9DDCB83C9BCF68A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpasbase.vdm
17:38:23.0117 1880 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpasbase.vdm - ok
17:38:23.0117 1880 [ CA61E3BC7788AED9B65086D55A298CF6 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpasdlta.vdm
17:38:23.0117 1880 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D18E6C5-62D9-4210-A2C2-E549013406FF}\mpasdlta.vdm - ok
17:38:23.0117 1880 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:38:23.0117 1880 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:38:23.0117 1880 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:38:23.0117 1880 C:\Windows\System32\srvsvc.dll - ok
17:38:23.0133 1880 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:38:23.0133 1880 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:38:23.0133 1880 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:38:23.0133 1880 C:\Windows\System32\browser.dll - ok
17:38:23.0133 1880 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:38:23.0133 1880 C:\Windows\System32\netmsg.dll - ok
17:38:23.0133 1880 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:38:23.0133 1880 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:38:23.0133 1880 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:38:23.0133 1880 C:\Windows\System32\wbem\wmiutils.dll - ok
17:38:23.0133 1880 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:38:23.0133 1880 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:38:23.0133 1880 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:38:23.0133 1880 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:38:23.0133 1880 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
17:38:23.0133 1880 C:\Windows\System32\clusapi.dll - ok
17:38:23.0133 1880 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
17:38:23.0133 1880 C:\Windows\System32\sscore.dll - ok
17:38:23.0133 1880 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
17:38:23.0133 1880 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:38:23.0148 1880 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
17:38:23.0148 1880 C:\Windows\System32\resutils.dll - ok
17:38:23.0148 1880 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:38:23.0148 1880 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:38:23.0148 1880 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:38:23.0148 1880 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:38:23.0148 1880 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
17:38:23.0148 1880 C:\Windows\SysWOW64\EhStorShell.dll - ok
17:38:23.0148 1880 [ B95010FC1F13B1E2DE77BA7FB39C5DC6 ] C:\PROGRA~2\MICROS~3\Office14\1033\GrooveIntlResource.dll
17:38:23.0148 1880 C:\PROGRA~2\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
17:38:23.0148 1880 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:38:23.0148 1880 C:\Windows\System32\ncobjapi.dll - ok
17:38:23.0148 1880 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:38:23.0148 1880 C:\Windows\System32\wbem\wbemess.dll - ok
17:38:23.0148 1880 [ 3F39F013168428C8E505A7B9E6CBA8A2 ] C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
17:38:23.0148 1880 C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys - ok
17:38:23.0148 1880 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
17:38:23.0148 1880 C:\Windows\System32\SearchIndexer.exe - ok
17:38:23.0164 1880 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:38:23.0164 1880 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:38:23.0164 1880 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
17:38:23.0164 1880 C:\Windows\System32\tquery.dll - ok
17:38:23.0164 1880 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
17:38:23.0164 1880 C:\Windows\System32\wuapi.dll - ok
17:38:23.0164 1880 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
17:38:23.0164 1880 C:\Windows\System32\cabinet.dll - ok
17:38:23.0164 1880 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
17:38:23.0164 1880 C:\Windows\System32\wbem\NCProv.dll - ok
17:38:23.0164 1880 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
17:38:23.0164 1880 C:\Windows\System32\wups.dll - ok
17:38:23.0164 1880 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
17:38:23.0164 1880 C:\Windows\System32\wbem\cimwin32.dll - ok
17:38:23.0164 1880 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
17:38:23.0164 1880 C:\Windows\System32\mssrch.dll - ok
17:38:23.0164 1880 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
17:38:23.0164 1880 C:\Windows\System32\framedynos.dll - ok
17:38:23.0180 1880 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
17:38:23.0180 1880 C:\Windows\System32\security.dll - ok
17:38:23.0180 1880 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
17:38:23.0180 1880 C:\Windows\System32\dssenh.dll - ok
17:38:23.0180 1880 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:38:23.0180 1880 C:\Windows\System32\browcli.dll - ok
17:38:23.0180 1880 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
17:38:23.0180 1880 C:\Windows\System32\hidserv.dll - ok
17:38:23.0180 1880 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
17:38:23.0180 1880 C:\Windows\System32\msidle.dll - ok
17:38:23.0180 1880 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
17:38:23.0180 1880 C:\Windows\System32\wdi.dll - ok
17:38:23.0180 1880 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
17:38:23.0180 1880 C:\Windows\System32\schedcli.dll - ok
17:38:23.0180 1880 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
17:38:23.0180 1880 C:\Windows\System32\wpdbusenum.dll - ok
17:38:23.0180 1880 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:38:23.0180 1880 C:\Windows\System32\aelupsvc.dll - ok
17:38:23.0195 1880 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
17:38:23.0195 1880 C:\Windows\System32\diagperf.dll - ok
17:38:23.0195 1880 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
17:38:23.0195 1880 C:\Windows\System32\mssprxy.dll - ok
17:38:23.0195 1880 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
17:38:23.0195 1880 C:\Windows\System32\perftrack.dll - ok
17:38:23.0195 1880 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:38:23.0195 1880 C:\Windows\System32\PortableDeviceApi.dll - ok
17:38:23.0195 1880 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
17:38:23.0195 1880 C:\Windows\System32\dimsjob.dll - ok
17:38:23.0195 1880 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:38:23.0195 1880 C:\Windows\System32\wer.dll - ok
17:38:23.0195 1880 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
17:38:23.0195 1880 C:\Windows\System32\pnpts.dll - ok
17:38:23.0195 1880 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
17:38:23.0195 1880 C:\Windows\System32\radardt.dll - ok
17:38:23.0195 1880 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
17:38:23.0195 1880 C:\Windows\System32\Apphlpdm.dll - ok
17:38:23.0211 1880 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
17:38:23.0211 1880 C:\Windows\System32\wdiasqmmodule.dll - ok
17:38:23.0211 1880 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
17:38:23.0211 1880 C:\Windows\System32\ndiscapCfg.dll - ok
17:38:23.0211 1880 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
17:38:23.0211 1880 C:\Windows\SysWOW64\ntshrui.dll - ok
17:38:23.0211 1880 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:38:23.0211 1880 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:38:23.0211 1880 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:38:23.0211 1880 C:\Windows\System32\rascfg.dll - ok
17:38:23.0211 1880 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:38:23.0211 1880 C:\Windows\System32\mprapi.dll - ok
17:38:23.0211 1880 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:38:23.0211 1880 C:\Windows\System32\npmproxy.dll - ok
17:38:23.0211 1880 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
17:38:23.0211 1880 C:\Windows\System32\mprmsg.dll - ok
17:38:23.0211 1880 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
17:38:23.0211 1880 C:\Windows\System32\IPSECSVC.DLL - ok
17:38:23.0226 1880 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
17:38:23.0226 1880 C:\Windows\System32\tcpipcfg.dll - ok
17:38:23.0226 1880 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
17:38:23.0226 1880 C:\Windows\SysWOW64\cscapi.dll - ok
17:38:23.0226 1880 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
17:38:23.0226 1880 C:\Windows\SysWOW64\slc.dll - ok
17:38:23.0226 1880 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
17:38:23.0226 1880 C:\Windows\SysWOW64\imageres.dll - ok
17:38:23.0226 1880 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
17:38:23.0226 1880 C:\Windows\System32\FwRemoteSvr.dll - ok
17:38:23.0226 1880 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
17:38:23.0226 1880 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:38:23.0226 1880 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:38:23.0226 1880 C:\Windows\System32\NapiNSP.dll - ok
17:38:23.0226 1880 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:38:23.0226 1880 C:\Windows\System32\pnrpnsp.dll - ok
17:38:23.0226 1880 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:38:23.0226 1880 C:\Windows\System32\winrnr.dll - ok
17:38:23.0226 1880 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
17:38:23.0226 1880 C:\Windows\System32\wmi.dll - ok
17:38:23.0242 1880 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\nlaapi.dll - ok
17:38:23.0242 1880 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:38:23.0242 1880 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:38:23.0242 1880 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\dnsapi.dll - ok
17:38:23.0242 1880 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\winrnr.dll - ok
17:38:23.0242 1880 [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:38:23.0242 1880 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:38:23.0242 1880 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
17:38:23.0242 1880 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
17:38:23.0242 1880 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:38:23.0242 1880 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:38:23.0242 1880 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:38:23.0242 1880 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:38:23.0258 1880 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
17:38:23.0258 1880 C:\Windows\System32\SearchProtocolHost.exe - ok
17:38:23.0258 1880 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
17:38:23.0258 1880 C:\Windows\System32\msshooks.dll - ok
17:38:23.0258 1880 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
17:38:23.0258 1880 C:\Windows\System32\SearchFilterHost.exe - ok
17:38:23.0258 1880 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
17:38:23.0258 1880 C:\Windows\System32\mscoree.dll - ok
17:38:23.0258 1880 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:38:23.0258 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:38:23.0258 1880 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
17:38:23.0258 1880 C:\Windows\System32\mssph.dll - ok
17:38:23.0258 1880 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
17:38:23.0258 1880 C:\Windows\System32\mapi32.dll - ok
17:38:23.0258 1880 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
17:38:23.0258 1880 C:\Windows\System32\Query.dll - ok
17:38:23.0258 1880 [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
17:38:23.0258 1880 C:\Windows\System32\PhotoMetadataHandler.dll - ok
17:38:23.0273 1880 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
17:38:23.0273 1880 C:\Program Files\Windows Defender\MsMpLics.dll - ok
17:38:23.0273 1880 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
17:38:23.0273 1880 C:\Windows\System32\wscapi.dll - ok
17:38:23.0273 1880 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
17:38:23.0273 1880 C:\Windows\System32\wscisvif.dll - ok
17:38:23.0273 1880 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
17:38:23.0273 1880 C:\Windows\System32\wscproxystub.dll - ok
17:38:23.0273 1880 [ 228684034DC2EBD5ACF99539B8F442D5 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
17:38:23.0273 1880 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
17:38:23.0273 1880 [ E75BECD6517183F3DE916E145E36F5AE ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
17:38:23.0273 1880 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
17:38:23.0273 1880 [ 2693E6AF713DD61ACB760CC579F0E380 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
17:38:23.0273 1880 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
17:38:23.0273 1880 [ DBBCA48FFB45CD96588D41F6641CB783 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
17:38:23.0273 1880 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
17:38:23.0289 1880 [ D95B25B7F148243580C72DE34503378E ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
17:38:23.0289 1880 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
17:38:23.0289 1880 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
17:38:23.0289 1880 C:\Windows\SysWOW64\sfc.dll - ok
17:38:23.0289 1880 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
17:38:23.0289 1880 C:\Windows\SysWOW64\sfc_os.dll - ok
17:38:23.0289 1880 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:38:23.0289 1880 C:\Windows\SysWOW64\winhttp.dll - ok
17:38:23.0289 1880 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:38:23.0289 1880 C:\Windows\SysWOW64\webio.dll - ok
17:38:23.0289 1880 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
17:38:23.0289 1880 C:\Windows\System32\ie4uinit.exe - ok
17:38:23.0289 1880 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
17:38:23.0289 1880 C:\Windows\System32\iedkcs32.dll - ok
17:38:23.0289 1880 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:38:23.0289 1880 C:\Windows\System32\timedate.cpl - ok
17:38:23.0289 1880 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:38:23.0289 1880 C:\Windows\System32\shdocvw.dll - ok
17:38:23.0304 1880 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:38:23.0304 1880 C:\Windows\System32\linkinfo.dll - ok
17:38:23.0304 1880 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:38:23.0304 1880 C:\Windows\SysWOW64\credssp.dll - ok
17:38:23.0304 1880 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:38:23.0304 1880 C:\Windows\SysWOW64\wship6.dll - ok
17:38:23.0304 1880 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:38:23.0304 1880 C:\Windows\System32\msftedit.dll - ok
17:38:23.0304 1880 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
17:38:23.0304 1880 C:\Windows\System32\gameux.dll - ok
17:38:23.0304 1880 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
17:38:23.0304 1880 C:\Windows\System32\msls31.dll - ok
17:38:23.0304 1880 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:38:23.0304 1880 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:38:23.0304 1880 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:38:23.0304 1880 C:\Windows\System32\DeviceCenter.dll - ok
17:38:23.0304 1880 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:38:23.0304 1880 C:\Windows\System32\msi.dll - ok
17:38:23.0320 1880 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:38:23.0320 1880 C:\Windows\System32\msiltcfg.dll - ok
17:38:23.0320 1880 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:38:23.0320 1880 C:\Windows\System32\networkexplorer.dll - ok
17:38:23.0320 1880 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:38:23.0320 1880 C:\Windows\System32\thumbcache.dll - ok
17:38:23.0320 1880 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
17:38:23.0320 1880 C:\Windows\System32\davclnt.dll - ok
17:38:23.0320 1880 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
17:38:23.0320 1880 C:\Windows\System32\davhlpr.dll - ok
17:38:23.0320 1880 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
17:38:23.0320 1880 C:\Windows\System32\drprov.dll - ok
17:38:23.0320 1880 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
17:38:23.0320 1880 C:\Windows\System32\ntlanman.dll - ok
17:38:23.0320 1880 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:38:23.0320 1880 C:\Windows\System32\wdmaud.drv - ok
17:38:23.0320 1880 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:38:23.0320 1880 C:\Windows\System32\ksuser.dll - ok
17:38:23.0320 1880 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
17:38:23.0320 1880 C:\Windows\System32\AudioSes.dll - ok
17:38:23.0336 1880 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
17:38:23.0336 1880 C:\Windows\System32\msacm32.dll - ok
17:38:23.0336 1880 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
17:38:23.0336 1880 C:\Windows\System32\msacm32.drv - ok
17:38:23.0336 1880 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
17:38:23.0336 1880 C:\Windows\System32\AudioEng.dll - ok
17:38:23.0336 1880 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
17:38:23.0336 1880 C:\Windows\System32\midimap.dll - ok
17:38:23.0336 1880 [ 127101B97DB654126589D107F2816B5D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:38:23.0336 1880 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
17:38:23.0336 1880 [ 956B02457310A67472B9B1BC574BCEAC ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:38:23.0336 1880 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
17:38:23.0336 1880 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
17:38:23.0336 1880 C:\Windows\System32\AUDIOKSE.dll - ok
17:38:23.0336 1880 [ 66AED1BEEB42C3276F74C8206EF652B0 ] C:\Windows\System32\igfxtray.exe
17:38:23.0336 1880 C:\Windows\System32\igfxtray.exe - ok
17:38:23.0351 1880 [ 89F992056D22D673528212125A428D02 ] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe
17:38:23.0351 1880 C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe - ok
17:38:23.0351 1880 [ DF72D700CC33611206675B8A2FD4D4F9 ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:38:23.0351 1880 C:\Program Files\Logitech\SetPointP\SetPoint.exe - ok
17:38:23.0351 1880 [ A2E88CF9FEFE538E7F6AFF9E0B6D0A72 ] C:\Windows\System32\hkcmd.exe
17:38:23.0351 1880 C:\Windows\System32\hkcmd.exe - ok
17:38:23.0351 1880 [ DAD7DD6CC41BF24B4ABB75DEBEF1232D ] C:\Windows\System32\igfxpers.exe
17:38:23.0351 1880 C:\Windows\System32\igfxpers.exe - ok
17:38:23.0351 1880 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
17:38:23.0351 1880 C:\Windows\SysWOW64\mscoree.dll - ok
17:38:23.0351 1880 [ A974F7EB760451D7CF7342F9E088DBB0 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
17:38:23.0351 1880 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
17:38:23.0351 1880 [ A44740AD996C9B9574283B0172DBEE11 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
17:38:23.0351 1880 C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
17:38:23.0351 1880 [ 9677563A516ECB35DEEA367D5948D6F2 ] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
17:38:23.0351 1880 C:\Program Files\Logitech\FlowScroll\KhalScroll.exe - ok
17:38:23.0351 1880 [ D1E9B7CA62EC8A154724569A2DA52531 ] C:\Windows\System32\hccutils.dll
17:38:23.0351 1880 C:\Windows\System32\hccutils.dll - ok
17:38:23.0367 1880 [ 6FE3C7EF5D91C21D5FC1283064EEAD8E ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
17:38:23.0367 1880 C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe - ok
17:38:23.0367 1880 [ AAB979089E192ACC0FE1E3C018F8B591 ] C:\Users\Fafnir\AppData\Local\Akamai\netsession_win.exe
17:38:23.0367 1880 C:\Users\Fafnir\AppData\Local\Akamai\netsession_win.exe - ok
17:38:23.0367 1880 [ 58F452113C687453155288AC0F7F5BC4 ] C:\Windows\System32\igfxsrvc.exe
17:38:23.0367 1880 C:\Windows\System32\igfxsrvc.exe - ok
17:38:23.0367 1880 [ 47205E7196F50C0FA5DE233E5E24AB09 ] C:\Program Files (x86)\Impulse\Now\GameStopNow.exe
17:38:23.0367 1880 C:\Program Files (x86)\Impulse\Now\GameStopNow.exe - ok
17:38:23.0367 1880 [ C1CF9F3B71E02F06F761021A466518A3 ] C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
17:38:23.0367 1880 C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ok
17:38:23.0367 1880 [ 57EC4DEFC79641D067262F8ECB5C31CD ] C:\Program Files\Logitech\FlowScroll\KHALSmooth.dll
17:38:23.0367 1880 C:\Program Files\Logitech\FlowScroll\KHALSmooth.dll - ok
17:38:23.0367 1880 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:38:23.0367 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:38:23.0367 1880 [ 7E6CA0FBCFDD2B6E2D99EDD8B673A192 ] C:\Windows\System32\MBWrp64.dll
17:38:23.0367 1880 C:\Windows\System32\MBWrp64.dll - ok
17:38:23.0367 1880 [ F0D66059F489343B590C4F06A77E1F85 ] C:\Windows\System32\MBTHX64.dll
17:38:23.0367 1880 C:\Windows\System32\MBTHX64.dll - ok
17:38:23.0382 1880 [ C1A27CD11E7559F951130528962306D8 ] C:\Windows\System32\igfxsrvc.dll
17:38:23.0382 1880 C:\Windows\System32\igfxsrvc.dll - ok
17:38:23.0382 1880 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
17:38:23.0382 1880 C:\Windows\System32\oledlg.dll - ok
17:38:23.0382 1880 [ 9FA91F22A4F751854DE43304BD1A87B4 ] C:\Program Files\Common Files\Logishrd\Sn1\LU\LULnchr.exe
17:38:23.0382 1880 C:\Program Files\Common Files\Logishrd\Sn1\LU\LULnchr.exe - ok
17:38:23.0382 1880 [ D5A69B24039442FD76B410CD2D7FEB7B ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll
17:38:23.0382 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALAPI.dll - ok
17:38:23.0382 1880 [ 8B722DA6944817B99D2E73C2869D63E3 ] C:\Windows\System32\igfxdev.dll
17:38:23.0382 1880 C:\Windows\System32\igfxdev.dll - ok
17:38:23.0382 1880 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
17:38:23.0382 1880 C:\Windows\System32\RtkCfg64.dll - ok
17:38:23.0382 1880 [ 03CC97EC838FBBA69E6E5FD744012C31 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
17:38:23.0382 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe - ok
17:38:23.0382 1880 [ BA53B31C12C6E17AD34A9F0A5C2527C3 ] C:\Windows\System32\RtkAPO64.dll
17:38:23.0382 1880 C:\Windows\System32\RtkAPO64.dll - ok
17:38:23.0398 1880 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
17:38:23.0398 1880 C:\Windows\SysWOW64\comdlg32.dll - ok
17:38:23.0398 1880 [ 3A19B2D2B5659D375FFFBA9EB71987B8 ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
17:38:23.0398 1880 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe - ok
17:38:23.0398 1880 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
17:38:23.0398 1880 C:\Windows\System32\IccLibDll_x64.dll - ok
17:38:23.0398 1880 [ A163AFEA3BE6133A4F9668779EB52F93 ] C:\Windows\System32\MBAPO64.dll
17:38:23.0398 1880 C:\Windows\System32\MBAPO64.dll - ok
17:38:23.0398 1880 [ BE263246AA05B9CD43D32CA615E027D5 ] C:\Windows\System32\igfxrenu.lrc
17:38:23.0398 1880 C:\Windows\System32\igfxrenu.lrc - ok
17:38:23.0398 1880 [ 18921ED36B7AB65916C075E234E81930 ] C:\Program Files\Logitech\SetPointP\khalwrapper.dll
17:38:23.0398 1880 C:\Program Files\Logitech\SetPointP\khalwrapper.dll - ok
17:38:23.0398 1880 [ EE2DBFBFE0B16E816A74AD505CF0379C ] C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll
17:38:23.0398 1880 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.dll - ok
17:38:23.0398 1880 [ 52425F4F67DE0E8E7149EBC337D1A60A ] C:\Program Files\Logitech\SetPointP\KemUtil.dll
17:38:23.0398 1880 C:\Program Files\Logitech\SetPointP\KemUtil.dll - ok
17:38:23.0398 1880 [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
17:38:23.0398 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
17:38:23.0398 1880 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
17:38:23.0398 1880 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
17:38:23.0414 1880 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:38:23.0414 1880 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
17:38:23.0414 1880 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
17:38:23.0414 1880 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
17:38:23.0414 1880 [ 5944DC25A337F489679388E3308DD6AC ] C:\Program Files (x86)\Winamp\winampa.exe
17:38:23.0414 1880 C:\Program Files (x86)\Winamp\winampa.exe - ok
17:38:23.0414 1880 [ C26B09276755E0698B31CF0BAE0BF182 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:38:23.0414 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
17:38:23.0414 1880 [ D7936ED15F4AEF0FC33F329D0F21ED46 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:38:23.0414 1880 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
17:38:23.0414 1880 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
17:38:23.0414 1880 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
17:38:23.0414 1880 [ 4EB19202D44B012387602DB5536FD093 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll
17:38:23.0414 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALITCH.dll - ok
17:38:23.0414 1880 [ D17277381B4522FA34FAE7851E705051 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll
17:38:23.0414 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMW.dll - ok
17:38:23.0429 1880 [ 5112FBD9885D79A9FC73BDE9B1EF9334 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
17:38:23.0429 1880 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
17:38:23.0429 1880 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
17:38:23.0429 1880 C:\Windows\SysWOW64\powrprof.dll - ok
17:38:23.0429 1880 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
17:38:23.0429 1880 C:\Windows\SysWOW64\shfolder.dll - ok
17:38:23.0429 1880 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
17:38:23.0429 1880 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
17:38:23.0429 1880 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:38:23.0429 1880 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:38:23.0429 1880 [ AF09A713D190B2E9DDFCC2CE89357302 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll
17:38:23.0429 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHPP.dll - ok
17:38:23.0429 1880 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
17:38:23.0429 1880 C:\Windows\SysWOW64\msacm32.dll - ok
17:38:23.0429 1880 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
17:38:23.0429 1880 C:\Windows\SysWOW64\olepro32.dll - ok
17:38:23.0445 1880 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:38:23.0445 1880 C:\Windows\SysWOW64\msi.dll - ok
17:38:23.0445 1880 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
17:38:23.0445 1880 C:\Windows\SysWOW64\avrt.dll - ok
17:38:23.0445 1880 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
17:38:23.0445 1880 C:\Windows\SysWOW64\cryptui.dll - ok
17:38:23.0445 1880 [ 8D58C34EA1304DAB6D8B16925265B5AA ] C:\Program Files\Common Files\Logishrd\sp6\LU\LULnchr.exe
17:38:23.0445 1880 C:\Program Files\Common Files\Logishrd\sp6\LU\LULnchr.exe - ok
17:38:23.0445 1880 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
17:38:23.0445 1880 C:\Windows\SysWOW64\linkinfo.dll - ok
17:38:23.0445 1880 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:38:23.0445 1880 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
17:38:23.0445 1880 [ 356656B5EEA8C990238E8FAE5C63395C ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll
17:38:23.0445 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALMOU.dll - ok
17:38:23.0445 1880 [ E45989C127C0476A937D6BEAA6E28211 ] C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe
17:38:23.0445 1880 C:\Program Files\Common Files\Logishrd\sp6\LU\LogitechUpdate.exe - ok
17:38:23.0445 1880 [ E375386B937B7FF3A10F71D1A09AD360 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
17:38:23.0445 1880 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
17:38:23.0460 1880 [ 1A4E49BBBBCD5CE19F8BF6B5D20AFC68 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll
17:38:23.0460 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALHID.dll - ok
17:38:23.0460 1880 [ 91062AC5D12F74DBFCCAEEAD86372CBD ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
17:38:23.0460 1880 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
17:38:23.0460 1880 [ 8B70A55FDB9C0518DB9F8C5FF0774313 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
17:38:23.0460 1880 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
17:38:23.0460 1880 [ 6ABC6575EF4FEA6E7A44F5C61C66C9E1 ] C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll
17:38:23.0460 1880 C:\Program Files\Common Files\Logishrd\KHAL3\KHALUSB.dll - ok
17:38:23.0460 1880 [ 838B074C438CB6A1AAC93B720888927C ] C:\Windows\System32\MaxxAudioAPO4064.dll
17:38:23.0460 1880 C:\Windows\System32\MaxxAudioAPO4064.dll - ok
17:38:23.0460 1880 [ 8FE7EFF61C18D74633A6E38172D4A6AF ] C:\Windows\System32\MaxxAudioAPOShell64.dll
17:38:23.0460 1880 C:\Windows\System32\MaxxAudioAPOShell64.dll - ok
17:38:23.0460 1880 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
17:38:23.0460 1880 C:\Windows\System32\d3d9.dll - ok
17:38:23.0460 1880 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
17:38:23.0460 1880 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:38:23.0476 1880 [ A7F317118AFDE7A29D2EF7A722AC13B2 ] C:\Program Files (x86)\Java\jre7\bin\javaws.exe
17:38:23.0476 1880 C:\Program Files (x86)\Java\jre7\bin\javaws.exe - ok
17:38:23.0476 1880 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
17:38:23.0476 1880 C:\Windows\SysWOW64\mapi32.dll - ok
17:38:23.0476 1880 [ F3008D067B1160F815451C8AF0C37399 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
17:38:23.0476 1880 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
17:38:23.0476 1880 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
17:38:23.0476 1880 C:\Windows\System32\opengl32.dll - ok
17:38:23.0476 1880 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
17:38:23.0476 1880 C:\Windows\SysWOW64\wlanapi.dll - ok
17:38:23.0476 1880 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
17:38:23.0476 1880 C:\Windows\SysWOW64\wlanutil.dll - ok
17:38:23.0476 1880 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\80358049.sys
17:38:23.0476 1880 C:\Windows\System32\drivers\80358049.sys - ok
17:38:23.0476 1880 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
17:38:23.0476 1880 C:\Windows\SysWOW64\pdh.dll - ok
17:38:23.0476 1880 [ F3C016C3D0C889FDC04AF59CF8108B5C ] C:\Program Files (x86)\Java\jre7\bin\jpishare.dll
17:38:23.0476 1880 C:\Program Files (x86)\Java\jre7\bin\jpishare.dll - ok
17:38:23.0492 1880 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\SysWOW64\mshtml.dll
17:38:23.0492 1880 C:\Windows\SysWOW64\mshtml.dll - ok
17:38:23.0492 1880 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
17:38:23.0492 1880 C:\Windows\SysWOW64\msv1_0.dll - ok
17:38:23.0492 1880 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
17:38:23.0492 1880 C:\Windows\SysWOW64\security.dll - ok
17:38:23.0492 1880 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:38:23.0492 1880 C:\Windows\System32\stobject.dll - ok
17:38:23.0492 1880 [ 8A53582955841F6FFC62D7FD2E913773 ] C:\Program Files (x86)\Java\jre7\bin\java.dll
17:38:23.0492 1880 C:\Program Files (x86)\Java\jre7\bin\java.dll - ok
17:38:23.0492 1880 [ 327477FD1853EDD05E8A02E1960092BD ] C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll
17:38:23.0492 1880 C:\Program Files (x86)\Pando Networks\Media Booster\nspr4.dll - ok
17:38:23.0492 1880 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
17:38:23.0492 1880 C:\Windows\System32\mfplat.dll - ok
17:38:23.0492 1880 [ 904991696B997C540EFF553B5E775809 ] C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll
17:38:23.0492 1880 C:\Program Files (x86)\Pando Networks\Media Booster\plc4.dll - ok
17:38:23.0492 1880 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
17:38:23.0492 1880 C:\Windows\SysWOW64\cryptdll.dll - ok
17:38:23.0507 1880 [ E67D2876E0892FFF0CF3B4B4630C8E4C ] C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll
17:38:23.0507 1880 C:\Program Files (x86)\Pando Networks\Media Booster\BugSplat.dll - ok
17:38:23.0507 1880 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
17:38:23.0507 1880 C:\Windows\System32\dsound.dll - ok
17:38:23.0507 1880 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
17:38:23.0507 1880 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
17:38:23.0507 1880 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:38:23.0507 1880 C:\Windows\System32\batmeter.dll - ok
17:38:23.0507 1880 [ C0FD64EB5824071B6B5683AAFDB2C60C ] C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll
17:38:23.0507 1880 C:\Program Files (x86)\Pando Networks\Media Booster\nss3.dll - ok
17:38:23.0507 1880 [ D1AE6648BB68F9275652E8EDBC32B914 ] C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll
17:38:23.0507 1880 C:\Program Files (x86)\Pando Networks\Media Booster\softokn3.dll - ok
17:38:23.0507 1880 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
17:38:23.0507 1880 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
17:38:23.0507 1880 [ 82C2CEA9AFA85E483481374621DAE39E ] C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll
17:38:23.0507 1880 C:\Program Files (x86)\Pando Networks\Media Booster\plds4.dll - ok
17:38:23.0523 1880 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
17:38:23.0523 1880 C:\Windows\System32\glu32.dll - ok
17:38:23.0523 1880 [ E37857FF2E9B95D1C70DF2F68DBBBD2F ] C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll
17:38:23.0523 1880 C:\Program Files (x86)\Pando Networks\Media Booster\ssl3.dll - ok
17:38:23.0523 1880 [ 5D7542A68AA96C3B69AF1086318AAC54 ] C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll
17:38:23.0523 1880 C:\Program Files (x86)\Pando Networks\Media Booster\smime3.dll - ok
17:38:23.0523 1880 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
17:38:23.0523 1880 C:\Windows\System32\ddraw.dll - ok
17:38:23.0523 1880 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
17:38:23.0523 1880 C:\Windows\System32\d3d8thk.dll - ok
17:38:23.0523 1880 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
17:38:23.0523 1880 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
17:38:23.0523 1880 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:38:23.0523 1880 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:38:23.0523 1880 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
17:38:23.0523 1880 C:\Windows\System32\dciman32.dll - ok
17:38:23.0523 1880 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
17:38:23.0523 1880 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
17:38:23.0538 1880 [ 0B56B878192DBA95D66A3162D38911F2 ] C:\Program Files (x86)\Java\jre7\bin\javaw.exe
17:38:23.0538 1880 C:\Program Files (x86)\Java\jre7\bin\javaw.exe - ok
17:38:23.0538 1880 [ 7C7B8A47FFC43180FD49304A87EA78F5 ] C:\Program Files\Logitech\SetPointP\KemXML.dll
17:38:23.0538 1880 C:\Program Files\Logitech\SetPointP\KemXML.dll - ok
17:38:23.0538 1880 [ 451F41C7FEF78BC7CC6F442F9CDBAE62 ] C:\Program Files\Logitech\SetPointP\kemutb.dll
17:38:23.0538 1880 C:\Program Files\Logitech\SetPointP\kemutb.dll - ok
17:38:23.0538 1880 [ 93B3D6E86E710CEDA136C973D0EDAA42 ] C:\Program Files\Logitech\SetPointP\KemWnd.dll
17:38:23.0538 1880 C:\Program Files\Logitech\SetPointP\KemWnd.dll - ok
17:38:23.0538 1880 [ 5197BFB7F70F44B8C5E56EF7C4F30200 ] C:\Program Files\Logitech\SetPointP\SetPointCOM.dll
17:38:23.0538 1880 C:\Program Files\Logitech\SetPointP\SetPointCOM.dll - ok
17:38:23.0538 1880 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
17:38:23.0538 1880 C:\Windows\SysWOW64\oledlg.dll - ok
17:38:23.0538 1880 [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
17:38:23.0538 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
17:38:23.0538 1880 [ 8150F6F385FF7F22B29220D5B2363FC4 ] C:\Windows\System32\nvd3dumx.dll
17:38:23.0538 1880 C:\Windows\System32\nvd3dumx.dll - ok
17:38:23.0538 1880 [ C543BCAE30E80606944D4ED75E290AA7 ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
17:38:23.0538 1880 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
17:38:23.0554 1880 [ EEBD0B763F32A26421A35CC2C735E8E3 ] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
17:38:23.0554 1880 C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin - ok
17:38:23.0554 1880 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
17:38:23.0554 1880 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
17:38:23.0554 1880 [ B474C756C13960793C7583B766F904C4 ] C:\Program Files\iPod\bin\iPodService.exe
17:38:23.0554 1880 C:\Program Files\iPod\bin\iPodService.exe - ok
17:38:23.0554 1880 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:38:23.0554 1880 C:\Windows\System32\prnfldr.dll - ok
17:38:23.0554 1880 [ EE3920731FDEAA8CD2D4B218B03B23D0 ] C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll
17:38:23.0554 1880 C:\Program Files (x86)\Pando Networks\Media Booster\freebl3.dll - ok
17:38:23.0554 1880 [ 57ACF47B4FA24A6B9464C9919412C411 ] C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
17:38:23.0554 1880 C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll - ok
17:38:23.0554 1880 [ 568935733EC22B63A7F65750172370A3 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
17:38:23.0554 1880 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
17:38:23.0554 1880 [ 18082FABF3AC5C2E6477CC0C82AD0623 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
17:38:23.0554 1880 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
17:38:23.0570 1880 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
17:38:23.0570 1880 C:\Windows\System32\fdProxy.dll - ok
17:38:23.0570 1880 [ 798387534977217525F11B758B3517AE ] C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll
17:38:23.0570 1880 C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll - ok
17:38:23.0570 1880 [ EDEEAA5B121A89425A5DF7AB28E4E544 ] C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll
17:38:23.0570 1880 C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll - ok
17:38:23.0570 1880 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:38:23.0570 1880 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:38:23.0570 1880 [ 563C4641DAE5355C08DF4DDC4134E196 ] C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll
17:38:23.0570 1880 C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll - ok
17:38:23.0570 1880 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:38:23.0570 1880 C:\Windows\System32\DXP.dll - ok
17:38:23.0570 1880 [ 754BDBD9A6B351E83A8648AB469E238A ] C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll
17:38:23.0570 1880 C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll - ok
17:38:23.0570 1880 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:38:23.0570 1880 C:\Windows\System32\Syncreg.dll - ok
17:38:23.0570 1880 [ B8F7FA586A70918FEC5C768250724635 ] C:\Program Files\Logitech\SetPointP\KemMon.dll
17:38:23.0570 1880 C:\Program Files\Logitech\SetPointP\KemMon.dll - ok
17:38:23.0585 1880 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:38:23.0585 1880 C:\Windows\SysWOW64\riched20.dll - ok
17:38:23.0585 1880 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:38:23.0585 1880 C:\Windows\ehome\ehSSO.dll - ok
17:38:23.0585 1880 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:38:23.0585 1880 C:\Windows\System32\netshell.dll - ok
17:38:23.0585 1880 [ 50EFBC0F319C780E67D43AA7DDB12BF3 ] C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe
17:38:23.0585 1880 C:\Program Files\Common Files\Logishrd\CDDRV3\LDConfig.exe - ok
17:38:23.0585 1880 [ 3A91AAA7EDC8DE349699BB91A328DC3D ] C:\Program Files\Logitech\SetPointP\KGame.dll
17:38:23.0585 1880 C:\Program Files\Logitech\SetPointP\KGame.dll - ok
17:38:23.0585 1880 [ 16B49EE6A552B0D270112E4A81A48923 ] C:\Program Files\Logitech\SetPointG\SetPointII.exe
17:38:23.0585 1880 C:\Program Files\Logitech\SetPointG\SetPointII.exe - ok
17:38:23.0585 1880 [ C005D9E5DC7841BB5E0C837C5C6DAB97 ] C:\Program Files\Logitech\SetPointP\LCabHandler.dll
17:38:23.0585 1880 C:\Program Files\Logitech\SetPointP\LCabHandler.dll - ok
17:38:23.0585 1880 [ BC665968D5D8965B5BEA74D15220393B ] C:\Program Files\Logitech\SetPointG\LogiOSD.dll
17:38:23.0585 1880 C:\Program Files\Logitech\SetPointG\LogiOSD.dll - ok
17:38:23.0601 1880 [ 4DA57E86B688A5832563A8BACF4DD939 ] C:\Program Files\Logitech\SetPointG\ProfileManager.dll
17:38:23.0601 1880 C:\Program Files\Logitech\SetPointG\ProfileManager.dll - ok
17:38:23.0601 1880 [ CAD486325FEA180409E208DB996BFC34 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
17:38:23.0601 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll - ok
17:38:23.0601 1880 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
17:38:23.0601 1880 C:\Windows\SysWOW64\msxml3.dll - ok
17:38:23.0601 1880 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:38:23.0601 1880 C:\Windows\SysWOW64\duser.dll - ok
17:38:23.0601 1880 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:38:23.0601 1880 C:\Windows\SysWOW64\dui70.dll - ok
17:38:23.0601 1880 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:38:23.0601 1880 C:\Windows\System32\AltTab.dll - ok
17:38:23.0601 1880 [ 31C2D848B2ED60740C9CF11EA3B2F882 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
17:38:23.0601 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll - ok
17:38:23.0601 1880 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:38:23.0601 1880 C:\Windows\System32\pnidui.dll - ok
17:38:23.0601 1880 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
17:38:23.0601 1880 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:38:23.0616 1880 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
17:38:23.0616 1880 C:\Windows\SysWOW64\perfos.dll - ok
17:38:23.0616 1880 [ 8839C69D4E9468A1E5BDF4B9F4BCC5FE ] C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll
17:38:23.0616 1880 C:\Program Files (x86)\Java\jre7\bin\client\jvm.dll - ok
17:38:23.0616 1880 [ A0D2CB3A712A3337181625E553BD835F ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sofficeapp.dll
17:38:23.0616 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sofficeapp.dll - ok
17:38:23.0616 1880 [ E9E2A13AD5FD2F6420C8827D8252559A ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\comphelp4MSC.dll
17:38:23.0616 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\comphelp4MSC.dll - ok
17:38:23.0616 1880 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\SysWOW64\icmp.dll
17:38:23.0616 1880 C:\Windows\SysWOW64\icmp.dll - ok
17:38:23.0616 1880 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
17:38:23.0616 1880 C:\Windows\SysWOW64\netprofm.dll - ok
17:38:23.0616 1880 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
17:38:23.0616 1880 C:\Windows\SysWOW64\rasapi32.dll - ok
17:38:23.0616 1880 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
17:38:23.0616 1880 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
17:38:23.0616 1880 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
17:38:23.0616 1880 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
17:38:23.0632 1880 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\SysWOW64\gameux.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\gameux.dll - ok
17:38:23.0632 1880 [ 193B592B87C9EF9BB4F01135846DCEF6 ] C:\Windows\SysWOW64\OpenCL.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\OpenCL.dll - ok
17:38:23.0632 1880 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\rasman.dll - ok
17:38:23.0632 1880 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\rtutils.dll - ok
17:38:23.0632 1880 [ DF121EF1BDE3ACD80F815FBB88740E54 ] C:\Windows\SysWOW64\nvcuda.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\nvcuda.dll - ok
17:38:23.0632 1880 [ 8E0CE415DCD35C9F2F559487CA8C93D1 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
17:38:23.0632 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll - ok
17:38:23.0632 1880 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
17:38:23.0632 1880 C:\Windows\SysWOW64\npmproxy.dll - ok
17:38:23.0632 1880 [ 016A255656BE11AF080FD44517381129 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
17:38:23.0632 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll - ok
17:38:23.0648 1880 [ 235923AF735F5C8EA83243FF56C9C140 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll - ok
17:38:23.0648 1880 [ 2C6DF80A7C4C651F1FA2E34E3AFF9261 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll - ok
17:38:23.0648 1880 [ 0283B6A3F8BAE9601AF389064C63FC43 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucbhelper4MSC.dll - ok
17:38:23.0648 1880 [ C82951D8D50299BEDC8484F7BD0AC601 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\vos3MSC.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\vos3MSC.dll - ok
17:38:23.0648 1880 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:38:23.0648 1880 C:\Windows\System32\QUTIL.DLL - ok
17:38:23.0648 1880 [ BAE102C44B88E4BD48038F4B42C3324E ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\i18nisolang1MSC.dll - ok
17:38:23.0648 1880 [ F21A4036148DE204CC56C3CE91A8DFCC ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sfxmi.dll
17:38:23.0648 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sfxmi.dll - ok
17:38:23.0648 1880 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:38:23.0648 1880 C:\Windows\System32\WPDShServiceObj.dll - ok
17:38:23.0663 1880 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
17:38:23.0663 1880 C:\Windows\System32\ActionCenter.dll - ok
17:38:23.0663 1880 [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
17:38:23.0663 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
17:38:23.0663 1880 [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
17:38:23.0663 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
17:38:23.0663 1880 [ 944D21464D0D58DBD946C2E618999FAE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.CommandCenter.Tools.dll
17:38:23.0663 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.CommandCenter.Tools.dll - ok
17:38:23.0663 1880 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
17:38:23.0663 1880 C:\Windows\System32\UIAnimation.dll - ok
17:38:23.0663 1880 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:38:23.0663 1880 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:38:23.0663 1880 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:38:23.0663 1880 C:\Windows\System32\srchadmin.dll - ok
17:38:23.0663 1880 [ A6D811E3FCCE0196A393A2B433536BCF ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
17:38:23.0663 1880 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll - ok
17:38:23.0663 1880 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:38:23.0663 1880 C:\Windows\System32\FXSST.dll - ok
17:38:23.0679 1880 [ D7999068E94589045BB8C5380AC79937 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
17:38:23.0679 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll - ok
17:38:23.0679 1880 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
17:38:23.0679 1880 C:\Windows\SysWOW64\FirewallAPI.dll - ok
17:38:23.0679 1880 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
17:38:23.0679 1880 C:\Windows\SysWOW64\xmllite.dll - ok
17:38:23.0679 1880 [ 5BAB2BB33E5F8478F03B87D414C079D1 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwemi.dll
17:38:23.0679 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwemi.dll - ok
17:38:23.0679 1880 [ F1DB2F704E805BF36C29F07126147EC5 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwimi.dll
17:38:23.0679 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwimi.dll - ok
17:38:23.0679 1880 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:38:23.0679 1880 C:\Windows\System32\FXSAPI.dll - ok
17:38:23.0679 1880 [ 76F27FAB5BA22E336E5D42626702E744 ] C:\Program Files (x86)\Java\jre7\bin\verify.dll
17:38:23.0679 1880 C:\Program Files (x86)\Java\jre7\bin\verify.dll - ok
17:38:23.0679 1880 [ 95A841BE3CF27181D7E9033DD66BC5CF ] C:\Program Files (x86)\Java\jre7\bin\zip.dll
17:38:23.0679 1880 C:\Program Files (x86)\Java\jre7\bin\zip.dll - ok
17:38:23.0694 1880 [ A4FDED4D1EB782C46DD6CDC5121967E4 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\utlmi.dll
17:38:23.0694 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\utlmi.dll - ok
17:38:23.0694 1880 [ 4D973B73E7106E3B0B643735D0FA018E ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\tlmi.dll
17:38:23.0694 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\tlmi.dll - ok
17:38:23.0694 1880 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:38:23.0694 1880 C:\Windows\System32\FXSRESM.dll - ok
17:38:23.0694 1880 [ 32818D28DF3977DBF2DE3E3ABC579274 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\basegfxmi.dll
17:38:23.0694 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\basegfxmi.dll - ok
17:38:23.0694 1880 [ 0685767DCBE190E04F99917030F2A0FC ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\vclmi.dll
17:38:23.0694 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\vclmi.dll - ok
17:38:23.0694 1880 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:38:23.0694 1880 C:\Windows\System32\bthprops.cpl - ok
17:38:23.0694 1880 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
17:38:23.0694 1880 C:\Windows\SysWOW64\dbghelp.dll - ok
17:38:23.0694 1880 [ 3C78B47C00A74276E747D69DB4E2E25D ] C:\Windows\SysWOW64\nvd3dum.dll
17:38:23.0694 1880 C:\Windows\SysWOW64\nvd3dum.dll - ok
17:38:23.0694 1880 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
17:38:23.0694 1880 C:\Windows\System32\webcheck.dll - ok
17:38:23.0710 1880 [ E829C45F0D77852C43BE99C4B1BD215D ] C:\Windows\System32\ieframe.dll
17:38:23.0710 1880 C:\Windows\System32\ieframe.dll - ok
17:38:23.0710 1880 [ 3302420F20850E51F2A322ED9C23FA48 ] C:\Windows\SysWOW64\nvapi.dll
17:38:23.0710 1880 C:\Windows\SysWOW64\nvapi.dll - ok
17:38:23.0710 1880 [ 58A1ED9BBA5E34542FF83B3DDD7098D7 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sotmi.dll
17:38:23.0710 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sotmi.dll - ok
17:38:23.0710 1880 [ 8900803D62CAB939FA29942A104AF1FB ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\i18nutilMSC.dll
17:38:23.0710 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\i18nutilMSC.dll - ok
17:38:23.0710 1880 [ 88E26CCA39355D8A11044236BEAA2298 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\icuuc40.dll
17:38:23.0710 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\icuuc40.dll - ok
17:38:23.0710 1880 [ 763EE029DAC8AFEEF236F8EA0F02454D ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\icudt40.dll
17:38:23.0710 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\icudt40.dll - ok
17:38:23.0710 1880 [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\SysWOW64\perfctrs.dll
17:38:23.0710 1880 C:\Windows\SysWOW64\perfctrs.dll - ok
17:38:23.0710 1880 [ CA618958889A8BA0E37E6E5E59B73BD5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll
17:38:23.0710 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\27dcf04ed7a3506045597c02a5a1fc31\System.Core.ni.dll - ok
17:38:23.0726 1880 [ 2775CF7A0D1ABEBCBF2296A2D95AF793 ] C:\Program Files (x86)\Java\jre7\bin\awt.dll
17:38:23.0726 1880 C:\Program Files (x86)\Java\jre7\bin\awt.dll - ok
17:38:23.0726 1880 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:38:23.0726 1880 C:\Windows\System32\mlang.dll - ok
17:38:23.0726 1880 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:38:23.0726 1880 C:\Windows\System32\SyncCenter.dll - ok
17:38:23.0726 1880 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:38:23.0726 1880 C:\Windows\System32\FXSSVC.exe - ok
17:38:23.0726 1880 [ 1895402C57C32BF8281E8F6C65522253 ] C:\Windows\SysWOW64\jscript.dll
17:38:23.0726 1880 C:\Windows\SysWOW64\jscript.dll - ok
17:38:23.0726 1880 [ 135CE2A1DD4A45D652BB61E1BC76A59F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.7.24.0__bebb3c8816410241\AlienLabsTools.dll
17:38:23.0726 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.7.24.0__bebb3c8816410241\AlienLabsTools.dll - ok
17:38:23.0726 1880 [ 0CDF83523F927E4AC0FC76700BBA11C1 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
17:38:23.0726 1880 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
17:38:23.0726 1880 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:38:23.0726 1880 C:\Windows\System32\imapi2.dll - ok
17:38:23.0726 1880 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:38:23.0726 1880 C:\Windows\System32\netman.dll - ok
17:38:23.0726 1880 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:38:23.0726 1880 C:\Windows\System32\hgcpl.dll - ok
17:38:23.0741 1880 [ 270D096C85417993A35189A2D09B757B ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\svlmi.dll
17:38:23.0741 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\svlmi.dll - ok
17:38:23.0741 1880 [ 789CE6438CD90B17C334ACDE55F67486 ] C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
17:38:23.0741 1880 C:\Program Files\Alienware\Command Center\AWCCServiceController.exe - ok
17:38:23.0741 1880 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
17:38:23.0741 1880 C:\Windows\SysWOW64\mlang.dll - ok
17:38:23.0741 1880 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
17:38:23.0741 1880 C:\Windows\System32\fdPHost.dll - ok
17:38:23.0741 1880 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:38:23.0741 1880 C:\Windows\System32\rasdlg.dll - ok
17:38:23.0741 1880 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
17:38:23.0741 1880 C:\Windows\System32\fdWSD.dll - ok
17:38:23.0741 1880 [ 9DA195A0DE0F6197D939C515227CB91D ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\svtmi.dll
17:38:23.0741 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\svtmi.dll - ok
17:38:23.0741 1880 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
17:38:23.0741 1880 C:\Windows\System32\fdSSDP.dll - ok
17:38:23.0757 1880 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
17:38:23.0757 1880 C:\Windows\System32\P2P.dll - ok
17:38:23.0757 1880 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
17:38:23.0757 1880 C:\Windows\System32\ListSvc.dll - ok
17:38:23.0757 1880 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
17:38:23.0757 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
17:38:23.0757 1880 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
17:38:23.0757 1880 C:\Windows\System32\p2pcollab.dll - ok
17:38:23.0757 1880 [ F38B92211F961CF9D48B2192BC7B00D6 ] C:\Program Files (x86)\Java\jre7\bin\deploy.dll
17:38:23.0757 1880 C:\Program Files (x86)\Java\jre7\bin\deploy.dll - ok
17:38:23.0757 1880 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:38:23.0757 1880 C:\Windows\System32\dot3api.dll - ok
17:38:23.0757 1880 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:38:23.0757 1880 C:\Windows\System32\wlanhlp.dll - ok
17:38:23.0757 1880 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
17:38:23.0757 1880 C:\Windows\System32\pnrpsvc.dll - ok
17:38:23.0757 1880 [ F7220A36464885AC591C21544B47D443 ] C:\Program Files\Internet Explorer\ieproxy.dll
17:38:23.0757 1880 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:38:23.0772 1880 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:38:23.0772 1880 C:\Windows\System32\wlanapi.dll - ok
17:38:23.0772 1880 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:38:23.0772 1880 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:38:23.0772 1880 [ 0A45A39E9A1D3D33A49D1BAF292659E3 ] C:\Program Files (x86)\Java\jre7\bin\net.dll
17:38:23.0772 1880 C:\Program Files (x86)\Java\jre7\bin\net.dll - ok
17:38:23.0772 1880 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
17:38:23.0772 1880 C:\Windows\System32\IdListen.dll - ok
17:38:23.0772 1880 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
17:38:23.0772 1880 C:\Windows\System32\SearchFolder.dll - ok
17:38:23.0772 1880 [ F897D8369C0523D32A5DD169DF545BCD ] C:\Program Files (x86)\Java\jre7\bin\nio.dll
17:38:23.0772 1880 C:\Program Files (x86)\Java\jre7\bin\nio.dll - ok
17:38:23.0772 1880 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:38:23.0772 1880 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:38:23.0772 1880 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
17:38:23.0772 1880 C:\Windows\System32\hgprint.dll - ok
17:38:23.0772 1880 [ 2D1467A7B9A85021C71471A1E4118383 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\tkmi.dll
17:38:23.0772 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\tkmi.dll - ok
17:38:23.0788 1880 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
17:38:23.0788 1880 C:\Windows\System32\QAGENTRT.DLL - ok
17:38:23.0788 1880 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:38:23.0788 1880 C:\Windows\System32\WWanAPI.dll - ok
17:38:23.0788 1880 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
17:38:23.0788 1880 C:\Windows\System32\fveui.dll - ok
17:38:23.0788 1880 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
17:38:23.0788 1880 C:\Windows\System32\p2psvc.dll - ok
17:38:23.0788 1880 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:38:23.0788 1880 C:\Windows\System32\wwapi.dll - ok
17:38:23.0788 1880 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
17:38:23.0788 1880 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
17:38:23.0788 1880 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
17:38:23.0788 1880 C:\Windows\System32\CertPolEng.dll - ok
17:38:23.0788 1880 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:38:23.0788 1880 C:\Windows\System32\QAGENT.DLL - ok
17:38:23.0788 1880 [ 48489F186EFD8AB70414180DA3F0505B ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
17:38:23.0788 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll - ok
17:38:23.0804 1880 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
17:38:23.0804 1880 C:\Windows\System32\P2PGraph.dll - ok
17:38:23.0804 1880 [ 32B5F15F3F71DA49C4E57BF5DB85B2C8 ] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
17:38:23.0804 1880 C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll - ok
17:38:23.0804 1880 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
17:38:23.0804 1880 C:\Windows\System32\wsock32.dll - ok
17:38:23.0804 1880 [ B9E5169893DC1541B4226402AB32C404 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sbmi.dll
17:38:23.0804 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sbmi.dll - ok
17:38:23.0804 1880 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
17:38:23.0804 1880 C:\Windows\System32\wmdrmdev.dll - ok
17:38:23.0804 1880 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
17:38:23.0804 1880 C:\Windows\System32\msvcr100_clr0400.dll - ok
17:38:23.0804 1880 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
17:38:23.0804 1880 C:\Windows\System32\drmv2clt.dll - ok
17:38:23.0804 1880 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:38:23.0804 1880 C:\Windows\System32\wmp.dll - ok
17:38:23.0804 1880 [ CB9C5D21318A7C8EACE7FAF49886EBED ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\xcrmi.dll
17:38:23.0804 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\xcrmi.dll - ok
17:38:23.0819 1880 [ 080361413A529CBF4BCA29458F3645A4 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\saxmi.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\saxmi.dll - ok
17:38:23.0819 1880 [ 8D89DE6FDF53F79F7303B5C179EF5CC2 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\jmi_g.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\jmi_g.dll - ok
17:38:23.0819 1880 [ FE4D9C36122778C9C2A84ACA08D54321 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll
17:38:23.0819 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\4f52500ab48877b85e71430f4f46670f\mscorlib.ni.dll - ok
17:38:23.0819 1880 [ CEDECCE16E90FBFF125D2B233309D840 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll - ok
17:38:23.0819 1880 [ C87ED5EDC7A190757959F54D313AC86D ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll - ok
17:38:23.0819 1880 [ 57A659EDD410FA41F2D6578880BA17B1 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll - ok
17:38:23.0819 1880 [ ECF245A31E257C67061E015DE8A4B4B9 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
17:38:23.0819 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll - ok
17:38:23.0819 1880 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
17:38:23.0819 1880 C:\Windows\System32\blackbox.dll - ok
17:38:23.0835 1880 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
17:38:23.0835 1880 C:\Windows\System32\upnp.dll - ok
17:38:23.0835 1880 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
17:38:23.0835 1880 C:\Windows\System32\ssdpsrv.dll - ok
17:38:23.0835 1880 [ 8F101652DCBA15C2C056C7E960A18D6C ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
17:38:23.0835 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll - ok
17:38:23.0835 1880 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
17:38:23.0835 1880 C:\Windows\System32\wmploc.DLL - ok
17:38:23.0835 1880 [ E6D7A8A58FF3D59F721543619A8CFF87 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll
17:38:23.0835 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\unsafe_uno_uno.dll - ok
17:38:23.0835 1880 [ A567008BCFF6FC8803681FD6E05DB495 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll
17:38:23.0835 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\purpenvhelper3MSC.dll - ok
17:38:23.0835 1880 [ 4900A882544E957DFACC04BC094F7A28 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\configmgr2.uno.dll
17:38:23.0835 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\configmgr2.uno.dll - ok
17:38:23.0835 1880 [ 85E8A73C695C888078F89E32903384BA ] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
17:38:23.0835 1880 C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe - ok
17:38:23.0850 1880 [ 4374B2528BCBB8F95FB12CC6C8FF0773 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
17:38:23.0850 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
17:38:23.0850 1880 [ 51621E4B29575A8CF429E6F6DA58A577 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
17:38:23.0850 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
17:38:23.0850 1880 [ 8A007ADD513E933A73C92312D16F3A35 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienwareAlienFXTools\v4.0_2.7.24.0__bebb3c8816410241\AlienwareAlienFXTools.dll
17:38:23.0850 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienwareAlienFXTools\v4.0_2.7.24.0__bebb3c8816410241\AlienwareAlienFXTools.dll - ok
17:38:23.0850 1880 [ 95C6BD7CC13895581C4DE415E87640E6 ] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
17:38:23.0850 1880 C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll - ok
17:38:23.0850 1880 [ B45F3D98A83B6E17599FD8E70ED5D9AE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
17:38:23.0850 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll - ok
17:38:23.0850 1880 [ 3E9FC80F084589CDA4AE3322EEECFFC0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll
17:38:23.0850 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\a91f32875cb3ba779f1b3ceff1690251\System.ni.dll - ok
17:38:23.0850 1880 [ 561D263EA7B6F9E088EA39496C58C50D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll
17:38:23.0850 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\39f4c7717661667c68f9af8c4f6402b9\System.Windows.Forms.ni.dll - ok
17:38:23.0850 1880 [ B337985DF8C817F5DD25E0EEF53D0802 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll
17:38:23.0850 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sysmgr1.uno.dll - ok
17:38:23.0850 1880 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
17:38:23.0850 1880 C:\Windows\System32\wmpps.dll - ok
17:38:23.0866 1880 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
17:38:23.0866 1880 C:\Windows\System32\wmpmde.dll - ok
17:38:23.0866 1880 [ A3996FFAA613C9475D927815971F6F27 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sax.uno.dll
17:38:23.0866 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\sax.uno.dll - ok
17:38:23.0866 1880 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
17:38:23.0866 1880 C:\Windows\System32\WinSATAPI.dll - ok
17:38:23.0866 1880 [ 9388992044FC54A523D20CA2C0CFCF9E ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\localebe1.uno.dll
17:38:23.0866 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\localebe1.uno.dll - ok
17:38:23.0866 1880 [ FFB765E1575F0208547045DBF0F1DF81 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\behelper.uno.dll
17:38:23.0866 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\behelper.uno.dll - ok
17:38:23.0866 1880 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
17:38:23.0866 1880 C:\Windows\System32\MSMPEG2ENC.DLL - ok
17:38:23.0866 1880 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
17:38:23.0866 1880 C:\Windows\System32\devenum.dll - ok
17:38:23.0866 1880 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
17:38:23.0866 1880 C:\Windows\System32\msdmo.dll - ok
17:38:23.0882 1880 [ ED6DE08A683BCDCAFF4B6DC799890EF3 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucb1.dll
17:38:23.0882 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucb1.dll - ok
17:38:23.0882 1880 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
17:38:23.0882 1880 C:\Windows\System32\drttransport.dll - ok
17:38:23.0882 1880 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
17:38:23.0882 1880 C:\Windows\System32\upnphost.dll - ok
17:38:23.0882 1880 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
17:38:23.0882 1880 C:\Windows\System32\drt.dll - ok
17:38:23.0882 1880 [ 8F108D0C1D917355010B3E01DADE2DAB ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwlmi.dll
17:38:23.0882 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwlmi.dll - ok
17:38:23.0882 1880 [ 1C326927D68D0922179EBC71D609E617 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll
17:38:23.0882 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\5ae853f556290da9399b15b3619f7e15\System.Drawing.ni.dll - ok
17:38:23.0882 1880 [ D7E49B52058C5A9002EF44475E5ACD86 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucpfile1.dll
17:38:23.0882 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\ucpfile1.dll - ok
17:38:23.0882 1880 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
17:38:23.0882 1880 C:\Windows\System32\wbem\wmiprov.dll - ok
17:38:23.0882 1880 [ D206AB16CF82C078D00FDAE9130A4B44 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll
17:38:23.0882 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\5de5d8c1c02e33789e3cf7e3f54c0ec9\System.Configuration.ni.dll - ok
17:38:23.0897 1880 [ 5CA2A1DBE29AEA7F0B5D2848A8D03F58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
17:38:23.0897 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll - ok
17:38:23.0897 1880 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
17:38:23.0897 1880 C:\Windows\System32\udhisapi.dll - ok
17:38:23.0897 1880 [ 961A8780624A780138CFAF9CE40B5034 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwkmi.dll
17:38:23.0897 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\fwkmi.dll - ok
17:38:23.0897 1880 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
17:38:23.0897 1880 C:\Windows\SysWOW64\msimtf.dll - ok
17:38:23.0897 1880 [ 69F42E40A0C4344939437D86A8893DA6 ] C:\Windows\SysWOW64\jscript9.dll
17:38:23.0897 1880 C:\Windows\SysWOW64\jscript9.dll - ok
17:38:23.0897 1880 [ 178EDCD270E0450999BB6D6E2E596BBB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Accessibility\260fa58159984e03a75feeaf68b0bfc4\Accessibility.ni.dll
17:38:23.0897 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\Accessibility\260fa58159984e03a75feeaf68b0bfc4\Accessibility.ni.dll - ok
17:38:23.0897 1880 [ 046525FAF600A5D1C0159FD61C2FACF2 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\d35cb7c4685a865c8e4a3409a526b13c\System.Runtime.Remoting.ni.dll
17:38:23.0897 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runtime.Remo#\d35cb7c4685a865c8e4a3409a526b13c\System.Runtime.Remoting.ni.dll - ok
17:38:23.0897 1880 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
17:38:23.0897 1880 C:\Windows\SysWOW64\d2d1.dll - ok
17:38:23.0913 1880 [ 955B9DF0856A2A35512E831A4E67E082 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll
17:38:23.0913 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\7a9ff5ce3a909d075179a2ac70d8f388\WindowsBase.ni.dll - ok
17:38:23.0913 1880 [ 5B530FAED94D93273A7C67BFAC23644F ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\oooimprovementmi.dll
17:38:23.0913 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\oooimprovementmi.dll - ok
17:38:23.0913 1880 [ 4BCB1FFD7FA292557F63DDC1770CEC88 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\a43bf29e6d6c959640c70eded05dad1a\System.Configuration.ni.dll
17:38:23.0913 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\a43bf29e6d6c959640c70eded05dad1a\System.Configuration.ni.dll - ok
17:38:23.0913 1880 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
17:38:23.0913 1880 C:\Windows\SysWOW64\DWrite.dll - ok
17:38:23.0913 1880 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
17:38:23.0913 1880 C:\Windows\System32\FntCache.dll - ok
17:38:23.0913 1880 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
17:38:23.0913 1880 C:\Windows\SysWOW64\schannel.dll - ok
17:38:23.0913 1880 [ D85E50C36D2AF4B9F69873E4A31FB1F8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll
17:38:23.0913 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\f4afb233f160b8e55aad4660e45b374c\System.Xml.ni.dll - ok
17:38:23.0913 1880 [ C1639368BDFBB98AB5EB4EA92C2365B2 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\oleautobridge.uno.dll
17:38:23.0913 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\oleautobridge.uno.dll - ok
17:38:23.0928 1880 [ 7F4E486B53D3BE35F73AE1F148F7A490 ] C:\Program Files (x86)\OpenOffice.org 3\Basis\program\emsermi.dll
17:38:23.0928 1880 C:\Program Files (x86)\OpenOffice.org 3\Basis\program\emsermi.dll - ok
17:38:23.0928 1880 [ 1F64CCE0341B4950F40D6C53C15F7708 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll
17:38:23.0928 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e10fd15441d278c04a03302880a3e231\PresentationCore.ni.dll - ok
17:38:23.0928 1880 [ F163B58094B55ED88774741D0F501188 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
17:38:23.0928 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
17:38:23.0928 1880 [ CDD518EBEED5B1DD1FBEBACC4C07DA45 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll
17:38:23.0928 1880 C:\Program Files\Common Files\Microsoft Shared\Windows Live\msidcrl40.dll - ok
17:38:23.0928 1880 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
17:38:23.0928 1880 C:\Windows\SysWOW64\d3d10_1.dll - ok
17:38:23.0928 1880 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
17:38:23.0928 1880 C:\Windows\SysWOW64\d3d10_1core.dll - ok
17:38:23.0928 1880 [ 9A0B20FF765D87FD45DA100AAC1508D1 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
17:38:23.0928 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
17:38:23.0928 1880 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
17:38:23.0928 1880 C:\Windows\SysWOW64\d3d10warp.dll - ok
17:38:23.0928 1880 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
17:38:23.0928 1880 C:\Windows\SysWOW64\msls31.dll - ok
17:38:23.0944 1880 [ 55A44A00882241C12293CFA6B7FABD78 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll
17:38:23.0944 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\14f511c47523f19ca591eb207e9e2084\PresentationFramework.ni.dll - ok
17:38:23.0944 1880 [ 5C0A02A7121D006F3333B15163785FE5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
17:38:23.0944 1880 [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
17:38:23.0944 1880 [ 7E49768AEB0FD0199A44A45525B86BEC ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll - ok
17:38:23.0944 1880 [ BCED95C3424E3316D455E19B671ACEEC ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll - ok
17:38:23.0944 1880 [ 5183D2D02A777B42BB46BB74CBB93CEB ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll - ok
17:38:23.0944 1880 [ 70E7237A92D7C161659338AFF4D63E49 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll
17:38:23.0944 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll - ok
17:38:23.0960 1880 [ E110FEC3E07D2798FCEC118001EF4D02 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll - ok
17:38:23.0960 1880 [ 61642A58EA2493D413CC88BC152E56AD ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.dll - ok
17:38:23.0960 1880 [ 1FCC708530C95AE04B41E2F7BBBF07A1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.Andromeda\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.Andromeda.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.Andromeda\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.Andromeda.dll - ok
17:38:23.0960 1880 [ 7368EAA632B1C9C2FF58D34EF84B211E ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x522\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x522.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x522\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x522.dll - ok
17:38:23.0960 1880 [ CFB16D78A51C170D8C3C5398FF1906FF ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.XPS\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.XPS.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.XPS\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.XPS.dll - ok
17:38:23.0960 1880 [ 7A0B6C93CB10B029E11E533F564A5E9B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x520\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x520.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x520\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x520.dll - ok
17:38:23.0960 1880 [ B385E2F216DC172DF0F24BC78CC31578 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x521\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x521.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x521\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x521.dll - ok
17:38:23.0960 1880 [ 2B0C861D03C3B00B98074F3E01CA496D ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll
17:38:23.0960 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll - ok
17:38:23.0975 1880 [ A2C740C03825D6AFA2A3DA483D086CAF ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll - ok
17:38:23.0975 1880 [ BA931DC76D64DE554C91A7CA3EB37BA9 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll - ok
17:38:23.0975 1880 [ A989D8285E9A8B914B602A3315FE681D ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x518\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x518.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x518\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x518.dll - ok
17:38:23.0975 1880 [ 3061FD2DB33EFA8C31DBF56607ED329B ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll - ok
17:38:23.0975 1880 [ FBDF7C18B301D9F272E95CC1F2C7E0DB ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll - ok
17:38:23.0975 1880 [ CF95FD27630AD5236369F6E3EAE37204 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll - ok
17:38:23.0975 1880 [ ED6463919045F584C9696D4876F65DDE ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
17:38:23.0975 1880 [ 0CED0FDDE51FD2147FE2805EAF8FAF0F ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.Core\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.Core.dll
17:38:23.0975 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienFX.Communication.Core\v4.0_2.7.24.0__bebb3c8816410241\AlienFX.Communication.Core.dll - ok
17:38:23.0991 1880 [ 257D6322588F523D69C345F435D43918 ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll - ok
17:38:23.0991 1880 [ CC96BF380839E950229AD45D91AEE197 ] C:\Program Files (x86)\Impulse\NativeServices\GSANative.exe
17:38:23.0991 1880 C:\Program Files (x86)\Impulse\NativeServices\GSANative.exe - ok
17:38:23.0991 1880 [ 7844D29A9842A6B52510EEF56EA6C2F4 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\LightFX\v4.0_2.7.24.0__bebb3c8816410241\LightFX.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\LightFX\v4.0_2.7.24.0__bebb3c8816410241\LightFX.dll - ok
17:38:23.0991 1880 [ 7588EB18E65EE0E37FC64AED879AD328 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienwareAlienFXModelResources\v4.0_2.7.24.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienwareAlienFXModelResources\v4.0_2.7.24.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll - ok
17:38:23.0991 1880 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:38:23.0991 1880 [ EBD345E154827DBFC6A77E3F07F63835 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe
17:38:23.0991 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\csc.exe - ok
17:38:23.0991 1880 [ 4AD576CA9E7752A86140ACAEEA3356F5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\alink.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\alink.dll - ok
17:38:23.0991 1880 [ 8D44D74079457EE855FFA19DF97D8DD3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll
17:38:23.0991 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorpehost.dll - ok
17:38:24.0006 1880 [ DFA8E7CDFC7A0E6673EC2459D494A67C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe
17:38:24.0006 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\cvtres.exe - ok
17:38:24.0006 1880 [ 6F3A27634800FB32B4693A958346A8E5 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
17:38:24.0006 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll - ok
17:38:24.0006 1880 [ C3E39FB1398EEE8E612C2FE53A9192EF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
17:38:24.0006 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll - ok
17:38:24.0006 1880 [ 852A83D6F1E4BA8ECA3EA0062202DCD8 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.CommandCenter.RemotingService.Domain\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.CommandCenter.RemotingService.Domain.dll
17:38:24.0006 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\AlienLabs.CommandCenter.RemotingService.Domain\v4.0_2.7.24.0__bebb3c8816410241\AlienLabs.CommandCenter.RemotingService.Domain.dll - ok
17:38:24.0006 1880 [ DE126EA471D22F0D94821AAE8C414A37 ] C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
17:38:24.0006 1880 C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe - ok
17:38:24.0006 1880 [ C6784221B9E5ADB85B40FF8E4FC5293F ] C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
17:38:24.0006 1880 C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe - ok
17:38:24.0006 1880 [ 49E33BB5A579A15D3FC0CFA09513F3F9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll
17:38:24.0006 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\9071f089ab65d518d1bd7e8fa857a95f\System.Data.ni.dll - ok
17:38:24.0006 1880 [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:38:24.0006 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:38:24.0022 1880 [ 3518CB4E2D896CAB53D5386F15AC0566 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
17:38:24.0022 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll - ok
17:38:24.0022 1880 [ 29B86B3C8253280151EEBE843A9648CD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
17:38:24.0022 1880 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:38:24.0022 1880 [ 8CD85C17EB44230F73267F19C38E4201 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
17:38:24.0022 1880 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll - ok
17:38:24.0022 1880 [ 11B4006BAB0406CC6E051B3C8D5EF2E9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll
17:38:24.0022 1880 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll - ok
17:38:24.0022 1880 [ B864E9E24A52A9227DDAD6ECB518210A ] C:\Program Files (x86)\Impulse\NativeServices\Sd.Common.dll
17:38:24.0022 1880 C:\Program Files (x86)\Impulse\NativeServices\Sd.Common.dll - ok
17:38:24.0022 1880 [ E587D98467D6B5C7D9F3A39E0E00C708 ] C:\Program Files (x86)\Impulse\NativeServices\Gibraltar.Agent.dll
17:38:24.0022 1880 C:\Program Files (x86)\Impulse\NativeServices\Gibraltar.Agent.dll - ok
17:38:24.0022 1880 [ 27E79A455EF80647F4F57FA3C2B09C94 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
17:38:24.0022 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll - ok
17:38:24.0022 1880 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
17:38:24.0022 1880 C:\Windows\System32\comsvcs.dll - ok
17:38:24.0038 1880 [ 8B1590C627138166C015A5680ABF6BB2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
17:38:24.0038 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll - ok
17:38:24.0038 1880 [ FFF957EF1040F6B4A3A2F230E96593CA ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.EnterpriseServices.Thunk.dll
17:38:24.0038 1880 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\System.EnterpriseServices.Thunk.dll - ok
17:38:24.0038 1880 [ 65EE8320CA5795AF6B9553D255E52324 ] C:\Windows\System32\AlienFXBiosSupportAPI64.dll
17:38:24.0038 1880 C:\Windows\System32\AlienFXBiosSupportAPI64.dll - ok
17:38:24.0038 1880 [ 2A8DAB7AA50CC8305264683B13B61D6D ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll
17:38:24.0038 1880 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90.dll - ok
17:38:24.0038 1880 [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
17:38:24.0038 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
17:38:24.0038 1880 [ 871F7F32E3441580138E61A4AA072DF6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
17:38:24.0038 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll - ok
17:38:24.0038 1880 [ 21E110FF1C0E948860458BD7B692DE13 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
17:38:24.0038 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll - ok
17:38:24.0038 1880 [ DF1F3AFE18D254F759BB1A000B811C15 ] C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
17:38:24.0038 1880 C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll - ok
17:38:24.0053 1880 [ 52C875E8F96E4F9E69914A538C129C6E ] C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
17:38:24.0053 1880 C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll - ok
17:38:24.0053 1880 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:38:24.0053 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:38:24.0053 1880 [ EF982260A3102B065D94F1E5959EC8B9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
17:38:24.0053 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll - ok
17:38:24.0053 1880 [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
17:38:24.0053 1880 C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:38:24.0053 1880 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
17:38:24.0053 1880 C:\Windows\SysWOW64\pcwum.dll - ok
17:38:24.0053 1880 [ C02F50BBC064689FE3FCD89348C884EB ] C:\Windows\SysWOW64\netfxperf.dll
17:38:24.0053 1880 C:\Windows\SysWOW64\netfxperf.dll - ok
17:38:24.0053 1880 [ 257147843B66B67CB72AE8197DD479CD ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
17:38:24.0053 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
17:38:24.0053 1880 [ BE210318FA6DA2A862BD41EA87E8CBE6 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
17:38:24.0053 1880 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
17:38:24.0069 1880 [ DC3078BA1B58562416C843582A42284C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
17:38:24.0069 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
17:38:24.0069 1880 [ A3F51E726D98510C0A9B3D9F92D0686A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll
17:38:24.0069 1880 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll - ok
17:38:24.0069 1880 [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\Windows\SysWOW64\aspnet_counters.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\aspnet_counters.dll - ok
17:38:24.0069 1880 [ F4E9693F449600A30088A0B16079F3CD ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
17:38:24.0069 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
17:38:24.0069 1880 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\SysWOW64\bitsperf.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\bitsperf.dll - ok
17:38:24.0069 1880 [ 8C9179609935F84202028849112D355A ] C:\Windows\SysWOW64\esentprf.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\esentprf.dll - ok
17:38:24.0069 1880 [ E991956ACE9E57BFB9F8BB077D11B34E ] C:\Windows\SysWOW64\msdtcuiu.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\msdtcuiu.dll - ok
17:38:24.0069 1880 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\atl.dll - ok
17:38:24.0069 1880 [ 19B8C44BC54C7859E57E0EC1312D5B92 ] C:\Windows\SysWOW64\msdtcprx.dll
17:38:24.0069 1880 C:\Windows\SysWOW64\msdtcprx.dll - ok
17:38:24.0084 1880 [ 8483DD8F87DBE86AAB55BBF95C207061 ] C:\Windows\SysWOW64\mtxclu.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\mtxclu.dll - ok
17:38:24.0084 1880 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\clusapi.dll - ok
17:38:24.0084 1880 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\resutils.dll - ok
17:38:24.0084 1880 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\ktmw32.dll - ok
17:38:24.0084 1880 [ 9C88AF1E803B3DCBCD83DF5F9AE921BA ] C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL
17:38:24.0084 1880 C:\Program Files (x86)\Microsoft Office\Office14\OLMAPI32.DLL - ok
17:38:24.0084 1880 [ 2DC6285EC4F902BE08E7C5FA6D3FD017 ] C:\Windows\SysWOW64\msscntrs.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\msscntrs.dll - ok
17:38:24.0084 1880 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
17:38:24.0084 1880 C:\Windows\SysWOW64\perfdisk.dll - ok
17:38:24.0084 1880 [ C272B13E36187E7A3D5466E0D7F823F4 ] C:\Program Files (x86)\Impulse\NativeServices\Sd.Common.XmlSerializers.dll
17:38:24.0084 1880 C:\Program Files (x86)\Impulse\NativeServices\Sd.Common.XmlSerializers.dll - ok
17:38:24.0084 1880 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
17:38:24.0084 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
17:38:24.0100 1880 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
17:38:24.0100 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
17:38:24.0100 1880 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
17:38:24.0100 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
17:38:24.0100 1880 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
17:38:24.0100 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
17:38:24.0100 1880 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
17:38:24.0100 1880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
17:38:24.0100 1880 [ AE835E3210D41A8185ADDA73AFB7C044 ] C:\Program Files (x86)\Impulse\NativeServices\Sd.Web.dll
17:38:24.0100 1880 C:\Program Files (x86)\Impulse\NativeServices\Sd.Web.dll - ok
17:38:24.0100 1880 [ 1ACC2484F3F111D577ABE4FFB1CAF2A5 ] C:\Windows\SysWOW64\perfnet.dll
17:38:24.0100 1880 C:\Windows\SysWOW64\perfnet.dll - ok
17:38:24.0100 1880 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
17:38:24.0100 1880 C:\Windows\SysWOW64\browcli.dll - ok
17:38:24.0100 1880 [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
17:38:24.0100 1880 C:\Windows\SysWOW64\perfproc.dll - ok
17:38:24.0100 1880 [ 6E608664EBEEAB5A03BA32324016695B ] C:\Windows\SysWOW64\rasctrs.dll
17:38:24.0100 1880 C:\Windows\SysWOW64\rasctrs.dll - ok
17:38:24.0116 1880 [ 5BBD1F824741AA1FDA9A9DFD3A9D5416 ] C:\Windows\SysWOW64\tapiperf.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\tapiperf.dll - ok
17:38:24.0116 1880 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\logoncli.dll - ok
17:38:24.0116 1880 [ FB1BA42D1A1440E99C6B8667E141CFB1 ] C:\Windows\SysWOW64\perfts.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\perfts.dll - ok
17:38:24.0116 1880 [ D25958B2A71EF488959272878EF934BE ] C:\Windows\SysWOW64\utildll.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\utildll.dll - ok
17:38:24.0116 1880 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\samcli.dll - ok
17:38:24.0116 1880 [ 109007869CB95CBD9B92FDF35B96D7B5 ] C:\Windows\SysWOW64\usbperf.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\usbperf.dll - ok
17:38:24.0116 1880 [ 91429E9A7458899034952047B2B58842 ] C:\Windows\SysWOW64\wbem\WmiApRpl.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\wbem\WmiApRpl.dll - ok
17:38:24.0116 1880 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\SysWOW64\loadperf.dll
17:38:24.0116 1880 C:\Windows\SysWOW64\loadperf.dll - ok
17:38:24.0116 1880 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
17:38:24.0116 1880 C:\Windows\System32\wbem\WmiApSrv.exe - ok
17:38:24.0131 1880 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
17:38:24.0131 1880 C:\Windows\System32\loadperf.dll - ok
17:38:24.0131 1880 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
17:38:24.0131 1880 C:\Windows\SysWOW64\tquery.dll - ok
17:38:24.0131 1880 [ 0064A9F3C653A548A26EEABBBACAB560 ] C:\Program Files (x86)\Impulse\NativeServices\Stardock.Central.Security.dll
17:38:24.0131 1880 C:\Program Files (x86)\Impulse\NativeServices\Stardock.Central.Security.dll - ok
17:38:24.0131 1880 [ 36CAEAD8A7FFB90D05EC97985315388F ] C:\Program Files\Alienware\Command Center\AlienFusionService.exe
17:38:24.0131 1880 C:\Program Files\Alienware\Command Center\AlienFusionService.exe - ok
17:38:24.0131 1880 [ 0966BBFD98EB7EDDE999B6739B8B449A ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
17:38:24.0131 1880 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:38:24.0131 1880 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:24.0131 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
17:38:24.0131 1880 [ AB690CD34CF4B4E3DDF78FD4FBCF88C3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll
17:38:24.0131 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll - ok
17:38:24.0131 1880 [ 6C69EA6A0C308A0FB81992CAC9F39C59 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
17:38:24.0131 1880 C:\Windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll - ok
17:38:24.0147 1880 [ ECE839B3460B969E4216207D04C81237 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\a66416296451fe6d2d8a5506ca41b23d\System.Numerics.ni.dll
17:38:24.0147 1880 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Numerics\a66416296451fe6d2d8a5506ca41b23d\System.Numerics.ni.dll - ok
17:38:24.0147 1880 [ CDD2A769203D2E39D5F595F8D7BDA88B ] C:\Program Files\Alienware\Command Center\AlienFusionController.exe
17:38:24.0147 1880 C:\Program Files\Alienware\Command Center\AlienFusionController.exe - ok
17:38:24.0147 1880 [ 425D342AB35EE295A63BB7232D266A96 ] C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll
17:38:24.0147 1880 C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll - ok
17:38:24.0147 1880 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
17:38:24.0147 1880 C:\Windows\SysWOW64\msidle.dll - ok
17:38:24.0147 1880 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:24.0147 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
17:38:24.0147 1880 [ C3BE0751879BDBE9652E4688B1B3BF3D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll
17:38:24.0147 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvc.dll - ok
17:38:24.0147 1880 [ 3DA5C13008F62D1F4FD2CB539F426331 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll
17:38:24.0147 1880 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\fusion.dll - ok
17:38:24.0147 1880 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
17:38:24.0147 1880 C:\Windows\System32\sppsvc.exe - ok
17:38:24.0147 1880 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
17:38:24.0147 1880 C:\Windows\System32\drivers\spsys.sys - ok
17:38:24.0162 1880 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
17:38:24.0162 1880 C:\Windows\System32\sppwinob.dll - ok
17:38:24.0162 1880 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
17:38:24.0162 1880 C:\Windows\System32\wuaueng.dll - ok
17:38:24.0162 1880 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
17:38:24.0162 1880 C:\Windows\System32\mspatcha.dll - ok
17:38:24.0162 1880 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
17:38:24.0162 1880 C:\Windows\System32\wups2.dll - ok
17:38:24.0162 1880 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
17:38:24.0162 1880 C:\Windows\System32\sppobjs.dll - ok
17:38:24.0162 1880 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
17:38:24.0162 1880 C:\Windows\System32\wscinterop.dll - ok
17:38:24.0162 1880 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
17:38:24.0162 1880 C:\Windows\System32\wscui.cpl - ok
17:38:24.0162 1880 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
17:38:24.0162 1880 C:\Windows\System32\werconcpl.dll - ok
17:38:24.0178 1880 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
17:38:24.0178 1880 C:\Windows\System32\wercplsupport.dll - ok
17:38:24.0178 1880 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
17:38:24.0178 1880 C:\Windows\System32\hcproviders.dll - ok
17:38:24.0178 1880 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
17:38:24.0178 1880 C:\Windows\System32\wbem\wmipcima.dll - ok
17:38:24.0178 1880 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
17:38:24.0178 1880 C:\Windows\System32\NaturalLanguage6.dll - ok
17:38:24.0178 1880 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
17:38:24.0178 1880 C:\Windows\System32\NlsData0009.dll - ok
17:38:24.0178 1880 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
17:38:24.0178 1880 C:\Windows\System32\NlsLexicons0009.dll - ok
17:38:24.0178 1880 [ 76D86E65FF7D10292886A1F2DB93A911 ] C:\Windows\System32\ELSCore.dll
17:38:24.0178 1880 C:\Windows\System32\ELSCore.dll - ok
17:38:24.0178 1880 [ 12929BDE96189F4E968AD035573424F0 ] C:\Windows\System32\elsTrans.dll
17:38:24.0178 1880 C:\Windows\System32\elsTrans.dll - ok
17:38:24.0178 1880 [ AEE087CF7423BA44CC2DE03CC565E399 ] C:\Windows\System32\elslad.dll
17:38:24.0178 1880 C:\Windows\System32\elslad.dll - ok
17:38:24.0194 1880 [ 11542EC1F1C53EDB3CCF5AADF4C9972F ] C:\Windows\System32\NlsData0000.dll
17:38:24.0194 1880 C:\Windows\System32\NlsData0000.dll - ok
17:38:24.0194 1880 [ ABBCAE6391EEB8CB9EA67FFE48CE4C7E ] C:\Program Files (x86)\Impulse\Now\SDSecurity.dll
17:38:24.0194 1880 C:\Program Files (x86)\Impulse\Now\SDSecurity.dll - ok
17:38:24.0194 1880 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
17:38:24.0194 1880 C:\Windows\System32\wpdshext.dll - ok
17:38:24.0194 1880 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
17:38:24.0194 1880 C:\Windows\System32\EhStorAPI.dll - ok
17:38:24.0194 1880 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
17:38:24.0194 1880 C:\Windows\System32\StructuredQuery.dll - ok
17:38:24.0194 1880 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
17:38:24.0194 1880 C:\Windows\System32\taskeng.exe - ok
17:38:24.0194 1880 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
17:38:24.0194 1880 C:\Windows\System32\TSChannel.dll - ok
17:38:24.0194 1880 [ EA856F4A46320389D1899B2CAA7BF40F ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:24.0194 1880 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
17:38:24.0194 1880 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
17:38:24.0194 1880 C:\Windows\System32\wbem\WMIADAP.exe - ok
17:38:24.0209 1880 [ D0EC440FA8D306E4CEFC8CC4DEFD2AC4 ] C:\Windows\System32\msxml3r.dll
17:38:24.0209 1880 C:\Windows\System32\msxml3r.dll - ok
17:38:24.0209 1880 [ B3304E8303EFD4CBBBE1C7B3D3E1AFCF ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL
17:38:24.0209 1880 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXEV.DLL - ok
17:38:24.0209 1880 [ 00000000000000000000000000000000 ] C:\iTunes64Setup.exe
17:38:24.0209 1880 C:\iTunes64Setup.exe - ok
17:38:24.0209 1880 [ 186A0011582BAC4BDD1AC3169494ED6D ] C:\HitmanPro36_x64.exe
17:38:24.0209 1880 C:\HitmanPro36_x64.exe - ok
17:38:24.0209 1880 [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
17:38:24.0209 1880 C:\Windows\System32\msimsg.dll - ok
17:38:24.0209 1880 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
17:38:24.0209 1880 C:\Windows\System32\msiexec.exe - ok
17:38:24.0209 1880 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
17:38:24.0209 1880 C:\Windows\System32\notepad.exe - ok
17:38:24.0209 1880 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Fafnir\Desktop\tdsskiller.exe
17:38:24.0209 1880 C:\Users\Fafnir\Desktop\tdsskiller.exe - ok
17:38:24.0209 1880 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\62393585.sys
17:38:24.0209 1880 C:\Windows\System32\drivers\62393585.sys - ok
17:38:24.0225 1880 ============================================================
17:38:24.0225 1880 Scan finished
17:38:24.0225 1880 ============================================================
17:38:24.0225 5412 Detected object count: 1
17:38:24.0225 5412 Actual detected object count: 1
17:38:32.0462 5412 MSI_ODD_Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:32.0462 5412 MSI_ODD_Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:38:37.0064 5416 Deinitialize success

Malwarebytes Anti-Rootkit log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 8479625216, free: 6514683904

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 8479625216, free: 6534000640

------------ Kernel report ------------
04/09/2013 17:39:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\33234781.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\rusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\rusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\msi\ODD Monitor\NTIOLib_X64.sys
\SystemRoot\system32\drivers\spsys.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8007a58790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa8007505680
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
Downloaded database version: v2013.04.09.10
Downloaded database version: v2013.03.25.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 5
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8007a58790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8007a582c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8007a58790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007509520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007505680, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00e49fd60, 0xfffffa8007a58790, 0xfffffa8007227090
Lower DeviceData: 0xfffff8a00df69b20, 0xfffffa8007505680, 0xfffffa80071eae40
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 5
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: DFF29764

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 355463470
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid e5d93879-2a15-4bb9-b2c2-88ae12833cf
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 355463470
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid e5d93879-2a15-4bb9-b2c2-88ae12833cf
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128

Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID d2787ddc-7d37-41c3-a2c-11906520fcce
FirstLBA 2048 Last LBA 616447
Attributes 0
Partition Name EFI system partition

GPT Partition 0 is bootable
Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID fca95d7b-b61-435d-bb91-bdaf7d4662a9
FirstLBA 622592 Last LBA 704511
Attributes 0
Partition Name Basic data partition

Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 46e46c0d-3b98-4100-86af-3169de30f12e
FirstLBA 704512 Last LBA 966655
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 7e618cfa-9de5-44d4-a2e0-e05a236a18b
FirstLBA 966656 Last LBA 19283967
Attributes 0
Partition Name Basic data partition

Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 8abde97f-7aef-4be5-92bf-efea1adb4a35
FirstLBA 19283968 Last LBA 1953521663
Attributes 0
Partition Name Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Infected: c:\ProgramData\Broowsee22save\5159d0734c074.dll --> [Adware.MultiPlug]
Infected: c:\ProgramData\Browse22save\5159daf009045.dll --> [Adware.MultiPlug]
Infected: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7334F699-350B-26FF-679A-426D34CA214F} --> [Adware.MultiPlug]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7334F699-350B-26FF-679A-426D34CA214F} --> [Adware.MultiPlug]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7334F699-350B-26FF-679A-426D34CA214F} --> [Adware.MultiPlug]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7334F699-350B-26FF-679A-426D34CA214F} --> [Adware.MultiPlug]
Infected: c:\ProgramData\Browse22save\5159e32729e43.dll --> [Adware.MultiPlug]
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\Impulse_setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\Impulse_setup.lan" is compressed (flags = 1)
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\Impulse_setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\Impulse_setup.lan" is compressed (flags = 1)
Read File: File "c:\ProgramData\{EB424B13-2E57-4A45-936F-A4DFB6DB1688}\instance.dat" is compressed (flags = 1)
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 5
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1022

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.392000 GHz
Memory total: 8479625216, free: 7237128192

Removal queue found; removal started
Removing c:\ProgramData\Broowsee22save\5159d0734c074.dll...
Removing c:\ProgramData\Browse22save\5159daf009045.dll...
Removing c:\ProgramData\Browse22save\5159e32729e43.dll...
Removal finished
=======================================

Edited by fenrir818, 09 April 2013 - 06:57 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP