Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Chrome Hijacked [Closed]

Started by Morris6996 , Apr 24 2013 07:17 PM

  • This topic is locked This topic is locked

#1
Morris6996
Posted 24 April 2013 - 07:17 PM

Morris6996

    Member

  • Member
  • PipPip
  • 67 posts
I have a virus or some form of malware. I have ran a malware scan and nothing comes up. I can not reach the google chrome search engine as I am immediately redirected to a cloverleafed site with red, blue, yellow, and green colors for its symbol. I typed this once and watched it disappear when I alt+tabbed over to their site. Please help. I have dl'd OTL and ran the scan and have a report.
  • 0

Advertisements

#2
gringo_pr
Posted 24 April 2013 - 07:36 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!


  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.





I need to get some reports to get a base to start from so I need you to run these programs first.


-DeFogger-

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.


-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


-Download DDS-

  • Please download DDS from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3


    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply

information and logs

  • In your next post I need the following

  • both reports from DDS
  • report from security check
  • let me know of any problems you may have had

Gringo
  • 0

#3
Morris6996
Posted 24 April 2013 - 08:37 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
Security Check

Results of screen317's Security Check version 0.99.63
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java 7 Update 21
Adobe Flash Player 11.7.700.169
Adobe Reader 10.1.6 Adobe Reader out of Date!
Google Chrome 24.0.1312.52
Google Chrome 25.0.1364.152
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.21.2
Run by Joshua at 21:32:22 on 2013-04-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5860 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.EXE
C:\Users\Joshua\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe
C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Joshua\Downloads\OTL.exe
C:\Windows\notepad.exe
C:\Windows\notepad.exe
C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Users\Joshua\Desktop\Defogger (1).exe
C:\Users\Joshua\Desktop\SecurityCheck.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\SysWOW64\notepad.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN89365218724755364&UM=2&UP=SP44E68861-5D02-45C8-A013-D42311080A75&SSPV=TB_CIS
mStart Page = hxxp://www.yahoo.com/?ilc=8
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
uURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
mURLSearchHooks: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DownloadTerms: {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - C:\Users\Joshua\AppData\Local\DownloadTerms\temp.dat
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: SearchDonkey: {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\Program Files (x86)\SearchDonkey\IE\common.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\Joshua\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: GetSavin 5.0: {E6A0602F-2DD2-4048-A49C-DBB369BAE0B0} - C:\Users\Joshua\AppData\Local\getsavin\ie\getsavin_1366850401.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: WhiteSmoke New Toolbar: {739df940-c5ee-4bab-9d7e-270894ae687a} - C:\Program Files (x86)\WhiteSmoke_New\prxtbWhit.dll
uRun: [SearchProtect] C:\Users\Joshua\AppData\Roaming\SearchProtect\bin\cltmng.exe
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
mRun: [Conime] C:\Windows\System32\conime.exe
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
dRunOnce: [KodakHomeCenter] "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
Trusted Zone: myitlab.com
Trusted Zone: pearsoned.com
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://sslvpn.tyson.com/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\2375942554030353 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\2375942554030353D2548545 : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\2375942554832333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\2375962756030353D2548545 : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\A5978554C4 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{17C7AAA0-14C3-4DEC-B15B-3EC6C42CC660}\E4544574541425F5548545 : DHCPNameServer = 192.168.1.250
TCP: Interfaces\{72FE20F2-D41B-4944-B5AD-86E29B8C574A} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {7F9DB11C-E358-4ca6-A83D-ACC663939424} - {9999A076-A9E2-4C99-8A2B-632FC9429223}
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2010-12-15 75904]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2010-12-15 38016]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-11-8 30568]
R1 NEOFLTR_719_20893;Juniper Networks TDI Filter Driver (NEOFLTR_719_20893);C:\Windows\System32\drivers\NEOFLTR_719_20893.SYS [2012-11-21 99152]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-12-15 203264]
R2 CltMngSvc;Search Protect by Conduit Updater;C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [2013-4-11 93984]
R2 DefaultTabSearch;DefaultTabSearch;C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [2013-2-11 572928]
R2 DefaultTabUpdate;DefaultTabUpdate;C:\Users\Joshua\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [2013-4-24 107520]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
R2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-1-31 375728]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2011-9-16 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2012-3-9 72216]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-12-15 1119768]
R2 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-1-29 36720]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2010-12-15 1002848]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-12-15 38456]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2010-12-15 116752]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-15 349800]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\System32\drivers\ssadbus.sys [2011-5-13 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\System32\drivers\ssadmdfl.sys [2011-5-13 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\System32\drivers\ssadmdm.sys [2011-5-13 177640]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\System32\drivers\ssadserd.sys [2011-5-13 146920]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-11-30 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-11-30 1255736]
.
=============== Created Last 30 ================
.
2013-04-25 00:44:48 -------- d-----w- C:\Users\Joshua\AppData\Local\SwvUpdater
2013-04-25 00:43:55 -------- d-----w- C:\Program Files (x86)\Conduit
2013-04-25 00:43:54 -------- d-----w- C:\Users\Joshua\AppData\Local\Conduit
2013-04-25 00:43:54 -------- d-----w- C:\Program Files (x86)\WhiteSmoke_New
2013-04-25 00:42:40 -------- d-----w- C:\Program Files (x86)\SearchProtect
2013-04-25 00:41:59 -------- d-----w- C:\Users\Joshua\AppData\Roaming\SearchProtect
2013-04-25 00:41:59 -------- d-----w- C:\Users\Joshua\AppData\Local\CRE
2013-04-25 00:41:33 -------- d-----w- C:\Program Files (x86)\SearchDonkey
2013-04-25 00:41:17 -------- d-----w- C:\Users\Joshua\AppData\Local\DownloadTerms
2013-04-25 00:41:13 -------- d-----w- C:\Program Files (x86)\DefaultTab
2013-04-25 00:41:10 -------- d-----w- C:\Users\Joshua\AppData\Roaming\DefaultTab
2013-04-25 00:41:02 -------- d-----w- C:\Users\Joshua\AppData\Local\getsavin
2013-04-25 00:17:49 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F92AF163-059C-4D8F-A9A5-5470AF6EA704}\offreg.dll
2013-04-24 03:27:19 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-15 21:20:58 9311288 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F92AF163-059C-4D8F-A9A5-5470AF6EA704}\mpengine.dll
.
==================== Find3M ====================
.
2013-04-25 00:10:59 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-25 00:10:59 691592 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-03-12 06:10:56 282744 ------w- C:\Windows\System32\MpSigStub.exe
2013-03-08 00:02:52 861088 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-03-08 00:02:52 782240 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-02-10 01:04:31 6393120 ----a-w- C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:31 3472672 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29 877856 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:29 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-02-10 00:43:52 555808 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2013-02-09 13:25:36 3035306 ----a-w- C:\Windows\System32\nvcoproc.bin
.
============= FINISH: 21:32:31.15 ===============

Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/29/2011 4:12:16 AM
System Uptime: 4/24/2013 6:45:45 PM (3 hours ago)
.
Motherboard: FOXCONN | | 2AB1
Processor: AMD Phenom™ II X6 1045T Processor | CPU 1 | 1998/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1384 GiB total, 1279.451 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 1.638 GiB free.
E: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Realtek PCIe FE Family Controller
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2AB1103C&REV_05\4&C011167&0&0050
Manufacturer: Realtek
Name: Realtek PCIe FE Family Controller
PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2AB1103C&REV_05\4&C011167&0&0050
Service: RTL8167
.
==== System Restore Points ===================
.
RP114: 3/10/2013 3:33:44 AM - Windows Update
RP115: 3/15/2013 3:55:43 AM - Windows Update
RP116: 3/25/2013 2:38:31 PM - Scheduled Checkpoint
RP117: 4/1/2013 3:53:11 AM - Windows Update
RP118: 4/15/2013 12:35:49 PM - Scheduled Checkpoint
RP119: 4/15/2013 4:20:47 PM - Windows Update
RP120: 4/23/2013 10:25:37 PM - Installed Java 7 Update 21
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Agatha Christie - Peril at End House
aioprnt
aioscnnr
Bejeweled 2 Deluxe
Blackhawk Striker 2
Blasterball 3
Blio
Bonjour
Bounce Symphony
Build-a-lot 2
C4USelfUpdater
Cake Mania
center
Chuzzle Deluxe
Civilization III
CyberLink DVD Suite Deluxe
D3DX10
DefaultTab
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
DivX Setup
Dora's World Adventure
DownloadTerms
DVD Menu Pack for HP MediaSmart Video
Escape Rosecliff Island
essentials
Farm Frenzy
FATE
Final Drive Nitro
GetSavin
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
Heroes of Hellas 2 - Olympia
Hewlett-Packard ACLM.NET v1.2.1.1
HP Auto
HP Client Services
HP Customer Experience Enhancements
HP Game Console
HP Games
HP MediaSmart DVD
HP MediaSmart Music
HP MediaSmart Photo
HP MediaSmart SmartMenu
HP MediaSmart Video
HP MediaSmart/TouchSmart Netflix
HP MovieStore
HP Odometer
HP Setup
HP Setup Manager
HP Support Assistant
HP Support Information
HP Update
HP Vision Hardware Diagnostics
Hulu Desktop
Java 7 Update 21
Java Auto Updater
Jewel Quest Solitaire 2
Juniper Networks Secure Application Manager
Juniper Networks, Inc. Setup Client
Junk Mail filter update
Kobo
Kodak AIO Printer
KODAK AiO Software
ksDIP
LabelPrint
LeapFrog Connect
LeapFrog Leapster Explorer Plugin
LeapFrog Leapster2 Plugin
LightScribe System Software
LogMeIn
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft WSE 3.0 Runtime
Movie Theme Pack for HP MediaSmart Video
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicnotes Software Suite 1.7.2
MyITLab
MyITLab ActiveX Installer 2, 9, 8, 65535
Mystery P.I. - The London Caper
NVIDIA 3D Vision Controller Driver 314.07
NVIDIA 3D Vision Driver 314.07
NVIDIA Control Panel 314.07
NVIDIA Graphics Driver 314.07
NVIDIA HD Audio Driver 1.3.23.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
ocr
PDF Complete Special Edition
Penguins!
PhotoNow!
PictureMover
Plants vs. Zombies
PlayReady PC Runtime amd64
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
Power2Go
PowerDirector
PreReq
PressReader
PrintProjects
Ralink RT2860 Wireless LAN Card
Realtek High Definition Audio Driver
Recovery Manager
Riverpoint Writer
Rosetta Stone Ltd Services
Rosetta Stone TOTALe
RoxioNow Player
Search Protect by conduit
SearchDonkey
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
Software Version Updater
Star Wars® Knights of the Old Republic® II: The Sith Lords™
Star Wars: The Old Republic
Star Wars®: Knights of the Old Republic ™
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster Explorer Plugin)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Leapster2 Plugin)
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client for Windows x64
Virtual Families
Virtual Villagers 4 - The Tree of Life
Visual Studio 2008 x64 Redistributables
Wheel of Fortune 2
WhiteSmoke New Toolbar
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.01 (32-bit)
Zinio Reader 4
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
4/24/2013 7:44:48 PM, Error: Service Control Manager [7034] - The vToolbarUpdater13.2.0 service terminated unexpectedly. It has done this 1 time(s).
4/24/2013 7:41:13 PM, Error: Service Control Manager [7030] - The DefaultTabSearch service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
4/24/2013 6:49:16 PM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
4/24/2013 6:49:16 PM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
4/24/2013 6:46:40 PM, Error: Service Control Manager [7003] - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
.
==== End Of File ===========================


Problems:

None, other than glitchiness on the screen.
  • 0

#4
gringo_pr
Posted 24 April 2013 - 09:09 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996


These are the programs I would like you to run next, if you have any problems with these just skip it and move on to the next one.


-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
  • 0

#5
Morris6996
Posted 24 April 2013 - 09:35 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
AdwCleaner

# AdwCleaner v2.202 - Logfile created 04/24/2013 at 22:20:34
# Updated 23/04/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Joshua - JOSHUA-HP
# Boot Mode : Normal
# Running from : C:\Users\Joshua\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
File Deleted : C:\Windows\Tasks\AmiUpdXp.job
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DefaultTab
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\WhiteSmoke_New
Folder Deleted : C:\Users\Joshua\AppData\Local\Conduit
Folder Deleted : C:\Users\Joshua\AppData\Local\getsavin
Folder Deleted : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Folder Deleted : C:\Users\Joshua\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Joshua\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Joshua\AppData\LocalLow\WhiteSmoke_New
Folder Deleted : C:\Users\Joshua\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Joshua\AppData\Roaming\SearchProtect

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\WhiteSmoke_New
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289847
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\WhiteSmoke_New
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1BB8B3AE-757D-443F-B3A4-0629E709B0D9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{012D673F-1A76-4C38-B342-0BD45094CBA8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5AAAB84F-F0FC-49EB-BE83-F70B2383E1A9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{739DF940-C5EE-4BAB-9D7E-270894AE687A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WhiteSmoke_New Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [searchprotect]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{739DF940-C5EE-4BAB-9D7E-270894AE687A}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN89365218724755364&UM=2&UP=SP44E68861-5D02-45C8-A013-D42311080A75&SSPV=TB_CIS --> hxxp://www.google.com

-\\ Google Chrome v25.0.1364.152

File : C:\Users\Joshua\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted [l.22] : icon_url = "hxxp://search.conduit.com/fav.ico",
Deleted [l.25] : keyword = "search.conduit.com",
Deleted [l.28] : search_url = "hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN28[...]
Deleted [l.29] : suggest_url = "hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}&CUI=U[...]

*************************

AdwCleaner[R1].txt - [927 octets] - [06/01/2013 13:58:51]
AdwCleaner[R2].txt - [6549 octets] - [24/04/2013 22:19:25]
AdwCleaner[S2].txt - [993 octets] - [06/01/2013 13:59:16]
AdwCleaner[S3].txt - [428 octets] - [24/04/2013 22:19:41]
AdwCleaner[S4].txt - [6592 octets] - [24/04/2013 22:20:34]

########## EOF - C:\AdwCleaner[S4].txt - [6652 octets] ##########


RKreport

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo...13-roguekiller/
Website : http://tigzy.geeksto...roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Joshua [Admin rights]
Mode : Remove -- Date : 04/24/2013 22:31:51
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD15 EARS-60MVWB0 SATA Disk Device +++++
--- User ---
[MBR] 9bf86a536c55a0cf1b83709cd458567a
[BSP] 731322ee4fa001dc3112521842b1b627 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 1417070 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2902366208 | Size: 13627 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] f3629e2005bf9d0486d4eda975530743
[BSP] 3770be5d673e0dbaf15a2cbdb436f4a1 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 264071168 | Size: 300 Mo

+++++ PhysicalDrive1: Generic- SD/MMC USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive2: Generic- Compact Flash USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive3: Generic- SM/xD-Picture USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive4: Generic- MS/MS-Pro USB Device +++++
Error reading User MBR!
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[3]_D_04242013_02d2231.txt >>
RKreport[1]_S_04242013_02d2230.txt ; RKreport[2]_D_04242013_02d2231.txt ; RKreport[3]_D_04242013_02d2231.txt



Problems:

System running slow.
  • 0

#6
gringo_pr
Posted 24 April 2013 - 09:37 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#7
Morris6996
Posted 24 April 2013 - 10:10 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
The system won't let me download the program. Malicious Software - only option is discard.
  • 0

#8
gringo_pr
Posted 24 April 2013 - 10:17 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
do you have another computer that you can use to download it?


gringo
  • 0

#9
Morris6996
Posted 25 April 2013 - 08:06 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
ComboFix 13-04-25.01 - Joshua 04/25/2013 20:51:55.3.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.6572 [GMT -5:00]
Running from: c:\users\Joshua\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Joshua\AppData\Local\DownloadTerms\teMP.dat
.
.
((((((((((((((((((((((((( Files Created from 2013-03-26 to 2013-04-26 )))))))))))))))))))))))))))))))
.
.
2013-04-26 01:59 . 2013-04-26 01:59 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-26 01:59 . 2013-04-26 01:59 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-26 01:59 . 2013-04-26 01:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-25 09:33 . 2013-04-25 09:33 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\offreg.dll
2013-04-25 09:33 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpengine.dll
2013-04-25 00:41 . 2013-04-25 00:41 -------- d-----w- c:\users\Joshua\AppData\Local\CRE
2013-04-25 00:41 . 2013-04-25 00:41 -------- d-----w- c:\program files (x86)\SearchDonkey
2013-04-25 00:41 . 2013-04-26 01:58 -------- d-----w- c:\users\Joshua\AppData\Local\DownloadTerms
2013-04-24 03:28 . 2013-04-24 03:28 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-24 03:27 . 2013-04-04 10:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-25 00:10 . 2012-04-01 04:31 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-25 00:10 . 2011-12-14 05:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-03-12 06:10 . 2011-11-29 10:56 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-08 00:02 . 2012-11-01 22:44 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-03-08 00:02 . 2012-01-31 09:09 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-10 03:25 . 2013-02-20 02:41 963776 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-10 03:25 . 2013-02-20 02:41 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-02-20 02:41 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-02-20 02:41 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-02-20 02:41 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-02-20 02:41 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-02-20 02:41 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-02-20 02:41 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-02-20 02:41 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-02-20 02:41 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-02-20 02:41 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-10 03:25 . 2013-02-20 02:41 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-20 02:41 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-02-20 02:41 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-10 03:25 . 2013-02-20 02:41 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-20 02:41 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-20 02:41 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2013-02-20 02:41 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 03:25 . 2013-02-20 02:41 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-02-20 02:41 12862400 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 03:25 . 2013-02-20 02:41 11040544 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2012-03-31 09:43 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-10 03:25 . 2011-11-29 10:22 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2011-11-29 10:22 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2011-05-21 12:01 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 01:04 . 2011-11-29 10:17 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2011-11-29 10:17 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2011-11-29 10:17 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2011-11-29 10:17 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2011-11-29 10:17 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 00:43 . 2013-02-10 00:43 555808 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-02-09 13:25 . 2012-03-31 09:44 3035306 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}]
2013-03-08 21:13 392328 ----a-w- c:\program files (x86)\SearchDonkey\IE\common.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"Conime"="c:\windows\system32\conime.exe" [BU]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-30 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 NEOFLTR_719_20893;Juniper Networks TDI Filter Driver (NEOFLTR_719_20893);c:\windows\system32\Drivers\NEOFLTR_719_20893.SYS [2012-05-05 99152]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-10 375728]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-10 383264]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-01-29 36720]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 17:45]
.
2013-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 17:45]
.
2013-04-10 c:\windows\Tasks\HPCeeScheduleForJOSHUA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-04-24 c:\windows\Tasks\HPCeeScheduleForJoshua.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
mStart Page = hxxp://www.yahoo.com/?ilc=8
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: myitlab.com
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: researchnavigator.com
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - c:\users\Joshua\AppData\Local\DownloadTerms\temp.dat
BHO-{E6A0602F-2DD2-4048-A49C-DBB369BAE0B0} - c:\users\Joshua\AppData\Local\getsavin\ie\getsavin_1366850401.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-GetSavin - c:\users\Joshua\AppData\Local\getsavin\uninst.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-25 21:00:31
ComboFix-quarantined-files.txt 2013-04-26 02:00
ComboFix2.txt 2012-11-26 00:51
ComboFix3.txt 2012-11-24 00:39
.
Pre-Run: 1,373,810,143,232 bytes free
Post-Run: 1,373,924,413,440 bytes free
.
- - End Of File - - 0314129E88FCC15264283DCF8ACA1A59

Problems:
First run of program was unsuccessful, produced no report and only ran for 30 seconds. Second run was good.

Computer:
Screen is glitching but no other issues.
  • 0

#10
gringo_pr
Posted 26 April 2013 - 08:14 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996


I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

Advertisements

#11
Morris6996
Posted 27 April 2013 - 06:58 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
The MBAR download will not work. Says windows cannot find 'C:\Program Files (x86)\WinRAR\WinRAR.exe'. Make sure you typed the name correctly, and then try again. It did this twice, before I gave up.

19:38:27.0320 0324 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:38:28.0085 0324 ============================================================
19:38:28.0085 0324 Current date / time: 2013/04/27 19:38:28.0085
19:38:28.0085 0324 SystemInfo:
19:38:28.0085 0324
19:38:28.0085 0324 OS Version: 6.1.7601 ServicePack: 1.0
19:38:28.0085 0324 Product type: Workstation
19:38:28.0085 0324 ComputerName: JOSHUA-HP
19:38:28.0085 0324 UserName: Joshua
19:38:28.0085 0324 Windows directory: C:\Windows
19:38:28.0085 0324 System windows directory: C:\Windows
19:38:28.0085 0324 Running under WOW64
19:38:28.0085 0324 Processor architecture: Intel x64
19:38:28.0085 0324 Number of processors: 6
19:38:28.0085 0324 Page size: 0x1000
19:38:28.0085 0324 Boot type: Normal boot
19:38:28.0085 0324 ============================================================
19:38:29.0894 0324 BG loaded
19:38:30.0581 0324 Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:38:30.0659 0324 ============================================================
19:38:30.0659 0324 \Device\Harddisk0\DR0:
19:38:30.0674 0324 MBR partitions:
19:38:30.0674 0324 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:38:30.0674 0324 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xACFB7000
19:38:30.0674 0324 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xACFE9800, BlocksNum 0x1A9D800
19:38:30.0674 0324 ============================================================
19:38:30.0768 0324 C: <-> \Device\Harddisk0\DR0\Partition2
19:38:31.0064 0324 D: <-> \Device\Harddisk0\DR0\Partition3
19:38:31.0064 0324 ============================================================
19:38:31.0064 0324 Initialize success
19:38:31.0064 0324 ============================================================
19:39:21.0935 4160 ============================================================
19:39:21.0935 4160 Scan started
19:39:21.0935 4160 Mode: Manual; SigCheck; TDLFS;
19:39:21.0935 4160 ============================================================
19:39:23.0729 4160 ================ Scan system memory ========================
19:39:23.0729 4160 System memory - ok
19:39:23.0729 4160 ================ Scan services =============================
19:39:23.0901 4160 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:39:23.0947 4160 1394ohci - ok
19:39:24.0010 4160 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:39:24.0025 4160 ACPI - ok
19:39:24.0072 4160 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:39:24.0135 4160 AcpiPmi - ok
19:39:24.0213 4160 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:39:24.0228 4160 AdobeARMservice - ok
19:39:24.0259 4160 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:39:24.0275 4160 adp94xx - ok
19:39:24.0322 4160 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:39:24.0322 4160 adpahci - ok
19:39:24.0369 4160 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:39:24.0369 4160 adpu320 - ok
19:39:24.0400 4160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:39:24.0509 4160 AeLookupSvc - ok
19:39:24.0571 4160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:39:24.0618 4160 AFD - ok
19:39:24.0665 4160 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:39:24.0665 4160 agp440 - ok
19:39:24.0681 4160 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:39:24.0743 4160 ALG - ok
19:39:24.0743 4160 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:39:24.0759 4160 aliide - ok
19:39:24.0790 4160 [ 694B7056F66A9DFFE18836655477589A ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:39:24.0821 4160 AMD External Events Utility - ok
19:39:24.0837 4160 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:39:24.0837 4160 amdide - ok
19:39:24.0852 4160 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:39:24.0883 4160 AmdK8 - ok
19:39:25.0008 4160 [ 600C89344A1DC910E5AF3852A0BC86F4 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:39:25.0180 4160 amdkmdag - ok
19:39:25.0195 4160 [ B191851B6FBF30532470D3541A104EEF ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:39:25.0227 4160 amdkmdap - ok
19:39:25.0242 4160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:39:25.0273 4160 AmdPPM - ok
19:39:25.0320 4160 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:39:25.0336 4160 amdsata - ok
19:39:25.0351 4160 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:39:25.0367 4160 amdsbs - ok
19:39:25.0383 4160 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:39:25.0383 4160 amdxata - ok
19:39:25.0414 4160 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
19:39:25.0445 4160 amd_sata - ok
19:39:25.0445 4160 [ A2D8977623E13591B15F6370C6CC37B0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
19:39:25.0461 4160 amd_xata - ok
19:39:25.0507 4160 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:39:25.0617 4160 AppID - ok
19:39:25.0632 4160 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:39:25.0679 4160 AppIDSvc - ok
19:39:25.0741 4160 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:39:25.0773 4160 Appinfo - ok
19:39:25.0804 4160 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
19:39:25.0804 4160 arc - ok
19:39:25.0819 4160 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:39:25.0819 4160 arcsas - ok
19:39:25.0835 4160 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:39:25.0866 4160 AsyncMac - ok
19:39:25.0897 4160 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:39:25.0897 4160 atapi - ok
19:39:25.0929 4160 [ E02B26650ACC2F4901342D4A66774AD7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:39:25.0929 4160 AtiHDAudioService - ok
19:39:25.0960 4160 [ E82E61F46D1336447F4DEFF8C074F13E ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie64.sys
19:39:25.0960 4160 AtiPcie - ok
19:39:26.0022 4160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:39:26.0069 4160 AudioEndpointBuilder - ok
19:39:26.0085 4160 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:39:26.0116 4160 AudioSrv - ok
19:39:26.0287 4160 [ 6D440FF3F44CA72EDFD6176C6D6A89C0 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
19:39:26.0381 4160 AVGIDSAgent - ok
19:39:26.0475 4160 [ 371428CF0F71934CB0F2344823ADFA32 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
19:39:26.0475 4160 avgtp - ok
19:39:26.0521 4160 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:39:26.0584 4160 AxInstSV - ok
19:39:26.0599 4160 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
19:39:26.0646 4160 b06bdrv - ok
19:39:26.0662 4160 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:39:26.0693 4160 b57nd60a - ok
19:39:26.0724 4160 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:39:26.0755 4160 BDESVC - ok
19:39:26.0771 4160 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:39:26.0802 4160 Beep - ok
19:39:26.0880 4160 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:39:26.0911 4160 BFE - ok
19:39:26.0927 4160 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:39:26.0974 4160 BITS - ok
19:39:27.0005 4160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:39:27.0021 4160 blbdrive - ok
19:39:27.0099 4160 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:39:27.0114 4160 Bonjour Service - ok
19:39:27.0130 4160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:39:27.0161 4160 bowser - ok
19:39:27.0177 4160 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:39:27.0223 4160 BrFiltLo - ok
19:39:27.0239 4160 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:39:27.0255 4160 BrFiltUp - ok
19:39:27.0255 4160 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:39:27.0301 4160 BridgeMP - ok
19:39:27.0348 4160 [ 8EF0D5C41EC907751B8429162B1239ED ] Browser C:\Windows\System32\browser.dll
19:39:27.0364 4160 Browser - ok
19:39:27.0379 4160 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:39:27.0411 4160 Brserid - ok
19:39:27.0426 4160 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:39:27.0442 4160 BrSerWdm - ok
19:39:27.0457 4160 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:39:27.0473 4160 BrUsbMdm - ok
19:39:27.0473 4160 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:39:27.0473 4160 BrUsbSer - ok
19:39:27.0489 4160 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:39:27.0489 4160 BTHMODEM - ok
19:39:27.0504 4160 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:39:27.0551 4160 bthserv - ok
19:39:27.0567 4160 catchme - ok
19:39:27.0582 4160 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:39:27.0629 4160 cdfs - ok
19:39:27.0676 4160 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
19:39:27.0676 4160 cdrom - ok
19:39:27.0723 4160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:39:27.0754 4160 CertPropSvc - ok
19:39:27.0769 4160 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:39:27.0769 4160 circlass - ok
19:39:27.0816 4160 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:39:27.0816 4160 CLFS - ok
19:39:27.0879 4160 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:39:27.0894 4160 clr_optimization_v2.0.50727_32 - ok
19:39:27.0910 4160 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:39:27.0910 4160 clr_optimization_v2.0.50727_64 - ok
19:39:28.0066 4160 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:39:28.0113 4160 clr_optimization_v4.0.30319_32 - ok
19:39:28.0144 4160 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:39:28.0159 4160 clr_optimization_v4.0.30319_64 - ok
19:39:28.0159 4160 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:39:28.0175 4160 CmBatt - ok
19:39:28.0253 4160 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:39:28.0253 4160 cmdide - ok
19:39:28.0300 4160 [ C4943B6C962E4B82197542447AD599F4 ] CNG C:\Windows\system32\Drivers\cng.sys
19:39:28.0315 4160 CNG - ok
19:39:28.0331 4160 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:39:28.0331 4160 Compbatt - ok
19:39:28.0347 4160 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:39:28.0362 4160 CompositeBus - ok
19:39:28.0362 4160 COMSysApp - ok
19:39:28.0362 4160 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:39:28.0378 4160 crcdisk - ok
19:39:28.0440 4160 [ 15597883FBE9B056F276ADA3AD87D9AF ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:39:28.0471 4160 CryptSvc - ok
19:39:28.0549 4160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:39:28.0581 4160 DcomLaunch - ok
19:39:28.0596 4160 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:39:28.0627 4160 defragsvc - ok
19:39:28.0690 4160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:39:28.0721 4160 DfsC - ok
19:39:28.0783 4160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:39:28.0815 4160 Dhcp - ok
19:39:28.0830 4160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:39:28.0877 4160 discache - ok
19:39:28.0877 4160 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:39:28.0893 4160 Disk - ok
19:39:28.0908 4160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:39:28.0955 4160 Dnscache - ok
19:39:29.0017 4160 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:39:29.0049 4160 dot3svc - ok
19:39:29.0095 4160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:39:29.0142 4160 DPS - ok
19:39:29.0173 4160 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:39:29.0205 4160 drmkaud - ok
19:39:29.0267 4160 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:39:29.0283 4160 DXGKrnl - ok
19:39:29.0314 4160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:39:29.0329 4160 EapHost - ok
19:39:29.0392 4160 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
19:39:29.0485 4160 ebdrv - ok
19:39:29.0532 4160 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:39:29.0563 4160 EFS - ok
19:39:29.0626 4160 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:39:29.0657 4160 ehRecvr - ok
19:39:29.0688 4160 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:39:29.0704 4160 ehSched - ok
19:39:29.0719 4160 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:39:29.0735 4160 elxstor - ok
19:39:29.0782 4160 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:39:29.0797 4160 ErrDev - ok
19:39:29.0813 4160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:39:29.0844 4160 EventSystem - ok
19:39:29.0844 4160 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:39:29.0891 4160 exfat - ok
19:39:29.0891 4160 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:39:29.0922 4160 fastfat - ok
19:39:29.0985 4160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:39:30.0016 4160 Fax - ok
19:39:30.0016 4160 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:39:30.0016 4160 fdc - ok
19:39:30.0031 4160 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:39:30.0063 4160 fdPHost - ok
19:39:30.0063 4160 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:39:30.0094 4160 FDResPub - ok
19:39:30.0125 4160 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:39:30.0125 4160 FileInfo - ok
19:39:30.0125 4160 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:39:30.0172 4160 Filetrace - ok
19:39:30.0234 4160 [ 8669BE94F63944E4F899C3950B520241 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:39:30.0281 4160 FLEXnet Licensing Service - ok
19:39:30.0281 4160 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:39:30.0297 4160 flpydisk - ok
19:39:30.0359 4160 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:39:30.0390 4160 FltMgr - ok
19:39:30.0453 4160 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:39:30.0499 4160 FontCache - ok
19:39:30.0562 4160 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:39:30.0577 4160 FontCache3.0.0.0 - ok
19:39:30.0577 4160 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:39:30.0593 4160 FsDepends - ok
19:39:30.0609 4160 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:39:30.0624 4160 Fs_Rec - ok
19:39:30.0655 4160 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:39:30.0702 4160 fvevol - ok
19:39:30.0718 4160 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:39:30.0718 4160 gagp30kx - ok
19:39:30.0796 4160 [ D154305DE6090E6E84E525F84BB08A06 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
19:39:30.0827 4160 GameConsoleService - ok
19:39:30.0874 4160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:39:30.0921 4160 gpsvc - ok
19:39:31.0030 4160 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:31.0045 4160 gupdate - ok
19:39:31.0045 4160 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:31.0045 4160 gupdatem - ok
19:39:31.0061 4160 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:39:31.0092 4160 hcw85cir - ok
19:39:31.0155 4160 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:39:31.0170 4160 HdAudAddService - ok
19:39:31.0201 4160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:39:31.0233 4160 HDAudBus - ok
19:39:31.0248 4160 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:39:31.0264 4160 HidBatt - ok
19:39:31.0264 4160 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:39:31.0279 4160 HidBth - ok
19:39:31.0295 4160 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:39:31.0311 4160 HidIr - ok
19:39:31.0342 4160 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:39:31.0373 4160 hidserv - ok
19:39:31.0435 4160 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:39:31.0451 4160 HidUsb - ok
19:39:31.0498 4160 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:39:31.0545 4160 hkmsvc - ok
19:39:31.0607 4160 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:39:31.0638 4160 HomeGroupListener - ok
19:39:31.0654 4160 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:39:31.0669 4160 HomeGroupProvider - ok
19:39:31.0779 4160 [ BB1FC298BE53AAB1E110F6E786BD8AC5 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
19:39:31.0794 4160 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
19:39:31.0794 4160 HP Support Assistant Service - detected UnsignedFile.Multi.Generic (1)
19:39:31.0857 4160 [ 3DC11A802353401332D49C3CBFBBE5FC ] HPClientSvc C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:39:31.0888 4160 HPClientSvc - ok
19:39:31.0997 4160 [ 9B7EDD3FE7C211C36E921D34D18A3A0A ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
19:39:32.0028 4160 hpqwmiex - ok
19:39:32.0044 4160 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:39:32.0044 4160 HpSAMD - ok
19:39:32.0122 4160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:39:32.0169 4160 HTTP - ok
19:39:32.0262 4160 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:39:32.0278 4160 hwpolicy - ok
19:39:32.0356 4160 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:39:32.0387 4160 i8042prt - ok
19:39:32.0403 4160 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:39:32.0418 4160 iaStorV - ok
19:39:32.0559 4160 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:39:32.0574 4160 idsvc - ok
19:39:32.0621 4160 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:39:32.0637 4160 iirsp - ok
19:39:32.0699 4160 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:39:32.0730 4160 IKEEXT - ok
19:39:32.0871 4160 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:39:32.0917 4160 IntcAzAudAddService - ok
19:39:32.0933 4160 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:39:32.0949 4160 intelide - ok
19:39:33.0073 4160 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:39:33.0105 4160 intelppm - ok
19:39:33.0136 4160 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:39:33.0214 4160 IPBusEnum - ok
19:39:33.0261 4160 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:39:33.0292 4160 IpFilterDriver - ok
19:39:33.0354 4160 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:39:33.0432 4160 iphlpsvc - ok
19:39:33.0495 4160 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:39:33.0588 4160 IPMIDRV - ok
19:39:33.0604 4160 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:39:33.0666 4160 IPNAT - ok
19:39:33.0729 4160 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:39:33.0791 4160 IRENUM - ok
19:39:33.0853 4160 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:39:33.0885 4160 isapnp - ok
19:39:33.0947 4160 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:39:33.0978 4160 iScsiPrt - ok
19:39:34.0041 4160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:39:34.0056 4160 kbdclass - ok
19:39:34.0119 4160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:39:34.0197 4160 kbdhid - ok
19:39:34.0228 4160 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:39:34.0243 4160 KeyIso - ok
19:39:34.0415 4160 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:39:34.0446 4160 Kodak AiO Network Discovery Service - ok
19:39:34.0571 4160 [ 17AFF68AB32F8671BC46612D35351099 ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:39:34.0587 4160 Kodak AiO Status Monitor Service - ok
19:39:34.0743 4160 [ DA1E991A61CFDD755A589E206B97644B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:39:34.0774 4160 KSecDD - ok
19:39:34.0821 4160 [ 7E33198D956943A4F11A5474C1E9106F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:39:34.0852 4160 KSecPkg - ok
19:39:34.0899 4160 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:39:34.0961 4160 ksthunk - ok
19:39:35.0008 4160 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:39:35.0086 4160 KtmRm - ok
19:39:35.0179 4160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:39:35.0273 4160 LanmanServer - ok
19:39:35.0382 4160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:39:35.0445 4160 LanmanWorkstation - ok
19:39:35.0913 4160 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] LeapFrog Connect Device Service C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
19:39:36.0006 4160 LeapFrog Connect Device Service - ok
19:39:36.0053 4160 [ 7550D101BF49FDB1F92666A233EE36C4 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:39:36.0084 4160 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
19:39:36.0084 4160 LightScribeService - detected UnsignedFile.Multi.Generic (1)
19:39:36.0162 4160 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:39:36.0256 4160 lltdio - ok
19:39:36.0334 4160 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:39:36.0396 4160 lltdsvc - ok
19:39:36.0427 4160 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:39:36.0459 4160 lmhosts - ok
19:39:36.0599 4160 [ 7109163D8027076D2680CFC4E80E2A28 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
19:39:36.0630 4160 LMIGuardianSvc - ok
19:39:36.0755 4160 [ 0317335B15FF3BDA8E10197E3434CFC0 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
19:39:36.0771 4160 LMIInfo - ok
19:39:36.0802 4160 [ 8054CE1FC8B417691960D00F931516A7 ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
19:39:36.0817 4160 LMIMaint - ok
19:39:36.0864 4160 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
19:39:36.0880 4160 lmimirr - ok
19:39:36.0911 4160 LMIRfsClientNP - ok
19:39:36.0973 4160 [ C57D3FAA50E6F395759FFB7C709BD944 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
19:39:37.0005 4160 LMIRfsDriver - ok
19:39:37.0161 4160 [ D3760BC17E1755091B7120CF32DBF56B ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
19:39:37.0192 4160 LogMeIn - ok
19:39:37.0207 4160 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:39:37.0239 4160 LSI_FC - ok
19:39:37.0270 4160 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:39:37.0270 4160 LSI_SAS - ok
19:39:37.0285 4160 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:39:37.0301 4160 LSI_SAS2 - ok
19:39:37.0301 4160 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:39:37.0301 4160 LSI_SCSI - ok
19:39:37.0332 4160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:39:37.0363 4160 luafv - ok
19:39:37.0395 4160 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
19:39:37.0410 4160 mcdbus - ok
19:39:37.0597 4160 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:39:37.0675 4160 Mcx2Svc - ok
19:39:37.0675 4160 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:39:37.0691 4160 megasas - ok
19:39:37.0707 4160 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:39:37.0722 4160 MegaSR - ok
19:39:37.0800 4160 Microsoft SharePoint Workspace Audit Service - ok
19:39:37.0831 4160 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:39:37.0878 4160 MMCSS - ok
19:39:37.0894 4160 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:39:37.0925 4160 Modem - ok
19:39:37.0972 4160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:39:38.0003 4160 monitor - ok
19:39:38.0065 4160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:39:38.0081 4160 mouclass - ok
19:39:38.0128 4160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:39:38.0159 4160 mouhid - ok
19:39:38.0221 4160 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:39:38.0237 4160 mountmgr - ok
19:39:38.0299 4160 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:39:38.0299 4160 mpio - ok
19:39:38.0331 4160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:39:38.0362 4160 mpsdrv - ok
19:39:38.0440 4160 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:39:38.0471 4160 MpsSvc - ok
19:39:38.0502 4160 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:39:38.0518 4160 MRxDAV - ok
19:39:38.0549 4160 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:39:38.0596 4160 mrxsmb - ok
19:39:38.0611 4160 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:39:38.0643 4160 mrxsmb10 - ok
19:39:38.0658 4160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:39:38.0674 4160 mrxsmb20 - ok
19:39:38.0689 4160 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:39:38.0721 4160 msahci - ok
19:39:38.0877 4160 [ A592A054D78750B4D73ABAA4C94DECDF ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:39:38.0892 4160 MSCamSvc - ok
19:39:38.0923 4160 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:39:38.0939 4160 msdsm - ok
19:39:38.0955 4160 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:39:38.0970 4160 MSDTC - ok
19:39:38.0986 4160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:39:39.0033 4160 Msfs - ok
19:39:39.0048 4160 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:39:39.0079 4160 mshidkmdf - ok
19:39:39.0157 4160 [ 55218F924E55FD2786ED40EDF4ED79C3 ] MSHUSBVideo C:\Windows\system32\Drivers\nx6000.sys
19:39:39.0173 4160 MSHUSBVideo - ok
19:39:39.0235 4160 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:39:39.0235 4160 msisadrv - ok
19:39:39.0267 4160 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:39:39.0313 4160 MSiSCSI - ok
19:39:39.0313 4160 msiserver - ok
19:39:39.0345 4160 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:39:39.0360 4160 MSKSSRV - ok
19:39:39.0391 4160 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:39:39.0423 4160 MSPCLOCK - ok
19:39:39.0423 4160 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:39:39.0454 4160 MSPQM - ok
19:39:39.0501 4160 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:39:39.0532 4160 MsRPC - ok
19:39:39.0547 4160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:39:39.0563 4160 mssmbios - ok
19:39:39.0579 4160 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:39:39.0610 4160 MSTEE - ok
19:39:39.0625 4160 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:39:39.0625 4160 MTConfig - ok
19:39:39.0657 4160 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:39:39.0657 4160 Mup - ok
19:39:39.0719 4160 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:39:39.0781 4160 napagent - ok
19:39:39.0828 4160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:39:39.0859 4160 NativeWifiP - ok
19:39:39.0906 4160 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\Windows\system32\drivers\ndis.sys
19:39:39.0922 4160 NDIS - ok
19:39:39.0953 4160 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:39:40.0000 4160 NdisCap - ok
19:39:40.0031 4160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:39:40.0078 4160 NdisTapi - ok
19:39:40.0156 4160 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:39:40.0203 4160 Ndisuio - ok
19:39:40.0265 4160 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:39:40.0312 4160 NdisWan - ok
19:39:40.0374 4160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:39:40.0421 4160 NDProxy - ok
19:39:40.0483 4160 [ 54315426DC99D7A42AD498121397FDE5 ] NEOFLTR_719_20893 C:\Windows\system32\Drivers\NEOFLTR_719_20893.SYS
19:39:40.0499 4160 NEOFLTR_719_20893 - ok
19:39:40.0530 4160 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:39:40.0577 4160 NetBIOS - ok
19:39:40.0624 4160 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:39:40.0639 4160 NetBT - ok
19:39:40.0655 4160 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:39:40.0655 4160 Netlogon - ok
19:39:40.0686 4160 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:39:40.0717 4160 Netman - ok
19:39:40.0717 4160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:39:40.0749 4160 netprofm - ok
19:39:40.0795 4160 [ 1982B291DF9833FB3ADC397EBD310A18 ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
19:39:40.0811 4160 netr28x - ok
19:39:40.0842 4160 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:39:40.0842 4160 NetTcpPortSharing - ok
19:39:40.0858 4160 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:39:40.0858 4160 nfrd960 - ok
19:39:40.0920 4160 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:39:40.0983 4160 NlaSvc - ok
19:39:40.0998 4160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:39:41.0029 4160 Npfs - ok
19:39:41.0061 4160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:39:41.0076 4160 nsi - ok
19:39:41.0092 4160 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:39:41.0107 4160 nsiproxy - ok
19:39:41.0201 4160 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:39:41.0279 4160 Ntfs - ok
19:39:41.0279 4160 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:39:41.0310 4160 Null - ok
19:39:41.0357 4160 [ B4F53BCA4C688FF47F04FA90098F896E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
19:39:41.0388 4160 NVHDA - ok
19:39:41.0607 4160 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:39:41.0731 4160 nvlddmkm - ok
19:39:41.0778 4160 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:39:41.0809 4160 nvraid - ok
19:39:41.0856 4160 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:39:41.0872 4160 nvstor - ok
19:39:41.0919 4160 [ 574087EA9105F23FB522A4FDDD5292D9 ] nvsvc C:\Windows\system32\nvvsvc.exe
19:39:41.0950 4160 nvsvc - ok
19:39:42.0043 4160 [ ABA5A88740635D37A2B6CEB27DBC738A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
19:39:42.0106 4160 nvUpdatusService - ok
19:39:42.0121 4160 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:39:42.0137 4160 nv_agp - ok
19:39:42.0184 4160 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:39:42.0199 4160 ohci1394 - ok
19:39:42.0277 4160 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:39:42.0293 4160 ose - ok
19:39:42.0449 4160 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:39:42.0636 4160 osppsvc - ok
19:39:42.0667 4160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:39:42.0714 4160 p2pimsvc - ok
19:39:42.0730 4160 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:39:42.0745 4160 p2psvc - ok
19:39:42.0761 4160 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:39:42.0777 4160 Parport - ok
19:39:42.0823 4160 [ 871EADAC56B0A4C6512BBE32753CCF79 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:39:42.0839 4160 partmgr - ok
19:39:42.0855 4160 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:39:42.0886 4160 PcaSvc - ok
19:39:42.0933 4160 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:39:42.0948 4160 pci - ok
19:39:42.0995 4160 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:39:43.0011 4160 pciide - ok
19:39:43.0026 4160 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:39:43.0042 4160 pcmcia - ok
19:39:43.0057 4160 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:39:43.0073 4160 pcw - ok
19:39:43.0089 4160 pdfcDispatcher - ok
19:39:43.0104 4160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:39:43.0151 4160 PEAUTH - ok
19:39:43.0229 4160 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:39:43.0245 4160 PerfHost - ok
19:39:43.0323 4160 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:39:43.0432 4160 pla - ok
19:39:43.0463 4160 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:39:43.0479 4160 PlugPlay - ok
19:39:43.0510 4160 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:39:43.0510 4160 PNRPAutoReg - ok
19:39:43.0525 4160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:39:43.0525 4160 PNRPsvc - ok
19:39:43.0588 4160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:39:43.0650 4160 PolicyAgent - ok
19:39:43.0697 4160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:39:43.0759 4160 Power - ok
19:39:43.0822 4160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:39:43.0869 4160 PptpMiniport - ok
19:39:43.0869 4160 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:39:43.0884 4160 Processor - ok
19:39:43.0915 4160 [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc C:\Windows\system32\profsvc.dll
19:39:43.0931 4160 ProfSvc - ok
19:39:43.0947 4160 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:39:43.0962 4160 ProtectedStorage - ok
19:39:44.0009 4160 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:39:44.0071 4160 Psched - ok
19:39:44.0134 4160 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:39:44.0212 4160 ql2300 - ok
19:39:44.0212 4160 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:39:44.0212 4160 ql40xx - ok
19:39:44.0243 4160 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:39:44.0274 4160 QWAVE - ok
19:39:44.0274 4160 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:39:44.0290 4160 QWAVEdrv - ok
19:39:44.0305 4160 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:39:44.0337 4160 RasAcd - ok
19:39:44.0368 4160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:39:44.0383 4160 RasAgileVpn - ok
19:39:44.0399 4160 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:39:44.0430 4160 RasAuto - ok
19:39:44.0477 4160 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:39:44.0539 4160 Rasl2tp - ok
19:39:44.0602 4160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:39:44.0649 4160 RasMan - ok
19:39:44.0664 4160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:39:44.0711 4160 RasPppoe - ok
19:39:44.0742 4160 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:39:44.0789 4160 RasSstp - ok
19:39:44.0805 4160 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:39:44.0836 4160 rdbss - ok
19:39:44.0851 4160 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:39:44.0851 4160 rdpbus - ok
19:39:44.0867 4160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:39:44.0898 4160 RDPCDD - ok
19:39:44.0929 4160 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:39:44.0976 4160 RDPENCDD - ok
19:39:44.0976 4160 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:39:45.0007 4160 RDPREFMP - ok
19:39:45.0054 4160 [ 15B66C206B5CB095BAB980553F38ED23 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:39:45.0101 4160 RDPWD - ok
19:39:45.0132 4160 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:39:45.0132 4160 rdyboost - ok
19:39:45.0179 4160 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:39:45.0226 4160 RemoteAccess - ok
19:39:45.0241 4160 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:39:45.0288 4160 RemoteRegistry - ok
19:39:45.0429 4160 [ CC465ECBC1700B2D91E152ED9165994A ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
19:39:45.0475 4160 RosettaStoneDaemon - ok
19:39:45.0538 4160 [ C1568E17039B2EC2B73A4F880DDD51E5 ] RoxioNow Service C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:39:45.0553 4160 RoxioNow Service - ok
19:39:45.0569 4160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:39:45.0647 4160 RpcEptMapper - ok
19:39:45.0663 4160 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:39:45.0663 4160 RpcLocator - ok
19:39:45.0741 4160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
19:39:45.0787 4160 RpcSs - ok
19:39:45.0803 4160 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:39:45.0819 4160 rspndr - ok
19:39:45.0850 4160 [ B15C021C2C9BB217A799D9532E8F04D4 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:39:45.0865 4160 RTL8167 - ok
19:39:45.0865 4160 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:39:45.0881 4160 SamSs - ok
19:39:45.0928 4160 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:39:45.0943 4160 sbp2port - ok
19:39:45.0959 4160 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:39:46.0006 4160 SCardSvr - ok
19:39:46.0037 4160 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:39:46.0099 4160 scfilter - ok
19:39:46.0177 4160 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:39:46.0224 4160 Schedule - ok
19:39:46.0271 4160 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:39:46.0318 4160 SCPolicySvc - ok
19:39:46.0365 4160 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:39:46.0411 4160 SDRSVC - ok
19:39:46.0443 4160 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:39:46.0489 4160 secdrv - ok
19:39:46.0521 4160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:39:46.0583 4160 seclogon - ok
19:39:46.0599 4160 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:39:46.0645 4160 SENS - ok
19:39:46.0661 4160 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:39:46.0677 4160 SensrSvc - ok
19:39:46.0708 4160 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:39:46.0723 4160 Serenum - ok
19:39:46.0739 4160 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:39:46.0755 4160 Serial - ok
19:39:46.0801 4160 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:39:46.0833 4160 sermouse - ok
19:39:46.0895 4160 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:39:46.0957 4160 SessionEnv - ok
19:39:47.0004 4160 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:39:47.0067 4160 sffdisk - ok
19:39:47.0082 4160 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:39:47.0098 4160 sffp_mmc - ok
19:39:47.0113 4160 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:39:47.0145 4160 sffp_sd - ok
19:39:47.0160 4160 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:39:47.0176 4160 sfloppy - ok
19:39:47.0223 4160 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:39:47.0316 4160 SharedAccess - ok
19:39:47.0363 4160 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:39:47.0394 4160 ShellHWDetection - ok
19:39:47.0410 4160 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:39:47.0410 4160 SiSRaid2 - ok
19:39:47.0410 4160 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:39:47.0425 4160 SiSRaid4 - ok
19:39:47.0425 4160 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:39:47.0441 4160 Smb - ok
19:39:47.0472 4160 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:39:47.0488 4160 SNMPTRAP - ok
19:39:47.0503 4160 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:39:47.0503 4160 spldr - ok
19:39:47.0566 4160 [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler C:\Windows\System32\spoolsv.exe
19:39:47.0613 4160 Spooler - ok
19:39:47.0722 4160 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:39:47.0784 4160 sppsvc - ok
19:39:47.0815 4160 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:39:47.0831 4160 sppuinotify - ok
19:39:47.0862 4160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:39:47.0893 4160 srv - ok
19:39:47.0940 4160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:39:47.0956 4160 srv2 - ok
19:39:47.0987 4160 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:39:48.0003 4160 srvnet - ok
19:39:48.0049 4160 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
19:39:48.0096 4160 ssadbus - ok
19:39:48.0174 4160 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
19:39:48.0221 4160 ssadmdfl - ok
19:39:48.0252 4160 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
19:39:48.0283 4160 ssadmdm - ok
19:39:48.0330 4160 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
19:39:48.0377 4160 ssadserd - ok
19:39:48.0393 4160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:39:48.0471 4160 SSDPSRV - ok
19:39:48.0471 4160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:39:48.0502 4160 SstpSvc - ok
19:39:48.0611 4160 [ 78216A10BF8B200890A88D8820F33F14 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:39:48.0642 4160 Stereo Service - ok
19:39:48.0642 4160 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:39:48.0642 4160 stexstor - ok
19:39:48.0720 4160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:39:48.0751 4160 stisvc - ok
19:39:48.0798 4160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:39:48.0814 4160 swenum - ok
19:39:48.0845 4160 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:39:48.0876 4160 swprv - ok
19:39:48.0970 4160 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:39:49.0048 4160 SysMain - ok
19:39:49.0095 4160 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:39:49.0126 4160 TabletInputService - ok
19:39:49.0188 4160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:39:49.0235 4160 TapiSrv - ok
19:39:49.0251 4160 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:39:49.0282 4160 TBS - ok
19:39:49.0329 4160 [ FC62769E7BFF2896035AEED399108162 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:39:49.0360 4160 Tcpip - ok
19:39:49.0375 4160 [ FC62769E7BFF2896035AEED399108162 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:39:49.0407 4160 TCPIP6 - ok
19:39:49.0453 4160 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:39:49.0531 4160 tcpipreg - ok
19:39:49.0547 4160 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:39:49.0594 4160 TDPIPE - ok
19:39:49.0594 4160 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:39:49.0609 4160 TDTCP - ok
19:39:49.0641 4160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:39:49.0672 4160 tdx - ok
19:39:49.0703 4160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:39:49.0703 4160 TermDD - ok
19:39:49.0734 4160 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:39:49.0781 4160 TermService - ok
19:39:49.0797 4160 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:39:49.0843 4160 Themes - ok
19:39:49.0843 4160 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:39:49.0875 4160 THREADORDER - ok
19:39:49.0890 4160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:39:49.0921 4160 TrkWks - ok
19:39:50.0015 4160 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:39:50.0093 4160 TrustedInstaller - ok
19:39:50.0140 4160 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:39:50.0187 4160 tssecsrv - ok
19:39:50.0233 4160 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:39:50.0265 4160 TsUsbFlt - ok
19:39:50.0343 4160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:39:50.0421 4160 tunnel - ok
19:39:50.0421 4160 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:39:50.0436 4160 uagp35 - ok
19:39:50.0483 4160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:39:50.0514 4160 udfs - ok
19:39:50.0530 4160 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:39:50.0530 4160 UI0Detect - ok
19:39:50.0545 4160 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:39:50.0561 4160 uliagpkx - ok
19:39:50.0608 4160 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
19:39:50.0623 4160 umbus - ok
19:39:50.0623 4160 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:39:50.0655 4160 UmPass - ok
19:39:50.0670 4160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:39:50.0717 4160 upnphost - ok
19:39:50.0779 4160 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:39:50.0811 4160 usbaudio - ok
19:39:50.0857 4160 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:39:50.0889 4160 usbccgp - ok
19:39:50.0920 4160 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:39:50.0951 4160 usbcir - ok
19:39:50.0967 4160 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:39:50.0967 4160 usbehci - ok
19:39:50.0998 4160 [ 2C780746DC44A28FE67004DC58173F05 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:39:50.0998 4160 usbfilter - ok
19:39:51.0060 4160 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:39:51.0076 4160 usbhub - ok
19:39:51.0123 4160 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:39:51.0138 4160 usbohci - ok
19:39:51.0154 4160 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:39:51.0185 4160 usbprint - ok
19:39:51.0232 4160 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:39:51.0279 4160 usbscan - ok
19:39:51.0294 4160 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:39:51.0310 4160 USBSTOR - ok
19:39:51.0325 4160 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:39:51.0341 4160 usbuhci - ok
19:39:51.0388 4160 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:39:51.0403 4160 usbvideo - ok
19:39:51.0419 4160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:39:51.0466 4160 UxSms - ok
19:39:51.0481 4160 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:39:51.0497 4160 VaultSvc - ok
19:39:51.0513 4160 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:39:51.0544 4160 vdrvroot - ok
19:39:51.0591 4160 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:39:51.0653 4160 vds - ok
19:39:51.0653 4160 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:39:51.0669 4160 vga - ok
19:39:51.0669 4160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:39:51.0715 4160 VgaSave - ok
19:39:51.0731 4160 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:39:51.0731 4160 vhdmp - ok
19:39:51.0762 4160 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:39:51.0762 4160 viaide - ok
19:39:51.0762 4160 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:39:51.0778 4160 volmgr - ok
19:39:51.0825 4160 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:39:51.0856 4160 volmgrx - ok
19:39:51.0871 4160 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:39:51.0887 4160 volsnap - ok
19:39:51.0887 4160 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:39:51.0903 4160 vsmraid - ok
19:39:51.0981 4160 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:39:52.0059 4160 VSS - ok
19:39:52.0059 4160 vToolbarUpdater13.2.0 - ok
19:39:52.0074 4160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:39:52.0090 4160 vwifibus - ok
19:39:52.0105 4160 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:39:52.0121 4160 vwififlt - ok
19:39:52.0137 4160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
19:39:52.0152 4160 vwifimp - ok
19:39:52.0168 4160 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:39:52.0199 4160 W32Time - ok
19:39:52.0199 4160 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:39:52.0230 4160 WacomPen - ok
19:39:52.0246 4160 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:39:52.0324 4160 WANARP - ok
19:39:52.0324 4160 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:39:52.0339 4160 Wanarpv6 - ok
19:39:52.0464 4160 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:39:52.0527 4160 WatAdminSvc - ok
19:39:52.0620 4160 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:39:52.0698 4160 wbengine - ok
19:39:52.0698 4160 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:39:52.0714 4160 WbioSrvc - ok
19:39:52.0776 4160 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:39:52.0823 4160 wcncsvc - ok
19:39:52.0839 4160 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:39:52.0854 4160 WcsPlugInService - ok
19:39:52.0870 4160 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:39:52.0885 4160 Wd - ok
19:39:52.0901 4160 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:39:52.0917 4160 Wdf01000 - ok
19:39:52.0917 4160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:39:53.0010 4160 WdiServiceHost - ok
19:39:53.0010 4160 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:39:53.0026 4160 WdiSystemHost - ok
19:39:53.0088 4160 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:39:53.0151 4160 WebClient - ok
19:39:53.0166 4160 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:39:53.0213 4160 Wecsvc - ok
19:39:53.0229 4160 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:39:53.0307 4160 wercplsupport - ok
19:39:53.0322 4160 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:39:53.0353 4160 WerSvc - ok
19:39:53.0369 4160 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:39:53.0385 4160 WfpLwf - ok
19:39:53.0385 4160 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:39:53.0400 4160 WIMMount - ok
19:39:53.0416 4160 WinDefend - ok
19:39:53.0416 4160 WinHttpAutoProxySvc - ok
19:39:53.0463 4160 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:39:53.0509 4160 Winmgmt - ok
19:39:53.0619 4160 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:39:53.0697 4160 WinRM - ok
19:39:53.0759 4160 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:39:53.0775 4160 WinUsb - ok
19:39:53.0821 4160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:39:53.0868 4160 Wlansvc - ok
19:39:53.0962 4160 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:39:54.0009 4160 wlidsvc - ok
19:39:54.0055 4160 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:39:54.0087 4160 WmiAcpi - ok
19:39:54.0102 4160 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:39:54.0133 4160 wmiApSrv - ok
19:39:54.0133 4160 WMPNetworkSvc - ok
19:39:54.0149 4160 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:39:54.0180 4160 WPCSvc - ok
19:39:54.0196 4160 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:39:54.0211 4160 WPDBusEnum - ok
19:39:54.0211 4160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:39:54.0274 4160 ws2ifsl - ok
19:39:54.0289 4160 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:39:54.0352 4160 wscsvc - ok
19:39:54.0352 4160 WSearch - ok
19:39:54.0461 4160 [ 9DF12EDBC698B0BC353B3EF84861E430 ] wuauserv C:\Windows\system32\wuaueng.dll
19:39:54.0508 4160 wuauserv - ok
19:39:54.0523 4160 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:39:54.0570 4160 WudfPf - ok
19:39:54.0617 4160 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:39:54.0679 4160 WUDFRd - ok
19:39:54.0726 4160 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:39:54.0742 4160 wudfsvc - ok
19:39:54.0773 4160 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:39:54.0789 4160 WwanSvc - ok
19:39:54.0804 4160 ================ Scan global ===============================
19:39:54.0835 4160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:39:54.0867 4160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:39:54.0882 4160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:39:54.0913 4160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:39:54.0929 4160 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:39:54.0929 4160 [Global] - ok
19:39:54.0929 4160 ================ Scan MBR ==================================
19:39:54.0960 4160 [ BAD3CB931C3BB4F93522615B11173684 ] \Device\Harddisk0\DR0
19:39:55.0257 4160 \Device\Harddisk0\DR0 - ok
19:39:55.0257 4160 ================ Scan VBR ==================================
19:39:55.0272 4160 [ 1E1834B4CFE68226A8E577D1CA74CA49 ] \Device\Harddisk0\DR0\Partition1
19:39:55.0272 4160 \Device\Harddisk0\DR0\Partition1 - ok
19:39:55.0272 4160 [ 0E43148FA848B7E6344D574385787194 ] \Device\Harddisk0\DR0\Partition2
19:39:55.0288 4160 \Device\Harddisk0\DR0\Partition2 - ok
19:39:55.0303 4160 [ 0CB1B92D2F1C69FF04FC9F5051620BA6 ] \Device\Harddisk0\DR0\Partition3
19:39:55.0303 4160 \Device\Harddisk0\DR0\Partition3 - ok
19:39:55.0303 4160 ================ Scan active images ========================
19:39:55.0303 4160 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
19:39:55.0303 4160 C:\Windows\System32\drivers\crashdmp.sys - ok
19:39:55.0319 4160 [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
19:39:55.0319 4160 C:\Windows\System32\drivers\Diskdump.sys - ok
19:39:55.0319 4160 [ 8A2B4818215D8A6FF54DC3F0D63CBB2D ] C:\Windows\System32\drivers\amd_sata.sys
19:39:55.0319 4160 C:\Windows\System32\drivers\amd_sata.sys - ok
19:39:55.0335 4160 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
19:39:55.0335 4160 C:\Windows\System32\drivers\dumpfve.sys - ok
19:39:55.0335 4160 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
19:39:55.0335 4160 C:\Windows\System32\drivers\cdrom.sys - ok
19:39:55.0335 4160 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
19:39:55.0335 4160 C:\Windows\System32\drivers\null.sys - ok
19:39:55.0335 4160 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
19:39:55.0335 4160 C:\Windows\System32\drivers\beep.sys - ok
19:39:55.0350 4160 [ 371428CF0F71934CB0F2344823ADFA32 ] C:\Windows\System32\drivers\avgtpx64.sys
19:39:55.0350 4160 C:\Windows\System32\drivers\avgtpx64.sys - ok
19:39:55.0350 4160 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
19:39:55.0350 4160 C:\Windows\System32\drivers\videoprt.sys - ok
19:39:55.0350 4160 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
19:39:55.0350 4160 C:\Windows\System32\drivers\watchdog.sys - ok
19:39:55.0350 4160 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
19:39:55.0350 4160 C:\Windows\System32\drivers\RDPCDD.sys - ok
19:39:55.0366 4160 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
19:39:55.0366 4160 C:\Windows\System32\drivers\vga.sys - ok
19:39:55.0366 4160 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
19:39:55.0366 4160 C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:39:55.0366 4160 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
19:39:55.0366 4160 C:\Windows\System32\drivers\RDPREFMP.sys - ok
19:39:55.0366 4160 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
19:39:55.0366 4160 C:\Windows\System32\drivers\msfs.sys - ok
19:39:55.0381 4160 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
19:39:55.0381 4160 C:\Windows\System32\drivers\npfs.sys - ok
19:39:55.0381 4160 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
19:39:55.0381 4160 C:\Windows\System32\drivers\tdi.sys - ok
19:39:55.0381 4160 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
19:39:55.0381 4160 C:\Windows\System32\drivers\tdx.sys - ok
19:39:55.0381 4160 [ 54315426DC99D7A42AD498121397FDE5 ] C:\Windows\System32\drivers\NEOFLTR_719_20893.SYS
19:39:55.0381 4160 C:\Windows\System32\drivers\NEOFLTR_719_20893.SYS - ok
19:39:55.0381 4160 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
19:39:55.0381 4160 C:\Windows\System32\drivers\netbt.sys - ok
19:39:55.0397 4160 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
19:39:55.0397 4160 C:\Windows\System32\drivers\afd.sys - ok
19:39:55.0397 4160 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
19:39:55.0397 4160 C:\Windows\System32\drivers\ws2ifsl.sys - ok
19:39:55.0397 4160 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
19:39:55.0397 4160 C:\Windows\System32\drivers\wfplwf.sys - ok
19:39:55.0397 4160 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
19:39:55.0397 4160 C:\Windows\System32\drivers\pacer.sys - ok
19:39:55.0397 4160 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
19:39:55.0397 4160 C:\Windows\System32\drivers\vwififlt.sys - ok
19:39:55.0413 4160 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
19:39:55.0413 4160 C:\Windows\System32\drivers\netbios.sys - ok
19:39:55.0413 4160 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
19:39:55.0413 4160 C:\Windows\System32\drivers\wanarp.sys - ok
19:39:55.0413 4160 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
19:39:55.0413 4160 C:\Windows\System32\drivers\termdd.sys - ok
19:39:55.0413 4160 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
19:39:55.0413 4160 C:\Windows\System32\drivers\rdbss.sys - ok
19:39:55.0413 4160 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
19:39:55.0413 4160 C:\Windows\System32\drivers\nsiproxy.sys - ok
19:39:55.0428 4160 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
19:39:55.0428 4160 C:\Windows\System32\drivers\discache.sys - ok
19:39:55.0428 4160 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
19:39:55.0428 4160 C:\Windows\System32\drivers\mssmbios.sys - ok
19:39:55.0428 4160 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
19:39:55.0428 4160 C:\Windows\System32\drivers\blbdrive.sys - ok
19:39:55.0428 4160 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
19:39:55.0428 4160 C:\Windows\System32\drivers\dfsc.sys - ok
19:39:55.0444 4160 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
19:39:55.0444 4160 C:\Windows\System32\drivers\tunnel.sys - ok
19:39:55.0444 4160 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
19:39:55.0444 4160 C:\Windows\System32\smss.exe - ok
19:39:55.0444 4160 [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
19:39:55.0444 4160 C:\Windows\System32\drivers\amdppm.sys - ok
19:39:55.0444 4160 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
19:39:55.0444 4160 C:\Windows\System32\ntdll.dll - ok
19:39:55.0444 4160 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
19:39:55.0444 4160 C:\Windows\System32\autochk.exe - ok
19:39:55.0459 4160 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
19:39:55.0459 4160 C:\Windows\System32\gdi32.dll - ok
19:39:55.0459 4160 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
19:39:55.0459 4160 C:\Windows\System32\rpcrt4.dll - ok
19:39:55.0459 4160 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
19:39:55.0459 4160 C:\Windows\System32\kernel32.dll - ok
19:39:55.0459 4160 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
19:39:55.0459 4160 C:\Windows\System32\nsi.dll - ok
19:39:55.0459 4160 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
19:39:55.0459 4160 C:\Windows\System32\psapi.dll - ok
19:39:55.0475 4160 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
19:39:55.0475 4160 C:\Windows\System32\ole32.dll - ok
19:39:55.0475 4160 [ 0A2F27B5BCC45B64E152DD6AE0815198 ] C:\Windows\System32\drivers\nvlddmkm.sys
19:39:55.0475 4160 C:\Windows\System32\drivers\nvlddmkm.sys - ok
19:39:55.0475 4160 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
19:39:55.0475 4160 C:\Windows\System32\lpk.dll - ok
19:39:55.0475 4160 [ 115BE147638F62321DFE754D3193099C ] C:\Windows\System32\drivers\nvBridge.kmd
19:39:55.0475 4160 C:\Windows\System32\drivers\nvBridge.kmd - ok
19:39:55.0475 4160 [ B1AC85B6ADC005CF3F9EB4E28DFDCCE6 ] C:\Windows\System32\wininet.dll
19:39:55.0475 4160 C:\Windows\System32\wininet.dll - ok
19:39:55.0491 4160 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
19:39:55.0491 4160 C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:39:55.0491 4160 [ E57A6E4941EAA298433623B20F649C8B ] C:\Windows\System32\iertutil.dll
19:39:55.0491 4160 C:\Windows\System32\iertutil.dll - ok
19:39:55.0491 4160 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
19:39:55.0491 4160 C:\Windows\System32\drivers\dxgmms1.sys - ok
19:39:55.0491 4160 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
19:39:55.0491 4160 C:\Windows\System32\drivers\hdaudbus.sys - ok
19:39:55.0491 4160 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
19:39:55.0491 4160 C:\Windows\System32\setupapi.dll - ok
19:39:55.0506 4160 [ 1982B291DF9833FB3ADC397EBD310A18 ] C:\Windows\System32\drivers\netr28x.sys
19:39:55.0506 4160 C:\Windows\System32\drivers\netr28x.sys - ok
19:39:55.0506 4160 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
19:39:55.0506 4160 C:\Windows\System32\drivers\vwifibus.sys - ok
19:39:55.0506 4160 [ 0E35B943F6583380981C69CCB97A56D2 ] C:\Windows\System32\shell32.dll
19:39:55.0506 4160 C:\Windows\System32\shell32.dll - ok
19:39:55.0506 4160 [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
19:39:55.0506 4160 C:\Windows\System32\drivers\usbohci.sys - ok
19:39:55.0506 4160 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
19:39:55.0522 4160 C:\Windows\System32\drivers\usbport.sys - ok
19:39:55.0522 4160 [ 2C780746DC44A28FE67004DC58173F05 ] C:\Windows\System32\drivers\usbfilter.sys
19:39:55.0522 4160 C:\Windows\System32\drivers\usbfilter.sys - ok
19:39:55.0522 4160 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
19:39:55.0522 4160 C:\Windows\System32\drivers\usbehci.sys - ok
19:39:55.0522 4160 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
19:39:55.0522 4160 C:\Windows\System32\drivers\wmiacpi.sys - ok
19:39:55.0522 4160 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
19:39:55.0522 4160 C:\Windows\System32\drivers\CompositeBus.sys - ok
19:39:55.0537 4160 [ 413ECDCFAD9A82804D3674C8D7EEC24E ] C:\Windows\System32\drivers\lmimirr.sys
19:39:55.0537 4160 C:\Windows\System32\drivers\lmimirr.sys - ok
19:39:55.0537 4160 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
19:39:55.0537 4160 C:\Windows\System32\drivers\agilevpn.sys - ok
19:39:55.0537 4160 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
19:39:55.0537 4160 C:\Windows\System32\drivers\rasl2tp.sys - ok
19:39:55.0537 4160 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
19:39:55.0537 4160 C:\Windows\System32\drivers\ndistapi.sys - ok
19:39:55.0537 4160 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
19:39:55.0537 4160 C:\Windows\System32\drivers\ndiswan.sys - ok
19:39:55.0553 4160 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
19:39:55.0553 4160 C:\Windows\System32\drivers\raspppoe.sys - ok
19:39:55.0553 4160 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
19:39:55.0553 4160 C:\Windows\System32\drivers\raspptp.sys - ok
19:39:55.0553 4160 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
19:39:55.0553 4160 C:\Windows\System32\drivers\rassstp.sys - ok
19:39:55.0553 4160 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
19:39:55.0553 4160 C:\Windows\System32\drivers\kbdclass.sys - ok
19:39:55.0569 4160 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
19:39:55.0569 4160 C:\Windows\System32\drivers\mouclass.sys - ok
19:39:55.0569 4160 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] C:\Windows\System32\drivers\mcdbus.sys
19:39:55.0569 4160 C:\Windows\System32\drivers\mcdbus.sys - ok
19:39:55.0569 4160 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
19:39:55.0569 4160 C:\Windows\System32\drivers\scsiport.sys - ok
19:39:55.0569 4160 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
19:39:55.0569 4160 C:\Windows\System32\drivers\ks.sys - ok
19:39:55.0569 4160 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
19:39:55.0569 4160 C:\Windows\System32\drivers\swenum.sys - ok
19:39:55.0584 4160 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
19:39:55.0584 4160 C:\Windows\System32\drivers\umbus.sys - ok
19:39:55.0584 4160 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
19:39:55.0584 4160 C:\Windows\System32\user32.dll - ok
19:39:55.0584 4160 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
19:39:55.0584 4160 C:\Windows\System32\advapi32.dll - ok
19:39:55.0584 4160 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
19:39:55.0584 4160 C:\Windows\System32\msvcrt.dll - ok
19:39:55.0584 4160 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
19:39:55.0584 4160 C:\Windows\System32\comdlg32.dll - ok
19:39:55.0600 4160 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
19:39:55.0600 4160 C:\Windows\System32\difxapi.dll - ok
19:39:55.0600 4160 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
19:39:55.0600 4160 C:\Windows\System32\Wldap32.dll - ok
19:39:55.0600 4160 [ DA90E416739ACEE896FE0A411BEEFC9C ] C:\Windows\System32\urlmon.dll
19:39:55.0600 4160 C:\Windows\System32\urlmon.dll - ok
19:39:55.0600 4160 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
19:39:55.0600 4160 C:\Windows\System32\oleaut32.dll - ok
19:39:55.0600 4160 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
19:39:55.0600 4160 C:\Windows\System32\shlwapi.dll - ok
19:39:55.0615 4160 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
19:39:55.0615 4160 C:\Windows\System32\normaliz.dll - ok
19:39:55.0615 4160 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
19:39:55.0615 4160 C:\Windows\System32\ws2_32.dll - ok
19:39:55.0615 4160 [ B8509DCFCFD577F568BE4026BFD982C0 ] C:\Windows\System32\imagehlp.dll
19:39:55.0615 4160 C:\Windows\System32\imagehlp.dll - ok
19:39:55.0615 4160 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
19:39:55.0615 4160 C:\Windows\System32\msctf.dll - ok
19:39:55.0615 4160 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
19:39:55.0615 4160 C:\Windows\System32\imm32.dll - ok
19:39:55.0631 4160 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
19:39:55.0631 4160 C:\Windows\System32\usp10.dll - ok
19:39:55.0631 4160 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
19:39:55.0631 4160 C:\Windows\System32\sechost.dll - ok
19:39:55.0631 4160 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
19:39:55.0631 4160 C:\Windows\System32\clbcatq.dll - ok
19:39:55.0631 4160 [ EB3F9C2DE1236B5D46B2291D82970E43 ] C:\Windows\System32\wintrust.dll
19:39:55.0631 4160 C:\Windows\System32\wintrust.dll - ok
19:39:55.0631 4160 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
19:39:55.0631 4160 C:\Windows\System32\devobj.dll - ok
19:39:55.0647 4160 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
19:39:55.0647 4160 C:\Windows\System32\comctl32.dll - ok
19:39:55.0647 4160 [ 3F9F2AFA135F0663946A006DD5FFD897 ] C:\Windows\System32\crypt32.dll
19:39:55.0647 4160 C:\Windows\System32\crypt32.dll - ok
19:39:55.0647 4160 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
19:39:55.0647 4160 C:\Windows\System32\cfgmgr32.dll - ok
19:39:55.0647 4160 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
19:39:55.0647 4160 C:\Windows\System32\KernelBase.dll - ok
19:39:55.0647 4160 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
19:39:55.0647 4160 C:\Windows\System32\msasn1.dll - ok
19:39:55.0662 4160 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
19:39:55.0662 4160 C:\Windows\System32\drivers\usbhub.sys - ok
19:39:55.0662 4160 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
19:39:55.0662 4160 C:\Windows\SysWOW64\normaliz.dll - ok
19:39:55.0662 4160 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
19:39:55.0662 4160 C:\Windows\System32\drivers\ndproxy.sys - ok
19:39:55.0662 4160 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
19:39:55.0662 4160 C:\Windows\System32\drivers\drmk.sys - ok
19:39:55.0662 4160 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
19:39:55.0662 4160 C:\Windows\System32\drivers\portcls.sys - ok
19:39:55.0678 4160 [ B4F53BCA4C688FF47F04FA90098F896E ] C:\Windows\System32\drivers\nvhda64v.sys
19:39:55.0678 4160 C:\Windows\System32\drivers\nvhda64v.sys - ok
19:39:55.0678 4160 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
19:39:55.0678 4160 C:\Windows\System32\drivers\ksthunk.sys - ok
19:39:55.0678 4160 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] C:\Windows\System32\drivers\RTKVHD64.sys
19:39:55.0678 4160 C:\Windows\System32\drivers\RTKVHD64.sys - ok
19:39:55.0678 4160 [ FF4232A1A64012BAA1FD97C7B67DF593 ] C:\Windows\System32\drivers\udfs.sys
19:39:55.0678 4160 C:\Windows\System32\drivers\udfs.sys - ok
19:39:55.0678 4160 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
19:39:55.0678 4160 C:\Windows\System32\drivers\dxapi.sys - ok
19:39:55.0693 4160 [ 275D3946B0EC22BA13FE299E97ABF606 ] C:\Windows\System32\win32k.sys
19:39:55.0693 4160 C:\Windows\System32\win32k.sys - ok
19:39:55.0693 4160 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
19:39:55.0693 4160 C:\Windows\System32\drivers\usbccgp.sys - ok
19:39:55.0693 4160 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
19:39:55.0693 4160 C:\Windows\System32\drivers\usbd.sys - ok
19:39:55.0693 4160 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
19:39:55.0693 4160 C:\Windows\System32\csrss.exe - ok
19:39:55.0709 4160 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
19:39:55.0709 4160 C:\Windows\System32\csrsrv.dll - ok
19:39:55.0709 4160 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
19:39:55.0709 4160 C:\Windows\System32\basesrv.dll - ok
19:39:55.0709 4160 [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
19:39:55.0709 4160 C:\Windows\System32\drivers\cdfs.sys - ok
19:39:55.0709 4160 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
19:39:55.0709 4160 C:\Windows\System32\winsrv.dll - ok
19:39:55.0709 4160 [ 55218F924E55FD2786ED40EDF4ED79C3 ] C:\Windows\System32\drivers\nx6000.sys
19:39:55.0709 4160 C:\Windows\System32\drivers\nx6000.sys - ok
19:39:55.0725 4160 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
19:39:55.0725 4160 C:\Windows\System32\drivers\usbvideo.sys - ok
19:39:55.0725 4160 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
19:39:55.0725 4160 C:\Windows\System32\drivers\USBAUDIO.sys - ok
19:39:55.0725 4160 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
19:39:55.0725 4160 C:\Windows\System32\drivers\USBSTOR.SYS - ok
19:39:55.0725 4160 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
19:39:55.0725 4160 C:\Windows\System32\drivers\hidclass.sys - ok
19:39:55.0725 4160 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
19:39:55.0725 4160 C:\Windows\System32\drivers\hidparse.sys - ok
19:39:55.0740 4160 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
19:39:55.0740 4160 C:\Windows\System32\drivers\hidusb.sys - ok
19:39:55.0740 4160 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
19:39:55.0740 4160 C:\Windows\System32\drivers\monitor.sys - ok
19:39:55.0740 4160 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
19:39:55.0740 4160 C:\Windows\System32\tsddd.dll - ok
19:39:55.0740 4160 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
19:39:55.0740 4160 C:\Windows\System32\drivers\kbdhid.sys - ok
19:39:55.0740 4160 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
19:39:55.0740 4160 C:\Windows\System32\sxssrv.dll - ok
19:39:55.0756 4160 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
19:39:55.0756 4160 C:\Windows\System32\wininit.exe - ok
19:39:55.0756 4160 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
19:39:55.0756 4160 C:\Windows\System32\profapi.dll - ok
19:39:55.0756 4160 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
19:39:55.0756 4160 C:\Windows\System32\cdd.dll - ok
19:39:55.0756 4160 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
19:39:55.0756 4160 C:\Windows\System32\RpcRtRemote.dll - ok
19:39:55.0756 4160 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
19:39:55.0756 4160 C:\Windows\System32\KBDUS.DLL - ok
19:39:55.0771 4160 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
19:39:55.0771 4160 C:\Windows\System32\drivers\mouhid.sys - ok
19:39:55.0771 4160 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
19:39:55.0771 4160 C:\Windows\System32\winlogon.exe - ok
19:39:55.0771 4160 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
19:39:55.0771 4160 C:\Windows\System32\winsta.dll - ok
19:39:55.0771 4160 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
19:39:55.0771 4160 C:\Windows\System32\WlS0WndH.dll - ok
19:39:55.0787 4160 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
19:39:55.0787 4160 C:\Windows\System32\sxs.dll - ok
19:39:55.0787 4160 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
19:39:55.0787 4160 C:\Windows\System32\cryptbase.dll - ok
19:39:55.0787 4160 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
19:39:55.0787 4160 C:\Windows\System32\apphelp.dll - ok
19:39:55.0787 4160 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
19:39:55.0787 4160 C:\Windows\System32\services.exe - ok
19:39:55.0787 4160 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
19:39:55.0787 4160 C:\Windows\System32\lsass.exe - ok
19:39:55.0803 4160 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
19:39:55.0803 4160 C:\Windows\System32\lsm.exe - ok
19:39:55.0803 4160 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
19:39:55.0803 4160 C:\Windows\System32\sspisrv.dll - ok
19:39:55.0803 4160 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
19:39:55.0803 4160 C:\Windows\System32\lsasrv.dll - ok
19:39:55.0803 4160 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
19:39:55.0803 4160 C:\Windows\System32\sspicli.dll - ok
19:39:55.0803 4160 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
19:39:55.0803 4160 C:\Windows\System32\scext.dll - ok
19:39:55.0818 4160 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
19:39:55.0818 4160 C:\Windows\System32\sysntfy.dll - ok
19:39:55.0818 4160 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
19:39:55.0818 4160 C:\Windows\System32\secur32.dll - ok
19:39:55.0818 4160 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
19:39:55.0818 4160 C:\Windows\System32\wmsgapi.dll - ok
19:39:55.0818 4160 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
19:39:55.0818 4160 C:\Windows\System32\scesrv.dll - ok
19:39:55.0818 4160 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
19:39:55.0818 4160 C:\Windows\System32\srvcli.dll - ok
19:39:55.0834 4160 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
19:39:55.0834 4160 C:\Windows\System32\samsrv.dll - ok
19:39:55.0834 4160 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
19:39:55.0834 4160 C:\Windows\System32\cryptdll.dll - ok
19:39:55.0834 4160 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
19:39:55.0834 4160 C:\Windows\System32\wevtapi.dll - ok
19:39:55.0834 4160 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
19:39:55.0834 4160 C:\Windows\System32\cngaudit.dll - ok
19:39:55.0834 4160 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
19:39:55.0834 4160 C:\Windows\System32\authz.dll - ok
19:39:55.0849 4160 [ 2E8C52A0EC788D90FA35D9507D828771 ] C:\Windows\System32\ncrypt.dll
19:39:55.0849 4160 C:\Windows\System32\ncrypt.dll - ok
19:39:55.0849 4160 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
19:39:55.0849 4160 C:\Windows\System32\bcrypt.dll - ok
19:39:55.0849 4160 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
19:39:55.0849 4160 C:\Windows\System32\msprivs.dll - ok
19:39:55.0849 4160 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
19:39:55.0849 4160 C:\Windows\System32\netjoin.dll - ok
19:39:55.0849 4160 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
19:39:55.0849 4160 C:\Windows\System32\negoexts.dll - ok
19:39:55.0865 4160 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
19:39:55.0865 4160 C:\Windows\System32\kerberos.dll - ok
19:39:55.0865 4160 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
19:39:55.0865 4160 C:\Windows\System32\cryptsp.dll - ok
19:39:55.0865 4160 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
19:39:55.0865 4160 C:\Windows\System32\mswsock.dll - ok
19:39:55.0865 4160 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
19:39:55.0865 4160 C:\Windows\System32\wship6.dll - ok
19:39:55.0865 4160 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
19:39:55.0865 4160 C:\Windows\System32\msv1_0.dll - ok
19:39:55.0865 4160 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
19:39:55.0865 4160 C:\Windows\System32\netlogon.dll - ok
19:39:55.0881 4160 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
19:39:55.0881 4160 C:\Windows\System32\atmfd.dll - ok
19:39:55.0881 4160 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
19:39:55.0881 4160 C:\Windows\System32\dnsapi.dll - ok
19:39:55.0881 4160 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
19:39:55.0881 4160 C:\Windows\System32\logoncli.dll - ok
19:39:55.0881 4160 [ FBD1D2169ACEEE3073861F8CA3A28C49 ] C:\Windows\System32\schannel.dll
19:39:55.0881 4160 C:\Windows\System32\schannel.dll - ok
19:39:55.0881 4160 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
19:39:55.0881 4160 C:\Windows\System32\wdigest.dll - ok
19:39:55.0896 4160 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
19:39:55.0896 4160 C:\Windows\System32\rsaenh.dll - ok
19:39:55.0896 4160 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
19:39:55.0896 4160 C:\Windows\System32\TSpkg.dll - ok
19:39:55.0896 4160 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
19:39:55.0896 4160 C:\Windows\System32\pku2u.dll - ok
19:39:55.0896 4160 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
19:39:55.0896 4160 C:\Windows\System32\LIVESSP.DLL - ok
19:39:55.0912 4160 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
19:39:55.0912 4160 C:\Windows\System32\bcryptprimitives.dll - ok
19:39:55.0912 4160 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
19:39:55.0912 4160 C:\Windows\System32\efslsaext.dll - ok
19:39:55.0912 4160 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
19:39:55.0912 4160 C:\Windows\System32\credssp.dll - ok
19:39:55.0912 4160 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
19:39:55.0912 4160 C:\Windows\System32\ubpm.dll - ok
19:39:55.0912 4160 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
19:39:55.0912 4160 C:\Windows\System32\scecli.dll - ok
19:39:55.0927 4160 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
19:39:55.0927 4160 C:\Windows\System32\svchost.exe - ok
19:39:55.0927 4160 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
19:39:55.0927 4160 C:\Windows\System32\umpnpmgr.dll - ok
19:39:55.0927 4160 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
19:39:55.0927 4160 C:\Windows\System32\SPInf.dll - ok
19:39:55.0927 4160 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
19:39:55.0927 4160 C:\Windows\System32\devrtl.dll - ok
19:39:55.0927 4160 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
19:39:55.0927 4160 C:\Windows\System32\userenv.dll - ok
19:39:55.0943 4160 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
19:39:55.0943 4160 C:\Windows\System32\gpapi.dll - ok
19:39:55.0943 4160 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
19:39:55.0943 4160 C:\Windows\System32\umpo.dll - ok
19:39:55.0943 4160 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
19:39:55.0943 4160 C:\Windows\System32\pcwum.dll - ok
19:39:55.0943 4160 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
19:39:55.0943 4160 C:\Windows\System32\powrprof.dll - ok
19:39:55.0943 4160 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
19:39:55.0943 4160 C:\Windows\System32\drivers\luafv.sys - ok
19:39:55.0959 4160 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
19:39:55.0959 4160 C:\Windows\System32\drivers\WUDFPf.sys - ok
19:39:55.0959 4160 [ 574087EA9105F23FB522A4FDDD5292D9 ] C:\Windows\System32\nvvsvc.exe
19:39:55.0959 4160 C:\Windows\System32\nvvsvc.exe - ok
19:39:55.0959 4160 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
19:39:55.0959 4160 C:\Windows\System32\wtsapi32.dll - ok
19:39:55.0959 4160 [ 78216A10BF8B200890A88D8820F33F14 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:39:55.0959 4160 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
19:39:55.0959 4160 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
19:39:55.0959 4160 C:\Windows\SysWOW64\ntdll.dll - ok
19:39:55.0974 4160 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
19:39:55.0974 4160 C:\Windows\System32\wow64.dll - ok
19:39:55.0974 4160 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
19:39:55.0974 4160 C:\Windows\System32\wow64win.dll - ok
19:39:55.0974 4160 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
19:39:55.0974 4160 C:\Windows\System32\wow64cpu.dll - ok
19:39:55.0974 4160 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
19:39:55.0974 4160 C:\Windows\SysWOW64\kernel32.dll - ok
19:39:55.0974 4160 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
19:39:55.0974 4160 C:\Windows\SysWOW64\KernelBase.dll - ok
19:39:55.0990 4160 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
19:39:55.0990 4160 C:\Windows\SysWOW64\msvcrt.dll - ok
19:39:55.0990 4160 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
19:39:55.0990 4160 C:\Windows\SysWOW64\version.dll - ok
19:39:55.0990 4160 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
19:39:55.0990 4160 C:\Windows\SysWOW64\setupapi.dll - ok
19:39:55.0990 4160 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
19:39:55.0990 4160 C:\Windows\SysWOW64\cfgmgr32.dll - ok
19:39:55.0990 4160 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
19:39:55.0990 4160 C:\Windows\SysWOW64\rpcrt4.dll - ok
19:39:56.0005 4160 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
19:39:56.0005 4160 C:\Windows\SysWOW64\advapi32.dll - ok
19:39:56.0005 4160 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
19:39:56.0005 4160 C:\Windows\SysWOW64\cryptbase.dll - ok
19:39:56.0005 4160 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
19:39:56.0005 4160 C:\Windows\SysWOW64\sechost.dll - ok
19:39:56.0005 4160 [ 44B2693080979A0E05085B3FAAA43A09 ] C:\Windows\SysWOW64\sspicli.dll
19:39:56.0005 4160 C:\Windows\SysWOW64\sspicli.dll - ok
19:39:56.0005 4160 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
19:39:56.0005 4160 C:\Windows\SysWOW64\gdi32.dll - ok
19:39:56.0021 4160 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
19:39:56.0021 4160 C:\Windows\SysWOW64\user32.dll - ok
19:39:56.0021 4160 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
19:39:56.0021 4160 C:\Windows\SysWOW64\lpk.dll - ok
19:39:56.0021 4160 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
19:39:56.0021 4160 C:\Windows\SysWOW64\usp10.dll - ok
19:39:56.0021 4160 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
19:39:56.0021 4160 C:\Windows\SysWOW64\oleaut32.dll - ok
19:39:56.0021 4160 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
19:39:56.0021 4160 C:\Windows\SysWOW64\ole32.dll - ok
19:39:56.0037 4160 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
19:39:56.0037 4160 C:\Windows\SysWOW64\devobj.dll - ok
19:39:56.0037 4160 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
19:39:56.0037 4160 C:\Windows\SysWOW64\imm32.dll - ok
19:39:56.0037 4160 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
19:39:56.0037 4160 C:\Windows\SysWOW64\msctf.dll - ok
19:39:56.0037 4160 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
19:39:56.0037 4160 C:\Windows\SysWOW64\winspool.drv - ok
19:39:56.0052 4160 [ E0A7D40A14984939CD009B3A21F6F45C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
19:39:56.0052 4160 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
19:39:56.0052 4160 [ 77895F43790C536DD6776409AA7D7D90 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
19:39:56.0052 4160 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
19:39:56.0052 4160 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
19:39:56.0052 4160 C:\Windows\System32\rpcss.dll - ok
19:39:56.0052 4160 [ 2D0D2DA87BEA7144F2A17F19D0D17E4C ] C:\Windows\SysWOW64\wintrust.dll
19:39:56.0052 4160 C:\Windows\SysWOW64\wintrust.dll - ok
19:39:56.0052 4160 [ 454E292861A4EF1D72F43F42BBAF6917 ] C:\Windows\SysWOW64\crypt32.dll
19:39:56.0052 4160 C:\Windows\SysWOW64\crypt32.dll - ok
19:39:56.0068 4160 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
19:39:56.0068 4160 C:\Windows\System32\RpcEpMap.dll - ok
19:39:56.0068 4160 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
19:39:56.0068 4160 C:\Windows\SysWOW64\msasn1.dll - ok
19:39:56.0068 4160 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
19:39:56.0068 4160 C:\Windows\System32\WSHTCPIP.DLL - ok
19:39:56.0068 4160 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
19:39:56.0068 4160 C:\Windows\SysWOW64\ntmarta.dll - ok
19:39:56.0068 4160 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
19:39:56.0068 4160 C:\Windows\SysWOW64\Wldap32.dll - ok
19:39:56.0083 4160 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
19:39:56.0083 4160 C:\Windows\System32\wshqos.dll - ok
19:39:56.0083 4160 [ 694B7056F66A9DFFE18836655477589A ] C:\Windows\System32\atiesrxx.exe
19:39:56.0083 4160 C:\Windows\System32\atiesrxx.exe - ok
19:39:56.0083 4160 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
19:39:56.0083 4160 C:\Windows\System32\FirewallAPI.dll - ok
19:39:56.0083 4160 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
19:39:56.0083 4160 C:\Windows\SysWOW64\devrtl.dll - ok
19:39:56.0083 4160 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
19:39:56.0083 4160 C:\Windows\System32\LogonUI.exe - ok
19:39:56.0099 4160 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
19:39:56.0099 4160 C:\Windows\SysWOW64\SPInf.dll - ok
19:39:56.0099 4160 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
19:39:56.0099 4160 C:\Windows\System32\authui.dll - ok
19:39:56.0099 4160 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
19:39:56.0099 4160 C:\Windows\System32\version.dll - ok
19:39:56.0099 4160 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
19:39:56.0099 4160 C:\Windows\System32\wevtsvc.dll - ok
19:39:56.0099 4160 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
19:39:56.0099 4160 C:\Windows\System32\cryptui.dll - ok
19:39:56.0115 4160 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
19:39:56.0115 4160 C:\Windows\System32\audiosrv.dll - ok
19:39:56.0115 4160 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
19:39:56.0115 4160 C:\Windows\System32\mmcss.dll - ok
19:39:56.0115 4160 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
19:39:56.0115 4160 C:\Windows\System32\avrt.dll - ok
19:39:56.0115 4160 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
19:39:56.0115 4160 C:\Windows\System32\ntmarta.dll - ok
19:39:56.0115 4160 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
19:39:56.0115 4160 C:\Windows\System32\radardt.dll - ok
19:39:56.0130 4160 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
19:39:56.0130 4160 C:\Windows\System32\MMDevAPI.dll - ok
19:39:56.0130 4160 [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
19:39:56.0130 4160 C:\Windows\System32\profsvc.dll - ok
19:39:56.0130 4160 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
19:39:56.0130 4160 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
19:39:56.0130 4160 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
19:39:56.0130 4160 C:\Windows\System32\propsys.dll - ok
19:39:56.0130 4160 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
19:39:56.0130 4160 C:\Windows\System32\adtschema.dll - ok
19:39:56.0146 4160 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
19:39:56.0146 4160 C:\Windows\System32\netprofm.dll - ok
19:39:56.0146 4160 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
19:39:56.0146 4160 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
19:39:56.0146 4160 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
19:39:56.0146 4160 C:\Windows\System32\MPSSVC.dll - ok
19:39:56.0146 4160 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
19:39:56.0146 4160 C:\Windows\System32\shacct.dll - ok
19:39:56.0146 4160 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
19:39:56.0146 4160 C:\Windows\System32\samlib.dll - ok
19:39:56.0161 4160 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
19:39:56.0161 4160 C:\Windows\System32\uxtheme.dll - ok
19:39:56.0161 4160 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
19:39:56.0161 4160 C:\Windows\System32\audiodg.exe - ok
19:39:56.0161 4160 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
19:39:56.0161 4160 C:\Windows\System32\wlansvc.dll - ok
19:39:56.0161 4160 [ 497BFEDDAF3950DD909C3B0C5558A25D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll
19:39:56.0161 4160 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_2b24536c71ed437a\GdiPlus.dll - ok
19:39:56.0177 4160 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
19:39:56.0177 4160 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
19:39:56.0177 4160 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
19:39:56.0177 4160 C:\Windows\System32\gpsvc.dll - ok
19:39:56.0177 4160 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
19:39:56.0177 4160 C:\Windows\System32\WUDFPlatform.dll - ok
19:39:56.0177 4160 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
19:39:56.0177 4160 C:\Windows\System32\drivers\fltMgr.sys - ok
19:39:56.0177 4160 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
19:39:56.0177 4160 C:\Windows\System32\nlaapi.dll - ok
19:39:56.0193 4160 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
19:39:56.0193 4160 C:\Windows\System32\PSHED.DLL - ok
19:39:56.0193 4160 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
19:39:56.0193 4160 C:\Windows\System32\themeservice.dll - ok
19:39:56.0193 4160 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
19:39:56.0193 4160 C:\Windows\System32\atl.dll - ok
19:39:56.0193 4160 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
19:39:56.0193 4160 C:\Windows\System32\dui70.dll - ok
19:39:56.0193 4160 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
19:39:56.0193 4160 C:\Windows\System32\dsrole.dll - ok
19:39:56.0208 4160 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
19:39:56.0208 4160 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
19:39:56.0208 4160 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
19:39:56.0208 4160 C:\Windows\System32\es.dll - ok
19:39:56.0208 4160 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
19:39:56.0208 4160 C:\Windows\System32\slc.dll - ok
19:39:56.0208 4160 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
19:39:56.0208 4160 C:\Windows\System32\duser.dll - ok
19:39:56.0208 4160 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
19:39:56.0208 4160 C:\Windows\System32\comres.dll - ok
19:39:56.0224 4160 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
19:39:56.0224 4160 C:\Windows\System32\Sens.dll - ok
19:39:56.0224 4160 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
19:39:56.0224 4160 C:\Windows\System32\SndVolSSO.dll - ok
19:39:56.0224 4160 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
19:39:56.0224 4160 C:\Windows\System32\uxsms.dll - ok
19:39:56.0224 4160 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
19:39:56.0224 4160 C:\Windows\System32\hid.dll - ok
19:39:56.0224 4160 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
19:39:56.0224 4160 C:\Windows\System32\WUDFSvc.dll - ok
19:39:56.0239 4160 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
19:39:56.0239 4160 C:\Windows\System32\dwmapi.dll - ok
19:39:56.0239 4160 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
19:39:56.0239 4160 C:\Windows\System32\drivers\lltdio.sys - ok
19:39:56.0239 4160 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
19:39:56.0239 4160 C:\Windows\System32\xmllite.dll - ok
19:39:56.0239 4160 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
19:39:56.0239 4160 C:\Windows\System32\drivers\nwifi.sys - ok
19:39:56.0239 4160 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
19:39:56.0239 4160 C:\Windows\System32\WindowsCodecs.dll - ok
19:39:56.0255 4160 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
19:39:56.0255 4160 C:\Windows\System32\drivers\ndisuio.sys - ok
19:39:56.0255 4160 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
19:39:56.0255 4160 C:\Windows\System32\drivers\rspndr.sys - ok
19:39:56.0255 4160 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
19:39:56.0255 4160 C:\Windows\System32\lmhsvc.dll - ok
19:39:56.0255 4160 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
19:39:56.0255 4160 C:\Windows\System32\nsisvc.dll - ok
19:39:56.0255 4160 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
19:39:56.0255 4160 C:\Windows\System32\IPHLPAPI.DLL - ok
19:39:56.0271 4160 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
19:39:56.0271 4160 C:\Windows\System32\dnsrslvr.dll - ok
19:39:56.0271 4160 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
19:39:56.0271 4160 C:\Windows\System32\keyiso.dll - ok
19:39:56.0271 4160 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
19:39:56.0271 4160 C:\Windows\System32\winnsi.dll - ok
19:39:56.0271 4160 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
19:39:56.0271 4160 C:\Windows\System32\eapsvc.dll - ok
19:39:56.0271 4160 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
19:39:56.0271 4160 C:\Windows\System32\nrpsrv.dll - ok
19:39:56.0286 4160 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
19:39:56.0286 4160 C:\Windows\System32\winbrand.dll - ok
19:39:56.0286 4160 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
19:39:56.0286 4160 C:\Windows\System32\dhcpcore.dll - ok
19:39:56.0286 4160 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
19:39:56.0286 4160 C:\Windows\System32\FWPUCLNT.DLL - ok
19:39:56.0286 4160 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
19:39:56.0286 4160 C:\Windows\System32\eapphost.dll - ok
19:39:56.0286 4160 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
19:39:56.0286 4160 C:\Windows\System32\VaultCredProvider.dll - ok
19:39:56.0302 4160 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
19:39:56.0302 4160 C:\Windows\System32\dhcpcore6.dll - ok
19:39:56.0302 4160 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
19:39:56.0302 4160 C:\Windows\System32\dnsext.dll - ok
19:39:56.0302 4160 [ 2E07065BB59766686AC6626CC63ECCC8 ] C:\Windows\System32\LMIinit.dll
19:39:56.0302 4160 C:\Windows\System32\LMIinit.dll - ok
19:39:56.0302 4160 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
19:39:56.0302 4160 C:\Windows\System32\dhcpcsvc6.dll - ok
19:39:56.0302 4160 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:39:56.0302 4160 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:39:56.0317 4160 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
19:39:56.0317 4160 C:\Windows\System32\dhcpcsvc.dll - ok
19:39:56.0317 4160 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
19:39:56.0317 4160 C:\Windows\System32\umb.dll - ok
19:39:56.0317 4160 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
19:39:56.0317 4160 C:\Windows\System32\wlanmsm.dll - ok
19:39:56.0317 4160 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
19:39:56.0317 4160 C:\Windows\System32\BioCredProv.dll - ok
19:39:56.0333 4160 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
19:39:56.0333 4160 C:\Windows\System32\wlansec.dll - ok
19:39:56.0333 4160 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
19:39:56.0333 4160 C:\Windows\System32\onex.dll - ok
19:39:56.0333 4160 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
19:39:56.0333 4160 C:\Windows\System32\winbio.dll - ok
19:39:56.0333 4160 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
19:39:56.0333 4160 C:\Windows\System32\credui.dll - ok
19:39:56.0333 4160 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
19:39:56.0333 4160 C:\Windows\System32\eappprxy.dll - ok
19:39:56.0333 4160 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
19:39:56.0349 4160 C:\Windows\System32\eappcfg.dll - ok
19:39:56.0349 4160 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
19:39:56.0349 4160 C:\Windows\System32\vaultcli.dll - ok
19:39:56.0349 4160 [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
19:39:56.0349 4160 C:\Windows\System32\netapi32.dll - ok
19:39:56.0349 4160 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
19:39:56.0349 4160 C:\Windows\System32\netutils.dll - ok
19:39:56.0349 4160 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
19:39:56.0349 4160 C:\Windows\System32\wkscli.dll - ok
19:39:56.0364 4160 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
19:39:56.0364 4160 C:\Windows\System32\wlgpclnt.dll - ok
19:39:56.0364 4160 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
19:39:56.0364 4160 C:\Windows\System32\l2gpstore.dll - ok
19:39:56.0364 4160 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
19:39:56.0364 4160 C:\Windows\System32\samcli.dll - ok
19:39:56.0364 4160 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
19:39:56.0364 4160 C:\Windows\System32\certCredProvider.dll - ok
19:39:56.0364 4160 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
19:39:56.0364 4160 C:\Windows\System32\wlanutil.dll - ok
19:39:56.0380 4160 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
19:39:56.0380 4160 C:\Windows\System32\WinSCard.dll - ok
19:39:56.0380 4160 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
19:39:56.0380 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
19:39:56.0380 4160 [ 5C29199C9F0EDE64F17F268084EC4392 ] C:\Windows\System32\msxml6.dll
19:39:56.0380 4160 C:\Windows\System32\msxml6.dll - ok
19:39:56.0380 4160 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
19:39:56.0380 4160 C:\Windows\System32\rasplap.dll - ok
19:39:56.0380 4160 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
19:39:56.0380 4160 C:\Windows\System32\rasapi32.dll - ok
19:39:56.0395 4160 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
19:39:56.0395 4160 C:\Windows\System32\rasman.dll - ok
19:39:56.0395 4160 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
19:39:56.0395 4160 C:\Windows\System32\rtutils.dll - ok
19:39:56.0395 4160 [ 6D115A99A7A08F2752248D6B19EB19D4 ] C:\Windows\System32\atieclxx.exe
19:39:56.0395 4160 C:\Windows\System32\atieclxx.exe - ok
19:39:56.0395 4160 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
19:39:56.0395 4160 C:\Windows\System32\shsvcs.dll - ok
19:39:56.0395 4160 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
19:39:56.0395 4160 C:\Windows\System32\UXInit.dll - ok
19:39:56.0395 4160 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
19:39:56.0395 4160 C:\Windows\System32\schedsvc.dll - ok
19:39:56.0411 4160 [ 4FF8150A589F813134155479F5427A95 ] C:\Windows\System32\atiadlxx.dll
19:39:56.0411 4160 C:\Windows\System32\atiadlxx.dll - ok
19:39:56.0411 4160 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
19:39:56.0411 4160 C:\Windows\System32\netcfgx.dll - ok
19:39:56.0411 4160 [ 7D0D943B89CE1199EEBD05CD78D5D313 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
19:39:56.0411 4160 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
19:39:56.0411 4160 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
19:39:56.0411 4160 C:\Windows\System32\drivers\vwifimp.sys - ok
19:39:56.0427 4160 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
19:39:56.0427 4160 C:\Windows\System32\oleacc.dll - ok
19:39:56.0427 4160 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
19:39:56.0427 4160 C:\Windows\System32\ktmw32.dll - ok
19:39:56.0427 4160 [ A3EAF213C26779DE69E269603FF5BDD0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
19:39:56.0427 4160 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
19:39:56.0427 4160 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
19:39:56.0427 4160 C:\Windows\System32\UIAutomationCore.dll - ok
19:39:56.0427 4160 [ 63AA7097E18EB8086C35748DD39D4DF2 ] C:\Windows\System32\nvsvc64.dll
19:39:56.0427 4160 C:\Windows\System32\nvsvc64.dll - ok
19:39:56.0442 4160 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
19:39:56.0442 4160 C:\Windows\System32\taskcomp.dll - ok
19:39:56.0442 4160 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
19:39:56.0442 4160 C:\Windows\System32\imageres.dll - ok
19:39:56.0442 4160 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
19:39:56.0442 4160 C:\Windows\System32\fveapi.dll - ok
19:39:56.0442 4160 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
19:39:56.0442 4160 C:\Windows\System32\tbs.dll - ok
19:39:56.0442 4160 [ 478672840D9FB490D01221AE0F85D81A ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
19:39:56.0442 4160 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
19:39:56.0458 4160 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
19:39:56.0458 4160 C:\Windows\System32\fvecerts.dll - ok
19:39:56.0458 4160 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
19:39:56.0458 4160 C:\Windows\System32\wiarpc.dll - ok
19:39:56.0458 4160 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
19:39:56.0458 4160 C:\Windows\System32\drivers\http.sys - ok
19:39:56.0458 4160 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
19:39:56.0458 4160 C:\Windows\System32\mscms.dll - ok
19:39:56.0458 4160 [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
19:39:56.0458 4160 C:\Windows\System32\spoolsv.exe - ok
19:39:56.0473 4160 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
19:39:56.0473 4160 C:\Windows\System32\winmm.dll - ok
19:39:56.0473 4160 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
19:39:56.0473 4160 C:\Windows\System32\msimg32.dll - ok
19:39:56.0473 4160 [ E1A338F5FFCCF448321F311134CE29BD ] C:\Windows\System32\nvapi64.dll
19:39:56.0473 4160 C:\Windows\System32\nvapi64.dll - ok
19:39:56.0473 4160 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
19:39:56.0473 4160 C:\Windows\System32\BFE.DLL - ok
19:39:56.0473 4160 [ FA87CCCD1B6FCAD419BE102FAC940BCD ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
19:39:56.0473 4160 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
19:39:56.0489 4160 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
19:39:56.0489 4160 C:\Windows\System32\drivers\bowser.sys - ok
19:39:56.0489 4160 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
19:39:56.0489 4160 C:\Windows\System32\drivers\mpsdrv.sys - ok
19:39:56.0489 4160 [ D218991E22D4930939867D2C309F7984 ] C:\Windows\System32\nvsvcr.dll
19:39:56.0489 4160 C:\Windows\System32\nvsvcr.dll - ok
19:39:56.0489 4160 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
19:39:56.0489 4160 C:\Windows\System32\wfapigp.dll - ok
19:39:56.0489 4160 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
19:39:56.0489 4160 C:\Windows\System32\drivers\mrxsmb.sys - ok
19:39:56.0505 4160 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
19:39:56.0505 4160 C:\Windows\System32\pcasvc.dll - ok
19:39:56.0505 4160 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
19:39:56.0505 4160 C:\Windows\System32\snmptrap.exe - ok
19:39:56.0505 4160 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
19:39:56.0505 4160 C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:39:56.0505 4160 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
19:39:56.0505 4160 C:\Windows\System32\provsvc.dll - ok
19:39:56.0520 4160 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
19:39:56.0520 4160 C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:39:56.0520 4160 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
19:39:56.0520 4160 C:\Windows\System32\sstpsvc.dll - ok
19:39:56.0520 4160 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
19:39:56.0520 4160 C:\Windows\System32\wkssvc.dll - ok
19:39:56.0520 4160 [ C0D3EE2E78D6927ECCDDFE2493E4C053 ] C:\Windows\System32\nvcpl.dll
19:39:56.0520 4160 C:\Windows\System32\nvcpl.dll - ok
19:39:56.0520 4160 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:39:56.0520 4160 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
19:39:56.0536 4160 [ 358FC25391C6733EAF49DB480AFDFD8C ] C:\Windows\SysWOW64\shell32.dll
19:39:56.0536 4160 C:\Windows\SysWOW64\shell32.dll - ok
19:39:56.0536 4160 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
19:39:56.0536 4160 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
19:39:56.0536 4160 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
19:39:56.0536 4160 C:\Windows\System32\winspool.drv - ok
19:39:56.0536 4160 [ 1E9BB130F2BF82B16D22BBCDF07E6DAB ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
19:39:56.0536 4160 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
19:39:56.0536 4160 [ D57AF5AD9D5983552470667BDCEBFC82 ] C:\Windows\System32\nvumdshimx.dll
19:39:56.0536 4160 C:\Windows\System32\nvumdshimx.dll - ok
19:39:56.0551 4160 [ A606855FE52504233FFDE3F5A17BE82E ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
19:39:56.0551 4160 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
19:39:56.0551 4160 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
19:39:56.0551 4160 C:\Windows\SysWOW64\shlwapi.dll - ok
19:39:56.0551 4160 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:39:56.0551 4160 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:39:56.0551 4160 [ 3F56903E124E820AEECE6D471583C6C1 ] C:\Program Files (x86)\Bonjour\mDNSResponder.exe
19:39:56.0551 4160 C:\Program Files (x86)\Bonjour\mDNSResponder.exe - ok
19:39:56.0567 4160 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
19:39:56.0567 4160 C:\Windows\SysWOW64\ws2_32.dll - ok
19:39:56.0567 4160 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
19:39:56.0567 4160 C:\Windows\SysWOW64\nsi.dll - ok
19:39:56.0567 4160 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
19:39:56.0567 4160 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
19:39:56.0567 4160 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
19:39:56.0567 4160 C:\Windows\SysWOW64\winnsi.dll - ok
19:39:56.0567 4160 [ 15597883FBE9B056F276ADA3AD87D9AF ] C:\Windows\System32\cryptsvc.dll
19:39:56.0567 4160 C:\Windows\System32\cryptsvc.dll - ok
19:39:56.0583 4160 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
19:39:56.0583 4160 C:\Windows\System32\dps.dll - ok
19:39:56.0583 4160 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
19:39:56.0583 4160 C:\Windows\System32\FDResPub.dll - ok
19:39:56.0583 4160 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
19:39:56.0583 4160 C:\Windows\SysWOW64\cryptsp.dll - ok
19:39:56.0583 4160 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
19:39:56.0583 4160 C:\Windows\System32\WSDApi.dll - ok
19:39:56.0583 4160 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
19:39:56.0583 4160 C:\Windows\System32\taskschd.dll - ok
19:39:56.0598 4160 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
19:39:56.0598 4160 C:\Windows\System32\vssapi.dll - ok
19:39:56.0598 4160 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
19:39:56.0598 4160 C:\Windows\SysWOW64\rsaenh.dll - ok
19:39:56.0598 4160 [ 3DC11A802353401332D49C3CBFBBE5FC ] C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
19:39:56.0598 4160 C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe - ok
19:39:56.0598 4160 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
19:39:56.0598 4160 C:\Windows\SysWOW64\profapi.dll - ok
19:39:56.0598 4160 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
19:39:56.0598 4160 C:\Windows\System32\webservices.dll - ok
19:39:56.0614 4160 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
19:39:56.0614 4160 C:\Windows\System32\winhttp.dll - ok
19:39:56.0614 4160 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
19:39:56.0614 4160 C:\Windows\SysWOW64\mswsock.dll - ok
19:39:56.0614 4160 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
19:39:56.0614 4160 C:\Windows\SysWOW64\wship6.dll - ok
19:39:56.0614 4160 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
19:39:56.0614 4160 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
19:39:56.0614 4160 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
19:39:56.0614 4160 C:\Windows\System32\webio.dll - ok
19:39:56.0629 4160 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
19:39:56.0629 4160 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
19:39:56.0629 4160 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
19:39:56.0629 4160 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
19:39:56.0629 4160 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
19:39:56.0629 4160 C:\Windows\System32\fundisc.dll - ok
19:39:56.0629 4160 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
19:39:56.0629 4160 C:\Windows\System32\vsstrace.dll - ok
19:39:56.0629 4160 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
19:39:56.0629 4160 C:\Windows\SysWOW64\dnsapi.dll - ok
19:39:56.0645 4160 [ 4BD79D03984226DB22D19BBE79369E0E ] C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll
19:39:56.0645 4160 C:\Windows\winsxs\amd64_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_044aad0bab1eb146\mfc90u.dll - ok
19:39:56.0645 4160 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
19:39:56.0645 4160 C:\Windows\System32\httpapi.dll - ok
19:39:56.0645 4160 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
19:39:56.0645 4160 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
19:39:56.0645 4160 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
19:39:56.0645 4160 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
19:39:56.0661 4160 [ D918AF3EA07D248F911F7C6B801AA1E3 ] C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL
19:39:56.0661 4160 C:\Windows\winsxs\amd64_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_01c9581e60cbee58\MFC90ENU.DLL - ok
19:39:56.0661 4160 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
19:39:56.0661 4160 C:\Windows\System32\IKEEXT.DLL - ok
19:39:56.0661 4160 [ 775C6D5D60146D7DB08A01CB596D7EC6 ] C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
19:39:56.0661 4160 C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe - ok
19:39:56.0661 4160 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
19:39:56.0661 4160 C:\Windows\System32\vpnikeapi.dll - ok
19:39:56.0661 4160 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
19:39:56.0661 4160 C:\Windows\SysWOW64\comdlg32.dll - ok
19:39:56.0676 4160 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
19:39:56.0676 4160 C:\Windows\SysWOW64\wtsapi32.dll - ok
19:39:56.0676 4160 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
19:39:56.0676 4160 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
19:39:56.0676 4160 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
19:39:56.0676 4160 C:\Windows\SysWOW64\psapi.dll - ok
19:39:56.0676 4160 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
19:39:56.0676 4160 C:\Windows\SysWOW64\nlaapi.dll - ok
19:39:56.0676 4160 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
19:39:56.0676 4160 C:\Windows\SysWOW64\NapiNSP.dll - ok
19:39:56.0692 4160 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
19:39:56.0692 4160 C:\Windows\SysWOW64\pnrpnsp.dll - ok
19:39:56.0692 4160 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
19:39:56.0692 4160 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
19:39:56.0692 4160 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
19:39:56.0692 4160 C:\Windows\SysWOW64\winrnr.dll - ok
19:39:56.0692 4160 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
19:39:56.0692 4160 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
19:39:56.0692 4160 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
19:39:56.0692 4160 C:\Windows\SysWOW64\rasadhlp.dll - ok
19:39:56.0707 4160 [ 17AFF68AB32F8671BC46612D35351099 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:39:56.0707 4160 C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe - ok
19:39:56.0707 4160 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
19:39:56.0707 4160 C:\Windows\SysWOW64\userenv.dll - ok
19:39:56.0707 4160 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
19:39:56.0707 4160 C:\Windows\SysWOW64\clbcatq.dll - ok
19:39:56.0707 4160 [ 32F1B95C60042F3D95FC8AB43559B3B1 ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
19:39:56.0707 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe - ok
19:39:56.0723 4160 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
19:39:56.0723 4160 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
19:39:56.0723 4160 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
19:39:56.0723 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
19:39:56.0723 4160 [ 269D867585CDA04D3972A39F3694E7DF ] C:\Windows\SysWOW64\msxml6.dll
19:39:56.0723 4160 C:\Windows\SysWOW64\msxml6.dll - ok
19:39:56.0723 4160 [ 20D2447795D9910BB4B89E5FB8147F0B ] C:\Program Files\Bonjour\mdnsNSP.dll
19:39:56.0723 4160 C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:39:56.0723 4160 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
19:39:56.0723 4160 C:\Windows\System32\rasadhlp.dll - ok
19:39:56.0739 4160 [ 89B89AE23491F5D4E338499A3D568269 ] C:\Windows\System32\localspl.dll
19:39:56.0739 4160 C:\Windows\System32\localspl.dll - ok
19:39:56.0739 4160 [ 79F14B5DF9E17E12193337ED4EE1C491 ] C:\Windows\SysWOW64\urlmon.dll
19:39:56.0739 4160 C:\Windows\SysWOW64\urlmon.dll - ok
19:39:56.0739 4160 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
19:39:56.0739 4160 C:\Windows\System32\spoolss.dll - ok
19:39:56.0739 4160 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
19:39:56.0739 4160 C:\Windows\System32\PrintIsolationProxy.dll - ok
19:39:56.0739 4160 [ A14D4FF189D4FFABB2719A774049E8E1 ] C:\Windows\System32\EKIJ5000MON.dll
19:39:56.0739 4160 C:\Windows\System32\EKIJ5000MON.dll - ok
19:39:56.0754 4160 [ CDF5B6AEC538E02D5579E2E791042A1A ] C:\Windows\SysWOW64\iertutil.dll
19:39:56.0754 4160 C:\Windows\SysWOW64\iertutil.dll - ok
19:39:56.0754 4160 [ B821C5ED4C82FF12C25432A2F7069EC4 ] C:\Windows\System32\LMIport.dll
19:39:56.0754 4160 C:\Windows\System32\LMIport.dll - ok
19:39:56.0754 4160 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
19:39:56.0754 4160 C:\Windows\System32\FXSMON.dll - ok
19:39:56.0754 4160 [ 1F63EBCAD9B600F87E5F47B4A2732730 ] C:\Windows\System32\pdfc_port.dll
19:39:56.0754 4160 C:\Windows\System32\pdfc_port.dll - ok
19:39:56.0754 4160 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
19:39:56.0754 4160 C:\Windows\System32\tcpmon.dll - ok
19:39:56.0770 4160 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
19:39:56.0770 4160 C:\Windows\System32\snmpapi.dll - ok
19:39:56.0770 4160 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
19:39:56.0770 4160 C:\Windows\System32\wsnmp32.dll - ok
19:39:56.0770 4160 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
19:39:56.0770 4160 C:\Windows\System32\usbmon.dll - ok
19:39:56.0770 4160 [ 1D94FA7C81D2FFE494AF094619BA706F ] C:\Windows\SysWOW64\wininet.dll
19:39:56.0770 4160 C:\Windows\SysWOW64\wininet.dll - ok
19:39:56.0770 4160 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
19:39:56.0770 4160 C:\Windows\System32\WSDMon.dll - ok
19:39:56.0785 4160 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
19:39:56.0785 4160 C:\Windows\System32\fdPnp.dll - ok
19:39:56.0785 4160 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
19:39:56.0785 4160 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
19:39:56.0785 4160 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
19:39:56.0785 4160 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
19:39:56.0785 4160 [ A6307861451FC3B51D0C867466BDD76D ] C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll
19:39:56.0785 4160 C:\Windows\System32\spool\prtprocs\x64\EKIJ5000PPR.dll - ok
19:39:56.0801 4160 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
19:39:56.0801 4160 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
19:39:56.0801 4160 [ F92CC2C4EC99AE3DD76650758B0DAFEE ] C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll
19:39:56.0801 4160 C:\Windows\System32\spool\prtprocs\x64\LMIproc.dll - ok
19:39:56.0801 4160 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\SysWOW64\secur32.dll
19:39:56.0801 4160 C:\Windows\SysWOW64\secur32.dll - ok
19:39:56.0801 4160 [ 2AC11BE0F5D9A01433732AAB8BA21774 ] C:\Windows\System32\win32spl.dll
19:39:56.0801 4160 C:\Windows\System32\win32spl.dll - ok
19:39:56.0801 4160 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
19:39:56.0801 4160 C:\Windows\SysWOW64\winmm.dll - ok
19:39:56.0817 4160 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
19:39:56.0817 4160 C:\Windows\SysWOW64\winsta.dll - ok
19:39:56.0817 4160 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
19:39:56.0817 4160 C:\Windows\System32\inetpp.dll - ok
19:39:56.0817 4160 [ 7550D101BF49FDB1F92666A233EE36C4 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
19:39:56.0817 4160 C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
19:39:56.0817 4160 [ 1B2AA330C30062CCF3AC6847D6652FCB ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
19:39:56.0817 4160 C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
19:39:56.0817 4160 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
19:39:56.0817 4160 C:\Windows\System32\cscapi.dll - ok
19:39:56.0832 4160 [ 5973175F67CAC09A60EE4FDB11CC52E1 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
19:39:56.0832 4160 C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
19:39:56.0832 4160 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:39:56.0832 4160 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:39:56.0832 4160 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:39:56.0832 4160 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:39:56.0832 4160 [ 7109163D8027076D2680CFC4E80E2A28 ] C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
19:39:56.0832 4160 C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe - ok
19:39:56.0848 4160 [ 3C4A468BFDC3513BDB659A77856816C8 ] C:\Program Files (x86)\LogMeIn\x64\LMIGuardianDll.dll
19:39:56.0848 4160 C:\Program Files (x86)\LogMeIn\x64\LMIGuardianDll.dll - ok
19:39:56.0848 4160 [ 0317335B15FF3BDA8E10197E3434CFC0 ] C:\Program Files (x86)\LogMeIn\x64\rainfo.sys
19:39:56.0848 4160 C:\Program Files (x86)\LogMeIn\x64\rainfo.sys - ok
19:39:56.0848 4160 [ 8054CE1FC8B417691960D00F931516A7 ] C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
19:39:56.0848 4160 C:\Program Files (x86)\LogMeIn\x64\ramaint.exe - ok
19:39:56.0848 4160 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
19:39:56.0848 4160 C:\Windows\System32\wsock32.dll - ok
19:39:56.0848 4160 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
19:39:56.0848 4160 C:\Windows\System32\ntprint.dll - ok
19:39:56.0863 4160 [ A5A70AF023570C1D26501B14338C1D6C ] C:\Windows\System32\browcli.dll
19:39:56.0863 4160 C:\Windows\System32\browcli.dll - ok
19:39:56.0863 4160 [ 1369DF1AA12A11876B41627099923EDB ] C:\Windows\System32\dfscli.dll
19:39:56.0863 4160 C:\Windows\System32\dfscli.dll - ok
19:39:56.0863 4160 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
19:39:56.0863 4160 C:\Windows\System32\schedcli.dll - ok
19:39:56.0863 4160 [ 90CC31E54E79E9E5800FFF3CCF2FC5DB ] C:\Windows\System32\inetmib1.dll
19:39:56.0863 4160 C:\Windows\System32\inetmib1.dll - ok
19:39:56.0863 4160 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
19:39:56.0863 4160 C:\Windows\System32\mpr.dll - ok
19:39:56.0879 4160 [ C57D3FAA50E6F395759FFB7C709BD944 ] C:\Windows\System32\drivers\LMIRfsDriver.sys
19:39:56.0879 4160 C:\Windows\System32\drivers\LMIRfsDriver.sys - ok
19:39:56.0879 4160 [ D3760BC17E1755091B7120CF32DBF56B ] C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
19:39:56.0879 4160 C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe - ok
19:39:56.0879 4160 [ E509B998E7B98944B5FA67DFCF09E9E6 ] C:\Program Files (x86)\LogMeIn\x64\LogMeIn.dll
19:39:56.0879 4160 C:\Program Files (x86)\LogMeIn\x64\LogMeIn.dll - ok
19:39:56.0879 4160 [ 90614633898F8D44BC984EC7B729DD70 ] C:\Windows\System32\ieframe.dll
19:39:56.0879 4160 C:\Windows\System32\ieframe.dll - ok
19:39:56.0895 4160 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
19:39:56.0895 4160 C:\Windows\System32\netbios.dll - ok
19:39:56.0895 4160 [ A592A054D78750B4D73ABAA4C94DECDF ] C:\Program Files\Microsoft LifeCam\MSCamS64.exe
19:39:56.0895 4160 C:\Program Files\Microsoft LifeCam\MSCamS64.exe - ok
19:39:56.0895 4160 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
19:39:56.0895 4160 C:\Windows\System32\netman.dll - ok
19:39:56.0895 4160 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
19:39:56.0895 4160 C:\Windows\System32\nlasvc.dll - ok
19:39:56.0895 4160 [ 74F7559C028245A9CC1645F1EC687FC9 ] C:\Program Files\Microsoft LifeCam\CAL264.dll
19:39:56.0895 4160 C:\Program Files\Microsoft LifeCam\CAL264.dll - ok
19:39:56.0910 4160 [ 12B7C7668E6441529E087D1D0E1E032A ] C:\Program Files (x86)\PDF Complete\pdfsvc.exe
19:39:56.0910 4160 C:\Program Files (x86)\PDF Complete\pdfsvc.exe - ok
19:39:56.0910 4160 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
19:39:56.0910 4160 C:\Windows\SysWOW64\FirewallAPI.dll - ok
19:39:56.0910 4160 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
19:39:56.0910 4160 C:\Windows\System32\aepic.dll - ok
19:39:56.0910 4160 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
19:39:56.0910 4160 C:\Windows\System32\ncsi.dll - ok
19:39:56.0910 4160 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
19:39:56.0910 4160 C:\Windows\System32\sfc.dll - ok
19:39:56.0926 4160 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
19:39:56.0926 4160 C:\Windows\System32\sfc_os.dll - ok
19:39:56.0926 4160 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
19:39:56.0926 4160 C:\Windows\System32\ssdpapi.dll - ok
19:39:56.0926 4160 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
19:39:56.0926 4160 C:\Windows\System32\devenum.dll - ok
19:39:56.0926 4160 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
19:39:56.0926 4160 C:\Windows\SysWOW64\mpr.dll - ok
19:39:56.0926 4160 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
19:39:56.0926 4160 C:\Windows\SysWOW64\mscoree.dll - ok
19:39:56.0941 4160 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
19:39:56.0941 4160 C:\Windows\System32\msdmo.dll - ok
19:39:56.0941 4160 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:39:56.0941 4160 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:39:56.0941 4160 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
19:39:56.0941 4160 C:\Windows\System32\wdmaud.drv - ok
19:39:56.0941 4160 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
19:39:56.0941 4160 C:\Windows\System32\ksuser.dll - ok
19:39:56.0941 4160 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
19:39:56.0941 4160 C:\Windows\System32\AudioSes.dll - ok
19:39:56.0957 4160 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
19:39:56.0957 4160 C:\Windows\System32\security.dll - ok
19:39:56.0957 4160 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
19:39:56.0957 4160 C:\Windows\SysWOW64\sxs.dll - ok
19:39:56.0957 4160 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
19:39:56.0957 4160 C:\Windows\System32\msacm32.drv - ok
19:39:56.0957 4160 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
19:39:56.0957 4160 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
19:39:56.0957 4160 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
19:39:56.0957 4160 C:\Windows\System32\msacm32.dll - ok
19:39:56.0973 4160 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
19:39:56.0973 4160 C:\Windows\System32\midimap.dll - ok
19:39:56.0973 4160 [ EB5756320AE1AC31AE03205050D5FAED ] C:\Windows\System32\LcProxy.ax
19:39:56.0973 4160 C:\Windows\System32\LcProxy.ax - ok
19:39:56.0973 4160 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
19:39:56.0973 4160 C:\Windows\System32\drivers\PEAuth.sys - ok
19:39:56.0973 4160 [ 91B8C8F46E4ED4B4DFD5952533A692EF ] C:\Windows\System32\wuapi.dll
19:39:56.0973 4160 C:\Windows\System32\wuapi.dll - ok
19:39:56.0973 4160 [ 2D66F79983F266621E6450E08A536DAD ] C:\Windows\System32\ksproxy.ax
19:39:56.0973 4160 C:\Windows\System32\ksproxy.ax - ok
19:39:56.0988 4160 [ F64FD5C7FEF7FC25CBA37974FF3584D7 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
19:39:56.0988 4160 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
19:39:56.0988 4160 [ CC465ECBC1700B2D91E152ED9165994A ] C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
19:39:56.0988 4160 C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe - ok
19:39:56.0988 4160 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
19:39:56.0988 4160 C:\Windows\System32\d3d9.dll - ok
19:39:56.0988 4160 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
19:39:56.0988 4160 C:\Windows\System32\cabinet.dll - ok
19:39:56.0988 4160 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
19:39:56.0988 4160 C:\Windows\System32\aeevts.dll - ok
19:39:57.0004 4160 [ BD47117CFDAB2879C8BED5E92F649CA2 ] C:\Windows\System32\wups.dll
19:39:57.0004 4160 C:\Windows\System32\wups.dll - ok
19:39:57.0004 4160 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
19:39:57.0004 4160 C:\Windows\System32\NapiNSP.dll - ok
19:39:57.0004 4160 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
19:39:57.0004 4160 C:\Windows\System32\pnrpnsp.dll - ok
19:39:57.0004 4160 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
19:39:57.0004 4160 C:\Windows\System32\winrnr.dll - ok
19:39:57.0004 4160 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
19:39:57.0004 4160 C:\Windows\System32\conhost.exe - ok
19:39:57.0019 4160 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
19:39:57.0019 4160 C:\Windows\SysWOW64\wsock32.dll - ok
19:39:57.0019 4160 [ 69FA4F98B801A936B5828237AA0A6A6D ] C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.dll
19:39:57.0019 4160 C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.dll - ok
19:39:57.0019 4160 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
19:39:57.0019 4160 C:\Windows\System32\d3d8thk.dll - ok
19:39:57.0019 4160 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
19:39:57.0019 4160 C:\Windows\System32\pdh.dll - ok
19:39:57.0019 4160 [ ECA2CAD0712683D1A7AA2AB47E180B63 ] C:\Windows\System32\vidcap.ax
19:39:57.0019 4160 C:\Windows\System32\vidcap.ax - ok
19:39:57.0035 4160 [ F201517E55E724B4F81E876711583863 ] C:\Program Files (x86)\RosettaStoneLtdServices\SREDaemonPlugin.dll
19:39:57.0035 4160 C:\Program Files (x86)\RosettaStoneLtdServices\SREDaemonPlugin.dll - ok
19:39:57.0035 4160 [ B84CB0F6C83F5D515570334AC505720C ] C:\Windows\System32\Kswdmcap.ax
19:39:57.0035 4160 C:\Windows\System32\Kswdmcap.ax - ok
19:39:57.0035 4160 [ 683F16B716B677F07CE3E193A0A88A1B ] C:\Program Files (x86)\RosettaStoneLtdServices\ActivationDaemonPlugin.dll
19:39:57.0035 4160 C:\Program Files (x86)\RosettaStoneLtdServices\ActivationDaemonPlugin.dll - ok
19:39:57.0035 4160 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
19:39:57.0035 4160 C:\Windows\System32\dsound.dll - ok
19:39:57.0051 4160 [ 56CA5011B792347DD808107BFA5CCEDD ] C:\Program Files (x86)\RosettaStoneLtdServices\FNInterface.dll
19:39:57.0051 4160 C:\Program Files (x86)\RosettaStoneLtdServices\FNInterface.dll - ok
19:39:57.0051 4160 [ 7E1CF52C347D8755E5CA5ED0E99B401E ] C:\Windows\System32\mfc42.dll
19:39:57.0051 4160 C:\Windows\System32\mfc42.dll - ok
19:39:57.0051 4160 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
19:39:57.0051 4160 C:\Windows\System32\wbem\wbemprox.dll - ok
19:39:57.0051 4160 [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
19:39:57.0051 4160 C:\Windows\SysWOW64\netapi32.dll - ok
19:39:57.0051 4160 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
19:39:57.0051 4160 C:\Windows\System32\wbemcomn.dll - ok
19:39:57.0066 4160 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
19:39:57.0066 4160 C:\Windows\SysWOW64\netutils.dll - ok
19:39:57.0066 4160 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
19:39:57.0066 4160 C:\Windows\System32\odbc32.dll - ok
19:39:57.0066 4160 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
19:39:57.0066 4160 C:\Windows\SysWOW64\srvcli.dll - ok
19:39:57.0066 4160 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
19:39:57.0066 4160 C:\Windows\SysWOW64\wkscli.dll - ok
19:39:57.0066 4160 [ 59EF0E75E8CFF14BEFA264DEC72F736A ] C:\Program Files (x86)\RosettaStoneLtdServices\FNP_Act_Installer.dll
19:39:57.0066 4160 C:\Program Files (x86)\RosettaStoneLtdServices\FNP_Act_Installer.dll - ok
19:39:57.0082 4160 [ 1737183424D10E716D4035C5CA2ECAB4 ] C:\Windows\System32\cryptnet.dll
19:39:57.0082 4160 C:\Windows\System32\cryptnet.dll - ok
19:39:57.0082 4160 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
19:39:57.0082 4160 C:\Windows\System32\odbcint.dll - ok
19:39:57.0082 4160 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
19:39:57.0082 4160 C:\Windows\System32\SensApi.dll - ok
19:39:57.0082 4160 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
19:39:57.0082 4160 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
19:39:57.0082 4160 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
19:39:57.0082 4160 C:\Windows\SysWOW64\msi.dll - ok
19:39:57.0097 4160 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
19:39:57.0097 4160 C:\Windows\System32\perfos.dll - ok
19:39:57.0097 4160 [ B466E673B5E219520A12B40F1289E455 ] C:\Windows\System32\perfproc.dll
19:39:57.0097 4160 C:\Windows\System32\perfproc.dll - ok
19:39:57.0097 4160 [ C3C3399A91B1BC9151EFF2852A026DE6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll
19:39:57.0097 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\a774bd593b8420bae4a8cf1d46af3ba2\mscorlib.ni.dll - ok
19:39:57.0097 4160 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
19:39:57.0097 4160 C:\Windows\SysWOW64\shfolder.dll - ok
19:39:57.0097 4160 [ 53D78D468902A0C0C610FB1247486BB0 ] C:\Program Files (x86)\RosettaStoneLtdServices\DataInstaller.dll
19:39:57.0097 4160 C:\Program Files (x86)\RosettaStoneLtdServices\DataInstaller.dll - ok
19:39:57.0113 4160 [ C3C19376829C964677B7411C46E3B713 ] C:\Program Files (x86)\RosettaStoneLtdServices\DataInstallerDaemonPlugin.dll
19:39:57.0113 4160 C:\Program Files (x86)\RosettaStoneLtdServices\DataInstallerDaemonPlugin.dll - ok
19:39:57.0113 4160 [ C1568E17039B2EC2B73A4F880DDD51E5 ] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
19:39:57.0113 4160 C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe - ok
19:39:57.0113 4160 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
19:39:57.0113 4160 C:\Windows\System32\mpnotify.exe - ok
19:39:57.0113 4160 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
19:39:57.0113 4160 C:\Windows\System32\drivers\secdrv.sys - ok
19:39:57.0129 4160 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
19:39:57.0129 4160 C:\Windows\System32\seclogon.dll - ok
19:39:57.0129 4160 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
19:39:57.0129 4160 C:\Windows\System32\drivers\srvnet.sys - ok
19:39:57.0129 4160 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
19:39:57.0129 4160 C:\Windows\System32\drivers\tcpipreg.sys - ok
19:39:57.0129 4160 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
19:39:57.0129 4160 C:\Windows\System32\tapisrv.dll - ok
19:39:57.0129 4160 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
19:39:57.0129 4160 C:\Windows\System32\wiaservc.dll - ok
19:39:57.0144 4160 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
19:39:57.0144 4160 C:\Windows\System32\trkwks.dll - ok
19:39:57.0144 4160 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
19:39:57.0144 4160 C:\Windows\System32\wbem\WMIsvc.dll - ok
19:39:57.0144 4160 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
19:39:57.0144 4160 C:\Program Files\Windows Defender\MpSvc.dll - ok
19:39:57.0144 4160 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:39:57.0144 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
19:39:57.0160 4160 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
19:39:57.0160 4160 C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:39:57.0160 4160 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
19:39:57.0160 4160 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
19:39:57.0160 4160 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
19:39:57.0160 4160 C:\Windows\System32\wiatrace.dll - ok
19:39:57.0160 4160 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
19:39:57.0160 4160 C:\Windows\System32\wbem\fastprox.dll - ok
19:39:57.0160 4160 [ 437B6219DE76271F251888C6170F3166 ] C:\Windows\System32\LMIRfsClientNP.dll
19:39:57.0160 4160 C:\Windows\System32\LMIRfsClientNP.dll - ok
19:39:57.0175 4160 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
19:39:57.0175 4160 C:\Program Files\Windows Defender\MpClient.dll - ok
19:39:57.0175 4160 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
19:39:57.0175 4160 C:\Windows\System32\wbem\wbemcore.dll - ok
19:39:57.0175 4160 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
19:39:57.0175 4160 C:\Windows\System32\ntdsapi.dll - ok
19:39:57.0175 4160 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
19:39:57.0175 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
19:39:57.0175 4160 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
19:39:57.0175 4160 C:\Windows\System32\wbem\esscli.dll - ok
19:39:57.0191 4160 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
19:39:57.0191 4160 C:\Windows\System32\wbem\wbemsvc.dll - ok
19:39:57.0191 4160 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
19:39:57.0191 4160 C:\Windows\System32\wer.dll - ok
19:39:57.0191 4160 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
19:39:57.0191 4160 C:\Windows\System32\wbem\wmiutils.dll - ok
19:39:57.0191 4160 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
19:39:57.0191 4160 C:\Windows\System32\wbem\repdrvfs.dll - ok
19:39:57.0191 4160 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
19:39:57.0191 4160 C:\Windows\System32\iphlpsvc.dll - ok
19:39:57.0207 4160 [ 08F0BE836428436724EE15964AE8A2E1 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
19:39:57.0207 4160 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
19:39:57.0207 4160 [ 022B05CEE68D7826A93AEDB4F1EB369E ] C:\Windows\System32\msxml3.dll
19:39:57.0207 4160 C:\Windows\System32\msxml3.dll - ok
19:39:57.0207 4160 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
19:39:57.0207 4160 C:\Windows\System32\drivers\srv2.sys - ok
19:39:57.0207 4160 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
19:39:57.0207 4160 C:\Windows\System32\sqmapi.dll - ok
19:39:57.0207 4160 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
19:39:57.0207 4160 C:\Windows\System32\wdscore.dll - ok
19:39:57.0222 4160 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
19:39:57.0222 4160 C:\Windows\System32\rasmans.dll - ok
19:39:57.0222 4160 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
19:39:57.0222 4160 C:\Windows\System32\dllhost.exe - ok
19:39:57.0222 4160 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
19:39:57.0222 4160 C:\Windows\System32\rastapi.dll - ok
19:39:57.0222 4160 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
19:39:57.0222 4160 C:\Windows\System32\drivers\srv.sys - ok
19:39:57.0222 4160 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
19:39:57.0222 4160 C:\Windows\System32\tapi32.dll - ok
19:39:57.0238 4160 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
19:39:57.0238 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
19:39:57.0238 4160 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
19:39:57.0238 4160 C:\Windows\System32\hnetcfg.dll - ok
19:39:57.0238 4160 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
19:39:57.0238 4160 C:\Windows\System32\IDStore.dll - ok
19:39:57.0238 4160 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
19:39:57.0238 4160 C:\Windows\System32\srvsvc.dll - ok
19:39:57.0253 4160 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
19:39:57.0253 4160 C:\Windows\System32\unimdm.tsp - ok
19:39:57.0253 4160 [ 8EF0D5C41EC907751B8429162B1239ED ] C:\Windows\System32\browser.dll
19:39:57.0253 4160 C:\Windows\System32\browser.dll - ok
19:39:57.0253 4160 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
19:39:57.0253 4160 C:\Windows\System32\uniplat.dll - ok
19:39:57.0253 4160 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
19:39:57.0253 4160 C:\Windows\System32\netmsg.dll - ok
19:39:57.0253 4160 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
19:39:57.0253 4160 C:\Windows\System32\kmddsp.tsp - ok
19:39:57.0269 4160 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
19:39:57.0269 4160 C:\Windows\System32\sscore.dll - ok
19:39:57.0269 4160 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
19:39:57.0269 4160 C:\Windows\System32\ndptsp.tsp - ok
19:39:57.0269 4160 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
19:39:57.0269 4160 C:\Windows\System32\taskhost.exe - ok
19:39:57.0269 4160 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
19:39:57.0269 4160 C:\Windows\System32\clusapi.dll - ok
19:39:57.0269 4160 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
19:39:57.0269 4160 C:\Windows\System32\hidphone.tsp - ok
19:39:57.0285 4160 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
19:39:57.0285 4160 C:\Windows\System32\resutils.dll - ok
19:39:57.0285 4160 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:39:57.0285 4160 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:39:57.0285 4160 [ 7D69C583DC724A8EB688D6ADCC3D73A6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
19:39:57.0285 4160 C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
19:39:57.0285 4160 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
19:39:57.0285 4160 C:\Windows\System32\ncobjapi.dll - ok
19:39:57.0285 4160 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
19:39:57.0285 4160 C:\Windows\System32\HotStartUserAgent.dll - ok
19:39:57.0300 4160 [ 36E71077E1660F81CFDB80FB7272CC00 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Automation.dll
19:39:57.0300 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Automation.dll - ok
19:39:57.0300 4160 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
19:39:57.0300 4160 C:\Windows\System32\AtBroker.exe - ok
19:39:57.0300 4160 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
19:39:57.0300 4160 C:\Windows\System32\wbem\wbemess.dll - ok
19:39:57.0300 4160 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
19:39:57.0300 4160 C:\Windows\System32\MsCtfMonitor.dll - ok
19:39:57.0316 4160 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
19:39:57.0316 4160 C:\Windows\System32\rasppp.dll - ok
19:39:57.0316 4160 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
19:39:57.0316 4160 C:\Windows\System32\userinit.exe - ok
19:39:57.0316 4160 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
19:39:57.0316 4160 C:\Windows\System32\msutb.dll - ok
19:39:57.0316 4160 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
19:39:57.0316 4160 C:\Windows\System32\dwm.exe - ok
19:39:57.0316 4160 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
19:39:57.0316 4160 C:\Windows\System32\vpnike.dll - ok
19:39:57.0331 4160 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
19:39:57.0331 4160 C:\Windows\System32\dwmredir.dll - ok
19:39:57.0331 4160 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
19:39:57.0331 4160 C:\Windows\System32\dwmcore.dll - ok
19:39:57.0331 4160 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
19:39:57.0331 4160 C:\Windows\System32\PlaySndSrv.dll - ok
19:39:57.0331 4160 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
19:39:57.0331 4160 C:\Windows\System32\taskeng.exe - ok
19:39:57.0331 4160 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
19:39:57.0331 4160 C:\Windows\System32\raschap.dll - ok
19:39:57.0347 4160 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
19:39:57.0347 4160 C:\Windows\explorer.exe - ok
19:39:57.0347 4160 [ 7C4D656B8BF11C3003F36CE021203982 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll
19:39:57.0347 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\9c4788acc8f93c33214865395cee2e1c\System.ni.dll - ok
19:39:57.0347 4160 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
19:39:57.0347 4160 C:\Windows\System32\ipnathlp.dll - ok
19:39:57.0347 4160 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
19:39:57.0347 4160 C:\Windows\System32\TSChannel.dll - ok
19:39:57.0347 4160 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
19:39:57.0347 4160 C:\Windows\System32\dssenh.dll - ok
19:39:57.0363 4160 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
19:39:57.0363 4160 C:\Windows\System32\mprapi.dll - ok
19:39:57.0363 4160 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
19:39:57.0363 4160 C:\Windows\System32\netshell.dll - ok
19:39:57.0363 4160 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
19:39:57.0363 4160 C:\Windows\System32\d3d10_1.dll - ok
19:39:57.0363 4160 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
19:39:57.0363 4160 C:\Windows\System32\d3d10_1core.dll - ok
19:39:57.0363 4160 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
19:39:57.0363 4160 C:\Windows\System32\dxgi.dll - ok
19:39:57.0378 4160 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
19:39:57.0378 4160 C:\Windows\System32\ExplorerFrame.dll - ok
19:39:57.0378 4160 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:57.0378 4160 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
19:39:57.0378 4160 [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
19:39:57.0378 4160 C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
19:39:57.0378 4160 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
19:39:57.0378 4160 C:\Windows\System32\hidserv.dll - ok
19:39:57.0378 4160 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
19:39:57.0378 4160 C:\Windows\System32\qmgr.dll - ok
19:39:57.0394 4160 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
19:39:57.0394 4160 C:\Windows\System32\wdi.dll - ok
19:39:57.0394 4160 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
19:39:57.0394 4160 C:\Windows\System32\wpdbusenum.dll - ok
19:39:57.0394 4160 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
19:39:57.0394 4160 C:\Windows\System32\diagperf.dll - ok
19:39:57.0394 4160 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
19:39:57.0394 4160 C:\Windows\System32\npmproxy.dll - ok
19:39:57.0409 4160 [ B2FD31E20B423335FE3273B4BF95813C ] C:\Windows\SysWOW64\imagehlp.dll
19:39:57.0409 4160 C:\Windows\SysWOW64\imagehlp.dll - ok
19:39:57.0409 4160 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
19:39:57.0409 4160 C:\Windows\System32\EhStorShell.dll - ok
19:39:57.0409 4160 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
19:39:57.0409 4160 C:\Windows\System32\PortableDeviceApi.dll - ok
19:39:57.0409 4160 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
19:39:57.0409 4160 C:\Windows\SysWOW64\cscapi.dll - ok
19:39:57.0409 4160 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
19:39:57.0409 4160 C:\Windows\System32\bitsperf.dll - ok
19:39:57.0425 4160 [ 68D8AC3F047D3E105C1674FD4EF08913 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
19:39:57.0425 4160 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
19:39:57.0425 4160 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
19:39:57.0425 4160 C:\Windows\SysWOW64\dbghelp.dll - ok
19:39:57.0425 4160 [ 9DF12EDBC698B0BC353B3EF84861E430 ] C:\Windows\System32\wuaueng.dll
19:39:57.0425 4160 C:\Windows\System32\wuaueng.dll - ok
19:39:57.0425 4160 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
19:39:57.0425 4160 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
19:39:57.0425 4160 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
19:39:57.0425 4160 C:\Windows\System32\perftrack.dll - ok
19:39:57.0441 4160 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
19:39:57.0441 4160 C:\Windows\System32\Apphlpdm.dll - ok
19:39:57.0441 4160 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
19:39:57.0441 4160 C:\Windows\System32\pnpts.dll - ok
19:39:57.0441 4160 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
19:39:57.0441 4160 C:\Windows\System32\wdiasqmmodule.dll - ok
19:39:57.0441 4160 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
19:39:57.0441 4160 C:\Windows\System32\drivers\WUDFRd.sys - ok
19:39:57.0441 4160 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
19:39:57.0441 4160 C:\Windows\System32\dimsjob.dll - ok
19:39:57.0456 4160 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
19:39:57.0456 4160 C:\Windows\System32\esent.dll - ok
19:39:57.0456 4160 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
19:39:57.0456 4160 C:\Windows\System32\WUDFHost.exe - ok
19:39:57.0456 4160 [ 6EA9A3DDD9024B9156E8836BE281D23E ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Hardware.dll
19:39:57.0456 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Hardware.dll - ok
19:39:57.0456 4160 [ 887F5BE6B03F0B8B5842582804A9CB5B ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Statistics.dll
19:39:57.0456 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Statistics.dll - ok
19:39:57.0456 4160 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
19:39:57.0456 4160 C:\Windows\System32\WUDFx.dll - ok
19:39:57.0472 4160 [ D3E30F36EBE11C59D8A2AB066845A957 ] C:\Program Files (x86)\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll
19:39:57.0472 4160 C:\Program Files (x86)\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll - ok
19:39:57.0472 4160 [ 79F1A306B8F247261DF16444069BAC8C ] C:\Program Files (x86)\Kodak\AiO\Center\jabber-net.dll
19:39:57.0472 4160 C:\Program Files (x86)\Kodak\AiO\Center\jabber-net.dll - ok
19:39:57.0472 4160 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
19:39:57.0472 4160 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
19:39:57.0472 4160 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
19:39:57.0472 4160 C:\Windows\System32\WMVCORE.DLL - ok
19:39:57.0472 4160 [ 91348B1316E54677ADF12FF3E4B33522 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Configuration.dll
19:39:57.0472 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Configuration.dll - ok
19:39:57.0487 4160 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
19:39:57.0487 4160 C:\Windows\System32\mspatcha.dll - ok
19:39:57.0487 4160 [ 05BBBBAA52C9E56338EADC9479FD0701 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Utilities.dll
19:39:57.0487 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Utilities.dll - ok
19:39:57.0487 4160 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
19:39:57.0487 4160 C:\Windows\System32\aelupsvc.dll - ok
19:39:57.0487 4160 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
19:39:57.0487 4160 C:\Windows\System32\IPSECSVC.DLL - ok
19:39:57.0503 4160 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
19:39:57.0503 4160 C:\Windows\System32\pautoenr.dll - ok
19:39:57.0503 4160 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
19:39:57.0503 4160 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
19:39:57.0503 4160 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
19:39:57.0503 4160 C:\Windows\System32\certcli.dll - ok
19:39:57.0503 4160 [ C3470899CC326070BF482429F3EE1DC7 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Diagnostics.dll
19:39:57.0503 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Diagnostics.dll - ok
19:39:57.0503 4160 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
19:39:57.0503 4160 C:\Windows\System32\bitsigd.dll - ok
19:39:57.0519 4160 [ FB50C8BAF2334E032DB4885A5D198151 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Localization.dll
19:39:57.0519 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.Localization.dll - ok
19:39:57.0519 4160 [ A2D6D81390BB6054CA6EE3018BE67E75 ] C:\Windows\System32\wups2.dll
19:39:57.0519 4160 C:\Windows\System32\wups2.dll - ok
19:39:57.0519 4160 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
19:39:57.0519 4160 C:\Windows\System32\FwRemoteSvr.dll - ok
19:39:57.0519 4160 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
19:39:57.0519 4160 C:\Windows\System32\upnp.dll - ok
19:39:57.0519 4160 [ F87B323F07BA4FA5ED6FBC7DABDFAF42 ] C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.DeviceSettings.dll
19:39:57.0519 4160 C:\Program Files (x86)\Kodak\AiO\Center\Inkjet.DeviceSettings.dll - ok
19:39:57.0534 4160 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
19:39:57.0534 4160 C:\Windows\System32\CertEnroll.dll - ok
19:39:57.0534 4160 [ 84A99FDCE9B5C7457E503C7C47DD5F4F ] C:\Program Files (x86)\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll
19:39:57.0534 4160 C:\Program Files (x86)\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll - ok
19:39:57.0534 4160 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
19:39:57.0534 4160 C:\Windows\System32\ssdpsrv.dll - ok
19:39:57.0534 4160 [ 17C40056A552F313DFF0957FD9E3F9E3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\d9ef8eefd81a3b6a4025486a7ada7c8c\Inkjet.Automation.ni.dll
19:39:57.0534 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\d9ef8eefd81a3b6a4025486a7ada7c8c\Inkjet.Automation.ni.dll - ok
19:39:57.0550 4160 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
19:39:57.0550 4160 C:\Windows\System32\wbem\cimwin32.dll - ok
19:39:57.0550 4160 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
19:39:57.0550 4160 C:\Windows\SysWOW64\apphelp.dll - ok
19:39:57.0550 4160 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
19:39:57.0550 4160 C:\Windows\System32\qmgrprxy.dll - ok
19:39:57.0550 4160 [ 547AA7795F54452E5EF210E6B2EF2C97 ] C:\Program Files (x86)\Kodak\AiO\Center\Interop.WIA.dll
19:39:57.0550 4160 C:\Program Files (x86)\Kodak\AiO\Center\Interop.WIA.dll - ok
19:39:57.0550 4160 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
19:39:57.0550 4160 C:\Windows\SysWOW64\qmgrprxy.dll - ok
19:39:57.0565 4160 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
19:39:57.0565 4160 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
19:39:57.0565 4160 [ 7018F74AED9E00FCFFD510E47813BA40 ] C:\Program Files (x86)\Kodak\AiO\Center\ShellLib.dll
19:39:57.0565 4160 C:\Program Files (x86)\Kodak\AiO\Center\ShellLib.dll - ok
19:39:57.0565 4160 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:39:57.0565 4160 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:39:57.0565 4160 [ 0092380E315F1690FE49A4177C8E2D9E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\0d7fbf9222bbb407d3e67831641d1eeb\Inkjet.Utilities.ni.dll
19:39:57.0565 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\0d7fbf9222bbb407d3e67831641d1eeb\Inkjet.Utilities.ni.dll - ok
19:39:57.0581 4160 [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
19:39:57.0581 4160 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
19:39:57.0581 4160 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
19:39:57.0581 4160 C:\Windows\System32\ndiscapCfg.dll - ok
19:39:57.0581 4160 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
19:39:57.0581 4160 C:\Windows\System32\rascfg.dll - ok
19:39:57.0581 4160 [ A77E89C5C3FAA8EE2D5A9A8F94B5CA1F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\686e06e77eb41ce6f9f14c96a2ab3a45\Inkjet.Configuration.ni.dll
19:39:57.0581 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\686e06e77eb41ce6f9f14c96a2ab3a45\Inkjet.Configuration.ni.dll - ok
19:39:57.0581 4160 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
19:39:57.0581 4160 C:\Windows\System32\WMASF.DLL - ok
19:39:57.0597 4160 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
19:39:57.0597 4160 C:\Windows\System32\mprmsg.dll - ok
19:39:57.0597 4160 [ 932948AED68916A8FF313050A85396EC ] C:\Windows\System32\nvwgf2umx.dll
19:39:57.0597 4160 C:\Windows\System32\nvwgf2umx.dll - ok
19:39:57.0597 4160 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
19:39:57.0597 4160 C:\Windows\System32\tcpipcfg.dll - ok
19:39:57.0597 4160 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
19:39:57.0597 4160 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
19:39:57.0597 4160 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
19:39:57.0597 4160 C:\Windows\System32\framedynos.dll - ok
19:39:57.0612 4160 [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
19:39:57.0612 4160 C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
19:39:57.0612 4160 [ 8CA17C0F14B9626B3DD1B38C00CB635B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a588133985ef7510d4cc8cc7924f8ec3\System.Xml.ni.dll
19:39:57.0612 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\a588133985ef7510d4cc8cc7924f8ec3\System.Xml.ni.dll - ok
19:39:57.0612 4160 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
19:39:57.0612 4160 C:\Windows\System32\PortableDeviceTypes.dll - ok
19:39:57.0612 4160 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
19:39:57.0612 4160 C:\Windows\System32\slwga.dll - ok
19:39:57.0628 4160 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
19:39:57.0628 4160 C:\Windows\System32\sppc.dll - ok
19:39:57.0628 4160 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
19:39:57.0628 4160 C:\Windows\System32\wbem\wmipcima.dll - ok
19:39:57.0628 4160 [ E1CF79243D8262F935366ADFA253A0C1 ] C:\Windows\System32\wmi.dll
19:39:57.0628 4160 C:\Windows\System32\wmi.dll - ok
19:39:57.0628 4160 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
19:39:57.0628 4160 C:\Windows\SysWOW64\mstask.dll - ok
19:39:57.0628 4160 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
19:39:57.0628 4160 C:\Windows\System32\wbem\wmiprov.dll - ok
19:39:57.0643 4160 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
19:39:57.0643 4160 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
19:39:57.0643 4160 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
19:39:57.0643 4160 C:\Windows\System32\dbghelp.dll - ok
19:39:57.0643 4160 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
19:39:57.0643 4160 C:\Windows\System32\uDWM.dll - ok
19:39:57.0643 4160 [ AB98462BCEB386540C42C941C36D9B05 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\84edd20544c6033c14331e3e92596a26\Inkjet.Diagnostics.ni.dll
19:39:57.0643 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\84edd20544c6033c14331e3e92596a26\Inkjet.Diagnostics.ni.dll - ok
19:39:57.0643 4160 [ 341E2B4C03B807360A69DDDB35E27F5B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\050700aa3b6c5ad150eb9515901413e5\Inkjet.Localization.ni.dll
19:39:57.0643 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\050700aa3b6c5ad150eb9515901413e5\Inkjet.Localization.ni.dll - ok
19:39:57.0659 4160 [ FD3C2FBFD771318D7F1FD69C4864C670 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\9aa07cb1c5992a667720402719645a63\Inkjet.DeviceSettings.ni.dll
19:39:57.0659 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.DeviceSettin#\9aa07cb1c5992a667720402719645a63\Inkjet.DeviceSettings.ni.dll - ok
19:39:57.0659 4160 [ A2BDAAC765B6E81EB0A090BA67ABC4F9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1702c5e18cdd96c022d87c38561f19c9\System.Configuration.ni.dll
19:39:57.0659 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1702c5e18cdd96c022d87c38561f19c9\System.Configuration.ni.dll - ok
19:39:57.0659 4160 [ 4D534921D65609114D3F66A27C2D54AA ] C:\Program Files (x86)\Kodak\AiO\Center\Logger.dll
19:39:57.0659 4160 C:\Program Files (x86)\Kodak\AiO\Center\Logger.dll - ok
19:39:57.0659 4160 [ CA6BF47991731E82CD0B18CC2BF876C2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9d5b252266a6084a611b2be84fac9e1c\System.Drawing.ni.dll
19:39:57.0659 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9d5b252266a6084a611b2be84fac9e1c\System.Drawing.ni.dll - ok
19:39:57.0675 4160 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
19:39:57.0675 4160 C:\Windows\System32\ntshrui.dll - ok
19:39:57.0675 4160 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
19:39:57.0675 4160 C:\Windows\System32\IconCodecService.dll - ok
19:39:57.0675 4160 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
19:39:57.0675 4160 C:\Windows\System32\appinfo.dll - ok
19:39:57.0675 4160 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
19:39:57.0675 4160 C:\Windows\System32\runonce.exe - ok
19:39:57.0675 4160 [ C5ED164445891DACECA6798AC23C02E2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\edfa0f31cc4950e16011ecb549f553f7\System.Windows.Forms.ni.dll
19:39:57.0675 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\edfa0f31cc4950e16011ecb549f553f7\System.Windows.Forms.ni.dll - ok
19:39:57.0690 4160 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
19:39:57.0690 4160 C:\Windows\System32\nci.dll - ok
19:39:57.0690 4160 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
19:39:57.0690 4160 C:\Windows\SysWOW64\runonce.exe - ok
19:39:57.0690 4160 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
19:39:57.0690 4160 C:\Windows\System32\wlaninst.dll - ok
19:39:57.0690 4160 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
19:39:57.0690 4160 C:\Windows\System32\wwaninst.dll - ok
19:39:57.0690 4160 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
19:39:57.0690 4160 C:\Windows\SysWOW64\uxtheme.dll - ok
19:39:57.0706 4160 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
19:39:57.0706 4160 C:\Windows\SysWOW64\propsys.dll - ok
19:39:57.0706 4160 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
19:39:57.0706 4160 C:\Windows\System32\rasdlg.dll - ok
19:39:57.0706 4160 [ FB8C6A46EAF7585D2CA8583C4C9A8EDF ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
19:39:57.0706 4160 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
19:39:57.0706 4160 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:39:57.0706 4160 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:39:57.0721 4160 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
19:39:57.0721 4160 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
19:39:57.0721 4160 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
19:39:57.0721 4160 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
19:39:57.0721 4160 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
19:39:57.0721 4160 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
19:39:57.0721 4160 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
19:39:57.0721 4160 C:\Windows\SysWOW64\cmd.exe - ok
19:39:57.0721 4160 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
19:39:57.0721 4160 C:\Windows\SysWOW64\EhStorShell.dll - ok
19:39:57.0737 4160 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
19:39:57.0737 4160 C:\Windows\SysWOW64\winbrand.dll - ok
19:39:57.0737 4160 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll
19:39:57.0737 4160 C:\PROGRA~2\MICROS~1\Office14\1033\GrooveIntlResource.dll - ok
19:39:57.0737 4160 [ 490FC0D07F7C0468E232AB8E8E956719 ] C:\Windows\SysWOW64\ieframe.dll
19:39:57.0737 4160 C:\Windows\SysWOW64\ieframe.dll - ok
19:39:57.0737 4160 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
19:39:57.0737 4160 C:\Windows\SysWOW64\ntshrui.dll - ok
19:39:57.0737 4160 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
19:39:57.0737 4160 C:\Windows\SysWOW64\slc.dll - ok
19:39:57.0753 4160 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
19:39:57.0753 4160 C:\Windows\SysWOW64\imageres.dll - ok
19:39:57.0753 4160 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
19:39:57.0753 4160 C:\Windows\SysWOW64\oleacc.dll - ok
19:39:57.0753 4160 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
19:39:57.0753 4160 C:\Windows\SysWOW64\shdocvw.dll - ok
19:39:57.0753 4160 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Joshua\AppData\Local\Temp\0EF73069-EB7C-4068-9EFC-001BFCA23148.exe
19:39:57.0753 4160 C:\Users\Joshua\AppData\Local\Temp\0EF73069-EB7C-4068-9EFC-001BFCA23148.exe - ok
19:39:57.0753 4160 [ C20FF1A17726C357461A7AC5B3BFC3AD ] C:\Windows\SysWOW64\ncrypt.dll
19:39:57.0753 4160 C:\Windows\SysWOW64\ncrypt.dll - ok
19:39:57.0768 4160 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
19:39:57.0768 4160 C:\Windows\SysWOW64\bcrypt.dll - ok
19:39:57.0768 4160 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
19:39:57.0768 4160 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
19:39:57.0768 4160 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
19:39:57.0768 4160 C:\Windows\SysWOW64\gpapi.dll - ok
19:39:57.0768 4160 [ 04D16553664796613FE98D441A0C35D7 ] C:\Windows\SysWOW64\cryptnet.dll
19:39:57.0768 4160 C:\Windows\SysWOW64\cryptnet.dll - ok
19:39:57.0768 4160 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
19:39:57.0768 4160 C:\Windows\SysWOW64\SensApi.dll - ok
19:39:57.0784 4160 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
19:39:57.0784 4160 C:\Windows\SysWOW64\cabinet.dll - ok
19:39:57.0784 4160 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
19:39:57.0784 4160 C:\Windows\SysWOW64\winhttp.dll - ok
19:39:57.0784 4160 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
19:39:57.0784 4160 C:\Windows\SysWOW64\webio.dll - ok
19:39:57.0784 4160 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
19:39:57.0784 4160 C:\Windows\SysWOW64\credssp.dll - ok
19:39:57.0784 4160 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
19:39:57.0784 4160 C:\Windows\SysWOW64\dwmapi.dll - ok
19:39:57.0799 4160 [ 1ADCA2B26975898A4F2466D6CF9A5F80 ] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
19:39:57.0799 4160 C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe - ok
19:39:57.0799 4160 [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
19:39:57.0799 4160 C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
19:39:57.0799 4160 [ E97295DE2A9FDE547FEAB4FE41DF16CA ] C:\Windows\SysWOW64\mspaint.exe
19:39:57.0799 4160 C:\Windows\SysWOW64\mspaint.exe - ok
19:39:57.0799 4160 [ E22BA18A6129F62A36217F342F0054CA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e558d70a5dbc430b5a2904eec156749d\System.Runtime.Remoting.ni.dll
19:39:57.0799 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\e558d70a5dbc430b5a2904eec156749d\System.Runtime.Remoting.ni.dll - ok
19:39:57.0815 4160 [ 6E5C2E2EC1B118DE1B2FF010D1F36D42 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\d4820af8dec822ee0dbb49718a8e445b\Inkjet.Statistics.ni.dll
19:39:57.0815 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\d4820af8dec822ee0dbb49718a8e445b\Inkjet.Statistics.ni.dll - ok
19:39:57.0815 4160 [ 7CD6A18F87972500FFECF049ACC716DB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\0c74eab012d4361198273aac8a4a9e79\Inkjet.Hardware.ni.dll
19:39:57.0815 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\0c74eab012d4361198273aac8a4a9e79\Inkjet.Hardware.ni.dll - ok
19:39:57.0815 4160 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
19:39:57.0815 4160 C:\Windows\System32\FXSRESM.dll - ok
19:39:57.0815 4160 [ BD98FD725F28ADC4A7B5C42BB119862F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\010fbf16f39b67efb0d65d424f939b26\Interop.EKAiO2SDKLib.ni.dll
19:39:57.0815 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.EKAiO2SDKLib\010fbf16f39b67efb0d65d424f939b26\Interop.EKAiO2SDKLib.ni.dll - ok
19:39:57.0815 4160 [ 49BACF955ED0DD7E3C6B957F568A5D3E ] C:\Program Files (x86)\Kodak\AiO\Center\EKIJ5000SDK.dll
19:39:57.0815 4160 C:\Program Files (x86)\Kodak\AiO\Center\EKIJ5000SDK.dll - ok
19:39:57.0831 4160 [ E9D5841A123E205ABEC33AB1EE0FA20E ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
19:39:57.0831 4160 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
19:39:57.0831 4160 [ 65D2E7FA68A3E0A3F4D586C395E5DB5A ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
19:39:57.0831 4160 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
19:39:57.0831 4160 [ 3160221A64ED29F38C1CFB240D3AB2C9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
19:39:57.0831 4160 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
19:39:57.0831 4160 [ 432856C960B03189EC354FDDE3C6B529 ] C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
19:39:57.0831 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe - ok
19:39:57.0846 4160 [ DF484C342D099963515F887191ECA885 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Windows.dll
19:39:57.0846 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Windows.dll - ok
19:39:57.0846 4160 [ B55DDC9D110158582E9E5AA7DDA27C06 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
19:39:57.0846 4160 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
19:39:57.0846 4160 [ 85F98863C8501532E8F87DF620C73626 ] C:\Program Files (x86)\Kodak\AiO\Firmware\CommonControls.dll
19:39:57.0846 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\CommonControls.dll - ok
19:39:57.0846 4160 [ C3470899CC326070BF482429F3EE1DC7 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Diagnostics.dll
19:39:57.0846 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Diagnostics.dll - ok
19:39:57.0862 4160 [ FBC5059D3020BBCC6FB9DE9930356897 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
19:39:57.0862 4160 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
19:39:57.0862 4160 [ 887F5BE6B03F0B8B5842582804A9CB5B ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Statistics.dll
19:39:57.0862 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Statistics.dll - ok
19:39:57.0862 4160 [ 6EA9A3DDD9024B9156E8836BE281D23E ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Hardware.dll
19:39:57.0862 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Hardware.dll - ok
19:39:57.0862 4160 [ 84A99FDCE9B5C7457E503C7C47DD5F4F ] C:\Program Files (x86)\Kodak\AiO\Firmware\Interop.EKAiO2SDKLib.dll
19:39:57.0862 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Interop.EKAiO2SDKLib.dll - ok
19:39:57.0862 4160 [ 05BBBBAA52C9E56338EADC9479FD0701 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Utilities.dll
19:39:57.0862 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Utilities.dll - ok
19:39:57.0877 4160 [ 9584944A16ECE25B7F232303130FD5B7 ] C:\Program Files (x86)\Kodak\AiO\Firmware\InkjetCore.dll
19:39:57.0877 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\InkjetCore.dll - ok
19:39:57.0877 4160 [ 91348B1316E54677ADF12FF3E4B33522 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Configuration.dll
19:39:57.0877 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Configuration.dll - ok
19:39:57.0877 4160 [ FB50C8BAF2334E032DB4885A5D198151 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Localization.dll
19:39:57.0877 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Localization.dll - ok
19:39:57.0877 4160 [ 36E71077E1660F81CFDB80FB7272CC00 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Automation.dll
19:39:57.0877 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Automation.dll - ok
19:39:57.0893 4160 [ FEEFB2D6F26062F12EFE351808BA41AB ] C:\Windows\assembly\NativeImages_v4.0.30319_32\KodakAiOUpdater\4857b9ced7cf19d56c93893df434b8b8\KodakAiOUpdater.ni.exe
19:39:57.0893 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\KodakAiOUpdater\4857b9ced7cf19d56c93893df434b8b8\KodakAiOUpdater.ni.exe - ok
19:39:57.0893 4160 [ 14BA149E2013416B7A8B986C74031A2A ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Printing.dll
19:39:57.0893 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.Printing.dll - ok
19:39:57.0893 4160 [ F87B323F07BA4FA5ED6FBC7DABDFAF42 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.DeviceSettings.dll
19:39:57.0893 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Inkjet.DeviceSettings.dll - ok
19:39:57.0893 4160 [ 10F323DC561B53FAAC3BA0B36E8CBBED ] C:\Windows\assembly\NativeImages_v4.0.30319_32\CommonControls\556d9e24f300cd2adb7f308fc5fdcc28\CommonControls.ni.dll
19:39:57.0893 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\CommonControls\556d9e24f300cd2adb7f308fc5fdcc28\CommonControls.ni.dll - ok
19:39:57.0909 4160 [ 547AA7795F54452E5EF210E6B2EF2C97 ] C:\Program Files (x86)\Kodak\AiO\Firmware\Interop.WIA.dll
19:39:57.0909 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\Interop.WIA.dll - ok
19:39:57.0909 4160 [ F701EB21F6309F393BFA292EACB41709 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\InkjetCore\d88afe24a92135d8426b10c77e9e3c3e\InkjetCore.ni.dll
19:39:57.0909 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\InkjetCore\d88afe24a92135d8426b10c77e9e3c3e\InkjetCore.ni.dll - ok
19:39:57.0909 4160 [ 2CD13B258A1A9E86F6D620E23CDDE9BE ] C:\Program Files (x86)\Kodak\AiO\Firmware\LegacyPackage.dll
19:39:57.0909 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\LegacyPackage.dll - ok
19:39:57.0909 4160 [ 0EBD441D79FC1AA714C7C5EE794EF15D ] C:\Program Files (x86)\Kodak\AiO\Firmware\PackageBase.dll
19:39:57.0909 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\PackageBase.dll - ok
19:39:57.0909 4160 [ 4BC0C431DF5306F7EF408CAD6E445DB3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Windows\da0c4576c1f9a4709553dbac6ffe24db\Inkjet.Windows.ni.dll
19:39:57.0909 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Windows\da0c4576c1f9a4709553dbac6ffe24db\Inkjet.Windows.ni.dll - ok
19:39:57.0924 4160 [ 20E85E52F1C67DD2504C8CDA8952EEDC ] C:\Program Files (x86)\Kodak\AiO\Firmware\TSHPackage.dll
19:39:57.0924 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\TSHPackage.dll - ok
19:39:57.0924 4160 [ EA8332A740B8737C4C473C889C86DCB2 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
19:39:57.0924 4160 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
19:39:57.0924 4160 [ 0029EBA325F2FC9B6BA46BEE33F32A09 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll
19:39:57.0924 4160 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\GdiPlus.dll - ok
19:39:57.0924 4160 [ 33ED303AF30D3E9498BD6F85F2CB3564 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
19:39:57.0924 4160 C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
19:39:57.0940 4160 [ B86F4EA1773F06493DA80A10C8F8DC71 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\f1aae64530757646aee67d2116827b43\Inkjet.Utilities.ni.dll
19:39:57.0940 4160 C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\f1aae64530757646aee67d2116827b43\Inkjet.Utilities.ni.dll - ok
19:39:57.0940 4160 [ 49BACF955ED0DD7E3C6B957F568A5D3E ] C:\Program Files (x86)\Kodak\AiO\Firmware\EKIJ5000SDK.dll
19:39:57.0940 4160 C:\Program Files (x86)\Kodak\AiO\Firmware\EKIJ5000SDK.dll - ok
19:39:57.0940 4160 [ 74E6E1E62E35661679A6CAFF392B96E9 ] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
19:39:57.0940 4160 C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe - ok
19:39:57.0940 4160 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
19:39:57.0940 4160 C:\Windows\System32\oledlg.dll - ok
19:39:57.0940 4160 [ 8B5F423B85A7DDED6774FF378370A442 ] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.dll
19:39:57.0940 4160 C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.dll - ok
19:39:57.0955 4160 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
19:39:57.0955 4160 C:\Program Files\Windows Defender\MpRTP.dll - ok
19:39:57.0955 4160 [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
19:39:57.0955 4160 C:\Windows\System32\msi.dll - ok
19:39:57.0955 4160 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
19:39:57.0955 4160 C:\Windows\System32\tdh.dll - ok
19:39:57.0955 4160 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
19:39:57.0955 4160 C:\Windows\servicing\TrustedInstaller.exe - ok
19:39:57.0971 4160 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
19:39:57.0971 4160 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
19:39:57.0971 4160 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
19:39:57.0971 4160 C:\Windows\System32\dpx.dll - ok
19:39:57.0971 4160 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
19:39:57.0971 4160 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
19:39:57.0971 4160 [ 29182220B4B0B9C5D2FD6C96E7E759A5 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpengine.dll
19:39:57.0971 4160 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpengine.dll - ok
19:39:57.0971 4160 [ A181FAA2F6C33FE5AF5A91BD8A0507D3 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpasbase.vdm
19:39:57.0971 4160 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpasbase.vdm - ok
19:39:57.0987 4160 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
19:39:57.0987 4160 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
19:39:57.0987 4160 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
19:39:57.0987 4160 C:\Windows\System32\srclient.dll - ok
19:39:57.0987 4160 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
19:39:57.0987 4160 C:\Windows\System32\spp.dll - ok
19:39:57.0987 4160 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
19:39:57.0987 4160 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
19:39:57.0987 4160 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
19:39:57.0987 4160 C:\Windows\System32\sxsstore.dll - ok
19:39:58.0002 4160 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
19:39:58.0002 4160 C:\Windows\servicing\CbsApi.dll - ok
19:39:58.0002 4160 [ 4CCBA1E557BA600A617958FF2D75FD86 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpasdlta.vdm
19:39:58.0002 4160 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpasdlta.vdm - ok
19:39:58.0002 4160 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
19:39:58.0002 4160 C:\Program Files\Windows Defender\MsMpLics.dll - ok
19:39:58.0002 4160 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
19:39:58.0002 4160 C:\Windows\System32\wscapi.dll - ok
19:39:58.0002 4160 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
19:39:58.0002 4160 C:\Windows\System32\wscisvif.dll - ok
19:39:58.0018 4160 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
19:39:58.0018 4160 C:\Windows\System32\wscproxystub.dll - ok
19:39:58.0018 4160 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
19:39:58.0018 4160 C:\Windows\System32\rundll32.exe - ok
19:39:58.0018 4160 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
19:39:58.0018 4160 C:\Windows\System32\actxprxy.dll - ok
19:39:58.0018 4160 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
19:39:58.0018 4160 C:\Windows\System32\spfileq.dll - ok
19:39:58.0033 4160 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
19:39:58.0033 4160 C:\Windows\System32\advpack.dll - ok
19:39:58.0033 4160 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
19:39:58.0033 4160 C:\Windows\System32\wbem\NCProv.dll - ok
19:39:58.0033 4160 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
19:39:58.0033 4160 C:\Windows\SysWOW64\sfc.dll - ok
19:39:58.0033 4160 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
19:39:58.0033 4160 C:\Windows\SysWOW64\sfc_os.dll - ok
19:39:58.0033 4160 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
19:39:58.0033 4160 C:\Windows\System32\ie4uinit.exe - ok
19:39:58.0049 4160 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
19:39:58.0049 4160 C:\Windows\System32\iedkcs32.dll - ok
19:39:58.0049 4160 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
19:39:58.0049 4160 C:\Windows\System32\timedate.cpl - ok
19:39:58.0049 4160 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
19:39:58.0049 4160 C:\Windows\System32\shdocvw.dll - ok
19:39:58.0049 4160 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
19:39:58.0049 4160 C:\Windows\System32\msiltcfg.dll - ok
19:39:58.0049 4160 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
19:39:58.0049 4160 C:\Windows\System32\linkinfo.dll - ok
19:39:58.0065 4160 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
19:39:58.0065 4160 C:\Windows\System32\msftedit.dll - ok
19:39:58.0065 4160 [ 98B6F9204610EC0B7D2ADFF3E6F058A8 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
19:39:58.0065 4160 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
19:39:58.0065 4160 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
19:39:58.0065 4160 C:\Windows\System32\msls31.dll - ok
19:39:58.0065 4160 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
19:39:58.0065 4160 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
19:39:58.0065 4160 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
19:39:58.0065 4160 C:\Windows\System32\DeviceCenter.dll - ok
19:39:58.0080 4160 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\31433099.sys
19:39:58.0080 4160 C:\Windows\System32\drivers\31433099.sys - ok
19:39:58.0080 4160 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
19:39:58.0080 4160 C:\Windows\System32\gameux.dll - ok
19:39:58.0080 4160 [ 554A50B5310E702029D3A675459108FF ] C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
19:39:58.0080 4160 C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe - ok
19:39:58.0080 4160 [ 74260F0ABFA90A22A964B6BDE690AAA2 ] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
19:39:58.0080 4160 C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe - ok
19:39:58.0096 4160 [ 223A96BAC91792E1A954BFEB49FBE02C ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
19:39:58.0096 4160 C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe - ok
19:39:58.0096 4160 [ 360531CE4F679C7C66A355EDBA519B53 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.dll
19:39:58.0096 4160 C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.dll - ok
19:39:58.0096 4160 [ 5516C26A6AF8EB4E2CAB48EC98A74398 ] C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
19:39:58.0096 4160 C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe - ok
19:39:58.0096 4160 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
19:39:58.0096 4160 C:\Windows\SysWOW64\riched20.dll - ok
19:39:58.0096 4160 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
19:39:58.0096 4160 C:\Windows\System32\networkexplorer.dll - ok
19:39:58.0111 4160 [ 954703C65A83E2E66EE31678A30A57C3 ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
19:39:58.0111 4160 C:\Program Files (x86)\PDF Complete\pdfsty.exe - ok
19:39:58.0111 4160 [ 901AA7A38CE13F14B6BBEC38C0595698 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
19:39:58.0111 4160 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
19:39:58.0111 4160 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
19:39:58.0111 4160 C:\Windows\System32\d2d1.dll - ok
19:39:58.0111 4160 [ 0133E5265FDD7063F87856C9BD5156C9 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
19:39:58.0111 4160 C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe - ok
19:39:58.0111 4160 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
19:39:58.0111 4160 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
19:39:58.0127 4160 [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:39:58.0127 4160 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
19:39:58.0127 4160 [ 1CF29128903B2B75B340EFC5906A2DF0 ] C:\Program Files (x86)\LogMeIn\x64\rntfywnd.dll
19:39:58.0127 4160 C:\Program Files (x86)\LogMeIn\x64\rntfywnd.dll - ok
19:39:58.0127 4160 [ 5C59E612AA95F10DBD29F6249EA379D3 ] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
19:39:58.0127 4160 C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe - ok
19:39:58.0127 4160 [ 07CD0ADD0D595E29937AE667E23DB397 ] C:\Windows\System32\DWrite.dll
19:39:58.0127 4160 C:\Windows\System32\DWrite.dll - ok
19:39:58.0143 4160 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
19:39:58.0143 4160 C:\Windows\System32\drprov.dll - ok
19:39:58.0143 4160 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
19:39:58.0143 4160 C:\Windows\System32\ntlanman.dll - ok
19:39:58.0143 4160 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
19:39:58.0143 4160 C:\Windows\System32\thumbcache.dll - ok
19:39:58.0143 4160 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
19:39:58.0143 4160 C:\Windows\SysWOW64\duser.dll - ok
19:39:58.0143 4160 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
19:39:58.0143 4160 C:\Windows\System32\davclnt.dll - ok
19:39:58.0158 4160 [ B96F045D571747F8700CB43E8C458FF0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
19:39:58.0158 4160 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
19:39:58.0158 4160 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
19:39:58.0158 4160 C:\Windows\System32\shfolder.dll - ok
19:39:58.0158 4160 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
19:39:58.0158 4160 C:\Windows\System32\davhlpr.dll - ok
19:39:58.0158 4160 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
19:39:58.0158 4160 C:\Windows\SysWOW64\dui70.dll - ok
19:39:58.0158 4160 [ 3181F76ED237CC3D50D10CEA05AF8B60 ] C:\Windows\System32\riched32.dll
19:39:58.0158 4160 C:\Windows\System32\riched32.dll - ok
19:39:58.0174 4160 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
19:39:58.0174 4160 C:\Windows\System32\riched20.dll - ok
19:39:58.0174 4160 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
19:39:58.0174 4160 C:\Windows\System32\stobject.dll - ok
19:39:58.0174 4160 [ 81ADBC4E31A721AEF23251A952049BA2 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
19:39:58.0174 4160 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
19:39:58.0174 4160 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
19:39:58.0174 4160 C:\Windows\System32\batmeter.dll - ok
19:39:58.0174 4160 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
19:39:58.0174 4160 C:\Windows\SysWOW64\msimg32.dll - ok
19:39:58.0189 4160 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
19:39:58.0189 4160 C:\Windows\SysWOW64\oledlg.dll - ok
19:39:58.0189 4160 [ 363C29784A259D60B44596CD5B0091D7 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
19:39:58.0189 4160 C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe - ok
19:39:58.0189 4160 [ E7E435A8E358B1FCF1788B76A8227C98 ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.dll
19:39:58.0189 4160 C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.dll - ok
19:39:58.0189 4160 [ F773D2886EDF879860F220EB59C4552B ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
19:39:58.0189 4160 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
19:39:58.0205 4160 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
19:39:58.0205 4160 C:\Windows\System32\UIAnimation.dll - ok
19:39:58.0205 4160 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
19:39:58.0205 4160 C:\Windows\System32\FntCache.dll - ok
19:39:58.0205 4160 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
19:39:58.0205 4160 C:\Windows\System32\fdProxy.dll - ok
19:39:58.0205 4160 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
19:39:58.0205 4160 C:\Windows\System32\prnfldr.dll - ok
19:39:58.0205 4160 [ 5298ED7C7C56A683EDCC2A8AA1A4C475 ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtCore4.dll
19:39:58.0205 4160 C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtCore4.dll - ok
19:39:58.0221 4160 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
19:39:58.0221 4160 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
19:39:58.0221 4160 [ 853A17F7CED7ADE5A177520D5EAEC895 ] C:\Windows\System32\RtkAPO64.dll
19:39:58.0221 4160 C:\Windows\System32\RtkAPO64.dll - ok
19:39:58.0221 4160 [ 6C64B7C3D109169BF6007B90D41DAA2E ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
19:39:58.0221 4160 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
19:39:58.0221 4160 [ 38FBB26EC0E2136046E8C355400704A8 ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
19:39:58.0221 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe - ok
19:39:58.0236 4160 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:39:58.0236 4160 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
19:39:58.0236 4160 [ 735623AAED32285D47FE6716D92ABC40 ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll
19:39:58.0236 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtCore4.dll - ok
19:39:58.0236 4160 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
19:39:58.0236 4160 C:\Windows\SysWOW64\rasapi32.dll - ok
19:39:58.0236 4160 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
19:39:58.0236 4160 C:\Windows\System32\d3d10warp.dll - ok
19:39:58.0236 4160 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
19:39:58.0236 4160 C:\Windows\System32\DXP.dll - ok
19:39:58.0252 4160 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
19:39:58.0252 4160 C:\Windows\SysWOW64\rasman.dll - ok
19:39:58.0252 4160 [ 778D6ADBA6D49578EA45F600DAF4687B ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtGui4.dll
19:39:58.0252 4160 C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtGui4.dll - ok
19:39:58.0252 4160 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
19:39:58.0252 4160 C:\Windows\SysWOW64\rtutils.dll - ok
19:39:58.0252 4160 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
19:39:58.0252 4160 C:\Windows\SysWOW64\netprofm.dll - ok
19:39:58.0252 4160 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
19:39:58.0252 4160 C:\Windows\System32\ActionCenter.dll - ok
19:39:58.0267 4160 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
19:39:58.0267 4160 C:\Windows\SysWOW64\npmproxy.dll - ok
19:39:58.0267 4160 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
19:39:58.0267 4160 C:\Windows\System32\SearchIndexer.exe - ok
19:39:58.0267 4160 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
19:39:58.0267 4160 C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:39:58.0267 4160 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
19:39:58.0267 4160 C:\Windows\System32\AltTab.dll - ok
19:39:58.0267 4160 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\SysWOW64\msvcp100.dll
19:39:58.0267 4160 C:\Windows\SysWOW64\msvcp100.dll - ok
19:39:58.0283 4160 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
19:39:58.0283 4160 C:\Windows\System32\FXSST.dll - ok
19:39:58.0283 4160 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
19:39:58.0283 4160 C:\Windows\System32\tquery.dll - ok
19:39:58.0283 4160 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\SysWOW64\msvcr100.dll
19:39:58.0283 4160 C:\Windows\SysWOW64\msvcr100.dll - ok
19:39:58.0283 4160 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
19:39:58.0283 4160 C:\Windows\System32\FXSAPI.dll - ok
19:39:58.0283 4160 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
19:39:58.0283 4160 C:\Windows\System32\mfplat.dll - ok
19:39:58.0299 4160 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
19:39:58.0299 4160 C:\Windows\System32\Syncreg.dll - ok
19:39:58.0299 4160 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
19:39:58.0299 4160 C:\Windows\System32\pnidui.dll - ok
19:39:58.0299 4160 [ 964B05EE97D3E71F585F97FD93C2CD6B ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll
19:39:58.0299 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\QtGui4.dll - ok
19:39:58.0299 4160 [ 9D18C01DB929E266BEF674BAF05327F7 ] C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtNetwork4.dll
19:39:58.0299 4160 C:\Program Files (x86)\Common Files\DivX Shared\Qt4.5\QtNetwork4.dll - ok
19:39:58.0299 4160 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
19:39:58.0299 4160 C:\Windows\System32\mssrch.dll - ok
19:39:58.0314 4160 [ 932AB689DEC89CDC52706E49FEB96443 ] C:\Program Files (x86)\DivX\DivX Media Server\mc_net_tools.dll
19:39:58.0314 4160 C:\Program Files (x86)\DivX\DivX Media Server\mc_net_tools.dll - ok
19:39:58.0314 4160 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
19:39:58.0314 4160 C:\Windows\System32\QUTIL.DLL - ok
19:39:58.0314 4160 [ B695D2F73404ACFA872E92199389842E ] C:\Program Files (x86)\DivX\DivX Media Server\mc_upnp_dlna_stack.dll
19:39:58.0314 4160 C:\Program Files (x86)\DivX\DivX Media Server\mc_upnp_dlna_stack.dll - ok
19:39:58.0314 4160 [ 2928BBB81F5D3F80C3D65B0701C230DC ] C:\Program Files\Internet Explorer\ieproxy.dll
19:39:58.0314 4160 C:\Program Files\Internet Explorer\ieproxy.dll - ok
19:39:58.0330 4160 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
19:39:58.0330 4160 C:\Windows\ehome\ehSSO.dll - ok
19:39:58.0330 4160 [ 5046E55184021406C27E8D48A1B2C9D2 ] C:\Windows\System32\l3codeca.acm
19:39:58.0330 4160 C:\Windows\System32\l3codeca.acm - ok
19:39:58.0330 4160 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
19:39:58.0330 4160 C:\Windows\System32\msidle.dll - ok
19:39:58.0330 4160 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
19:39:58.0330 4160 C:\Windows\System32\mssprxy.dll - ok
19:39:58.0330 4160 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
19:39:58.0330 4160 C:\Windows\System32\WPDShServiceObj.dll - ok
19:39:58.0345 4160 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
19:39:58.0345 4160 C:\Windows\System32\bthprops.cpl - ok
19:39:58.0345 4160 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
19:39:58.0345 4160 C:\Windows\System32\AudioEng.dll - ok
19:39:58.0345 4160 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
19:39:58.0345 4160 C:\Windows\SysWOW64\mssprxy.dll - ok
19:39:58.0345 4160 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
19:39:58.0345 4160 C:\Windows\System32\FXSSVC.exe - ok
19:39:58.0345 4160 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
19:39:58.0345 4160 C:\Windows\System32\AUDIOKSE.dll - ok
19:39:58.0361 4160 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
19:39:58.0361 4160 C:\Windows\System32\en-US\tquery.dll.mui - ok
19:39:58.0361 4160 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
19:39:58.0361 4160 C:\Windows\System32\srchadmin.dll - ok
19:39:58.0361 4160 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
19:39:58.0361 4160 C:\Windows\System32\notepad.exe - ok
19:39:58.0361 4160 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
19:39:58.0361 4160 C:\Windows\System32\dot3api.dll - ok
19:39:58.0361 4160 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
19:39:58.0361 4160 C:\Windows\System32\wlanhlp.dll - ok
19:39:58.0377 4160 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
19:39:58.0377 4160 C:\Windows\System32\wlanapi.dll - ok
19:39:58.0377 4160 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
19:39:58.0377 4160 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
19:39:58.0377 4160 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
19:39:58.0377 4160 C:\Windows\System32\WWanAPI.dll - ok
19:39:58.0377 4160 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
19:39:58.0377 4160 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
19:39:58.0377 4160 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
19:39:58.0377 4160 C:\Windows\System32\wwapi.dll - ok
19:39:58.0392 4160 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
19:39:58.0392 4160 C:\Windows\System32\QAGENT.DLL - ok
19:39:58.0392 4160 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
19:39:58.0392 4160 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:39:58.0392 4160 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
19:39:58.0392 4160 C:\Windows\System32\mlang.dll - ok
19:39:58.0392 4160 [ FC5095AD454F2CA2405ED31C9936FCC2 ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\DeviceHooks\LeapsterDeviceHook.dll
19:39:58.0392 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\DeviceHooks\LeapsterDeviceHook.dll - ok
19:39:58.0408 4160 [ 196520955B8B9FCE9B8AC486AAF693F2 ] C:\Program Files (x86)\LeapFrog\LeapFrog Connect\DeviceHooks\LeapsterExplorerDeviceHook.dll
19:39:58.0408 4160 C:\Program Files (x86)\LeapFrog\LeapFrog Connect\DeviceHooks\LeapsterExplorerDeviceHook.dll - ok
19:39:58.0408 4160 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
19:39:58.0408 4160 C:\Windows\System32\wmdrmdev.dll - ok
19:39:58.0408 4160 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
19:39:58.0408 4160 C:\Windows\System32\drmv2clt.dll - ok
19:39:58.0408 4160 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
19:39:58.0408 4160 C:\Windows\System32\blackbox.dll - ok
19:39:58.0408 4160 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
19:39:58.0408 4160 C:\Windows\System32\wmp.dll - ok
19:39:58.0423 4160 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
19:39:58.0423 4160 C:\Windows\System32\webcheck.dll - ok
19:39:58.0423 4160 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
19:39:58.0423 4160 C:\Windows\System32\SyncCenter.dll - ok
19:39:58.0423 4160 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
19:39:58.0423 4160 C:\Windows\System32\imapi2.dll - ok
19:39:58.0423 4160 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
19:39:58.0423 4160 C:\Windows\System32\wmploc.DLL - ok
19:39:58.0423 4160 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
19:39:58.0423 4160 C:\Windows\System32\hgcpl.dll - ok
19:39:58.0439 4160 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
19:39:58.0439 4160 C:\Windows\System32\fdPHost.dll - ok
19:39:58.0439 4160 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
19:39:58.0439 4160 C:\Windows\System32\fdWSD.dll - ok
19:39:58.0439 4160 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
19:39:58.0439 4160 C:\Windows\System32\fdSSDP.dll - ok
19:39:58.0439 4160 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
19:39:58.0439 4160 C:\Windows\System32\ListSvc.dll - ok
19:39:58.0439 4160 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
19:39:58.0439 4160 C:\Windows\System32\P2P.dll - ok
19:39:58.0455 4160 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
19:39:58.0455 4160 C:\Windows\System32\p2pcollab.dll - ok
19:39:58.0455 4160 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
19:39:58.0455 4160 C:\Windows\System32\pnrpsvc.dll - ok
19:39:58.0455 4160 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
19:39:58.0455 4160 C:\Windows\System32\IdListen.dll - ok
19:39:58.0455 4160 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
19:39:58.0455 4160 C:\Windows\System32\hgprint.dll - ok
19:39:58.0455 4160 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
19:39:58.0455 4160 C:\Windows\System32\CertPolEng.dll - ok
19:39:58.0470 4160 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
19:39:58.0470 4160 C:\Windows\System32\QAGENTRT.DLL - ok
19:39:58.0470 4160 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
19:39:58.0470 4160 C:\Windows\System32\SearchFolder.dll - ok
19:39:58.0470 4160 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
19:39:58.0470 4160 C:\Windows\System32\wmpps.dll - ok
19:39:58.0470 4160 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
19:39:58.0470 4160 C:\Windows\System32\fveui.dll - ok
19:39:58.0470 4160 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
19:39:58.0470 4160 C:\Windows\System32\p2psvc.dll - ok
19:39:58.0486 4160 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
19:39:58.0486 4160 C:\Windows\System32\wmpmde.dll - ok
19:39:58.0486 4160 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
19:39:58.0486 4160 C:\Windows\System32\P2PGraph.dll - ok
19:39:58.0486 4160 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
19:39:58.0486 4160 C:\Windows\System32\WinSATAPI.dll - ok
19:39:58.0486 4160 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
19:39:58.0486 4160 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
19:39:58.0486 4160 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
19:39:58.0486 4160 C:\Windows\System32\MSMPEG2ENC.DLL - ok
19:39:58.0501 4160 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
19:39:58.0501 4160 C:\Windows\System32\upnphost.dll - ok
19:39:58.0501 4160 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
19:39:58.0501 4160 C:\Windows\System32\udhisapi.dll - ok
19:39:58.0501 4160 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
19:39:58.0501 4160 C:\Windows\System32\drt.dll - ok
19:39:58.0501 4160 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
19:39:58.0501 4160 C:\Windows\System32\drttransport.dll - ok
19:39:58.0501 4160 [ 3206A288014B1207F4E86336385CB41D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
19:39:58.0501 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
19:39:58.0517 4160 [ 81953836F678A7353A797E3F7DE69B55 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
19:39:58.0517 4160 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
19:39:58.0517 4160 ============================================================
19:39:58.0517 4160 Scan finished
19:39:58.0517 4160 ============================================================
19:39:58.0517 5116 Detected object count: 2
19:39:58.0517 5116 Actual detected object count: 2
19:40:49.0763 5116 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:40:49.0763 5116 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:40:49.0763 5116 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
19:40:49.0763 5116 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
  • 0

#12
gringo_pr
Posted 27 April 2013 - 07:51 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo
  • 0

#13
Morris6996
Posted 27 April 2013 - 08:45 PM

Morris6996

    Member

  • Topic Starter
  • Member
  • PipPip
  • 67 posts
ComboFix 13-04-27.04 - Joshua 04/27/2013 21:33:39.4.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.6149 [GMT -5:00]
Running from: c:\users\Joshua\Desktop\ComboFix.exe
Command switches used :: c:\users\Joshua\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-03-28 to 2013-04-28 )))))))))))))))))))))))))))))))
.
.
2013-04-28 02:40 . 2013-04-28 02:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-04-28 02:40 . 2013-04-28 02:40 -------- d-----w- c:\users\Public\AppData\Local\temp
2013-04-28 02:40 . 2013-04-28 02:40 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-25 09:33 . 2013-04-25 09:33 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\offreg.dll
2013-04-25 09:33 . 2013-04-10 03:46 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ADCEF5C0-7A77-4E40-AB40-83E2C2B3FBA7}\mpengine.dll
2013-04-25 00:41 . 2013-04-25 00:41 -------- d-----w- c:\users\Joshua\AppData\Local\CRE
2013-04-25 00:41 . 2013-04-25 00:41 -------- d-----w- c:\program files (x86)\SearchDonkey
2013-04-25 00:41 . 2013-04-26 01:58 -------- d-----w- c:\users\Joshua\AppData\Local\DownloadTerms
2013-04-24 03:28 . 2013-04-24 03:28 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-04-24 03:27 . 2013-04-04 10:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-25 00:10 . 2012-04-01 04:31 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-25 00:10 . 2011-12-14 05:56 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-04 19:50 . 2013-03-06 04:01 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-03-12 06:10 . 2011-11-29 10:56 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-08 00:02 . 2012-11-01 22:44 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-03-08 00:02 . 2012-01-31 09:09 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-10 03:25 . 2013-02-20 02:41 963776 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2013-02-10 03:25 . 2013-02-20 02:41 9422672 ----a-w- c:\windows\system32\nvcuda.dll
2013-02-10 03:25 . 2013-02-20 02:41 7964680 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-10 03:25 . 2013-02-20 02:41 7569184 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-10 03:25 . 2013-02-20 02:41 6267240 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-10 03:25 . 2013-02-20 02:41 2911008 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-10 03:25 . 2013-02-20 02:41 2726176 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-10 03:25 . 2013-02-20 02:41 26947360 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-10 03:25 . 2013-02-20 02:41 2528840 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-10 03:25 . 2013-02-20 02:41 25256736 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-10 03:25 . 2013-02-20 02:41 250504 ----a-w- c:\windows\system32\nvinitx.dll
2013-02-10 03:25 . 2013-02-20 02:41 2350368 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-20 02:41 20534560 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-10 03:25 . 2013-02-20 02:41 205184 ----a-w- c:\windows\SysWow64\nvinit.dll
2013-02-10 03:25 . 2013-02-20 02:41 1990944 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-10 03:25 . 2013-02-20 02:41 1807136 ----a-w- c:\windows\system32\nvdispco6420294.dll
2013-02-10 03:25 . 2013-02-20 02:41 17987192 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-10 03:25 . 2013-02-20 02:41 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-10 03:25 . 2013-02-20 02:41 1510176 ----a-w- c:\windows\system32\nvdispgenco6420162.dll
2013-02-10 03:25 . 2013-02-20 02:41 12862400 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-10 03:25 . 2013-02-20 02:41 11040544 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-10 03:25 . 2012-03-31 09:43 1114144 ----a-w- c:\windows\system32\nvumdshimx.dll
2013-02-10 03:25 . 2011-11-29 10:22 15275744 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-10 03:25 . 2011-11-29 10:22 15038296 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-10 03:25 . 2011-05-21 12:01 2854344 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-10 01:04 . 2011-11-29 10:17 6393120 ----a-w- c:\windows\system32\nvcpl.dll
2013-02-10 01:04 . 2011-11-29 10:17 3472672 ----a-w- c:\windows\system32\nvsvc64.dll
2013-02-10 01:04 . 2011-11-29 10:17 877856 ----a-w- c:\windows\system32\nvvsvc.exe
2013-02-10 01:04 . 2011-11-29 10:17 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-02-10 01:04 . 2011-11-29 10:17 237856 ----a-w- c:\windows\system32\nvmctray.dll
2013-02-10 00:43 . 2013-02-10 00:43 555808 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-02-09 13:25 . 2012-03-31 09:44 3035306 ----a-w- c:\windows\system32\nvcoproc.bin
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}]
c:\users\Joshua\AppData\Local\DownloadTerms\temp.dat [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b}]
2013-03-08 21:13 392328 ----a-w- c:\program files (x86)\SearchDonkey\IE\common.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E6A0602F-2DD2-4048-A49C-DBB369BAE0B0}]
c:\users\Joshua\AppData\Local\getsavin\ie\getsavin_1366850401.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2010-09-28 664600]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"EKStatusMonitor"="c:\program files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe" [2012-10-15 2844608]
"Conime"="c:\windows\system32\conime.exe" [BU]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"Monitor"="c:\program files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe" [2012-09-28 298376]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KodakHomeCenter"="c:\program files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe" [2012-10-19 2235840]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [x]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-09-24 116752]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-09-03 349800]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 146920]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-30 1255736]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2010-08-13 75904]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2010-08-13 38016]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys [2012-11-08 30568]
S1 NEOFLTR_719_20893;Juniper Networks TDI Filter Driver (NEOFLTR_719_20893);c:\windows\system32\Drivers\NEOFLTR_719_20893.SYS [2012-05-05 99152]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-11-23 203264]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [2012-10-19 395200]
S2 Kodak AiO Status Monitor Service;Kodak AiO Status Monitor Service;c:\program files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [2012-10-15 779200]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-11-10 375728]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2011-09-16 15928]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-04-04 418376]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-04-04 701512]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-09-28 1119768]
S2 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-06-19 1646608]
S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-02-10 383264]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-04-04 25928]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys [2010-01-29 36720]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2010-07-22 1002848]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 05182840
*NewlyCreated* - 78802578
*NewlyCreated* - MBAMPROTECTOR
*Deregistered* - 05182840
*Deregistered* - 78802578
.
Contents of the 'Scheduled Tasks' folder
.
2013-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 17:45]
.
2013-04-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-05 17:45]
.
2013-04-10 c:\windows\Tasks\HPCeeScheduleForJOSHUA-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
2013-04-24 c:\windows\Tasks\HPCeeScheduleForJoshua.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896]
"LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2011-09-16 57928]
"EKIJ5000StatusMonitor"="c:\windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe" [2012-10-08 3182080]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
mStart Page = hxxp://www.yahoo.com/?ilc=8
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: myitlab.com
Trusted Zone: pearsoncmg.com
Trusted Zone: pearsoned.com
Trusted Zone: researchnavigator.com
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-78802578.sys
AddRemove-GetSavin - c:\users\Joshua\AppData\Local\getsavin\uninst.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_171_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_171.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-04-27 21:41:51
ComboFix-quarantined-files.txt 2013-04-28 02:41
ComboFix2.txt 2013-04-26 02:00
ComboFix3.txt 2012-11-26 00:51
ComboFix4.txt 2012-11-24 00:39
.
Pre-Run: 1,373,890,347,008 bytes free
Post-Run: 1,374,341,660,672 bytes free
.
- - End Of File - - 0B931CDE003AE443C99CE12B2579C4D8

combofix had to update is the only issue I had with the download.

The computer is running smoother, but I'm still not seeing my homepages when I open the browser.
  • 0

#14
gringo_pr
Posted 27 April 2013 - 08:53 PM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Morris6996

We need to reset Chrome back to defaults to completely clear out what is going on.

We can keep the bookmarks by exporting them - Export Bookmarks


Then I need you to go Google Sync and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also

restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome

After you have Chrome reinstalled please check things out and let me know how it is doing.

Gringo
  • 0

#15
gringo_pr
Posted 30 April 2013 - 12:10 AM

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP