Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan.PornDialer found with MBAM [Solved]


  • This topic is locked This topic is locked

#1
abrazas

abrazas

    Member

  • Member
  • PipPip
  • 10 posts
Hello everyone,

Last night while running a full scan with MalwareBytes, it detected Trojan.PornDialer. Mbam appears to have successfully cleaned it and I am not noticing any erratic bahaviour on the system. Has it been fully cleaned? Here is where Mbam found it:

Registry Keys Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connect (Trojan.PornDialer) -> Quarantined and deleted successfully

Thanks in advance for any help!

OTLog is:

OTL logfile created on: 14/04/2013 12:25:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\George\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

15.94 Gb Total Physical Memory | 12.27 Gb Available Physical Memory | 76.98% Memory free
31.88 Gb Paging File | 27.97 Gb Available in Paging File | 87.74% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 2794.30 Gb Total Space | 1991.65 Gb Free Space | 71.28% Space Free | Partition Type: NTFS
Drive E: | 2794.39 Gb Total Space | 2453.48 Gb Free Space | 87.80% Space Free | Partition Type: NTFS
Drive G: | 400.00 Gb Total Space | 220.57 Gb Free Space | 55.14% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 183.48 Gb Free Space | 19.70% Space Free | Partition Type: NTFS
Drive I: | 10.00 Gb Total Space | 8.03 Gb Free Space | 80.33% Space Free | Partition Type: NTFS

Computer Name: GEORGE-PC | User Name: George | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/14 12:00:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\George\Downloads\OTL.exe
PRC - [2013/04/09 04:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013/04/05 18:38:43 | 001,516,496 | ---- | M] (TrueCrypt Foundation) -- C:\Program Files\TrueCrypt\TrueCrypt.exe
PRC - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/02/09 23:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/11/19 17:17:24 | 002,928,128 | ---- | M] (PACE Anti-Piracy, Inc.) -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
PRC - [2012/08/07 13:42:12 | 001,504,640 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2012/07/23 10:21:02 | 000,166,720 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/06/13 03:41:06 | 001,457,152 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
PRC - [2012/06/01 05:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
PRC - [2012/06/01 05:42:18 | 000,920,736 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
PRC - [2012/03/13 12:34:12 | 002,935,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2012/02/17 02:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
PRC - [2011/09/27 20:37:56 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011/09/08 21:29:12 | 001,112,704 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2011/03/30 02:01:08 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/06/16 02:11:32 | 000,077,824 | ---- | M] (Avid Technology, Inc.) -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
PRC - [2009/12/30 14:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.) -- C:\Windows\SysWOW64\LxrSII1s.exe
PRC - [2009/12/15 13:47:00 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/09 04:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 04:57:06 | 013,130,704 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
MOD - [2013/04/09 04:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 04:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013/04/09 04:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013/04/09 04:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013/01/28 13:08:56 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/01/28 13:08:28 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/29 17:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012/05/28 21:27:04 | 001,622,528 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2012/05/25 10:33:10 | 000,883,712 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2012/03/21 12:07:44 | 000,972,288 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011/10/14 20:03:22 | 000,885,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2011/09/19 20:18:20 | 001,243,136 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011/07/21 09:06:44 | 000,846,848 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2011/07/12 19:14:52 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011/06/08 11:15:44 | 000,651,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011/03/04 12:02:54 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2011/03/04 12:02:52 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2011/03/04 12:02:50 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/10/05 08:22:50 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2010/10/05 08:22:50 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2010/08/22 22:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
MOD - [2009/12/15 13:49:20 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/12/15 13:46:38 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009/08/12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/01/27 11:34:32 | 000,379,360 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2013/01/27 11:34:32 | 000,022,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/01/17 12:36:16 | 006,383,920 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV:64bit: - [2012/07/27 10:54:18 | 000,636,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2012/07/11 14:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV:64bit: - [2012/06/05 17:40:38 | 000,190,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel®
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013/04/14 10:04:27 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/07 10:30:44 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/02/28 18:45:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/02/09 23:25:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/02/09 18:43:48 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/18 15:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/11/19 17:17:24 | 002,928,128 | ---- | M] (PACE Anti-Piracy, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe -- (PaceLicenseDServices)
SRV - [2012/07/23 10:21:02 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/13 03:41:06 | 001,457,152 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Start_Pending] -- C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe -- (AsusFanControlService)
SRV - [2012/06/01 05:42:18 | 000,951,936 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe -- (asHmComSvc)
SRV - [2012/06/01 05:42:18 | 000,920,736 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe -- (asComSvc)
SRV - [2012/02/17 02:26:00 | 000,149,120 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2011/04/20 09:57:02 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010/06/16 02:11:32 | 000,077,824 | ---- | M] (Avid Technology, Inc.) [Auto | Running] -- C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe -- (DigiRefresh)
SRV - [2010/06/16 01:34:20 | 000,159,744 | ---- | M] (Avid Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe -- (digiSPTIService)
SRV - [2009/12/30 14:21:02 | 000,065,536 | ---- | M] (Lexar Media, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\LxrSII1s.exe -- (LxrSII1s)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/05 18:38:46 | 000,231,376 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2013/03/20 03:23:11 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/01/20 15:59:04 | 000,130,008 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/17 07:24:04 | 000,024,728 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iLokDrvr.sys -- (iLokDrvr)
DRV:64bit: - [2012/11/17 07:22:26 | 000,105,624 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Tpkd.sys -- (Tpkd)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 10:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/12 19:56:32 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/15 16:57:30 | 000,514,736 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2012/01/06 10:44:12 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/11/03 11:10:42 | 000,395,752 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/11/03 11:10:42 | 000,130,536 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/09/21 02:22:36 | 000,025,904 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91cons.sys -- (mv91cons)
DRV:64bit: - [2011/09/21 02:22:34 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/07 06:54:28 | 000,357,968 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gbxavs.sys -- (gbxavs)
DRV:64bit: - [2011/07/07 06:54:28 | 000,068,688 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gbxusb.sys -- (gbxusb_svc)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/08/30 17:35:28 | 000,031,120 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgmbx2fu.sys -- (MBX2DFU)
DRV:64bit: - [2010/08/30 17:35:26 | 000,192,528 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dgmbx2.sys -- (DGUSBAP)
DRV:64bit: - [2009/12/30 11:32:04 | 000,063,064 | ---- | M] (Lexar Media, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\LxrSII1d.sys -- (LxrSII1d)
DRV:64bit: - [2009/12/18 23:42:46 | 000,032,400 | ---- | M] (Avid, Inc. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbx2midk.sys -- (MBX2MIDK)
DRV:64bit: - [2009/12/18 23:42:38 | 000,021,520 | ---- | M] (Avid, Inc. All rights reserved.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\diginet.sys -- (DigiNet)
DRV:64bit: - [2009/12/18 23:42:26 | 000,139,792 | ---- | M] (Avid, Inc. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Dalwdm.sys -- (dalwdmservice)
DRV:64bit: - [2009/10/08 08:09:02 | 000,045,136 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxavs_x64.sys -- (gbxavs_x64)
DRV:64bit: - [2009/10/08 08:08:59 | 000,300,624 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gbxusb_x64.sys -- (gbxusb_x64)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-CA
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 38 70 40 38 25 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ilok.com/iLokHelper,version=3.1.0.7: C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll ( PACE Anti-Piracy, Inc)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/29 14:12:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/04/02 20:11:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/04/05 11:09:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/04/02 20:11:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2013/04/05 11:09:20 | 000,000,000 | ---D | M]

[2013/03/23 02:01:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\George\AppData\Roaming\Mozilla\Extensions
[2013/03/29 14:12:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/07 10:31:00 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/03/07 10:30:20 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/03/07 10:30:20 | 000,002,086 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.ca/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - Extension: Google Docs = C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Gmail = C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [TrueCrypt] C:\Program Files\TrueCrypt\TrueCrypt.exe (TrueCrypt Foundation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00412563-F8CD-42E3-886E-B5B0620B4C22}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/14 12:16:05 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\J Files
[2013/04/12 21:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco Systems
[2013/04/12 16:17:13 | 000,000,000 | ---D | C] -- C:\Users\George\.thumbnails
[2013/04/12 16:14:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\fontconfig
[2013/04/12 16:14:09 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\gegl-0.2
[2013/04/12 16:14:09 | 000,000,000 | ---D | C] -- C:\Users\George\.gimp-2.8
[2013/04/12 16:12:52 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013/04/12 10:15:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Cisco Systems
[2013/04/09 12:41:45 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\SUPERAntiSpyware.com
[2013/04/09 12:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2013/04/09 12:41:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2013/04/09 12:41:24 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/04/07 16:34:17 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\TrueCrypt
[2013/04/05 18:38:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrueCrypt
[2013/04/05 18:38:46 | 000,231,376 | ---- | C] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/04/05 18:38:23 | 000,000,000 | ---D | C] -- C:\Program Files\TrueCrypt
[2013/04/05 16:49:07 | 000,000,000 | ---D | C] -- C:\ProgramData\ClubSanDisk
[2013/04/05 16:48:49 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\SanDisk SecureAccess
[2013/04/05 15:07:05 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Leadertech
[2013/04/05 15:05:03 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\East West
[2013/04/05 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Play
[2013/04/05 14:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\PACE Anti-Piracy
[2013/04/05 14:06:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\East West
[2013/04/05 13:32:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EastWest
[2013/04/05 13:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\EastWest
[2013/04/05 13:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EastWest
[2013/04/05 13:32:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\East West
[2013/04/05 13:14:04 | 000,000,000 | ---D | C] -- C:\ProgramData\East West
[2013/04/05 11:12:06 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Macromedia
[2013/04/05 11:09:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013/04/03 14:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2013/04/03 13:15:25 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Stock Photos
[2013/04/03 12:59:19 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Lacie Drive Backup - Old Mac Stuff
[2013/04/02 20:34:12 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\G Website Files
[2013/04/02 20:33:57 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\George Reel
[2013/04/02 20:33:10 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Audio Talks
[2013/04/02 20:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013/04/02 19:59:36 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Album Tips
[2013/04/01 21:38:23 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Diagnostics
[2013/04/01 17:18:16 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013/03/29 20:31:59 | 000,065,536 | ---- | C] (Lexar Media, Inc.) -- C:\Windows\SysWow64\LxrSII1s.exe
[2013/03/29 20:31:58 | 000,140,288 | ---- | C] (Lexar Media, Inc.) -- C:\Windows\SysWow64\LxrSII1.dll
[2013/03/29 20:31:58 | 000,063,064 | ---- | C] (Lexar Media, Inc.) -- C:\Windows\SysNative\drivers\LxrSII1d.sys
[2013/03/29 20:31:56 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Lexar Media
[2013/03/29 14:45:11 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Evolver Keyboard
[2013/03/29 14:12:56 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Mozilla
[2013/03/29 14:12:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/03/28 10:31:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\oZone3D
[2013/03/28 09:22:48 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Skype
[2013/03/28 09:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/28 09:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/28 09:22:44 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013/03/28 09:22:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2013/03/27 12:40:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Waves Audio
[2013/03/27 12:23:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
[2013/03/27 11:51:49 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\NVIDIA
[2013/03/27 11:51:03 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Waves Audio
[2013/03/27 11:45:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VST3
[2013/03/27 11:44:39 | 000,007,744 | ---- | C] (Altiris) -- C:\Windows\SysWow64\HookDll.dll
[2013/03/27 11:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
[2013/03/27 11:44:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Waves
[2013/03/27 11:12:02 | 000,308,528 | ---- | C] (Acresso Software Inc.) -- C:\Windows\SysWow64\setup.ocx
[2013/03/27 10:19:58 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2013/03/27 10:19:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2013/03/27 10:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2013/03/27 10:10:54 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2013/03/27 10:10:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2013/03/27 10:10:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\MFDLL
[2013/03/27 10:05:42 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9B069D1C-ECB9-4D1B-A782-7D5DDA2045D6}
[2013/03/27 10:05:16 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Kore 2 Sample Content
[2013/03/26 21:29:47 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F828BFD7-781D-4BD3-AD6C-71D19DC23493}
[2013/03/26 21:26:59 | 000,000,000 | -H-D | C] -- C:\ProgramData\{16E6DCE6-1916-4566-A3CF-31880CAA7C63}
[2013/03/26 21:25:11 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7F3144B7-67AA-4DD7-BC11-CBA9A40B430D}
[2013/03/26 15:59:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A32199A3-F9AC-4CB1-B86B-000707CCD970}
[2013/03/26 15:59:18 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Transistor Punch
[2013/03/26 15:38:41 | 000,000,000 | -H-D | C] -- C:\ProgramData\{56C5D4F0-9E6D-421F-AA70-A7EF727C1C69}
[2013/03/26 15:38:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6495CC1D-C10B-40C5-A92B-241A2B2C8D20}
[2013/03/26 15:38:21 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F57C376F-E7ED-4527-9EE2-4D50799418BC}
[2013/03/26 15:38:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{9C588B44-42B6-434D-90BD-824BBB1F328A}
[2013/03/26 15:28:25 | 000,000,000 | -H-D | C] -- C:\ProgramData\{3B9A3AE3-5BE1-4645-A31C-753724255564}
[2013/03/26 14:30:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Maschine Library
[2013/03/26 13:54:53 | 000,000,000 | -H-D | C] -- C:\ProgramData\{7E15FB3A-A743-4BAD-9286-E6F67959668B}
[2013/03/26 13:29:17 | 000,000,000 | -H-D | C] -- C:\ProgramData\{F92C204F-6C39-4D56-B100-EC929C871966}
[2013/03/26 12:59:28 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Native Instruments
[2013/03/26 12:00:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{85458792-1589-41EF-99EA-240E761AE593}
[2013/03/26 11:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments Reaktor 5
[2013/03/26 11:59:08 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Reaktor 5
[2013/03/26 11:55:29 | 000,000,000 | ---D | C] -- C:\Users\George\Desktop\pro53addon
[2013/03/26 11:54:58 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Audio Installers March 2013
[2013/03/26 11:54:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\{C5CAF473-C900-4049-BCE5-A93E0EBA7EF2}
[2013/03/26 11:54:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Native Instruments
[2013/03/26 11:39:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Native Instruments
[2013/03/26 11:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\Native Instruments
[2013/03/26 11:35:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
[2013/03/26 10:34:30 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\vlc
[2013/03/26 10:34:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2013/03/26 10:34:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2013/03/26 10:01:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Macromedia
[2013/03/26 09:59:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013/03/26 09:57:07 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\Native Instruments
[2013/03/26 09:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
[2013/03/26 09:55:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Native Instruments
[2013/03/26 09:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Native Instruments
[2013/03/26 09:31:27 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Malwarebytes
[2013/03/26 09:31:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/03/26 09:31:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/03/26 09:31:16 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/03/26 09:31:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013/03/26 09:31:06 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Programs
[2013/03/25 15:19:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Arturia
[2013/03/25 15:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arturia
[2013/03/25 15:15:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Arturia
[2013/03/25 15:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Arturia
[2013/03/25 14:55:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steinberg
[2013/03/25 14:55:34 | 000,000,000 | ---D | C] -- C:\ProgramData\IK Multimedia
[2013/03/25 14:33:35 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\IK Multimedia
[2013/03/25 14:32:15 | 004,249,197 | ---- | C] (IK Multimedia ) -- C:\Windows\SysWow64\WIN Installer Authorization Manager (Ver. 1.0.9 RC4).exe
[2013/03/25 14:32:11 | 008,600,667 | ---- | C] (IK Multimedia ) -- C:\Windows\SysWow64\CustomShopInstallerTR4.exe
[2013/03/25 14:31:35 | 000,000,000 | ---D | C] -- C:\Program Files\VstPlugIns
[2013/03/25 14:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VstPlugIns
[2013/03/25 14:22:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
[2013/03/25 14:22:40 | 000,000,000 | ---D | C] -- C:\Users\George\Documents\IK Multimedia
[2013/03/25 14:22:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IK Multimedia
[2013/03/25 13:29:23 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Digidesign
[2013/03/25 12:44:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Digidesign
[2013/03/25 12:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digidesign
[2013/03/25 12:36:51 | 000,000,000 | ---D | C] -- C:\Program Files\Digidesign
[2013/03/25 12:36:40 | 000,021,520 | ---- | C] (Avid, Inc. All rights reserved.) -- C:\Windows\SysNative\drivers\diginet.sys
[2013/03/25 12:35:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digidesign
[2013/03/24 21:58:16 | 000,000,000 | ---D | C] -- C:\Users\George\AvidLogFiles
[2013/03/24 21:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DigiDriver
[2013/03/24 21:49:53 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Digidesign
[2013/03/24 21:28:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Digidesign
[2013/03/24 19:39:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013/03/24 19:39:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013/03/24 19:14:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2013/03/24 18:56:51 | 000,000,000 | R--D | C] -- C:\Users\George\AppData\Roaming\Brother
[2013/03/24 18:32:25 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\ElevatedDiagnostics
[2013/03/24 18:25:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PACE Anti-Piracy
[2013/03/24 18:22:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE
[2013/03/24 18:22:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE
[2013/03/24 18:05:58 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Trillium Lane
[2013/03/24 17:55:49 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\PACE Anti-Piracy
[2013/03/24 17:55:49 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\PACE Anti-Piracy
[2013/03/24 17:55:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PACE Anti-Piracy
[2013/03/24 17:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PACE Anti-Piracy
[2013/03/24 17:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InterLok
[2013/03/24 17:09:08 | 000,836,096 | ---- | C] (PACE Anti-Piracy) -- C:\Windows\SysWow64\ilinet.dll
[2013/03/24 17:09:04 | 000,032,400 | ---- | C] (Avid, Inc. All rights reserved.) -- C:\Windows\SysNative\drivers\mbx2midk.sys
[2013/03/24 17:09:04 | 000,031,120 | ---- | C] (Avid, Inc. All rights reserved.) -- C:\Windows\SysNative\drivers\mbx2dfu.sys
[2013/03/24 17:09:03 | 000,139,792 | ---- | C] (Avid, Inc. All rights reserved.) -- C:\Windows\SysNative\drivers\Dalwdm.sys
[2013/03/24 17:09:03 | 000,045,568 | ---- | C] (Avid, Inc. All rights reserved.) -- C:\Windows\SysWow64\mbx2midu.dll
[2013/03/24 17:08:42 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Windows\SysWow64\REX Shared Library.dll
[2013/03/23 20:27:44 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\FileZilla
[2013/03/23 20:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2013/03/23 20:27:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2013/03/23 19:51:39 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Apple Computer
[2013/03/23 19:51:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013/03/23 19:51:38 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Apple Computer
[2013/03/23 19:51:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013/03/23 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013/03/23 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013/03/23 19:51:20 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013/03/23 19:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013/03/23 19:51:20 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013/03/23 19:50:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013/03/23 19:50:56 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Apple
[2013/03/23 19:50:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013/03/23 19:50:36 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013/03/23 19:50:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013/03/23 19:50:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013/03/23 19:50:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013/03/23 19:42:25 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/23 19:42:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2013/03/23 19:42:24 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Notepad++
[2013/03/23 19:42:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2013/03/23 15:43:07 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Adobe
[2013/03/23 14:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2013/03/23 14:52:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/23 14:51:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2013/03/23 14:51:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2013/03/23 14:51:29 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2013/03/23 14:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2013/03/23 14:51:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2013/03/23 14:49:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2013/03/23 14:49:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2013/03/23 14:48:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2013/03/23 14:48:38 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Microsoft Help
[2013/03/23 14:48:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2013/03/23 14:48:28 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2013/03/23 02:06:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2013/03/23 02:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2013/03/23 02:01:39 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Thunderbird
[2013/03/23 02:01:39 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Thunderbird
[2013/03/23 02:01:39 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Mozilla
[2013/03/23 02:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013/03/23 02:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013/03/23 01:46:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/03/23 01:46:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013/03/23 01:46:25 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Google
[2013/03/23 01:12:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Deployment
[2013/03/23 01:12:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Apps
[2013/03/22 04:45:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ
[2013/03/22 04:42:09 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Power2Go
[2013/03/21 06:00:59 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2013/03/21 02:01:51 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/03/21 02:01:23 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2013/03/20 05:34:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2013/03/20 05:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2013/03/20 05:29:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2013/03/20 05:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013/03/20 05:18:27 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2013/03/20 05:17:03 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\CyberLink
[2013/03/20 05:17:03 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Cyberlink
[2013/03/20 05:15:07 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2013/03/20 05:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2013/03/20 05:14:54 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2013/03/20 05:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2013/03/20 05:14:08 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2013/03/20 05:10:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2013/03/20 04:48:11 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Adobe
[2013/03/20 04:45:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Wat
[2013/03/20 04:45:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2013/03/20 03:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013/03/20 03:50:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2013/03/20 03:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013/03/20 03:50:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2013/03/20 03:50:06 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013/03/20 03:50:06 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013/03/20 03:50:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2013/03/20 03:49:34 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013/03/20 03:49:23 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2013/03/20 03:44:13 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013/03/20 03:09:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013/03/20 03:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/20 03:07:51 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013/03/20 03:07:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013/03/20 02:53:51 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2013/03/20 02:53:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2013/03/20 02:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2013/03/20 02:53:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM106xSATA
[2013/03/20 02:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2013/03/20 02:30:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2013/03/20 02:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2013/03/20 02:30:21 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2013/03/20 02:30:21 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2013/03/20 02:30:20 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2013/03/20 02:30:20 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2013/03/20 02:30:20 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2013/03/20 02:30:19 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2013/03/20 02:30:19 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2013/03/20 02:30:19 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2013/03/20 02:30:19 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2013/03/20 02:30:17 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2013/03/20 02:30:17 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2013/03/20 02:30:17 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2013/03/20 02:30:17 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2013/03/20 02:30:17 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2013/03/20 02:30:17 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2013/03/20 02:30:16 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2013/03/20 02:30:16 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2013/03/20 02:30:16 | 000,141,152 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2013/03/20 02:30:16 | 000,123,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2013/03/20 02:30:16 | 000,074,592 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2013/03/20 02:30:15 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2013/03/20 02:30:15 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2013/03/20 02:30:15 | 001,345,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2013/03/20 02:30:15 | 001,015,640 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2013/03/20 02:30:15 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2013/03/20 02:30:15 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2013/03/20 02:30:15 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2013/03/20 02:30:14 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2013/03/20 02:30:11 | 002,533,952 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2013/03/20 02:30:11 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2013/03/20 02:30:11 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2013/03/20 02:30:11 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2013/03/20 02:30:11 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2013/03/20 02:30:11 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2013/03/20 02:30:11 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2013/03/20 02:30:11 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2013/03/20 02:30:10 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2013/03/20 02:30:10 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2013/03/20 02:30:10 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2013/03/20 02:30:10 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2013/03/20 02:30:10 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2013/03/20 02:30:10 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2013/03/20 02:30:10 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2013/03/20 02:30:10 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2013/03/20 02:30:09 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2013/03/20 02:30:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2013/03/20 02:30:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2013/03/20 02:29:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2013/03/20 02:29:55 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2013/03/20 02:29:38 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013/03/20 02:29:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2013/03/20 02:29:10 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\InstallShield
[2013/03/20 02:27:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2013/03/20 02:27:23 | 000,000,000 | ---D | C] -- C:\Intel
[2013/03/20 02:24:59 | 000,000,000 | ---D | C] -- C:\Windows\AsusInstAll
[2013/03/20 02:10:24 | 000,000,000 | ---D | C] -- C:\ASUSDrivers
[2013/03/20 02:08:35 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2013/03/20 02:07:37 | 000,000,000 | R--D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2013/03/20 02:07:37 | 000,000,000 | R--D | C] -- C:\Users\George\Searches
[2013/03/20 02:07:37 | 000,000,000 | R--D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2013/03/20 02:07:37 | 000,000,000 | -H-D | C] -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2013/03/20 02:07:29 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Identities
[2013/03/20 02:07:28 | 000,000,000 | R--D | C] -- C:\Users\George\Contacts
[2013/03/20 02:07:27 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\VirtualStore
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\AppData\Local\Temporary Internet Files
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Templates
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Start Menu
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\SendTo
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Recent
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\PrintHood
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\NetHood
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Documents\My Videos
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Documents\My Pictures
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Documents\My Music
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\My Documents
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Local Settings
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\AppData\Local\History
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Cookies
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\Application Data
[2013/03/20 02:07:20 | 000,000,000 | -HSD | C] -- C:\Users\George\AppData\Local\Application Data
[2013/03/20 02:07:19 | 000,000,000 | --SD | C] -- C:\Users\George\AppData\Roaming\Microsoft
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Videos
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Saved Games
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Pictures
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Music
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Links
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Favorites
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Downloads
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Documents
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\Desktop
[2013/03/20 02:07:19 | 000,000,000 | R--D | C] -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/03/20 02:07:19 | 000,000,000 | -H-D | C] -- C:\Users\George\AppData
[2013/03/20 02:07:19 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Temp
[2013/03/20 02:07:19 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Local\Microsoft
[2013/03/20 02:07:19 | 000,000,000 | ---D | C] -- C:\Users\George\AppData\Roaming\Media Center Programs
[2013/03/20 02:07:14 | 000,000,000 | -HSD | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2013/04/14 12:01:15 | 000,081,326 | ---- | M] () -- C:\Users\George\Desktop\mbam quarantine.JPG
[2013/04/14 11:51:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/14 11:50:06 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/14 10:08:55 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/14 10:08:55 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/14 10:06:17 | 000,781,298 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/14 10:06:17 | 000,665,740 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/14 10:06:17 | 000,125,416 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/14 10:00:07 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/14 09:59:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/14 09:59:48 | 4249,104,382 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/12 16:55:14 | 000,004,534 | ---- | M] () -- C:\Users\George\AppData\Local\recently-used.xbel
[2013/04/12 15:53:19 | 000,001,124 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013/04/12 12:12:53 | 000,030,176 | ---- | M] () -- C:\Users\George\Desktop\Old Modem.JPG
[2013/04/11 08:28:46 | 000,432,296 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/04/10 19:59:04 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/04/10 16:41:02 | 000,002,106 | ---- | M] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/04/10 16:16:07 | 2147,483,646 | ---- | M] () -- C:\Users\George\Documents\Thunderbird
[2013/04/10 13:22:13 | 000,074,072 | ---- | M] () -- C:\Users\George\Desktop\encrypted volume.JPG
[2013/04/10 11:56:58 | 000,085,074 | ---- | M] () -- C:\Users\George\Desktop\chassis fan 4.JPG
[2013/04/10 11:56:45 | 000,085,296 | ---- | M] () -- C:\Users\George\Desktop\chassis fan 3.JPG
[2013/04/10 08:51:33 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/04/09 21:29:19 | 000,078,117 | ---- | M] () -- C:\Users\George\Desktop\All Fans Working Temp.JPG
[2013/04/09 21:28:58 | 000,075,233 | ---- | M] () -- C:\Users\George\Desktop\All Fans Working.JPG
[2013/04/09 12:41:26 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/07 18:57:20 | 4294,967,196 | ---- | M] () -- C:\Users\George\Documents\Protected Documents
[2013/04/07 18:00:29 | 000,940,426 | ---- | M] () -- C:\Users\George\Documents\TrueCrypt User Guide.pdf
[2013/04/06 19:08:36 | 000,000,128 | ---- | M] () -- C:\Users\George\AppData\Roaming\msregsvv.dll
[2013/04/06 19:08:36 | 000,000,128 | ---- | M] () -- C:\ProgramData\autobk.inc
[2013/04/06 17:07:52 | 000,078,508 | ---- | M] () -- C:\Users\George\Desktop\No Back Fan.JPG
[2013/04/05 18:38:50 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2013/04/05 18:38:46 | 000,231,376 | ---- | M] (TrueCrypt Foundation) -- C:\Windows\SysNative\drivers\truecrypt.sys
[2013/04/05 16:48:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/04/05 15:45:36 | 000,000,048 | ---- | M] () -- C:\Windows\SysWow64\w3data.vss
[2013/04/05 15:45:36 | 000,000,048 | ---- | M] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/05 15:45:36 | 000,000,048 | ---- | M] () -- C:\Windows\msocreg32.dat
[2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013/04/01 17:17:54 | 860,416,430 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/03/29 14:12:49 | 000,001,143 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/28 09:22:46 | 000,002,515 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/27 12:23:27 | 000,001,778 | ---- | M] () -- C:\Users\Public\Desktop\Waves License Center.lnk
[2013/03/26 22:23:26 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo
[2013/03/26 11:36:32 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/26 10:34:26 | 000,001,062 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/25 13:13:40 | 000,002,007 | ---- | M] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools LE.lnk
[2013/03/25 13:13:40 | 000,001,983 | ---- | M] () -- C:\Users\Public\Desktop\Pro Tools LE.lnk
[2013/03/24 18:22:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iLokDrvr_01007.Wdf
[2013/03/24 15:52:59 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/24 10:22:44 | 000,001,085 | ---- | M] () -- C:\Users\George\Desktop\Documents - Shortcut.lnk
[2013/03/23 19:51:38 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/03/23 19:02:01 | 000,002,275 | ---- | M] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/23 02:09:04 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/23 02:01:35 | 000,002,082 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013/03/22 04:42:14 | 000,002,068 | ---- | M] () -- C:\Users\George\Desktop\LG Burning Tool.lnk
[2013/03/21 02:04:34 | 000,041,450 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2013/03/21 02:04:34 | 000,041,450 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2013/03/20 05:21:34 | 000,002,081 | ---- | M] () -- C:\Users\Public\Desktop\CyberLink Blu-ray Disc Suite.lnk
[2013/03/20 04:14:19 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/20 04:14:19 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/20 04:12:11 | 000,765,280 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/20 02:57:52 | 000,001,433 | ---- | M] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/20 02:53:51 | 000,060,616 | ---- | M] () -- C:\Windows\Ascd_log.ini
[2013/03/20 02:24:11 | 000,041,643 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2013/03/20 02:24:10 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini

========== Files Created - No Company Name ==========

[2013/04/14 12:01:15 | 000,081,326 | ---- | C] () -- C:\Users\George\Desktop\mbam quarantine.JPG
[2013/04/12 21:11:25 | 000,002,071 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco Connect.lnk
[2013/04/12 16:55:14 | 000,004,534 | ---- | C] () -- C:\Users\George\AppData\Local\recently-used.xbel
[2013/04/12 16:13:47 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013/04/12 15:53:19 | 000,001,124 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
[2013/04/12 15:53:18 | 000,001,250 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Elements 2.0.lnk
[2013/04/12 12:12:53 | 000,030,176 | ---- | C] () -- C:\Users\George\Desktop\Old Modem.JPG
[2013/04/10 16:15:04 | 2147,483,646 | ---- | C] () -- C:\Users\George\Documents\Thunderbird
[2013/04/10 13:22:13 | 000,074,072 | ---- | C] () -- C:\Users\George\Desktop\encrypted volume.JPG
[2013/04/10 11:56:58 | 000,085,074 | ---- | C] () -- C:\Users\George\Desktop\chassis fan 4.JPG
[2013/04/10 11:56:45 | 000,085,296 | ---- | C] () -- C:\Users\George\Desktop\chassis fan 3.JPG
[2013/04/09 21:29:19 | 000,078,117 | ---- | C] () -- C:\Users\George\Desktop\All Fans Working Temp.JPG
[2013/04/09 21:28:58 | 000,075,233 | ---- | C] () -- C:\Users\George\Desktop\All Fans Working.JPG
[2013/04/09 12:41:26 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/04/07 18:00:28 | 000,940,426 | ---- | C] () -- C:\Users\George\Documents\TrueCrypt User Guide.pdf
[2013/04/07 17:59:33 | 4294,967,196 | ---- | C] () -- C:\Users\George\Documents\Protected Documents
[2013/04/06 17:07:51 | 000,078,508 | ---- | C] () -- C:\Users\George\Desktop\No Back Fan.JPG
[2013/04/05 18:38:50 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\TrueCrypt.lnk
[2013/04/05 16:48:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2013/04/05 15:09:45 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\w3data.vss
[2013/04/05 15:09:45 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\msvcsv60.dll
[2013/04/05 15:09:45 | 000,000,048 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/05 11:09:22 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/03 13:16:48 | 014,001,769 | ---- | C] () -- C:\Users\George\Documents\HowToPublishAGamePersonalDigitalCopy.pdf
[2013/04/01 17:17:54 | 860,416,430 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/03/29 16:46:57 | 014,001,769 | ---- | C] () -- C:\Users\George\Desktop\HowToPublishAGamePersonalDigitalCopy.pdf
[2013/03/29 14:12:49 | 000,001,155 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013/03/29 14:12:49 | 000,001,143 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013/03/28 09:22:46 | 000,002,515 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013/03/27 12:23:27 | 000,001,778 | ---- | C] () -- C:\Users\Public\Desktop\Waves License Center.lnk
[2013/03/27 10:10:54 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/03/27 10:10:51 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/03/26 22:23:26 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo
[2013/03/26 11:36:32 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\Service Center.lnk
[2013/03/26 10:34:26 | 000,001,062 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/03/26 09:31:20 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/03/25 14:59:43 | 000,000,128 | ---- | C] () -- C:\Users\George\AppData\Roaming\msregsvv.dll
[2013/03/25 14:59:43 | 000,000,128 | ---- | C] () -- C:\ProgramData\autobk.inc
[2013/03/25 14:55:40 | 000,000,910 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ampeg SVX UNO.lnk
[2013/03/25 12:40:44 | 000,002,007 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Pro Tools LE.lnk
[2013/03/25 12:40:44 | 000,001,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Tools LE.lnk
[2013/03/25 12:40:44 | 000,001,983 | ---- | C] () -- C:\Users\Public\Desktop\Pro Tools LE.lnk
[2013/03/24 18:22:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iLokDrvr_01007.Wdf
[2013/03/24 17:09:05 | 000,217,088 | ---- | C] () -- C:\Windows\SysWow64\qtmlClient.dll
[2013/03/24 15:52:59 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013/03/24 10:22:44 | 000,001,085 | ---- | C] () -- C:\Users\George\Desktop\Documents - Shortcut.lnk
[2013/03/23 19:51:38 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013/03/23 19:50:56 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013/03/23 02:09:04 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2013/03/23 02:06:15 | 000,002,117 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2013/03/23 02:01:35 | 000,002,106 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2013/03/23 02:01:35 | 000,002,094 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2013/03/23 02:01:35 | 000,002,082 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013/03/23 01:46:59 | 000,002,275 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/03/23 01:46:59 | 000,002,183 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/03/23 01:46:30 | 000,000,898 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/03/23 01:46:29 | 000,000,894 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/03/21 02:04:27 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2013/03/21 02:04:27 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2013/03/21 02:01:24 | 4249,104,382 | -HS- | C] () -- C:\hiberfil.sys
[2013/03/20 05:34:25 | 000,002,435 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[2013/03/20 05:30:02 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013/03/20 05:21:34 | 000,002,081 | ---- | C] () -- C:\Users\Public\Desktop\CyberLink Blu-ray Disc Suite.lnk
[2013/03/20 05:18:27 | 000,002,068 | ---- | C] () -- C:\Users\George\Desktop\LG Burning Tool.lnk
[2013/03/20 04:16:15 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013/03/20 04:14:19 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013/03/20 04:14:19 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013/03/20 04:09:41 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013/03/20 03:49:49 | 000,017,738 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2013/03/20 03:15:08 | 000,204,105 | ---- | C] () -- C:\Windows\SysWow64\winrm.vbs
[2013/03/20 03:15:08 | 000,004,675 | ---- | C] () -- C:\Windows\SysNative\wsmanconfig_schema.xml
[2013/03/20 03:15:07 | 000,004,675 | ---- | C] () -- C:\Windows\SysWow64\wsmanconfig_schema.xml
[2013/03/20 03:15:06 | 000,004,148 | ---- | C] () -- C:\Windows\SysNative\psmodulediscoveryprovider.mof
[2013/03/20 03:15:01 | 000,204,105 | ---- | C] () -- C:\Windows\SysNative\winrm.vbs
[2013/03/20 03:09:39 | 000,765,280 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/03/20 02:57:52 | 000,001,433 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/03/20 02:52:31 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2013/03/20 02:30:23 | 000,001,332 | ---- | C] () -- C:\Windows\SysNative\drivers\DTSU2P.DAT
[2013/03/20 02:30:17 | 000,290,813 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2013/03/20 02:24:22 | 000,060,616 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2013/03/20 02:24:08 | 000,041,643 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013/03/20 02:24:08 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2013/03/20 02:24:08 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/03/20 02:13:21 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2013/03/20 02:07:38 | 000,001,409 | ---- | C] () -- C:\Users\George\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/20 02:07:19 | 000,000,290 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2013/03/20 02:07:19 | 000,000,272 | ---- | C] () -- C:\Users\George\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/07/27 10:36:58 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/03/20 03:25:58 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/03/20 03:25:58 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 09:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 09:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 09:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/03/25 15:19:10 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Arturia
[2013/04/06 19:29:43 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Digidesign
[2013/04/05 15:05:03 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\East West
[2013/04/12 21:08:35 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\FileZilla
[2013/03/25 14:33:35 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\IK Multimedia
[2013/04/05 15:07:05 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Leadertech
[2013/03/23 19:42:36 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Notepad++
[2013/04/05 13:16:20 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\PACE Anti-Piracy
[2013/04/05 16:48:49 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\SanDisk SecureAccess
[2013/04/11 11:59:57 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Thunderbird
[2013/03/24 18:05:58 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Trillium Lane
[2013/04/10 16:28:28 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\TrueCrypt
[2013/03/27 12:36:21 | 000,000,000 | ---D | M] -- C:\Users\George\AppData\Roaming\Waves Audio

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 1308 bytes -> C:\ProgramData\Microsoft:v1Or5hAu6ELPSYY0VYE
@Alternate Data Stream - 1269 bytes -> C:\ProgramData\Microsoft:5xUQe8dEW37068JUOz8cUn
@Alternate Data Stream - 1218 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:mJuVXYIx2ZliAZKEFY6wrN5
@Alternate Data Stream - 1207 bytes -> C:\Program Files (x86)\Common Files\System:EtbsTXimazDB93ahBYsq1XmC
@Alternate Data Stream - 1165 bytes -> C:\Users\George\AppData\Local\Temp:fiG5YUX5mZvgw78rzfq
@Alternate Data Stream - 1161 bytes -> C:\ProgramData\Microsoft:RiGXMkNIsNtLfzq1nnQ5kpnlG
@Alternate Data Stream - 1118 bytes -> C:\ProgramData\Microsoft:OZ4AUYoXrL66JAqILfdbD9ZS8I
@Alternate Data Stream - 1116 bytes -> C:\ProgramData\Microsoft:pqtLyrjstjG714GmtWPHv
@Alternate Data Stream - 1114 bytes -> C:\ProgramData\Microsoft:N90vv0SmDn0kMUHjJAlyoGZ
@Alternate Data Stream - 1082 bytes -> C:\Users\George\AppData\Local\BsXOuqnY:9hhM6L2e0QEsHlY5s
@Alternate Data Stream - 1046 bytes -> C:\ProgramData\Microsoft:4JQNkGrQ0ozyhloZ3Tl
@Alternate Data Stream - 1044 bytes -> C:\ProgramData\Microsoft:3FaS29U6LjueKIPDis9zwO1t

< End of report >
  • 0

Advertisements


#2
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hello abrazas and welcome to the Virus, Spyware, Malware Removal forum !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.

  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.

I am not really seeing anything in the OTL log, so let's look a little bit deeper.

Step 1
Download Security Check from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step 2
Download AdwCleaner from here to your desktop
Run AdwCleaner by right clicking on the icon and selecting Run as administratorand select Scan

Posted Image

A log will be produced at C:\ADWCleaner[XX].txt please attach that in your next post

  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe by right clicking on the icon and selecting Run as administrator
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 3

In your next reply I would like to see:
  • checkup.txt from security check
  • ADWcleaner log file
  • Roguekiller log files

  • 0

#3
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Crowbar and thanks for the help. Here are the scans you requested:

Security Checkup:

Results of screen317's Security Check version 0.99.62
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 11.7.700.169
Adobe Reader XI
Mozilla Firefox 19.0.2 Firefox out of Date!
Mozilla Thunderbird (17.0.5)
Google Chrome 26.0.1410.43
Google Chrome 26.0.1410.64
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````


ADW Cleaner:

# AdwCleaner v2.200 - Logfile created 04/16/2013 at 20:24:21
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : George - GEORGE-PC
# Boot Mode : Normal
# Running from : C:\Users\George\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [914 octets] - [16/04/2013 20:24:21]

########## EOF - C:\AdwCleaner[R1].txt - [973 octets] ##########


Rogue Killer:

RogueKiller V8.5.4 _x64_ [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : George [Admin rights]
Mode : Scan -- Date : 04/16/2013 20:27:46
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3000DM001-1CH166 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: ST3000DM001-1CH166 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0xee) [VISIBLE] Offset (sectors): 1 | Size: 2097152 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: Seagate FA GoFlex Desk USB Device +++++
--- User ---
[MBR] ff0b517702293986d40468d89de9ed93
[BSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953867 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_04162013_02d2027.txt >>
RKreport[1]_S_04162013_02d2027.txt


Rogue Killer Quarantine Report:



Time : 16/04/2013 20:27:46
--------------------------
  • 0

#4
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi,
Looking pretty clean, are there any symptoms?
I would like to remove the tiny bit that I do see, and run one more scan, just to be thorough

Step 1
Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

Posted Image

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please attach that

Step 2
Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

Posted Image

  • Put a checkmark beside loaded modules.

Posted Image

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
Posted Image

  • Click the Start Scan button.
Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Posted Image
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

In your next reply I would like to see:
  • ADWCleaner log file
  • TDSSKiller log file
  • Are there any symptoms?

  • 0

#5
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hey Crowbar,

I have not noticed any suspicious activity. Here are the logs you requested. TDSSKiller created two:

ADWCleaner:

# AdwCleaner v2.200 - Logfile created 04/17/2013 at 19:22:36
# Updated 02/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : George - GEORGE-PC
# Boot Mode : Normal
# Running from : C:\Users\George\Downloads\adwcleaner (1).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0.2 (en-US)

File : C:\Users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v26.0.1410.64

File : C:\Users\George\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1041 octets] - [16/04/2013 20:24:21]
AdwCleaner[S1].txt - [980 octets] - [17/04/2013 19:22:36]

########## EOF - C:\AdwCleaner[S1].txt - [1039 octets] ##########


TDSS Killer:

19:38:47.0246 0828 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:38:47.0246 0828 UEFI system
19:38:47.0534 0828 ============================================================
19:38:47.0534 0828 Current date / time: 2013/04/17 19:38:47.0534
19:38:47.0534 0828 SystemInfo:
19:38:47.0534 0828
19:38:47.0534 0828 OS Version: 6.1.7601 ServicePack: 1.0
19:38:47.0534 0828 Product type: Workstation
19:38:47.0534 0828 ComputerName: GEORGE-PC
19:38:47.0535 0828 UserName: George
19:38:47.0535 0828 Windows directory: C:\Windows
19:38:47.0535 0828 System windows directory: C:\Windows
19:38:47.0535 0828 Running under WOW64
19:38:47.0535 0828 Processor architecture: Intel x64
19:38:47.0535 0828 Number of processors: 12
19:38:47.0535 0828 Page size: 0x1000
19:38:47.0535 0828 Boot type: Normal boot
19:38:47.0535 0828 ============================================================
19:38:48.0361 0828 Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:38:48.0605 0828 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:38:48.0619 0828 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:38:48.0621 0828 ============================================================
19:38:48.0621 0828 \Device\Harddisk0\DR0:
19:38:48.0662 0828 GPT partitions:
19:38:48.0662 0828 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3E4D471-A2FE-4C2A-B0DD-0951A192E93F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:38:48.0662 0828 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7E4FF674-9CEE-48CA-A40A-63771AA1C5F9}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:38:48.0662 0828 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D39BC769-1E2F-4861-99F8-20ADC1D5ED76}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x5D497800
19:38:48.0662 0828 MBR partitions:
19:38:48.0662 0828 \Device\Harddisk1\DR1:
19:38:48.0663 0828 GPT partitions:
19:38:48.0663 0828 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3E116718-53AC-48F5-B78E-C6687C0ED754}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
19:38:48.0663 0828 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0BFF4EF5-1F70-45E7-B3D7-742F0F528DBE}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
19:38:48.0663 0828 MBR partitions:
19:38:48.0663 0828 \Device\Harddisk2\DR2:
19:38:48.0663 0828 MBR partitions:
19:38:48.0663 0828 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705981
19:38:48.0663 0828 ============================================================
19:38:48.0688 0828 C: <-> \Device\Harddisk0\DR0\Partition3
19:38:48.0712 0828 E: <-> \Device\Harddisk1\DR1\Partition2
19:38:48.0713 0828 ============================================================
19:38:48.0713 0828 Initialize success
19:38:48.0713 0828 ============================================================
19:40:46.0230 4556 Deinitialize success


TDSSKiller 2:

19:43:34.0622 4052 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:43:34.0622 4052 UEFI system
19:43:34.0981 4052 ============================================================
19:43:34.0981 4052 Current date / time: 2013/04/17 19:43:34.0981
19:43:34.0981 4052 SystemInfo:
19:43:34.0981 4052
19:43:34.0981 4052 OS Version: 6.1.7601 ServicePack: 1.0
19:43:34.0981 4052 Product type: Workstation
19:43:34.0981 4052 ComputerName: GEORGE-PC
19:43:34.0981 4052 UserName: George
19:43:34.0981 4052 Windows directory: C:\Windows
19:43:34.0981 4052 System windows directory: C:\Windows
19:43:34.0981 4052 Running under WOW64
19:43:34.0981 4052 Processor architecture: Intel x64
19:43:34.0981 4052 Number of processors: 12
19:43:34.0981 4052 Page size: 0x1000
19:43:34.0981 4052 Boot type: Normal boot
19:43:34.0981 4052 ============================================================
19:43:36.0650 4052 BG loaded
19:43:37.0867 4052 Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:37.0883 4052 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:43:37.0883 4052 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB5E00 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:43:37.0883 4052 ============================================================
19:43:37.0883 4052 \Device\Harddisk0\DR0:
19:43:37.0883 4052 GPT partitions:
19:43:37.0883 4052 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C3E4D471-A2FE-4C2A-B0DD-0951A192E93F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:43:37.0883 4052 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7E4FF674-9CEE-48CA-A40A-63771AA1C5F9}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:43:37.0883 4052 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D39BC769-1E2F-4861-99F8-20ADC1D5ED76}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x5D497800
19:43:37.0883 4052 MBR partitions:
19:43:37.0883 4052 \Device\Harddisk1\DR1:
19:43:37.0883 4052 GPT partitions:
19:43:37.0883 4052 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3E116718-53AC-48F5-B78E-C6687C0ED754}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
19:43:37.0883 4052 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0BFF4EF5-1F70-45E7-B3D7-742F0F528DBE}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
19:43:37.0883 4052 MBR partitions:
19:43:37.0883 4052 \Device\Harddisk2\DR2:
19:43:37.0883 4052 MBR partitions:
19:43:37.0883 4052 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705981
19:43:37.0883 4052 ============================================================
19:43:37.0961 4052 C: <-> \Device\Harddisk0\DR0\Partition3
19:43:37.0976 4052 E: <-> \Device\Harddisk1\DR1\Partition2
19:43:37.0976 4052 ============================================================
19:43:37.0976 4052 Initialize success
19:43:37.0976 4052 ============================================================
19:44:49.0928 6128 ============================================================
19:44:49.0928 6128 Scan started
19:44:49.0929 6128 Mode: Manual; SigCheck; TDLFS;
19:44:49.0929 6128 ============================================================
19:44:51.0819 6128 ================ Scan system memory ========================
19:44:51.0819 6128 System memory - ok
19:44:51.0819 6128 ================ Scan services =============================
19:44:51.0862 6128 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
19:44:51.0902 6128 !SASCORE - ok
19:44:51.0995 6128 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:44:52.0023 6128 1394ohci - ok
19:44:52.0043 6128 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:44:52.0055 6128 ACPI - ok
19:44:52.0060 6128 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:44:52.0103 6128 AcpiPmi - ok
19:44:52.0129 6128 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:44:52.0137 6128 AdobeARMservice - ok
19:44:52.0254 6128 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:44:52.0513 6128 AdobeFlashPlayerUpdateSvc - ok
19:44:52.0579 6128 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:44:52.0600 6128 adp94xx - ok
19:44:52.0650 6128 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:44:52.0673 6128 adpahci - ok
19:44:52.0787 6128 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:44:52.0807 6128 adpu320 - ok
19:44:52.0887 6128 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:44:53.0639 6128 AeLookupSvc - ok
19:44:53.0875 6128 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:44:53.0933 6128 AFD - ok
19:44:54.0007 6128 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:44:54.0023 6128 agp440 - ok
19:44:54.0061 6128 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:44:54.0451 6128 ALG - ok
19:44:54.0483 6128 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:44:54.0498 6128 aliide - ok
19:44:54.0502 6128 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:44:54.0512 6128 amdide - ok
19:44:54.0534 6128 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:44:54.0552 6128 AmdK8 - ok
19:44:54.0554 6128 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:44:54.0575 6128 AmdPPM - ok
19:44:54.0592 6128 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:44:54.0599 6128 amdsata - ok
19:44:54.0611 6128 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:44:54.0619 6128 amdsbs - ok
19:44:54.0631 6128 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:44:54.0637 6128 amdxata - ok
19:44:54.0656 6128 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:44:54.0749 6128 AppID - ok
19:44:54.0751 6128 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:44:54.0781 6128 AppIDSvc - ok
19:44:54.0790 6128 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:44:54.0819 6128 Appinfo - ok
19:44:54.0852 6128 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:44:54.0858 6128 Apple Mobile Device - ok
19:44:54.0877 6128 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
19:44:54.0895 6128 AppMgmt - ok
19:44:54.0898 6128 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:44:54.0905 6128 arc - ok
19:44:54.0916 6128 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:44:54.0923 6128 arcsas - ok
19:44:54.0939 6128 [ EB6DC008A1F36DFD7999EB57E97EAACE ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
19:44:54.0948 6128 asahci64 - ok
19:44:55.0028 6128 [ 31E2470E61D5A390405BA41C279D8446 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
19:44:55.0049 6128 asComSvc - ok
19:44:55.0066 6128 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
19:44:55.0078 6128 asHmComSvc - ok
19:44:55.0100 6128 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
19:44:55.0104 6128 AsIO - ok
19:44:55.0110 6128 [ 22842362DF890F5492F85AA60916A697 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
19:44:55.0143 6128 asmthub3 - ok
19:44:55.0157 6128 [ 08E2D77766CC05E75A0707207D9FC684 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
19:44:55.0176 6128 asmtxhci - ok
19:44:55.0234 6128 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:44:55.0243 6128 aspnet_state - ok
19:44:55.0260 6128 [ AD8947D621FDCA48F1F39F4624B60AA1 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
19:44:55.0266 6128 AsSysCtrlService - ok
19:44:55.0304 6128 [ 02F97FBBA78B79196BBE0AC4044F2B61 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
19:44:55.0372 6128 AsusFanControlService ( UnsignedFile.Multi.Generic ) - warning
19:44:55.0372 6128 AsusFanControlService - detected UnsignedFile.Multi.Generic (1)
19:44:55.0383 6128 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:44:55.0409 6128 AsyncMac - ok
19:44:55.0422 6128 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:44:55.0427 6128 atapi - ok
19:44:55.0456 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:44:55.0477 6128 AudioEndpointBuilder - ok
19:44:55.0484 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:44:55.0504 6128 AudioSrv - ok
19:44:55.0526 6128 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:44:55.0594 6128 AxInstSV - ok
19:44:55.0610 6128 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:44:55.0639 6128 b06bdrv - ok
19:44:55.0659 6128 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:44:55.0682 6128 b57nd60a - ok
19:44:55.0691 6128 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:44:55.0710 6128 BDESVC - ok
19:44:55.0728 6128 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:44:55.0768 6128 Beep - ok
19:44:55.0805 6128 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:44:55.0841 6128 BFE - ok
19:44:55.0867 6128 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
19:44:55.0895 6128 BITS - ok
19:44:55.0912 6128 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:44:55.0919 6128 blbdrive - ok
19:44:55.0954 6128 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:44:55.0974 6128 Bonjour Service - ok
19:44:55.0992 6128 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:44:56.0026 6128 bowser - ok
19:44:56.0030 6128 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:44:56.0044 6128 BrFiltLo - ok
19:44:56.0046 6128 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:44:56.0056 6128 BrFiltUp - ok
19:44:56.0076 6128 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:44:56.0092 6128 Browser - ok
19:44:56.0097 6128 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:44:56.0122 6128 Brserid - ok
19:44:56.0125 6128 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:44:56.0136 6128 BrSerWdm - ok
19:44:56.0138 6128 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:44:56.0149 6128 BrUsbMdm - ok
19:44:56.0151 6128 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:44:56.0159 6128 BrUsbSer - ok
19:44:56.0168 6128 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:44:56.0178 6128 BTHMODEM - ok
19:44:56.0184 6128 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:44:56.0211 6128 bthserv - ok
19:44:56.0217 6128 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:44:56.0236 6128 cdfs - ok
19:44:56.0252 6128 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:44:56.0267 6128 cdrom - ok
19:44:56.0270 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:44:56.0292 6128 CertPropSvc - ok
19:44:56.0303 6128 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:44:56.0311 6128 circlass - ok
19:44:56.0323 6128 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:44:56.0332 6128 CLFS - ok
19:44:56.0379 6128 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
19:44:56.0395 6128 CLKMSVC10_38F51D56 - ok
19:44:56.0417 6128 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:44:56.0428 6128 clr_optimization_v2.0.50727_32 - ok
19:44:56.0451 6128 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:44:56.0464 6128 clr_optimization_v2.0.50727_64 - ok
19:44:56.0501 6128 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:44:56.0546 6128 clr_optimization_v4.0.30319_32 - ok
19:44:56.0559 6128 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:44:56.0572 6128 clr_optimization_v4.0.30319_64 - ok
19:44:56.0574 6128 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:44:56.0590 6128 CmBatt - ok
19:44:56.0595 6128 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:44:56.0602 6128 cmdide - ok
19:44:56.0618 6128 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
19:44:56.0637 6128 CNG - ok
19:44:56.0639 6128 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:44:56.0644 6128 Compbatt - ok
19:44:56.0655 6128 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:44:56.0663 6128 CompositeBus - ok
19:44:56.0664 6128 COMSysApp - ok
19:44:56.0667 6128 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:44:56.0672 6128 crcdisk - ok
19:44:56.0694 6128 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:44:56.0717 6128 CryptSvc - ok
19:44:56.0746 6128 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
19:44:56.0786 6128 CSC - ok
19:44:56.0795 6128 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
19:44:56.0814 6128 CscService - ok
19:44:56.0843 6128 [ EC4DC5382F53386002F9B74587321EAD ] dalwdmservice C:\Windows\system32\drivers\dalwdm.sys
19:44:56.0894 6128 dalwdmservice - ok
19:44:56.0934 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:44:56.0979 6128 DcomLaunch - ok
19:44:57.0000 6128 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:44:57.0025 6128 defragsvc - ok
19:44:57.0042 6128 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:44:57.0069 6128 DfsC - ok
19:44:57.0088 6128 [ 012EA9F32BB2EC9C574AB169C5399BE6 ] DGUSBAP C:\Windows\system32\DRIVERS\dgmbx2.sys
19:44:57.0101 6128 DGUSBAP - ok
19:44:57.0113 6128 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:44:57.0145 6128 Dhcp - ok
19:44:57.0182 6128 [ CC3B49B032527C7E7DFDAB8946E80E9C ] DigiNet C:\Windows\system32\DRIVERS\diginet.sys
19:44:57.0207 6128 DigiNet - ok
19:44:57.0244 6128 DigiRefresh - ok
19:44:57.0270 6128 [ 9AAECAB6398A19C956AFF8A8E84CEAEA ] digiSPTIService C:\Program Files (x86)\Digidesign\Pro Tools\digiSPTIService.exe
19:44:57.0348 6128 digiSPTIService ( UnsignedFile.Multi.Generic ) - warning
19:44:57.0348 6128 digiSPTIService - detected UnsignedFile.Multi.Generic (1)
19:44:57.0372 6128 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:44:57.0396 6128 discache - ok
19:44:57.0407 6128 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:44:57.0416 6128 Disk - ok
19:44:57.0434 6128 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:44:57.0448 6128 dmvsc - ok
19:44:57.0463 6128 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:44:57.0492 6128 Dnscache - ok
19:44:57.0499 6128 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:44:57.0530 6128 dot3svc - ok
19:44:57.0537 6128 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:44:57.0561 6128 DPS - ok
19:44:57.0585 6128 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:44:57.0600 6128 drmkaud - ok
19:44:57.0618 6128 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:44:57.0630 6128 DXGKrnl - ok
19:44:57.0654 6128 [ E53D32044F4A03D64D6C91CF0A22A77E ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
19:44:57.0662 6128 e1cexpress - ok
19:44:57.0668 6128 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:44:57.0688 6128 EapHost - ok
19:44:57.0744 6128 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:44:57.0821 6128 ebdrv - ok
19:44:57.0839 6128 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:44:57.0852 6128 EFS - ok
19:44:57.0886 6128 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:44:57.0913 6128 ehRecvr - ok
19:44:57.0924 6128 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:44:57.0933 6128 ehSched - ok
19:44:57.0948 6128 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:44:57.0961 6128 elxstor - ok
19:44:57.0968 6128 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:44:57.0980 6128 ErrDev - ok
19:44:58.0013 6128 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:44:58.0037 6128 EventSystem - ok
19:44:58.0041 6128 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:44:58.0061 6128 exfat - ok
19:44:58.0066 6128 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:44:58.0084 6128 fastfat - ok
19:44:58.0110 6128 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:44:58.0132 6128 Fax - ok
19:44:58.0134 6128 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:44:58.0144 6128 fdc - ok
19:44:58.0155 6128 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:44:58.0174 6128 fdPHost - ok
19:44:58.0185 6128 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:44:58.0203 6128 FDResPub - ok
19:44:58.0212 6128 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:44:58.0218 6128 FileInfo - ok
19:44:58.0225 6128 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:44:58.0244 6128 Filetrace - ok
19:44:58.0246 6128 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:44:58.0252 6128 flpydisk - ok
19:44:58.0255 6128 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:44:58.0262 6128 FltMgr - ok
19:44:58.0293 6128 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
19:44:58.0313 6128 FontCache - ok
19:44:58.0344 6128 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:44:58.0355 6128 FontCache3.0.0.0 - ok
19:44:58.0368 6128 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:44:58.0382 6128 FsDepends - ok
19:44:58.0398 6128 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:44:58.0408 6128 Fs_Rec - ok
19:44:58.0425 6128 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:44:58.0441 6128 fvevol - ok
19:44:58.0449 6128 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:44:58.0460 6128 gagp30kx - ok
19:44:58.0490 6128 [ A05CA8FECCD58256FD0B964DEBD8858F ] gbxavs C:\Windows\system32\Drivers\gbxavs.sys
19:44:58.0503 6128 gbxavs - ok
19:44:58.0523 6128 [ 9562E036C2BC1ECF5399E07C2A6832AE ] gbxavs_x64 C:\Windows\system32\Drivers\gbxavs_x64.sys
19:44:58.0531 6128 gbxavs_x64 - ok
19:44:58.0542 6128 [ D7A02665FDC5D48E779C166466FA0849 ] gbxusb_svc C:\Windows\system32\Drivers\gbxusb.sys
19:44:58.0550 6128 gbxusb_svc - ok
19:44:58.0586 6128 [ C5F1BC6397BF3AC3026F9863620E5003 ] gbxusb_x64 C:\Windows\system32\Drivers\gbxusb_x64.sys
19:44:58.0605 6128 gbxusb_x64 - ok
19:44:58.0619 6128 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:44:58.0626 6128 GEARAspiWDM - ok
19:44:58.0647 6128 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:44:58.0682 6128 gpsvc - ok
19:44:58.0732 6128 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:58.0742 6128 gupdate - ok
19:44:58.0746 6128 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:44:58.0752 6128 gupdatem - ok
19:44:58.0765 6128 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:44:58.0786 6128 hcw85cir - ok
19:44:58.0807 6128 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:44:58.0830 6128 HdAudAddService - ok
19:44:58.0842 6128 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:44:58.0858 6128 HDAudBus - ok
19:44:58.0872 6128 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:44:58.0879 6128 HidBatt - ok
19:44:58.0892 6128 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:44:58.0910 6128 HidBth - ok
19:44:58.0919 6128 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:44:58.0926 6128 HidIr - ok
19:44:58.0933 6128 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
19:44:58.0951 6128 hidserv - ok
19:44:58.0975 6128 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:44:58.0981 6128 HidUsb - ok
19:44:58.0989 6128 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:44:59.0014 6128 hkmsvc - ok
19:44:59.0027 6128 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:44:59.0039 6128 HomeGroupListener - ok
19:44:59.0060 6128 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:44:59.0067 6128 HomeGroupProvider - ok
19:44:59.0074 6128 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:44:59.0081 6128 HpSAMD - ok
19:44:59.0105 6128 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:44:59.0135 6128 HTTP - ok
19:44:59.0146 6128 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:44:59.0152 6128 hwpolicy - ok
19:44:59.0160 6128 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:44:59.0167 6128 i8042prt - ok
19:44:59.0185 6128 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:44:59.0196 6128 iaStorV - ok
19:44:59.0221 6128 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:44:59.0237 6128 idsvc - ok
19:44:59.0246 6128 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:44:59.0253 6128 iirsp - ok
19:44:59.0273 6128 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:44:59.0299 6128 IKEEXT - ok
19:44:59.0325 6128 [ 5AD73115646DAF3967180A24DF1CF7EF ] iLokDrvr C:\Windows\system32\DRIVERS\iLokDrvr.sys
19:44:59.0334 6128 iLokDrvr - ok
19:44:59.0409 6128 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:44:59.0452 6128 IntcAzAudAddService - ok
19:44:59.0511 6128 [ C2712BF2D18C0D4214065A170E80C664 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:45:00.0204 6128 Intel® Capability Licensing Service Interface - ok
19:45:00.0228 6128 [ A53C54D81C726BEB508F0005F445C4A0 ] Intel® PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
19:45:00.0235 6128 Intel® PROSet Monitoring Service - ok
19:45:00.0241 6128 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:45:00.0247 6128 intelide - ok
19:45:00.0257 6128 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:45:00.0264 6128 intelppm - ok
19:45:00.0272 6128 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:45:00.0291 6128 IPBusEnum - ok
19:45:00.0304 6128 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:45:00.0322 6128 IpFilterDriver - ok
19:45:00.0340 6128 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:45:00.0364 6128 iphlpsvc - ok
19:45:00.0376 6128 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:45:00.0388 6128 IPMIDRV - ok
19:45:00.0399 6128 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:45:00.0422 6128 IPNAT - ok
19:45:00.0454 6128 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:45:00.0474 6128 iPod Service - ok
19:45:00.0481 6128 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:45:00.0489 6128 IRENUM - ok
19:45:00.0501 6128 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:45:00.0507 6128 isapnp - ok
19:45:00.0522 6128 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:45:00.0530 6128 iScsiPrt - ok
19:45:00.0579 6128 [ 1D244BA5DF607E4C4C50A4CFDA2EE87A ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
19:45:00.0594 6128 jhi_service - ok
19:45:00.0608 6128 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:45:00.0623 6128 kbdclass - ok
19:45:00.0637 6128 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:45:00.0659 6128 kbdhid - ok
19:45:00.0665 6128 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:45:00.0676 6128 KeyIso - ok
19:45:00.0694 6128 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:45:00.0707 6128 KSecDD - ok
19:45:00.0711 6128 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:45:00.0722 6128 KSecPkg - ok
19:45:00.0729 6128 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:45:00.0759 6128 ksthunk - ok
19:45:00.0779 6128 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:45:00.0809 6128 KtmRm - ok
19:45:00.0827 6128 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:45:00.0846 6128 LanmanServer - ok
19:45:00.0860 6128 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:45:00.0879 6128 LanmanWorkstation - ok
19:45:00.0924 6128 [ C34411A244029F1C08687F7C752C4563 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:45:00.0969 6128 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:45:00.0969 6128 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:45:00.0999 6128 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:45:01.0025 6128 lltdio - ok
19:45:01.0047 6128 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:45:01.0070 6128 lltdsvc - ok
19:45:01.0076 6128 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:45:01.0094 6128 lmhosts - ok
19:45:01.0109 6128 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:45:01.0116 6128 LSI_FC - ok
19:45:01.0118 6128 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:45:01.0124 6128 LSI_SAS - ok
19:45:01.0127 6128 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:45:01.0133 6128 LSI_SAS2 - ok
19:45:01.0143 6128 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:45:01.0150 6128 LSI_SCSI - ok
19:45:01.0154 6128 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:45:01.0178 6128 luafv - ok
19:45:01.0203 6128 [ 9DB17B1DD76CF0FD0BB3DA5F1DA078C2 ] LxrSII1d C:\Windows\System32\Drivers\LxrSII1d.sys
19:45:01.0213 6128 LxrSII1d - ok
19:45:01.0215 6128 LxrSII1s - ok
19:45:01.0243 6128 [ 818816F11EDE7340A95869ED66DFC7AB ] MBX2DFU C:\Windows\system32\DRIVERS\dgmbx2fu.sys
19:45:01.0253 6128 MBX2DFU - ok
19:45:01.0269 6128 [ DAC8C2266BCF42E5ED41673D96F4FE4B ] MBX2MIDK C:\Windows\system32\drivers\mbx2midk.sys
19:45:01.0318 6128 MBX2MIDK - ok
19:45:01.0348 6128 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:45:01.0366 6128 Mcx2Svc - ok
19:45:01.0375 6128 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:45:01.0384 6128 megasas - ok
19:45:01.0397 6128 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:45:01.0408 6128 MegaSR - ok
19:45:01.0428 6128 [ D71FD7A4FDB01C554AE144037B688DF1 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:45:01.0434 6128 MEIx64 - ok
19:45:01.0467 6128 Microsoft SharePoint Workspace Audit Service - ok
19:45:01.0479 6128 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:45:01.0516 6128 MMCSS - ok
19:45:01.0528 6128 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:45:01.0547 6128 Modem - ok
19:45:01.0580 6128 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:45:01.0605 6128 monitor - ok
19:45:01.0622 6128 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:45:01.0636 6128 mouclass - ok
19:45:01.0650 6128 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:45:01.0670 6128 mouhid - ok
19:45:01.0678 6128 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:45:01.0694 6128 mountmgr - ok
19:45:01.0733 6128 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:45:01.0749 6128 MozillaMaintenance - ok
19:45:01.0762 6128 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:45:01.0776 6128 MpFilter - ok
19:45:01.0789 6128 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:45:01.0799 6128 mpio - ok
19:45:01.0810 6128 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:45:01.0833 6128 mpsdrv - ok
19:45:01.0849 6128 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:45:01.0871 6128 MpsSvc - ok
19:45:01.0880 6128 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:45:01.0894 6128 MRxDAV - ok
19:45:01.0917 6128 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:45:01.0934 6128 mrxsmb - ok
19:45:01.0938 6128 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:45:01.0944 6128 mrxsmb10 - ok
19:45:01.0981 6128 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:45:01.0996 6128 mrxsmb20 - ok
19:45:02.0000 6128 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:45:02.0011 6128 msahci - ok
19:45:02.0022 6128 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:45:02.0031 6128 msdsm - ok
19:45:02.0038 6128 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:45:02.0058 6128 MSDTC - ok
19:45:02.0062 6128 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:45:02.0084 6128 Msfs - ok
19:45:02.0095 6128 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:45:02.0122 6128 mshidkmdf - ok
19:45:02.0129 6128 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:45:02.0135 6128 msisadrv - ok
19:45:02.0151 6128 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:45:02.0171 6128 MSiSCSI - ok
19:45:02.0173 6128 msiserver - ok
19:45:02.0188 6128 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:45:02.0207 6128 MSKSSRV - ok
19:45:02.0253 6128 [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:45:02.0259 6128 MsMpSvc - ok
19:45:02.0272 6128 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:45:02.0298 6128 MSPCLOCK - ok
19:45:02.0300 6128 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:45:02.0321 6128 MSPQM - ok
19:45:02.0325 6128 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:45:02.0335 6128 MsRPC - ok
19:45:02.0338 6128 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:45:02.0343 6128 mssmbios - ok
19:45:02.0350 6128 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:45:02.0377 6128 MSTEE - ok
19:45:02.0387 6128 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:45:02.0393 6128 MTConfig - ok
19:45:02.0407 6128 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:45:02.0413 6128 Mup - ok
19:45:02.0429 6128 [ A56731462518CCE74EB0DB38C2A04986 ] mv91cons C:\Windows\system32\DRIVERS\mv91cons.sys
19:45:02.0434 6128 mv91cons - ok
19:45:02.0450 6128 [ 232DE45537AE5652C64F0B8669081D02 ] mvs91xx C:\Windows\system32\DRIVERS\mvs91xx.sys
19:45:02.0458 6128 mvs91xx - ok
19:45:02.0477 6128 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:45:02.0507 6128 napagent - ok
19:45:02.0526 6128 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:45:02.0538 6128 NativeWifiP - ok
19:45:02.0566 6128 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:45:02.0582 6128 NDIS - ok
19:45:02.0589 6128 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:45:02.0607 6128 NdisCap - ok
19:45:02.0622 6128 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:45:02.0639 6128 NdisTapi - ok
19:45:02.0653 6128 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:45:02.0671 6128 Ndisuio - ok
19:45:02.0674 6128 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:45:02.0700 6128 NdisWan - ok
19:45:02.0702 6128 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:45:02.0720 6128 NDProxy - ok
19:45:02.0722 6128 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:45:02.0745 6128 NetBIOS - ok
19:45:02.0749 6128 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:45:02.0767 6128 NetBT - ok
19:45:02.0773 6128 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:45:02.0779 6128 Netlogon - ok
19:45:02.0801 6128 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:45:02.0821 6128 Netman - ok
19:45:02.0839 6128 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:02.0848 6128 NetMsmqActivator - ok
19:45:02.0850 6128 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:02.0857 6128 NetPipeActivator - ok
19:45:02.0862 6128 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:45:02.0890 6128 netprofm - ok
19:45:02.0893 6128 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:02.0900 6128 NetTcpActivator - ok
19:45:02.0902 6128 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:45:02.0909 6128 NetTcpPortSharing - ok
19:45:02.0911 6128 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:45:02.0916 6128 nfrd960 - ok
19:45:03.0036 6128 [ D8D6990D576FC07F7AE36509B586E486 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
19:45:03.0158 6128 NIHardwareService - ok
19:45:03.0215 6128 [ 162100E0BC8377710F9D170631921C03 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:45:03.0233 6128 NisDrv - ok
19:45:03.0253 6128 [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
19:45:03.0268 6128 NisSrv - ok
19:45:03.0288 6128 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:45:03.0303 6128 NlaSvc - ok
19:45:03.0308 6128 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:45:03.0334 6128 Npfs - ok
19:45:03.0342 6128 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:45:03.0364 6128 nsi - ok
19:45:03.0373 6128 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:45:03.0392 6128 nsiproxy - ok
19:45:03.0414 6128 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:45:03.0438 6128 Ntfs - ok
19:45:03.0447 6128 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:45:03.0464 6128 Null - ok
19:45:03.0598 6128 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:45:03.0688 6128 nvlddmkm - ok
19:45:03.0708 6128 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:45:03.0716 6128 nvraid - ok
19:45:03.0737 6128 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:45:03.0745 6128 nvstor - ok
19:45:03.0768 6128 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:45:03.0780 6128 nvsvc - ok
19:45:03.0818 6128 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:45:03.0847 6128 nvUpdatusService - ok
19:45:03.0856 6128 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:45:03.0863 6128 nv_agp - ok
19:45:03.0868 6128 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:45:03.0874 6128 ohci1394 - ok
19:45:03.0905 6128 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:45:03.0911 6128 ose - ok
19:45:03.0996 6128 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:45:04.0092 6128 osppsvc - ok
19:45:04.0108 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:45:04.0136 6128 p2pimsvc - ok
19:45:04.0150 6128 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:45:04.0157 6128 p2psvc - ok
19:45:04.0207 6128 [ 9D14AD63376E9B80D4987DAB78B62E21 ] PaceLicenseDServices C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
19:45:04.0261 6128 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - warning
19:45:04.0261 6128 PaceLicenseDServices - detected UnsignedFile.Multi.Generic (1)
19:45:04.0264 6128 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:45:04.0271 6128 Parport - ok
19:45:04.0279 6128 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:45:04.0285 6128 partmgr - ok
19:45:04.0293 6128 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:45:04.0307 6128 PcaSvc - ok
19:45:04.0315 6128 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:45:04.0322 6128 pci - ok
19:45:04.0332 6128 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:45:04.0338 6128 pciide - ok
19:45:04.0345 6128 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:45:04.0353 6128 pcmcia - ok
19:45:04.0355 6128 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:45:04.0361 6128 pcw - ok
19:45:04.0367 6128 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:45:04.0389 6128 PEAUTH - ok
19:45:04.0413 6128 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:45:04.0450 6128 PeerDistSvc - ok
19:45:04.0491 6128 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:45:04.0504 6128 PerfHost - ok
19:45:04.0528 6128 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:45:04.0567 6128 pla - ok
19:45:04.0592 6128 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:45:04.0607 6128 PlugPlay - ok
19:45:04.0618 6128 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:45:04.0627 6128 PNRPAutoReg - ok
19:45:04.0641 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:45:04.0648 6128 PNRPsvc - ok
19:45:04.0668 6128 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:45:04.0697 6128 PolicyAgent - ok
19:45:04.0712 6128 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:45:04.0739 6128 Power - ok
19:45:04.0755 6128 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:45:04.0778 6128 PptpMiniport - ok
19:45:04.0789 6128 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:45:04.0799 6128 Processor - ok
19:45:04.0814 6128 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:45:04.0840 6128 ProfSvc - ok
19:45:04.0849 6128 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:45:04.0859 6128 ProtectedStorage - ok
19:45:04.0872 6128 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:45:04.0898 6128 Psched - ok
19:45:04.0919 6128 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:45:04.0945 6128 ql2300 - ok
19:45:04.0948 6128 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:45:04.0954 6128 ql40xx - ok
19:45:04.0966 6128 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:45:04.0977 6128 QWAVE - ok
19:45:04.0989 6128 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:45:04.0999 6128 QWAVEdrv - ok
19:45:05.0008 6128 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:45:05.0026 6128 RasAcd - ok
19:45:05.0035 6128 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:45:05.0053 6128 RasAgileVpn - ok
19:45:05.0062 6128 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:45:05.0081 6128 RasAuto - ok
19:45:05.0088 6128 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:45:05.0105 6128 Rasl2tp - ok
19:45:05.0114 6128 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:45:05.0135 6128 RasMan - ok
19:45:05.0137 6128 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:45:05.0155 6128 RasPppoe - ok
19:45:05.0157 6128 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:45:05.0175 6128 RasSstp - ok
19:45:05.0179 6128 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:45:05.0198 6128 rdbss - ok
19:45:05.0202 6128 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:45:05.0219 6128 rdpbus - ok
19:45:05.0224 6128 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:45:05.0242 6128 RDPCDD - ok
19:45:05.0262 6128 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:45:05.0273 6128 RDPDR - ok
19:45:05.0297 6128 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:45:05.0319 6128 RDPENCDD - ok
19:45:05.0331 6128 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:45:05.0348 6128 RDPREFMP - ok
19:45:05.0366 6128 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:45:05.0387 6128 RdpVideoMiniport - ok
19:45:05.0411 6128 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:45:05.0438 6128 RDPWD - ok
19:45:05.0445 6128 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:45:05.0460 6128 rdyboost - ok
19:45:05.0477 6128 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:45:05.0502 6128 RemoteAccess - ok
19:45:05.0511 6128 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:45:05.0530 6128 RemoteRegistry - ok
19:45:05.0574 6128 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:45:05.0617 6128 RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:45:05.0617 6128 RichVideo - detected UnsignedFile.Multi.Generic (1)
19:45:05.0628 6128 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:45:05.0647 6128 RpcEptMapper - ok
19:45:05.0663 6128 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:45:05.0670 6128 RpcLocator - ok
19:45:05.0676 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:45:05.0697 6128 RpcSs - ok
19:45:05.0699 6128 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:45:05.0717 6128 rspndr - ok
19:45:05.0725 6128 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:45:05.0741 6128 s3cap - ok
19:45:05.0749 6128 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:45:05.0754 6128 SamSs - ok
19:45:05.0772 6128 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:45:05.0776 6128 SASDIFSV - ok
19:45:05.0777 6128 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:45:05.0781 6128 SASKUTIL - ok
19:45:05.0783 6128 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:45:05.0790 6128 sbp2port - ok
19:45:05.0795 6128 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:45:05.0814 6128 SCardSvr - ok
19:45:05.0818 6128 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:45:05.0844 6128 scfilter - ok
19:45:05.0864 6128 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:45:05.0888 6128 Schedule - ok
19:45:05.0914 6128 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:45:05.0931 6128 SCPolicySvc - ok
19:45:05.0941 6128 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:45:05.0957 6128 SDRSVC - ok
19:45:06.0016 6128 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:45:06.0049 6128 secdrv - ok
19:45:06.0054 6128 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:45:06.0072 6128 seclogon - ok
19:45:06.0075 6128 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
19:45:06.0093 6128 SENS - ok
19:45:06.0097 6128 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:45:06.0117 6128 SensrSvc - ok
19:45:06.0123 6128 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:45:06.0136 6128 Serenum - ok
19:45:06.0138 6128 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:45:06.0144 6128 Serial - ok
19:45:06.0148 6128 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:45:06.0164 6128 sermouse - ok
19:45:06.0176 6128 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:45:06.0199 6128 SessionEnv - ok
19:45:06.0201 6128 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:45:06.0208 6128 sffdisk - ok
19:45:06.0210 6128 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:45:06.0218 6128 sffp_mmc - ok
19:45:06.0219 6128 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:45:06.0227 6128 sffp_sd - ok
19:45:06.0228 6128 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:45:06.0234 6128 sfloppy - ok
19:45:06.0250 6128 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:45:06.0271 6128 SharedAccess - ok
19:45:06.0279 6128 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:45:06.0299 6128 ShellHWDetection - ok
19:45:06.0301 6128 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:45:06.0307 6128 SiSRaid2 - ok
19:45:06.0309 6128 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:45:06.0315 6128 SiSRaid4 - ok
19:45:06.0419 6128 [ E42D201B0B53A94BD8E5B032EC83D843 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:45:06.0460 6128 Skype C2C Service - ok
19:45:06.0486 6128 [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:45:06.0491 6128 SkypeUpdate - ok
19:45:06.0503 6128 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:45:06.0521 6128 Smb - ok
19:45:06.0541 6128 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:45:06.0558 6128 SNMPTRAP - ok
19:45:06.0567 6128 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:45:06.0573 6128 spldr - ok
19:45:06.0593 6128 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:45:06.0607 6128 Spooler - ok
19:45:06.0655 6128 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:45:06.0744 6128 sppsvc - ok
19:45:06.0753 6128 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:45:06.0773 6128 sppuinotify - ok
19:45:06.0787 6128 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:45:06.0823 6128 srv - ok
19:45:06.0836 6128 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:45:06.0858 6128 srv2 - ok
19:45:06.0862 6128 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:45:06.0872 6128 srvnet - ok
19:45:06.0877 6128 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:45:06.0904 6128 SSDPSRV - ok
19:45:06.0913 6128 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:45:06.0931 6128 SstpSvc - ok
19:45:06.0964 6128 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:45:06.0984 6128 Stereo Service - ok
19:45:06.0991 6128 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:45:06.0997 6128 stexstor - ok
19:45:07.0016 6128 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:45:07.0028 6128 stisvc - ok
19:45:07.0044 6128 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:45:07.0051 6128 storflt - ok
19:45:07.0057 6128 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
19:45:07.0068 6128 StorSvc - ok
19:45:07.0077 6128 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:45:07.0083 6128 storvsc - ok
19:45:07.0093 6128 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:45:07.0099 6128 swenum - ok
19:45:07.0109 6128 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:45:07.0137 6128 swprv - ok
19:45:07.0157 6128 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:45:07.0179 6128 SysMain - ok
19:45:07.0204 6128 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:45:07.0214 6128 TabletInputService - ok
19:45:07.0227 6128 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:45:07.0370 6128 TapiSrv - ok
19:45:07.0378 6128 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:45:07.0399 6128 TBS - ok
19:45:07.0435 6128 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:45:07.0462 6128 Tcpip - ok
19:45:07.0483 6128 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:45:07.0503 6128 TCPIP6 - ok
19:45:07.0520 6128 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:45:07.0526 6128 tcpipreg - ok
19:45:07.0538 6128 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:45:07.0554 6128 TDPIPE - ok
19:45:07.0576 6128 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:45:07.0582 6128 TDTCP - ok
19:45:07.0596 6128 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:45:07.0613 6128 tdx - ok
19:45:07.0615 6128 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:45:07.0621 6128 TermDD - ok
19:45:07.0635 6128 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:45:07.0658 6128 TermService - ok
19:45:07.0670 6128 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:45:07.0679 6128 Themes - ok
19:45:07.0696 6128 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:45:07.0714 6128 THREADORDER - ok
19:45:07.0730 6128 [ 5523B0E188BA1ACC00183F2187B04EAD ] Tpkd C:\Windows\system32\drivers\Tpkd.sys
19:45:07.0813 6128 Tpkd - ok
19:45:07.0837 6128 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:45:07.0865 6128 TrkWks - ok
19:45:07.0907 6128 [ 370A6907DDF79532A39319492B1FA38A ] truecrypt C:\Windows\system32\drivers\truecrypt.sys
19:45:07.0913 6128 truecrypt - ok
19:45:07.0947 6128 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:45:07.0984 6128 TrustedInstaller - ok
19:45:07.0995 6128 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:45:08.0017 6128 tssecsrv - ok
19:45:08.0039 6128 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:45:08.0058 6128 TsUsbFlt - ok
19:45:08.0077 6128 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:45:08.0083 6128 TsUsbGD - ok
19:45:08.0109 6128 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:45:08.0136 6128 tunnel - ok
19:45:08.0145 6128 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:45:08.0151 6128 uagp35 - ok
19:45:08.0162 6128 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:45:08.0184 6128 udfs - ok
19:45:08.0195 6128 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:45:08.0203 6128 UI0Detect - ok
19:45:08.0211 6128 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:45:08.0217 6128 uliagpkx - ok
19:45:08.0234 6128 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:45:08.0244 6128 umbus - ok
19:45:08.0253 6128 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:45:08.0263 6128 UmPass - ok
19:45:08.0278 6128 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
19:45:08.0293 6128 UmRdpService - ok
19:45:08.0305 6128 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:45:08.0331 6128 upnphost - ok
19:45:08.0361 6128 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:45:08.0379 6128 USBAAPL64 - ok
19:45:08.0408 6128 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:45:08.0431 6128 usbaudio - ok
19:45:08.0446 6128 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:45:08.0465 6128 usbccgp - ok
19:45:08.0481 6128 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:45:08.0493 6128 usbcir - ok
19:45:08.0499 6128 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:45:08.0512 6128 usbehci - ok
19:45:08.0526 6128 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:45:08.0542 6128 usbhub - ok
19:45:08.0553 6128 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:45:08.0562 6128 usbohci - ok
19:45:08.0569 6128 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
19:45:08.0586 6128 usbprint - ok
19:45:08.0599 6128 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:45:08.0625 6128 USBSTOR - ok
19:45:08.0638 6128 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:45:08.0658 6128 usbuhci - ok
19:45:08.0666 6128 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:45:08.0696 6128 UxSms - ok
19:45:08.0708 6128 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:45:08.0713 6128 VaultSvc - ok
19:45:08.0721 6128 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:45:08.0727 6128 vdrvroot - ok
19:45:08.0737 6128 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:45:08.0760 6128 vds - ok
19:45:08.0772 6128 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:45:08.0780 6128 vga - ok
19:45:08.0792 6128 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:45:08.0810 6128 VgaSave - ok
19:45:08.0817 6128 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:45:08.0825 6128 vhdmp - ok
19:45:08.0834 6128 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:45:08.0840 6128 viaide - ok
19:45:08.0853 6128 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:45:08.0861 6128 vmbus - ok
19:45:08.0868 6128 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:45:08.0874 6128 VMBusHID - ok
19:45:08.0876 6128 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:45:08.0882 6128 volmgr - ok
19:45:08.0890 6128 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:45:08.0899 6128 volmgrx - ok
19:45:08.0916 6128 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:45:08.0924 6128 volsnap - ok
19:45:08.0928 6128 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:45:08.0935 6128 vsmraid - ok
19:45:08.0956 6128 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:45:08.0997 6128 VSS - ok
19:45:09.0003 6128 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:45:09.0017 6128 vwifibus - ok
19:45:09.0022 6128 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:45:09.0044 6128 W32Time - ok
19:45:09.0049 6128 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:45:09.0056 6128 WacomPen - ok
19:45:09.0073 6128 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:45:09.0091 6128 WANARP - ok
19:45:09.0094 6128 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:45:09.0111 6128 Wanarpv6 - ok
19:45:09.0141 6128 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:45:09.0181 6128 WatAdminSvc - ok
19:45:09.0204 6128 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:45:09.0242 6128 wbengine - ok
19:45:09.0254 6128 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:45:09.0265 6128 WbioSrvc - ok
19:45:09.0277 6128 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:45:09.0298 6128 wcncsvc - ok
19:45:09.0304 6128 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:45:09.0319 6128 WcsPlugInService - ok
19:45:09.0325 6128 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:45:09.0332 6128 Wd - ok
19:45:09.0357 6128 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
19:45:09.0375 6128 WDC_SAM - ok
19:45:09.0408 6128 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:45:09.0436 6128 Wdf01000 - ok
19:45:09.0443 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:45:09.0505 6128 WdiServiceHost - ok
19:45:09.0509 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:45:09.0523 6128 WdiSystemHost - ok
19:45:09.0537 6128 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:45:09.0559 6128 WebClient - ok
19:45:09.0583 6128 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:45:09.0605 6128 Wecsvc - ok
19:45:09.0616 6128 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:45:09.0649 6128 wercplsupport - ok
19:45:09.0659 6128 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:45:09.0678 6128 WerSvc - ok
19:45:09.0688 6128 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:45:09.0706 6128 WfpLwf - ok
19:45:09.0715 6128 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:45:09.0720 6128 WIMMount - ok
19:45:09.0728 6128 WinDefend - ok
19:45:09.0736 6128 WinHttpAutoProxySvc - ok
19:45:09.0772 6128 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:45:09.0801 6128 Winmgmt - ok
19:45:09.0843 6128 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
19:45:09.0897 6128 WinRM - ok
19:45:09.0915 6128 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:45:09.0924 6128 WinUsb - ok
19:45:09.0941 6128 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:45:09.0966 6128 Wlansvc - ok
19:45:09.0985 6128 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:45:09.0996 6128 WmiAcpi - ok
19:45:10.0009 6128 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:45:10.0017 6128 wmiApSrv - ok
19:45:10.0032 6128 WMPNetworkSvc - ok
19:45:10.0040 6128 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:45:10.0051 6128 WPCSvc - ok
19:45:10.0059 6128 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:45:10.0074 6128 WPDBusEnum - ok
19:45:10.0081 6128 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:45:10.0101 6128 ws2ifsl - ok
19:45:10.0108 6128 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
19:45:10.0126 6128 wscsvc - ok
19:45:10.0128 6128 WSearch - ok
19:45:10.0159 6128 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:45:10.0201 6128 wuauserv - ok
19:45:10.0218 6128 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:45:10.0239 6128 WudfPf - ok
19:45:10.0256 6128 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:45:10.0272 6128 WUDFRd - ok
19:45:10.0278 6128 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:45:10.0291 6128 wudfsvc - ok
19:45:10.0300 6128 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:45:10.0311 6128 WwanSvc - ok
19:45:10.0316 6128 ================ Scan global ===============================
19:45:10.0328 6128 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:45:10.0346 6128 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:45:10.0350 6128 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:45:10.0360 6128 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:45:10.0377 6128 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:45:10.0381 6128 [Global] - ok
19:45:10.0381 6128 ================ Scan MBR ==================================
19:45:10.0388 6128 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:45:10.0487 6128 \Device\Harddisk0\DR0 - ok
19:45:10.0490 6128 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:45:10.0587 6128 \Device\Harddisk1\DR1 - ok
19:45:10.0590 6128 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
19:45:10.0660 6128 \Device\Harddisk2\DR2 - ok
19:45:10.0660 6128 ================ Scan VBR ==================================
19:45:10.0669 6128 [ EFFD078E99D3E77E63633DA18C80E678 ] \Device\Harddisk0\DR0\Partition1
19:45:10.0670 6128 \Device\Harddisk0\DR0\Partition1 - ok
19:45:10.0681 6128 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
19:45:10.0682 6128 \Device\Harddisk0\DR0\Partition2 - ok
19:45:10.0689 6128 [ 9A8944B5F98950F449FEC7A3721C10AA ] \Device\Harddisk0\DR0\Partition3
19:45:10.0691 6128 \Device\Harddisk0\DR0\Partition3 - ok
19:45:10.0694 6128 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
19:45:10.0694 6128 \Device\Harddisk1\DR1\Partition1 - ok
19:45:10.0698 6128 [ A89F428F4707DC62F1F8A0D1C0B9F77C ] \Device\Harddisk1\DR1\Partition2
19:45:10.0700 6128 \Device\Harddisk1\DR1\Partition2 - ok
19:45:10.0703 6128 [ 8B73E04BACC6072A801B32E20F2534CC ] \Device\Harddisk2\DR2\Partition1
19:45:10.0703 6128 \Device\Harddisk2\DR2\Partition1 - ok
19:45:10.0704 6128 ================ Scan active images ========================
19:45:10.0707 6128 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:45:10.0707 6128 C:\Windows\System32\drivers\crashdmp.sys - ok
19:45:10.0710 6128 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
19:45:10.0710 6128 C:\Windows\System32\drivers\Dumpata.sys - ok
19:45:10.0713 6128 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:45:10.0713 6128 C:\Windows\System32\drivers\dumpfve.sys - ok
19:45:10.0715 6128 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys
19:45:10.0715 6128 C:\Windows\System32\drivers\msahci.sys - ok
19:45:10.0718 6128 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:45:10.0718 6128 C:\Windows\System32\drivers\cdrom.sys - ok
19:45:10.0721 6128 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:45:10.0721 6128 C:\Windows\System32\drivers\beep.sys - ok
19:45:10.0723 6128 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:45:10.0723 6128 C:\Windows\System32\drivers\null.sys - ok
19:45:10.0726 6128 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:45:10.0726 6128 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:45:10.0729 6128 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:45:10.0729 6128 C:\Windows\System32\drivers\vga.sys - ok
19:45:10.0731 6128 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:45:10.0731 6128 C:\Windows\System32\drivers\videoprt.sys - ok
19:45:10.0734 6128 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:45:10.0734 6128 C:\Windows\System32\drivers\watchdog.sys - ok
19:45:10.0737 6128 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:45:10.0737 6128 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:45:10.0739 6128 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:45:10.0739 6128 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:45:10.0741 6128 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:45:10.0741 6128 C:\Windows\System32\drivers\msfs.sys - ok
19:45:10.0743 6128 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:45:10.0743 6128 C:\Windows\System32\drivers\npfs.sys - ok
19:45:10.0745 6128 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:45:10.0745 6128 C:\Windows\System32\drivers\afd.sys - ok
19:45:10.0747 6128 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:45:10.0747 6128 C:\Windows\System32\drivers\netbt.sys - ok
19:45:10.0749 6128 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:45:10.0749 6128 C:\Windows\System32\drivers\tdi.sys - ok
19:45:10.0751 6128 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:45:10.0751 6128 C:\Windows\System32\drivers\tdx.sys - ok
19:45:10.0753 6128 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:45:10.0753 6128 C:\Windows\System32\drivers\netbios.sys - ok
19:45:10.0755 6128 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:45:10.0755 6128 C:\Windows\System32\drivers\pacer.sys - ok
19:45:10.0758 6128 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
19:45:10.0758 6128 C:\Windows\System32\drivers\serial.sys - ok
19:45:10.0760 6128 [ 370A6907DDF79532A39319492B1FA38A ] C:\Windows\System32\drivers\truecrypt.sys
19:45:10.0760 6128 C:\Windows\System32\drivers\truecrypt.sys - ok
19:45:10.0762 6128 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:45:10.0762 6128 C:\Windows\System32\drivers\wanarp.sys - ok
19:45:10.0764 6128 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:45:10.0764 6128 C:\Windows\System32\drivers\wfplwf.sys - ok
19:45:10.0766 6128 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
19:45:10.0766 6128 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
19:45:10.0768 6128 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
19:45:10.0768 6128 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
19:45:10.0770 6128 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:45:10.0770 6128 C:\Windows\System32\drivers\discache.sys - ok
19:45:10.0771 6128 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:45:10.0771 6128 C:\Windows\System32\drivers\mssmbios.sys - ok
19:45:10.0773 6128 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:45:10.0773 6128 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:45:10.0775 6128 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:45:10.0775 6128 C:\Windows\System32\drivers\rdbss.sys - ok
19:45:10.0776 6128 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:45:10.0776 6128 C:\Windows\System32\drivers\termdd.sys - ok
19:45:10.0778 6128 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:45:10.0778 6128 C:\Windows\System32\drivers\blbdrive.sys - ok
19:45:10.0780 6128 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
19:45:10.0780 6128 C:\Windows\System32\drivers\csc.sys - ok
19:45:10.0781 6128 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:45:10.0781 6128 C:\Windows\System32\drivers\dfsc.sys - ok
19:45:10.0783 6128 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:45:10.0783 6128 C:\Windows\System32\drivers\tunnel.sys - ok
19:45:10.0785 6128 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE ] C:\Windows\SysWOW64\drivers\AsIO.sys
19:45:10.0785 6128 C:\Windows\SysWOW64\drivers\AsIO.sys - ok
19:45:10.0786 6128 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:45:10.0786 6128 C:\Windows\System32\ntdll.dll - ok
19:45:10.0788 6128 [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
19:45:10.0788 6128 C:\Windows\System32\smss.exe - ok
19:45:10.0789 6128 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:45:10.0789 6128 C:\Windows\System32\autochk.exe - ok
19:45:10.0791 6128 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] C:\Windows\System32\drivers\nvlddmkm.sys
19:45:10.0791 6128 C:\Windows\System32\drivers\nvlddmkm.sys - ok
19:45:10.0793 6128 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:45:10.0793 6128 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:45:10.0794 6128 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:45:10.0794 6128 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:45:10.0796 6128 [ E53D32044F4A03D64D6C91CF0A22A77E ] C:\Windows\System32\drivers\e1c62x64.sys
19:45:10.0796 6128 C:\Windows\System32\drivers\e1c62x64.sys - ok
19:45:10.0798 6128 [ D71FD7A4FDB01C554AE144037B688DF1 ] C:\Windows\System32\drivers\HECIx64.sys
19:45:10.0798 6128 C:\Windows\System32\drivers\HECIx64.sys - ok
19:45:10.0799 6128 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:45:10.0799 6128 C:\Windows\System32\drivers\usbehci.sys - ok
19:45:10.0801 6128 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:45:10.0801 6128 C:\Windows\System32\drivers\usbport.sys - ok
19:45:10.0803 6128 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
19:45:10.0803 6128 C:\Windows\System32\drivers\1394ohci.sys - ok
19:45:10.0804 6128 [ 08E2D77766CC05E75A0707207D9FC684 ] C:\Windows\System32\drivers\asmtxhci.sys
19:45:10.0804 6128 C:\Windows\System32\drivers\asmtxhci.sys - ok
19:45:10.0806 6128 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
19:45:10.0806 6128 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
19:45:10.0808 6128 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:45:10.0808 6128 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:45:10.0809 6128 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
19:45:10.0809 6128 C:\Windows\System32\drivers\serenum.sys - ok
19:45:10.0811 6128 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:45:10.0811 6128 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:45:10.0813 6128 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:45:10.0813 6128 C:\Windows\System32\drivers\agilevpn.sys - ok
19:45:10.0814 6128 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:45:10.0814 6128 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:45:10.0816 6128 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
19:45:10.0816 6128 C:\Windows\System32\drivers\intelppm.sys - ok
19:45:10.0818 6128 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:45:10.0818 6128 C:\Windows\System32\drivers\ndistapi.sys - ok
19:45:10.0819 6128 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:45:10.0819 6128 C:\Windows\System32\drivers\ndiswan.sys - ok
19:45:10.0821 6128 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:45:10.0821 6128 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:45:10.0823 6128 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:45:10.0823 6128 C:\Windows\System32\drivers\raspppoe.sys - ok
19:45:10.0824 6128 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:45:10.0824 6128 C:\Windows\System32\drivers\raspptp.sys - ok
19:45:10.0826 6128 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:45:10.0826 6128 C:\Windows\System32\drivers\rassstp.sys - ok
19:45:10.0828 6128 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:45:10.0828 6128 C:\Windows\System32\drivers\kbdclass.sys - ok
19:45:10.0829 6128 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:45:10.0829 6128 C:\Windows\System32\drivers\ks.sys - ok
19:45:10.0831 6128 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:45:10.0831 6128 C:\Windows\System32\drivers\mouclass.sys - ok
19:45:10.0832 6128 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
19:45:10.0832 6128 C:\Windows\System32\drivers\rdpbus.sys - ok
19:45:10.0834 6128 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:45:10.0834 6128 C:\Windows\System32\drivers\swenum.sys - ok
19:45:10.0836 6128 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:45:10.0836 6128 C:\Windows\System32\drivers\umbus.sys - ok
19:45:10.0837 6128 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:45:10.0838 6128 C:\Windows\System32\drivers\usbhub.sys - ok
19:45:10.0839 6128 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:45:10.0839 6128 C:\Windows\System32\drivers\ndproxy.sys - ok
19:45:10.0841 6128 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:45:10.0841 6128 C:\Windows\System32\drivers\drmk.sys - ok
19:45:10.0842 6128 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:45:10.0842 6128 C:\Windows\System32\drivers\portcls.sys - ok
19:45:10.0844 6128 [ 9CC645EB9697AA4F2D5A39835C80A0A2 ] C:\Windows\System32\drivers\RTKVHD64.sys
19:45:10.0844 6128 C:\Windows\System32\drivers\RTKVHD64.sys - ok
19:45:10.0846 6128 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
19:45:10.0846 6128 C:\Windows\System32\drivers\fastfat.sys - ok
19:45:10.0847 6128 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:45:10.0847 6128 C:\Windows\System32\drivers\ksthunk.sys - ok
19:45:10.0849 6128 [ 22842362DF890F5492F85AA60916A697 ] C:\Windows\System32\drivers\asmthub3.sys
19:45:10.0849 6128 C:\Windows\System32\drivers\asmthub3.sys - ok
19:45:10.0851 6128 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:45:10.0851 6128 C:\Windows\System32\clbcatq.dll - ok
19:45:10.0852 6128 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:45:10.0852 6128 C:\Windows\System32\gdi32.dll - ok
19:45:10.0854 6128 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:45:10.0854 6128 C:\Windows\System32\lpk.dll - ok
19:45:10.0855 6128 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:45:10.0855 6128 C:\Windows\System32\psapi.dll - ok
19:45:10.0857 6128 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:45:10.0857 6128 C:\Windows\System32\ws2_32.dll - ok
19:45:10.0859 6128 [ 29812E9971077BE3F8B9DC225CF9D454 ] C:\Windows\System32\urlmon.dll
19:45:10.0859 6128 C:\Windows\System32\urlmon.dll - ok
19:45:10.0860 6128 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:45:10.0860 6128 C:\Windows\System32\rpcrt4.dll - ok
19:45:10.0862 6128 [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
19:45:10.0862 6128 C:\Windows\System32\kernel32.dll - ok
19:45:10.0864 6128 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:45:10.0864 6128 C:\Windows\System32\normaliz.dll - ok
19:45:10.0865 6128 [ D7A02665FDC5D48E779C166466FA0849 ] C:\Windows\System32\drivers\gbxusb.sys
19:45:10.0865 6128 C:\Windows\System32\drivers\gbxusb.sys - ok
19:45:10.0867 6128 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
19:45:10.0867 6128 C:\Windows\System32\imagehlp.dll - ok
19:45:10.0868 6128 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:45:10.0868 6128 C:\Windows\System32\msvcrt.dll - ok
19:45:10.0870 6128 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:45:10.0870 6128 C:\Windows\System32\Wldap32.dll - ok
19:45:10.0872 6128 [ A05CA8FECCD58256FD0B964DEBD8858F ] C:\Windows\System32\drivers\gbxavs.sys
19:45:10.0872 6128 C:\Windows\System32\drivers\gbxavs.sys - ok
19:45:10.0873 6128 [ 5AD73115646DAF3967180A24DF1CF7EF ] C:\Windows\System32\drivers\iLokDrvr.sys
19:45:10.0873 6128 C:\Windows\System32\drivers\iLokDrvr.sys - ok
19:45:10.0875 6128 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:45:10.0875 6128 C:\Windows\System32\drivers\usbccgp.sys - ok
19:45:10.0877 6128 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:45:10.0877 6128 C:\Windows\System32\drivers\usbd.sys - ok
19:45:10.0878 6128 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:45:10.0878 6128 C:\Windows\System32\drivers\hidclass.sys - ok
19:45:10.0880 6128 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:45:10.0880 6128 C:\Windows\System32\drivers\hidparse.sys - ok
19:45:10.0882 6128 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:45:10.0882 6128 C:\Windows\System32\drivers\hidusb.sys - ok
19:45:10.0883 6128 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:45:10.0883 6128 C:\Windows\System32\drivers\mouhid.sys - ok
19:45:10.0885 6128 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:45:10.0885 6128 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:45:10.0887 6128 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
19:45:10.0887 6128 C:\Windows\System32\drivers\kbdhid.sys - ok
19:45:10.0888 6128 [ 818816F11EDE7340A95869ED66DFC7AB ] C:\Windows\System32\drivers\dgmbx2fu.sys
19:45:10.0888 6128 C:\Windows\System32\drivers\dgmbx2fu.sys - ok
19:45:10.0890 6128 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:45:10.0890 6128 C:\Windows\System32\comdlg32.dll - ok
19:45:10.0892 6128 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:45:10.0892 6128 C:\Windows\System32\imm32.dll - ok
19:45:10.0893 6128 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:45:10.0893 6128 C:\Windows\System32\nsi.dll - ok
19:45:10.0895 6128 [ 753C0848AE7872A3F59663078A517293 ] C:\Windows\System32\wininet.dll
19:45:10.0895 6128 C:\Windows\System32\wininet.dll - ok
19:45:10.0897 6128 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:45:10.0897 6128 C:\Windows\System32\shlwapi.dll - ok
19:45:10.0898 6128 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:45:10.0898 6128 C:\Windows\System32\setupapi.dll - ok
19:45:10.0900 6128 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:45:10.0900 6128 C:\Windows\System32\advapi32.dll - ok
19:45:10.0902 6128 [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
19:45:10.0902 6128 C:\Windows\System32\usp10.dll - ok
19:45:10.0903 6128 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:45:10.0903 6128 C:\Windows\System32\difxapi.dll - ok
19:45:10.0905 6128 [ 85F1FE2D5EDBFD26066F5ABB9504A69C ] C:\Windows\System32\iertutil.dll
19:45:10.0905 6128 C:\Windows\System32\iertutil.dll - ok
19:45:10.0906 6128 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:45:10.0906 6128 C:\Windows\System32\user32.dll - ok
19:45:10.0908 6128 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:45:10.0908 6128 C:\Windows\System32\msctf.dll - ok
19:45:10.0910 6128 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:45:10.0910 6128 C:\Windows\System32\oleaut32.dll - ok
19:45:10.0911 6128 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:45:10.0911 6128 C:\Windows\System32\ole32.dll - ok
19:45:10.0913 6128 [ 012EA9F32BB2EC9C574AB169C5399BE6 ] C:\Windows\System32\drivers\dgmbx2.sys
19:45:10.0913 6128 C:\Windows\System32\drivers\dgmbx2.sys - ok
19:45:10.0914 6128 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:45:10.0914 6128 C:\Windows\System32\sechost.dll - ok
19:45:10.0916 6128 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
19:45:10.0916 6128 C:\Windows\System32\shell32.dll - ok
19:45:10.0918 6128 [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
19:45:10.0918 6128 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
19:45:10.0919 6128 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
19:45:10.0919 6128 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
19:45:10.0921 6128 [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
19:45:10.0921 6128 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
19:45:10.0923 6128 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
19:45:10.0923 6128 C:\Windows\System32\crypt32.dll - ok
19:45:10.0924 6128 [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
19:45:10.0924 6128 C:\Windows\System32\KernelBase.dll - ok
19:45:10.0925 6128 [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
19:45:10.0925 6128 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
19:45:10.0927 6128 [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
19:45:10.0927 6128 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
19:45:10.0929 6128 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:45:10.0929 6128 C:\Windows\System32\cfgmgr32.dll - ok
19:45:10.0931 6128 [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
19:45:10.0931 6128 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
19:45:10.0932 6128 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:45:10.0932 6128 C:\Windows\System32\comctl32.dll - ok
19:45:10.0934 6128 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:45:10.0934 6128 C:\Windows\System32\devobj.dll - ok
19:45:10.0935 6128 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
19:45:10.0935 6128 C:\Windows\System32\wintrust.dll - ok
19:45:10.0937 6128 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:45:10.0937 6128 C:\Windows\System32\msasn1.dll - ok
19:45:10.0939 6128 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:45:10.0939 6128 C:\Windows\SysWOW64\normaliz.dll - ok
19:45:10.0940 6128 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:45:10.0940 6128 C:\Windows\System32\drivers\dxapi.sys - ok
19:45:10.0942 6128 [ 86F96630D28523F1C402C783F046DEF1 ] C:\Windows\System32\win32k.sys
19:45:10.0942 6128 C:\Windows\System32\win32k.sys - ok
19:45:10.0943 6128 [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
19:45:10.0943 6128 C:\Windows\System32\csrsrv.dll - ok
19:45:10.0945 6128 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:45:10.0945 6128 C:\Windows\System32\csrss.exe - ok
19:45:10.0947 6128 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:45:10.0947 6128 C:\Windows\System32\basesrv.dll - ok
19:45:10.0948 6128 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
19:45:10.0948 6128 C:\Windows\System32\winsrv.dll - ok
19:45:10.0950 6128 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:45:10.0950 6128 C:\Windows\System32\drivers\monitor.sys - ok
19:45:10.0952 6128 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:45:10.0952 6128 C:\Windows\System32\tsddd.dll - ok
19:45:10.0953 6128 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:45:10.0953 6128 C:\Windows\System32\profapi.dll - ok
19:45:10.0955 6128 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:45:10.0955 6128 C:\Windows\System32\sxssrv.dll - ok
19:45:10.0956 6128 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:45:10.0956 6128 C:\Windows\System32\wininit.exe - ok
19:45:10.0958 6128 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:45:10.0958 6128 C:\Windows\System32\cdd.dll - ok
19:45:10.0960 6128 [ 0F5CD07A098D6A5989019CC377722989 ] C:\Windows\System32\KBDCA.DLL
19:45:10.0960 6128 C:\Windows\System32\KBDCA.DLL - ok
19:45:10.0961 6128 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:45:10.0961 6128 C:\Windows\System32\RpcRtRemote.dll - ok
19:45:10.0963 6128 [ 283C64A094A763C2F3DE2C926AEAE8CD ] C:\Windows\System32\KBDCAN.DLL
19:45:10.0963 6128 C:\Windows\System32\KBDCAN.DLL - ok
19:45:10.0964 6128 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:45:10.0964 6128 C:\Windows\System32\KBDUS.DLL - ok
19:45:10.0966 6128 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:45:10.0966 6128 C:\Windows\System32\sxs.dll - ok
19:45:10.0968 6128 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:45:10.0968 6128 C:\Windows\System32\WlS0WndH.dll - ok
19:45:10.0969 6128 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:45:10.0969 6128 C:\Windows\System32\cryptbase.dll - ok
19:45:10.0971 6128 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:45:10.0971 6128 C:\Windows\System32\apphelp.dll - ok
19:45:10.0972 6128 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
19:45:10.0972 6128 C:\Windows\System32\lsasrv.dll - ok
19:45:10.0974 6128 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:45:10.0974 6128 C:\Windows\System32\lsass.exe - ok
19:45:10.0976 6128 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:45:10.0976 6128 C:\Windows\System32\lsm.exe - ok
19:45:10.0977 6128 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:45:10.0977 6128 C:\Windows\System32\services.exe - ok
19:45:10.0979 6128 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:45:10.0979 6128 C:\Windows\System32\sspisrv.dll - ok
19:45:10.0980 6128 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:45:10.0980 6128 C:\Windows\System32\sspicli.dll - ok
19:45:10.0982 6128 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:45:10.0982 6128 C:\Windows\System32\sysntfy.dll - ok
19:45:10.0984 6128 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:45:10.0984 6128 C:\Windows\System32\wmsgapi.dll - ok
19:45:10.0985 6128 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:45:10.0985 6128 C:\Windows\System32\samsrv.dll - ok
19:45:10.0987 6128 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:45:10.0987 6128 C:\Windows\System32\scesrv.dll - ok
19:45:10.0988 6128 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:45:10.0988 6128 C:\Windows\System32\scext.dll - ok
19:45:10.0990 6128 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:45:10.0990 6128 C:\Windows\System32\secur32.dll - ok
19:45:10.0992 6128 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:45:10.0992 6128 C:\Windows\System32\cryptdll.dll - ok
19:45:10.0993 6128 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:45:10.0993 6128 C:\Windows\System32\wevtapi.dll - ok
19:45:10.0995 6128 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:45:10.0995 6128 C:\Windows\System32\srvcli.dll - ok
19:45:10.0996 6128 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:45:10.0996 6128 C:\Windows\System32\authz.dll - ok
19:45:10.0998 6128 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:45:10.0998 6128 C:\Windows\System32\cngaudit.dll - ok
19:45:11.0000 6128 [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
19:45:11.0000 6128 C:\Windows\System32\ncrypt.dll - ok
19:45:11.0001 6128 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:45:11.0001 6128 C:\Windows\System32\bcrypt.dll - ok
19:45:11.0003 6128 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:45:11.0003 6128 C:\Windows\System32\msprivs.dll - ok
19:45:11.0004 6128 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:45:11.0004 6128 C:\Windows\System32\netjoin.dll - ok
19:45:11.0006 6128 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:45:11.0006 6128 C:\Windows\System32\cryptsp.dll - ok
19:45:11.0008 6128 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
19:45:11.0008 6128 C:\Windows\System32\kerberos.dll - ok
19:45:11.0009 6128 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:45:11.0009 6128 C:\Windows\System32\mswsock.dll - ok
19:45:11.0011 6128 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:45:11.0011 6128 C:\Windows\System32\negoexts.dll - ok
19:45:11.0012 6128 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:45:11.0013 6128 C:\Windows\System32\msv1_0.dll - ok
19:45:11.0014 6128 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:45:11.0014 6128 C:\Windows\System32\netlogon.dll - ok
19:45:11.0016 6128 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:45:11.0016 6128 C:\Windows\System32\wship6.dll - ok
19:45:11.0017 6128 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:45:11.0017 6128 C:\Windows\System32\dnsapi.dll - ok
19:45:11.0019 6128 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:45:11.0019 6128 C:\Windows\System32\logoncli.dll - ok
19:45:11.0020 6128 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
19:45:11.0020 6128 C:\Windows\System32\schannel.dll - ok
19:45:11.0022 6128 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:45:11.0022 6128 C:\Windows\System32\wdigest.dll - ok
19:45:11.0024 6128 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:45:11.0024 6128 C:\Windows\System32\winlogon.exe - ok
19:45:11.0025 6128 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:45:11.0025 6128 C:\Windows\System32\winsta.dll - ok
19:45:11.0027 6128 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:45:11.0027 6128 C:\Windows\System32\pku2u.dll - ok
19:45:11.0028 6128 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:45:11.0028 6128 C:\Windows\System32\rsaenh.dll - ok
19:45:11.0030 6128 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:45:11.0030 6128 C:\Windows\System32\TSpkg.dll - ok
19:45:11.0032 6128 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:45:11.0032 6128 C:\Windows\System32\bcryptprimitives.dll - ok
19:45:11.0033 6128 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:45:11.0033 6128 C:\Windows\System32\credssp.dll - ok
19:45:11.0035 6128 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:45:11.0035 6128 C:\Windows\System32\efslsaext.dll - ok
19:45:11.0037 6128 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:45:11.0037 6128 C:\Windows\System32\scecli.dll - ok
19:45:11.0038 6128 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:45:11.0038 6128 C:\Windows\System32\ubpm.dll - ok
19:45:11.0040 6128 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:45:11.0040 6128 C:\Windows\System32\svchost.exe - ok
19:45:11.0041 6128 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:45:11.0041 6128 C:\Windows\System32\umpnpmgr.dll - ok
19:45:11.0043 6128 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:45:11.0043 6128 C:\Windows\System32\devrtl.dll - ok
19:45:11.0045 6128 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:45:11.0045 6128 C:\Windows\System32\SPInf.dll - ok
19:45:11.0046 6128 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:45:11.0046 6128 C:\Windows\System32\gpapi.dll - ok
19:45:11.0048 6128 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:45:11.0048 6128 C:\Windows\System32\umpo.dll - ok
19:45:11.0049 6128 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:45:11.0049 6128 C:\Windows\System32\userenv.dll - ok
19:45:11.0051 6128 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:45:11.0051 6128 C:\Windows\System32\pcwum.dll - ok
19:45:11.0053 6128 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:45:11.0053 6128 C:\Windows\System32\powrprof.dll - ok
19:45:11.0054 6128 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:45:11.0054 6128 C:\Windows\System32\drivers\luafv.sys - ok
19:45:11.0056 6128 [ 574087EA9105F23FB522A4FDDD5292D9 ] C:\Windows\System32\nvvsvc.exe
19:45:11.0056 6128 C:\Windows\System32\nvvsvc.exe - ok
19:45:11.0058 6128 [ 78216A10BF8B200890A88D8820F33F14 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:45:11.0058 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
19:45:11.0059 6128 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:45:11.0059 6128 C:\Windows\System32\wtsapi32.dll - ok
19:45:11.0061 6128 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:45:11.0061 6128 C:\Windows\SysWOW64\ntdll.dll - ok
19:45:11.0062 6128 [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
19:45:11.0062 6128 C:\Windows\System32\wow64.dll - ok
19:45:11.0064 6128 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
19:45:11.0064 6128 C:\Windows\System32\wow64cpu.dll - ok
19:45:11.0066 6128 [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
19:45:11.0066 6128 C:\Windows\System32\wow64win.dll - ok
19:45:11.0067 6128 [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
19:45:11.0067 6128 C:\Windows\SysWOW64\kernel32.dll - ok
19:45:11.0069 6128 [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
19:45:11.0069 6128 C:\Windows\SysWOW64\KernelBase.dll - ok
19:45:11.0071 6128 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:45:11.0071 6128 C:\Windows\SysWOW64\msvcrt.dll - ok
19:45:11.0072 6128 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:45:11.0072 6128 C:\Windows\SysWOW64\setupapi.dll - ok
19:45:11.0074 6128 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:45:11.0074 6128 C:\Windows\SysWOW64\version.dll - ok
19:45:11.0075 6128 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:45:11.0075 6128 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:45:11.0077 6128 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:45:11.0077 6128 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:45:11.0079 6128 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:45:11.0079 6128 C:\Windows\SysWOW64\advapi32.dll - ok
19:45:11.0080 6128 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:45:11.0080 6128 C:\Windows\SysWOW64\cryptbase.dll - ok
19:45:11.0082 6128 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:45:11.0082 6128 C:\Windows\SysWOW64\gdi32.dll - ok
19:45:11.0084 6128 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:45:11.0084 6128 C:\Windows\SysWOW64\sechost.dll - ok
19:45:11.0085 6128 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
19:45:11.0085 6128 C:\Windows\SysWOW64\sspicli.dll - ok
19:45:11.0087 6128 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:45:11.0087 6128 C:\Windows\SysWOW64\lpk.dll - ok
19:45:11.0088 6128 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:45:11.0088 6128 C:\Windows\SysWOW64\user32.dll - ok
19:45:11.0090 6128 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
19:45:11.0090 6128 C:\Windows\SysWOW64\usp10.dll - ok
19:45:11.0092 6128 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:45:11.0092 6128 C:\Windows\SysWOW64\oleaut32.dll - ok
19:45:11.0093 6128 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:45:11.0093 6128 C:\Windows\SysWOW64\ole32.dll - ok
19:45:11.0095 6128 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:45:11.0095 6128 C:\Windows\SysWOW64\devobj.dll - ok
19:45:11.0096 6128 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:45:11.0096 6128 C:\Windows\SysWOW64\imm32.dll - ok
19:45:11.0098 6128 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:45:11.0098 6128 C:\Windows\SysWOW64\winspool.drv - ok
19:45:11.0100 6128 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:45:11.0100 6128 C:\Windows\SysWOW64\msctf.dll - ok
19:45:11.0101 6128 [ E0A7D40A14984939CD009B3A21F6F45C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
19:45:11.0101 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
19:45:11.0103 6128 [ 77895F43790C536DD6776409AA7D7D90 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
19:45:11.0103 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
19:45:11.0105 6128 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:45:11.0105 6128 C:\Windows\System32\RpcEpMap.dll - ok
19:45:11.0106 6128 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:45:11.0106 6128 C:\Windows\System32\rpcss.dll - ok
19:45:11.0108 6128 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
19:45:11.0108 6128 C:\Windows\SysWOW64\wintrust.dll - ok
19:45:11.0110 6128 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
19:45:11.0110 6128 C:\Windows\SysWOW64\crypt32.dll - ok
19:45:11.0111 6128 [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
19:45:11.0111 6128 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
19:45:11.0113 6128 [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:45:11.0113 6128 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
19:45:11.0115 6128 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:45:11.0115 6128 C:\Windows\System32\FirewallAPI.dll - ok
19:45:11.0116 6128 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:45:11.0116 6128 C:\Windows\System32\wshqos.dll - ok
19:45:11.0118 6128 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:45:11.0118 6128 C:\Windows\System32\WSHTCPIP.DLL - ok
19:45:11.0119 6128 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:45:11.0119 6128 C:\Windows\SysWOW64\msasn1.dll - ok
19:45:11.0121 6128 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:45:11.0121 6128 C:\Windows\System32\authui.dll - ok
19:45:11.0122 6128 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:45:11.0123 6128 C:\Windows\System32\LogonUI.exe - ok
19:45:11.0124 6128 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:45:11.0124 6128 C:\Windows\SysWOW64\ntmarta.dll - ok
19:45:11.0126 6128 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:45:11.0126 6128 C:\Windows\SysWOW64\Wldap32.dll - ok
19:45:11.0128 6128 [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
19:45:11.0128 6128 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
19:45:11.0129 6128 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:45:11.0129 6128 C:\Windows\System32\version.dll - ok
19:45:11.0131 6128 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:45:11.0131 6128 C:\Windows\System32\ntmarta.dll - ok
19:45:11.0133 6128 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:45:11.0133 6128 C:\Windows\SysWOW64\devrtl.dll - ok
19:45:11.0134 6128 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
19:45:11.0134 6128 C:\Windows\SysWOW64\SPInf.dll - ok
19:45:11.0136 6128 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:45:11.0136 6128 C:\Windows\System32\cryptui.dll - ok
19:45:11.0137 6128 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:45:11.0137 6128 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:45:11.0139 6128 [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
19:45:11.0139 6128 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
19:45:11.0141 6128 [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
19:45:11.0141 6128 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
19:45:11.0143 6128 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:45:11.0143 6128 C:\Windows\System32\wevtsvc.dll - ok
19:45:11.0144 6128 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
19:45:11.0144 6128 C:\Windows\System32\fltLib.dll - ok
19:45:11.0146 6128 [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
19:45:11.0146 6128 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
19:45:11.0148 6128 [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
19:45:11.0148 6128 C:\Windows\System32\drivers\MpFilter.sys - ok
19:45:11.0149 6128 [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
19:45:11.0149 6128 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
19:45:11.0151 6128 [ 747E9FD93A32202BE6DC5D1321BE977C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpengine.dll
19:45:11.0151 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpengine.dll - ok
19:45:11.0153 6128 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:45:11.0153 6128 C:\Windows\System32\shacct.dll - ok
19:45:11.0154 6128 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:45:11.0154 6128 C:\Windows\System32\propsys.dll - ok
19:45:11.0156 6128 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:45:11.0156 6128 C:\Windows\System32\samlib.dll - ok
19:45:11.0158 6128 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:45:11.0158 6128 C:\Windows\System32\audiosrv.dll - ok
19:45:11.0159 6128 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:45:11.0159 6128 C:\Windows\System32\netprofm.dll - ok
19:45:11.0161 6128 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:45:11.0161 6128 C:\Windows\System32\avrt.dll - ok
19:45:11.0162 6128 [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
19:45:11.0162 6128 C:\Windows\System32\FntCache.dll - ok
19:45:11.0164 6128 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:45:11.0164 6128 C:\Windows\System32\mmcss.dll - ok
19:45:11.0166 6128 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:45:11.0166 6128 C:\Windows\System32\adtschema.dll - ok
19:45:11.0167 6128 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:45:11.0167 6128 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:45:11.0169 6128 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:45:11.0169 6128 C:\Windows\System32\MMDevAPI.dll - ok
19:45:11.0171 6128 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:45:11.0171 6128 C:\Windows\System32\MPSSVC.dll - ok
19:45:11.0172 6128 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:45:11.0172 6128 C:\Windows\System32\uxtheme.dll - ok
19:45:11.0174 6128 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:45:11.0174 6128 C:\Windows\System32\drivers\fltMgr.sys - ok
19:45:11.0175 6128 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
19:45:11.0175 6128 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
19:45:11.0177 6128 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:45:11.0177 6128 C:\Windows\System32\PSHED.DLL - ok
19:45:11.0178 6128 [ 997714A70C11ED43A771AE5A95F0D026 ] C:\Windows\System32\wbem\WinMgmtR.dll
19:45:11.0178 6128 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:45:11.0180 6128 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:45:11.0180 6128 C:\Windows\System32\audiodg.exe - ok
19:45:11.0182 6128 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:45:11.0182 6128 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:45:11.0183 6128 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
19:45:11.0183 6128 C:\Windows\System32\cscsvc.dll - ok
19:45:11.0185 6128 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:45:11.0185 6128 C:\Windows\System32\gpsvc.dll - ok
19:45:11.0186 6128 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
19:45:11.0186 6128 C:\Windows\System32\profsvc.dll - ok
19:45:11.0188 6128 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:45:11.0188 6128 C:\Windows\System32\dui70.dll - ok
19:45:11.0190 6128 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:45:11.0190 6128 C:\Windows\System32\atl.dll - ok
19:45:11.0191 6128 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:45:11.0191 6128 C:\Windows\System32\es.dll - ok
19:45:11.0193 6128 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:45:11.0193 6128 C:\Windows\System32\themeservice.dll - ok
19:45:11.0194 6128 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:45:11.0194 6128 C:\Windows\System32\comres.dll - ok
19:45:11.0196 6128 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:45:11.0196 6128 C:\Windows\System32\Sens.dll - ok
19:45:11.0197 6128 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:45:11.0197 6128 C:\Windows\System32\duser.dll - ok
19:45:11.0199 6128 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
19:45:11.0199 6128 C:\Windows\System32\PeerDist.dll - ok
19:45:11.0201 6128 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:45:11.0201 6128 C:\Windows\System32\dsrole.dll - ok
19:45:11.0202 6128 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
19:45:11.0202 6128 C:\Windows\System32\nlaapi.dll - ok
19:45:11.0204 6128 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:45:11.0204 6128 C:\Windows\System32\slc.dll - ok
19:45:11.0205 6128 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:45:11.0205 6128 C:\Windows\System32\SndVolSSO.dll - ok
19:45:11.0207 6128 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:45:11.0207 6128 C:\Windows\System32\taskschd.dll - ok
19:45:11.0209 6128 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:45:11.0209 6128 C:\Windows\System32\hid.dll - ok
19:45:11.0210 6128 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:45:11.0210 6128 C:\Windows\System32\dwmapi.dll - ok
19:45:11.0212 6128 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:45:11.0212 6128 C:\Windows\System32\xmllite.dll - ok
19:45:11.0213 6128 [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
19:45:11.0213 6128 C:\Windows\System32\WindowsCodecs.dll - ok
19:45:11.0215 6128 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
19:45:11.0215 6128 C:\Windows\System32\mstask.dll - ok
19:45:11.0217 6128 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:45:11.0217 6128 C:\Windows\System32\dhcpcore.dll - ok
19:45:11.0218 6128 [ CC3B49B032527C7E7DFDAB8946E80E9C ] C:\Windows\System32\drivers\diginet.sys
19:45:11.0218 6128 C:\Windows\System32\drivers\diginet.sys - ok
19:45:11.0220 6128 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:45:11.0220 6128 C:\Windows\System32\drivers\lltdio.sys - ok
19:45:11.0221 6128 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:45:11.0221 6128 C:\Windows\System32\drivers\rspndr.sys - ok
19:45:11.0223 6128 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:45:11.0223 6128 C:\Windows\System32\IPHLPAPI.DLL - ok
19:45:11.0225 6128 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:45:11.0225 6128 C:\Windows\System32\lmhsvc.dll - ok
19:45:11.0226 6128 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:45:11.0226 6128 C:\Windows\System32\nrpsrv.dll - ok
19:45:11.0228 6128 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:45:11.0228 6128 C:\Windows\System32\nsisvc.dll - ok
19:45:11.0229 6128 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:45:11.0229 6128 C:\Windows\System32\uxsms.dll - ok
19:45:11.0231 6128 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:45:11.0231 6128 C:\Windows\System32\winnsi.dll - ok
19:45:11.0232 6128 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:45:11.0232 6128 C:\Windows\System32\dnsrslvr.dll - ok
19:45:11.0234 6128 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:45:11.0234 6128 C:\Windows\System32\FWPUCLNT.DLL - ok
19:45:11.0236 6128 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
19:45:11.0236 6128 C:\Windows\System32\dhcpcore6.dll - ok
19:45:11.0237 6128 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:45:11.0237 6128 C:\Windows\System32\VaultCredProvider.dll - ok
19:45:11.0239 6128 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:45:11.0239 6128 C:\Windows\System32\winbrand.dll - ok
19:45:11.0241 6128 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
19:45:11.0241 6128 C:\Windows\System32\dhcpcsvc6.dll - ok
19:45:11.0242 6128 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:45:11.0242 6128 C:\Windows\System32\dnsext.dll - ok
19:45:11.0244 6128 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:45:11.0244 6128 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:45:11.0246 6128 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:45:11.0246 6128 C:\Windows\System32\dhcpcsvc.dll - ok
19:45:11.0247 6128 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:45:11.0247 6128 C:\Windows\System32\shsvcs.dll - ok
19:45:11.0249 6128 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:45:11.0249 6128 C:\Windows\System32\BioCredProv.dll - ok
19:45:11.0251 6128 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:45:11.0251 6128 C:\Windows\System32\schedsvc.dll - ok
19:45:11.0252 6128 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:45:11.0252 6128 C:\Windows\System32\winbio.dll - ok
19:45:11.0254 6128 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:45:11.0254 6128 C:\Windows\System32\credui.dll - ok
19:45:11.0255 6128 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
19:45:11.0255 6128 C:\Windows\System32\netapi32.dll - ok
19:45:11.0257 6128 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:45:11.0257 6128 C:\Windows\System32\netutils.dll - ok
19:45:11.0258 6128 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:45:11.0258 6128 C:\Windows\System32\vaultcli.dll - ok
19:45:11.0260 6128 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:45:11.0260 6128 C:\Windows\System32\wkscli.dll - ok
19:45:11.0262 6128 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:45:11.0262 6128 C:\Windows\System32\samcli.dll - ok
19:45:11.0263 6128 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:45:11.0263 6128 C:\Windows\System32\certCredProvider.dll - ok
19:45:11.0265 6128 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:45:11.0265 6128 C:\Windows\System32\rasplap.dll - ok
19:45:11.0266 6128 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:45:11.0266 6128 C:\Windows\System32\ktmw32.dll - ok
19:45:11.0268 6128 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:45:11.0268 6128 C:\Windows\System32\rasapi32.dll - ok
19:45:11.0270 6128 [ A58F4E888905822C479B4CDC642AE278 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpasbase.vdm
19:45:11.0270 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpasbase.vdm - ok
19:45:11.0271 6128 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:45:11.0271 6128 C:\Windows\System32\fveapi.dll - ok
19:45:11.0273 6128 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:45:11.0273 6128 C:\Windows\System32\fvecerts.dll - ok
19:45:11.0275 6128 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:45:11.0275 6128 C:\Windows\System32\rasman.dll - ok
19:45:11.0276 6128 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:45:11.0276 6128 C:\Windows\System32\rtutils.dll - ok
19:45:11.0278 6128 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:45:11.0278 6128 C:\Windows\System32\tbs.dll - ok
19:45:11.0279 6128 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:45:11.0279 6128 C:\Windows\System32\wiarpc.dll - ok
19:45:11.0281 6128 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:45:11.0281 6128 C:\Windows\System32\oleacc.dll - ok
19:45:11.0282 6128 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:45:11.0282 6128 C:\Windows\System32\taskcomp.dll - ok
19:45:11.0284 6128 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:45:11.0284 6128 C:\Windows\System32\UXInit.dll - ok
19:45:11.0286 6128 [ 7D0D943B89CE1199EEBD05CD78D5D313 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
19:45:11.0286 6128 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
19:45:11.0287 6128 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:45:11.0287 6128 C:\Windows\System32\UIAutomationCore.dll - ok
19:45:11.0289 6128 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:45:11.0289 6128 C:\Windows\System32\drivers\http.sys - ok
19:45:11.0291 6128 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
19:45:11.0291 6128 C:\Windows\System32\spoolsv.exe - ok
19:45:11.0292 6128 [ A3EAF213C26779DE69E269603FF5BDD0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
19:45:11.0292 6128 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
19:45:11.0294 6128 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:45:11.0294 6128 C:\Windows\System32\BFE.DLL - ok
19:45:11.0295 6128 [ 63AA7097E18EB8086C35748DD39D4DF2 ] C:\Windows\System32\nvsvc64.dll
19:45:11.0295 6128 C:\Windows\System32\nvsvc64.dll - ok
19:45:11.0297 6128 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:45:11.0297 6128 C:\Windows\System32\msimg32.dll - ok
19:45:11.0299 6128 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:45:11.0299 6128 C:\Windows\System32\drivers\bowser.sys - ok
19:45:11.0300 6128 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:45:11.0300 6128 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:45:11.0302 6128 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:45:11.0302 6128 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:45:11.0304 6128 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:45:11.0304 6128 C:\Windows\System32\imageres.dll - ok
19:45:11.0305 6128 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
19:45:11.0305 6128 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
19:45:11.0307 6128 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:45:11.0307 6128 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:45:11.0309 6128 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:45:11.0309 6128 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:45:11.0310 6128 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:45:11.0310 6128 C:\Windows\System32\wfapigp.dll - ok
19:45:11.0312 6128 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:45:11.0312 6128 C:\Windows\System32\wkssvc.dll - ok
19:45:11.0313 6128 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:45:11.0313 6128 C:\Windows\System32\mscms.dll - ok
19:45:11.0315 6128 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:45:11.0315 6128 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:45:11.0317 6128 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
19:45:11.0317 6128 C:\Windows\SysWOW64\shell32.dll - ok
19:45:11.0318 6128 [ 478672840D9FB490D01221AE0F85D81A ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
19:45:11.0318 6128 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
19:45:11.0320 6128 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:45:11.0320 6128 C:\Windows\System32\pcasvc.dll - ok
19:45:11.0322 6128 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:45:11.0322 6128 C:\Windows\System32\snmptrap.exe - ok
19:45:11.0323 6128 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
19:45:11.0323 6128 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
19:45:11.0325 6128 [ D6DA9DDCB8DEA5FD995D37BA346D84DC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
19:45:11.0325 6128 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
19:45:11.0327 6128 [ FA87CCCD1B6FCAD419BE102FAC940BCD ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
19:45:11.0327 6128 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
19:45:11.0328 6128 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:45:11.0328 6128 C:\Windows\System32\winmm.dll - ok
19:45:11.0330 6128 [ E1A338F5FFCCF448321F311134CE29BD ] C:\Windows\System32\nvapi64.dll
19:45:11.0330 6128 C:\Windows\System32\nvapi64.dll - ok
19:45:11.0332 6128 [ C0D3EE2E78D6927ECCDDFE2493E4C053 ] C:\Windows\System32\nvcpl.dll
19:45:11.0332 6128 C:\Windows\System32\nvcpl.dll - ok
19:45:11.0333 6128 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:45:11.0333 6128 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:45:11.0335 6128 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:45:11.0335 6128 C:\Windows\System32\winspool.drv - ok
19:45:11.0337 6128 [ A606855FE52504233FFDE3F5A17BE82E ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
19:45:11.0337 6128 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
19:45:11.0339 6128 [ AB069475C71BF5D9A07157F452CAA263 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpasdlta.vdm
19:45:11.0339 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpasdlta.vdm - ok
19:45:11.0340 6128 [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpavbase.vdm
19:45:11.0340 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpavbase.vdm - ok
19:45:11.0342 6128 [ 9BFAA3CB97C44B868660AB06A2CF6C9A ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpavdlta.vdm
19:45:11.0342 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37A692B6-8EBB-4C3A-945D-C99164C236A9}\mpavdlta.vdm - ok
19:45:11.0344 6128 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
19:45:11.0344 6128 C:\Windows\System32\PeerDistSh.dll - ok
19:45:11.0346 6128 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:45:11.0346 6128 C:\Windows\System32\provsvc.dll - ok
19:45:11.0347 6128 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:45:11.0347 6128 C:\Windows\System32\sstpsvc.dll - ok
19:45:11.0349 6128 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:45:11.0349 6128 C:\Windows\SysWOW64\shlwapi.dll - ok
19:45:11.0351 6128 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:45:11.0351 6128 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:45:11.0352 6128 [ 4FE5C6D40664AE07BE5105874357D2ED ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:45:11.0352 6128 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
19:45:11.0354 6128 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:45:11.0354 6128 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:45:11.0356 6128 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:45:11.0356 6128 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:45:11.0358 6128 [ 5AC534AC42DAB97223FA6DF558DC743F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
19:45:11.0358 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
19:45:11.0360 6128 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
19:45:11.0360 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
19:45:11.0362 6128 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
19:45:11.0362 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
19:45:11.0363 6128 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:45:11.0363 6128 C:\Windows\SysWOW64\ws2_32.dll - ok
19:45:11.0365 6128 [ 54152706627F5F33952340D90ADA50EE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
19:45:11.0365 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
19:45:11.0367 6128 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:45:11.0367 6128 C:\Windows\SysWOW64\nsi.dll - ok
19:45:11.0368 6128 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
19:45:11.0368 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
19:45:11.0370 6128 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
19:45:11.0370 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
19:45:11.0372 6128 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:45:11.0372 6128 C:\Windows\SysWOW64\wsock32.dll - ok
19:45:11.0373 6128 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:45:11.0373 6128 C:\Windows\SysWOW64\winmm.dll - ok
19:45:11.0375 6128 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
19:45:11.0375 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
19:45:11.0377 6128 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
19:45:11.0377 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
19:45:11.0379 6128 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
19:45:11.0379 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
19:45:11.0381 6128 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
19:45:11.0381 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
19:45:11.0382 6128 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:45:11.0382 6128 C:\Windows\SysWOW64\profapi.dll - ok
19:45:11.0384 6128 [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
19:45:11.0384 6128 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
19:45:11.0386 6128 [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
19:45:11.0386 6128 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
19:45:11.0387 6128 [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
19:45:11.0387 6128 C:\Windows\System32\conhost.exe - ok
19:45:11.0389 6128 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
19:45:11.0389 6128 C:\Windows\System32\wscapi.dll - ok
19:45:11.0391 6128 [ 4327CF9A9D0864CA0FFC97FCDA97315A ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
19:45:11.0391 6128 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
19:45:11.0392 6128 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
19:45:11.0392 6128 C:\Windows\SysWOW64\dnssd.dll - ok
19:45:11.0394 6128 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:45:11.0394 6128 C:\Windows\SysWOW64\mswsock.dll - ok
19:45:11.0395 6128 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:45:11.0395 6128 C:\Windows\SysWOW64\userenv.dll - ok
19:45:11.0397 6128 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:45:11.0397 6128 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:45:11.0399 6128 [ 31E2470E61D5A390405BA41C279D8446 ] C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
19:45:11.0399 6128 C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe - ok
19:45:11.0400 6128 [ 24665B221424FFD7B71F0D2C398F2F4F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
19:45:11.0400 6128 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
19:45:11.0402 6128 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:45:11.0402 6128 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:45:11.0404 6128 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:45:11.0404 6128 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:45:11.0406 6128 [ CFE0CEE587F9CEA4C29DEEC6D85FC91C ] C:\Windows\SysWOW64\wininet.dll
19:45:11.0406 6128 C:\Windows\SysWOW64\wininet.dll - ok
19:45:11.0407 6128 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:45:11.0407 6128 C:\Windows\SysWOW64\msimg32.dll - ok
19:45:11.0409 6128 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
19:45:11.0409 6128 C:\Windows\SysWOW64\olepro32.dll - ok
19:45:11.0411 6128 [ 8128B54EAA48F9C06B19A86C87752996 ] C:\Windows\SysWOW64\AsIO.dll
19:45:11.0411 6128 C:\Windows\SysWOW64\AsIO.dll - ok
19:45:11.0412 6128 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
19:45:11.0412 6128 C:\Windows\SysWOW64\mfc42.dll - ok
19:45:11.0414 6128 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:45:11.0414 6128 C:\Windows\System32\cabinet.dll - ok
19:45:11.0415 6128 [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
19:45:11.0415 6128 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
19:45:11.0417 6128 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
19:45:11.0417 6128 C:\Windows\SysWOW64\odbc32.dll - ok
19:45:11.0419 6128 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:45:11.0419 6128 C:\Windows\System32\p2pcollab.dll - ok
19:45:11.0420 6128 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
19:45:11.0420 6128 C:\Windows\SysWOW64\odbcint.dll - ok
19:45:11.0422 6128 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:45:11.0422 6128 C:\Windows\System32\QAGENTRT.DLL - ok
19:45:11.0423 6128 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:45:11.0423 6128 C:\Windows\System32\fveui.dll - ok
19:45:11.0425 6128 [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
19:45:11.0425 6128 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
19:45:11.0426 6128 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
19:45:11.0426 6128 C:\Windows\System32\slwga.dll - ok
19:45:11.0428 6128 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
19:45:11.0428 6128 C:\Windows\System32\sppc.dll - ok
19:45:11.0429 6128 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
19:45:11.0429 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
19:45:11.0431 6128 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
19:45:11.0431 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
19:45:11.0433 6128 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
19:45:11.0433 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
19:45:11.0435 6128 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
19:45:11.0435 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
19:45:11.0437 6128 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
19:45:11.0437 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
19:45:11.0438 6128 [ B5DEC0D4CBBC333CA99FE10B06D4747E ] C:\Windows\SysWOW64\iertutil.dll
19:45:11.0438 6128 C:\Windows\SysWOW64\iertutil.dll - ok
19:45:11.0440 6128 [ A84509C6AB1C764C592F192AA89DA830 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
19:45:11.0440 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
19:45:11.0442 6128 [ CF3126A2FF45AA224FC541BC543C2D9C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
19:45:11.0442 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
19:45:11.0443 6128 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:45:11.0443 6128 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:45:11.0445 6128 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:45:11.0445 6128 C:\Windows\SysWOW64\winnsi.dll - ok
19:45:11.0447 6128 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:45:11.0447 6128 C:\Windows\System32\dllhost.exe - ok
19:45:11.0448 6128 [ 0A855F27A1E48991D14C593CB930D2B2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
19:45:11.0448 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
19:45:11.0450 6128 [ 011285619951BC4C92FE322E08ABF050 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
19:45:11.0450 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
19:45:11.0452 6128 [ 39BC8F5C812CA333F2571C34C220979A ] C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
19:45:11.0452 6128 C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll - ok
19:45:11.0454 6128 [ AFFEBDF6CE01FCB74B3BB7CC3C7B7EEC ] C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
19:45:11.0454 6128 C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll - ok
19:45:11.0455 6128 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:45:11.0455 6128 C:\Windows\System32\IDStore.dll - ok
19:45:11.0457 6128 [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
19:45:11.0457 6128 C:\Windows\System32\taskhost.exe - ok
19:45:11.0459 6128 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:45:11.0459 6128 C:\Windows\SysWOW64\clbcatq.dll - ok
19:45:11.0460 6128 [ 0466B91EE5767A769E9F8EDB8EF94DDB ] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
19:45:11.0460 6128 C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe - ok
19:45:11.0462 6128 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:45:11.0462 6128 C:\Windows\System32\AtBroker.exe - ok
19:45:11.0464 6128 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:45:11.0464 6128 C:\Windows\System32\taskeng.exe - ok
19:45:11.0465 6128 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:45:11.0465 6128 C:\Windows\SysWOW64\cryptsp.dll - ok
19:45:11.0467 6128 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:45:11.0467 6128 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:45:11.0468 6128 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:45:11.0468 6128 C:\Windows\SysWOW64\rsaenh.dll - ok
19:45:11.0470 6128 [ 68FB60221D8C7143C01BC758F9853784 ] C:\Program Files (x86)\ASUS\AAHM\1.00.20\AsAcpi.dll
19:45:11.0470 6128 C:\Program Files (x86)\ASUS\AAHM\1.00.20\AsAcpi.dll - ok
19:45:11.0472 6128 [ AD8947D621FDCA48F1F39F4624B60AA1 ] C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
19:45:11.0472 6128 C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe - ok
19:45:11.0473 6128 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:45:11.0473 6128 C:\Windows\SysWOW64\uxtheme.dll - ok
19:45:11.0475 6128 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:45:11.0475 6128 C:\Windows\System32\TSChannel.dll - ok
19:45:11.0477 6128 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:45:11.0477 6128 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:45:11.0478 6128 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
19:45:11.0478 6128 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
19:45:11.0480 6128 [ 8C9231025FAF86B78906B6C847531FFB ] C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
19:45:11.0480 6128 C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe - ok
19:45:11.0482 6128 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
19:45:11.0482 6128 C:\Windows\SysWOW64\netapi32.dll - ok
19:45:11.0484 6128 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:45:11.0484 6128 C:\Windows\SysWOW64\netutils.dll - ok
19:45:11.0485 6128 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:45:11.0485 6128 C:\Windows\SysWOW64\srvcli.dll - ok
19:45:11.0487 6128 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:45:11.0487 6128 C:\Windows\SysWOW64\wkscli.dll - ok
19:45:11.0488 6128 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
19:45:11.0488 6128 C:\Windows\SysWOW64\imagehlp.dll - ok
19:45:11.0490 6128 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
19:45:11.0490 6128 C:\Windows\SysWOW64\msi.dll - ok
19:45:11.0492 6128 [ 02F97FBBA78B79196BBE0AC4044F2B61 ] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
19:45:11.0492 6128 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe - ok
19:45:11.0493 6128 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:45:11.0493 6128 C:\Windows\SysWOW64\comdlg32.dll - ok
19:45:11.0495 6128 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:45:11.0495 6128 C:\Windows\SysWOW64\cscapi.dll - ok
19:45:11.0497 6128 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:45:11.0497 6128 C:\Windows\SysWOW64\oledlg.dll - ok
19:45:11.0498 6128 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:45:11.0498 6128 C:\Windows\SysWOW64\dbghelp.dll - ok
19:45:11.0500 6128 [ E2891088BC0A341F49B69D524BA04882 ] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsAcpi.dll
19:45:11.0500 6128 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsAcpi.dll - ok
19:45:11.0502 6128 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
19:45:11.0502 6128 C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:45:11.0503 6128 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:45:11.0503 6128 C:\Windows\SysWOW64\dwmapi.dll - ok
19:45:11.0505 6128 [ 164EA9CDBA6B4CDD7731A23E7FD933FA ] C:\Windows\SysWOW64\wbemcomn2.dll
19:45:11.0505 6128 C:\Windows\SysWOW64\wbemcomn2.dll - ok
19:45:11.0506 6128 [ D639B766AEBC5CCDA75447D4BCFB952E ] C:\Windows\SysWOW64\wbem\wbemprox.dll
19:45:11.0506 6128 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
19:45:11.0508 6128 [ 524DC3807CB1746225F9D26ADD19C319 ] C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
19:45:11.0508 6128 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe - ok
19:45:11.0510 6128 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
19:45:11.0510 6128 C:\Windows\System32\cryptsvc.dll - ok
19:45:11.0511 6128 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
19:45:11.0511 6128 C:\Windows\System32\cryptnet.dll - ok
19:45:11.0513 6128 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:45:11.0513 6128 C:\Windows\System32\vssapi.dll - ok
19:45:11.0515 6128 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:45:11.0515 6128 C:\Windows\SysWOW64\apphelp.dll - ok
19:45:11.0516 6128 [ 78DD49438AAD322B9409A51B8962687C ] C:\Windows\System32\drivers\rikvm_38F51D56.sys
19:45:11.0516 6128 C:\Windows\System32\drivers\rikvm_38F51D56.sys - ok
19:45:11.0518 6128 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
19:45:11.0518 6128 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
19:45:11.0520 6128 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
19:45:11.0520 6128 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
19:45:11.0521 6128 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:45:11.0521 6128 C:\Windows\SysWOW64\mstask.dll - ok
19:45:11.0523 6128 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:45:11.0523 6128 C:\Windows\System32\cscapi.dll - ok
19:45:11.0525 6128 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:45:11.0525 6128 C:\Windows\System32\dbghelp.dll - ok
19:45:11.0526 6128 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:45:11.0526 6128 C:\Windows\System32\vsstrace.dll - ok
19:45:11.0528 6128 [ F2EC0B4FBA3178C65D0E32354033142E ] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
19:45:11.0528 6128 C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe - ok
19:45:11.0530 6128 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:45:11.0530 6128 C:\Windows\System32\dps.dll - ok
19:45:11.0531 6128 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
19:45:11.0531 6128 C:\Windows\System32\efscore.dll - ok
19:45:11.0533 6128 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
19:45:11.0533 6128 C:\Windows\System32\efssvc.dll - ok
19:45:11.0534 6128 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
19:45:11.0534 6128 C:\Windows\System32\efsutil.dll - ok
19:45:11.0536 6128 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:45:11.0536 6128 C:\Windows\SysWOW64\propsys.dll - ok
19:45:11.0538 6128 [ F17E973615D5CBB9026AF311A6D6A21A ] C:\Windows\System32\efsui.exe
19:45:11.0538 6128 C:\Windows\System32\efsui.exe - ok
19:45:11.0539 6128 [ A390CB325BED05DA64D1471E9949CAC5 ] C:\Windows\System32\efsadu.dll
19:45:11.0539 6128 C:\Windows\System32\efsadu.dll - ok
19:45:11.0541 6128 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
19:45:11.0541 6128 C:\Windows\System32\mfc42u.dll - ok
19:45:11.0542 6128 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
19:45:11.0542 6128 C:\Windows\System32\odbc32.dll - ok
19:45:11.0544 6128 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
19:45:11.0544 6128 C:\Windows\System32\odbcint.dll - ok
19:45:11.0546 6128 [ 69CB1A65B835EE6ADF9E16ED6D443072 ] C:\Windows\SysWOW64\urlmon.dll
19:45:11.0546 6128 C:\Windows\SysWOW64\urlmon.dll - ok
19:45:11.0547 6128 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
19:45:11.0547 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
19:45:11.0549 6128 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
19:45:11.0549 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
19:45:11.0551 6128 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
19:45:11.0551 6128 C:\Windows\SysWOW64\secur32.dll - ok
19:45:11.0552 6128 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:45:11.0552 6128 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:45:11.0554 6128 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:45:11.0554 6128 C:\Windows\System32\rasadhlp.dll - ok
19:45:11.0556 6128 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:45:11.0556 6128 C:\Windows\System32\umb.dll - ok
19:45:11.0557 6128 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
19:45:11.0557 6128 C:\Windows\System32\localspl.dll - ok
19:45:11.0559 6128 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:45:11.0559 6128 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:45:11.0561 6128 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:45:11.0561 6128 C:\Windows\System32\spoolss.dll - ok
19:45:11.0562 6128 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:45:11.0562 6128 C:\Windows\SysWOW64\sfc.dll - ok
19:45:11.0564 6128 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:45:11.0564 6128 C:\Windows\SysWOW64\sfc_os.dll - ok
19:45:11.0565 6128 [ EC55351788F229C98BCD657ED0B46893 ] C:\Windows\System32\CNMLM91.DLL
19:45:11.0565 6128 C:\Windows\System32\CNMLM91.DLL - ok
19:45:11.0567 6128 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:45:11.0567 6128 C:\Windows\System32\FXSMON.dll - ok
19:45:11.0568 6128 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:45:11.0568 6128 C:\Windows\System32\tcpmon.dll - ok
19:45:11.0570 6128 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:45:11.0570 6128 C:\Windows\System32\snmpapi.dll - ok
19:45:11.0572 6128 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:45:11.0572 6128 C:\Windows\System32\wsnmp32.dll - ok
19:45:11.0573 6128 [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
19:45:11.0573 6128 C:\Windows\System32\msxml6.dll - ok
19:45:11.0575 6128 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:45:11.0575 6128 C:\Windows\System32\usbmon.dll - ok
19:45:11.0576 6128 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:45:11.0576 6128 C:\Windows\System32\WSDApi.dll - ok
19:45:11.0578 6128 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:45:11.0578 6128 C:\Windows\System32\WSDMon.dll - ok
19:45:11.0580 6128 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:45:11.0580 6128 C:\Windows\System32\webservices.dll - ok
19:45:11.0581 6128 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:45:11.0581 6128 C:\Windows\System32\fundisc.dll - ok
19:45:11.0583 6128 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:45:11.0583 6128 C:\Windows\System32\fdPnp.dll - ok
19:45:11.0584 6128 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:45:11.0584 6128 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:45:11.0586 6128 [ FC31518FAC3D66998EB5DA9D7AD32111 ] C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL
19:45:11.0586 6128 C:\Windows\System32\spool\prtprocs\x64\CNMPD91.DLL - ok
19:45:11.0588 6128 [ 0353B239C28B0E9EBC7FA3D1F6181661 ] C:\Windows\System32\win32spl.dll
19:45:11.0588 6128 C:\Windows\System32\win32spl.dll - ok
19:45:11.0589 6128 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:45:11.0589 6128 C:\Windows\System32\inetpp.dll - ok
19:45:11.0591 6128 [ 105A6A8470B8368C51BFE0F105FCAF20 ] C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\FanUtility.exe
19:45:11.0591 6128 C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\FanUtility.exe - ok
19:45:11.0593 6128 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:45:11.0593 6128 C:\Windows\SysWOW64\mpr.dll - ok
19:45:11.0594 6128 [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
19:45:11.0594 6128 C:\Windows\SysWOW64\msxml3.dll - ok
19:45:11.0596 6128 [ 67D5FF7BFA5B4A93AE0F1E0D1291E5F8 ] C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
19:45:11.0596 6128 C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll - ok
19:45:11.0598 6128 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:45:11.0598 6128 C:\Windows\SysWOW64\sxs.dll - ok
19:45:11.0599 6128 [ C3EE2CE6A16AEED78AAD518FDE72958A ] C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiex.dll
19:45:11.0599 6128 C:\Program Files (x86)\ASUS\AAHM\1.00.20\asacpiex.dll - ok
19:45:11.0601 6128 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:45:11.0601 6128 C:\Windows\System32\mpr.dll - ok
19:45:11.0603 6128 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:45:11.0603 6128 C:\Windows\System32\dwm.exe - ok
19:45:11.0604 6128 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:45:11.0604 6128 C:\Windows\System32\userinit.exe - ok
19:45:11.0606 6128 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:45:11.0606 6128 C:\Windows\System32\dwmcore.dll - ok
19:45:11.0607 6128 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:45:11.0608 6128 C:\Windows\System32\dwmredir.dll - ok
19:45:11.0609 6128 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:45:11.0609 6128 C:\Windows\System32\esent.dll - ok
19:45:11.0611 6128 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:45:11.0611 6128 C:\Windows\System32\HotStartUserAgent.dll - ok
19:45:11.0612 6128 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:45:11.0612 6128 C:\Windows\System32\MsCtfMonitor.dll - ok
19:45:11.0614 6128 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:45:11.0614 6128 C:\Windows\System32\msutb.dll - ok
19:45:11.0616 6128 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:45:11.0616 6128 C:\Windows\System32\PlaySndSrv.dll - ok
19:45:11.0617 6128 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:45:11.0617 6128 C:\Windows\explorer.exe - ok
19:45:11.0619 6128 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:45:11.0619 6128 C:\Windows\System32\ExplorerFrame.dll - ok
19:45:11.0621 6128 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:45:11.0621 6128 C:\Windows\System32\EhStorShell.dll - ok
19:45:11.0622 6128 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
19:45:11.0622 6128 C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL - ok
19:45:11.0624 6128 [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
19:45:11.0624 6128 C:\Windows\System32\d3d10_1.dll - ok
19:45:11.0626 6128 [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
19:45:11.0626 6128 C:\Windows\System32\d3d10_1core.dll - ok
19:45:11.0627 6128 [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
19:45:11.0627 6128 C:\Windows\System32\d3d11.dll - ok
19:45:11.0629 6128 [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
19:45:11.0629 6128 C:\Windows\System32\dxgi.dll - ok
19:45:11.0630 6128 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:45:11.0630 6128 C:\Windows\System32\NapiNSP.dll - ok
19:45:11.0632 6128 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
19:45:11.0632 6128 C:\Windows\System32\nlasvc.dll - ok
19:45:11.0634 6128 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:45:11.0634 6128 C:\Windows\System32\pnrpnsp.dll - ok
19:45:11.0635 6128 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:45:11.0635 6128 C:\Windows\System32\winrnr.dll - ok
19:45:11.0637 6128 [ C2712BF2D18C0D4214065A170E80C664 ] C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:45:11.0637 6128 C:\Program Files\Intel\iCLS Client\HeciServer.exe - ok
19:45:11.0639 6128 [ A53C54D81C726BEB508F0005F445C4A0 ] C:\Windows\System32\IPROSetMonitor.exe
19:45:11.0639 6128 C:\Windows\System32\IPROSetMonitor.exe - ok
19:45:11.0640 6128 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
19:45:11.0640 6128 C:\Windows\System32\msvcp100.dll - ok
19:45:11.0642 6128 [ 1D244BA5DF607E4C4C50A4CFDA2EE87A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
19:45:11.0642 6128 C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe - ok
19:45:11.0644 6128 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
19:45:11.0644 6128 C:\Windows\System32\msvcr100.dll - ok
19:45:11.0645 6128 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
19:45:11.0645 6128 C:\Windows\SysWOW64\msvcp100.dll - ok
19:45:11.0647 6128 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:45:11.0647 6128 C:\Windows\SysWOW64\dnsapi.dll - ok
19:45:11.0649 6128 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
19:45:11.0649 6128 C:\Windows\SysWOW64\msvcr100.dll - ok
19:45:11.0650 6128 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:45:11.0650 6128 C:\Windows\SysWOW64\wship6.dll - ok
19:45:11.0652 6128 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
19:45:11.0652 6128 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
19:45:11.0653 6128 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:45:11.0653 6128 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:45:11.0655 6128 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:45:11.0655 6128 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:45:11.0657 6128 [ C34411A244029F1C08687F7C752C4563 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:45:11.0657 6128 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
19:45:11.0658 6128 [ 064785841A7CA5B9222942CAD01585EE ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
19:45:11.0658 6128 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
19:45:11.0660 6128 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:45:11.0660 6128 C:\Windows\SysWOW64\psapi.dll - ok
19:45:11.0662 6128 [ 9FDE3D58DB5508F167846522F8951449 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
19:45:11.0662 6128 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
19:45:11.0663 6128 [ 9DB17B1DD76CF0FD0BB3DA5F1DA078C2 ] C:\Windows\System32\drivers\LxrSII1d.sys
19:45:11.0663 6128 C:\Windows\System32\drivers\LxrSII1d.sys - ok
19:45:11.0665 6128 [ E66286727FBF58EB323625AF3EFDA53E ] C:\Windows\SysWOW64\LxrSII1s.exe
19:45:11.0665 6128 C:\Windows\SysWOW64\LxrSII1s.exe - ok
19:45:11.0667 6128 [ E2891088BC0A341F49B69D524BA04882 ] C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\AsAcpi.dll
19:45:11.0667 6128 C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\AsAcpi.dll - ok
19:45:11.0669 6128 [ FCDF60EA278867B930C53DD9777F7682 ] C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\asacpiex.dll
19:45:11.0669 6128 C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\asacpiex.dll - ok
19:45:11.0670 6128 [ 3F188126510FA73A469F42DE42252937 ] C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
19:45:11.0670 6128 C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe - ok
19:45:11.0672 6128 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:45:11.0672 6128 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:45:11.0674 6128 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:45:11.0674 6128 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:45:11.0675 6128 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:45:11.0675 6128 C:\Windows\SysWOW64\bcrypt.dll - ok
19:45:11.0677 6128 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
19:45:11.0677 6128 C:\Windows\SysWOW64\ncrypt.dll - ok
19:45:11.0678 6128 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:45:11.0678 6128 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:45:11.0680 6128 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:45:11.0680 6128 C:\Windows\SysWOW64\gpapi.dll - ok
19:45:11.0681 6128 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
19:45:11.0681 6128 C:\Windows\SysWOW64\cryptnet.dll - ok
19:45:11.0683 6128 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:45:11.0683 6128 C:\Windows\SysWOW64\SensApi.dll - ok
19:45:11.0685 6128 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:45:11.0685 6128 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:45:11.0687 6128 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:45:11.0687 6128 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:45:11.0689 6128 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:45:11.0689 6128 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:45:11.0690 6128 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:45:11.0690 6128 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:45:11.0692 6128 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll
19:45:11.0692 6128 C:\PROGRA~1\MICROS~3\Office14\1033\GrooveIntlResource.dll - ok
19:45:11.0694 6128 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
19:45:11.0694 6128 C:\Windows\System32\cscui.dll - ok
19:45:11.0695 6128 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
19:45:11.0695 6128 C:\Windows\System32\cscdll.dll - ok
19:45:11.0697 6128 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:45:11.0697 6128 C:\Windows\System32\IconCodecService.dll - ok
19:45:11.0699 6128 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:45:11.0699 6128 C:\Windows\System32\ntshrui.dll - ok
19:45:11.0700 6128 [ D8D6990D576FC07F7AE36509B586E486 ] C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
19:45:11.0700 6128 C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe - ok
19:45:11.0702 6128 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
19:45:11.0702 6128 C:\Windows\System32\CertPolEng.dll - ok
19:45:11.0704 6128 [ 0A8BF3229EE6091B72B9E22C19472C39 ] C:\Windows\System32\spool\drivers\x64\3\BROFXA5C.dll
19:45:11.0704 6128 C:\Windows\System32\spool\drivers\x64\3\BROFXA5C.dll - ok
19:45:11.0706 6128 [ 162100E0BC8377710F9D170631921C03 ] C:\Windows\System32\drivers\NisDrvWFP.sys
19:45:11.0706 6128 C:\Windows\System32\drivers\NisDrvWFP.sys - ok
19:45:11.0707 6128 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
19:45:11.0707 6128 C:\Windows\System32\ncsi.dll - ok
19:45:11.0709 6128 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:45:11.0709 6128 C:\Windows\System32\winhttp.dll - ok
19:45:11.0710 6128 [ 438A725C407591F85A1585E00F7E9089 ] C:\Windows\System32\spool\drivers\x64\3\BRUFXA5C.dll
19:45:11.0710 6128 C:\Windows\System32\spool\drivers\x64\3\BRUFXA5C.dll - ok
19:45:11.0712 6128 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:45:11.0712 6128 C:\Windows\System32\webio.dll - ok
19:45:11.0714 6128 [ 79CA5FB6EE4BE3203AD81F3B8722CBF1 ] C:\Windows\System32\spool\drivers\x64\3\BRLFXA5C.DLL
19:45:11.0714 6128 C:\Windows\System32\spool\drivers\x64\3\BRLFXA5C.DLL - ok
19:45:11.0715 6128 [ 932948AED68916A8FF313050A85396EC ] C:\Windows\System32\nvwgf2umx.dll
19:45:11.0715 6128 C:\Windows\System32\nvwgf2umx.dll - ok
19:45:11.0717 6128 [ AC34BA2BA32E7FE0E0225A5052434A44 ] C:\Windows\System32\spool\drivers\x64\3\CNMDR91.DLL
19:45:11.0717 6128 C:\Windows\System32\spool\drivers\x64\3\CNMDR91.DLL - ok
19:45:11.0719 6128 [ B95925A5436C0464B79F5F1AA5157DFC ] C:\Windows\System32\spool\drivers\x64\3\CNMUI91.DLL
19:45:11.0719 6128 C:\Windows\System32\spool\drivers\x64\3\CNMUI91.DLL - ok
19:45:11.0720 6128 [ 352709BEA30DF8C5F077A79C5298AAB0 ] C:\Windows\System32\spool\drivers\x64\3\BROHLB0A.DLL
19:45:11.0720 6128 C:\Windows\System32\spool\drivers\x64\3\BROHLB0A.DLL - ok
19:45:11.0722 6128 [ 77EE0DD40374D502E9F8FDF72608FBEB ] C:\Windows\System32\spool\drivers\x64\3\BRUIMB0A.DLL
19:45:11.0722 6128 C:\Windows\System32\spool\drivers\x64\3\BRUIMB0A.DLL - ok
19:45:11.0724 6128 [ 305318EFCDAC51EF919E505340BCDAAB ] C:\Windows\System32\spool\drivers\x64\3\BRDSMA80.DLL
19:45:11.0724 6128 C:\Windows\System32\spool\drivers\x64\3\BRDSMA80.DLL - ok
19:45:11.0726 6128 [ BD6BE6E28596DB608AE1C51CB2AB79FE ] C:\Windows\System32\spool\drivers\x64\3\BRLGMB0A_0000.DLL
19:45:11.0726 6128 C:\Windows\System32\spool\drivers\x64\3\BRLGMB0A_0000.DLL - ok
19:45:11.0727 6128 [ E4137411446A2F0218F57EBBCB6FCEB2 ] C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
19:45:11.0727 6128 C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll - ok
19:45:11.0729 6128 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
19:45:11.0729 6128 C:\Windows\SysWOW64\wpdshext.dll - ok
19:45:11.0731 6128 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
19:45:11.0731 6128 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
19:45:11.0732 6128 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:45:11.0732 6128 C:\Windows\SysWOW64\shdocvw.dll - ok
19:45:11.0734 6128 [ 0B6118058942961D504AAEA04FECB116 ] C:\Windows\SysWOW64\ieframe.dll
19:45:11.0734 6128 C:\Windows\SysWOW64\ieframe.dll - ok
19:45:11.0736 6128 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
19:45:11.0736 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
19:45:11.0737 6128 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
19:45:11.0737 6128 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
19:45:11.0739 6128 [ 1886DA4ADB90A186E52674FC3A8AFE98 ] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
19:45:11.0739 6128 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe - ok
19:45:11.0741 6128 [ B5106A79DD046815332B6E3B6E8D27D1 ] C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
19:45:11.0741 6128 C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll - ok
19:45:11.0743 6128 [ 7FB99BB09CF9199C566160936B26CE2D ] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll
19:45:11.0743 6128 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AsMultiLang.dll - ok
19:45:11.0744 6128 [ 7FB99BB09CF9199C566160936B26CE2D ] C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll
19:45:11.0744 6128 C:\Program Files (x86)\ASUS\AI Suite II\AsMultiLang.dll - ok
19:45:11.0746 6128 [ B5106A79DD046815332B6E3B6E8D27D1 ] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
19:45:11.0746 6128 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll - ok
19:45:11.0748 6128 [ 68FB60221D8C7143C01BC758F9853784 ] C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll
19:45:11.0748 6128 C:\Program Files (x86)\ASUS\AI Suite II\AsAcpi.dll - ok
19:45:11.0749 6128 [ C3EE2CE6A16AEED78AAD518FDE72958A ] C:\Program Files (x86)\ASUS\AI Suite II\asacpiex.dll
19:45:11.0749 6128 C:\Program Files (x86)\ASUS\AI Suite II\asacpiex.dll - ok
19:45:11.0751 6128 [ 8C4B9DB963B607954A786B042B27802E ] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
19:45:11.0751 6128 C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll - ok
19:45:11.0753 6128 [ 578F4045FA6BBBB76EFB6738888F3F9F ] C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll
19:45:11.0753 6128 C:\Program Files (x86)\ASUS\AI Suite II\Cpu Frequency\CpuFrequency.dll - ok
19:45:11.0755 6128 [ AD4070E21D9A39E69729D082000B5A4E ] C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
19:45:11.0755 6128 C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll - ok
19:45:11.0757 6128 [ 0C7488D1CB40E5CECE582B9811859B5D ] C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
19:45:11.0757 6128 C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll - ok
19:45:11.0758 6128 [ 29C267BB8D8B7C4D788B365953B645B2 ] C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
19:45:11.0758 6128 C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll - ok
19:45:11.0760 6128 [ 9D14AD63376E9B80D4987DAB78B62E21 ] C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
19:45:11.0760 6128 C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe - ok
19:45:11.0762 6128 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:45:11.0762 6128 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:45:11.0764 6128 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:45:11.0764 6128 C:\Windows\System32\aepic.dll - ok
19:45:11.0765 6128 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:45:11.0765 6128 C:\Windows\System32\sfc.dll - ok
19:45:11.0767 6128 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:45:11.0767 6128 C:\Windows\System32\sfc_os.dll - ok
19:45:11.0769 6128 [ E59D4711044B4699135F6A5CD65CDF7C ] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
19:45:11.0769 6128 C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll - ok
19:45:11.0770 6128 [ 93B992A36A89E9F762232998A7ABD01D ] C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll
19:45:11.0770 6128 C:\Program Files (x86)\ASUS\AI Suite II\System Information\SystemInfo.dll - ok
19:45:11.0772 6128 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:45:11.0772 6128 C:\Windows\System32\ssdpapi.dll - ok
19:45:11.0774 6128 [ 7EE5411E76443E0DD05FBDCF5C0A88F1 ] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
19:45:11.0774 6128 C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll - ok
19:45:11.0775 6128 [ 6E290104855A6791739855EA04554C46 ] C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
19:45:11.0775 6128 C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll - ok
19:45:11.0777 6128 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:45:11.0777 6128 C:\Windows\System32\aeevts.dll - ok
19:45:11.0779 6128 [ 7FB99BB09CF9199C566160936B26CE2D ] C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll
19:45:11.0779 6128 C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\AsMultiLang.dll - ok
19:45:11.0780 6128 [ 7FB99BB09CF9199C566160936B26CE2D ] C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll
19:45:11.0780 6128 C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\AsMultiLang.dll - ok
19:45:11.0782 6128 [ 7FB99BB09CF9199C566160936B26CE2D ] C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll
19:45:11.0782 6128 C:\Program Files (x86)\ASUS\AI Suite II\Splitter\AsMultiLang.dll - ok
19:45:11.0784 6128 [ 4BE86D640A489E937B43769A99355664 ] C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
19:45:11.0784 6128 C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll - ok
19:45:11.0786 6128 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:45:11.0786 6128 C:\Windows\System32\drivers\PEAuth.sys - ok
19:45:11.0787 6128 [ F12A68ED55053940CADD59CA5E3468DD ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:45:11.0787 6128 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
19:45:11.0789 6128 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:45:11.0789 6128 C:\Windows\System32\drivers\secdrv.sys - ok
19:45:11.0791 6128 [ E42D201B0B53A94BD8E5B032EC83D843 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:45:11.0791 6128 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
19:45:11.0792 6128 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:45:11.0792 6128 C:\Windows\System32\uDWM.dll - ok
19:45:11.0794 6128 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:45:11.0794 6128 C:\Windows\SysWOW64\webio.dll - ok
19:45:11.0796 6128 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:45:11.0796 6128 C:\Windows\SysWOW64\winhttp.dll - ok
19:45:11.0797 6128 [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
19:45:11.0797 6128 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
19:45:11.0799 6128 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:45:11.0799 6128 C:\Windows\System32\drivers\srvnet.sys - ok
19:45:11.0800 6128 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
19:45:11.0800 6128 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:45:11.0802 6128 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
19:45:11.0802 6128 C:\Windows\System32\sysmain.dll - ok
19:45:11.0804 6128 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:45:11.0804 6128 C:\Windows\System32\wiaservc.dll - ok
19:45:11.0805 6128 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:45:11.0805 6128 C:\Windows\System32\wiatrace.dll - ok
19:45:11.0807 6128 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:45:11.0807 6128 C:\Windows\System32\drivers\srv.sys - ok
19:45:11.0809 6128 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:45:11.0809 6128 C:\Windows\System32\drivers\srv2.sys - ok
19:45:11.0810 6128 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:45:11.0810 6128 C:\Windows\System32\trkwks.dll - ok
19:45:11.0812 6128 [ 136760C1E9697BAF4ECDEAE5590A0806 ] C:\Windows\System32\wbem\WMIsvc.dll
19:45:11.0812 6128 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:45:11.0813 6128 [ A5ACADEE1EC8F9105CBD683A4D722CFE ] C:\Windows\System32\wbemcomn2.dll
19:45:11.0813 6128 C:\Windows\System32\wbemcomn2.dll - ok
19:45:11.0815 6128 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
19:45:11.0815 6128 C:\Windows\System32\iphlpsvc.dll - ok
19:45:11.0817 6128 [ FCEABD99844A035DB8D96E6E8BCCBA5E ] C:\Windows\System32\wbem\fastprox.dll
19:45:11.0817 6128 C:\Windows\System32\wbem\fastprox.dll - ok
19:45:11.0818 6128 [ 636681CA4ECC169E763A611991E7A0C7 ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:45:11.0818 6128 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:45:11.0820 6128 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:45:11.0820 6128 C:\Windows\System32\sqmapi.dll - ok
19:45:11.0822 6128 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:45:11.0822 6128 C:\Windows\System32\ntdsapi.dll - ok
19:45:11.0823 6128 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:45:11.0823 6128 C:\Windows\System32\wdscore.dll - ok
19:45:11.0825 6128 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:45:11.0825 6128 C:\Windows\System32\srvsvc.dll - ok
19:45:11.0826 6128 [ 4D485945E7589FC64E4D6E59ECD483B7 ] C:\Windows\System32\wbem\wbemprox.dll
19:45:11.0826 6128 C:\Windows\System32\wbem\wbemprox.dll - ok
19:45:11.0828 6128 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
19:45:11.0828 6128 C:\Windows\System32\browser.dll - ok
19:45:11.0830 6128 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:45:11.0830 6128 C:\Windows\System32\netcfgx.dll - ok
19:45:11.0831 6128 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:45:11.0831 6128 C:\Windows\System32\netmsg.dll - ok
19:45:11.0833 6128 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:45:11.0833 6128 C:\Windows\System32\clusapi.dll - ok
19:45:11.0834 6128 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:45:11.0834 6128 C:\Windows\System32\hnetcfg.dll - ok
19:45:11.0836 6128 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:45:11.0836 6128 C:\Windows\System32\sscore.dll - ok
19:45:11.0838 6128 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:45:11.0838 6128 C:\Windows\System32\nci.dll - ok
19:45:11.0839 6128 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:45:11.0839 6128 C:\Windows\System32\resutils.dll - ok
19:45:11.0841 6128 [ 0C212FA537F003B8F8C90A85D0F8DF27 ] C:\Windows\System32\wbem\wbemcore.dll
19:45:11.0841 6128 C:\Windows\System32\wbem\wbemcore.dll - ok
19:45:11.0843 6128 [ A67E03E39172459935C591F6E0534569 ] C:\Windows\System32\wbem\esscli.dll
19:45:11.0843 6128 C:\Windows\System32\wbem\esscli.dll - ok
19:45:11.0844 6128 [ 56C9C92B854E6AB6ECDA5C531B6ACF5A ] C:\Windows\System32\wbem\repdrvfs.dll
19:45:11.0844 6128 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:45:11.0846 6128 [ BA5CA827B50D8FE46478BA867B08D020 ] C:\Windows\System32\wbem\wbemsvc.dll
19:45:11.0846 6128 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:45:11.0848 6128 [ F37BCA66EA95079C806D80B23E041876 ] C:\Windows\System32\wbem\wmiutils.dll
19:45:11.0848 6128 C:\Windows\System32\wbem\wmiutils.dll - ok
19:45:11.0849 6128 [ 5A74597CC9007A25458F5F388A539B9D ] C:\Windows\SysWOW64\wbem\fastprox.dll
19:45:11.0849 6128 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
19:45:11.0851 6128 [ 18F421D42906BDFFB4AA430834D368BE ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
19:45:11.0851 6128 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
19:45:11.0852 6128 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
19:45:11.0852 6128 C:\Windows\SysWOW64\ntdsapi.dll - ok
19:45:11.0854 6128 [ 6C399566C1E3E7D475C3698297221A20 ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:45:11.0854 6128 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:45:11.0856 6128 [ 0281DDC918760773F676CE924B153AAF ] C:\Windows\System32\ncobjapi.dll
19:45:11.0856 6128 C:\Windows\System32\ncobjapi.dll - ok
19:45:11.0857 6128 [ 5935C3E7DCDA36AA0E4D9284C8AC319B ] C:\Windows\System32\wbem\wbemess.dll
19:45:11.0857 6128 C:\Windows\System32\wbem\wbemess.dll - ok
19:45:11.0859 6128 [ 241CBD0F099F3D68892D19879E53722D ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:45:11.0859 6128 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:45:11.0861 6128 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
19:45:11.0861 6128 C:\Windows\System32\wbem\cimwin32.dll - ok
19:45:11.0862 6128 [ 90FDC54CE951C93D541925D7486F1314 ] C:\Windows\System32\framedynos.dll
19:45:11.0862 6128 C:\Windows\System32\framedynos.dll - ok
19:45:11.0864 6128 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
19:45:11.0864 6128 C:\Windows\System32\wmi.dll - ok
19:45:11.0865 6128 [ FCDF60EA278867B930C53DD9777F7682 ] C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\asacpiex.dll
19:45:11.0865 6128 C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\asacpiex.dll - ok
19:45:11.0867 6128 [ E9D5841A123E205ABEC33AB1EE0FA20E ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
19:45:11.0867 6128 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
19:45:11.0869 6128 [ 65D2E7FA68A3E0A3F4D586C395E5DB5A ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
19:45:11.0869 6128 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
19:45:11.0871 6128 [ 3160221A64ED29F38C1CFB240D3AB2C9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
19:45:11.0871 6128 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
19:45:11.0872 6128 [ B55DDC9D110158582E9E5AA7DDA27C06 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
19:45:11.0872 6128 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
19:45:11.0874 6128 [ FBC5059D3020BBCC6FB9DE9930356897 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
19:45:11.0874 6128 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
19:45:11.0876 6128 [ 612D62566C617682782FCFDD27D70EAB ] C:\Windows\System32\wbem\NCProv.dll
19:45:11.0876 6128 C:\Windows\System32\wbem\NCProv.dll - ok
19:45:11.0878 6128 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:45:11.0878 6128 C:\Windows\System32\wer.dll - ok
19:45:11.0879 6128 [ 41DF7355A5A907E2C1D7804EC028965D ] C:\Windows\System32\wermgr.exe
19:45:11.0879 6128 C:\Windows\System32\wermgr.exe - ok
19:45:11.0881 6128 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:45:11.0881 6128 C:\Windows\System32\SensApi.dll - ok
19:45:11.0882 6128 [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
19:45:11.0882 6128 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
19:45:11.0884 6128 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:45:11.0884 6128 C:\Windows\System32\wdi.dll - ok
19:45:11.0886 6128 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
19:45:11.0886 6128 C:\Windows\System32\qmgr.dll - ok
19:45:11.0887 6128 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:45:11.0887 6128 C:\Windows\System32\npmproxy.dll - ok
19:45:11.0889 6128 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
19:45:11.0889 6128 C:\Windows\System32\bitsperf.dll - ok
19:45:11.0891 6128 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:45:11.0891 6128 C:\Windows\System32\appinfo.dll - ok
19:45:11.0892 6128 [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
19:45:11.0892 6128 C:\Program Files\Microsoft Security Client\NisLog.dll - ok
19:45:11.0894 6128 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:45:11.0894 6128 C:\Windows\System32\diagperf.dll - ok
19:45:11.0896 6128 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:45:11.0896 6128 C:\Windows\System32\perftrack.dll - ok
19:45:11.0897 6128 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
19:45:11.0897 6128 C:\Windows\System32\bitsigd.dll - ok
19:45:11.0899 6128 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:45:11.0899 6128 C:\Windows\System32\wpdbusenum.dll - ok
19:45:11.0901 6128 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:45:11.0901 6128 C:\Windows\System32\hidserv.dll - ok
19:45:11.0902 6128 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:45:11.0902 6128 C:\Windows\System32\upnp.dll - ok
19:45:11.0904 6128 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:45:11.0904 6128 C:\Windows\System32\Apphlpdm.dll - ok
19:45:11.0905 6128 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:45:11.0905 6128 C:\Windows\System32\PortableDeviceApi.dll - ok
19:45:11.0907 6128 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:45:11.0907 6128 C:\Windows\System32\pnpts.dll - ok
19:45:11.0909 6128 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:45:11.0909 6128 C:\Windows\System32\ssdpsrv.dll - ok
19:45:11.0910 6128 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:45:11.0910 6128 C:\Windows\System32\radardt.dll - ok
19:45:11.0912 6128 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:45:11.0912 6128 C:\Windows\System32\wdiasqmmodule.dll - ok
19:45:11.0913 6128 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:45:11.0913 6128 C:\Windows\System32\runonce.exe - ok
19:45:11.0915 6128 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:45:11.0915 6128 C:\Windows\System32\aelupsvc.dll - ok
19:45:11.0917 6128 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:45:11.0917 6128 C:\Windows\SysWOW64\runonce.exe - ok
19:45:11.0918 6128 [ 20C7F2ADAE249D6708941BC8CDD9735F ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F092CF8F-60ED-4CD7-9FA1-6539390FD605}\gapaengine.dll
19:45:11.0918 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F092CF8F-60ED-4CD7-9FA1-6539390FD605}\gapaengine.dll - ok
19:45:11.0920 6128 [ C86FB080A0A66A5D19735DD07696B4F8 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F092CF8F-60ED-4CD7-9FA1-6539390FD605}\nisfull.vdm
19:45:11.0920 6128 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{F092CF8F-60ED-4CD7-9FA1-6539390FD605}\nisfull.vdm - ok
19:45:11.0922 6128 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:45:11.0922 6128 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:45:11.0924 6128 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:45:11.0924 6128 C:\Windows\System32\dimsjob.dll - ok
19:45:11.0925 6128 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:45:11.0925 6128 C:\Windows\System32\pautoenr.dll - ok
19:45:11.0926 6128 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
19:45:11.0926 6128 C:\Program Files\Windows Defender\MpClient.dll - ok
19:45:11.0928 6128 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
19:45:11.0928 6128 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
19:45:11.0930 6128 [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
19:45:11.0930 6128 C:\Windows\System32\msxml3.dll - ok
19:45:11.0931 6128 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:45:11.0931 6128 C:\Windows\System32\certcli.dll - ok
19:45:11.0933 6128 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:45:11.0933 6128 C:\Windows\System32\CertEnroll.dll - ok
19:45:11.0935 6128 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
19:45:11.0935 6128 C:\Windows\System32\qmgrprxy.dll - ok
19:45:11.0936 6128 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
19:45:11.0936 6128 C:\Windows\SysWOW64\qmgrprxy.dll - ok
19:45:11.0938 6128 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:45:11.0938 6128 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:45:11.0940 6128 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:45:11.0940 6128 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:45:11.0941 6128 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:45:11.0941 6128 C:\Windows\SysWOW64\cmd.exe - ok
19:45:11.0943 6128 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:45:11.0943 6128 C:\Windows\SysWOW64\winbrand.dll - ok
19:45:11.0945 6128 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\George\AppData\Local\Temp\16C1D841-325E-4A04-89DC-EA28225F2A2F.exe
19:45:11.0945 6128 C:\Users\George\AppData\Local\Temp\16C1D841-325E-4A04-89DC-EA28225F2A2F.exe - ok
19:45:11.0946 6128 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:45:11.0946 6128 C:\Windows\SysWOW64\credssp.dll - ok
19:45:11.0948 6128 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:45:11.0948 6128 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:45:11.0950 6128 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:45:11.0950 6128 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:45:11.0951 6128 [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:45:11.0951 6128 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:45:11.0953 6128 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:45:11.0953 6128 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:45:11.0954 6128 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:45:11.0954 6128 C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:45:11.0956 6128 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:45:11.0956 6128 C:\Windows\SysWOW64\ntshrui.dll - ok
19:45:11.0958 6128 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:45:11.0958 6128 C:\Windows\SysWOW64\slc.dll - ok
19:45:11.0959 6128 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:45:11.0959 6128 C:\Windows\SysWOW64\imageres.dll - ok
19:45:11.0961 6128 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:45:11.0961 6128 C:\Windows\System32\timedate.cpl - ok
19:45:11.0963 6128 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:45:11.0963 6128 C:\Windows\System32\actxprxy.dll - ok
19:45:11.0964 6128 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:45:11.0964 6128 C:\Windows\System32\shdocvw.dll - ok
19:45:11.0966 6128 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:45:11.0966 6128 C:\Windows\System32\linkinfo.dll - ok
19:45:11.0968 6128 [ 9ACF1186723B06790107B9F960E7F17A ] C:\PROGRA~2\CYBERL~1\POWERP~1\MUITRA~1\PPENVRes.dll
19:45:11.0968 6128 C:\PROGRA~2\CYBERL~1\POWERP~1\MUITRA~1\PPENVRes.dll - ok
19:45:11.0969 6128 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:45:11.0969 6128 C:\Windows\System32\msftedit.dll - ok
19:45:11.0971 6128 [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
19:45:11.0971 6128 C:\Windows\System32\msls31.dll - ok
19:45:11.0973 6128 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:45:11.0973 6128 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:45:11.0974 6128 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:45:11.0974 6128 C:\Windows\System32\DeviceCenter.dll - ok
19:45:11.0976 6128 [ AF04B6DDF123991C625472494BC1221C ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:45:11.0976 6128 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
19:45:11.0978 6128 [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
19:45:11.0978 6128 C:\Program Files\Microsoft Security Client\msseces.exe - ok
19:45:11.0979 6128 [ 4C8942B8721813E5C8874D47112DCF73 ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
19:45:11.0979 6128 C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe - ok
19:45:11.0981 6128 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
19:45:11.0981 6128 C:\Program Files\Windows Sidebar\sidebar.exe - ok
19:45:11.0983 6128 [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
19:45:11.0983 6128 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
19:45:11.0985 6128 [ FA8F08013422A4EB68072668B3A73293 ] C:\Program Files\TrueCrypt\TrueCrypt.exe
19:45:11.0985 6128 C:\Program Files\TrueCrypt\TrueCrypt.exe - ok
19:45:11.0986 6128 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:45:11.0986 6128 C:\Windows\System32\thumbcache.dll - ok
19:45:11.0988 6128 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:45:11.0988 6128 C:\Windows\System32\networkexplorer.dll - ok
19:45:11.0990 6128 [ 572024F59132BC3A2AC5E60A6C48D31E ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
19:45:11.0990 6128 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
19:45:11.0991 6128 [ D069BE6BD1DAAF53C55E9C78FDCE712B ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
19:45:11.0991 6128 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
19:45:11.0993 6128 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
19:45:11.0993 6128 C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
19:45:11.0995 6128 [ 99ECAF298145F950B1326656167FBFDF ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
19:45:11.0995 6128 C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe - ok
19:45:11.0996 6128 [ 90B142C67907BCC2A5D2CDFDC008BE8E ] C:\Program Files (x86)\CyberLink\Shared files\brs.exe
19:45:11.0996 6128 C:\Program Files (x86)\CyberLink\Shared files\brs.exe - ok
19:45:11.0998 6128 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:45:11.0998 6128 C:\Windows\SysWOW64\oleacc.dll - ok
19:45:12.0000 6128 [ C861657FF753F4A6FA97C7ADFF4F3347 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
19:45:12.0000 6128 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
19:45:12.0002 6128 [ 809A1EC7868924B5E92421F018587AC9 ] C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll
19:45:12.0002 6128 C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll - ok
19:45:12.0003 6128 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
19:45:12.0003 6128 C:\Windows\SysWOW64\msvcr71.dll - ok
19:45:12.0005 6128 [ 9AB3620C0A97366E1565967BD78BF64C ] C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
19:45:12.0005 6128 C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll - ok
19:45:12.0007 6128 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll
19:45:12.0007 6128 C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll - ok
19:45:12.0008 6128 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:45:12.0008 6128 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:45:12.0010 6128 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\76861880.sys
19:45:12.0010 6128 C:\Windows\System32\drivers\76861880.sys - ok
19:45:12.0012 6128 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
19:45:12.0012 6128 C:\Windows\System32\drprov.dll - ok
19:45:12.0013 6128 [ 394ECD933CD66BADF97EA85A183B9E1E ] C:\Windows\System32\mshtml.dll
19:45:12.0013 6128 C:\Windows\System32\mshtml.dll - ok
19:45:12.0015 6128 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:45:12.0015 6128 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
19:45:12.0017 6128 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:45:12.0017 6128 C:\Windows\SysWOW64\riched20.dll - ok
19:45:12.0018 6128 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
19:45:12.0018 6128 C:\Windows\System32\ntlanman.dll - ok
19:45:12.0020 6128 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:45:12.0020 6128 C:\Windows\SysWOW64\mscoree.dll - ok
19:45:12.0022 6128 [ 46DA8E7484AC7A52CE1D6E428398724B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
19:45:12.0022 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
19:45:12.0024 6128 [ 11EFB7A1ED0A4432EF4BACF3FAB37881 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
19:45:12.0024 6128 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
19:45:12.0025 6128 [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
19:45:12.0025 6128 C:\Windows\System32\gameux.dll - ok
19:45:12.0027 6128 [ 8E2A7F1F62467A7DCB8AB2C0642F47CA ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
19:45:12.0027 6128 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
19:45:12.0029 6128 [ AB22BFF47D0C26749E4951680F64349C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:45:12.0029 6128 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:45:12.0030 6128 [ 5082BC510FAD849630D09DA626BB7CDA ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
19:45:12.0030 6128 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
19:45:12.0032 6128 [ 8DDA2B606279753601F9415DA503CA63 ] C:\Program Files (x86)\QuickTime\QTTask.exe
19:45:12.0032 6128 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
19:45:12.0034 6128 [ 7DA4F72284D2C927927DFC0E12AFAB85 ] C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
19:45:12.0034 6128 C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll - ok
19:45:12.0035 6128 [ AFEEAFD7CF8ED6958A81ACC304C17B7D ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
19:45:12.0035 6128 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
19:45:12.0037 6128 [ BE643CD44DD06DA283634A3E51DC22BC ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
19:45:12.0037 6128 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
19:45:12.0039 6128 [ 3F533D75631178A880AEFFDF117213BE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
19:45:12.0039 6128 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
19:45:12.0041 6128 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
19:45:12.0041 6128 C:\Windows\System32\dsound.dll - ok
19:45:12.0042 6128 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
19:45:12.0042 6128 C:\Windows\SysWOW64\wmp.dll - ok
19:45:12.0044 6128 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
19:45:12.0044 6128 C:\Windows\System32\davclnt.dll - ok
19:45:12.0045 6128 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
19:45:12.0045 6128 C:\Windows\System32\davhlpr.dll - ok
19:45:12.0047 6128 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
19:45:12.0047 6128 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
19:45:12.0048 6128 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:45:12.0048 6128 C:\Windows\System32\AudioSes.dll - ok
19:45:12.0050 6128 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:45:12.0050 6128 C:\Windows\System32\msiltcfg.dll - ok
19:45:12.0052 6128 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
19:45:12.0052 6128 C:\Windows\System32\msi.dll - ok
19:45:12.0053 6128 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
19:45:12.0053 6128 C:\Windows\System32\RtkCfg64.dll - ok
19:45:12.0055 6128 [ C2FF17734176CD15221C10044EF0BA1A ] C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
19:45:12.0055 6128 C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe - ok
19:45:12.0056 6128 [ BC34B8831FAE17E5E7BD8318EDDC90BB ] C:\Windows\System32\RtkAPO64.dll
19:45:12.0056 6128 C:\Windows\System32\RtkAPO64.dll - ok
19:45:12.0058 6128 [ D02F845EF350910B3424AD15BBB68E83 ] C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
19:45:12.0058 6128 C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll - ok
19:45:12.0060 6128 [ 12DBA51A6D1126E88F78D79AE0F7600F ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
19:45:12.0060 6128 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
19:45:12.0062 6128 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
19:45:12.0062 6128 C:\Windows\SysWOW64\wmploc.DLL - ok
19:45:12.0063 6128 [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
19:45:12.0063 6128 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
19:45:12.0065 6128 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
19:45:12.0065 6128 C:\Windows\SysWOW64\mscms.dll - ok
19:45:12.0067 6128 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
19:45:12.0067 6128 C:\Windows\System32\msimtf.dll - ok
19:45:12.0068 6128 [ 37CF3324F46CEB3A4F2686C617CBB35C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
19:45:12.0068 6128 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
19:45:12.0070 6128 [ 5A9C220B97F3D6329CA7510B6A108CE3 ] C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll
19:45:12.0070 6128 C:\Program Files (x86)\Common Files\LightScribe\LSCAPI.dll - ok
19:45:12.0072 6128 [ DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15 ] C:\Windows\System32\jscript9.dll
19:45:12.0072 6128 C:\Windows\System32\jscript9.dll - ok
19:45:12.0073 6128 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2 ] C:\Windows\SysWOW64\sti.dll
19:45:12.0073 6128 C:\Windows\SysWOW64\sti.dll - ok
19:45:12.0075 6128 [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
19:45:12.0075 6128 C:\Windows\SysWOW64\icm32.dll - ok
19:45:12.0077 6128 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
19:45:12.0077 6128 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
19:45:12.0078 6128 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:45:12.0078 6128 C:\Windows\SysWOW64\winsta.dll - ok
19:45:12.0080 6128 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] C:\Program Files\iPod\bin\iPodService.exe
19:45:12.0080 6128 C:\Program Files\iPod\bin\iPodService.exe - ok
19:45:12.0082 6128 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:45:12.0082 6128 C:\Windows\System32\AudioEng.dll - ok
19:45:12.0083 6128 [ 1105A14047A0D99C2770601EB61FBF5C ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
19:45:12.0083 6128 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
19:45:12.0085 6128 [ B4E69051E313551F894C74B12042485D ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
19:45:12.0085 6128 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
19:45:12.0087 6128 [ 7E8A672B7B06A6EB11960C22E0360C59 ] C:\Windows\System32\d2d1.dll
19:45:12.0087 6128 C:\Windows\System32\d2d1.dll - ok
19:45:12.0088 6128 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:45:12.0088 6128 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:45:12.0090 6128 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:45:12.0090 6128 C:\Windows\SysWOW64\duser.dll - ok
19:45:12.0092 6128 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:45:12.0092 6128 C:\Windows\SysWOW64\dui70.dll - ok
19:45:12.0093 6128 [ 63BB89DED1E9104E68D33E54DE4D340D ] C:\Windows\System32\DWrite.dll
19:45:12.0093 6128 C:\Windows\System32\DWrite.dll - ok
19:45:12.0095 6128 [ C498EF41B93986BCBD483597573EB96D ] C:\Windows\System32\d3d10warp.dll
19:45:12.0095 6128 C:\Windows\System32\d3d10warp.dll - ok
19:45:12.0097 6128 [ DFC8583F77AE7CB4C03CB1C9B34F6BA8 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
19:45:12.0097 6128 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
19:45:12.0098 6128 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
19:45:12.0098 6128 C:\Windows\System32\ddraw.dll - ok
19:45:12.0100 6128 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
19:45:12.0100 6128 C:\Windows\System32\dciman32.dll - ok
19:45:12.0101 6128 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:45:12.0101 6128 C:\Windows\System32\stobject.dll - ok
19:45:12.0103 6128 [ DF870214B9551EED01CB2F5F4D892A97 ] C:\Windows\System32\nvd3dumx.dll
19:45:12.0103 6128 C:\Windows\System32\nvd3dumx.dll - ok
19:45:12.0105 6128 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:45:12.0105 6128 C:\Windows\System32\batmeter.dll - ok
19:45:12.0106 6128 [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
19:45:12.0106 6128 C:\Windows\System32\UIAnimation.dll - ok
19:45:12.0108 6128 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:45:12.0108 6128 C:\Windows\System32\prnfldr.dll - ok
19:45:12.0110 6128 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
19:45:12.0110 6128 C:\Windows\System32\fdProxy.dll - ok
19:45:12.0111 6128 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
19:45:12.0111 6128 C:\Windows\System32\rundll32.exe - ok
19:45:12.0113 6128 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:45:12.0113 6128 C:\Windows\System32\DXP.dll - ok
19:45:12.0114 6128 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:45:12.0114 6128 C:\Windows\System32\Syncreg.dll - ok
19:45:12.0116 6128 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:45:12.0116 6128 C:\Windows\ehome\ehSSO.dll - ok
19:45:12.0118 6128 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:45:12.0118 6128 C:\Windows\System32\netshell.dll - ok
19:45:12.0119 6128 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:45:12.0119 6128 C:\Windows\System32\AltTab.dll - ok
19:45:12.0121 6128 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:45:12.0121 6128 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:45:12.0123 6128 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:45:12.0123 6128 C:\Windows\System32\WPDShServiceObj.dll - ok
19:45:12.0124 6128 [ C61D476C867D215FB9CE136CE6BF0C14 ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
19:45:12.0124 6128 C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll - ok
19:45:12.0126 6128 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:45:12.0126 6128 C:\Windows\System32\SearchIndexer.exe - ok
19:45:12.0127 6128 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:45:12.0127 6128 C:\Windows\System32\pnidui.dll - ok
19:45:12.0129 6128 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:45:12.0129 6128 C:\Windows\System32\QUTIL.DLL - ok
19:45:12.0131 6128 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
19:45:12.0131 6128 C:\Windows\System32\cscobj.dll - ok
19:45:12.0132 6128 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:45:12.0132 6128 C:\Windows\System32\srchadmin.dll - ok
19:45:12.0134 6128 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:45:12.0134 6128 C:\Windows\System32\ActionCenter.dll - ok
19:45:12.0136 6128 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:45:12.0136 6128 C:\Windows\System32\tquery.dll - ok
19:45:12.0137 6128 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:45:12.0137 6128 C:\Windows\System32\mssrch.dll - ok
19:45:12.0139 6128 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:45:12.0139 6128 C:\Windows\System32\msidle.dll - ok
19:45:12.0140 6128 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:45:12.0140 6128 C:\Windows\System32\mssprxy.dll - ok
19:45:12.0142 6128 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:45:12.0142 6128 C:\Windows\System32\netman.dll - ok
19:45:12.0144 6128 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:45:12.0144 6128 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:45:12.0145 6128 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:45:12.0145 6128 C:\Windows\System32\rasdlg.dll - ok
19:45:12.0147 6128 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:45:12.0147 6128 C:\Windows\System32\mprapi.dll - ok
19:45:12.0149 6128 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:45:12.0149 6128 C:\Windows\System32\dot3api.dll - ok
19:45:12.0150 6128 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:45:12.0150 6128 C:\Windows\System32\eappcfg.dll - ok
19:45:12.0152 6128 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:45:12.0152 6128 C:\Windows\System32\wlanhlp.dll - ok
19:45:12.0153 6128 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:45:12.0153 6128 C:\Windows\System32\wlanapi.dll - ok
19:45:12.0155 6128 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:45:12.0155 6128 C:\Windows\System32\wlanutil.dll - ok
19:45:12.0157 6128 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:45:12.0157 6128 C:\Windows\System32\eappprxy.dll - ok
19:45:12.0158 6128 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:45:12.0158 6128 C:\Windows\System32\onex.dll - ok
19:45:12.0160 6128 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:45:12.0160 6128 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:45:12.0162 6128 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:45:12.0162 6128 C:\Windows\System32\WWanAPI.dll - ok
19:45:12.0163 6128 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:45:12.0163 6128 C:\Windows\System32\wwapi.dll - ok
19:45:12.0165 6128 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:45:12.0165 6128 C:\Windows\System32\QAGENT.DLL - ok
19:45:12.0166 6128 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
19:45:12.0166 6128 C:\Windows\System32\SearchProtocolHost.exe - ok
19:45:12.0168 6128 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
19:45:12.0168 6128 C:\Windows\System32\msshooks.dll - ok
19:45:12.0169 6128 [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
19:45:12.0169 6128 C:\Windows\System32\webcheck.dll - ok
19:45:12.0171 6128 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
19:45:12.0171 6128 C:\Windows\System32\SearchFilterHost.exe - ok
19:45:12.0173 6128 [ D744D5B8145C2303B19A288AF695E9AD ] C:\Windows\System32\ieframe.dll
19:45:12.0173 6128 C:\Windows\System32\ieframe.dll - ok
19:45:12.0174 6128 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:45:12.0174 6128 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:45:12.0175 6128 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
19:45:12.0175 6128 C:\Windows\System32\mscoree.dll - ok
19:45:12.0177 6128 [ E18FB695084BF2D748E977813119CE6F ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
19:45:12.0177 6128 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
19:45:12.0179 6128 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:45:12.0179 6128 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:45:12.0181 6128 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
19:45:12.0181 6128 C:\Windows\System32\mssph.dll - ok
19:45:12.0182 6128 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
19:45:12.0182 6128 C:\Windows\System32\mapi32.dll - ok
19:45:12.0184 6128 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:45:12.0184 6128 C:\Windows\System32\wsock32.dll - ok
19:45:12.0185 6128 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:45:12.0185 6128 C:\Windows\System32\wmdrmdev.dll - ok
19:45:12.0187 6128 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:45:12.0187 6128 C:\Windows\System32\drmv2clt.dll - ok
19:45:12.0188 6128 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:45:12.0188 6128 C:\Windows\System32\mfplat.dll - ok
19:45:12.0190 6128 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
19:45:12.0190 6128 C:\Windows\System32\blackbox.dll - ok
19:45:12.0192 6128 [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
19:45:12.0192 6128 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
19:45:12.0193 6128 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:45:12.0193 6128 C:\Windows\System32\mlang.dll - ok
19:45:12.0195 6128 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
19:45:12.0195 6128 C:\Windows\System32\SyncCenter.dll - ok
19:45:12.0197 6128 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:45:12.0197 6128 C:\Windows\System32\wmp.dll - ok
19:45:12.0198 6128 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:45:12.0198 6128 C:\Windows\System32\FXSST.dll - ok
19:45:12.0200 6128 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:45:12.0200 6128 C:\Windows\System32\FXSAPI.dll - ok
19:45:12.0202 6128 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:45:12.0202 6128 C:\Windows\System32\FXSRESM.dll - ok
19:45:12.0203 6128 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:45:12.0203 6128 C:\Windows\System32\imapi2.dll - ok
19:45:12.0205 6128 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:45:12.0205 6128 C:\Windows\System32\bthprops.cpl - ok
19:45:12.0206 6128 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:45:12.0206 6128 C:\Windows\System32\FXSSVC.exe - ok
19:45:12.0208 6128 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
19:45:12.0208 6128 C:\Windows\System32\hgcpl.dll - ok
19:45:12.0210 6128 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:45:12.0210 6128 C:\Windows\System32\fdPHost.dll - ok
19:45:12.0211 6128 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:45:12.0211 6128 C:\Windows\System32\FDResPub.dll - ok
19:45:12.0213 6128 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
19:45:12.0213 6128 C:\Windows\System32\fdWSD.dll - ok
19:45:12.0214 6128 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
19:45:12.0214 6128 C:\Windows\System32\fdSSDP.dll - ok
19:45:12.0216 6128 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:45:12.0216 6128 C:\Windows\System32\httpapi.dll - ok
19:45:12.0218 6128 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:45:12.0218 6128 C:\Windows\System32\wmploc.DLL - ok
19:45:12.0219 6128 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
19:45:12.0219 6128 C:\Windows\System32\ListSvc.dll - ok
19:45:12.0221 6128 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
19:45:12.0221 6128 C:\Windows\System32\P2P.dll - ok
19:45:12.0222 6128 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
19:45:12.0222 6128 C:\Windows\System32\IdListen.dll - ok
19:45:12.0224 6128 [ 41446E7545BB7B4167DE8A274CC924E3 ] C:\Program Files\Internet Explorer\ieproxy.dll
19:45:12.0224 6128 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:45:12.0226 6128 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
19:45:12.0226 6128 C:\Windows\System32\hgprint.dll - ok
19:45:12.0227 6128 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:45:12.0227 6128 C:\Windows\System32\pnrpsvc.dll - ok
19:45:12.0229 6128 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
19:45:12.0229 6128 C:\Windows\System32\p2psvc.dll - ok
19:45:12.0231 6128 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
19:45:12.0231 6128 C:\Windows\System32\P2PGraph.dll - ok
19:45:12.0232 6128 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
19:45:12.0232 6128 C:\Windows\System32\wmpps.dll - ok
19:45:12.0234 6128 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
19:45:12.0234 6128 C:\Windows\System32\wmpmde.dll - ok
19:45:12.0235 6128 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
19:45:12.0235 6128 C:\Windows\System32\WinSATAPI.dll - ok
19:45:12.0237 6128 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
19:45:12.0237 6128 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
19:45:12.0239 6128 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
19:45:12.0239 6128 C:\Windows\System32\MSMPEG2ENC.DLL - ok
19:45:12.0240 6128 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
19:45:12.0240 6128 C:\Windows\System32\devenum.dll - ok
19:45:12.0242 6128 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
19:45:12.0242 6128 C:\Windows\System32\msdmo.dll - ok
19:45:12.0244 6128 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
19:45:12.0244 6128 C:\Windows\System32\upnphost.dll - ok
19:45:12.0245 6128 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
19:45:12.0245 6128 C:\Windows\System32\wbem\wmiprov.dll - ok
19:45:12.0247 6128 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:45:12.0247 6128 C:\Windows\System32\wbemcomn.dll - ok
19:45:12.0248 6128 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
19:45:12.0248 6128 C:\Windows\System32\udhisapi.dll - ok
19:45:12.0250 6128 [ 4E9592BB2C100E571F82640E59E9ECD5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
19:45:12.0250 6128 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
19:45:12.0252 6128 [ FB063A7D64A5F67DE13EFAEA55E60FEB ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll
19:45:12.0252 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\chrome.dll - ok
19:45:12.0253 6128 [ 311DC5224497C93AE966BAC37ACE0690 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll
19:45:12.0254 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\icudt.dll - ok
19:45:12.0255 6128 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:45:12.0255 6128 C:\Windows\System32\dssenh.dll - ok
19:45:12.0257 6128 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
19:45:12.0257 6128 C:\Windows\System32\drttransport.dll - ok
19:45:12.0258 6128 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
19:45:12.0258 6128 C:\Windows\System32\drt.dll - ok
19:45:12.0260 6128 [ 5E0FAA499E0DB871486F8B0789D7845A ] C:\Windows\SysWOW64\KBDCA.DLL
19:45:12.0260 6128 C:\Windows\SysWOW64\KBDCA.DLL - ok
19:45:12.0262 6128 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
19:45:12.0262 6128 C:\Windows\SysWOW64\nlaapi.dll - ok
19:45:12.0263 6128 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
19:45:12.0263 6128 C:\Windows\SysWOW64\AudioSes.dll - ok
19:45:12.0265 6128 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
19:45:12.0265 6128 C:\Windows\SysWOW64\MMDevAPI.dll - ok
19:45:12.0266 6128 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
19:45:12.0266 6128 C:\Windows\SysWOW64\mssprxy.dll - ok
19:45:12.0268 6128 [ 5BF8E37FA1E25227480F9CD2ACA21FB6 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll
19:45:12.0268 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\d3dcompiler_46.dll - ok
19:45:12.0270 6128 [ 43C9CF6825CEA58F1815B7C3DBBB385C ] C:\Windows\SysWOW64\Wpc.dll
19:45:12.0270 6128 C:\Windows\SysWOW64\Wpc.dll - ok
19:45:12.0271 6128 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
19:45:12.0271 6128 C:\Windows\SysWOW64\wevtapi.dll - ok
19:45:12.0273 6128 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
19:45:12.0273 6128 C:\Windows\SysWOW64\samcli.dll - ok
19:45:12.0274 6128 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
19:45:12.0274 6128 C:\Windows\SysWOW64\samlib.dll - ok
19:45:12.0276 6128 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
19:45:12.0276 6128 C:\Windows\SysWOW64\msftedit.dll - ok
19:45:12.0278 6128 [ FD56467B28653F26B4D061E06C2582D3 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
19:45:12.0278 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll - ok
19:45:12.0279 6128 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
19:45:12.0279 6128 C:\Windows\SysWOW64\d3d9.dll - ok
19:45:12.0281 6128 [ 6FDF222B791EA2E12F54C320EADF28C4 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
19:45:12.0281 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll - ok
19:45:12.0283 6128 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
19:45:12.0283 6128 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
19:45:12.0284 6128 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
19:45:12.0284 6128 C:\Windows\SysWOW64\d3d8thk.dll - ok
19:45:12.0286 6128 [ 462805D756FE1C3E64713D4435F1F6F3 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
19:45:12.0286 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll - ok
19:45:12.0288 6128 [ 0C65A35375597E6D9AA1DEEAAA8FC525 ] C:\Windows\SysWOW64\nvd3dum.dll
19:45:12.0288 6128 C:\Windows\SysWOW64\nvd3dum.dll - ok
19:45:12.0290 6128 [ 934EF71F24C5C1641DB6E13E3EFF0A78 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
19:45:12.0290 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll - ok
19:45:12.0292 6128 [ 88A5FC956921F2E39EC8CA6363B11749 ] C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
19:45:12.0292 6128 C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll - ok
19:45:12.0293 6128 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
19:45:12.0293 6128 C:\Windows\SysWOW64\actxprxy.dll - ok
19:45:12.0295 6128 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
19:45:12.0295 6128 C:\Windows\SysWOW64\powrprof.dll - ok
19:45:12.0297 6128 [ 0A065FAB450E993BBF73967564608B9F ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
19:45:12.0297 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
19:45:12.0298 6128 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
19:45:12.0298 6128 C:\Windows\SysWOW64\dxva2.dll - ok
19:45:12.0300 6128 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
19:45:12.0300 6128 C:\Windows\SysWOW64\mf.dll - ok
19:45:12.0301 6128 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
19:45:12.0301 6128 C:\Windows\SysWOW64\atl.dll - ok
19:45:12.0303 6128 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
19:45:12.0303 6128 C:\Windows\SysWOW64\mfplat.dll - ok
19:45:12.0305 6128 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
19:45:12.0305 6128 C:\Windows\SysWOW64\avrt.dll - ok
19:45:12.0306 6128 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
19:45:12.0306 6128 C:\Windows\SysWOW64\ksuser.dll - ok
19:45:12.0308 6128 [ 600A65F922CCDCBB2D11467914241556 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
19:45:12.0308 6128 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
19:45:12.0309 6128 [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
19:45:12.0309 6128 C:\Windows\SysWOW64\evr.dll - ok
19:45:12.0311 6128 [ 0375D7133CDAC5FC978B53832E83A54D ] C:\Windows\SysWOW64\nvapi.dll
19:45:12.0311 6128 C:\Windows\SysWOW64\nvapi.dll - ok
19:45:12.0313 6128 [ 570A48F975661221A126FCFE3B38B7E1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
19:45:12.0313 6128 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
19:45:12.0314 6128 [ 419680FCE774976FD752EB425D91AEDF ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
19:45:12.0314 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
19:45:12.0316 6128 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:45:12.0316 6128 C:\Windows\System32\keyiso.dll - ok
19:45:12.0318 6128 [ DE5507DBA44CC5B6869205871B64A587 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll
19:45:12.0318 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin2.dll - ok
19:45:12.0319 6128 [ 2DA7883A884BE60F9EB2810F67E0E361 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll
19:45:12.0319 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin3.dll - ok
19:45:12.0321 6128 [ BB28A86CDFFFBB041C72AD9EFEAA00D0 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
19:45:12.0321 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
19:45:12.0323 6128 [ 16112E74A62381C69456566D35F9E51E ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
19:45:12.0323 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
19:45:12.0325 6128 [ BB7F5F4966E76578A3EC0D11C444C545 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
19:45:12.0325 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
19:45:12.0326 6128 [ 11EF47BE3D8A4A943E10A63870C1F2C6 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
19:45:12.0326 6128 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
19:45:12.0328 6128 [ 7E2B763CF671ADB558D5F7110889D469 ] C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
19:45:12.0328 6128 C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL - ok
19:45:12.0330 6128 [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4 ] C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
19:45:12.0330 6128 C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL - ok
19:45:12.0331 6128 [ B1BB8EDC9D83D8096EE873F04CEE600C ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
19:45:12.0331 6128 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
19:45:12.0333 6128 [ E0FF893763BA82BAABB869A351F0C455 ] C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
19:45:12.0333 6128 C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll - ok
19:45:12.0335 6128 [ C9289951167E2022D5F14CA6D63137CE ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
19:45:12.0335 6128 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll - ok
19:45:12.0337 6128 [ 08140CD8387258CA46334869311D361D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
19:45:12.0337 6128 C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll - ok
19:45:12.0339 6128 [ A5C14075B571AF1C9592595BE724D9D2 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
19:45:12.0339 6128 C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll - ok
19:45:12.0340 6128 [ 1C39BF104BA47224A2E64FDD3764683B ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
19:45:12.0340 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll - ok
19:45:12.0342 6128 [ 2223D56F0266E6548C0FC663C5AC02CB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
19:45:12.0342 6128 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - ok
19:45:12.0344 6128 [ 8F926B26917B7C322F2E7D72B10A6361 ] C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll
19:45:12.0344 6128 C:\Program Files (x86)\PACE Anti-Piracy\iLok\NPPaceILok.dll - ok
19:45:12.0346 6128 [ A843FC35574ECFD9E7A41C5505A9921B ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
19:45:12.0346 6128 C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
19:45:12.0347 6128 [ F00A0EF5835E1B96F783D617F1948704 ] C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
19:45:12.0347 6128 C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll - ok
19:45:12.0349 6128 [ F7E72D3A281F922BACEC1A71A826D4C2 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
19:45:12.0349 6128 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - ok
19:45:12.0351 6128 [ 13E9240C63604F14FD1B3A0B0F66910E ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
19:45:12.0351 6128 C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll - ok
19:45:12.0352 6128 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
19:45:12.0352 6128 C:\Windows\SysWOW64\linkinfo.dll - ok
19:45:12.0354 6128 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
19:45:12.0354 6128 C:\Windows\SysWOW64\xmllite.dll - ok
19:45:12.0356 6128 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
19:45:12.0356 6128 C:\Windows\SysWOW64\networkexplorer.dll - ok
19:45:12.0357 6128 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
19:45:12.0357 6128 C:\Windows\SysWOW64\drprov.dll - ok
19:45:12.0359 6128 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
19:45:12.0359 6128 C:\Windows\SysWOW64\ntlanman.dll - ok
19:45:12.0360 6128 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
19:45:12.0360 6128 C:\Windows\SysWOW64\davclnt.dll - ok
19:45:12.0362 6128 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
19:45:12.0362 6128 C:\Windows\SysWOW64\davhlpr.dll - ok
19:45:12.0364 6128 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
19:45:12.0364 6128 C:\Windows\SysWOW64\SearchFolder.dll - ok
19:45:12.0365 6128 ============================================================
19:45:12.0365 6128 Scan finished
19:45:12.0365 6128 ============================================================
19:45:12.0369 6120 Detected object count: 5
19:45:12.0369 6120 Actual detected object count: 5
19:46:51.0085 6120 AsusFanControlService ( UnsignedFile.Multi.Generic ) - skipped by user
19:46:51.0085 6120 AsusFanControlService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:46:51.0086 6120 digiSPTIService ( UnsignedFile.Multi.Generic ) - skipped by user
19:46:51.0086 6120 digiSPTIService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:46:51.0088 6120 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:46:51.0088 6120 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:46:51.0089 6120 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - skipped by user
19:46:51.0089 6120 PaceLicenseDServices ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:46:51.0091 6120 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
19:46:51.0091 6120 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:48:07.0679 3660 Deinitialize success



Thanks again for your help.
  • 0

#6
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi,
That all looks great to me. Now to sweep with an online virus scan and if that looks good, we can clean up the tools and be done :)

Note: You can use either Internet Explorer or Mozilla FireFox for this Scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image
You will however need to disable your current installed Anti-Virus, how to do so can be read here.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

In your next reply I would like to see:
  • ESET log

  • 0

#7
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hey Crowbar,

Here is the log from ESET. Looks like it found 2 threats?

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=10.00.9200.16521 (win8_gdr_soc_ie.130216-2100)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=58eaf283f9dfe04c83cfee64123e329a
# engine=13649
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-04-19 01:13:53
# local_time=2013-04-18 09:13:53 (-0500, Eastern Daylight Time)
# country="Canada"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 1470399 117877483 0 0
# scanned=876695
# found=2
# cleaned=0
# scan_time=9487
sh=6440CB6A5246D8D26A9769B2CC29338EAA2EFC20 ft=1 fh=cfcd1e8f25b552d0 vn="Win32/PrcView application" ac=I fn="C:\ASUSDrivers\Software\MSU\Win8\MSUSetup.exe"
sh=4966BAECEAE56635D659097F342CA75ABFEEDF96 ft=1 fh=7e33a4c6d805f160 vn="Win32/PrcView application" ac=I fn="C:\ASUSDrivers\Software\MSU\XP_Vista_Win7\MSUSetup.exe"
  • 0

#8
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi,
Sorry for the delay I have been running like crazy today -

I don't see those 2 files as being anything bad.

I would just like to see one fresh MalwareBytes scan and then I will be happy if it's clear, so...

Posted Image Please run Malwarebytes' Anti-Malware

  • Go to the Update tab and check for updates, please install any updates found.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

In your next reply I would like to see:
  • MalwareBytes log

  • 0

#9
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hey Crowbar,

Here is the Malwarebytes scan log you requested:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.19.11

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
George :: GEORGE-PC [administrator]

19/04/2013 8:22:38 PM
mbam-log-2013-04-19 (20-22-38).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 234048
Time elapsed: 2 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

#10
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Ok, since that looks good, I say your logs are clear ---

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Go to control panel
  • Select folder options (Appearance > Folder options in category view)
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


Posted Image
Do you use Java If you do not use it, you are better off uninstalling it completely. Go to your Control Panel, Uninstall a Program, then find any instance of Java in the list and click on Uninstall - do this until there are no instances of Java in the list. If you do use Java....
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version



SPRING CLEAN

Clear Restore Points

Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
Posted Image

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read these two articles:
How did I get infected in the first place ?
So how did I get infected in the first place

Keep safe :wave:
  • 0

Advertisements


#11
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Thanks a ton Crowbar! I will update if I find anything suspicious.
  • 0

#12
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hi Crowbar,

Well I was just performing a normal Malwarebytes scan yesterday and it found the same dialer again!! I quarantined and deleted it once again. I have not noticed any problems though and would not have suspected anything if it wasn't for MB finding it.

The strange thing is that I have not visited any suspicious websites or downloaded anything strange. So I am not sure why it popped up again. Could be hidden in a file somewhere?

Anyway, I performed another MB scan and came back clean and I did a Security Essentials scan, and it was clean too. I also did a Super Anti Spyware scan and it too, was clean.

Do I have anything to worry about here?

Thanks for the help once again!
  • 0

#13
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi there,
Sorry I missed your post, been swamped at work for the past 2 days.

I am a little concerned about that file coming back - could be from a compromised website you are visiting, but don't hold me to that.

Lets have a different look in there and see what that looks like. My work schedule is crazy thru the 4th, so don't give up on me if I don't respond too quickly.

Please download ComboFix from Here or Here to your Desktop.

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks
  • Also allow the installation of the recovery console

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" ComboFix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


In your next reply I would like to see:
  • Combofix log

  • 0

#14
abrazas

abrazas

    Member

  • Topic Starter
  • Member
  • PipPip
  • 10 posts
Hey Crowbar, here is the Combofix Log you requested. Thanks again:

ComboFix 13-04-29.01 - George 30/04/2013 19:11:38.1.12 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.2.1033.18.16326.13591 [GMT -4:00]
Running from: c:\users\George\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\George\AppData\Roaming\msregsvv.dll
c:\windows\msvcr71.dll
c:\windows\SysWow64\hookdll.dll
c:\windows\SysWow64\msvcsv60.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-30 )))))))))))))))))))))))))))))))
.
.
2013-04-30 23:15 . 2013-04-30 23:15 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-30 23:15 . 2013-04-30 23:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-30 23:09 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6627EE56-2C7B-43E8-9D3B-0CA5A36A2868}\mpengine.dll
2013-04-29 02:13 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-04-28 14:56 . 2013-04-28 19:54 -------- d-----w- c:\users\George\AppData\Roaming\vlc
2013-04-24 02:07 . 2013-04-24 02:07 905296 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{70B5BF01-4660-4791-9B47-EA030DEC9E78}\gapaengine.dll
2013-04-24 02:07 . 2012-10-23 11:04 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-04-23 22:49 . 2013-04-12 14:45 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-21 15:39 . 2013-04-21 15:40 -------- d-----w- c:\program files (x86)\Safari
2013-04-13 01:11 . 2013-04-27 19:39 -------- d-----w- c:\program files (x86)\Cisco Systems
2013-04-12 20:17 . 2013-04-12 20:17 -------- d-----w- c:\users\George\.thumbnails
2013-04-12 20:14 . 2013-04-12 20:14 -------- d-----w- c:\users\George\AppData\Local\fontconfig
2013-04-12 20:14 . 2013-04-13 01:08 -------- d-----w- c:\users\George\.gimp-2.8
2013-04-12 20:14 . 2013-04-12 20:14 -------- d-----w- c:\users\George\AppData\Local\gegl-0.2
2013-04-12 20:12 . 2013-04-12 20:13 -------- d-----w- c:\program files\GIMP 2
2013-04-12 19:50 . 1998-10-29 20:45 306688 ----a-w- c:\windows\IsUninst.exe
2013-04-12 14:15 . 2013-04-12 14:15 -------- d-----w- c:\programdata\Cisco Systems
2013-04-10 19:26 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 19:26 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 19:26 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 19:26 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 19:26 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 19:26 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 19:26 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-10 19:26 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\users\George\AppData\Roaming\SUPERAntiSpyware.com
2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-04-09 16:41 . 2013-04-09 16:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2013-04-07 20:34 . 2013-04-10 20:28 -------- d-----w- c:\users\George\AppData\Roaming\TrueCrypt
2013-04-05 22:38 . 2013-04-05 22:38 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2013-04-05 22:38 . 2013-04-05 22:38 -------- d-----w- c:\program files\TrueCrypt
2013-04-05 20:49 . 2013-04-05 20:49 -------- d-----w- c:\programdata\ClubSanDisk
2013-04-05 20:48 . 2013-04-05 20:48 -------- d-----w- c:\users\George\AppData\Roaming\SanDisk SecureAccess
2013-04-05 19:07 . 2013-04-05 19:07 -------- d-----w- c:\users\George\AppData\Roaming\Leadertech
2013-04-05 19:05 . 2013-04-05 19:05 -------- d-----w- c:\users\George\AppData\Roaming\East West
2013-04-05 18:59 . 2013-04-05 18:59 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2013-04-05 18:06 . 2013-04-05 19:03 -------- d-----w- c:\program files\Common Files\East West
2013-04-05 17:32 . 2013-04-05 19:03 -------- d-----w- c:\program files\EastWest
2013-04-05 17:32 . 2013-04-05 19:03 -------- d-----w- c:\program files (x86)\Common Files\East West
2013-04-05 17:32 . 2013-04-05 19:03 -------- d-----w- c:\program files (x86)\EastWest
2013-04-05 17:14 . 2013-04-05 19:03 -------- d-----w- c:\programdata\East West
2013-04-05 15:12 . 2013-04-05 15:12 -------- d-----w- c:\users\George\AppData\Local\Macromedia
2013-04-05 15:09 . 2013-04-21 16:03 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-05 15:09 . 2013-04-21 16:03 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-05 15:09 . 2013-04-05 15:09 -------- d-----w- c:\windows\system32\Macromed
2013-04-03 18:29 . 2013-04-03 18:29 -------- d-----w- c:\programdata\Brother
2013-04-03 00:11 . 2013-04-03 01:36 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2013-04-02 01:38 . 2013-04-27 22:48 -------- d-----w- c:\users\George\AppData\Local\Diagnostics
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 03:24 . 2013-03-20 08:19 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-04 18:50 . 2013-03-26 13:31 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-04-02 10:34 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-20 09:18 . 2013-03-20 09:18 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2013-03-20 09:18 . 2013-03-20 09:18 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2013-03-20 08:14 . 2013-03-20 08:14 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-20 08:14 . 2013-03-20 08:14 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-03-20 08:14 . 2013-03-20 08:14 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-03-20 08:14 . 2013-03-20 08:14 81408 ----a-w- c:\windows\system32\icardie.dll
2013-03-20 08:14 . 2013-03-20 08:14 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-03-20 08:14 . 2013-03-20 08:14 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-03-20 08:14 . 2013-03-20 08:14 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-20 08:14 . 2013-03-20 08:14 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-03-20 08:14 . 2013-03-20 08:14 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-03-20 08:14 . 2013-03-20 08:14 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-03-20 08:14 . 2013-03-20 08:14 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-03-20 08:14 . 2013-03-20 08:14 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-20 08:14 . 2013-03-20 08:14 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-03-20 08:14 . 2013-03-20 08:14 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-03-20 08:14 . 2013-03-20 08:14 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-03-20 08:14 . 2013-03-20 08:14 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-03-20 08:14 . 2013-03-20 08:14 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-03-20 08:14 . 2013-03-20 08:14 441856 ----a-w- c:\windows\system32\html.iec
2013-03-20 08:14 . 2013-03-20 08:14 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-03-20 08:14 . 2013-03-20 08:14 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-03-20 08:14 . 2013-03-20 08:14 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-03-20 08:14 . 2013-03-20 08:14 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-03-20 08:14 . 2013-03-20 08:14 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-03-20 08:14 . 2013-03-20 08:14 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-03-20 08:14 . 2013-03-20 08:14 235008 ----a-w- c:\windows\system32\url.dll
2013-03-20 08:14 . 2013-03-20 08:14 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-03-20 08:14 . 2013-03-20 08:14 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-03-20 08:14 . 2013-03-20 08:14 216064 ----a-w- c:\windows\system32\msls31.dll
2013-03-20 08:14 . 2013-03-20 08:14 197120 ----a-w- c:\windows\system32\msrating.dll
2013-03-20 08:14 . 2013-03-20 08:14 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-03-20 08:14 . 2013-03-20 08:14 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-03-20 08:14 . 2013-03-20 08:14 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-03-20 08:14 . 2013-03-20 08:14 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-03-20 08:14 . 2013-03-20 08:14 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-03-20 08:14 . 2013-03-20 08:14 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-03-20 08:14 . 2013-03-20 08:14 149504 ----a-w- c:\windows\system32\occache.dll
2013-03-20 08:14 . 2013-03-20 08:14 144896 ----a-w- c:\windows\system32\wextract.exe
2013-03-20 08:14 . 2013-03-20 08:14 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-03-20 08:14 . 2013-03-20 08:14 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-03-20 08:14 . 2013-03-20 08:14 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-03-20 08:14 . 2013-03-20 08:14 13824 ----a-w- c:\windows\system32\mshta.exe
2013-03-20 08:14 . 2013-03-20 08:14 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-03-20 08:14 . 2013-03-20 08:14 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-03-20 08:14 . 2013-03-20 08:14 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-03-20 08:14 . 2013-03-20 08:14 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-03-20 08:14 . 2013-03-20 08:14 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-03-20 08:14 . 2013-03-20 08:14 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-03-20 08:14 . 2013-03-20 08:14 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-20 08:14 . 2013-03-20 08:14 102912 ----a-w- c:\windows\system32\inseng.dll
2013-03-20 07:35 . 2013-03-20 07:35 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2013-03-20 07:35 . 2013-03-20 07:35 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2013-03-20 07:35 . 2013-03-20 07:35 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-03-20 07:33 . 2013-03-20 07:33 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-03-20 07:33 . 2013-03-20 07:33 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-03-20 07:33 . 2013-03-20 07:33 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-03-20 07:33 . 2013-03-20 07:33 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-03-20 07:33 . 2013-03-20 07:33 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-03-20 07:33 . 2013-03-20 07:33 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-03-20 07:33 . 2013-03-20 07:33 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-03-20 07:31 . 2013-03-20 07:31 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-03-20 07:31 . 2013-03-20 07:31 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-03-20 07:30 . 2013-03-20 07:30 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-03-20 07:30 . 2013-03-20 07:30 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-03-20 07:30 . 2013-03-20 07:30 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2013-03-20 07:30 . 2013-03-20 07:30 2048 ----a-w- c:\windows\system32\msxml3r.dll
2013-03-20 07:30 . 2013-03-20 07:30 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-03-20 07:30 . 2013-03-20 07:30 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-03-20 07:30 . 2013-03-20 07:30 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-03-20 07:30 . 2013-03-20 07:30 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-03-20 07:29 . 2013-03-20 07:29 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-03-20 07:29 . 2013-03-20 07:29 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-03-20 07:29 . 2013-03-20 07:29 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-03-20 07:29 . 2013-03-20 07:29 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-03-20 07:29 . 2013-03-20 07:29 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-03-20 07:29 . 2013-03-20 07:29 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-03-20 07:29 . 2013-03-20 07:29 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-03-20 07:29 . 2013-03-20 07:29 2048 ----a-w- c:\windows\system32\tzres.dll
2013-03-20 07:28 . 2013-03-20 07:28 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-03-20 07:28 . 2013-03-20 07:28 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2013-03-20 07:28 . 2013-03-20 07:28 95744 ----a-w- c:\windows\system32\synceng.dll
2013-03-20 07:28 . 2013-03-20 07:28 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2013-03-20 07:27 . 2013-03-20 07:27 715776 ----a-w- c:\windows\system32\kerberos.dll
2013-03-20 07:27 . 2013-03-20 07:27 542208 ----a-w- c:\windows\SysWow64\kerberos.dll
2013-03-20 07:26 . 2013-03-20 07:26 73216 ----a-w- c:\windows\system32\netapi32.dll
2013-03-20 07:26 . 2013-03-20 07:26 59392 ----a-w- c:\windows\system32\browcli.dll
2013-03-20 07:26 . 2013-03-20 07:26 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2013-03-20 07:26 . 2013-03-20 07:26 136704 ----a-w- c:\windows\system32\browser.dll
2013-03-20 07:26 . 2013-03-20 07:26 956928 ----a-w- c:\windows\system32\localspl.dll
2013-03-20 07:25 . 2013-03-20 07:25 14172672 ----a-w- c:\windows\system32\shell32.dll
2013-03-20 07:25 . 2013-03-20 07:25 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2013-03-20 07:25 . 2013-03-20 07:25 1133568 ----a-w- c:\windows\system32\cdosys.dll
2013-03-20 07:25 . 2013-03-20 07:25 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2013-03-20 07:25 . 2013-03-20 07:25 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2013-03-20 07:25 . 2013-03-20 07:25 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2013-03-20 07:25 . 2013-03-20 07:25 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2011-03-04 2741616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"TrueCrypt"="c:\program files\TrueCrypt\TrueCrypt.exe" [2013-04-05 1516496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2011-03-30 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2011-09-28 75048]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"DigidesignMMERefresh"="c:\program files (x86)\Digidesign\Drivers\MMERefresh.exe" [2010-06-16 77824]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2013-4-12 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
2;2 AsusFanControlService;AsusFanControlService [x]
R2 CLKMSVC10_38F51D56;CyberLink Product - 2013/03/20 05:19;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2011-04-20 241648]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-09 123856]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-04-15 3289208]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 dalwdmservice;dal service;c:\windows\system32\drivers\dalwdm.sys [2009-12-19 139792]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 gbxavs_x64;gbxavs_x64;c:\windows\system32\Drivers\gbxavs_x64.sys [2009-10-08 45136]
R3 gbxusb_x64;gbxusb_x64;c:\windows\system32\Drivers\gbxusb_x64.sys [2009-10-08 300624]
R3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;c:\windows\system32\drivers\mbx2midk.sys [2009-12-19 32400]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-03-20 1255736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2008-05-06 14464]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys [2011-09-21 25904]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
S2 DigiNet;Digidesign Ethernet Support;c:\windows\system32\DRIVERS\diginet.sys [2009-12-19 21520]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-07-27 636952]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe [2012-06-05 190824]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2012-07-23 166720]
S2 LxrSII1d;Secure II Driver;c:\windows\System32\Drivers\LxrSII1d.sys [2009-12-30 63064]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2013-01-17 6383920]
S2 PaceLicenseDServices;PACE License Services;c:\program files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2012-11-19 2928128]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-09 383264]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
S3 DGUSBAP;Service for Digidesign Mbox2 (WDM);c:\windows\system32\DRIVERS\dgmbx2.sys [2010-08-30 192528]
S3 gbxavs;Maschine Midi;c:\windows\system32\Drivers\gbxavs.sys [2011-07-07 357968]
S3 gbxusb_svc;Maschine Controller;c:\windows\system32\Drivers\gbxusb.sys [2011-07-07 68688]
S3 iLokDrvr;Usb Driver;c:\windows\system32\DRIVERS\iLokDrvr.sys [2012-11-17 24728]
S3 MBX2DFU;Digidesign Mbox 2 Firmware Updater;c:\windows\system32\DRIVERS\dgmbx2fu.sys [2010-08-30 31120]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - CLKMDRV10_38F51D56
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-03-04 16:29 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-10 12:51 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-05 16:03]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23 05:46]
.
2013-04-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23 05:46]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\
FF - ExtSQL: 2013-04-20 16:48; [email protected]; c:\users\George\AppData\Roaming\Mozilla\Firefox\Profiles\8ij29gyg.default\extensions\[email protected]
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-97124022.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Native Instruments Maschine Controller Driver - c:\programdata\{B49C92CB-1A73-4A41-A84C-5091582E7AA8}\Maschine Controller Driver Setup PC.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-30 19:16:38
ComboFix-quarantined-files.txt 2013-04-30 23:16
.
Pre-Run: 2,133,571,768,320 bytes free
Post-Run: 2,133,341,003,776 bytes free
.
- - End Of File - - 68E1B22BC0DAB31F2523EEBB2E0A42A6
  • 0

#15
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,130 posts
Hi, I've been flying all day, just letting you know. I will get into your log file during the day -

Have you seen this file come back since you ran Combofix?
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP