Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Mozzila firefox block web pages [Solved]


  • This topic is locked This topic is locked

#16
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Damba

will not be back till later - it is 5am and need t5o get some sleep

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================

and I will see if I want to see the whole report

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
•Internet access
•Windows Update
•Windows Firewall9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and MBAR

Gringo
  • 0

Advertisements


#17
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

I have 2 reports from TDSSKiller:

Frst:

12:23:39.0570 5816 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:23:40.0272 5816 ============================================================
12:23:40.0272 5816 Current date / time: 2013/10/06 12:23:40.0272
12:23:40.0272 5816 SystemInfo:
12:23:40.0272 5816
12:23:40.0272 5816 OS Version: 6.1.7601 ServicePack: 1.0
12:23:40.0272 5816 Product type: Workstation
12:23:40.0272 5816 ComputerName: COBRA2-PC
12:23:40.0272 5816 UserName: COBRA 2
12:23:40.0272 5816 Windows directory: C:\Windows
12:23:40.0272 5816 System windows directory: C:\Windows
12:23:40.0272 5816 Processor architecture: Intel x86
12:23:40.0272 5816 Number of processors: 4
12:23:40.0272 5816 Page size: 0x1000
12:23:40.0272 5816 Boot type: Normal boot
12:23:40.0272 5816 ============================================================
12:23:41.0083 5816 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:23:41.0083 5816 ============================================================
12:23:41.0083 5816 \Device\Harddisk0\DR0:
12:23:41.0083 5816 MBR partitions:
12:23:41.0083 5816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:23:41.0083 5816 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C5800
12:23:41.0083 5816 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x124F8000, BlocksNum 0x27E8D800
12:23:41.0083 5816 ============================================================
12:23:41.0099 5816 C: <-> \Device\Harddisk0\DR0\Partition2
12:23:41.0130 5816 D: <-> \Device\Harddisk0\DR0\Partition3
12:23:41.0161 5816 F: <-> \Device\Harddisk0\DR0\Partition1
12:23:41.0161 5816 ============================================================
12:23:41.0161 5816 Initialize success
12:23:41.0161 5816 ============================================================
12:24:53.0779 1008 Deinitialize success

Second:

12:26:51.0335 3460 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:26:51.0741 3460 ============================================================
12:26:51.0741 3460 Current date / time: 2013/10/06 12:26:51.0741
12:26:51.0741 3460 SystemInfo:
12:26:51.0741 3460
12:26:51.0741 3460 OS Version: 6.1.7601 ServicePack: 1.0
12:26:51.0741 3460 Product type: Workstation
12:26:51.0741 3460 ComputerName: COBRA2-PC
12:26:51.0741 3460 UserName: COBRA 2
12:26:51.0741 3460 Windows directory: C:\Windows
12:26:51.0741 3460 System windows directory: C:\Windows
12:26:51.0741 3460 Processor architecture: Intel x86
12:26:51.0741 3460 Number of processors: 4
12:26:51.0741 3460 Page size: 0x1000
12:26:51.0741 3460 Boot type: Normal boot
12:26:51.0741 3460 ============================================================
12:26:54.0003 3460 BG loaded
12:26:54.0486 3460 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:26:54.0486 3460 ============================================================
12:26:54.0486 3460 \Device\Harddisk0\DR0:
12:26:54.0502 3460 MBR partitions:
12:26:54.0502 3460 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:26:54.0502 3460 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C5800
12:26:54.0502 3460 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x124F8000, BlocksNum 0x27E8D800
12:26:54.0502 3460 ============================================================
12:26:54.0533 3460 C: <-> \Device\Harddisk0\DR0\Partition2
12:26:54.0642 3460 D: <-> \Device\Harddisk0\DR0\Partition3
12:26:54.0674 3460 F: <-> \Device\Harddisk0\DR0\Partition1
12:26:54.0674 3460 ============================================================
12:26:54.0674 3460 Initialize success
12:26:54.0674 3460 ============================================================
12:28:50.0701 4940 ============================================================
12:28:50.0701 4940 Scan started
12:28:50.0701 4940 Mode: Manual; SigCheck; TDLFS;
12:28:50.0701 4940 ============================================================
12:28:51.0419 4940 ================ Scan system memory ========================
12:28:51.0419 4940 System memory - ok
12:28:51.0419 4940 ================ Scan services =============================
12:28:51.0543 4940 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:28:51.0637 4940 1394ohci - ok
12:28:51.0668 4940 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:28:51.0684 4940 ACPI - ok
12:28:51.0715 4940 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:28:51.0746 4940 AcpiPmi - ok
12:28:51.0824 4940 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:28:51.0840 4940 AdobeARMservice - ok
12:28:51.0918 4940 [ 3109B16A0939BA11696EEB04F345D099 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:28:51.0933 4940 AdobeFlashPlayerUpdateSvc - ok
12:28:51.0980 4940 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:28:51.0996 4940 adp94xx - ok
12:28:52.0011 4940 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:28:52.0027 4940 adpahci - ok
12:28:52.0043 4940 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:28:52.0058 4940 adpu320 - ok
12:28:52.0089 4940 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:28:52.0152 4940 AeLookupSvc - ok
12:28:52.0167 4940 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
12:28:52.0214 4940 AFD - ok
12:28:52.0245 4940 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
12:28:52.0261 4940 agp440 - ok
12:28:52.0277 4940 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
12:28:52.0323 4940 aic78xx - ok
12:28:52.0339 4940 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
12:28:52.0370 4940 ALG - ok
12:28:52.0417 4940 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
12:28:52.0417 4940 aliide - ok
12:28:52.0433 4940 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
12:28:52.0448 4940 amdagp - ok
12:28:52.0464 4940 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
12:28:52.0479 4940 amdide - ok
12:28:52.0479 4940 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:28:52.0526 4940 AmdK8 - ok
12:28:52.0526 4940 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:28:52.0573 4940 AmdPPM - ok
12:28:52.0604 4940 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:28:52.0635 4940 amdsata - ok
12:28:52.0651 4940 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:28:52.0667 4940 amdsbs - ok
12:28:52.0682 4940 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:28:52.0698 4940 amdxata - ok
12:28:52.0729 4940 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
12:28:52.0823 4940 AppID - ok
12:28:52.0854 4940 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:28:52.0901 4940 AppIDSvc - ok
12:28:52.0932 4940 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
12:28:52.0979 4940 Appinfo - ok
12:28:53.0010 4940 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
12:28:53.0041 4940 AppMgmt - ok
12:28:53.0057 4940 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:28:53.0072 4940 arc - ok
12:28:53.0088 4940 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:28:53.0103 4940 arcsas - ok
12:28:53.0213 4940 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:28:53.0244 4940 aspnet_state - ok
12:28:53.0275 4940 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:28:53.0353 4940 AsyncMac - ok
12:28:53.0384 4940 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
12:28:53.0384 4940 atapi - ok
12:28:53.0431 4940 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:28:53.0478 4940 AudioEndpointBuilder - ok
12:28:53.0493 4940 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:28:53.0525 4940 Audiosrv - ok
12:28:53.0556 4940 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:28:53.0603 4940 AxInstSV - ok
12:28:53.0634 4940 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
12:28:53.0681 4940 b06bdrv - ok
12:28:53.0696 4940 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
12:28:53.0743 4940 b57nd60x - ok
12:28:53.0774 4940 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
12:28:53.0837 4940 BDESVC - ok
12:28:53.0852 4940 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
12:28:53.0899 4940 Beep - ok
12:28:53.0946 4940 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
12:28:53.0993 4940 BFE - ok
12:28:54.0039 4940 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\system32\qmgr.dll
12:28:54.0071 4940 BITS - ok
12:28:54.0086 4940 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:28:54.0102 4940 blbdrive - ok
12:28:54.0133 4940 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:28:54.0149 4940 bowser - ok
12:28:54.0164 4940 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:28:54.0211 4940 BrFiltLo - ok
12:28:54.0211 4940 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:28:54.0242 4940 BrFiltUp - ok
12:28:54.0289 4940 [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:28:54.0336 4940 BridgeMP - ok
12:28:54.0383 4940 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
12:28:54.0414 4940 Browser - ok
12:28:54.0429 4940 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:28:54.0476 4940 Brserid - ok
12:28:54.0476 4940 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:28:54.0523 4940 BrSerWdm - ok
12:28:54.0539 4940 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:28:54.0554 4940 BrUsbMdm - ok
12:28:54.0554 4940 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:28:54.0601 4940 BrUsbSer - ok
12:28:54.0617 4940 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:28:54.0632 4940 BTHMODEM - ok
12:28:54.0663 4940 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
12:28:54.0695 4940 bthserv - ok
12:28:54.0773 4940 catchme - ok
12:28:54.0773 4940 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:28:54.0819 4940 cdfs - ok
12:28:54.0866 4940 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:28:54.0897 4940 cdrom - ok
12:28:54.0929 4940 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
12:28:54.0960 4940 CertPropSvc - ok
12:28:54.0991 4940 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:28:55.0007 4940 circlass - ok
12:28:55.0022 4940 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
12:28:55.0038 4940 CLFS - ok
12:28:55.0100 4940 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:28:55.0116 4940 clr_optimization_v2.0.50727_32 - ok
12:28:55.0147 4940 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:28:55.0225 4940 clr_optimization_v4.0.30319_32 - ok
12:28:55.0241 4940 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:28:55.0272 4940 CmBatt - ok
12:28:55.0303 4940 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:28:55.0319 4940 cmdide - ok
12:28:55.0350 4940 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
12:28:55.0381 4940 CNG - ok
12:28:55.0397 4940 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:28:55.0397 4940 Compbatt - ok
12:28:55.0412 4940 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:28:55.0459 4940 CompositeBus - ok
12:28:55.0459 4940 COMSysApp - ok
12:28:55.0475 4940 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:28:55.0490 4940 crcdisk - ok
12:28:55.0553 4940 [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:28:55.0568 4940 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:28:55.0568 4940 Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:28:55.0615 4940 [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:28:55.0631 4940 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:28:55.0631 4940 Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:28:55.0662 4940 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:28:55.0724 4940 CryptSvc - ok
12:28:55.0755 4940 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
12:28:55.0802 4940 CSC - ok
12:28:55.0833 4940 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
12:28:55.0849 4940 CscService - ok
12:28:55.0927 4940 [ 07BA6D17E66879018B30B6C3F976EBED ] CTAudSvcService C:\Program Files\Creative\Shared Files\CTAudSvc.exe
12:28:55.0943 4940 CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
12:28:55.0943 4940 CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
12:28:55.0958 4940 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
12:28:56.0005 4940 DcomLaunch - ok
12:28:56.0052 4940 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
12:28:56.0099 4940 defragsvc - ok
12:28:56.0130 4940 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:28:56.0177 4940 DfsC - ok
12:28:56.0223 4940 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:28:56.0239 4940 Dhcp - ok
12:28:56.0255 4940 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
12:28:56.0301 4940 discache - ok
12:28:56.0333 4940 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:28:56.0333 4940 Disk - ok
12:28:56.0364 4940 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:28:56.0395 4940 Dnscache - ok
12:28:56.0442 4940 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
12:28:56.0473 4940 dot3svc - ok
12:28:56.0504 4940 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
12:28:56.0535 4940 DPS - ok
12:28:56.0567 4940 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:28:56.0567 4940 drmkaud - ok
12:28:56.0613 4940 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:28:56.0645 4940 DXGKrnl - ok
12:28:56.0691 4940 [ A4C189D2DF41BF8F780674202D73844A ] eamonm C:\Windows\system32\DRIVERS\eamonm.sys
12:28:56.0723 4940 eamonm - ok
12:28:56.0738 4940 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
12:28:56.0769 4940 EapHost - ok
12:28:56.0832 4940 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
12:28:56.0910 4940 ebdrv - ok
12:28:56.0941 4940 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
12:28:56.0988 4940 EFS - ok
12:28:57.0035 4940 [ 5412ED24FFFCA64E2F0168399B86C952 ] ehdrv C:\Windows\system32\DRIVERS\ehdrv.sys
12:28:57.0050 4940 ehdrv - ok
12:28:57.0097 4940 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:28:57.0144 4940 ehRecvr - ok
12:28:57.0159 4940 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
12:28:57.0206 4940 ehSched - ok
12:28:57.0269 4940 [ 6576CDEF9945DFA6BAE25FA0119468E9 ] ekrn C:\Program Files\ESET\ESET Smart Security\ekrn.exe
12:28:57.0315 4940 ekrn - ok
12:28:57.0362 4940 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:28:57.0378 4940 elxstor - ok
12:28:57.0440 4940 [ 774BABCB1144513DC86992003740B774 ] epfw C:\Windows\system32\DRIVERS\epfw.sys
12:28:57.0456 4940 epfw - ok
12:28:57.0487 4940 [ 2C22CC39309EE06AE870C183BF2A769D ] EpfwLWF C:\Windows\system32\DRIVERS\EpfwLWF.sys
12:28:57.0503 4940 EpfwLWF - ok
12:28:57.0534 4940 [ 7B9DACD0F107988720660E1D9C5D53BE ] epfwwfp C:\Windows\system32\DRIVERS\epfwwfp.sys
12:28:57.0549 4940 epfwwfp - ok
12:28:57.0581 4940 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:28:57.0596 4940 ErrDev - ok
12:28:57.0659 4940 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
12:28:57.0690 4940 EventSystem - ok
12:28:57.0705 4940 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
12:28:57.0752 4940 exfat - ok
12:28:57.0752 4940 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:28:57.0783 4940 fastfat - ok
12:28:57.0815 4940 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
12:28:57.0846 4940 Fax - ok
12:28:57.0861 4940 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:28:57.0877 4940 fdc - ok
12:28:57.0893 4940 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
12:28:57.0924 4940 fdPHost - ok
12:28:57.0939 4940 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
12:28:57.0955 4940 FDResPub - ok
12:28:57.0971 4940 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:28:57.0986 4940 FileInfo - ok
12:28:57.0986 4940 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:28:58.0017 4940 Filetrace - ok
12:28:58.0064 4940 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:28:58.0080 4940 flpydisk - ok
12:28:58.0095 4940 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:28:58.0111 4940 FltMgr - ok
12:28:58.0173 4940 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
12:28:58.0205 4940 FontCache - ok
12:28:58.0236 4940 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:28:58.0251 4940 FontCache3.0.0.0 - ok
12:28:58.0267 4940 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:28:58.0267 4940 FsDepends - ok
12:28:58.0298 4940 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:28:58.0329 4940 Fs_Rec - ok
12:28:58.0361 4940 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:28:58.0376 4940 fvevol - ok
12:28:58.0407 4940 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:28:58.0407 4940 gagp30kx - ok
12:28:58.0439 4940 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
12:28:58.0485 4940 gpsvc - ok
12:28:58.0501 4940 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:28:58.0532 4940 hcw85cir - ok
12:28:58.0563 4940 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:28:58.0595 4940 HdAudAddService - ok
12:28:58.0610 4940 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:28:58.0641 4940 HDAudBus - ok
12:28:58.0657 4940 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:28:58.0673 4940 HidBatt - ok
12:28:58.0688 4940 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:28:58.0704 4940 HidBth - ok
12:28:58.0704 4940 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:28:58.0735 4940 HidIr - ok
12:28:58.0751 4940 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\System32\hidserv.dll
12:28:58.0797 4940 hidserv - ok
12:28:58.0844 4940 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:28:58.0860 4940 HidUsb - ok
12:28:58.0891 4940 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:28:58.0938 4940 hkmsvc - ok
12:28:58.0969 4940 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:28:59.0016 4940 HomeGroupListener - ok
12:28:59.0063 4940 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:28:59.0078 4940 HomeGroupProvider - ok
12:28:59.0125 4940 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:28:59.0141 4940 HpSAMD - ok
12:28:59.0187 4940 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
12:28:59.0203 4940 HssDRV6 - ok
12:28:59.0234 4940 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:28:59.0281 4940 HTTP - ok
12:28:59.0297 4940 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:28:59.0312 4940 hwpolicy - ok
12:28:59.0343 4940 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:28:59.0359 4940 i8042prt - ok
12:28:59.0390 4940 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:28:59.0406 4940 iaStorV - ok
12:28:59.0468 4940 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:28:59.0515 4940 idsvc - ok
12:28:59.0531 4940 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:28:59.0531 4940 iirsp - ok
12:28:59.0577 4940 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
12:28:59.0609 4940 IKEEXT - ok
12:28:59.0640 4940 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
12:28:59.0655 4940 intelide - ok
12:28:59.0671 4940 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:28:59.0687 4940 intelppm - ok
12:28:59.0702 4940 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:28:59.0733 4940 IPBusEnum - ok
12:28:59.0749 4940 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:28:59.0765 4940 IpFilterDriver - ok
12:28:59.0811 4940 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:28:59.0874 4940 iphlpsvc - ok
12:28:59.0905 4940 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:28:59.0936 4940 IPMIDRV - ok
12:28:59.0952 4940 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:28:59.0999 4940 IPNAT - ok
12:29:00.0030 4940 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:29:00.0077 4940 IRENUM - ok
12:29:00.0108 4940 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:29:00.0123 4940 isapnp - ok
12:29:00.0139 4940 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:29:00.0201 4940 iScsiPrt - ok
12:29:00.0233 4940 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:29:00.0233 4940 kbdclass - ok
12:29:00.0279 4940 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:29:00.0295 4940 kbdhid - ok
12:29:00.0311 4940 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
12:29:00.0326 4940 KeyIso - ok
12:29:00.0357 4940 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:29:00.0373 4940 KSecDD - ok
12:29:00.0389 4940 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:29:00.0404 4940 KSecPkg - ok
12:29:00.0420 4940 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
12:29:00.0467 4940 KtmRm - ok
12:29:00.0498 4940 [ 1A91EAAD2D73758140B3B7B6AD736573 ] L1C C:\Windows\system32\DRIVERS\L1C62x86.sys
12:29:00.0498 4940 L1C - ok
12:29:00.0529 4940 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\System32\srvsvc.dll
12:29:00.0545 4940 LanmanServer - ok
12:29:00.0576 4940 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:29:00.0591 4940 LanmanWorkstation - ok
12:29:00.0623 4940 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:29:00.0669 4940 lltdio - ok
12:29:00.0701 4940 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:29:00.0763 4940 lltdsvc - ok
12:29:00.0794 4940 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
12:29:00.0825 4940 lmhosts - ok
12:29:00.0857 4940 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:29:00.0872 4940 LMS - ok
12:29:00.0888 4940 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:29:00.0888 4940 LSI_FC - ok
12:29:00.0919 4940 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:29:00.0935 4940 LSI_SAS - ok
12:29:00.0935 4940 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:29:00.0950 4940 LSI_SAS2 - ok
12:29:00.0950 4940 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:29:00.0966 4940 LSI_SCSI - ok
12:29:00.0981 4940 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
12:29:00.0997 4940 luafv - ok
12:29:01.0028 4940 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:29:01.0044 4940 Mcx2Svc - ok
12:29:01.0059 4940 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:29:01.0059 4940 megasas - ok
12:29:01.0075 4940 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:29:01.0091 4940 MegaSR - ok
12:29:01.0106 4940 [ D86AC00883B9C98B570E7643AAF8E554 ] MEI C:\Windows\system32\DRIVERS\HECI.sys
12:29:01.0122 4940 MEI - ok
12:29:01.0215 4940 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
12:29:01.0231 4940 Microsoft Office Groove Audit Service - ok
12:29:01.0247 4940 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
12:29:01.0278 4940 MMCSS - ok
12:29:01.0293 4940 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
12:29:01.0325 4940 Modem - ok
12:29:01.0356 4940 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:29:01.0371 4940 monitor - ok
12:29:01.0418 4940 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:29:01.0418 4940 mouclass - ok
12:29:01.0434 4940 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:29:01.0449 4940 mouhid - ok
12:29:01.0465 4940 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:29:01.0481 4940 mountmgr - ok
12:29:01.0527 4940 [ 6380FF81DD4D78B23398752D2F46EA43 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:29:01.0543 4940 MozillaMaintenance - ok
12:29:01.0574 4940 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
12:29:01.0574 4940 mpio - ok
12:29:01.0590 4940 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:29:01.0605 4940 mpsdrv - ok
12:29:01.0637 4940 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:29:01.0683 4940 MpsSvc - ok
12:29:01.0715 4940 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:29:01.0730 4940 MRxDAV - ok
12:29:01.0777 4940 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:29:01.0824 4940 mrxsmb - ok
12:29:01.0839 4940 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:29:01.0855 4940 mrxsmb10 - ok
12:29:01.0886 4940 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:29:01.0902 4940 mrxsmb20 - ok
12:29:01.0933 4940 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
12:29:01.0949 4940 msahci - ok
12:29:01.0964 4940 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:29:01.0995 4940 msdsm - ok
12:29:02.0011 4940 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
12:29:02.0042 4940 MSDTC - ok
12:29:02.0089 4940 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:29:02.0120 4940 Msfs - ok
12:29:02.0151 4940 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:29:02.0167 4940 mshidkmdf - ok
12:29:02.0183 4940 MSICDSetup - ok
12:29:02.0214 4940 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:29:02.0229 4940 msisadrv - ok
12:29:02.0261 4940 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:29:02.0307 4940 MSiSCSI - ok
12:29:02.0307 4940 msiserver - ok
12:29:02.0339 4940 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:29:02.0354 4940 MSKSSRV - ok
12:29:02.0370 4940 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:29:02.0401 4940 MSPCLOCK - ok
12:29:02.0401 4940 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:29:02.0417 4940 MSPQM - ok
12:29:02.0432 4940 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:29:02.0432 4940 MsRPC - ok
12:29:02.0463 4940 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:29:02.0479 4940 mssmbios - ok
12:29:02.0479 4940 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:29:02.0510 4940 MSTEE - ok
12:29:02.0510 4940 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:29:02.0526 4940 MTConfig - ok
12:29:02.0526 4940 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
12:29:02.0541 4940 Mup - ok
12:29:02.0573 4940 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
12:29:02.0604 4940 napagent - ok
12:29:02.0635 4940 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:29:02.0635 4940 NativeWifiP - ok
12:29:02.0682 4940 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:29:02.0697 4940 NDIS - ok
12:29:02.0713 4940 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:29:02.0760 4940 NdisCap - ok
12:29:02.0791 4940 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:29:02.0807 4940 NdisTapi - ok
12:29:02.0838 4940 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:29:02.0885 4940 Ndisuio - ok
12:29:02.0916 4940 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:29:02.0947 4940 NdisWan - ok
12:29:02.0978 4940 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:29:02.0994 4940 NDProxy - ok
12:29:03.0025 4940 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:29:03.0056 4940 NetBIOS - ok
12:29:03.0087 4940 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:29:03.0103 4940 NetBT - ok
12:29:03.0134 4940 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
12:29:03.0134 4940 Netlogon - ok
12:29:03.0181 4940 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
12:29:03.0212 4940 Netman - ok
12:29:03.0290 4940 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:29:03.0306 4940 NetMsmqActivator - ok
12:29:03.0321 4940 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:29:03.0321 4940 NetPipeActivator - ok
12:29:03.0353 4940 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
12:29:03.0368 4940 netprofm - ok
12:29:03.0399 4940 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:29:03.0399 4940 NetTcpActivator - ok
12:29:03.0399 4940 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:29:03.0415 4940 NetTcpPortSharing - ok
12:29:03.0462 4940 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:29:03.0462 4940 nfrd960 - ok
12:29:03.0493 4940 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:29:03.0509 4940 NlaSvc - ok
12:29:03.0509 4940 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:29:03.0540 4940 Npfs - ok
12:29:03.0540 4940 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
12:29:03.0571 4940 nsi - ok
12:29:03.0587 4940 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:29:03.0618 4940 nsiproxy - ok
12:29:03.0649 4940 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:29:03.0696 4940 Ntfs - ok
12:29:03.0711 4940 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
12:29:03.0743 4940 Null - ok
12:29:03.0758 4940 [ 92CFE8964B3A6DA0692331FA66630DB3 ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
12:29:03.0774 4940 NVHDA - ok
12:29:03.0961 4940 [ B69E6F70CE1151C8D62ABC9DEF64DFBE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:29:04.0101 4940 nvlddmkm - ok
12:29:04.0117 4940 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:29:04.0133 4940 nvraid - ok
12:29:04.0148 4940 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:29:04.0148 4940 nvstor - ok
12:29:04.0211 4940 [ E4284FCF99FEA13A7E1836F87AE356F6 ] NVSvc C:\Windows\system32\nvvsvc.exe
12:29:04.0226 4940 NVSvc - ok
12:29:04.0289 4940 [ 03E60E0BFA53ED15DC984FA34B44BB0F ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:29:04.0320 4940 nvUpdatusService - ok
12:29:04.0367 4940 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:29:04.0382 4940 nv_agp - ok
12:29:04.0460 4940 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:29:04.0476 4940 odserv - ok
12:29:04.0507 4940 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:29:04.0523 4940 ohci1394 - ok
12:29:04.0601 4940 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] OMSI download service C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
12:29:04.0616 4940 OMSI download service ( UnsignedFile.Multi.Generic ) - warning
12:29:04.0616 4940 OMSI download service - detected UnsignedFile.Multi.Generic (1)
12:29:04.0647 4940 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:29:04.0663 4940 ose - ok
12:29:04.0679 4940 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:29:04.0725 4940 p2pimsvc - ok
12:29:04.0741 4940 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
12:29:04.0757 4940 p2psvc - ok
12:29:04.0803 4940 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:29:04.0835 4940 Parport - ok
12:29:04.0881 4940 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:29:04.0881 4940 partmgr - ok
12:29:04.0897 4940 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
12:29:04.0913 4940 Parvdm - ok
12:29:04.0944 4940 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:29:04.0959 4940 PcaSvc - ok
12:29:04.0991 4940 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
12:29:05.0006 4940 pci - ok
12:29:05.0069 4940 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
12:29:05.0084 4940 pciide - ok
12:29:05.0115 4940 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:29:05.0131 4940 pcmcia - ok
12:29:05.0147 4940 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
12:29:05.0162 4940 pcw - ok
12:29:05.0193 4940 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:29:05.0225 4940 PEAUTH - ok
12:29:05.0271 4940 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:29:05.0287 4940 PeerDistSvc - ok
12:29:05.0334 4940 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
12:29:05.0396 4940 pla - ok
12:29:05.0443 4940 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:29:05.0459 4940 PlugPlay - ok
12:29:05.0474 4940 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:29:05.0490 4940 PNRPAutoReg - ok
12:29:05.0521 4940 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:29:05.0521 4940 PNRPsvc - ok
12:29:05.0537 4940 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:29:05.0568 4940 PolicyAgent - ok
12:29:05.0599 4940 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
12:29:05.0630 4940 Power - ok
12:29:05.0646 4940 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:29:05.0677 4940 PptpMiniport - ok
12:29:05.0693 4940 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:29:05.0724 4940 Processor - ok
12:29:05.0755 4940 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
12:29:05.0771 4940 ProfSvc - ok
12:29:05.0786 4940 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:29:05.0802 4940 ProtectedStorage - ok
12:29:05.0817 4940 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:29:05.0833 4940 Psched - ok
12:29:05.0864 4940 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:29:05.0895 4940 ql2300 - ok
12:29:05.0911 4940 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:29:05.0927 4940 ql40xx - ok
12:29:05.0942 4940 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
12:29:05.0973 4940 QWAVE - ok
12:29:05.0989 4940 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:29:06.0005 4940 QWAVEdrv - ok
12:29:06.0020 4940 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:29:06.0051 4940 RasAcd - ok
12:29:06.0083 4940 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:29:06.0129 4940 RasAgileVpn - ok
12:29:06.0145 4940 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
12:29:06.0176 4940 RasAuto - ok
12:29:06.0176 4940 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:29:06.0223 4940 Rasl2tp - ok
12:29:06.0254 4940 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
12:29:06.0285 4940 RasMan - ok
12:29:06.0317 4940 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:29:06.0348 4940 RasPppoe - ok
12:29:06.0379 4940 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:29:06.0410 4940 RasSstp - ok
12:29:06.0441 4940 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:29:06.0457 4940 rdbss - ok
12:29:06.0473 4940 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:29:06.0488 4940 rdpbus - ok
12:29:06.0504 4940 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:29:06.0535 4940 RDPCDD - ok
12:29:06.0566 4940 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:29:06.0613 4940 RDPDR - ok
12:29:06.0613 4940 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:29:06.0660 4940 RDPENCDD - ok
12:29:06.0675 4940 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:29:06.0707 4940 RDPREFMP - ok
12:29:06.0785 4940 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:29:06.0831 4940 RdpVideoMiniport - ok
12:29:06.0863 4940 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:29:06.0894 4940 RDPWD - ok
12:29:06.0925 4940 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:29:06.0941 4940 rdyboost - ok
12:29:06.0972 4940 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
12:29:07.0003 4940 RemoteAccess - ok
12:29:07.0019 4940 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:29:07.0050 4940 RemoteRegistry - ok
12:29:07.0081 4940 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:29:07.0112 4940 RpcEptMapper - ok
12:29:07.0128 4940 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
12:29:07.0128 4940 RpcLocator - ok
12:29:07.0143 4940 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
12:29:07.0159 4940 RpcSs - ok
12:29:07.0190 4940 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:29:07.0237 4940 rspndr - ok
12:29:07.0268 4940 [ 59509AD6CBC28F2C73056268985B3E48 ] s0016bus C:\Windows\system32\DRIVERS\s0016bus.sys
12:29:07.0284 4940 s0016bus - ok
12:29:07.0315 4940 [ B98C3A6F91F4FBA285AF9606A240C6B4 ] s0016mdfl C:\Windows\system32\DRIVERS\s0016mdfl.sys
12:29:07.0315 4940 s0016mdfl - ok
12:29:07.0331 4940 [ 8A83426F4FB7B5212825D9DE76368B1A ] s0016mdm C:\Windows\system32\DRIVERS\s0016mdm.sys
12:29:07.0331 4940 s0016mdm - ok
12:29:07.0346 4940 [ 7A78BBA97FEB5E6D24C49E93A3BF7287 ] s0016mgmt C:\Windows\system32\DRIVERS\s0016mgmt.sys
12:29:07.0346 4940 s0016mgmt - ok
12:29:07.0377 4940 [ 34EF7B5F611957B73E7219DD5A222AD1 ] s0016nd5 C:\Windows\system32\DRIVERS\s0016nd5.sys
12:29:07.0393 4940 s0016nd5 - ok
12:29:07.0393 4940 [ 36792935847143E4A3CDA0DC87248487 ] s0016obex C:\Windows\system32\DRIVERS\s0016obex.sys
12:29:07.0409 4940 s0016obex - ok
12:29:07.0424 4940 [ 927208754FB27FC3E7A659E77500C5D1 ] s0016unic C:\Windows\system32\DRIVERS\s0016unic.sys
12:29:07.0440 4940 s0016unic - ok
12:29:07.0471 4940 [ 594FF5620661D1386475406E78CB6F2F ] s0017bus C:\Windows\system32\DRIVERS\s0017bus.sys
12:29:07.0487 4940 s0017bus - ok
12:29:07.0518 4940 [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus C:\Windows\system32\DRIVERS\s1018bus.sys
12:29:07.0533 4940 s1018bus - ok
12:29:07.0549 4940 [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl C:\Windows\system32\DRIVERS\s1018mdfl.sys
12:29:07.0565 4940 s1018mdfl - ok
12:29:07.0580 4940 [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm C:\Windows\system32\DRIVERS\s1018mdm.sys
12:29:07.0580 4940 s1018mdm - ok
12:29:07.0627 4940 [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt C:\Windows\system32\DRIVERS\s1018mgmt.sys
12:29:07.0658 4940 s1018mgmt - ok
12:29:07.0674 4940 [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5 C:\Windows\system32\DRIVERS\s1018nd5.sys
12:29:07.0674 4940 s1018nd5 - ok
12:29:07.0705 4940 [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex C:\Windows\system32\DRIVERS\s1018obex.sys
12:29:07.0721 4940 s1018obex - ok
12:29:07.0736 4940 [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic C:\Windows\system32\DRIVERS\s1018unic.sys
12:29:07.0752 4940 s1018unic - ok
12:29:07.0767 4940 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:29:07.0814 4940 s3cap - ok
12:29:07.0830 4940 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
12:29:07.0845 4940 SamSs - ok
12:29:07.0877 4940 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:29:07.0892 4940 sbp2port - ok
12:29:07.0923 4940 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:29:07.0955 4940 SCardSvr - ok
12:29:07.0986 4940 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
12:29:08.0001 4940 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
12:29:08.0001 4940 SCDEmu - detected UnsignedFile.Multi.Generic (1)
12:29:08.0001 4940 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:29:08.0033 4940 scfilter - ok
12:29:08.0064 4940 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
12:29:08.0095 4940 Schedule - ok
12:29:08.0111 4940 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:29:08.0126 4940 SCPolicySvc - ok
12:29:08.0157 4940 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:29:08.0173 4940 SDRSVC - ok
12:29:08.0204 4940 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:29:08.0235 4940 secdrv - ok
12:29:08.0251 4940 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
12:29:08.0267 4940 seclogon - ok
12:29:08.0313 4940 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\system32\sens.dll
12:29:08.0360 4940 SENS - ok
12:29:08.0376 4940 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:29:08.0391 4940 SensrSvc - ok
12:29:08.0423 4940 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:29:08.0438 4940 Serenum - ok
12:29:08.0469 4940 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:29:08.0485 4940 Serial - ok
12:29:08.0501 4940 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:29:08.0516 4940 sermouse - ok
12:29:08.0547 4940 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
12:29:08.0594 4940 SessionEnv - ok
12:29:08.0625 4940 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:29:08.0657 4940 sffdisk - ok
12:29:08.0672 4940 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:29:08.0703 4940 sffp_mmc - ok
12:29:08.0719 4940 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:29:08.0735 4940 sffp_sd - ok
12:29:08.0766 4940 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:29:08.0781 4940 sfloppy - ok
12:29:08.0813 4940 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:29:08.0844 4940 SharedAccess - ok
12:29:08.0875 4940 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:29:08.0906 4940 ShellHWDetection - ok
12:29:08.0922 4940 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
12:29:08.0937 4940 sisagp - ok
12:29:08.0953 4940 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:29:08.0969 4940 SiSRaid2 - ok
12:29:08.0984 4940 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:29:08.0984 4940 SiSRaid4 - ok
12:29:09.0015 4940 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:29:09.0031 4940 Smb - ok
12:29:09.0062 4940 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:29:09.0078 4940 SNMPTRAP - ok
12:29:09.0093 4940 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93 ] Sound Blaster X-Fi MB Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
12:29:09.0093 4940 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:29:09.0093 4940 Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic (1)
12:29:09.0093 4940 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
12:29:09.0109 4940 spldr - ok
12:29:09.0140 4940 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
12:29:09.0171 4940 Spooler - ok
12:29:09.0249 4940 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
12:29:09.0296 4940 sppsvc - ok
12:29:09.0343 4940 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:29:09.0374 4940 sppuinotify - ok
12:29:09.0390 4940 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:29:09.0437 4940 srv - ok
12:29:09.0452 4940 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:29:09.0483 4940 srv2 - ok
12:29:09.0499 4940 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:29:09.0530 4940 srvnet - ok
12:29:09.0561 4940 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:29:09.0593 4940 SSDPSRV - ok
12:29:09.0593 4940 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:29:09.0624 4940 SstpSvc - ok
12:29:09.0702 4940 [ 5A19667A580B1CE886EAF968B9743F45 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:29:09.0717 4940 Stereo Service - ok
12:29:09.0749 4940 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:29:09.0749 4940 stexstor - ok
12:29:09.0795 4940 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
12:29:09.0827 4940 StiSvc - ok
12:29:09.0858 4940 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:29:09.0873 4940 storflt - ok
12:29:09.0889 4940 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:29:09.0889 4940 storvsc - ok
12:29:09.0920 4940 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
12:29:09.0920 4940 swenum - ok
12:29:09.0951 4940 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
12:29:09.0983 4940 swprv - ok
12:29:09.0998 4940 Synth3dVsc - ok
12:29:10.0045 4940 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
12:29:10.0061 4940 SysMain - ok
12:29:10.0092 4940 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:29:10.0107 4940 TabletInputService - ok
12:29:10.0154 4940 [ FD90A16CEB10D4FDAA00AAF39B8FF58F ] taphss C:\Windows\system32\DRIVERS\taphss.sys
12:29:10.0154 4940 taphss - ok
12:29:10.0185 4940 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
12:29:10.0248 4940 TapiSrv - ok
12:29:10.0263 4940 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
12:29:10.0279 4940 TBS - ok
12:29:10.0326 4940 [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:29:10.0373 4940 Tcpip - ok
12:29:10.0404 4940 [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:29:10.0419 4940 TCPIP6 - ok
12:29:10.0451 4940 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:29:10.0466 4940 tcpipreg - ok
12:29:10.0497 4940 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:29:10.0529 4940 TDPIPE - ok
12:29:10.0560 4940 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:29:10.0591 4940 TDTCP - ok
12:29:10.0622 4940 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:29:10.0653 4940 tdx - ok
12:29:10.0747 4940 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
12:29:10.0778 4940 TeamViewer7 - ok
12:29:10.0809 4940 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:29:10.0809 4940 TermDD - ok
12:29:10.0841 4940 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
12:29:10.0872 4940 TermService - ok
12:29:10.0887 4940 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
12:29:10.0903 4940 Themes - ok
12:29:10.0903 4940 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
12:29:10.0934 4940 THREADORDER - ok
12:29:10.0950 4940 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
12:29:10.0981 4940 TrkWks - ok
12:29:11.0028 4940 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:29:11.0075 4940 TrustedInstaller - ok
12:29:11.0106 4940 [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:29:11.0137 4940 tssecsrv - ok
12:29:11.0168 4940 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:29:11.0215 4940 TsUsbFlt - ok
12:29:11.0215 4940 tsusbhub - ok
12:29:11.0262 4940 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:29:11.0309 4940 tunnel - ok
12:29:11.0340 4940 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:29:11.0340 4940 uagp35 - ok
12:29:11.0371 4940 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:29:11.0418 4940 udfs - ok
12:29:11.0433 4940 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:29:11.0449 4940 UI0Detect - ok
12:29:11.0480 4940 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:29:11.0496 4940 uliagpkx - ok
12:29:11.0511 4940 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:29:11.0527 4940 umbus - ok
12:29:11.0527 4940 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:29:11.0558 4940 UmPass - ok
12:29:11.0605 4940 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
12:29:11.0636 4940 UmRdpService - ok
12:29:11.0699 4940 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:29:11.0730 4940 UNS - ok
12:29:11.0777 4940 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
12:29:11.0808 4940 upnphost - ok
12:29:11.0839 4940 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:29:11.0855 4940 usbccgp - ok
12:29:11.0886 4940 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:29:11.0886 4940 usbcir - ok
12:29:11.0917 4940 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:29:11.0917 4940 usbehci - ok
12:29:11.0948 4940 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:29:11.0964 4940 usbhub - ok
12:29:12.0011 4940 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:29:12.0026 4940 usbohci - ok
12:29:12.0042 4940 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:29:12.0073 4940 usbprint - ok
12:29:12.0089 4940 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:29:12.0120 4940 usbscan - ok
12:29:12.0135 4940 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:29:12.0167 4940 USBSTOR - ok
12:29:12.0198 4940 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:29:12.0213 4940 usbuhci - ok
12:29:12.0229 4940 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
12:29:12.0260 4940 UxSms - ok
12:29:12.0276 4940 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
12:29:12.0276 4940 VaultSvc - ok
12:29:12.0291 4940 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:29:12.0291 4940 vdrvroot - ok
12:29:12.0323 4940 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
12:29:12.0369 4940 vds - ok
12:29:12.0401 4940 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:29:12.0447 4940 vga - ok
12:29:12.0463 4940 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:29:12.0494 4940 VgaSave - ok
12:29:12.0494 4940 VGPU - ok
12:29:12.0510 4940 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:29:12.0525 4940 vhdmp - ok
12:29:12.0557 4940 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
12:29:12.0557 4940 viaagp - ok
12:29:12.0572 4940 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
12:29:12.0588 4940 ViaC7 - ok
12:29:12.0650 4940 [ F2ABB8BC8A9F807EDDB639672695A9BC ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:29:12.0681 4940 VIAHdAudAddService - ok
12:29:12.0713 4940 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
12:29:12.0728 4940 viaide - ok
12:29:12.0728 4940 [ A713C6BBA47D14B81FED1995DBE8C0AD ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
12:29:12.0744 4940 VIAKaraokeService - ok
12:29:12.0759 4940 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:29:12.0775 4940 vmbus - ok
12:29:12.0775 4940 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:29:12.0791 4940 VMBusHID - ok
12:29:12.0822 4940 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:29:12.0822 4940 volmgr - ok
12:29:12.0853 4940 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:29:12.0869 4940 volmgrx - ok
12:29:12.0869 4940 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:29:12.0884 4940 volsnap - ok
12:29:12.0900 4940 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:29:12.0915 4940 vsmraid - ok
12:29:12.0947 4940 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
12:29:12.0993 4940 VSS - ok
12:29:13.0009 4940 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:29:13.0025 4940 vwifibus - ok
12:29:13.0040 4940 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
12:29:13.0071 4940 W32Time - ok
12:29:13.0087 4940 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:29:13.0087 4940 WacomPen - ok
12:29:13.0118 4940 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:29:13.0165 4940 WANARP - ok
12:29:13.0165 4940 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:29:13.0181 4940 Wanarpv6 - ok
12:29:13.0243 4940 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:29:13.0290 4940 WatAdminSvc - ok
12:29:13.0305 4940 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
12:29:13.0368 4940 wbengine - ok
12:29:13.0383 4940 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:29:13.0399 4940 WbioSrvc - ok
12:29:13.0430 4940 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:29:13.0461 4940 wcncsvc - ok
12:29:13.0477 4940 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:29:13.0493 4940 WcsPlugInService - ok
12:29:13.0508 4940 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:29:13.0508 4940 Wd - ok
12:29:13.0539 4940 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
12:29:13.0555 4940 WDC_SAM - ok
12:29:13.0586 4940 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:29:13.0617 4940 Wdf01000 - ok
12:29:13.0633 4940 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:29:13.0664 4940 WdiServiceHost - ok
12:29:13.0664 4940 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:29:13.0680 4940 WdiSystemHost - ok
12:29:13.0711 4940 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
12:29:13.0742 4940 WebClient - ok
12:29:13.0758 4940 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:29:13.0805 4940 Wecsvc - ok
12:29:13.0820 4940 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:29:13.0851 4940 wercplsupport - ok
12:29:13.0867 4940 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
12:29:13.0898 4940 WerSvc - ok
12:29:13.0914 4940 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:29:13.0929 4940 WfpLwf - ok
12:29:13.0945 4940 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:29:13.0961 4940 WIMMount - ok
12:29:14.0007 4940 [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
12:29:14.0054 4940 WinDefend - ok
12:29:14.0070 4940 WinHttpAutoProxySvc - ok
12:29:14.0117 4940 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:29:14.0163 4940 Winmgmt - ok
12:29:14.0195 4940 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
12:29:14.0241 4940 WinRM - ok
12:29:14.0273 4940 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:29:14.0304 4940 WinUsb - ok
12:29:14.0335 4940 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:29:14.0351 4940 Wlansvc - ok
12:29:14.0366 4940 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:29:14.0382 4940 WmiAcpi - ok
12:29:14.0413 4940 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:29:14.0429 4940 wmiApSrv - ok
12:29:14.0491 4940 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
12:29:14.0553 4940 WMPNetworkSvc - ok
12:29:14.0569 4940 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:29:14.0616 4940 WPCSvc - ok
12:29:14.0647 4940 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:29:14.0663 4940 WPDBusEnum - ok
12:29:14.0678 4940 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:29:14.0725 4940 ws2ifsl - ok
12:29:14.0756 4940 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\system32\wscsvc.dll
12:29:14.0787 4940 wscsvc - ok
12:29:14.0787 4940 WSearch - ok
12:29:14.0850 4940 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
12:29:14.0881 4940 wuauserv - ok
12:29:14.0912 4940 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:29:14.0928 4940 WudfPf - ok
12:29:14.0959 4940 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:29:14.0990 4940 WUDFRd - ok
12:29:15.0021 4940 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:29:15.0037 4940 wudfsvc - ok
12:29:15.0053 4940 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:29:15.0099 4940 WwanSvc - ok
12:29:15.0131 4940 ================ Scan global ===============================
12:29:15.0162 4940 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
12:29:15.0177 4940 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
12:29:15.0193 4940 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\system32\winsrv.dll
12:29:15.0209 4940 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
12:29:15.0224 4940 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
12:29:15.0224 4940 [Global] - ok
12:29:15.0224 4940 ================ Scan MBR ==================================
12:29:15.0224 4940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:29:15.0567 4940 \Device\Harddisk0\DR0 - ok
12:29:15.0567 4940 ================ Scan VBR ==================================
12:29:15.0567 4940 [ 2A5FE462647E1ECFE4FD553C94CA0E9A ] \Device\Harddisk0\DR0\Partition1
12:29:15.0583 4940 \Device\Harddisk0\DR0\Partition1 - ok
12:29:15.0599 4940 [ DA6AE61FC38F4E9C69A6B68697E3874A ] \Device\Harddisk0\DR0\Partition2
12:29:15.0599 4940 \Device\Harddisk0\DR0\Partition2 - ok
12:29:15.0630 4940 [ A4CEDB247B8375BCB0026400CD491A1B ] \Device\Harddisk0\DR0\Partition3
12:29:15.0630 4940 \Device\Harddisk0\DR0\Partition3 - ok
12:29:15.0630 4940 ================ Scan active images ========================
12:29:15.0630 4940 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
12:29:15.0630 4940 C:\Windows\System32\drivers\crashdmp.sys - ok
12:29:15.0630 4940 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
12:29:15.0630 4940 C:\Windows\System32\drivers\Dumpata.sys - ok
12:29:15.0645 4940 [ 338C86357871C167A96AB976519BF59E ] C:\Windows\System32\drivers\atapi.sys
12:29:15.0645 4940 C:\Windows\System32\drivers\atapi.sys - ok
12:29:15.0645 4940 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
12:29:15.0645 4940 C:\Windows\System32\drivers\dumpfve.sys - ok
12:29:15.0645 4940 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
12:29:15.0645 4940 C:\Windows\System32\drivers\cdrom.sys - ok
12:29:15.0661 4940 [ A4C189D2DF41BF8F780674202D73844A ] C:\Windows\System32\drivers\eamonm.sys
12:29:15.0661 4940 C:\Windows\System32\drivers\eamonm.sys - ok
12:29:15.0661 4940 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
12:29:15.0661 4940 C:\Windows\System32\drivers\null.sys - ok
12:29:15.0661 4940 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
12:29:15.0661 4940 C:\Windows\System32\drivers\beep.sys - ok
12:29:15.0661 4940 [ 5412ED24FFFCA64E2F0168399B86C952 ] C:\Windows\System32\drivers\ehdrv.sys
12:29:15.0661 4940 C:\Windows\System32\drivers\ehdrv.sys - ok
12:29:15.0661 4940 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
12:29:15.0661 4940 C:\Windows\System32\drivers\vga.sys - ok
12:29:15.0677 4940 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\videoprt.sys - ok
12:29:15.0677 4940 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\watchdog.sys - ok
12:29:15.0677 4940 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:29:15.0677 4940 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:29:15.0677 4940 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:29:15.0677 4940 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
12:29:15.0677 4940 C:\Windows\System32\drivers\msfs.sys - ok
12:29:15.0692 4940 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\npfs.sys - ok
12:29:15.0692 4940 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\tdi.sys - ok
12:29:15.0692 4940 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\tdx.sys - ok
12:29:15.0692 4940 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\afd.sys - ok
12:29:15.0692 4940 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\netbt.sys - ok
12:29:15.0692 4940 [ 6DB3276587B853BF886B69528FDB048C ] C:\Windows\System32\drivers\ws2ifsl.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\ws2ifsl.sys - ok
12:29:15.0692 4940 [ DD1E0A26D0F60A7EA65A1BEEC7D44EAB ] C:\Windows\System32\drivers\hssdrv6.sys
12:29:15.0692 4940 C:\Windows\System32\drivers\hssdrv6.sys - ok
12:29:15.0708 4940 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
12:29:15.0708 4940 C:\Windows\System32\drivers\pacer.sys - ok
12:29:15.0708 4940 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
12:29:15.0708 4940 C:\Windows\System32\drivers\wfplwf.sys - ok
12:29:15.0708 4940 [ 2C22CC39309EE06AE870C183BF2A769D ] C:\Windows\System32\drivers\EpfwLWF.sys
12:29:15.0708 4940 C:\Windows\System32\drivers\EpfwLWF.sys - ok
12:29:15.0723 4940 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\netbios.sys - ok
12:29:15.0723 4940 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] C:\Windows\System32\drivers\serial.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\serial.sys - ok
12:29:15.0723 4940 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\wanarp.sys - ok
12:29:15.0723 4940 [ 20B2751CD4C8F3FD989739CA661B9F30 ] C:\Windows\System32\drivers\scdemu.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\scdemu.sys - ok
12:29:15.0723 4940 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\termdd.sys - ok
12:29:15.0723 4940 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\rdbss.sys - ok
12:29:15.0723 4940 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
12:29:15.0723 4940 C:\Windows\System32\drivers\mssmbios.sys - ok
12:29:15.0739 4940 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:29:15.0739 4940 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\discache.sys - ok
12:29:15.0739 4940 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\csc.sys - ok
12:29:15.0739 4940 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\dfsc.sys - ok
12:29:15.0739 4940 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\blbdrive.sys - ok
12:29:15.0739 4940 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
12:29:15.0739 4940 C:\Windows\System32\drivers\tunnel.sys - ok
12:29:15.0755 4940 [ B69E6F70CE1151C8D62ABC9DEF64DFBE ] C:\Windows\System32\drivers\nvlddmkm.sys
12:29:15.0755 4940 C:\Windows\System32\drivers\nvlddmkm.sys - ok
12:29:15.0755 4940 [ 03BE3B1E57500C305704B018BAA5A42E ] C:\Windows\System32\drivers\nvBridge.kmd
12:29:15.0755 4940 C:\Windows\System32\drivers\nvBridge.kmd - ok
12:29:15.0755 4940 [ 113B224CA1F55673C410A91D986D2276 ] C:\Windows\System32\ntdll.dll
12:29:15.0755 4940 C:\Windows\System32\ntdll.dll - ok
12:29:15.0755 4940 [ DE91DCC7BC55E940979097E98F743205 ] C:\Windows\System32\smss.exe
12:29:15.0755 4940 C:\Windows\System32\smss.exe - ok
12:29:15.0755 4940 [ 16498EBC04AE9DD07049A8884B205C05 ] C:\Windows\System32\drivers\dxgkrnl.sys
12:29:15.0755 4940 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:29:15.0755 4940 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
12:29:15.0755 4940 C:\Windows\System32\autochk.exe - ok
12:29:15.0770 4940 [ E405328A0E38BF823E2361C413283F6D ] C:\Windows\System32\drivers\dxgmms1.sys
12:29:15.0770 4940 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:29:15.0770 4940 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
12:29:15.0770 4940 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:29:15.0770 4940 [ D86AC00883B9C98B570E7643AAF8E554 ] C:\Windows\System32\drivers\HECI.sys
12:29:15.0770 4940 C:\Windows\System32\drivers\HECI.sys - ok
12:29:15.0770 4940 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
12:29:15.0770 4940 C:\Windows\System32\drivers\i8042prt.sys - ok
12:29:15.0786 4940 [ 1A91EAAD2D73758140B3B7B6AD736573 ] C:\Windows\System32\drivers\L1C62x86.sys
12:29:15.0786 4940 C:\Windows\System32\drivers\L1C62x86.sys - ok
12:29:15.0801 4940 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] C:\Windows\System32\drivers\usbehci.sys
12:29:15.0801 4940 C:\Windows\System32\drivers\usbehci.sys - ok
12:29:15.0801 4940 [ 3AA940AA9AC3055FE32FF2D3D20CCD28 ] C:\Windows\System32\drivers\usbport.sys
12:29:15.0801 4940 C:\Windows\System32\drivers\usbport.sys - ok
12:29:15.0801 4940 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
12:29:15.0801 4940 C:\Windows\System32\drivers\intelppm.sys - ok
12:29:15.0801 4940 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
12:29:15.0801 4940 C:\Windows\System32\drivers\kbdclass.sys - ok
12:29:15.0801 4940 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
12:29:15.0801 4940 C:\Windows\System32\drivers\parport.sys - ok
12:29:15.0817 4940 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] C:\Windows\System32\drivers\serenum.sys
12:29:15.0817 4940 C:\Windows\System32\drivers\serenum.sys - ok
12:29:15.0817 4940 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
12:29:15.0817 4940 C:\Windows\System32\drivers\agilevpn.sys - ok
12:29:15.0817 4940 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
12:29:15.0817 4940 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:29:15.0817 4940 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
12:29:15.0817 4940 C:\Windows\System32\drivers\ndistapi.sys - ok
12:29:15.0817 4940 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
12:29:15.0817 4940 C:\Windows\System32\drivers\ndiswan.sys - ok
12:29:15.0833 4940 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:29:15.0833 4940 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\ks.sys - ok
12:29:15.0833 4940 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\mouclass.sys - ok
12:29:15.0833 4940 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\raspppoe.sys - ok
12:29:15.0833 4940 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\raspptp.sys - ok
12:29:15.0833 4940 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
12:29:15.0833 4940 C:\Windows\System32\drivers\rassstp.sys - ok
12:29:15.0848 4940 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
12:29:15.0848 4940 C:\Windows\System32\drivers\rdpbus.sys - ok
12:29:15.0848 4940 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
12:29:15.0848 4940 C:\Windows\System32\drivers\swenum.sys - ok
12:29:15.0848 4940 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
12:29:15.0848 4940 C:\Windows\System32\drivers\umbus.sys - ok
12:29:15.0848 4940 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
12:29:15.0848 4940 C:\Windows\System32\setupapi.dll - ok
12:29:15.0848 4940 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] C:\Windows\System32\drivers\usbhub.sys
12:29:15.0848 4940 C:\Windows\System32\drivers\usbhub.sys - ok
12:29:15.0848 4940 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
12:29:15.0848 4940 C:\Windows\System32\ws2_32.dll - ok
12:29:15.0864 4940 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
12:29:15.0864 4940 C:\Windows\System32\drivers\ndproxy.sys - ok
12:29:15.0864 4940 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
12:29:15.0864 4940 C:\Windows\System32\shlwapi.dll - ok
12:29:15.0864 4940 [ 6933E2AFF444A7A95D5C67E98449163E ] C:\Windows\System32\kernel32.dll
12:29:15.0864 4940 C:\Windows\System32\kernel32.dll - ok
12:29:15.0864 4940 [ 281A720B0A984E325599EE1F0342E8FB ] C:\Windows\System32\iertutil.dll
12:29:15.0864 4940 C:\Windows\System32\iertutil.dll - ok
12:29:15.0864 4940 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
12:29:15.0864 4940 C:\Windows\System32\comdlg32.dll - ok
12:29:15.0864 4940 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
12:29:15.0864 4940 C:\Windows\System32\drivers\drmk.sys - ok
12:29:15.0864 4940 [ 92CFE8964B3A6DA0692331FA66630DB3 ] C:\Windows\System32\drivers\nvhda32v.sys
12:29:15.0864 4940 C:\Windows\System32\drivers\nvhda32v.sys - ok
12:29:15.0879 4940 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
12:29:15.0879 4940 C:\Windows\System32\drivers\portcls.sys - ok
12:29:15.0879 4940 [ F2ABB8BC8A9F807EDDB639672695A9BC ] C:\Windows\System32\drivers\viahduaa.sys
12:29:15.0879 4940 C:\Windows\System32\drivers\viahduaa.sys - ok
12:29:15.0879 4940 [ 535F6263035F2530A62D5D64EF6E73D3 ] C:\Windows\System32\wininet.dll
12:29:15.0879 4940 C:\Windows\System32\wininet.dll - ok
12:29:15.0879 4940 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
12:29:15.0879 4940 C:\Windows\System32\gdi32.dll - ok
12:29:15.0879 4940 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
12:29:15.0879 4940 C:\Windows\System32\sechost.dll - ok
12:29:15.0879 4940 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
12:29:15.0879 4940 C:\Windows\System32\Wldap32.dll - ok
12:29:15.0895 4940 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
12:29:15.0895 4940 C:\Windows\System32\difxapi.dll - ok
12:29:15.0895 4940 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
12:29:15.0895 4940 C:\Windows\System32\msvcrt.dll - ok
12:29:15.0895 4940 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
12:29:15.0895 4940 C:\Windows\System32\nsi.dll - ok
12:29:15.0895 4940 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
12:29:15.0895 4940 C:\Windows\System32\lpk.dll - ok
12:29:15.0895 4940 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
12:29:15.0895 4940 C:\Windows\System32\msctf.dll - ok
12:29:15.0895 4940 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
12:29:15.0895 4940 C:\Windows\System32\oleaut32.dll - ok
12:29:15.0895 4940 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
12:29:15.0895 4940 C:\Windows\System32\imagehlp.dll - ok
12:29:15.0911 4940 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
12:29:15.0911 4940 C:\Windows\System32\normaliz.dll - ok
12:29:15.0911 4940 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
12:29:15.0911 4940 C:\Windows\System32\ole32.dll - ok
12:29:15.0911 4940 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
12:29:15.0911 4940 C:\Windows\System32\user32.dll - ok
12:29:15.0911 4940 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
12:29:15.0911 4940 C:\Windows\System32\clbcatq.dll - ok
12:29:15.0911 4940 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
12:29:15.0911 4940 C:\Windows\System32\imm32.dll - ok
12:29:15.0911 4940 [ E5D91D6B81A293AB6854CAD112240A4B ] C:\Windows\System32\urlmon.dll
12:29:15.0911 4940 C:\Windows\System32\urlmon.dll - ok
12:29:15.0926 4940 [ E02781D4871844DCD30DF1D69A650F78 ] C:\Windows\System32\shell32.dll
12:29:15.0926 4940 C:\Windows\System32\shell32.dll - ok
12:29:15.0926 4940 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
12:29:15.0926 4940 C:\Windows\System32\advapi32.dll - ok
12:29:15.0926 4940 [ 5A043BDA3BFADD5B4C16F3BDE5EC4312 ] C:\Windows\System32\rpcrt4.dll
12:29:15.0926 4940 C:\Windows\System32\rpcrt4.dll - ok
12:29:15.0926 4940 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
12:29:15.0926 4940 C:\Windows\System32\psapi.dll - ok
12:29:15.0926 4940 [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\System32\usp10.dll
12:29:15.0926 4940 C:\Windows\System32\usp10.dll - ok
12:29:15.0926 4940 [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:29:15.0926 4940 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:29:15.0942 4940 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:29:15.0942 4940 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:29:15.0942 4940 [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:29:15.0942 4940 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:29:15.0942 4940 [ AE8EB083B050E17A7D6EB5E28AECDDD6 ] C:\Windows\System32\crypt32.dll
12:29:15.0942 4940 C:\Windows\System32\crypt32.dll - ok
12:29:15.0942 4940 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
12:29:15.0942 4940 C:\Windows\System32\comctl32.dll - ok
12:29:15.0942 4940 [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:29:15.0942 4940 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:29:15.0957 4940 [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:29:15.0957 4940 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:29:15.0957 4940 [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:29:15.0957 4940 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:29:15.0957 4940 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
12:29:15.0957 4940 C:\Windows\System32\cfgmgr32.dll - ok
12:29:15.0957 4940 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
12:29:15.0957 4940 C:\Windows\System32\devobj.dll - ok
12:29:15.0957 4940 [ 1E65CF7B26D02750544EFDD73C8118FA ] C:\Windows\System32\KernelBase.dll
12:29:15.0957 4940 C:\Windows\System32\KernelBase.dll - ok
12:29:15.0957 4940 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
12:29:15.0957 4940 C:\Windows\System32\msasn1.dll - ok
12:29:15.0973 4940 [ 68EAAEDF0365168B804E8728368FA946 ] C:\Windows\System32\wintrust.dll
12:29:15.0973 4940 C:\Windows\System32\wintrust.dll - ok
12:29:15.0973 4940 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
12:29:15.0973 4940 C:\Windows\System32\csrss.exe - ok
12:29:15.0973 4940 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
12:29:15.0973 4940 C:\Windows\System32\drivers\dxapi.sys - ok
12:29:15.0973 4940 [ ED880065BBB2C5F57B74F30812A65F4F ] C:\Windows\System32\win32k.sys
12:29:15.0973 4940 C:\Windows\System32\win32k.sys - ok
12:29:15.0973 4940 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
12:29:15.0973 4940 C:\Windows\System32\basesrv.dll - ok
12:29:15.0989 4940 [ 23AB7E36551C6BA5370EF7F05142F0EB ] C:\Windows\System32\csrsrv.dll
12:29:15.0989 4940 C:\Windows\System32\csrsrv.dll - ok
12:29:15.0989 4940 [ 51BB04243DF6196C06E125898127E397 ] C:\Windows\System32\winsrv.dll
12:29:15.0989 4940 C:\Windows\System32\winsrv.dll - ok
12:29:15.0989 4940 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
12:29:15.0989 4940 C:\Windows\System32\profapi.dll - ok
12:29:15.0989 4940 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
12:29:15.0989 4940 C:\Windows\System32\sxssrv.dll - ok
12:29:15.0989 4940 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
12:29:15.0989 4940 C:\Windows\System32\tsddd.dll - ok
12:29:15.0989 4940 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
12:29:15.0989 4940 C:\Windows\System32\wininit.exe - ok
12:29:16.0004 4940 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
12:29:16.0004 4940 C:\Windows\System32\cdd.dll - ok
12:29:16.0004 4940 [ 01EA11A3F3C8230EB1AAB964BBBBF172 ] C:\Windows\System32\KBDCR.DLL
12:29:16.0004 4940 C:\Windows\System32\KBDCR.DLL - ok
12:29:16.0004 4940 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
12:29:16.0004 4940 C:\Windows\System32\RpcRtRemote.dll - ok
12:29:16.0004 4940 [ C25F054900BD3CC5C333E7B0FA75DA91 ] C:\Windows\System32\KBDUSX.DLL
12:29:16.0004 4940 C:\Windows\System32\KBDUSX.DLL - ok
12:29:16.0004 4940 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
12:29:16.0004 4940 C:\Windows\System32\WlS0WndH.dll - ok
12:29:16.0004 4940 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
12:29:16.0004 4940 C:\Windows\System32\sxs.dll - ok
12:29:16.0020 4940 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
12:29:16.0020 4940 C:\Windows\System32\cryptbase.dll - ok
12:29:16.0020 4940 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
12:29:16.0020 4940 C:\Windows\System32\apphelp.dll - ok
12:29:16.0020 4940 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
12:29:16.0020 4940 C:\Windows\System32\lsass.exe - ok
12:29:16.0020 4940 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
12:29:16.0020 4940 C:\Windows\System32\lsm.exe - ok
12:29:16.0020 4940 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
12:29:16.0020 4940 C:\Windows\System32\services.exe - ok
12:29:16.0020 4940 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
12:29:16.0020 4940 C:\Windows\System32\sspicli.dll - ok
12:29:16.0035 4940 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
12:29:16.0035 4940 C:\Windows\System32\scext.dll - ok
12:29:16.0035 4940 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
12:29:16.0035 4940 C:\Windows\System32\sspisrv.dll - ok
12:29:16.0035 4940 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
12:29:16.0035 4940 C:\Windows\System32\lsasrv.dll - ok
12:29:16.0035 4940 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
12:29:16.0035 4940 C:\Windows\System32\sysntfy.dll - ok
12:29:16.0035 4940 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
12:29:16.0035 4940 C:\Windows\System32\wmsgapi.dll - ok
12:29:16.0035 4940 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
12:29:16.0035 4940 C:\Windows\System32\scesrv.dll - ok
12:29:16.0051 4940 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
12:29:16.0051 4940 C:\Windows\System32\secur32.dll - ok
12:29:16.0051 4940 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
12:29:16.0051 4940 C:\Windows\System32\samsrv.dll - ok
12:29:16.0051 4940 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
12:29:16.0051 4940 C:\Windows\System32\srvcli.dll - ok
12:29:16.0051 4940 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll
12:29:16.0051 4940 C:\Windows\System32\aelupsvc.dll - ok
12:29:16.0051 4940 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
12:29:16.0051 4940 C:\Windows\System32\cryptdll.dll - ok
12:29:16.0051 4940 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
12:29:16.0051 4940 C:\Windows\System32\wevtapi.dll - ok
12:29:16.0067 4940 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
12:29:16.0067 4940 C:\Windows\System32\authz.dll - ok
12:29:16.0067 4940 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
12:29:16.0067 4940 C:\Windows\System32\cngaudit.dll - ok
12:29:16.0067 4940 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
12:29:16.0067 4940 C:\Windows\System32\ncrypt.dll - ok
12:29:16.0067 4940 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
12:29:16.0067 4940 C:\Windows\System32\bcrypt.dll - ok
12:29:16.0067 4940 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
12:29:16.0067 4940 C:\Windows\System32\msprivs.dll - ok
12:29:16.0067 4940 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
12:29:16.0067 4940 C:\Windows\System32\netjoin.dll - ok
12:29:16.0082 4940 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
12:29:16.0082 4940 C:\Windows\System32\kerberos.dll - ok
12:29:16.0082 4940 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
12:29:16.0082 4940 C:\Windows\System32\negoexts.dll - ok
12:29:16.0082 4940 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
12:29:16.0082 4940 C:\Windows\System32\cryptsp.dll - ok
12:29:16.0082 4940 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
12:29:16.0082 4940 C:\Windows\System32\winlogon.exe - ok
12:29:16.0082 4940 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
12:29:16.0082 4940 C:\Windows\System32\winsta.dll - ok
12:29:16.0082 4940 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
12:29:16.0082 4940 C:\Windows\System32\mswsock.dll - ok
12:29:16.0082 4940 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
12:29:16.0082 4940 C:\Windows\System32\msv1_0.dll - ok
12:29:16.0098 4940 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
12:29:16.0098 4940 C:\Windows\System32\netlogon.dll - ok
12:29:16.0098 4940 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
12:29:16.0098 4940 C:\Windows\System32\wship6.dll - ok
12:29:16.0098 4940 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
12:29:16.0098 4940 C:\Windows\System32\dnsapi.dll - ok
12:29:16.0098 4940 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
12:29:16.0098 4940 C:\Windows\System32\logoncli.dll - ok
12:29:16.0098 4940 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
12:29:16.0098 4940 C:\Windows\System32\schannel.dll - ok
12:29:16.0098 4940 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
12:29:16.0098 4940 C:\Windows\System32\wdigest.dll - ok
12:29:16.0113 4940 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
12:29:16.0113 4940 C:\Windows\System32\rsaenh.dll - ok
12:29:16.0113 4940 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
12:29:16.0113 4940 C:\Windows\System32\bcryptprimitives.dll - ok
12:29:16.0113 4940 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
12:29:16.0113 4940 C:\Windows\System32\pku2u.dll - ok
12:29:16.0113 4940 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
12:29:16.0113 4940 C:\Windows\System32\TSpkg.dll - ok
12:29:16.0113 4940 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
12:29:16.0113 4940 C:\Windows\System32\credssp.dll - ok
12:29:16.0129 4940 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
12:29:16.0129 4940 C:\Windows\System32\efslsaext.dll - ok
12:29:16.0129 4940 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
12:29:16.0129 4940 C:\Windows\System32\scecli.dll - ok
12:29:16.0129 4940 [ 18A54E132947CD98FEA9ACCC57F98F13 ] C:\Windows\System32\alg.exe
12:29:16.0129 4940 C:\Windows\System32\alg.exe - ok
12:29:16.0129 4940 [ 62A9C86CB6085E20DB4823E4E97826F5 ] C:\Windows\System32\appidsvc.dll
12:29:16.0129 4940 C:\Windows\System32\appidsvc.dll - ok
12:29:16.0129 4940 [ EACFDF31921F51C097629F1F3C9129B4 ] C:\Windows\System32\appinfo.dll
12:29:16.0129 4940 C:\Windows\System32\appinfo.dll - ok
12:29:16.0129 4940 [ A45D184DF6A8803DA13A0B329517A64A ] C:\Windows\System32\appmgmts.dll
12:29:16.0129 4940 C:\Windows\System32\appmgmts.dll - ok
12:29:16.0129 4940 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
12:29:16.0129 4940 C:\Windows\System32\rascfg.dll - ok
12:29:16.0145 4940 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
12:29:16.0145 4940 C:\Windows\System32\audiosrv.dll - ok
12:29:16.0145 4940 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] C:\Windows\System32\AxInstSv.dll
12:29:16.0145 4940 C:\Windows\System32\AxInstSv.dll - ok
12:29:16.0145 4940 [ EE1E9C3BB8228AE423DD38DB69128E71 ] C:\Windows\System32\bdesvc.dll
12:29:16.0145 4940 C:\Windows\System32\bdesvc.dll - ok
12:29:16.0145 4940 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
12:29:16.0145 4940 C:\Windows\System32\BFE.DLL - ok
12:29:16.0145 4940 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll
12:29:16.0145 4940 C:\Windows\System32\qmgr.dll - ok
12:29:16.0160 4940 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
12:29:16.0160 4940 C:\Windows\System32\browser.dll - ok
12:29:16.0160 4940 [ 1180159EE45AD1B110F6E482F244899E ] C:\Windows\System32\bridgeres.dll
12:29:16.0160 4940 C:\Windows\System32\bridgeres.dll - ok
12:29:16.0160 4940 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] C:\Windows\System32\bthserv.dll
12:29:16.0160 4940 C:\Windows\System32\bthserv.dll - ok
12:29:16.0160 4940 [ 319C6B309773D063541D01DF8AC6F55F ] C:\Windows\System32\certprop.dll
12:29:16.0160 4940 C:\Windows\System32\certprop.dll - ok
12:29:16.0160 4940 [ 635181E0E9BBF16871BF5380D71DB02D ] C:\Windows\System32\clfs.sys
12:29:16.0160 4940 C:\Windows\System32\clfs.sys - ok
12:29:16.0160 4940 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
12:29:16.0160 4940 C:\Windows\System32\comres.dll - ok
12:29:16.0176 4940 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] C:\Windows\System32\cryptsvc.dll
12:29:16.0176 4940 C:\Windows\System32\cryptsvc.dll - ok
12:29:16.0176 4940 [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
12:29:16.0176 4940 C:\Windows\System32\cscsvc.dll - ok
12:29:16.0176 4940 [ 370E6FB6F6FF1B3DAC7F1182AC493BB6 ] C:\Windows\System32\oleres.dll
12:29:16.0176 4940 C:\Windows\System32\oleres.dll - ok
12:29:16.0176 4940 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] C:\Windows\System32\defragsvc.dll
12:29:16.0176 4940 C:\Windows\System32\defragsvc.dll - ok
12:29:16.0176 4940 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
12:29:16.0176 4940 C:\Windows\System32\dhcpcore.dll - ok
12:29:16.0176 4940 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] C:\Windows\System32\dot3svc.dll
12:29:16.0176 4940 C:\Windows\System32\dot3svc.dll - ok
12:29:16.0191 4940 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
12:29:16.0191 4940 C:\Windows\System32\dps.dll - ok
12:29:16.0191 4940 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
12:29:16.0191 4940 C:\Windows\System32\eapsvc.dll - ok
12:29:16.0191 4940 [ 00A99DA54C14969A899ED316D16E9A9E ] C:\Windows\System32\efssvc.dll
12:29:16.0191 4940 C:\Windows\System32\efssvc.dll - ok
12:29:16.0191 4940 [ A8C362018EFC87BEB013EE28F29C0863 ] C:\Windows\ehome\ehrecvr.exe
12:29:16.0191 4940 C:\Windows\ehome\ehrecvr.exe - ok
12:29:16.0191 4940 [ D389BFF34F80CAEDE417BF9D1507996A ] C:\Windows\ehome\ehsched.exe
12:29:16.0191 4940 C:\Windows\ehome\ehsched.exe - ok
12:29:16.0191 4940 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
12:29:16.0191 4940 C:\Windows\System32\wevtsvc.dll - ok
12:29:16.0191 4940 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
12:29:16.0191 4940 C:\Windows\System32\FXSRESM.dll - ok
12:29:16.0207 4940 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
12:29:16.0207 4940 C:\Windows\System32\fdPHost.dll - ok
12:29:16.0207 4940 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
12:29:16.0207 4940 C:\Windows\System32\FDResPub.dll - ok
12:29:16.0207 4940 [ 6CF00369C97F3CF563BE99BE983D13D8 ] C:\Windows\System32\drivers\fileinfo.sys
12:29:16.0207 4940 C:\Windows\System32\drivers\fileinfo.sys - ok
12:29:16.0207 4940 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] C:\Windows\System32\drivers\filetrace.sys
12:29:16.0207 4940 C:\Windows\System32\drivers\filetrace.sys - ok
12:29:16.0207 4940 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
12:29:16.0207 4940 C:\Windows\System32\drivers\fltMgr.sys - ok
12:29:16.0207 4940 [ E12C4928B32ACE04610259647F072635 ] C:\Windows\System32\FntCache.dll
12:29:16.0207 4940 C:\Windows\System32\FntCache.dll - ok
12:29:16.0223 4940 [ 6A08F1C87BBF6197F5DAD95CF41E5175 ] C:\Windows\System32\PresentationHost.exe
12:29:16.0223 4940 C:\Windows\System32\PresentationHost.exe - ok
12:29:16.0223 4940 [ 1A16B57943853E598CFF37FE2B8CBF1D ] C:\Windows\System32\drivers\fsdepends.sys
12:29:16.0223 4940 C:\Windows\System32\drivers\fsdepends.sys - ok
12:29:16.0223 4940 [ E306A24D9694C724FA2491278BF50FDB ] C:\Windows\System32\drivers\fvevol.sys
12:29:16.0223 4940 C:\Windows\System32\drivers\fvevol.sys - ok
12:29:16.0223 4940 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
12:29:16.0223 4940 C:\Windows\System32\gpapi.dll - ok
12:29:16.0223 4940 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\System32\hidserv.dll
12:29:16.0223 4940 C:\Windows\System32\hidserv.dll - ok
12:29:16.0223 4940 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] C:\Windows\System32\KMSVC.DLL
12:29:16.0223 4940 C:\Windows\System32\KMSVC.DLL - ok
12:29:16.0238 4940 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
12:29:16.0238 4940 C:\Windows\System32\ListSvc.dll - ok
12:29:16.0238 4940 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
12:29:16.0238 4940 C:\Windows\System32\provsvc.dll - ok
12:29:16.0238 4940 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
12:29:16.0238 4940 C:\Windows\System32\drivers\http.sys - ok
12:29:16.0238 4940 [ 0C4E035C7F105F1299258C90886C64C5 ] C:\Windows\System32\drivers\hwpolicy.sys
12:29:16.0238 4940 C:\Windows\System32\drivers\hwpolicy.sys - ok
12:29:16.0238 4940 [ 68F94A45AB26C06221B6BF5C491436D8 ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
12:29:16.0238 4940 C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
12:29:16.0238 4940 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
12:29:16.0238 4940 C:\Windows\System32\IKEEXT.DLL - ok
12:29:16.0254 4940 [ ACB364B9075A45C0736E5C47BE5CAE19 ] C:\Windows\System32\IPBusEnum.dll
12:29:16.0254 4940 C:\Windows\System32\IPBusEnum.dll - ok
12:29:16.0254 4940 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] C:\Windows\System32\iphlpsvc.dll
12:29:16.0254 4940 C:\Windows\System32\iphlpsvc.dll - ok
12:29:16.0254 4940 [ 42996CFF20A3084A56017B7902307E9F ] C:\Windows\System32\drivers\irenum.sys
12:29:16.0254 4940 C:\Windows\System32\drivers\irenum.sys - ok
12:29:16.0254 4940 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
12:29:16.0254 4940 C:\Windows\System32\keyiso.dll - ok
12:29:16.0254 4940 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
12:29:16.0254 4940 C:\Windows\System32\srvsvc.dll - ok
12:29:16.0254 4940 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
12:29:16.0254 4940 C:\Windows\System32\wkssvc.dll - ok
12:29:16.0269 4940 [ 276678C13E3F01E9EC32ED7E56B4FEA0 ] C:\Windows\System32\lltdres.dll
12:29:16.0269 4940 C:\Windows\System32\lltdres.dll - ok
12:29:16.0269 4940 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
12:29:16.0269 4940 C:\Windows\System32\drivers\luafv.sys - ok
12:29:16.0269 4940 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
12:29:16.0269 4940 C:\Windows\System32\lmhsvc.dll - ok
12:29:16.0269 4940 [ F7807FFF85E636D53A0C2C2CD8BCDC5F ] C:\Windows\ehome\ehres.dll
12:29:16.0269 4940 C:\Windows\ehome\ehres.dll - ok
12:29:16.0269 4940 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
12:29:16.0269 4940 C:\Windows\System32\mmcss.dll - ok
12:29:16.0285 4940 [ FC8771F45ECCCFD89684E38842539B9B ] C:\Windows\System32\drivers\mountmgr.sys
12:29:16.0285 4940 C:\Windows\System32\drivers\mountmgr.sys - ok
12:29:16.0285 4940 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
12:29:16.0285 4940 C:\Windows\System32\FirewallAPI.dll - ok
12:29:16.0285 4940 [ A9D880F97530D5B8FEE278923349929D ] C:\Windows\System32\WebClnt.dll
12:29:16.0285 4940 C:\Windows\System32\WebClnt.dll - ok
12:29:16.0285 4940 [ 3E1E5767043C5AF9367F0056295E9F84 ] C:\Windows\System32\drivers\mshidkmdf.sys
12:29:16.0285 4940 C:\Windows\System32\drivers\mshidkmdf.sys - ok
12:29:16.0285 4940 [ BB5B4BA716D145B2ADF241052EDAB983 ] C:\Windows\System32\iscsidsc.dll
12:29:16.0285 4940 C:\Windows\System32\iscsidsc.dll - ok
12:29:16.0285 4940 [ 159FAD02F64E6381758C990F753BCC80 ] C:\Windows\System32\drivers\mup.sys
12:29:16.0285 4940 C:\Windows\System32\drivers\mup.sys - ok
12:29:16.0301 4940 [ 1F59B386F652A0484A3CC0B680B1132B ] C:\Windows\System32\msimsg.dll
12:29:16.0301 4940 C:\Windows\System32\msimsg.dll - ok
12:29:16.0301 4940 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
12:29:16.0301 4940 C:\Windows\System32\QAGENTRT.DLL - ok
12:29:16.0301 4940 [ 8C9C922D71F1CD4DEF73F186416B7896 ] C:\Windows\System32\drivers\ndis.sys
12:29:16.0301 4940 C:\Windows\System32\drivers\ndis.sys - ok
12:29:16.0301 4940 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
12:29:16.0301 4940 C:\Windows\System32\netman.dll - ok
12:29:16.0301 4940 [ 4EF5DF1B011B05737ECB8F0B7B171510 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll
12:29:16.0301 4940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelInstallRC.dll - ok
12:29:16.0301 4940 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
12:29:16.0301 4940 C:\Windows\System32\netprofm.dll - ok
12:29:16.0316 4940 [ 374071043F9E4231EE43BE2BB48DD36D ] C:\Windows\System32\nlasvc.dll
12:29:16.0316 4940 C:\Windows\System32\nlasvc.dll - ok
12:29:16.0316 4940 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
12:29:16.0316 4940 C:\Windows\System32\nsisvc.dll - ok
12:29:16.0316 4940 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
12:29:16.0316 4940 C:\Windows\System32\pnrpsvc.dll - ok
12:29:16.0316 4940 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
12:29:16.0316 4940 C:\Windows\System32\p2psvc.dll - ok
12:29:16.0316 4940 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] C:\Windows\System32\drivers\partmgr.sys
12:29:16.0316 4940 C:\Windows\System32\drivers\partmgr.sys - ok
12:29:16.0316 4940 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
12:29:16.0316 4940 C:\Windows\System32\pcasvc.dll - ok
12:29:16.0332 4940 [ AF4D64D2A57B9772CF3801950B8058A6 ] C:\Windows\System32\PeerDistSvc.dll
12:29:16.0332 4940 C:\Windows\System32\PeerDistSvc.dll - ok
12:29:16.0332 4940 [ 414BBA67A3DED1D28437EB66AEB8A720 ] C:\Windows\System32\pla.dll
12:29:16.0332 4940 C:\Windows\System32\pla.dll - ok
12:29:16.0332 4940 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
12:29:16.0332 4940 C:\Windows\System32\umpnpmgr.dll - ok
12:29:16.0332 4940 [ 63FF8572611249931EB16BB8EED6AFC8 ] C:\Windows\System32\pnrpauto.dll
12:29:16.0332 4940 C:\Windows\System32\pnrpauto.dll - ok
12:29:16.0332 4940 [ 0E6DCD164732580CC1E57276252F49CF ] C:\Windows\System32\polstore.dll
12:29:16.0332 4940 C:\Windows\System32\polstore.dll - ok
12:29:16.0332 4940 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
12:29:16.0332 4940 C:\Windows\System32\umpo.dll - ok
12:29:16.0347 4940 [ CADEFAC453040E370A1BDFF3973BE00D ] C:\Windows\System32\profsvc.dll
12:29:16.0347 4940 C:\Windows\System32\profsvc.dll - ok
12:29:16.0347 4940 [ 274992D0945889A6B56D0E1BD4288A6E ] C:\Windows\System32\psbase.dll
12:29:16.0347 4940 C:\Windows\System32\psbase.dll - ok
12:29:16.0347 4940 [ 31AC809E7707EB580B2BDB760390765A ] C:\Windows\System32\qwave.dll
12:29:16.0347 4940 C:\Windows\System32\qwave.dll - ok
12:29:16.0347 4940 [ 584078CA1B95CA72DF2A27C336F9719D ] C:\Windows\System32\drivers\qwavedrv.sys
12:29:16.0347 4940 C:\Windows\System32\drivers\qwavedrv.sys - ok
12:29:16.0347 4940 [ A60F1839849C0C00739787FD5EC03F13 ] C:\Windows\System32\rasauto.dll
12:29:16.0347 4940 C:\Windows\System32\rasauto.dll - ok
12:29:16.0347 4940 [ CB9E04DC05EACF5B9A36CA276D475006 ] C:\Windows\System32\rasmans.dll
12:29:16.0347 4940 C:\Windows\System32\rasmans.dll - ok
12:29:16.0363 4940 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
12:29:16.0363 4940 C:\Windows\System32\sstpsvc.dll - ok
12:29:16.0363 4940 [ 7B5E1419717FAC363A31CC302895217A ] C:\Windows\System32\mprdim.dll
12:29:16.0363 4940 C:\Windows\System32\mprdim.dll - ok
12:29:16.0363 4940 [ CB9A8683F4EF2BF99E123D79950D7935 ] C:\Windows\System32\regsvc.dll
12:29:16.0363 4940 C:\Windows\System32\regsvc.dll - ok
12:29:16.0363 4940 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
12:29:16.0363 4940 C:\Windows\System32\RpcEpMap.dll - ok
12:29:16.0363 4940 [ 94D36C0E44677DD26981D2BFEEF2A29D ] C:\Windows\System32\Locator.exe
12:29:16.0363 4940 C:\Windows\System32\Locator.exe - ok
12:29:16.0363 4940 [ 8FC518FFE9519C2631D37515A68009C4 ] C:\Windows\System32\SCardSvr.dll
12:29:16.0363 4940 C:\Windows\System32\SCardSvr.dll - ok
12:29:16.0379 4940 [ 0693B5EC673E34DC147E195779A4DCF6 ] C:\Windows\System32\drivers\scfilter.sys
12:29:16.0379 4940 C:\Windows\System32\drivers\scfilter.sys - ok
12:29:16.0379 4940 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
12:29:16.0379 4940 C:\Windows\System32\schedsvc.dll - ok
12:29:16.0379 4940 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] C:\Windows\System32\sdrsvc.dll
12:29:16.0379 4940 C:\Windows\System32\sdrsvc.dll - ok
12:29:16.0379 4940 [ A59B3A4442C52060CC7A85293AA3546F ] C:\Windows\System32\seclogon.dll
12:29:16.0379 4940 C:\Windows\System32\seclogon.dll - ok
12:29:16.0379 4940 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
12:29:16.0379 4940 C:\Windows\System32\Sens.dll - ok
12:29:16.0394 4940 [ 50087FE1EE447009C9CC2997B90DE53F ] C:\Windows\System32\sensrsvc.dll
12:29:16.0394 4940 C:\Windows\System32\sensrsvc.dll - ok
12:29:16.0394 4940 [ D1A079A0DE2EA524513B6930C24527A2 ] C:\Windows\System32\ipnathlp.dll
12:29:16.0394 4940 C:\Windows\System32\ipnathlp.dll - ok
12:29:16.0394 4940 [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\System32\SessEnv.dll
12:29:16.0394 4940 C:\Windows\System32\SessEnv.dll - ok
12:29:16.0394 4940 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
12:29:16.0394 4940 C:\Windows\System32\shsvcs.dll - ok
12:29:16.0394 4940 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
12:29:16.0394 4940 C:\Windows\System32\snmptrap.exe - ok
12:29:16.0394 4940 [ 9AEA093B8F9C37CF45538382CABA2475 ] C:\Windows\System32\spoolsv.exe
12:29:16.0394 4940 C:\Windows\System32\spoolsv.exe - ok
12:29:16.0410 4940 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
12:29:16.0410 4940 C:\Windows\System32\tcpipcfg.dll - ok
12:29:16.0410 4940 [ CF87A1DE791347E75B98885214CED2B8 ] C:\Windows\System32\sppsvc.exe
12:29:16.0410 4940 C:\Windows\System32\sppsvc.exe - ok
12:29:16.0410 4940 [ B0180B20B065D89232A78A40FE56EAA6 ] C:\Windows\System32\sppuinotify.dll
12:29:16.0410 4940 C:\Windows\System32\sppuinotify.dll - ok
12:29:16.0410 4940 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
12:29:16.0410 4940 C:\Windows\System32\ssdpsrv.dll - ok
12:29:16.0410 4940 [ E1FB3706030FB4578A0D72C2FC3689E4 ] C:\Windows\System32\wiaservc.dll
12:29:16.0410 4940 C:\Windows\System32\wiaservc.dll - ok
12:29:16.0410 4940 [ A28BD92DF340E57B024BA433165D34D7 ] C:\Windows\System32\swprv.dll
12:29:16.0410 4940 C:\Windows\System32\swprv.dll - ok
12:29:16.0425 4940 [ B0AC902EFD7E46708014625ECEB25741 ] C:\Windows\System32\vmstorfltres.dll
12:29:16.0425 4940 C:\Windows\System32\vmstorfltres.dll - ok
12:29:16.0425 4940 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
12:29:16.0425 4940 C:\Windows\System32\sysmain.dll - ok
12:29:16.0425 4940 [ 763FECDC3D30C815FE72DD57936C6CD1 ] C:\Windows\System32\TabSvc.dll
12:29:16.0425 4940 C:\Windows\System32\TabSvc.dll - ok
12:29:16.0425 4940 [ 613BF4820361543956909043A265C6AC ] C:\Windows\System32\tapisrv.dll
12:29:16.0425 4940 C:\Windows\System32\tapisrv.dll - ok
12:29:16.0425 4940 [ B799D9FDB26111737F58288D8DC172D9 ] C:\Windows\System32\tbssvc.dll
12:29:16.0425 4940 C:\Windows\System32\tbssvc.dll - ok
12:29:16.0425 4940 [ 382C804C92811BE57829D8E550A900E2 ] C:\Windows\System32\termsrv.dll
12:29:16.0425 4940 C:\Windows\System32\termsrv.dll - ok
12:29:16.0441 4940 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
12:29:16.0441 4940 C:\Windows\System32\themeservice.dll - ok
12:29:16.0441 4940 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
12:29:16.0441 4940 C:\Windows\System32\trkwks.dll - ok
12:29:16.0441 4940 [ 2C49B175AEE1D4364B91B531417FE583 ] C:\Windows\servicing\TrustedInstaller.exe
12:29:16.0441 4940 C:\Windows\servicing\TrustedInstaller.exe - ok
12:29:16.0441 4940 [ B37B08F2E5EEB1A37E448E09BACE1101 ] C:\Windows\System32\drivers\tssecsrv.sys
12:29:16.0441 4940 C:\Windows\System32\drivers\tssecsrv.sys - ok
12:29:16.0441 4940 [ 8344FD4FCE927880AA1AA7681D4927E5 ] C:\Windows\System32\UI0Detect.exe
12:29:16.0441 4940 C:\Windows\System32\UI0Detect.exe - ok
12:29:16.0441 4940 [ 409994A8EACEEE4E328749C0353527A0 ] C:\Windows\System32\umrdp.dll
12:29:16.0441 4940 C:\Windows\System32\umrdp.dll - ok
12:29:16.0457 4940 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
12:29:16.0457 4940 C:\Windows\System32\upnphost.dll - ok
12:29:16.0457 4940 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
12:29:16.0457 4940 C:\Windows\System32\dwm.exe - ok
12:29:16.0457 4940 [ 6FEC7B9A76B41D9AC67615A3040017F5 ] C:\Windows\System32\vaultsvc.dll
12:29:16.0457 4940 C:\Windows\System32\vaultsvc.dll - ok
12:29:16.0457 4940 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] C:\Windows\System32\vds.exe
12:29:16.0457 4940 C:\Windows\System32\vds.exe - ok
12:29:16.0457 4940 [ 6FD5074B8CD05450F3F040993C6C2F1D ] C:\Windows\System32\vmbusres.dll
12:29:16.0457 4940 C:\Windows\System32\vmbusres.dll - ok
12:29:16.0457 4940 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] C:\Windows\System32\drivers\volmgrx.sys
12:29:16.0457 4940 C:\Windows\System32\drivers\volmgrx.sys - ok
12:29:16.0472 4940 [ 209A3B1901B83AEB8527ED211CCE9E4C ] C:\Windows\System32\VSSVC.exe
12:29:16.0472 4940 C:\Windows\System32\VSSVC.exe - ok
12:29:16.0472 4940 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
12:29:16.0472 4940 C:\Windows\System32\drivers\vwifibus.sys - ok
12:29:16.0472 4940 [ 55187FD710E27D5095D10A472C8BAF1C ] C:\Windows\System32\w32time.dll
12:29:16.0472 4940 C:\Windows\System32\w32time.dll - ok
12:29:16.0472 4940 [ 6F3705B2E59AC26FDA582BF5826F9D21 ] C:\Windows\System32\Wat\WatUX.exe
12:29:16.0472 4940 C:\Windows\System32\Wat\WatUX.exe - ok
12:29:16.0472 4940 [ 691E3285E53DCA558E1A84667F13E15A ] C:\Windows\System32\wbengine.exe
12:29:16.0472 4940 C:\Windows\System32\wbengine.exe - ok
12:29:16.0488 4940 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] C:\Windows\System32\wbiosrvc.dll
12:29:16.0488 4940 C:\Windows\System32\wbiosrvc.dll - ok
12:29:16.0488 4940 [ 34EEE0DFAADB4F691D6D5308A51315DC ] C:\Windows\System32\wcncsvc.dll
12:29:16.0488 4940 C:\Windows\System32\wcncsvc.dll - ok
12:29:16.0488 4940 [ 5D930B6357A6D2AF4D7653BDABBF352F ] C:\Windows\System32\WcsPlugInService.dll
12:29:16.0488 4940 C:\Windows\System32\WcsPlugInService.dll - ok
12:29:16.0488 4940 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] C:\Windows\System32\drivers\Wdf01000.sys
12:29:16.0488 4940 C:\Windows\System32\drivers\Wdf01000.sys - ok
12:29:16.0488 4940 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
12:29:16.0488 4940 C:\Windows\System32\wdi.dll - ok
12:29:16.0488 4940 [ 760F0AFE937A77CFF27153206534F275 ] C:\Windows\System32\wecsvc.dll
12:29:16.0488 4940 C:\Windows\System32\wecsvc.dll - ok
12:29:16.0503 4940 [ AC804569BB2364FB6017370258A4091B ] C:\Windows\System32\wercplsupport.dll
12:29:16.0503 4940 C:\Windows\System32\wercplsupport.dll - ok
12:29:16.0503 4940 [ 08E420D873E4FD85241EE2421B02C4A4 ] C:\Windows\System32\wersvc.dll
12:29:16.0503 4940 C:\Windows\System32\wersvc.dll - ok
12:29:16.0503 4940 [ EFD4E29FED530564BE4C3076C806FB65 ] C:\Program Files\Windows Defender\MsMpRes.dll
12:29:16.0503 4940 C:\Program Files\Windows Defender\MsMpRes.dll - ok
12:29:16.0503 4940 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
12:29:16.0503 4940 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:29:16.0503 4940 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
12:29:16.0503 4940 C:\Windows\System32\winhttp.dll - ok
12:29:16.0503 4940 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] C:\Windows\System32\WsmSvc.dll
12:29:16.0503 4940 C:\Windows\System32\WsmSvc.dll - ok
12:29:16.0519 4940 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
12:29:16.0519 4940 C:\Windows\System32\wlansvc.dll - ok
12:29:16.0519 4940 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] C:\Windows\System32\wbem\WmiApSrv.exe
12:29:16.0519 4940 C:\Windows\System32\wbem\WmiApSrv.exe - ok
12:29:16.0519 4940 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:29:16.0519 4940 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:29:16.0519 4940 [ A2F0EC770A92F2B3F9DE6D518E11409C ] C:\Windows\System32\wpcsvc.dll
12:29:16.0519 4940 C:\Windows\System32\wpcsvc.dll - ok
12:29:16.0519 4940 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
12:29:16.0519 4940 C:\Windows\System32\wpdbusenum.dll - ok
12:29:16.0519 4940 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] C:\Windows\System32\wscsvc.dll
12:29:16.0519 4940 C:\Windows\System32\wscsvc.dll - ok
12:29:16.0535 4940 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\System32\SearchIndexer.exe
12:29:16.0535 4940 C:\Windows\System32\SearchIndexer.exe - ok
12:29:16.0535 4940 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\Windows\System32\wuaueng.dll
12:29:16.0535 4940 C:\Windows\System32\wuaueng.dll - ok
12:29:16.0535 4940 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] C:\Windows\System32\drivers\WUDFPf.sys
12:29:16.0535 4940 C:\Windows\System32\drivers\WUDFPf.sys - ok
12:29:16.0535 4940 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] C:\Windows\System32\WUDFSvc.dll
12:29:16.0535 4940 C:\Windows\System32\WUDFSvc.dll - ok
12:29:16.0535 4940 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] C:\Windows\System32\wwansvc.dll
12:29:16.0535 4940 C:\Windows\System32\wwansvc.dll - ok
12:29:16.0535 4940 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
12:29:16.0535 4940 C:\Windows\System32\ubpm.dll - ok
12:29:16.0550 4940 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
12:29:16.0550 4940 C:\Windows\System32\devrtl.dll - ok
12:29:16.0550 4940 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
12:29:16.0550 4940 C:\Windows\System32\SPInf.dll - ok
12:29:16.0550 4940 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
12:29:16.0550 4940 C:\Windows\System32\svchost.exe - ok
12:29:16.0550 4940 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
12:29:16.0550 4940 C:\Windows\System32\userenv.dll - ok
12:29:16.0550 4940 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
12:29:16.0550 4940 C:\Windows\System32\pcwum.dll - ok
12:29:16.0550 4940 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
12:29:16.0550 4940 C:\Windows\System32\powrprof.dll - ok
12:29:16.0566 4940 [ 5A19667A580B1CE886EAF968B9743F45 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:29:16.0566 4940 C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
12:29:16.0566 4940 [ E4284FCF99FEA13A7E1836F87AE356F6 ] C:\Windows\System32\nvvsvc.exe
12:29:16.0566 4940 C:\Windows\System32\nvvsvc.exe - ok
12:29:16.0566 4940 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
12:29:16.0566 4940 C:\Windows\System32\wtsapi32.dll - ok
12:29:16.0566 4940 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
12:29:16.0566 4940 C:\Windows\System32\version.dll - ok
12:29:16.0566 4940 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
12:29:16.0566 4940 C:\Windows\System32\winspool.drv - ok
12:29:16.0566 4940 [ 557C69A479F00DE9AB885A1A9C28889A ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll
12:29:16.0566 4940 C:\Program Files\NVIDIA Corporation\3D Vision\nvstres.dll - ok
12:29:16.0581 4940 [ BDA164FB03B649BBEE46F5CB5A6770B1 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll
12:29:16.0581 4940 C:\Program Files\NVIDIA Corporation\3D Vision\nvwl.dll - ok
12:29:16.0581 4940 [ 774BABCB1144513DC86992003740B774 ] C:\Windows\System32\drivers\epfw.sys
12:29:16.0581 4940 C:\Windows\System32\drivers\epfw.sys - ok
12:29:16.0581 4940 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
12:29:16.0581 4940 C:\Windows\System32\ntmarta.dll - ok
12:29:16.0581 4940 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
12:29:16.0581 4940 C:\Windows\System32\rpcss.dll - ok
12:29:16.0581 4940 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
12:29:16.0581 4940 C:\Windows\System32\wshqos.dll - ok
12:29:16.0597 4940 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
12:29:16.0597 4940 C:\Windows\System32\WSHTCPIP.DLL - ok
12:29:16.0597 4940 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
12:29:16.0597 4940 C:\Windows\System32\LogonUI.exe - ok
12:29:16.0597 4940 [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\System32\authui.dll
12:29:16.0597 4940 C:\Windows\System32\authui.dll - ok
12:29:16.0597 4940 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
12:29:16.0597 4940 C:\Windows\System32\adtschema.dll - ok
12:29:16.0597 4940 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
12:29:16.0597 4940 C:\Windows\System32\MMDevAPI.dll - ok
12:29:16.0597 4940 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
12:29:16.0597 4940 C:\Windows\System32\propsys.dll - ok
12:29:16.0613 4940 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
12:29:16.0613 4940 C:\Windows\System32\avrt.dll - ok
12:29:16.0613 4940 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
12:29:16.0613 4940 C:\Windows\System32\cryptui.dll - ok
12:29:16.0613 4940 [ 5826854E4E420E29F59C2865F0FA562F ] C:\Program Files\Windows Defender\MpEvMsg.dll
12:29:16.0613 4940 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
12:29:16.0613 4940 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
12:29:16.0613 4940 C:\Windows\System32\MPSSVC.dll - ok
12:29:16.0613 4940 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:29:16.0613 4940 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:29:16.0613 4940 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
12:29:16.0613 4940 C:\Windows\System32\PSHED.DLL - ok
12:29:16.0628 4940 [ 1319CD4619E96B156911CA3897563EBC ] C:\Windows\System32\ci.dll
12:29:16.0628 4940 C:\Windows\System32\ci.dll - ok
12:29:16.0628 4940 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:29:16.0628 4940 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:29:16.0628 4940 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
12:29:16.0628 4940 C:\Windows\System32\audiodg.exe - ok
12:29:16.0628 4940 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:29:16.0628 4940 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:29:16.0628 4940 [ 07BA6D17E66879018B30B6C3F976EBED ] C:\Program Files\Creative\Shared Files\CTAudSvc.exe
12:29:16.0628 4940 C:\Program Files\Creative\Shared Files\CTAudSvc.exe - ok
12:29:16.0644 4940 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
12:29:16.0644 4940 C:\Windows\System32\dsound.dll - ok
12:29:16.0644 4940 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
12:29:16.0644 4940 C:\Windows\System32\shacct.dll - ok
12:29:16.0644 4940 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
12:29:16.0644 4940 C:\Windows\System32\samlib.dll - ok
12:29:16.0644 4940 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
12:29:16.0644 4940 C:\Windows\System32\winmm.dll - ok
12:29:16.0644 4940 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
12:29:16.0644 4940 C:\Windows\System32\oleacc.dll - ok
12:29:16.0644 4940 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
12:29:16.0644 4940 C:\Windows\System32\uxtheme.dll - ok
12:29:16.0659 4940 [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
12:29:16.0659 4940 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
12:29:16.0659 4940 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
12:29:16.0659 4940 C:\Windows\System32\gpsvc.dll - ok
12:29:16.0659 4940 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
12:29:16.0659 4940 C:\Windows\System32\PeerDist.dll - ok
12:29:16.0659 4940 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
12:29:16.0659 4940 C:\Windows\System32\atl.dll - ok
12:29:16.0659 4940 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
12:29:16.0659 4940 C:\Windows\System32\dsrole.dll - ok
12:29:16.0659 4940 [ 50E0DD0A5B8D8BC353578F2F73926697 ] C:\Windows\System32\nlaapi.dll
12:29:16.0659 4940 C:\Windows\System32\nlaapi.dll - ok
12:29:16.0675 4940 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
12:29:16.0675 4940 C:\Windows\System32\slc.dll - ok
12:29:16.0675 4940 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
12:29:16.0675 4940 C:\Windows\System32\taskschd.dll - ok
12:29:16.0675 4940 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
12:29:16.0675 4940 C:\Windows\System32\es.dll - ok
12:29:16.0675 4940 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
12:29:16.0675 4940 C:\Windows\System32\dui70.dll - ok
12:29:16.0675 4940 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
12:29:16.0675 4940 C:\Windows\System32\mstask.dll - ok
12:29:16.0691 4940 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
12:29:16.0691 4940 C:\Windows\System32\duser.dll - ok
12:29:16.0691 4940 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
12:29:16.0691 4940 C:\Windows\System32\SndVolSSO.dll - ok
12:29:16.0691 4940 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
12:29:16.0691 4940 C:\Windows\System32\drivers\lltdio.sys - ok
12:29:16.0691 4940 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
12:29:16.0691 4940 C:\Windows\System32\drivers\rspndr.sys - ok
12:29:16.0691 4940 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
12:29:16.0691 4940 C:\Windows\System32\dwmapi.dll - ok
12:29:16.0691 4940 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
12:29:16.0691 4940 C:\Windows\System32\hid.dll - ok
12:29:16.0691 4940 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
12:29:16.0691 4940 C:\Windows\System32\uxsms.dll - ok
12:29:16.0706 4940 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\System32\xmllite.dll
12:29:16.0706 4940 C:\Windows\System32\xmllite.dll - ok
12:29:16.0706 4940 [ EF71BA5DF59034962B0C62314A71351A ] C:\Windows\System32\dhcpcore6.dll
12:29:16.0706 4940 C:\Windows\System32\dhcpcore6.dll - ok
12:29:16.0706 4940 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
12:29:16.0706 4940 C:\Windows\System32\IPHLPAPI.DLL - ok
12:29:16.0706 4940 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
12:29:16.0706 4940 C:\Windows\System32\nrpsrv.dll - ok
12:29:16.0706 4940 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
12:29:16.0706 4940 C:\Windows\System32\winnsi.dll - ok
12:29:16.0706 4940 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
12:29:16.0706 4940 C:\Windows\System32\dnsrslvr.dll - ok
12:29:16.0722 4940 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
12:29:16.0722 4940 C:\Windows\System32\FWPUCLNT.DLL - ok
12:29:16.0722 4940 [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\System32\WindowsCodecs.dll
12:29:16.0722 4940 C:\Windows\System32\WindowsCodecs.dll - ok
12:29:16.0722 4940 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
12:29:16.0722 4940 C:\Windows\System32\dnsext.dll - ok
12:29:16.0722 4940 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
12:29:16.0722 4940 C:\Windows\System32\dhcpcsvc.dll - ok
12:29:16.0722 4940 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\System32\dhcpcsvc6.dll
12:29:16.0722 4940 C:\Windows\System32\dhcpcsvc6.dll - ok
12:29:16.0737 4940 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
12:29:16.0737 4940 C:\Windows\System32\ktmw32.dll - ok
12:29:16.0737 4940 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
12:29:16.0737 4940 C:\Windows\System32\netapi32.dll - ok
12:29:16.0737 4940 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
12:29:16.0737 4940 C:\Windows\System32\netutils.dll - ok
12:29:16.0737 4940 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
12:29:16.0737 4940 C:\Windows\System32\wkscli.dll - ok
12:29:16.0737 4940 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:29:16.0737 4940 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:29:16.0737 4940 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
12:29:16.0737 4940 C:\Windows\System32\VaultCredProvider.dll - ok
12:29:16.0753 4940 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
12:29:16.0753 4940 C:\Windows\System32\winbrand.dll - ok
12:29:16.0753 4940 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
12:29:16.0753 4940 C:\Windows\System32\BioCredProv.dll - ok
12:29:16.0753 4940 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
12:29:16.0753 4940 C:\Windows\System32\credui.dll - ok
12:29:16.0753 4940 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
12:29:16.0753 4940 C:\Windows\System32\samcli.dll - ok
12:29:16.0753 4940 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
12:29:16.0753 4940 C:\Windows\System32\vaultcli.dll - ok
12:29:16.0753 4940 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
12:29:16.0753 4940 C:\Windows\System32\winbio.dll - ok
12:29:16.0769 4940 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
12:29:16.0769 4940 C:\Windows\System32\certCredProvider.dll - ok
12:29:16.0769 4940 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
12:29:16.0769 4940 C:\Windows\System32\rasapi32.dll - ok
12:29:16.0769 4940 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
12:29:16.0769 4940 C:\Windows\System32\rasplap.dll - ok
12:29:16.0769 4940 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
12:29:16.0769 4940 C:\Windows\System32\fveapi.dll - ok
12:29:16.0769 4940 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
12:29:16.0769 4940 C:\Windows\System32\fvecerts.dll - ok
12:29:16.0784 4940 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
12:29:16.0784 4940 C:\Windows\System32\rasman.dll - ok
12:29:16.0784 4940 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
12:29:16.0784 4940 C:\Windows\System32\rtutils.dll - ok
12:29:16.0784 4940 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
12:29:16.0784 4940 C:\Windows\System32\tbs.dll - ok
12:29:16.0784 4940 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
12:29:16.0784 4940 C:\Windows\System32\UXInit.dll - ok
12:29:16.0784 4940 [ E9AAB969B56EB4360A104B318E783486 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
12:29:16.0784 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
12:29:16.0784 4940 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
12:29:16.0784 4940 C:\Windows\System32\taskcomp.dll - ok
12:29:16.0800 4940 [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\System32\UIAutomationCore.dll
12:29:16.0800 4940 C:\Windows\System32\UIAutomationCore.dll - ok
12:29:16.0800 4940 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
12:29:16.0800 4940 C:\Windows\System32\wiarpc.dll - ok
12:29:16.0800 4940 [ 8619BE54EC51A74A2C3F82B313AB445E ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
12:29:16.0800 4940 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
12:29:16.0800 4940 [ FC7853740F3F8261B23D0B4486783204 ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
12:29:16.0800 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
12:29:16.0800 4940 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
12:29:16.0800 4940 C:\Windows\System32\msimg32.dll - ok
12:29:16.0800 4940 [ C76B049D9D3AD0A4A178BCB17C661A43 ] C:\Windows\System32\nvsvc.dll
12:29:16.0800 4940 C:\Windows\System32\nvsvc.dll - ok
12:29:16.0815 4940 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
12:29:16.0815 4940 C:\Windows\System32\imageres.dll - ok
12:29:16.0815 4940 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
12:29:16.0815 4940 C:\Windows\System32\drivers\bowser.sys - ok
12:29:16.0815 4940 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
12:29:16.0815 4940 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:29:16.0815 4940 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
12:29:16.0815 4940 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:29:16.0815 4940 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
12:29:16.0815 4940 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:29:16.0815 4940 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
12:29:16.0815 4940 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:29:16.0831 4940 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:29:16.0831 4940 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
12:29:16.0831 4940 [ EB0A59F29C19B86479D36B35983DAADC ] C:\Windows\System32\drivers\parvdm.sys
12:29:16.0831 4940 C:\Windows\System32\drivers\parvdm.sys - ok
12:29:16.0831 4940 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
12:29:16.0831 4940 C:\Windows\System32\wfapigp.dll - ok
12:29:16.0831 4940 [ F16332EBB2FA59F8AB568A8E5316ACF8 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
12:29:16.0831 4940 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
12:29:16.0831 4940 [ B3892E6DA8E2C8CE4B0A9D3EB9A185E5 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll
12:29:16.0831 4940 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_50916076bcb9a742\msvcr90.dll - ok
12:29:16.0831 4940 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
12:29:16.0831 4940 C:\Windows\System32\mscms.dll - ok
12:29:16.0847 4940 [ 7B851A8018B1EA00A69707A390004884 ] C:\Windows\System32\cryptnet.dll
12:29:16.0847 4940 C:\Windows\System32\cryptnet.dll - ok
12:29:16.0847 4940 [ 3E7D09A7C989725969DA66BFF6BECCEF ] C:\Windows\System32\nvapi.dll
12:29:16.0847 4940 C:\Windows\System32\nvapi.dll - ok
12:29:16.0847 4940 [ 6576CDEF9945DFA6BAE25FA0119468E9 ] C:\Program Files\ESET\ESET Smart Security\ekrn.exe
12:29:16.0847 4940 C:\Program Files\ESET\ESET Smart Security\ekrn.exe - ok
12:29:16.0847 4940 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
12:29:16.0847 4940 C:\Windows\System32\vssapi.dll - ok
12:29:16.0847 4940 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
12:29:16.0847 4940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
12:29:16.0847 4940 [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
12:29:16.0847 4940 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
12:29:16.0862 4940 [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll
12:29:16.0862 4940 C:\Windows\System32\PeerDistSh.dll - ok
12:29:16.0862 4940 [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
12:29:16.0862 4940 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
12:29:16.0862 4940 [ 1625A995EA24198002E44DD60AFAF937 ] C:\Windows\System32\nvsvcr.dll
12:29:16.0862 4940 C:\Windows\System32\nvsvcr.dll - ok
12:29:16.0862 4940 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
12:29:16.0862 4940 C:\Windows\System32\dssenh.dll - ok
12:29:16.0862 4940 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
12:29:16.0862 4940 C:\Windows\System32\vsstrace.dll - ok
12:29:16.0862 4940 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
12:29:16.0862 4940 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
12:29:16.0878 4940 [ 88BD750F70A2BC8C9A34E0B636E3618E ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
12:29:16.0878 4940 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
12:29:16.0878 4940 [ 4FCC53B82D91607FB9AE24E617108BB2 ] C:\Windows\System32\ieframe.dll
12:29:16.0878 4940 C:\Windows\System32\ieframe.dll - ok
12:29:16.0878 4940 [ DA345DE3B450E9E1691E7B9956D8FFC3 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
12:29:16.0878 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe - ok
12:29:16.0878 4940 [ 140D9F911182357626165EA0BEB98C4F ] C:\Windows\System32\ncsi.dll
12:29:16.0878 4940 C:\Windows\System32\ncsi.dll - ok
12:29:16.0878 4940 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
12:29:16.0878 4940 C:\Windows\System32\vpnikeapi.dll - ok
12:29:16.0878 4940 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
12:29:16.0878 4940 C:\Windows\System32\webio.dll - ok
12:29:16.0893 4940 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
12:29:16.0893 4940 C:\Windows\System32\ssdpapi.dll - ok
12:29:16.0893 4940 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
12:29:16.0893 4940 C:\Windows\System32\aepic.dll - ok
12:29:16.0893 4940 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
12:29:16.0893 4940 C:\Windows\System32\drivers\PEAuth.sys - ok
12:29:16.0893 4940 [ 7BF23024EE34A48219AE8D6590C7E56E ] C:\Windows\System32\nvcpl.dll
12:29:16.0893 4940 C:\Windows\System32\nvcpl.dll - ok
12:29:16.0893 4940 [ 3ACA02784B874177ACFAFBFAC32EC3C2 ] C:\Windows\System32\nvumdshim.dll
12:29:16.0893 4940 C:\Windows\System32\nvumdshim.dll - ok
12:29:16.0893 4940 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
12:29:16.0893 4940 C:\Windows\System32\sfc.dll - ok
12:29:16.0909 4940 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
12:29:16.0909 4940 C:\Windows\System32\sfc_os.dll - ok
12:29:16.0909 4940 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
12:29:16.0909 4940 C:\Windows\System32\drivers\secdrv.sys - ok
12:29:16.0909 4940 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
12:29:16.0909 4940 C:\Windows\System32\drivers\srvnet.sys - ok
12:29:16.0909 4940 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
12:29:16.0909 4940 C:\Windows\System32\httpapi.dll - ok
12:29:16.0909 4940 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] C:\Windows\System32\drivers\tcpipreg.sys
12:29:16.0909 4940 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:29:16.0909 4940 [ B087F2B901570F6EF62F6C2E01A480F3 ] C:\Windows\System32\wiatrace.dll
12:29:16.0909 4940 C:\Windows\System32\wiatrace.dll - ok
12:29:16.0925 4940 [ 3E85BDD019E3DB66D9471DAD7FD6A887 ] C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
12:29:16.0925 4940 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe - ok
12:29:16.0925 4940 [ C01CE209383399463B505D0A19E30AA0 ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
12:29:16.0925 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
12:29:16.0925 4940 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
12:29:16.0925 4940 C:\Windows\System32\mpr.dll - ok
12:29:16.0925 4940 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
12:29:16.0925 4940 C:\Windows\System32\SensApi.dll - ok
12:29:16.0925 4940 [ 7C63629508BB87227C3C861355A155B4 ] C:\Windows\System32\jsproxy.dll
12:29:16.0925 4940 C:\Windows\System32\jsproxy.dll - ok
12:29:16.0925 4940 [ F3F571288CDE445881102E385BF3471F ] C:\Windows\System32\Magnification.dll
12:29:16.0925 4940 C:\Windows\System32\Magnification.dll - ok
12:29:16.0940 4940 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\System32\shfolder.dll
12:29:16.0940 4940 C:\Windows\System32\shfolder.dll - ok
12:29:16.0940 4940 [ A713C6BBA47D14B81FED1995DBE8C0AD ] C:\Windows\System32\ViakaraokeSrv.exe
12:29:16.0940 4940 C:\Windows\System32\ViakaraokeSrv.exe - ok
12:29:16.0940 4940 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\System32\d3d9.dll
12:29:16.0940 4940 C:\Windows\System32\d3d9.dll - ok
12:29:16.0940 4940 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
12:29:16.0940 4940 C:\Windows\System32\drivers\srv2.sys - ok
12:29:16.0940 4940 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
12:29:16.0940 4940 C:\Windows\System32\wbemcomn.dll - ok
12:29:16.0956 4940 [ 082CF481F659FAE0DE51AD060881EB47 ] C:\Program Files\Windows Defender\MpSvc.dll
12:29:16.0956 4940 C:\Program Files\Windows Defender\MpSvc.dll - ok
12:29:16.0956 4940 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
12:29:16.0956 4940 C:\Windows\System32\eappprxy.dll - ok
12:29:16.0956 4940 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
12:29:16.0956 4940 C:\Windows\System32\drivers\srv.sys - ok
12:29:16.0956 4940 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:29:16.0956 4940 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:29:16.0956 4940 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
12:29:16.0956 4940 C:\Windows\System32\wbem\fastprox.dll - ok
12:29:16.0956 4940 [ B2E1E4A16EDD02396F451F915FA3CBFA ] C:\Windows\System32\rastapi.dll
12:29:16.0956 4940 C:\Windows\System32\rastapi.dll - ok
12:29:16.0971 4940 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
12:29:16.0971 4940 C:\Windows\System32\aeevts.dll - ok
12:29:16.0971 4940 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\System32\tapi32.dll
12:29:16.0971 4940 C:\Windows\System32\tapi32.dll - ok
12:29:16.0971 4940 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
12:29:16.0971 4940 C:\Windows\System32\ntdsapi.dll - ok
12:29:16.0971 4940 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
12:29:16.0971 4940 C:\Windows\System32\wbem\wbemprox.dll - ok
12:29:16.0971 4940 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
12:29:16.0971 4940 C:\Windows\System32\sqmapi.dll - ok
12:29:16.0971 4940 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
12:29:16.0971 4940 C:\Windows\System32\wdscore.dll - ok
12:29:16.0987 4940 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
12:29:16.0987 4940 C:\Windows\System32\netcfgx.dll - ok
12:29:16.0987 4940 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
12:29:16.0987 4940 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:29:16.0987 4940 [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\System32\unimdm.tsp
12:29:16.0987 4940 C:\Windows\System32\unimdm.tsp - ok
12:29:16.0987 4940 [ 5B8E80EC0D621CDF920AB2141CDBC733 ] C:\Program Files\Windows Defender\MpClient.dll
12:29:16.0987 4940 C:\Program Files\Windows Defender\MpClient.dll - ok
12:29:16.0987 4940 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
12:29:16.0987 4940 C:\Windows\System32\netmsg.dll - ok
12:29:16.0987 4940 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
12:29:16.0987 4940 C:\Windows\System32\clusapi.dll - ok
12:29:17.0003 4940 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
12:29:17.0003 4940 C:\Windows\System32\sscore.dll - ok
12:29:17.0003 4940 [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\System32\uniplat.dll
12:29:17.0003 4940 C:\Windows\System32\uniplat.dll - ok
12:29:17.0003 4940 [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\System32\kmddsp.tsp
12:29:17.0003 4940 C:\Windows\System32\kmddsp.tsp - ok
12:29:17.0003 4940 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
12:29:17.0003 4940 C:\Windows\System32\resutils.dll - ok
12:29:17.0003 4940 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
12:29:17.0003 4940 C:\Windows\System32\hnetcfg.dll - ok
12:29:17.0003 4940 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
12:29:17.0003 4940 C:\Windows\System32\nci.dll - ok
12:29:17.0018 4940 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
12:29:17.0018 4940 C:\Windows\System32\wbem\wbemcore.dll - ok
12:29:17.0018 4940 [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\System32\ndptsp.tsp
12:29:17.0018 4940 C:\Windows\System32\ndptsp.tsp - ok
12:29:17.0018 4940 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
12:29:17.0018 4940 C:\Windows\System32\browcli.dll - ok
12:29:17.0018 4940 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\System32\d3d8thk.dll
12:29:17.0018 4940 C:\Windows\System32\d3d8thk.dll - ok
12:29:17.0018 4940 [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\System32\hidphone.tsp
12:29:17.0018 4940 C:\Windows\System32\hidphone.tsp - ok
12:29:17.0018 4940 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
12:29:17.0018 4940 C:\Windows\System32\wbem\esscli.dll - ok
12:29:17.0034 4940 [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:29:17.0034 4940 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:29:17.0034 4940 [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:29:17.0034 4940 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:29:17.0034 4940 [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:29:17.0034 4940 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:29:17.0034 4940 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
12:29:17.0034 4940 C:\Windows\System32\wer.dll - ok
12:29:17.0034 4940 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
12:29:17.0034 4940 C:\Windows\System32\wsock32.dll - ok
12:29:17.0034 4940 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\System32\msi.dll
12:29:17.0034 4940 C:\Windows\System32\msi.dll - ok
12:29:17.0049 4940 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\System32\Faultrep.dll
12:29:17.0049 4940 C:\Windows\System32\Faultrep.dll - ok
12:29:17.0049 4940 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
12:29:17.0049 4940 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:29:17.0049 4940 [ B933483E9B1A8CFB6AA6DA6CBAC254FB ] C:\Program Files\ESET\ESET Smart Security\ekrnHips.dll
12:29:17.0049 4940 C:\Program Files\ESET\ESET Smart Security\ekrnHips.dll - ok
12:29:17.0049 4940 [ 7E1D6F3353D46159E4E76E8F976F2560 ] C:\Program Files\ESET\ESET Smart Security\ekrnScan.dll
12:29:17.0049 4940 C:\Program Files\ESET\ESET Smart Security\ekrnScan.dll - ok
12:29:17.0049 4940 [ 215DF5FBA8A937D2685CF3A3FFF937AA ] C:\Program Files\ESET\ESET Smart Security\ekrnAmon.dll
12:29:17.0049 4940 C:\Program Files\ESET\ESET Smart Security\ekrnAmon.dll - ok
12:29:17.0049 4940 [ 67F9B5C7E215B48F9256757E9CC09A7B ] C:\Windows\System32\rasppp.dll
12:29:17.0049 4940 C:\Windows\System32\rasppp.dll - ok
12:29:17.0065 4940 [ 3BB231EE515BEB530E7BCA6820245E7F ] C:\Program Files\ESET\ESET Smart Security\ekrnEmon.dll
12:29:17.0065 4940 C:\Program Files\ESET\ESET Smart Security\ekrnEmon.dll - ok
12:29:17.0065 4940 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
12:29:17.0065 4940 C:\Windows\System32\eappcfg.dll - ok
12:29:17.0065 4940 [ 53BB416C2CCEAEED95A7F9B21517B256 ] C:\Program Files\ESET\ESET Smart Security\ekrnDmon.dll
12:29:17.0065 4940 C:\Program Files\ESET\ESET Smart Security\ekrnDmon.dll - ok
12:29:17.0065 4940 [ 21D8C00D84212BDBA3FB0DFA323EC2D9 ] C:\Program Files\ESET\ESET Smart Security\ekrnEpfw.dll
12:29:17.0065 4940 C:\Program Files\ESET\ESET Smart Security\ekrnEpfw.dll - ok
12:29:17.0065 4940 [ 5C8A39F242F4681DD97D8937C10C63A3 ] C:\Program Files\ESET\ESET Smart Security\ekrnSmon.dll
12:29:17.0065 4940 C:\Program Files\ESET\ESET Smart Security\ekrnSmon.dll - ok
12:29:17.0065 4940 [ FA51E50FC320B89AEFA147BD3D6B083D ] C:\Program Files\ESET\ESET Smart Security\ekrnUpdate.dll
12:29:17.0065 4940 C:\Program Files\ESET\ESET Smart Security\ekrnUpdate.dll - ok
12:29:17.0081 4940 [ 80B562B5B59ED850C328DD75F964F3D8 ] C:\Windows\System32\vpnike.dll
12:29:17.0081 4940 C:\Windows\System32\vpnike.dll - ok
12:29:17.0081 4940 [ 5752E46F27857E6D2485467E69083D60 ] C:\Program Files\ESET\ESET Smart Security\updater.dll
12:29:17.0081 4940 C:\Program Files\ESET\ESET Smart Security\updater.dll - ok
12:29:17.0081 4940 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
12:29:17.0081 4940 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:29:17.0081 4940 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
12:29:17.0081 4940 C:\Windows\System32\wbem\wmiutils.dll - ok
12:29:17.0081 4940 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
12:29:17.0081 4940 C:\Windows\System32\rasadhlp.dll - ok
12:29:17.0096 4940 [ 36644C5B1EE7E558714D40598D1345C3 ] C:\Program Files\ESET\ESET Smart Security\ekrnMailPlugins.dll
12:29:17.0096 4940 C:\Program Files\ESET\ESET Smart Security\ekrnMailPlugins.dll - ok
12:29:17.0096 4940 [ 363637043962FDD10EDA5BE8725F2B85 ] C:\Program Files\ESET\ESET Smart Security\ekrnParental.dll
12:29:17.0096 4940 C:\Program Files\ESET\ESET Smart Security\ekrnParental.dll - ok
12:29:17.0096 4940 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\System32\esent.dll
12:29:17.0096 4940 C:\Windows\System32\esent.dll - ok
12:29:17.0096 4940 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
12:29:17.0096 4940 C:\Windows\System32\NapiNSP.dll - ok
12:29:17.0096 4940 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
12:29:17.0096 4940 C:\Windows\System32\pnrpnsp.dll - ok
12:29:17.0096 4940 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
12:29:17.0096 4940 C:\Windows\System32\winrnr.dll - ok
12:29:17.0096 4940 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
12:29:17.0096 4940 C:\Windows\System32\drprov.dll - ok
12:29:17.0112 4940 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
12:29:17.0112 4940 C:\Windows\System32\ntlanman.dll - ok
12:29:17.0112 4940 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\System32\schedcli.dll
12:29:17.0112 4940 C:\Windows\System32\schedcli.dll - ok
12:29:17.0112 4940 [ 089B5F924E96BA9C40E4E4522BF43770 ] C:\Program Files\Windows Defender\MpRTP.dll
12:29:17.0112 4940 C:\Program Files\Windows Defender\MpRTP.dll - ok
12:29:17.0112 4940 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\System32\tdh.dll
12:29:17.0112 4940 C:\Windows\System32\tdh.dll - ok
12:29:17.0112 4940 [ BFD645A1FFAB532CDE22AB2C42870D2B ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
12:29:17.0112 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll - ok
12:29:17.0127 4940 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
12:29:17.0127 4940 C:\Windows\System32\cscapi.dll - ok
12:29:17.0127 4940 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
12:29:17.0127 4940 C:\Windows\System32\davclnt.dll - ok
12:29:17.0127 4940 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
12:29:17.0127 4940 C:\Windows\System32\davhlpr.dll - ok
12:29:17.0127 4940 [ 207CF171B1C6B8AE50C1FBF87363EEBC ] C:\Windows\System32\raschap.dll
12:29:17.0127 4940 C:\Windows\System32\raschap.dll - ok
12:29:17.0127 4940 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:29:17.0127 4940 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:29:17.0127 4940 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
12:29:17.0127 4940 C:\Windows\System32\mprapi.dll - ok
12:29:17.0143 4940 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
12:29:17.0143 4940 C:\Windows\System32\ncobjapi.dll - ok
12:29:17.0143 4940 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
12:29:17.0143 4940 C:\Windows\System32\netshell.dll - ok
12:29:17.0143 4940 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
12:29:17.0143 4940 C:\Windows\System32\wbem\wbemess.dll - ok
12:29:17.0143 4940 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
12:29:17.0143 4940 C:\Windows\System32\dllhost.exe - ok
12:29:17.0143 4940 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
12:29:17.0143 4940 C:\Windows\System32\IDStore.dll - ok
12:29:17.0143 4940 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
12:29:17.0143 4940 C:\Windows\System32\taskhost.exe - ok
12:29:17.0159 4940 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\System32\taskeng.exe
12:29:17.0159 4940 C:\Windows\System32\taskeng.exe - ok
12:29:17.0159 4940 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\System32\AtBroker.exe
12:29:17.0159 4940 C:\Windows\System32\AtBroker.exe - ok
12:29:17.0159 4940 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
12:29:17.0159 4940 C:\Windows\System32\localspl.dll - ok
12:29:17.0159 4940 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
12:29:17.0159 4940 C:\Windows\System32\umb.dll - ok
12:29:17.0159 4940 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
12:29:17.0159 4940 C:\Windows\System32\userinit.exe - ok
12:29:17.0159 4940 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
12:29:17.0159 4940 C:\Windows\System32\dwmcore.dll - ok
12:29:17.0174 4940 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
12:29:17.0174 4940 C:\Windows\System32\dwmredir.dll - ok
12:29:17.0174 4940 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
12:29:17.0174 4940 C:\Windows\System32\HotStartUserAgent.dll - ok
12:29:17.0174 4940 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
12:29:17.0174 4940 C:\Windows\System32\PlaySndSrv.dll - ok
12:29:17.0174 4940 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\System32\TSChannel.dll
12:29:17.0174 4940 C:\Windows\System32\TSChannel.dll - ok
12:29:17.0174 4940 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
12:29:17.0174 4940 C:\Windows\System32\MsCtfMonitor.dll - ok
12:29:17.0174 4940 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
12:29:17.0174 4940 C:\Windows\System32\msutb.dll - ok
12:29:17.0190 4940 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
12:29:17.0190 4940 C:\Windows\System32\spoolss.dll - ok
12:29:17.0190 4940 [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\System32\d3d10_1.dll
12:29:17.0190 4940 C:\Windows\System32\d3d10_1.dll - ok
12:29:17.0190 4940 [ 6D59EC87391A45019D95841AF590D890 ] C:\Windows\System32\E_FLBEFE.DLL
12:29:17.0190 4940 C:\Windows\System32\E_FLBEFE.DLL - ok
12:29:17.0190 4940 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
12:29:17.0190 4940 C:\Windows\System32\FXSMON.dll - ok
12:29:17.0190 4940 [ 8A55C033F2D2C9318AA8F85F80117BA8 ] C:\Windows\System32\msonpmon.dll
12:29:17.0190 4940 C:\Windows\System32\msonpmon.dll - ok
12:29:17.0190 4940 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
12:29:17.0190 4940 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:29:17.0205 4940 [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\System32\d3d10_1core.dll
12:29:17.0205 4940 C:\Windows\System32\d3d10_1core.dll - ok
12:29:17.0205 4940 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
12:29:17.0205 4940 C:\Windows\System32\tcpmon.dll - ok
12:29:17.0205 4940 [ D4F264FE23F8953D840904418220C15E ] C:\Windows\System32\dxgi.dll
12:29:17.0205 4940 C:\Windows\System32\dxgi.dll - ok
12:29:17.0221 4940 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
12:29:17.0221 4940 C:\Windows\System32\snmpapi.dll - ok
12:29:17.0221 4940 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
12:29:17.0221 4940 C:\Windows\System32\wsnmp32.dll - ok
12:29:17.0237 4940 [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\System32\d3d11.dll
12:29:17.0237 4940 C:\Windows\System32\d3d11.dll - ok
12:29:17.0237 4940 [ 8B88EBBB05A0E56B7DCC708498C02B3E ] C:\Windows\explorer.exe
12:29:17.0237 4940 C:\Windows\explorer.exe - ok
12:29:17.0237 4940 [ C4C8A37220E33FC1D5BB321328DDE74B ] C:\Windows\System32\nvwgf2um.dll
12:29:17.0237 4940 C:\Windows\System32\nvwgf2um.dll - ok
12:29:17.0237 4940 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
12:29:17.0237 4940 C:\Windows\System32\ExplorerFrame.dll - ok
12:29:17.0237 4940 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
12:29:17.0237 4940 C:\Windows\System32\EhStorShell.dll - ok
12:29:17.0252 4940 [ A6B5A41C0ED007AB6C43CAD899E533D8 ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
12:29:17.0252 4940 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok
12:29:17.0252 4940 [ D2182A69EAEE77ECF9ACDBEA64E6CDE7 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll
12:29:17.0252 4940 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok
12:29:17.0252 4940 [ E4C4D1555B76F6F3DEB30AD45FB71337 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll
12:29:17.0252 4940 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok
12:29:17.0252 4940 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
12:29:17.0252 4940 C:\Windows\System32\cscui.dll - ok
12:29:17.0252 4940 [ 3E9A33113D663D8BD5ED38858E669652 ] C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll
12:29:17.0252 4940 C:\Windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.dll - ok
12:29:17.0268 4940 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
12:29:17.0268 4940 C:\Windows\System32\cscdll.dll - ok
12:29:17.0268 4940 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\System32\ntshrui.dll
12:29:17.0268 4940 C:\Windows\System32\ntshrui.dll - ok
12:29:17.0268 4940 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
12:29:17.0268 4940 C:\Windows\System32\msxml6.dll - ok
12:29:17.0268 4940 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
12:29:17.0268 4940 C:\Windows\System32\usbmon.dll - ok
12:29:17.0268 4940 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
12:29:17.0268 4940 C:\Windows\System32\WSDMon.dll - ok
12:29:17.0268 4940 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
12:29:17.0268 4940 C:\Windows\System32\WSDApi.dll - ok
12:29:17.0283 4940 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
12:29:17.0283 4940 C:\Windows\System32\fundisc.dll - ok
12:29:17.0283 4940 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
12:29:17.0283 4940 C:\Windows\System32\webservices.dll - ok
12:29:17.0283 4940 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
12:29:17.0283 4940 C:\Windows\System32\fdPnp.dll - ok
12:29:17.0283 4940 [ F348280907B38FDBDB3CEF55D456E149 ] C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll
12:29:17.0283 4940 C:\Windows\System32\spool\prtprocs\w32x86\msonpppr.dll - ok
12:29:17.0283 4940 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
12:29:17.0283 4940 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
12:29:17.0283 4940 [ 9706C4853A3E286125C3EA2890D630CE ] C:\Program Files\TeamViewer\Version7\TeamViewer.exe
12:29:17.0283 4940 C:\Program Files\TeamViewer\Version7\TeamViewer.exe - ok
12:29:17.0299 4940 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
12:29:17.0299 4940 C:\Windows\System32\uDWM.dll - ok
12:29:17.0299 4940 [ FC415B303B1ECF80B5F130A1F7203D02 ] C:\Windows\System32\win32spl.dll
12:29:17.0299 4940 C:\Windows\System32\win32spl.dll - ok
12:29:17.0299 4940 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
12:29:17.0299 4940 C:\Windows\System32\inetpp.dll - ok
12:29:17.0299 4940 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\System32\avicap32.dll
12:29:17.0299 4940 C:\Windows\System32\avicap32.dll - ok
12:29:17.0299 4940 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
12:29:17.0299 4940 C:\Windows\System32\IconCodecService.dll - ok
12:29:17.0299 4940 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\System32\msvfw32.dll
12:29:17.0299 4940 C:\Windows\System32\msvfw32.dll - ok
12:29:17.0299 4940 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
12:29:17.0299 4940 C:\Windows\System32\riched20.dll - ok
12:29:17.0315 4940 [ 8FE790348193B14B36BED029C5B685FF ] C:\Program Files\TeamViewer\Version7\TeamViewer_Resource_en.dll
12:29:17.0315 4940 C:\Program Files\TeamViewer\Version7\TeamViewer_Resource_en.dll - ok
12:29:17.0315 4940 [ 282C83DED37400DF3F57EE61C22A1BB4 ] C:\Program Files\TeamViewer\Version7\TeamViewer_Resource_de.dll
12:29:17.0315 4940 C:\Program Files\TeamViewer\Version7\TeamViewer_Resource_de.dll - ok
12:29:17.0315 4940 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
12:29:17.0315 4940 C:\Windows\System32\wlanapi.dll - ok
12:29:17.0315 4940 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
12:29:17.0315 4940 C:\Windows\System32\wlanutil.dll - ok
12:29:17.0315 4940 [ E7563412F15C1D0EEB91DE0F50B09BF8 ] C:\Program Files\ESET\ESET Smart Security\eplgOE.dll
12:29:17.0315 4940 C:\Program Files\ESET\ESET Smart Security\eplgOE.dll - ok
12:29:17.0330 4940 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\System32\wscisvif.dll
12:29:17.0330 4940 C:\Windows\System32\wscisvif.dll - ok
12:29:17.0330 4940 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\System32\wscapi.dll
12:29:17.0330 4940 C:\Windows\System32\wscapi.dll - ok
12:29:17.0330 4940 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
12:29:17.0330 4940 C:\Windows\System32\drivers\ndisuio.sys - ok
12:29:17.0330 4940 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
12:29:17.0330 4940 C:\Windows\System32\drivers\nwifi.sys - ok
12:29:17.0330 4940 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
12:29:17.0330 4940 C:\Windows\System32\eapphost.dll - ok
12:29:17.0330 4940 [ 6944501ED659F2C835F8DD16182C9330 ] C:\Windows\System32\rastls.dll
12:29:17.0330 4940 C:\Windows\System32\rastls.dll - ok
12:29:17.0346 4940 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
12:29:17.0346 4940 C:\Windows\System32\perftrack.dll - ok
12:29:17.0346 4940 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
12:29:17.0346 4940 C:\Windows\System32\wlanmsm.dll - ok
12:29:17.0346 4940 [ 53946B69BA0836BD95B03759530C81EC ] C:\Windows\System32\IPSECSVC.DLL
12:29:17.0346 4940 C:\Windows\System32\IPSECSVC.DLL - ok
12:29:17.0346 4940 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
12:29:17.0346 4940 C:\Windows\System32\diagperf.dll - ok
12:29:17.0346 4940 [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\System32\FwRemoteSvr.dll
12:29:17.0346 4940 C:\Windows\System32\FwRemoteSvr.dll - ok
12:29:17.0346 4940 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
12:29:17.0346 4940 C:\Windows\System32\wlansec.dll - ok
12:29:17.0346 4940 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
12:29:17.0346 4940 C:\Windows\System32\npmproxy.dll - ok
12:29:17.0361 4940 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
12:29:17.0361 4940 C:\Windows\System32\onex.dll - ok
12:29:17.0361 4940 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
12:29:17.0361 4940 C:\Windows\System32\l2gpstore.dll - ok
12:29:17.0361 4940 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
12:29:17.0361 4940 C:\Windows\System32\wlgpclnt.dll - ok
12:29:17.0361 4940 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
12:29:17.0361 4940 C:\Windows\System32\WinSCard.dll - ok
12:29:17.0361 4940 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
12:29:17.0361 4940 C:\Windows\System32\mapi32.dll - ok
12:29:17.0377 4940 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
12:29:17.0377 4940 C:\Windows\System32\pnpts.dll - ok
12:29:17.0377 4940 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
12:29:17.0377 4940 C:\Windows\System32\radardt.dll - ok
12:29:17.0377 4940 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
12:29:17.0377 4940 C:\Windows\System32\wdiasqmmodule.dll - ok
12:29:17.0377 4940 [ 7132E9BB7ED098CF2DC30C875D764A45 ] C:\Program Files\TeamViewer\Version7\tv_w32.dll
12:29:17.0377 4940 C:\Program Files\TeamViewer\Version7\tv_w32.dll - ok
12:29:17.0377 4940 [ FCC8F25A5F5A4D6BD57D917DB7A00D78 ] C:\Windows\System32\crtdll.dll
12:29:17.0377 4940 C:\Windows\System32\crtdll.dll - ok
12:29:17.0377 4940 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
12:29:17.0377 4940 C:\Windows\System32\PortableDeviceApi.dll - ok
12:29:17.0393 4940 [ BED1CC352E81ACA898942EF0008313E8 ] C:\Program Files\TeamViewer\Version7\tv_w32.exe
12:29:17.0393 4940 C:\Program Files\TeamViewer\Version7\tv_w32.exe - ok
12:29:17.0393 4940 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\System32\newdev.dll
12:29:17.0393 4940 C:\Windows\System32\newdev.dll - ok
12:29:17.0393 4940 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
12:29:17.0393 4940 C:\Windows\System32\Apphlpdm.dll - ok
12:29:17.0393 4940 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:29:17.0393 4940 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:29:17.0393 4940 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
12:29:17.0393 4940 C:\Windows\System32\dimsjob.dll - ok
12:29:17.0408 4940 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
12:29:17.0408 4940 C:\Windows\System32\certcli.dll - ok
12:29:17.0408 4940 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
12:29:17.0408 4940 C:\Windows\System32\pautoenr.dll - ok
12:29:17.0408 4940 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
12:29:17.0408 4940 C:\Windows\System32\CertEnroll.dll - ok
12:29:17.0408 4940 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
12:29:17.0408 4940 C:\Windows\System32\devenum.dll - ok
12:29:17.0408 4940 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
12:29:17.0408 4940 C:\Windows\System32\msdmo.dll - ok
12:29:17.0408 4940 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
12:29:17.0408 4940 C:\Windows\System32\AudioSes.dll - ok
12:29:17.0424 4940 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
12:29:17.0424 4940 C:\Windows\System32\ksuser.dll - ok
12:29:17.0424 4940 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
12:29:17.0424 4940 C:\Windows\System32\wdmaud.drv - ok
12:29:17.0424 4940 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
12:29:17.0424 4940 C:\Windows\System32\midimap.dll - ok
12:29:17.0424 4940 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
12:29:17.0424 4940 C:\Windows\System32\msacm32.dll - ok
12:29:17.0424 4940 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
12:29:17.0424 4940 C:\Windows\System32\msacm32.drv - ok
12:29:17.0424 4940 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
12:29:17.0424 4940 C:\Windows\System32\runonce.exe - ok
12:29:17.0439 4940 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:29:17.0439 4940 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:29:17.0439 4940 [ 68747446F9D982938DB6B110F2908271 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
12:29:17.0439 4940 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok
12:29:17.0439 4940 [ CB67C2B94302DC94BC15ED6553A5C1C7 ] C:\Windows\System32\wbem\cimwin32.dll
12:29:17.0439 4940 C:\Windows\System32\wbem\cimwin32.dll - ok
12:29:17.0439 4940 [ 872BF42CD340533AA1BFD362C05C9D93 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll
12:29:17.0439 4940 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok
12:29:17.0439 4940 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\System32\framedynos.dll
12:29:17.0439 4940 C:\Windows\System32\framedynos.dll - ok
12:29:17.0439 4940 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
12:29:17.0439 4940 C:\Windows\System32\msxml3.dll - ok
12:29:17.0455 4940 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\System32\wmi.dll
12:29:17.0455 4940 C:\Windows\System32\wmi.dll - ok
12:29:17.0455 4940 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
12:29:17.0455 4940 C:\Windows\System32\cmd.exe - ok
12:29:17.0455 4940 [ 2DE16A63F71D10B42ACE01E759078600 ] C:\Windows\System32\conhost.exe
12:29:17.0455 4940 C:\Windows\System32\conhost.exe - ok
12:29:17.0455 4940 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503 ] C:\Windows\System32\shdocvw.dll
12:29:17.0455 4940 C:\Windows\System32\shdocvw.dll - ok
12:29:17.0455 4940 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\COBRA 2\AppData\Local\temp\9ACB450C-6EA7-431B-98E9-BAE95FDBC346.exe
12:29:17.0455 4940 C:\Users\COBRA 2\AppData\Local\temp\9ACB450C-6EA7-431B-98E9-BAE95FDBC346.exe - ok
12:29:17.0455 4940 [ ADA4A7FBF8492683CB9E33C23E088FFD ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm
12:29:17.0455 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm - ok
12:29:17.0471 4940 [ ECDD24EFD9C3FC683E828BA0FA346482 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
12:29:17.0471 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
12:29:17.0471 4940 [ CFFB366C29CFB2DD14E40942EA8550B6 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpengine.dll
12:29:17.0471 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpengine.dll - ok
12:29:17.0471 4940 [ 73BB253D152C72E8EEA0EA22EFE01D44 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpasbase.vdm
12:29:17.0471 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpasbase.vdm - ok
12:29:17.0471 4940 [ ECDD24EFD9C3FC683E828BA0FA346482 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpasdlta.vdm
12:29:17.0471 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpasdlta.vdm - ok
12:29:17.0471 4940 [ BFD645A1FFAB532CDE22AB2C42870D2B ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpengine.dll
12:29:17.0471 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpengine.dll - ok
12:29:17.0486 4940 [ ADA4A7FBF8492683CB9E33C23E088FFD ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpasbase.vdm
12:29:17.0486 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpasbase.vdm - ok
12:29:17.0486 4940 [ ECDD24EFD9C3FC683E828BA0FA346482 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpasdlta.vdm
12:29:17.0486 4940 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6ADF5B9-0B93-4737-BAE5-97568ECE1109}\mpasdlta.vdm - ok
12:29:17.0486 4940 [ 3CA5D661E6C5DDE5574D02F324C32E53 ] C:\Program Files\Windows Defender\MsMpLics.dll
12:29:17.0486 4940 C:\Program Files\Windows Defender\MsMpLics.dll - ok
12:29:17.0486 4940 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\System32\wscproxystub.dll
12:29:17.0486 4940 C:\Windows\System32\wscproxystub.dll - ok
12:29:17.0486 4940 [ D305609D5048D81C1109F46275664448 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax.dll
12:29:17.0486 4940 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax.dll - ok
12:29:17.0486 4940 [ 47C9EF1600EDD9EBD8155EB6B5206B6B ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
12:29:17.0486 4940 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
12:29:17.0486 4940 [ 1E93BBD87BC0B60CE7FADCD40744CF16 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
12:29:17.0486 4940 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
12:29:17.0502 4940 [ 518016E58CAD3F28E011B1524C4B0E98 ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll
12:29:17.0502 4940 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU.dll - ok
12:29:17.0502 4940 [ B50DCC5B874FA8A1DB0D0A35A3978B9A ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
12:29:17.0502 4940 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
12:29:17.0502 4940 [ 6124784BE65948E5C490F328BF50C1D1 ] C:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe
12:29:17.0502 4940 C:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe - ok
12:29:17.0502 4940 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
12:29:17.0502 4940 C:\Windows\System32\wmploc.DLL - ok
12:29:17.0502 4940 [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\System32\themeui.dll
12:29:17.0502 4940 C:\Windows\System32\themeui.dll - ok
12:29:17.0502 4940 [ 54C06D9684F3D0AD7E87502E57CC4655 ] C:\Windows\System32\ie4uinit.exe
12:29:17.0502 4940 C:\Windows\System32\ie4uinit.exe - ok
12:29:17.0517 4940 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\System32\timedate.cpl
12:29:17.0517 4940 C:\Windows\System32\timedate.cpl - ok
12:29:17.0517 4940 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
12:29:17.0517 4940 C:\Windows\System32\actxprxy.dll - ok
12:29:17.0517 4940 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
12:29:17.0517 4940 C:\Windows\System32\linkinfo.dll - ok
12:29:17.0517 4940 [ 45C0DF404182850C21749AF7763C095F ] C:\Windows\System32\accessibilitycpl.dll
12:29:17.0517 4940 C:\Windows\System32\accessibilitycpl.dll - ok
12:29:17.0517 4940 [ 285C594C4913FA9DC7BB6BA3AD6F101A ] C:\Windows\System32\wucltux.dll
12:29:17.0517 4940 C:\Windows\System32\wucltux.dll - ok
12:29:17.0533 4940 [ DCCA4B04AF87E52EF9EAA2190E06CBAC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:29:17.0533 4940 C:\Program Files\Windows Sidebar\sidebar.exe - ok
12:29:17.0533 4940 [ 5A8EBF167F36A7C0D6E9BDD027D55EEB ] C:\Program Files\DVD Maker\DVDMaker.exe
12:29:17.0533 4940 C:\Program Files\DVD Maker\DVDMaker.exe - ok
12:29:17.0533 4940 [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\System32\xpsrchvw.exe
12:29:17.0533 4940 C:\Windows\System32\xpsrchvw.exe - ok
12:29:17.0533 4940 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\System32\DisplaySwitch.exe
12:29:17.0533 4940 C:\Windows\System32\DisplaySwitch.exe - ok
12:29:17.0533 4940 [ 7B554081A0A80B14F1E5D06441DBAF58 ] C:\Program Files\Common Files\microsoft shared\ink\mip.exe
12:29:17.0533 4940 C:\Program Files\Common Files\microsoft shared\ink\mip.exe - ok
12:29:17.0533 4940 [ B5FFA9977015ED3E1B2C3FF266A1BEB9 ] C:\Windows\System32\mblctr.exe
12:29:17.0533 4940 C:\Windows\System32\mblctr.exe - ok
12:29:17.0549 4940 [ 6B9BEFC3B8D8A9B4598F9507133FBB0D ] C:\Windows\System32\NetProjW.dll
12:29:17.0549 4940 C:\Windows\System32\NetProjW.dll - ok
12:29:17.0549 4940 [ 68B4A549D0B56A4DD9A488751037CF09 ] C:\Windows\System32\mstsc.exe
12:29:17.0549 4940 C:\Windows\System32\mstsc.exe - ok
12:29:17.0549 4940 [ 32BE4A1FAFCCD5CA9AB0CE772C43D5E2 ] C:\Windows\System32\SnippingTool.exe
12:29:17.0549 4940 C:\Windows\System32\SnippingTool.exe - ok
12:29:17.0549 4940 [ 2A40F6AD59D3E598ECDAA6CAB90360A4 ] C:\Windows\System32\SoundRecorder.exe
12:29:17.0549 4940 C:\Windows\System32\SoundRecorder.exe - ok
12:29:17.0549 4940 [ 4ABBD0FEB53ECCD3B5C8A9D9FB1A79F6 ] C:\Windows\System32\SNTSearch.dll
12:29:17.0549 4940 C:\Windows\System32\SNTSearch.dll - ok
12:29:17.0549 4940 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
12:29:17.0549 4940 C:\Windows\System32\SyncCenter.dll - ok
12:29:17.0564 4940 [ 468D6989581E6AEA75DE74D4B3722CC3 ] C:\Windows\System32\OobeFldr.dll
12:29:17.0564 4940 C:\Windows\System32\OobeFldr.dll - ok
12:29:17.0564 4940 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\34016692.sys
12:29:17.0564 4940 C:\Windows\System32\drivers\34016692.sys - ok
12:29:17.0564 4940 [ BE54E44F60F121782B84E5B1BFADF315 ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
12:29:17.0564 4940 C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
12:29:17.0564 4940 [ FB036244DBD2FADC225AD8650886B641 ] C:\Windows\System32\dfrgui.exe
12:29:17.0564 4940 C:\Windows\System32\dfrgui.exe - ok
12:29:17.0564 4940 [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\System32\wdc.dll
12:29:17.0564 4940 C:\Windows\System32\wdc.dll - ok
12:29:17.0580 4940 [ 5F2122888583347C9B81724CF169EFC6 ] C:\Windows\System32\msinfo32.exe
12:29:17.0580 4940 C:\Windows\System32\msinfo32.exe - ok
12:29:17.0580 4940 [ 78079EB83665E1AC18AC9C5E273845BF ] C:\Windows\System32\rstrui.exe
12:29:17.0580 4940 C:\Windows\System32\rstrui.exe - ok
12:29:17.0580 4940 [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\System32\miguiresource.dll
12:29:17.0580 4940 C:\Windows\System32\miguiresource.dll - ok
12:29:17.0580 4940 [ 2FF112EF1984C2AD73684F0B290DBFA3 ] C:\Windows\System32\migwiz\wet.dll
12:29:17.0580 4940 C:\Windows\System32\migwiz\wet.dll - ok
12:29:17.0580 4940 [ 5BCB0EB1A8EC016C03375E5C87344400 ] C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe
12:29:17.0580 4940 C:\Program Files\Common Files\microsoft shared\ink\ShapeCollector.exe - ok
12:29:17.0580 4940 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
12:29:17.0580 4940 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
12:29:17.0595 4940 [ 5AF22331F2CA24D7688DE5C374519BA3 ] C:\Program Files\Windows Journal\Journal.exe
12:29:17.0595 4940 C:\Program Files\Windows Journal\Journal.exe - ok
12:29:17.0595 4940 [ 92F44E405DB16AC55D97E3BFE3B132FA ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
12:29:17.0595 4940 C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
12:29:17.0595 4940 [ 0BBDB0F5A25A2FE0502F44CA7D04AB61 ] C:\Windows\System32\mycomput.dll
12:29:17.0595 4940 C:\Windows\System32\mycomput.dll - ok
12:29:17.0595 4940 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\System32\odbcint.dll
12:29:17.0595 4940 C:\Windows\System32\odbcint.dll - ok
12:29:17.0595 4940 [ F945ADCEF203E6104AEC8EC9C337CFD0 ] C:\Windows\System32\iscsicpl.dll
12:29:17.0595 4940 C:\Windows\System32\iscsicpl.dll - ok
12:29:17.0595 4940 [ 4D05BDE56A7116B744B04192173A0122 ] C:\Windows\System32\MdSched.exe
12:29:17.0595 4940 C:\Windows\System32\MdSched.exe - ok
12:29:17.0611 4940 [ 2BCF9DD935DAE5A34BACE0F76DD0B581 ] C:\Windows\System32\pmcsnap.dll
12:29:17.0611 4940 C:\Windows\System32\pmcsnap.dll - ok
12:29:17.0611 4940 [ CA75367CE419922291A11227E32FBA0C ] C:\Windows\System32\wsecedit.dll
12:29:17.0611 4940 C:\Windows\System32\wsecedit.dll - ok
12:29:17.0611 4940 [ A3E23DD82AA7963D9F7D184BEEEE5448 ] C:\Windows\System32\filemgmt.dll
12:29:17.0611 4940 C:\Windows\System32\filemgmt.dll - ok
12:29:17.0611 4940 [ A00075951E38A73FE2F9D8384311710A ] C:\Windows\System32\msconfig.exe
12:29:17.0611 4940 C:\Windows\System32\msconfig.exe - ok
12:29:17.0611 4940 [ 81241E7723D5675AF6E27A7F0E7F3324 ] C:\Windows\System32\AuthFWGP.dll
12:29:17.0611 4940 C:\Windows\System32\AuthFWGP.dll - ok
12:29:17.0611 4940 [ 64E211E0FDFCE4D186DF58BB7D0503BC ] C:\Windows\System32\gameux.dll
12:29:17.0611 4940 C:\Windows\System32\gameux.dll - ok
12:29:17.0627 4940 [ E24BB41C4EFC309A14709FC127A3B847 ] C:\Windows\System32\sdcpl.dll
12:29:17.0627 4940 C:\Windows\System32\sdcpl.dll - ok
12:29:17.0627 4940 [ 7635B6502882E4B1713F049FD8FD2EA4 ] C:\Windows\System32\recdisc.exe
12:29:17.0627 4940 C:\Windows\System32\recdisc.exe - ok
12:29:17.0627 4940 [ 4AC5B4A0B8D22185C09EE5584BF1CFB5 ] C:\Windows\System32\msra.exe
12:29:17.0627 4940 C:\Windows\System32\msra.exe - ok
12:29:17.0627 4940 [ 36B6EFB852762B3BD8190E53834974A5 ] C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe
12:29:17.0627 4940 C:\Program Files\NVIDIA Corporation\3D Vision\nvstlink.exe - ok
12:29:17.0627 4940 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
12:29:17.0627 4940 C:\Windows\System32\msiltcfg.dll - ok
12:29:17.0627 4940 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
12:29:17.0627 4940 C:\Windows\System32\msftedit.dll - ok
12:29:17.0642 4940 [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\System32\msls31.dll
12:29:17.0642 4940 C:\Windows\System32\msls31.dll - ok
12:29:17.0642 4940 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
12:29:17.0642 4940 C:\Windows\System32\DeviceCenter.dll - ok
12:29:17.0642 4940 [ F1EA5494E5946124F7FDD22F92192314 ] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
12:29:17.0642 4940 C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe - ok
12:29:17.0642 4940 [ 30B8DA29806F777715B13D816D5E9A1A ] C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
12:29:17.0642 4940 C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll - ok
12:29:17.0642 4940 [ DAF48C61CB5945596311C3B025825333 ] C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
12:29:17.0642 4940 C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll - ok
12:29:17.0642 4940 [ 629B12D94C228F8C59AD15EB76F02A6E ] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
12:29:17.0642 4940 C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe - ok
12:29:17.0658 4940 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
12:29:17.0658 4940 C:\Windows\System32\oledlg.dll - ok
12:29:17.0658 4940 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
12:29:17.0658 4940 C:\Windows\System32\thumbcache.dll - ok
12:29:17.0658 4940 [ B42DA7C429585A4894AF504867D8CC56 ] C:\Program Files\VIA\VIAudioi\VDeck\skin.dll
12:29:17.0658 4940 C:\Program Files\VIA\VIAudioi\VDeck\skin.dll - ok
12:29:17.0658 4940 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\System32\mfc42.dll
12:29:17.0658 4940 C:\Windows\System32\mfc42.dll - ok
12:29:17.0658 4940 [ F24A3379567365B1CD4E9167ADF4B763 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTAudSeu.dll
12:29:17.0658 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTAudSeu.dll - ok
12:29:17.0658 4940 [ 43A4F52F7A38ED9EE0AACA36FE6DAC5D ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
12:29:17.0658 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe - ok
12:29:17.0673 4940 [ F5BCE1C11BA2F018E07C3BB6CA4EC3F6 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTAudEp.dll
12:29:17.0673 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTAudEp.dll - ok
12:29:17.0673 4940 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
12:29:17.0673 4940 C:\Windows\System32\networkexplorer.dll - ok
12:29:17.0673 4940 [ E8A3F18A1644A00ABA1197035782D506 ] C:\Program Files\VIA\VIAudioi\VDeck\Skin3.dll
12:29:17.0673 4940 C:\Program Files\VIA\VIAudioi\VDeck\Skin3.dll - ok
12:29:17.0673 4940 [ ABAAC2BDA49E97F2682E777036E02DB0 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTIniFu.dll
12:29:17.0673 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTIniFu.dll - ok
12:29:17.0673 4940 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\System32\mfc42u.dll
12:29:17.0673 4940 C:\Windows\System32\mfc42u.dll - ok
12:29:17.0673 4940 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\System32\odbc32.dll
12:29:17.0673 4940 C:\Windows\System32\odbc32.dll - ok
12:29:17.0689 4940 [ C419DF63E0121D72411285780C2FC6CC ] C:\Windows\Updreg.EXE
12:29:17.0689 4940 C:\Windows\Updreg.EXE - ok
12:29:17.0689 4940 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\System32\msvcp60.dll
12:29:17.0689 4940 C:\Windows\System32\msvcp60.dll - ok
12:29:17.0689 4940 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
12:29:17.0689 4940 C:\Windows\System32\AudioEng.dll - ok
12:29:17.0689 4940 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
12:29:17.0689 4940 C:\Windows\System32\rundll32.exe - ok
12:29:17.0689 4940 [ 9FEF04A50F79295C036CF000B0366EF8 ] C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
12:29:17.0689 4940 C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001 - ok
12:29:17.0689 4940 [ 644795F6985C740F5E36E9336B837D0B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
12:29:17.0689 4940 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok
12:29:17.0705 4940 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
12:29:17.0705 4940 C:\Windows\AppPatch\AcLayers.dll - ok
12:29:17.0705 4940 [ 8E6ECAE52FD4E8C9F83673D3308E8EA6 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanel.crl
12:29:17.0705 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanel.crl - ok
12:29:17.0705 4940 [ A5EB0ADA8AECFFA571F8E0D3B7B3E2E3 ] C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0002\~df394b.tmp
12:29:17.0705 4940 C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0002\~df394b.tmp - ok
12:29:17.0705 4940 [ AA16204FD1F75637E8EAEB593A8FA597 ] C:\Program Files\PowerISO\PWRISOVM.EXE
12:29:17.0705 4940 C:\Program Files\PowerISO\PWRISOVM.EXE - ok
12:29:17.0705 4940 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
12:29:17.0705 4940 C:\Windows\System32\AUDIOKSE.dll - ok
12:29:17.0720 4940 [ 3329E733706B889DE2AF3E01732B0EFE ] C:\Program Files\Creative\ShareDLL\CADI\CtCadiEp.dll
12:29:17.0720 4940 C:\Program Files\Creative\ShareDLL\CADI\CtCadiEp.dll - ok
12:29:17.0720 4940 [ C2CA1C1A90D02CB17BB0D0B8B0CE347F ] C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0002\~de6248.tmp
12:29:17.0720 4940 C:\Users\COBRA2~1\AppData\Local\temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0002\~de6248.tmp - ok
12:29:17.0720 4940 [ 574C1FBC726C89FAF309332E17D029CC ] C:\Windows\System32\AmbRunE.dll
12:29:17.0720 4940 C:\Windows\System32\AmbRunE.dll - ok
12:29:17.0720 4940 [ FFC5F7ED77AA59AA0A6B70F3D7A22A93 ] C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
12:29:17.0720 4940 C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe - ok
12:29:17.0720 4940 [ 45F681A6DE7CCD2E2CC3BAE71FC1CB51 ] C:\Windows\System32\CmdRtr.DLL
12:29:17.0720 4940 C:\Windows\System32\CmdRtr.DLL - ok
12:29:17.0720 4940 [ 98353E225C95946132A9802A51601879 ] C:\Windows\System32\APOMngr.DLL
12:29:17.0720 4940 C:\Windows\System32\APOMngr.DLL - ok
12:29:17.0736 4940 [ 0D377D5784C81582D59A6D29B1254102 ] C:\Windows\System32\VMWRP32.DLL
12:29:17.0736 4940 C:\Windows\System32\VMWRP32.DLL - ok
12:29:17.0736 4940 [ 80A5C0D5971A40B3A5C8566C215FA601 ] C:\Windows\System32\AMBSpiE.exe
12:29:17.0736 4940 C:\Windows\System32\AMBSpiE.exe - ok
12:29:17.0736 4940 [ EA3BC29259A64900DC03E4B2BD6262A7 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
12:29:17.0736 4940 C:\Program Files\ESET\ESET Smart Security\egui.exe - ok
12:29:17.0736 4940 [ 013D2E034DD99CB02A9BCDC118260F8B ] C:\Windows\System32\VMAPO32.DLL
12:29:17.0736 4940 C:\Windows\System32\VMAPO32.DLL - ok
12:29:17.0736 4940 [ D6294ED17CE70C3755311F8E32CDF804 ] C:\Windows\System32\cttele32.dll
12:29:17.0736 4940 C:\Windows\System32\cttele32.dll - ok
12:29:17.0751 4940 [ 686B224B4987C22B153FBB545FEE9657 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll
12:29:17.0751 4940 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\mfc80u.dll - ok
12:29:17.0751 4940 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:29:17.0751 4940 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
12:29:17.0751 4940 [ 100C60AB554ED4D5FF061DA146236C6A ] C:\Program Files\Creative\ShareDLL\CADI\DBACS.dll
12:29:17.0751 4940 C:\Program Files\Creative\ShareDLL\CADI\DBACS.dll - ok
12:29:17.0751 4940 [ 66129362E8B1F40261419DC23548DFC6 ] C:\Windows\System32\VIASysFx.dll
12:29:17.0751 4940 C:\Windows\System32\VIASysFx.dll - ok
12:29:17.0751 4940 [ 66CBA380C78A1D1649E9B6CC41763B02 ] C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
12:29:17.0751 4940 C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
12:29:17.0751 4940 [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:29:17.0751 4940 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
12:29:17.0767 4940 [ EB19BA6FF599AC0491DE0338B8568EDC ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
12:29:17.0767 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe - ok
12:29:17.0767 4940 [ A6B5BB5D1865DB495E3921CD86385ECE ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll
12:29:17.0767 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\NewUI.dll - ok
12:29:17.0767 4940 [ D8584C7FB9A1BA8480F9000C1CA1B415 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ENU.dll
12:29:17.0767 4940 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\mfc80ENU.dll - ok
12:29:17.0767 4940 [ 69C85737F4CA5634E7A19B818579D176 ] C:\Windows\System32\dxdiagn.dll
12:29:17.0767 4940 C:\Windows\System32\dxdiagn.dll - ok
12:29:17.0767 4940 [ E2B39EC93D143BD2A15F02FE3F842F9D ] C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\LightShot.exe
12:29:17.0767 4940 C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\LightShot.exe - ok
12:29:17.0783 4940 [ 6164463DEC8B1C8C6C62331BFCD8DD05 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\BvrpCtln.dll
12:29:17.0783 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\BvrpCtln.dll - ok
12:29:17.0783 4940 [ 2D26293A243C8139F8A0EAC10E6359A8 ] C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe
12:29:17.0783 4940 C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.exe - ok
12:29:17.0783 4940 [ 8504944851DF6175CC489A8F3328459E ] C:\Windows\System32\d3d10.dll
12:29:17.0783 4940 C:\Windows\System32\d3d10.dll - ok
12:29:17.0783 4940 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
12:29:17.0783 4940 C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
12:29:17.0783 4940 [ 8C0298D6EB770CAA6182248B8AE88602 ] C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.dll
12:29:17.0783 4940 C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\4.4.2.0\Lightshot.dll - ok
12:29:17.0783 4940 [ AA38A9092ED2C1A2504E9371CF655BBB ] C:\Program Files\ESET\ESET Smart Security\eguiHips.dll
12:29:17.0783 4940 C:\Program Files\ESET\ESET Smart Security\eguiHips.dll - ok
12:29:17.0798 4940 [ 93A315539F3C4549EEE1BF34F34F3F1B ] C:\Program Files\ESET\ESET Smart Security\eguiScan.dll
12:29:17.0798 4940 C:\Program Files\ESET\ESET Smart Security\eguiScan.dll - ok
12:29:17.0798 4940 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\Windows\System32\msvcp100.dll
12:29:17.0798 4940 C:\Windows\System32\msvcp100.dll - ok
12:29:17.0798 4940 [ FEE5D2D10CBBC25B4A01FD2D5FDC85DE ] C:\Program Files\Creative\ShareDLL\CADI\ctcadi.dll
12:29:17.0798 4940 C:\Program Files\Creative\ShareDLL\CADI\ctcadi.dll - ok
12:29:17.0798 4940 [ DCEABBA22E12CC44C2E7785C0EB9C6E3 ] C:\Windows\System32\avifil32.dll
12:29:17.0798 4940 C:\Windows\System32\avifil32.dll - ok
12:29:17.0798 4940 [ D6AC2E1C2DCE34491B92C70E80EB9A16 ] C:\Program Files\ESET\ESET Smart Security\eguiAmon.dll
12:29:17.0798 4940 C:\Program Files\ESET\ESET Smart Security\eguiAmon.dll - ok
12:29:17.0798 4940 [ 253EC67517D0740DA451059A0272B120 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\ModemWiz.dll
12:29:17.0798 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\ModemWiz.dll - ok
12:29:17.0814 4940 [ B2715C3068432A3071172607A234BD54 ] C:\Program Files\ESET\ESET Smart Security\eguiEmon.dll
12:29:17.0814 4940 C:\Program Files\ESET\ESET Smart Security\eguiEmon.dll - ok
12:29:17.0814 4940 [ D31B0E09BA644A8B7B797713FFAA80D5 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTThemeu.dll
12:29:17.0814 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CTThemeu.dll - ok
12:29:17.0829 4940 [ 9D6B6B8498324448527E0772E279815A ] C:\Program Files\ESET\ESET Smart Security\eguiDmon.dll
12:29:17.0829 4940 C:\Program Files\ESET\ESET Smart Security\eguiDmon.dll - ok
12:29:17.0829 4940 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\Windows\System32\msvcr100.dll
12:29:17.0829 4940 C:\Windows\System32\msvcr100.dll - ok
12:29:17.0829 4940 [ 7672B66E9BDA3FD7B3B54857B4C305AC ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CtrlSrcu.dll
12:29:17.0829 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\CtrlSrcu.dll - ok
12:29:17.0829 4940 [ A483321DBF50B726D543AB7F55A73837 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Comm.dll
12:29:17.0829 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Comm.dll - ok
12:29:17.0829 4940 [ 50B4230036B7453D232DFFFA8B489F88 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl.sku
12:29:17.0829 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl.sku - ok
12:29:17.0829 4940 [ 9F814A3021FC5AAB12B7937823B77533 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\ModExch.dll
12:29:17.0829 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\ModExch.dll - ok
12:29:17.0845 4940 [ FB3F036EF6A467F7AF46C821FF5D198D ] C:\Windows\System32\d3d10core.dll
12:29:17.0845 4940 C:\Windows\System32\d3d10core.dll - ok
12:29:17.0845 4940 [ B7290E157D85E4C44CD85DF37A469D45 ] C:\Program Files\ESET\ESET Smart Security\eguiEpfw.dll
12:29:17.0845 4940 C:\Program Files\ESET\ESET Smart Security\eguiEpfw.dll - ok
12:29:17.0845 4940 [ A09E4672EE1D1B2B52366F6FD6F9D026 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\WFP1N.dll
12:29:17.0845 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\WFP1N.dll - ok
12:29:17.0845 4940 [ 5D2D7E7850CE963C2F401D4DEE7BB32A ] C:\Windows\System32\mshtml.dll
12:29:17.0845 4940 C:\Windows\System32\mshtml.dll - ok
12:29:17.0845 4940 [ 626FAE12AB3FCC7715B621B63FF6F3B6 ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl2.sku
12:29:17.0845 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl2.sku - ok
12:29:17.0845 4940 [ 1018691783FC23C15005CBE88A501344 ] C:\Program Files\ESET\ESET Smart Security\eguiSmon.dll
12:29:17.0845 4940 C:\Program Files\ESET\ESET Smart Security\eguiSmon.dll - ok
12:29:17.0861 4940 [ D210DBD70237C5C0A3E643B856F97A90 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\RasCnxMngr.dll
12:29:17.0861 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\RasCnxMngr.dll - ok
12:29:17.0861 4940 [ 912F4220A2AF6E0F26A5F03DF42CA33D ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl3.sku
12:29:17.0861 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\GDICtrl3.sku - ok
12:29:17.0861 4940 [ 1A98E7389B9860380668B3C85FCF8D37 ] C:\Program Files\ESET\ESET Smart Security\eguiUpdate.dll
12:29:17.0861 4940 C:\Program Files\ESET\ESET Smart Security\eguiUpdate.dll - ok
12:29:17.0861 4940 [ F9D845272B6EBC7AEF5584DD5C12DEBF ] C:\Program Files\Creative\SB X-Fi MB\Volume Panel\RtxCtrl.sku
12:29:17.0861 4940 C:\Program Files\Creative\SB X-Fi MB\Volume Panel\RtxCtrl.sku - ok
12:29:17.0861 4940 [ E25F3D4C4B5AE0ECB4C6D19C155D625B ] C:\Program Files\ESET\ESET Smart Security\eguiMailPlugins.dll
12:29:17.0861 4940 C:\Program Files\ESET\ESET Smart Security\eguiMailPlugins.dll - ok
12:29:17.0861 4940 [ EAC10DE54FA96BB32EFCF36531886FED ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\bvrpnac.dll
12:29:17.0861 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\bvrpnac.dll - ok
12:29:17.0876 4940 [ A1A25892B1C70B34F755B1785E6AE073 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\BackupRestore.dll
12:29:17.0876 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\BackupRestore.dll - ok
12:29:17.0892 4940 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\System32\ddraw.dll
12:29:17.0892 4940 C:\Windows\System32\ddraw.dll - ok
12:29:17.0892 4940 [ 3FB394A0B4D93331856EA4116B43A400 ] C:\Program Files\ESET\ESET Smart Security\eguiParental.dll
12:29:17.0892 4940 C:\Program Files\ESET\ESET Smart Security\eguiParental.dll - ok
12:29:17.0892 4940 [ FA4871667FCE0DFCEA72D411D7F257C6 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MExplorer.dll
12:29:17.0892 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MExplorer.dll - ok
12:29:17.0892 4940 [ 23485D8E9258999B8A9A0171CFEA82D1 ] C:\Program Files\Mozilla Firefox\nss3.dll
12:29:17.0892 4940 C:\Program Files\Mozilla Firefox\nss3.dll - ok
12:29:17.0892 4940 [ 8C90217D9FE2E54E97BFE5C469301243 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Report.dll
12:29:17.0892 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Report.dll - ok
12:29:17.0892 4940 [ B3F9020077CA46EEC202AB2D447A6CCB ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SyncEngine.dll
12:29:17.0892 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SyncEngine.dll - ok
12:29:17.0907 4940 [ 35368D95215D1F17ADC75C3493C6AC2C ] C:\Program Files\Creative\ShareDLL\CADI\CTRice.dll
12:29:17.0907 4940 C:\Program Files\Creative\ShareDLL\CADI\CTRice.dll - ok
12:29:17.0907 4940 [ 5B5B1475A41B385C41DA41133DC5E708 ] C:\Program Files\Mozilla Firefox\nssutil3.dll
12:29:17.0907 4940 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
12:29:17.0907 4940 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\System32\perfos.dll
12:29:17.0907 4940 C:\Windows\System32\perfos.dll - ok
12:29:17.0907 4940 [ 9F91751FCE3EA4F3858440D543652951 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\PBKENGINE.dll
12:29:17.0907 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\PBKENGINE.dll - ok
12:29:17.0907 4940 [ 6B4EEB2490F593AD63FF929A9EDF2BCA ] C:\Program Files\Mozilla Firefox\plc4.dll
12:29:17.0907 4940 C:\Program Files\Mozilla Firefox\plc4.dll - ok
12:29:17.0923 4940 [ 74AFFA04D86D07992C0FFF47C1D43581 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\VObject.dll
12:29:17.0923 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\VObject.dll - ok
12:29:17.0923 4940 [ 93E107C54EB2B07F78B04CBE21B5A0EF ] C:\Program Files\Mozilla Firefox\nspr4.dll
12:29:17.0923 4940 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
12:29:17.0923 4940 [ 4B3F5295EFF44EED9A27E06BEDEA8D7C ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CalEngine.dll
12:29:17.0923 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CalEngine.dll - ok
12:29:17.0923 4940 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
12:29:17.0923 4940 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
12:29:17.0923 4940 [ BFE407ED4CA1EF21735DED6D8B22DF01 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\AgdBd.dll
12:29:17.0923 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\AgdBd.dll - ok
12:29:17.0923 4940 [ 7BBFA302C57DB6F51FC628E03C8F1582 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CAgdLNote.dll
12:29:17.0923 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CAgdLNote.dll - ok
12:29:17.0939 4940 [ 6D5FFECF2E03BF707249769EAD6CE52C ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CAgdOutlook.dll
12:29:17.0939 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\CAgdOutlook.dll - ok
12:29:17.0939 4940 [ B79FA7FB382BA10B54B81CB9D7497987 ] C:\Program Files\Mozilla Firefox\mozglue.dll
12:29:17.0939 4940 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
12:29:17.0939 4940 [ DCBD4CB14387CDD6F5E2BEACFD0CB1C9 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\VistaCalendar.dll
12:29:17.0939 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\VistaCalendar.dll - ok
12:29:17.0939 4940 [ 5E5ECCD44D40EB09C9E96CE2FB0AF10C ] C:\Program Files\Mozilla Firefox\plds4.dll
12:29:17.0939 4940 C:\Program Files\Mozilla Firefox\plds4.dll - ok
12:29:17.0939 4940 [ CA4CE314B08CB7AAD775D8BB2EB4751C ] C:\Program Files\Mozilla Firefox\smime3.dll
12:29:17.0939 4940 C:\Program Files\Mozilla Firefox\smime3.dll - ok
12:29:17.0939 4940 [ 9F28DF8639A4E24070A3DEA21C0E5F1F ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\PimNotes.dll
12:29:17.0939 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\PimNotes.dll - ok
12:29:17.0954 4940 [ AD4A76D499B6B3EBE0C4EEFA734FA670 ] C:\Program Files\Mozilla Firefox\softokn3.dll
12:29:17.0954 4940 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
12:29:17.0954 4940 [ 34CF9967FB4EA3E4D0491C1BC2997639 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Contacts.dll
12:29:17.0954 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Contacts.dll - ok
12:29:17.0954 4940 [ F113A3444D392234193A6E0435A58B1A ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Messaging.dll
12:29:17.0954 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Messaging.dll - ok
12:29:17.0954 4940 [ 7F4890604F896C0CBC5BB8CA75BB0EB3 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
12:29:17.0954 4940 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
12:29:17.0954 4940 [ 8FECD1CD85600F61D43C8DE52BC64A17 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
12:29:17.0954 4940 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
12:29:17.0954 4940 [ ABFCD3B7622CAEAF602A8635F3F61C9B ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\LiveUpdateClientTools.dll
12:29:17.0970 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\LiveUpdateClientTools.dll - ok
12:29:17.0970 4940 [ 62B5F1C40B8A36865B6936138D7FCF48 ] C:\Program Files\Mozilla Firefox\freebl3.dll
12:29:17.0970 4940 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
12:29:17.0970 4940 [ 7DEEEA632F3B6A5FA09F77CFF6634A0E ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\WUNPACLN.dll
12:29:17.0970 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\WUNPACLN.dll - ok
12:29:17.0970 4940 [ 08BA737C98ACC16243CE44003D550C87 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MMSEdit.dll
12:29:17.0970 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MMSEdit.dll - ok
12:29:17.0970 4940 [ ED74918A81FB62DEE60141E6AF7296B2 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MmsKrnl.dll
12:29:17.0970 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MmsKrnl.dll - ok
12:29:17.0970 4940 [ 415E46A493946694DA94919BA4358A52 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MelodyEdit.dll
12:29:17.0970 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MelodyEdit.dll - ok
12:29:17.0985 4940 [ 126B75D50756FE204283D418AE1A66DF ] C:\Windows\System32\msvcirt.dll
12:29:17.0985 4940 C:\Windows\System32\msvcirt.dll - ok
12:29:17.0985 4940 [ D017248427A6FAC43D88C67FBF962521 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\LogoEdit.dll
12:29:17.0985 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\LogoEdit.dll - ok
12:29:17.0985 4940 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
12:29:17.0985 4940 C:\Windows\System32\stobject.dll - ok
12:29:17.0985 4940 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
12:29:17.0985 4940 C:\Windows\System32\batmeter.dll - ok
12:29:17.0985 4940 [ A23772EE0DC877A42E48CC459C4CF447 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\GrConv.dll
12:29:17.0985 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\GrConv.dll - ok
12:29:17.0985 4940 [ 3EBF91E81A8BCE1C592BD32208677A7B ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MMS3GP.dll
12:29:17.0985 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MMS3GP.dll - ok
12:29:18.0001 4940 [ 4B2887DFAA9AE461321F38E1156E6BB9 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\h263Encode.dll
12:29:18.0001 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\h263Encode.dll - ok
12:29:18.0001 4940 [ 6A2D49FAA52C146ABAC090ABC49A2103 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\File3GP.dll
12:29:18.0001 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\File3GP.dll - ok
12:29:18.0001 4940 [ F3F2D03F0307E950658D2B808351AF6E ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\amrstreamconv.dll
12:29:18.0001 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\amrstreamconv.dll - ok
12:29:18.0001 4940 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
12:29:18.0001 4940 C:\Windows\System32\mlang.dll - ok
12:29:18.0017 4940 [ D93F2D51ACA590D4CDEA5671F62956C9 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Codec.dll
12:29:18.0017 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Codec.dll - ok
12:29:18.0017 4940 [ 80B8AA1434A199E300F74B86AA8555F6 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\H263Decode.dll
12:29:18.0017 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\H263Decode.dll - ok
12:29:18.0017 4940 [ 045A44F212B3DF5D226664474E2F77AC ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MpegDecode.dll
12:29:18.0017 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MpegDecode.dll - ok
12:29:18.0017 4940 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
12:29:18.0017 4940 C:\Windows\System32\prnfldr.dll - ok
12:29:18.0017 4940 [ 3D9DA9B73F547B05719F8CA928260680 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MP4ACodec.dll
12:29:18.0017 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\MP4ACodec.dll - ok
12:29:18.0017 4940 [ 28915AF592A39648795B24F9528FB2E9 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\3GPPlayer.dll
12:29:18.0017 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\3GPPlayer.dll - ok
12:29:18.0032 4940 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
12:29:18.0032 4940 C:\Windows\System32\imapi2.dll - ok
12:29:18.0032 4940 [ 05F8F3E37F550F7C591143EBFBC56F20 ] C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Calendar.dll
12:29:18.0032 4940 C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\Calendar.dll - ok
12:29:18.0032 4940 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
12:29:18.0032 4940 C:\Windows\System32\msimtf.dll - ok
12:29:18.0032 4940 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
12:29:18.0032 4940 C:\Windows\System32\DXP.dll - ok
12:29:18.0032 4940 [ 79DC575FE905D5DD5C5A4C5993A7C7F9 ] C:\Windows\System32\jscript9.dll
12:29:18.0032 4940 C:\Windows\System32\jscript9.dll - ok
12:29:18.0032 4940 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
12:29:18.0032 4940 C:\Windows\System32\Syncreg.dll - ok
12:29:18.0048 4940 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
12:29:18.0048 4940 C:\Windows\ehome\ehSSO.dll - ok
12:29:18.0048 4940 [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\System32\d2d1.dll
12:29:18.0048 4940 C:\Windows\System32\d2d1.dll - ok
12:29:18.0048 4940 [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\System32\DWrite.dll
12:29:18.0048 4940 C:\Windows\System32\DWrite.dll - ok
12:29:18.0048 4940 [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\System32\d3d10warp.dll
12:29:18.0048 4940 C:\Windows\System32\d3d10warp.dll - ok
12:29:18.0048 4940 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
12:29:18.0048 4940 C:\Windows\System32\AltTab.dll - ok
12:29:18.0048 4940 [ AB97769B5DFB19DE9D4C93695B82EEEF ] C:\Program Files\Internet Explorer\sqmapi.dll
12:29:18.0048 4940 C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:29:18.0063 4940 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
12:29:18.0063 4940 C:\Windows\System32\WPDShServiceObj.dll - ok
12:29:18.0063 4940 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
12:29:18.0063 4940 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:29:18.0063 4940 [ 27FC75229EEE367D4C0E643C108A90FA ] C:\Windows\System32\LocationApi.dll
12:29:18.0063 4940 C:\Windows\System32\LocationApi.dll - ok
12:29:18.0063 4940 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
12:29:18.0063 4940 C:\Windows\System32\pnidui.dll - ok
12:29:18.0063 4940 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\System32\tquery.dll
12:29:18.0063 4940 C:\Windows\System32\tquery.dll - ok
12:29:18.0079 4940 [ D6626C93BF7F557839C028D32247F910 ] C:\Windows\System32\SensorsApi.dll
12:29:18.0079 4940 C:\Windows\System32\SensorsApi.dll - ok
12:29:18.0079 4940 [ DEFB55D4FF094673DF31FA89A8A8A2F0 ] C:\Windows\System32\dxtrans.dll
12:29:18.0079 4940 C:\Windows\System32\dxtrans.dll - ok
12:29:18.0079 4940 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\System32\ddrawex.dll
12:29:18.0079 4940 C:\Windows\System32\ddrawex.dll - ok
12:29:18.0079 4940 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\System32\dciman32.dll
12:29:18.0079 4940 C:\Windows\System32\dciman32.dll - ok
12:29:18.0079 4940 [ C68FBBF01E86CB6CF0B797748FBD6C1A ] C:\Windows\System32\dxtmsft.dll
12:29:18.0079 4940 C:\Windows\System32\dxtmsft.dll - ok
12:29:18.0079 4940 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\System32\mssrch.dll
12:29:18.0079 4940 C:\Windows\System32\mssrch.dll - ok
12:29:18.0079 4940 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
12:29:18.0079 4940 C:\Windows\System32\QUTIL.DLL - ok
12:29:18.0095 4940 [ D5E18BA95F9E7D787D25EF07AC68603E ] C:\Windows\System32\tzres.dll
12:29:18.0095 4940 C:\Windows\System32\tzres.dll - ok
12:29:18.0095 4940 [ 96E0F0BED5D9EBABB899D8CA83C36A7E ] C:\Windows\System32\vbscript.dll
12:29:18.0095 4940 C:\Windows\System32\vbscript.dll - ok
12:29:18.0095 4940 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll
12:29:18.0095 4940 C:\Windows\System32\cscobj.dll - ok
12:29:18.0095 4940 [ 523214677C1D31D7991632C6D11E6B42 ] C:\Windows\System32\d3dim700.dll
12:29:18.0095 4940 C:\Windows\System32\d3dim700.dll - ok
12:29:18.0095 4940 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
12:29:18.0095 4940 C:\Windows\System32\msidle.dll - ok
12:29:18.0095 4940 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
12:29:18.0095 4940 C:\Windows\System32\rasdlg.dll - ok
12:29:18.0110 4940 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
12:29:18.0110 4940 C:\Windows\System32\srchadmin.dll - ok
12:29:18.0110 4940 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
12:29:18.0110 4940 C:\Windows\System32\mssprxy.dll - ok
12:29:18.0110 4940 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
12:29:18.0110 4940 C:\Windows\System32\dot3api.dll - ok
12:29:18.0110 4940 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
12:29:18.0110 4940 C:\Windows\System32\wlanhlp.dll - ok
12:29:18.0110 4940 [ E1C1197D2202843F1CBAFB449851C7F5 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
12:29:18.0110 4940 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
12:29:18.0110 4940 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
12:29:18.0110 4940 C:\Windows\System32\ActionCenter.dll - ok
12:29:18.0126 4940 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:29:18.0126 4940 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:29:18.0126 4940 [ 40F9FC39CCF5445F3075083380BD5421 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
12:29:18.0126 4940 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
12:29:18.0126 4940 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
12:29:18.0126 4940 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:29:18.0141 4940 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
12:29:18.0141 4940 C:\Windows\System32\WWanAPI.dll - ok
12:29:18.0141 4940 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
12:29:18.0141 4940 C:\Windows\System32\wwapi.dll - ok
12:29:18.0141 4940 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:29:18.0141 4940 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:29:18.0141 4940 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
12:29:18.0141 4940 C:\Windows\System32\QAGENT.DLL - ok
12:29:18.0141 4940 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
12:29:18.0141 4940 C:\Windows\System32\bthprops.cpl - ok
12:29:18.0157 4940 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
12:29:18.0157 4940 C:\Windows\System32\wmdrmdev.dll - ok
12:29:18.0157 4940 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
12:29:18.0157 4940 C:\Windows\System32\drmv2clt.dll - ok
12:29:18.0157 4940 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
12:29:18.0157 4940 C:\Windows\System32\mfplat.dll - ok
12:29:18.0157 4940 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
12:29:18.0157 4940 C:\Windows\System32\blackbox.dll - ok
12:29:18.0157 4940 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
12:29:18.0157 4940 C:\Windows\System32\upnp.dll - ok
12:29:18.0157 4940 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
12:29:18.0157 4940 C:\Windows\System32\wmp.dll - ok
12:29:18.0173 4940 [ C4A1187263DE737BE8AF1BED11B1C0B7 ] C:\Program Files\Internet Explorer\ieproxy.dll
12:29:18.0173 4940 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:29:18.0173 4940 [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\System32\webcheck.dll
12:29:18.0173 4940 C:\Windows\System32\webcheck.dll - ok
12:29:18.0173 4940 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
12:29:18.0173 4940 C:\Windows\System32\wmpps.dll - ok
12:29:18.0173 4940 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
12:29:18.0173 4940 C:\Windows\System32\FXSST.dll - ok
12:29:18.0173 4940 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
12:29:18.0173 4940 C:\Windows\System32\FXSAPI.dll - ok
12:29:18.0173 4940 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
12:29:18.0173 4940 C:\Windows\System32\hgcpl.dll - ok
12:29:18.0188 4940 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
12:29:18.0188 4940 C:\Windows\System32\fdWSD.dll - ok
12:29:18.0188 4940 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
12:29:18.0188 4940 C:\Windows\System32\FXSSVC.exe - ok
12:29:18.0188 4940 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
12:29:18.0188 4940 C:\Windows\System32\fdSSDP.dll - ok
12:29:18.0188 4940 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
12:29:18.0188 4940 C:\Windows\System32\fdProxy.dll - ok
12:29:18.0188 4940 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\System32\SearchProtocolHost.exe
12:29:18.0188 4940 C:\Windows\System32\SearchProtocolHost.exe - ok
12:29:18.0204 4940 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
12:29:18.0204 4940 C:\Windows\System32\msshooks.dll - ok
12:29:18.0204 4940 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\System32\SearchFilterHost.exe
12:29:18.0204 4940 C:\Windows\System32\SearchFilterHost.exe - ok
12:29:18.0204 4940 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
12:29:18.0204 4940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
12:29:18.0204 4940 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
12:29:18.0204 4940 C:\Windows\System32\mscoree.dll - ok
12:29:18.0204 4940 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\System32\mssvp.dll
12:29:18.0204 4940 C:\Windows\System32\mssvp.dll - ok
12:29:18.0219 4940 [ F148865E4AC4F715E322EA06E6E21D84 ] C:\Windows\System32\wbem\NCProv.dll
12:29:18.0219 4940 C:\Windows\System32\wbem\NCProv.dll - ok
12:29:18.0219 4940 [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll
12:29:18.0219 4940 C:\Windows\System32\bitsigd.dll - ok
12:29:18.0219 4940 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll
12:29:18.0219 4940 C:\Windows\System32\bitsperf.dll - ok
12:29:18.0219 4940 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:29:18.0219 4940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
12:29:18.0219 4940 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\System32\msvcr100_clr0400.dll
12:29:18.0219 4940 C:\Windows\System32\msvcr100_clr0400.dll - ok
12:29:18.0235 4940 [ 98B16E756243BEA9410E32025B19C06F ] C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:29:18.0235 4940 C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
12:29:18.0235 4940 [ D16D818E9930A6E5B4F6476DD0998D1A ] C:\Windows\System32\drivers\spsys.sys
12:29:18.0235 4940 C:\Windows\System32\drivers\spsys.sys - ok
12:29:18.0235 4940 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\System32\dbghelp.dll
12:29:18.0235 4940 C:\Windows\System32\dbghelp.dll - ok
12:29:18.0235 4940 [ 3A11396EAC2414012155AB14E5C1E332 ] C:\Windows\System32\sppwinob.dll
12:29:18.0235 4940 C:\Windows\System32\sppwinob.dll - ok
12:29:18.0235 4940 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
12:29:18.0235 4940 C:\Windows\System32\p2pcollab.dll - ok
12:29:18.0235 4940 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
12:29:18.0235 4940 C:\Windows\System32\fveui.dll - ok
12:29:18.0235 4940 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\System32\cabinet.dll
12:29:18.0235 4940 C:\Windows\System32\cabinet.dll - ok
12:29:18.0251 4940 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\System32\mspatcha.dll
12:29:18.0251 4940 C:\Windows\System32\mspatcha.dll - ok
12:29:18.0251 4940 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\Windows\System32\wuapi.dll
12:29:18.0251 4940 C:\Windows\System32\wuapi.dll - ok
12:29:18.0251 4940 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\Windows\System32\wups.dll
12:29:18.0251 4940 C:\Windows\System32\wups.dll - ok
12:29:18.0251 4940 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\Windows\System32\wups2.dll
12:29:18.0251 4940 C:\Windows\System32\wups2.dll - ok
12:29:18.0251 4940 [ 421D9645B72CD341ECDBB0FCE06C97DE ] C:\Windows\System32\sppobjs.dll
12:29:18.0251 4940 C:\Windows\System32\sppobjs.dll - ok
12:29:18.0266 4940 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:29:18.0266 4940 C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
12:29:18.0266 4940 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
12:29:18.0266 4940 C:\Program Files\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
12:29:18.0266 4940 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
12:29:18.0266 4940 C:\Program Files\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
12:29:18.0266 4940 [ D2F7A0ADC2EE0F65AB1F19D2E00C16B8 ] C:\Windows\System32\sc.exe
12:29:18.0266 4940 C:\Windows\System32\sc.exe - ok
12:29:18.0266 4940 [ B1462F0C851B0B0F3FBC4ADBB09CDF5E ] C:\Windows\System32\vmictimeprovider.dll
12:29:18.0266 4940 C:\Windows\System32\vmictimeprovider.dll - ok
12:29:18.0266 4940 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
12:29:18.0266 4940 C:\Windows\System32\security.dll - ok
12:29:18.0282 4940 [ 43BE3B9CA431F88E049928DC45C4365C ] C:\Windows\System32\wbem\wmipcima.dll
12:29:18.0282 4940 C:\Windows\System32\wbem\wmipcima.dll - ok
12:29:18.0282 4940 ============================================================
12:29:18.0282 4940 Scan finished
12:29:18.0282 4940 ============================================================
12:29:18.0282 4932 Detected object count: 6
12:29:18.0282 4932 Actual detected object count: 6
12:30:47.0030 4932 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0030 4932 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:47.0046 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0046 4932 Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:47.0046 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0046 4932 CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:47.0046 4932 OMSI download service ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0046 4932 OMSI download service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:47.0046 4932 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0046 4932 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:30:47.0046 4932 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:30:47.0046 4932 Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:31:55.0093 3436 Deinitialize success



And this is from MBAR:


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x86

Account is Administrative

Internet Explorer version: 10.0.9200.16686

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 3748335616, free: 2561286144

Downloaded database version: v2013.10.06.02
Downloaded database version: v2013.09.30.01
=======================================
Initializing...
------------ Kernel report ------------
10/06/2013 12:44:18
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\90950993.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\epfwwfp.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\hssdrv6.sys
\SystemRoot\system32\DRIVERS\EpfwLWF.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECI.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\L1C62x86.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda32v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\epfw.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\parvdm.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\setupapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\wininet.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff857ee200
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xffffffff852c5908
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff857ee200, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff857ef020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff857ee200, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8529f930, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff852c5908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: DB5F30C7

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 306993152

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 307200000 Numsec = 669571072

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_0_2048_i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished




Now my system works perfectly. I don't have problem to open any page in mozilla firefox. :thumbsup:

Edited by Damba, 06 October 2013 - 05:27 AM.

  • 0

#18
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Damba

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::



Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

  • 0

#19
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Here is:

ComboFix 13-10-04.02 - COBRA 2 6.10.2013. 22:58:21.2.4 - x86
Microsoft Windows 7 Ultimate 6.1.7601.1.1250.385.1033.18.3575.2152 [GMT 2:00]
Running from: c:\users\COBRA 2\Desktop\ComboFix.exe
Command switches used :: c:\users\COBRA 2\Desktop\CFScript.txt
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2013-09-06 to 2013-10-06 )))))))))))))))))))))))))))))))
.
.
2013-10-06 21:03 . 2013-10-06 21:03 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2013-10-06 21:03 . 2013-10-06 21:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-10-06 11:23 . 2012-08-23 14:44 14848 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys
2013-10-06 11:23 . 2012-08-23 14:10 12288 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-10-06 11:23 . 2012-08-23 14:40 49664 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys
2013-10-06 11:23 . 2012-08-23 14:10 13312 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-10-06 11:23 . 2012-08-23 13:52 12800 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll
2013-10-06 11:22 . 2012-08-23 14:48 221184 ----a-w- c:\windows\system32\rdpudd.dll
2013-10-06 11:22 . 2012-08-23 13:47 46592 ----a-w- c:\windows\system32\MsRdpWebAccess.dll
2013-10-06 11:22 . 2012-08-23 13:46 16896 ----a-w- c:\windows\system32\wksprtPS.dll
2013-10-06 11:22 . 2012-08-23 13:32 32768 ----a-w- c:\windows\system32\TsUsbGDCoInstaller.dll
2013-10-06 11:22 . 2012-08-23 13:18 37376 ----a-w- c:\windows\system32\tsgqec.dll
2013-10-06 11:22 . 2012-08-23 11:40 56320 ----a-w- c:\windows\system32\TSWbPrxy.exe
2013-10-06 11:22 . 2012-08-23 11:32 317440 ----a-w- c:\windows\system32\wksprt.exe
2013-10-06 11:22 . 2012-08-23 11:15 269312 ----a-w- c:\windows\system32\aaclient.dll
2013-10-06 11:22 . 2012-08-23 11:12 192000 ----a-w- c:\windows\system32\rdpendp_winip.dll
2013-10-06 11:22 . 2012-08-23 10:39 1048064 ----a-w- c:\windows\system32\mstsc.exe
2013-10-06 11:22 . 2012-08-23 10:08 2739712 ----a-w- c:\windows\system32\rdpcorets.dll
2013-10-06 11:22 . 2012-08-23 08:19 4916224 ----a-w- c:\windows\system32\mstscax.dll
2013-10-06 11:12 . 2012-08-24 17:05 136560 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2013-10-06 11:12 . 2012-08-24 17:02 369856 ----a-w- c:\windows\system32\drivers\cng.sys
2013-10-06 11:12 . 2012-08-24 16:57 247808 ----a-w- c:\windows\system32\schannel.dll
2013-10-06 11:12 . 2012-08-24 16:56 1039360 ----a-w- c:\windows\system32\lsasrv.dll
2013-10-06 11:12 . 2012-05-04 09:59 514560 ----a-w- c:\windows\system32\qdvd.dll
2013-10-06 10:44 . 2013-10-06 11:08 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2013-10-06 07:15 . 2013-10-06 07:15 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-10-06 04:44 . 2013-10-06 21:03 -------- d-----w- c:\users\COBRA 2\AppData\Local\temp
2013-10-05 09:02 . 2013-10-05 09:02 -------- d-----w- c:\windows\ERUNT
2013-10-05 08:50 . 2013-10-05 08:55 -------- d-----w- C:\AdwCleaner
2013-10-04 20:03 . 2013-09-05 05:02 7328304 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{047DFB7A-FB81-4EE1-8C2D-5AAAC0FE7AA5}\mpengine.dll
2013-09-27 21:31 . 2013-09-27 21:31 -------- d-----w- c:\windows\system32\Adobe
2013-09-27 21:05 . 2013-09-27 21:14 -------- d-----w- c:\program files\S.P.D
2013-09-27 17:40 . 2013-09-27 17:40 -------- d-----w- c:\users\COBRA 2\AppData\Roaming\Malwarebytes
2013-09-27 17:39 . 2013-09-27 17:39 -------- d-----w- c:\programdata\Malwarebytes
2013-09-26 20:58 . 2013-09-26 20:58 -------- d-----w- c:\users\COBRA 2\AppData\Local\Skillbrains
2013-09-26 11:34 . 2013-09-26 11:34 -------- d-----w- c:\program files\Skillbrains
2013-09-11 23:17 . 2013-09-11 23:17 571168 ----a-w- c:\windows\system32\nvStreaming.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-17 20:23 . 2012-10-10 20:14 13628208 ----a-w- c:\windows\system32\nvwgf2um.dll
2013-09-17 20:23 . 2012-10-10 20:15 1222824 ----a-w- c:\windows\system32\nvumdshim.dll
2013-09-17 20:23 . 2012-10-10 20:14 2630304 ----a-w- c:\windows\system32\nvapi.dll
2013-09-12 06:28 . 2011-01-20 18:11 4265760 ----a-w- c:\windows\system32\nvcpl.dll
2013-09-12 06:28 . 2011-01-20 18:11 3006240 ----a-w- c:\windows\system32\nvsvc.dll
2013-09-12 06:28 . 2011-01-20 18:12 662816 ----a-w- c:\windows\system32\nvvsvc.exe
2013-09-12 06:28 . 2011-01-20 18:12 2555168 ----a-w- c:\windows\system32\nvsvcr.dll
2013-09-12 06:28 . 2011-01-07 20:06 62752 ----a-w- c:\windows\system32\nvshext.dll
2013-09-12 06:28 . 2011-01-20 18:12 209184 ----a-w- c:\windows\system32\nvmctray.dll
2013-09-11 09:59 . 2012-04-01 11:17 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-11 09:59 . 2012-02-28 20:04 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-07 02:22 . 2012-02-20 15:25 238872 ------w- c:\windows\system32\MpSigStub.exe
2013-08-01 13:15 . 2013-08-01 13:15 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-08-01 13:15 . 2013-01-21 09:51 867240 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-08-01 13:15 . 2013-01-21 09:51 789416 ----a-w- c:\windows\system32\deployJava1.dll
2013-07-25 08:57 . 2013-08-15 08:58 1620992 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-19 01:41 . 2013-08-15 08:58 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-09 05:03 . 2013-08-15 08:58 3913664 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-07-09 05:03 . 2013-08-15 08:58 3968960 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-07-09 04:53 . 2013-08-15 08:58 1289096 ----a-w- c:\windows\system32\ntdll.dll
2013-07-09 04:52 . 2013-08-15 08:58 175104 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 04:50 . 2013-08-15 08:58 652800 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 04:46 . 2013-08-15 08:58 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 04:46 . 2013-08-15 08:58 1166848 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 04:46 . 2013-08-15 08:58 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-01 15:40 . 2013-10-06 07:15 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2009-11-20 434176]
"LightShot"="c:\users\COBRA 2\AppData\Local\Skillbrains\lightshot\LightShot.exe" [2013-08-22 226592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2011-02-22 2145904]
"CTSyncService"="c:\program files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" [2009-07-08 1233195]
"VolPanel"="c:\program files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 14848]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2010-04-12 180224]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2012-11-16 3117384]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-02-20 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-02-20 79360]
R3 MSICDSetup;MSICDSetup;E:\CDriver.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
R3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
R3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
R3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
R3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
R3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
R3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
R3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\DRIVERS\s0017bus.sys [2008-10-21 86824]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [2012-02-20 79360]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-20 1343400]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2008-05-06 11520]
S0 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2012-11-16 50152]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [2012-11-16 169120]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2012-03-28 120152]
S1 EpfwLWF;Epfw NDIS LightWeight Filter;c:\windows\system32\DRIVERS\EpfwLWF.sys [2012-03-28 33656]
S1 HssDRV6;Hotspot Shield Routing Driver 6;c:\windows\system32\DRIVERS\hssdrv6.sys [2012-08-01 35560]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [2012-11-16 913184]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-09-11 414496]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe [2011-02-17 27760]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [2010-08-24 68208]
S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2011-02-17 1801328]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 09:59]
.
2013-10-06 c:\windows\Tasks\update-S-1-5-21-1212777114-2928681672-1687617881-1000.job
- c:\program files\Skillbrains\Updater\Updater.exe [2013-09-26 22:26]
.
2013-10-06 c:\windows\Tasks\update-sys.job
- c:\program files\Skillbrains\Updater\Updater.exe [2013-09-26 22:26]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://google.hr/
mStart Page = hxxp://www.google.com
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\COBRA 2\AppData\Roaming\Mozilla\Firefox\Profiles\pmo3r2jb.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.hr/
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-59701881.sys
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(2360)
c:\program files\TeamViewer\Version7\tv_w32.dll
c:\program files\Microsoft Office\Office12\GrooveNew.DLL
c:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL
.
Completion time: 2013-10-06 23:04:08
ComboFix-quarantined-files.txt 2013-10-06 21:04
ComboFix2.txt 2013-10-06 04:44
.
Pre-Run: 120.526.757.888 bytes free
Post-Run: 120.484.270.080 bytes free
.
- - End Of File - - 487BCEFC1DD1E02D0393F556B21541AB
A36C5E4F47E84449FF07ED3517B43A31


Mozilla only blocked "Gmail" page. :(
  • 0

#20
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove


Internet Explorer Toolbar 4.6 by SweetPacks
Java 7 Update 17
Java 7 Update 25
Update Manager for SweetPacks 1.1

[/list]



Please download and install Revo Uninstaller Free

  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.


Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close



Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. default settings are fine
  • Click Run Cleaner.
  • Close CCleaner.

Run Malwarebytes

Please download Malwarebytes' Anti-Malware to your desktop.

  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidently close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.




Download HijackThis

  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic


"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

  • 0

#21
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Here is:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.07.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16686
COBRA 2 :: COBRA2-PC [administrator]

7.10.2013. 7:03:00
mbam-log-2013-10-07 (07-03-00).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 216391
Time elapsed: 3 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


AND



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:32:58, on 7.10.2013.
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\TeamViewer\Version7\TeamViewer.exe
C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\COBRA2~1\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\4.4.2.0\LightShot.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\COBRA 2\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.hr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [LightShot] C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
O4 - HKUS\S-1-5-21-1212777114-2928681672-1687617881-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1212777114-2928681672-1687617881-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: Sound Blaster X-Fi MB Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\Windows\system32\viakaraokesrv.exe

--
End of file - 6839 bytes


I have same problem with "Gmail" page.
  • 0

#22
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Greetings

Turn off ESET's firewall and see if that is blocking it

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.

  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
      O4 - HKLM\..\Run: [CTSyncService] C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe /StartRunKey
      O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r
      O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
      O4 - HKLM\..\Run: [RunDLLEntry] C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
      O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
      O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
      O4 - HKCU\..\Run: [LightShot] C:\Users\COBRA 2\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue
      O4 - HKUS\S-1-5-21-1212777114-2928681672-1687617881-1001\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
      O4 - HKUS\S-1-5-21-1212777114-2928681672-1687617881-1001\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.

    NOTE**You can research each of those lines >here< and see if you want to keep them or not
    just copy the name between the brackets and paste into the search space
    O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish

When the scan is complete

  • If no threats were found
  • put a checkmark in "Uninstall application on close"
  • close program
  • report to me that nothing was found

  • If threats were found
  • click on "list of threats found"
  • click on "export to text file" and save it as ESET SCAN and save to the desktop
  • Click on back
  • put a checkmark in "Uninstall application on close"
  • click on finish
  • close program
  • copy and paste the report here

Gringo
  • 0

#23
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

ESET nothing found, but I still have same problem with "gmail" page.
  • 0

#24
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


did you turn off the firewall?



gringo
  • 0

#25
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Yes I am.
  • 0

Advertisements


#26
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Now I have same problem like on start. Mozilla block all pages (google, facebook...). :( :(
  • 0

#27
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Damba

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
  • 0

#28
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Here is:

OTL logfile created on: 8.10.2013. 6:11:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\COBRA 2\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.

3,49 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 72,01% Memory free
6,98 Gb Paging File | 5,90 Gb Available in Paging File | 84,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,39 Gb Total Space | 112,43 Gb Free Space | 76,80% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 299,04 Gb Free Space | 93,66% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS

Computer Name: COBRA2-PC | User Name: COBRA 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\COBRA 2\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
PRC - C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\Program Files\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)


========== Modules (No Company Name) ==========

MOD - C:\Program Files\WinRAR\RarExt.dll ()


========== Services (SafeList) ==========

SRV - (nvUpdatusService) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ekrn) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe (ESET)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (TeamViewer7) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (VIAKaraokeService) -- C:\Windows\System32\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV - (UNS) -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (CTAudSvcService) -- C:\Program Files\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)


========== Driver Services (SafeList) ==========

DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found
DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found
DRV - (MSICDSetup) -- E:\CDriver.sys File not found
DRV - (catchme) -- C:\Users\COBRA2~1\AppData\Local\Temp\catchme.sys File not found
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (eamonm) -- C:\Windows\System32\drivers\eamonm.sys (ESET)
DRV - (epfwwfp) -- C:\Windows\System32\drivers\epfwwfp.sys (ESET)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (HssDRV6) -- C:\Windows\System32\drivers\hssdrv6.sys (AnchorFree Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (epfw) -- C:\Windows\System32\drivers\epfw.sys (ESET)
DRV - (ehdrv) -- C:\Windows\System32\drivers\ehdrv.sys (ESET)
DRV - (EpfwLWF) -- C:\Windows\System32\drivers\EpfwLWF.sys (ESET)
DRV - (VIAHdAudAddService) -- C:\Windows\System32\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)
DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (s0017bus) -- C:\Windows\System32\drivers\s0017bus.sys (MCCI Corporation)
DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation)
DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation)
DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation)
DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation)
DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation)
DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation)
DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation)
DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.hr/
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr-HR
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E4 17 48 16 64 C3 CD 01 [binary data]
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://uk.search.yah...icevm&type=ASRK
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\..\SearchScopes\{72D890A4-6B0C-4c4b-9D8E-46553D459EB7}: "URL" = http://www.google.co...q={searchTerms}
IE - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.hr"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2012.12.23 19:54:16 | 000,000,000 | ---D | M]

[2013.10.07 10:20:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\COBRA 2\AppData\Roaming\Mozilla\Extensions
[2013.10.07 10:19:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.10.07 10:19:54 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013.10.06 06:43:19 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-1212777114-2928681672-1687617881-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82AC437F-B380-4887-9544-3002BC8E5879}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.10.08 06:09:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\COBRA 2\Desktop\OTL.exe
[2013.10.07 10:20:24 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Roaming\Mozilla
[2013.10.07 10:19:54 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.10.07 10:19:53 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.10.07 08:04:27 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\Desktop\backups
[2013.10.07 07:31:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\COBRA 2\Desktop\HijackThis.exe
[2013.10.07 07:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.10.07 07:01:47 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013.10.07 07:01:47 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.10.07 06:58:14 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.10.07 06:55:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013.10.07 06:55:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.10.07 06:55:41 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.07 06:55:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.07 06:55:37 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.07 06:55:37 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.07 06:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013.10.07 06:55:26 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.10.07 06:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013.10.07 06:37:51 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2013.10.06 23:04:09 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.10.06 23:03:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.10.06 13:23:01 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\rdpvideominiport.sys
[2013.10.06 13:23:01 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
[2013.10.06 13:23:00 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\TsUsbFlt.sys
[2013.10.06 13:23:00 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
[2013.10.06 13:23:00 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RdpGroupPolicyExtension.dll
[2013.10.06 13:22:59 | 002,739,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorets.dll
[2013.10.06 13:22:59 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprt.exe
[2013.10.06 13:22:59 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.10.06 13:22:59 | 000,221,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpudd.dll
[2013.10.06 13:22:59 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpendp_winip.dll
[2013.10.06 13:22:59 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TSWbPrxy.exe
[2013.10.06 13:22:59 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsRdpWebAccess.dll
[2013.10.06 13:22:59 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.10.06 13:22:59 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\TsUsbGDCoInstaller.dll
[2013.10.06 13:22:59 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wksprtPS.dll
[2013.10.06 13:12:30 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2013.10.06 12:44:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.10.06 12:21:42 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\COBRA 2\Desktop\tdsskiller.exe
[2013.10.06 07:18:25 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\Desktop\Stari Firefox podaci
[2013.10.06 06:44:44 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Local\temp
[2013.10.06 06:38:05 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.10.06 06:38:05 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.10.06 06:38:05 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.10.06 06:38:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.10.06 06:37:53 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.10.06 06:31:01 | 005,130,782 | R--- | C] (Swearware) -- C:\Users\COBRA 2\Desktop\ComboFix.exe
[2013.10.05 11:02:24 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.10.05 10:50:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.10.05 10:49:19 | 001,030,305 | ---- | C] (Thisisu) -- C:\Users\COBRA 2\Desktop\JRT.exe
[2013.10.05 09:25:39 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\COBRA 2\Desktop\dds (1).scr
[2013.10.05 09:25:02 | 000,688,992 | ---- | C] (Swearware) -- C:\Users\COBRA 2\Desktop\dds.com
[2013.10.05 09:24:49 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\COBRA 2\Desktop\dds.scr
[2013.09.27 23:31:13 | 000,000,000 | ---D | C] -- C:\Windows\System32\Adobe
[2013.09.27 23:05:51 | 000,000,000 | ---D | C] -- C:\Program Files\S.P.D
[2013.09.27 19:40:13 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Roaming\Malwarebytes
[2013.09.27 19:39:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.26 22:58:29 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
[2013.09.26 22:58:28 | 000,000,000 | ---D | C] -- C:\Users\COBRA 2\AppData\Local\Skillbrains
[2013.09.26 13:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Skillbrains
[2013.09.26 13:13:27 | 002,717,632 | ---- | C] (Skillbrains ) -- C:\Users\COBRA 2\Desktop\setup-lightshot.exe
[2013.09.17 22:23:20 | 022,102,304 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013.09.17 22:23:20 | 009,253,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013.09.17 22:23:20 | 006,329,552 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013.09.17 22:23:20 | 000,266,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2013.09.17 22:23:18 | 000,515,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013.09.17 22:23:18 | 000,141,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2013.09.17 22:23:16 | 012,947,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2013.09.17 22:23:16 | 001,049,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3232723.dll
[2013.09.17 22:23:16 | 000,893,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3232723.dll
[2013.09.17 22:23:16 | 000,892,704 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2013.09.17 22:23:16 | 000,586,016 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013.09.17 22:23:16 | 000,161,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2013.09.17 22:23:16 | 000,028,448 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2013.09.17 22:23:14 | 007,720,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013.09.17 22:23:14 | 002,789,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013.09.17 22:23:14 | 002,007,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013.09.17 22:23:02 | 017,560,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013.09.12 01:17:50 | 000,571,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2013.09.11 23:10:50 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.09.11 23:10:49 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.09.11 23:10:48 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.09.11 23:10:48 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.09.11 23:10:48 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.09.11 23:10:47 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.09.11 23:10:47 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.09.11 23:10:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.09.11 23:10:47 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.09.11 23:10:47 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.09.11 16:21:16 | 000,133,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ataport.sys
[2013.09.11 16:21:15 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.09.11 16:21:13 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2013.09.11 16:21:13 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2013.09.11 16:21:13 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2013.09.11 16:21:13 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.09.11 16:21:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.09.11 16:21:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2013.09.11 16:21:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2013.09.11 16:21:13 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2013.09.11 16:21:13 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2013.09.11 16:21:12 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2013.09.11 16:21:12 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.09.11 16:21:12 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2013.09.11 16:21:12 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2013.09.11 16:21:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2013.09.11 16:21:12 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.02.26 21:24:14 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe5707.dll

========== Files - Modified Within 30 Days ==========

[2013.10.08 06:09:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\COBRA 2\Desktop\OTL.exe
[2013.10.08 05:59:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.10.08 05:05:46 | 000,017,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.10.08 05:05:46 | 000,017,360 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.10.08 05:02:51 | 000,651,938 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.10.08 05:02:51 | 000,120,870 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.10.08 04:58:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.10.08 04:58:23 | 2811,248,640 | -HS- | M] () -- C:\hiberfil.sys
[2013.10.07 18:23:00 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\update-sys.job
[2013.10.07 18:20:00 | 000,000,380 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-1212777114-2928681672-1687617881-1000.job
[2013.10.07 10:19:56 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.07 07:31:13 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\COBRA 2\Desktop\HijackThis.exe
[2013.10.07 07:01:48 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.07 06:58:15 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.10.07 06:55:31 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.10.07 06:55:28 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.10.07 06:55:28 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.10.07 06:55:28 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.10.07 06:55:27 | 000,868,264 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.10.07 06:55:27 | 000,790,440 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.10.07 06:37:51 | 000,001,226 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Revo Uninstaller.lnk
[2013.10.06 12:21:58 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\COBRA 2\Desktop\tdsskiller.exe
[2013.10.06 06:43:19 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.10.06 06:31:28 | 005,130,782 | R--- | M] (Swearware) -- C:\Users\COBRA 2\Desktop\ComboFix.exe
[2013.10.05 10:49:19 | 001,030,305 | ---- | M] (Thisisu) -- C:\Users\COBRA 2\Desktop\JRT.exe
[2013.10.05 10:47:32 | 001,045,226 | ---- | M] () -- C:\Users\COBRA 2\Desktop\AdwCleaner.exe
[2013.10.05 09:25:39 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\COBRA 2\Desktop\dds (1).scr
[2013.10.05 09:25:03 | 000,688,992 | ---- | M] (Swearware) -- C:\Users\COBRA 2\Desktop\dds.com
[2013.10.05 09:24:49 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\COBRA 2\Desktop\dds.scr
[2013.10.05 07:45:19 | 000,233,954 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Mozzila.jpg
[2013.09.27 23:05:51 | 000,001,299 | ---- | M] () -- C:\Users\COBRA 2\Desktop\CCleaner Professional v4.03.4151 Final.lnk
[2013.09.26 22:58:29 | 000,000,444 | ---- | M] () -- C:\Users\COBRA 2\AppData\Local\UserProducts.xml
[2013.09.26 13:13:31 | 002,717,632 | ---- | M] (Skillbrains ) -- C:\Users\COBRA 2\Desktop\setup-lightshot.exe
[2013.09.23 21:12:20 | 004,468,852 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Diana - One Direction (Lyrics)-[www_flvto_com].mp3
[2013.09.17 22:23:24 | 013,628,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2013.09.17 22:23:22 | 001,222,824 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2013.09.17 22:23:20 | 022,102,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2013.09.17 22:23:20 | 009,253,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2013.09.17 22:23:20 | 006,329,552 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll
[2013.09.17 22:23:20 | 000,266,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglshim32.dll
[2013.09.17 22:23:18 | 000,515,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvIFR.dll
[2013.09.17 22:23:18 | 000,141,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2013.09.17 22:23:18 | 000,017,699 | ---- | M] () -- C:\Windows\System32\nvinfo.pb
[2013.09.17 22:23:16 | 012,947,360 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2013.09.17 22:23:16 | 001,049,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3232723.dll
[2013.09.17 22:23:16 | 000,893,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco3232723.dll
[2013.09.17 22:23:16 | 000,892,704 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdagenco3220103.dll
[2013.09.17 22:23:16 | 000,586,016 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\NvFBC.dll
[2013.09.17 22:23:16 | 000,161,056 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys
[2013.09.17 22:23:16 | 000,028,448 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll
[2013.09.17 22:23:14 | 007,720,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2013.09.17 22:23:14 | 002,789,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2013.09.17 22:23:14 | 002,007,328 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2013.09.17 22:23:02 | 017,560,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2013.09.17 22:23:02 | 002,630,304 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2013.09.16 22:39:10 | 002,153,482 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Union J-Set Fire To The Rain -.mp3
[2013.09.16 22:34:48 | 002,790,665 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Union J - Love Story (Lyrics)-[www_flvto_com].mp3
[2013.09.16 22:32:23 | 002,981,352 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Union J - Beneath You're Beautiful (Lyrics)-[www_flvto_com].mp3
[2013.09.16 22:29:08 | 005,842,074 | ---- | M] () -- C:\Users\COBRA 2\Desktop\Union J - Beautiful Life (Lyrics Pictures)-[www_flvto_com].mp3
[2013.09.12 08:28:40 | 004,265,760 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2013.09.12 08:28:40 | 003,006,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2013.09.12 08:28:37 | 002,555,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2013.09.12 08:28:37 | 000,062,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2013.09.12 08:28:36 | 000,209,184 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2013.09.12 08:22:40 | 000,410,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.09.12 01:17:50 | 000,571,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe
[2013.09.11 22:27:01 | 003,361,114 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin
[2013.09.11 12:16:42 | 000,067,923 | ---- | M] () -- C:\Users\COBRA 2\Desktop\mq1.jpg
[2013.09.11 11:59:20 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.09.11 11:59:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013.10.07 10:19:56 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.10.07 07:01:48 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.10.07 06:58:15 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.10.07 06:37:51 | 000,001,226 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Revo Uninstaller.lnk
[2013.10.06 06:38:05 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.10.06 06:38:05 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.10.06 06:38:05 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.10.06 06:38:05 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.10.06 06:38:05 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.10.05 10:47:28 | 001,045,226 | ---- | C] () -- C:\Users\COBRA 2\Desktop\AdwCleaner.exe
[2013.10.05 07:46:27 | 000,233,954 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Mozzila.jpg
[2013.09.27 23:05:51 | 000,001,299 | ---- | C] () -- C:\Users\COBRA 2\Desktop\CCleaner Professional v4.03.4151 Final.lnk
[2013.09.26 13:34:54 | 000,000,444 | ---- | C] () -- C:\Users\COBRA 2\AppData\Local\UserProducts.xml
[2013.09.26 13:34:54 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-1212777114-2928681672-1687617881-1000.job
[2013.09.26 13:34:53 | 000,000,380 | ---- | C] () -- C:\Windows\tasks\update-sys.job
[2013.09.23 21:11:07 | 004,468,852 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Diana - One Direction (Lyrics)-[www_flvto_com].mp3
[2013.09.16 22:39:09 | 002,153,482 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Union J-Set Fire To The Rain -.mp3
[2013.09.16 22:34:40 | 002,790,665 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Union J - Love Story (Lyrics)-[www_flvto_com].mp3
[2013.09.16 22:31:58 | 002,981,352 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Union J - Beneath You're Beautiful (Lyrics)-[www_flvto_com].mp3
[2013.09.16 22:28:31 | 005,842,074 | ---- | C] () -- C:\Users\COBRA 2\Desktop\Union J - Beautiful Life (Lyrics Pictures)-[www_flvto_com].mp3
[2013.09.11 12:16:41 | 000,067,923 | ---- | C] () -- C:\Users\COBRA 2\Desktop\mq1.jpg
[2012.11.18 23:35:04 | 003,361,114 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.02.23 18:34:19 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2012.02.23 18:34:19 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2012.02.23 18:34:19 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2012.02.23 18:34:19 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2012.02.23 18:34:19 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2012.02.23 18:34:19 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2012.02.23 18:34:19 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2012.02.23 18:34:19 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2012.02.23 18:34:19 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2012.02.23 18:34:19 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2012.02.23 18:34:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2012.02.23 18:34:19 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2012.02.23 18:34:19 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2012.02.23 18:34:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2012.02.23 18:34:19 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2012.02.23 18:34:19 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2012.02.23 18:34:19 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2012.02.23 18:34:19 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2012.02.23 18:34:19 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2012.02.23 18:26:47 | 000,000,025 | ---- | C] () -- C:\Windows\CDE SX200EXPORT.ini
[2012.02.20 18:36:07 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2012.02.20 18:34:57 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2012.02.20 14:16:15 | 000,005,037 | ---- | C] () -- C:\Windows\System32\cfgfx.ini
[2012.02.20 14:16:15 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2012.02.20 14:16:15 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2012.02.20 14:16:15 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2012.02.20 14:16:14 | 000,148,480 | ---- | C] () -- C:\Windows\System32\APOMngr.DLL
[2012.02.20 14:16:14 | 000,073,728 | ---- | C] () -- C:\Windows\System32\CmdRtr.DLL
[2012.02.20 14:12:52 | 000,008,192 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll

========== ZeroAccess Check ==========

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


AND



OTL Extras logfile created on: 8.10.2013. 6:11:54 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\COBRA 2\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.

3,49 Gb Total Physical Memory | 2,51 Gb Available Physical Memory | 72,01% Memory free
6,98 Gb Paging File | 5,90 Gb Available in Paging File | 84,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 146,39 Gb Total Space | 112,43 Gb Free Space | 76,80% Space Free | Partition Type: NTFS
Drive D: | 319,28 Gb Total Space | 299,04 Gb Free Space | 93,66% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,66 Mb Free Space | 71,67% Space Free | Partition Type: NTFS

Computer Name: COBRA2-PC | User Name: COBRA 2 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F70E7F3-03A3-4A6B-B3B6-43710F988EA4}" = lport=138 | protocol=17 | dir=in | app=system |
"{150EB0EA-316A-46F4-8CB8-A3F9A16E9A5E}" = lport=137 | protocol=17 | dir=in | app=system |
"{30B199C6-5A1B-4535-99A0-28AEAFB8F358}" = rport=445 | protocol=6 | dir=out | app=system |
"{3A99ACBC-9F6D-4D63-A71C-A450A1124D7F}" = rport=138 | protocol=17 | dir=out | app=system |
"{3D410751-3A84-4123-AF8F-8B1991110C8E}" = lport=445 | protocol=6 | dir=in | app=system |
"{4C5D1782-6FC9-4CB5-B4C7-4635420B0074}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7F1883BE-F14A-47E6-B2A8-F257F05726B0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{88CF1488-17EC-4A4A-AC58-06C99A32425C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{892FEF8C-00C6-4136-B502-DCC272A4E4C0}" = rport=137 | protocol=17 | dir=out | app=system |
"{A5FF6EA2-F535-4B8F-8F03-7A9AA6A71F8F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C913245A-2574-4F21-AB5B-1C7BDA04AA27}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{CA938E23-1428-432D-865D-541DA0E0606D}" = rport=139 | protocol=6 | dir=out | app=system |
"{DA4C05E0-A0DC-45CB-A57B-3B9120A1440B}" = lport=139 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{2D888B61-ECC2-470C-9270-2FB7496EDC70}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{400F65F0-131B-4F62-8DD8-8DF1BCD168CC}" = protocol=58 | dir=in | [email protected],-28545 |
"{65CA45A0-2D94-415E-BF93-AFFC2E4B0358}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{663BC9B1-2602-4DA9-9616-6A6843DBC1F5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{7D62DC69-0178-42DF-A4BF-2CF8B4BC441F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{8D33F36B-1092-47CC-AE21-D1FEF03BD9F7}" = protocol=1 | dir=in | [email protected],-28543 |
"{A362D8A3-7C57-4C51-8564-84CA822A51FD}" = protocol=1 | dir=out | [email protected],-28544 |
"{B0E0948B-DF1C-4746-AA18-94BFE0F1679E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{BF0AAFA9-763F-4326-8049-75CB2347165A}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{D69C57C2-2970-42F7-BA3C-C96FB7E7EEC2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{DF47BFDE-A128-4EF0-B5D4-3A0CE74E4DD2}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{E1DF8E65-BF3D-4CA1-A181-34609D73035B}" = protocol=58 | dir=out | [email protected],-28546 |
"{E226456D-C910-424D-9F82-FE7EA422D686}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe |
"{F8DE57F3-A91A-4DE5-88F6-9E860307A300}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{FD6C30FA-6C68-42E8-9443-89F0DE5926F8}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{04BDADD5-B981-49DB-90F0-DE11F19C50B4}_is1" = Football Manager 2013 version 13.3.3
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = lightshot-4.4.2.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42EDF895-158C-484E-A7F2-42B90759F281}" = Camera RAW Plug-In for EPSON Creativity Suite
"{46CBBDF8-55B5-40DB-B459-7B848394309C}" = EPSON File Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}" = EPSON Easy Photo Print
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.23
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C834CCDA-B24F-4D2E-A025-EB85A23003A7}" = ESET Smart Security
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.50.52
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"CCleaner" = CCleaner
"CCleaner Professional v4.03.4151 Final Fully Activated" = CCleaner Professional v4.03.4151 Final Fully Activated
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"EPSON Scanner" = EPSON Scan
"EPSON Stylus SX200 Series" = EPSON Stylus SX200 Series Printer Uninstall
"EPSON Stylus SX200_SX400_TX200_TX400 Korisnički vodič" = EPSON Stylus SX200_SX400_TX200_TX400 Priručnik
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Need for Speed Most Wanted_is1" = Need for Speed Most Wanted
"Nero" = Nero
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PowerISO" = PowerISO
"Revo Uninstaller" = Revo Uninstaller 1.95
"TeamViewer 7" = TeamViewer 7
"TNod" = TNod User & Password Finder
"ULTIMATER" = Microsoft Office Ultimate 2007
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.4
"WinRAR archiver" = WinRAR archiver

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1212777114-2928681672-1687617881-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"JoinMe" = join.me

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7.10.2013. 1:40:40 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 9002
Description =

Error - 7.10.2013. 1:40:40 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 3029
Description =

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 3028
Description =

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 3058
Description =

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Windows Search Service | ID = 7010
Description =

Error - 7.10.2013. 4:14:52 | Computer Name = COBRA2-PC | Source = VSS | ID = 8194
Description =

Error - 7.10.2013. 23:28:06 | Computer Name = COBRA2-PC | Source = SideBySide | ID = 16842815
Description = Activation context generation failed for "C:\Program Files\Common
Files\Adobe AIR\Versions\1.0\Adobe AIR.dll".Error in manifest or policy file "C:\Program
Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" on line 3. The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
of attribute "version" in element "assemblyIdentity" is invalid.

Error - 7.10.2013. 23:29:06 | Computer Name = COBRA2-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\sony ericsson\sony
ericsson pc suite\Drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7.10.2013. 23:29:14 | Computer Name = COBRA2-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "c:\program files\sony ericsson\sony
ericsson pc companion\Drivers\DPInst64.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ System Events ]
Error - 6.10.2013. 16:57:23 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7034
Description = The Sony Ericsson OMSI download service service terminated unexpectedly.
It has done this 1 time(s).

Error - 6.10.2013. 16:57:25 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 6.10.2013. 17:01:22 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 6.10.2013. 17:03:11 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7030
Description = The PEVSystemStart service is marked as an interactive service. However,
the system is configured to not allow interactive services. This service may not
function properly.

Error - 7.10.2013. 1:02:13 | Computer Name = COBRA2-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 48.

Error - 7.10.2013. 1:03:02 | Computer Name = COBRA2-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 48.

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7024
Description = The Windows Search service terminated with service-specific error
%%-1073473535.

Error - 7.10.2013. 1:40:41 | Computer Name = COBRA2-PC | Source = Service Control Manager | ID = 7031
Description = The Windows Search service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 30000 milliseconds:
Restart the service.

Error - 7.10.2013. 3:58:54 | Computer Name = COBRA2-PC | Source = Schannel | ID = 36870
Description = A fatal error occurred when attempting to access the SSL server credential
private key. The error code returned from the cryptographic module is 0x8009030d.
The internal error state is 10001.

Error - 7.10.2013. 4:42:59 | Computer Name = COBRA2-PC | Source = Schannel | ID = 36887
Description = The following fatal alert was received: 48.


< End of report >
  • 1

#29
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello Damba

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image text box.
    :OTL
    FF - user.js - File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    :Files
    ipconfig /flushdns /c
    
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    [reboot]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo
  • 0

#30
Damba

Damba

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Hi Gringo,

Here is:

========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Starting removal of ActiveX control {7530BFB8-7293-4D34-9923-61A11451AFC5}
C:\Windows\Downloaded Program Files\OnlineScanner.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7530BFB8-7293-4D34-9923-61A11451AFC5}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\COBRA 2\Desktop\cmd.bat deleted successfully.
C:\Users\COBRA 2\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: COBRA 2
->Java cache emptied: 0 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb


[EMPTYFLASH]

User: All Users

User: COBRA 2
->Flash cache emptied: 619 bytes

User: Default

User: Default User

User: Public

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10092013_010901



Situation is: No change :(

Edited by Damba, 08 October 2013 - 05:16 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP