[assaf1]

Many Thanks!

[Advertisements]

Hello, sorry for the delay

Looking good! Let's get rid of those 2 errors and run a sweep for remnants.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: FRST Fix

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste).
• Save it on the desktop as fixlist.txt

Start
Task: {2E91D64C-76AB-482C-A800-C15C41056491} - System32\Tasks\Lenovo\Lenovo-23150 => C:\ProgramData\Lenovo-23150.vbs [2013-09-15] ()
Task: {B6FB2300-3658-4CEA-A194-6E758CA34603} - System32\Tasks\Lenovo\Lenovo-23238 => C:\ProgramData\Lenovo-23238.vbs [2013-09-15] ()
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.



Step 2: Download and Run Temporary File Cleaner


Download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Step 3: Scan with Malwarebytes


Please download Malwarebytes' Anti-Malware from Here.

• Double Click mbam-setup.exe to install the application (Windows 7 users, right click and select Run as Administrator.)
• Proceed through the setup
  
  • Choose your language
  • Accept the License Agreement
  • Select Destination Location
  • Select Start Menu Folder
  • Select Addtional Tasks
  • Click Install
  • In the Completeing the Malwarebytes Anti-Malware Setup Wizard Window
    
    • Uncheck Enable free trial of Malwarebytes Anti-Malware PRO
    • Keep the check mark beside Update Malwarebytes' Anti-Malware
    • Keep the check mark beside Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan
• Click Scan. The scan may take some time to finish,so please be patient.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
• Make sure that everything is checked, and click Remove Selected.
  
  
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Step 4: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
  
• Now click on Start
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• Now click on Finish
  
• Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Step 5: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

• FRST Fix Log
  
• ESET Scan Log
  
• MBAM Log
  
• SecurityCheck Log

[pystryker]

Hello, sorry for the delay

Looking good! Let's get rid of those 2 errors and run a sweep for remnants.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: FRST Fix

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste).
• Save it on the desktop as fixlist.txt

Start
Task: {2E91D64C-76AB-482C-A800-C15C41056491} - System32\Tasks\Lenovo\Lenovo-23150 => C:\ProgramData\Lenovo-23150.vbs [2013-09-15] ()
Task: {B6FB2300-3658-4CEA-A194-6E758CA34603} - System32\Tasks\Lenovo\Lenovo-23238 => C:\ProgramData\Lenovo-23238.vbs [2013-09-15] ()
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.



Step 2: Download and Run Temporary File Cleaner


Download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
• Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Step 3: Scan with Malwarebytes


Please download Malwarebytes' Anti-Malware from Here.

• Double Click mbam-setup.exe to install the application (Windows 7 users, right click and select Run as Administrator.)
• Proceed through the setup
  
  • Choose your language
  • Accept the License Agreement
  • Select Destination Location
  • Select Start Menu Folder
  • Select Addtional Tasks
  • Click Install
  • In the Completeing the Malwarebytes Anti-Malware Setup Wizard Window
    
    • Uncheck Enable free trial of Malwarebytes Anti-Malware PRO
    • Keep the check mark beside Update Malwarebytes' Anti-Malware
    • Keep the check mark beside Launch Malwarebytes' Anti-Malware
  • Click Finish.
  • If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform Quick Scan
• Click Scan. The scan may take some time to finish,so please be patient.
  
  
  
• When the scan is complete, click OK, then Show Results to view the results.
  
  
  
• Make sure that everything is checked, and click Remove Selected.
  
  
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and Paste the entire report in your next reply.

Step 4: Scan with ESET Online Scanner


Please note: You can use Internet Explorer or Firefox for this step. Either browser used will have to be ran in admin mode.

Right click on either the Internet Explorer icon or the Firefox icon in the Start Menu or Quick Launch Bar on the Task bar and select Run as Administrator from the menu.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->

• Select the option YES, I accept the Terms of Use then click on Start
  
• When prompted allow the Add-On/Active X to install.
  
• Make sure that the option Remove found threats is NOT checked.
  
• Make sure that the option Scan archives is checked.
  
• Now click on Advanced Settings and select the following:
• Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology
  
• Now click on Start
  
• The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  
• When completed the Online Scan will begin automatically. The scan may take several hours.
  
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  
• Now click on Finish
  
• Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  
• Copy and paste that log as a reply to this topic.

Step 5: SecurityCheck Scan


Download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Things I need to see in your next post:

• FRST Fix Log
  
• ESET Scan Log
  
• MBAM Log
  
• SecurityCheck Log

[assaf1]

Hi Again

This time the two error messages did not appear! Thanks!!

Here are the logs you asked for:


FRST Fix Log

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-02-2014 01
Ran by Shlomi at 2014-02-25 18:15:38 Run:2
Running from C:\Users\Shlomi\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Task: {2E91D64C-76AB-482C-A800-C15C41056491} - System32\Tasks\Lenovo\Lenovo-23150 => C:\ProgramData\Lenovo-23150.vbs [2013-09-15] ()
Task: {B6FB2300-3658-4CEA-A194-6E758CA34603} - System32\Tasks\Lenovo\Lenovo-23238 => C:\ProgramData\Lenovo-23238.vbs [2013-09-15] ()
End
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E91D64C-76AB-482C-A800-C15C41056491} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E91D64C-76AB-482C-A800-C15C41056491} => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\Lenovo-23150 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo-23150 => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6FB2300-3658-4CEA-A194-6E758CA34603} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6FB2300-3658-4CEA-A194-6E758CA34603} => Key deleted successfully.
C:\Windows\System32\Tasks\Lenovo\Lenovo-23238 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo-23238 => Key deleted successfully.

==== End of Fixlog ====

ESET Scan Log

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=f40fafa26179894493e34f9470f6ba50
# engine=17220
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-25 06:29:21
# local_time=2014-02-25 08:29:21 (+0200, Jerusalem Standard Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=774 16777213 71 77 2187826 2187835 0 0
# compatibility_mode=5893 16776574 100 94 1891467 16186663 0 0
# scanned=159899
# found=12
# cleaned=0
# scan_time=6199
sh=7DE60A3AEAC96F7FA559D468D852FBDDA731391F ft=1 fh=3d20769bd48072ca vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnIC.dll"
sh=DBA4D7540C69C6492D48E688A00B51387685F8A6 ft=1 fh=fb092140bceb8039 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnStub.exe"
sh=140308EF85F243BA4D2AAC012B1017B47E52B89E ft=1 fh=ffd7fdcd47cd63f7 vn="a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\ApnToolbarInstaller.exe"
sh=44554E882D1DD6FBF71B6550B0687E3D9FD73711 ft=1 fh=b0638f029680e22d vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\Ask\AskPIP_FF_.exe"
sh=E5A3C100D2D0FD94482783AF2B2FF94CDFC9923F ft=1 fh=a0ddd0619a504a2e vn="a variant of Win32/Hao123.A potentially unwanted application" ac=I fn="C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Package\BaiDu\hao123inst.exe"
sh=FDE3D7E13260CD75D7523F0B02BC06C16419C026 ft=1 fh=3918cb108fedf547 vn="a variant of Win32/Hao123.A potentially unwanted application" ac=I fn="C:\Users\Shlomi\Downloads\FFSetup3-3-1-0.exe"
sh=281D18A4F4A93DD70486AA67AD9274D46DFA5BAC ft=1 fh=57855ec8bd190f95 vn="Win32/MyPCBackup.A potentially unwanted application" ac=I fn="E:\rcpsetup3_dcomnew_util_300_dcomnew_util_300.exe"
sh=4A2208D45C47414F446F0228538CBEE2157F210D ft=1 fh=79bff53fd5211156 vn="Win32/SoftonicDownloader.E potentially unwanted application" ac=I fn="E:\SoftonicDownloader_for_iringer.exe"
sh=20164A4C9B307A893509AE51385AE179879BE429 ft=1 fh=c8c5a05d507c7492 vn="Win32/SoftonicDownloader.E potentially unwanted application" ac=I fn="E:\SoftonicDownloader_for_toneshop.exe"
sh=CE608EEE9D8CCC2D73436DF1575171ECA196821F ft=1 fh=b86229ba063df59a vn="Win32/OpenCandy potentially unsafe application" ac=I fn="E:\winamp565_full_emusic-7plus_all.exe"
sh=C339B01017F4694AA5F87934991651A9F1A32BE7 ft=1 fh=90c33a67f00cd0dc vn="Win32/OpenCandy potentially unsafe application" ac=I fn="E:\Downloads\avc-free (1).exe"
sh=2562BFFE3EECC91CA17316CA127D0EBA63FE9B8C ft=1 fh=3dc85a9828d85bf4 vn="probably a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application" ac=I fn="E:\Downloads\LimeWireWin.exe"


MBAM Log

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.25.06

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
Shlomi :: SHLOMI-PC [administrator]

25-Feb-14 18:32:25
mbam-log-2014-02-25 (18-32-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 217758
Time elapsed: 7 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


SecurityCheck Log

Results of screen317's Security Check version 0.99.79
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Flash Player 12.0.0.70
Adobe Reader XI
Mozilla Firefox (27.0.1)
Google Chrome 34.0.1838.2
Google Chrome 34.0.1847.3
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

[pystryker]

Getting there I'll have further instructions for you this evening.

[pystryker]

Hi Again

This time the two error messages did not appear! Thanks!!

Hello

Very good! Let's show the remnants that were found the door.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: FRST Fix

• Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
• Right-click in the open notepad and select Paste).
• Save it on the desktop as fixlist.txt

Start
C:\Users\Shlomi\Downloads\FFSetup3-3-1-0.exe
E:\rcpsetup3_dcomnew_util_300_dcomnew_util_300.exe
E:\SoftonicDownloader_for_iringer.exe
E:\SoftonicDownloader_for_toneshop.exe
E:\winamp565_full_emusic-7plus_all.exe
E:\Downloads\avc-free (1).exe
E:\Downloads\LimeWireWin.exe
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating systemOn Vista or Windows 7

Now please enter System Recovery Options.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Things I need to see in your next post:

Fixlog.txt

Question: How is the computer running now?

[assaf1]

Hi

Many thanks again for all your efforts!!

Unfortunately the PC became slower than it was on the 23.2 (please find the actions on the trail we made that day)


Here is the log you asked for...

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014 01
Ran by Shlomi at 2014-02-26 19:18:22 Run:3
Running from C:\Users\Shlomi\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
C:\Users\Shlomi\Downloads\FFSetup3-3-1-0.exe
E:\rcpsetup3_dcomnew_util_300_dcomnew_util_300.exe
E:\SoftonicDownloader_for_iringer.exe
E:\SoftonicDownloader_for_toneshop.exe
E:\winamp565_full_emusic-7plus_all.exe
E:\Downloads\avc-free (1).exe
E:\Downloads\LimeWireWin.exe
End
*****************

C:\Users\Shlomi\Downloads\FFSetup3-3-1-0.exe => Moved successfully.
E:\rcpsetup3_dcomnew_util_300_dcomnew_util_300.exe => Moved successfully.
E:\SoftonicDownloader_for_iringer.exe => Moved successfully.
E:\SoftonicDownloader_for_toneshop.exe => Moved successfully.
E:\winamp565_full_emusic-7plus_all.exe => Moved successfully.
E:\Downloads\avc-free (1).exe => Moved successfully.
E:\Downloads\LimeWireWin.exe => Moved successfully.

==== End of Fixlog ====

[pystryker]

Hi

Many thanks again for all your efforts!!

Unfortunately the PC became slower than it was on the 23.2 (please find the actions on the trail we made that day)

Hello , you're very much welcome. Is there a particular browser it is slow in? Let's get a fresh look with FRST and see if there's anything lingering.

Start FRST and press the Scan button.

When finished, it will produce a log called FRST.txt. Please post it in your next reply.

Things I need to see in your next post

New FRST Log

[assaf1]

Hi

Chrome browser is the slower one.firefox is a bit better.

The thing is that it seems that the pc situation has rolled back in meaning of performance like the beginning

It had 98-99 % cpu usage yesterday...

Here is the log you asked for:

Thanks!!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014
Ran by Shlomi (administrator) on SHLOMI-PC on 27-02-2014 07:24:19
Running from C:\Users\Shlomi\Desktop
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13550152 2013-05-30] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1308232 2013-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo Black Silk Input Device Main Program] - C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe [118272 2011-04-19] (Primax Electronics Ltd.)
HKLM\...\Run: [Classic Start Menu] - C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-04-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LVT] - C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [Lenovo Eye Distance System] - C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [270680 2012-07-19] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] - C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe [1753432 2012-09-18] (Lenovo)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-31] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2014-02-02] (RealNetworks, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-21-424950133-3584039098-4252772914-1002\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-01-31] (Google Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ynet.co.il/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://home.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
SearchScopes: HKLM - {F0CA0484-E725-4EC5-ACE7-C9F3A5A7BC7D} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {F0CA0484-E725-4EC5-ACE7-C9F3A5A7BC7D} URL = http://www.bing.com/...E10TR&pc=MALNJS
SearchScopes: HKCU - {F0CA0484-E725-4EC5-ACE7-C9F3A5A7BC7D} URL =
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 213.57.2.5 192.168.123.254

FireFox:
========
FF ProfilePath: C:\Users\Shlomi\AppData\Roaming\Mozilla\Firefox\Profiles\i4qccxnu.default
FF Homepage: www.ynet.co.il
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-31]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-02-02]

Chrome:
=======
CHR HomePage: hxxp://www.ynet.co.il/home/0,7340,L-8,00.html
CHR DefaultSearchKeyword: google.co.il
CHR Extension: (Google Docs) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-31]
CHR Extension: (Google Drive) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-31]
CHR Extension: (YouTube) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-31]
CHR Extension: (Google Search) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-31]
CHR Extension: (Block Yourself from Analytics) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadgflmigmogfionelcpalhohefbnehm [2014-02-01]
CHR Extension: (avast! Online Security) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-31]
CHR Extension: (RealDownloader) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-02-02]
CHR Extension: (FastestFox for Chrome) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2014-02-01]
CHR Extension: (Google Wallet) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-31]
CHR Extension: (Gmail) - C:\Users\Shlomi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-31]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-18] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-31] (AVAST Software)
R2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [25936 2013-03-22] (Microsoft)
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-26] ()
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-14] (Nitro PDF Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-01-31] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-01-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-31] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-01-31] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-01-31] (AVAST Software)
S3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-01-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-31] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-02-04] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-23] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-02-04] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232576 2012-09-24] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [15872 2013-04-22] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-03] (Exent Technologies Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-25 20:32 - 2014-02-25 20:32 - 00987425 _____ () C:\Users\Shlomi\Desktop\SecurityCheck.exe
2014-02-25 18:42 - 2014-02-25 18:42 - 02347384 _____ (ESET) C:\Users\Shlomi\Desktop\esetsmartinstaller_enu.exe
2014-02-25 18:42 - 2014-02-25 18:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-25 18:30 - 2014-02-25 18:30 - 00001132 ____C () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Malwarebytes
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 18:30 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-25 18:28 - 2014-02-25 18:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Shlomi\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-25 18:16 - 2014-02-25 18:16 - 00448512 _____ (OldTimer Tools) C:\Users\Shlomi\Desktop\TFC.exe
2014-02-23 22:42 - 2014-02-23 22:42 - 00000745 ____C () C:\Users\Shlomi\Desktop\JRT.txt
2014-02-23 22:30 - 2014-02-23 22:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-23 22:29 - 2014-02-23 22:29 - 01037734 _____ (Thisisu) C:\Users\Shlomi\Desktop\JRT.exe
2014-02-23 22:17 - 2014-02-23 23:58 - 00000000 ___DC () C:\AdwCleaner
2014-02-23 22:15 - 2014-02-23 22:15 - 01241834 _____ () C:\Users\Shlomi\Desktop\adwcleaner.exe
2014-02-23 22:14 - 2014-02-27 07:24 - 00000000 ___DC () C:\Users\Shlomi\Desktop\FRST-OlderVersion
2014-02-23 01:07 - 2014-02-26 20:44 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\ClassicShell
2014-02-23 01:06 - 2014-02-23 01:06 - 00002181 _____ () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2014-02-23 01:06 - 2014-02-23 01:06 - 00000000 ____D () C:\Program Files\Classic Shell
2014-02-23 01:05 - 2014-02-23 01:05 - 05631168 _____ (IvoSoft) C:\Users\Shlomi\Desktop\ClassicShellSetup_4_0_4.exe
2014-02-22 22:28 - 2014-02-23 22:47 - 00003578 ____C () C:\Users\Shlomi\Desktop\asw.txt
2014-02-22 22:28 - 2014-02-23 22:47 - 00000512 ____C () C:\Users\Shlomi\Desktop\MBR.dat
2014-02-22 22:27 - 2014-02-22 22:27 - 04745728 _____ (AVAST Software) C:\Users\Shlomi\Desktop\aswmbr.exe
2014-02-22 22:22 - 2014-02-22 22:24 - 00044807 ____C () C:\Users\Shlomi\Desktop\Addition.txt
2014-02-22 22:20 - 2014-02-27 07:24 - 00021908 ____C () C:\Users\Shlomi\Desktop\FRST.txt
2014-02-22 22:19 - 2014-02-27 07:24 - 00000000 ___DC () C:\FRST
2014-02-22 22:15 - 2014-02-27 07:24 - 02155520 ____C (Farbar) C:\Users\Shlomi\Desktop\FRST64.exe
2014-02-21 16:46 - 2014-02-21 16:46 - 00118149 ____C () C:\Users\Shlomi\Downloads\wmpChrome.crx
2014-02-20 21:35 - 2014-02-20 21:35 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-02-15 11:25 - 2014-02-15 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 00:16 - 2012-08-01 21:16 - 427196718 ____C () C:\Users\Shlomi\Desktop\Extreme Engineering 1x07 Building Hong Kong's Airport - YouTube.mp4
2014-02-14 00:16 - 2012-08-01 21:16 - 217844079 ____C () C:\Users\Shlomi\Desktop\Extreme Engineering 1x07 Building Hong Kong's Airport - YouTube.flv
2014-02-12 09:09 - 2014-01-07 07:00 - 02397184 ____C (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 09:09 - 2014-01-07 06:30 - 02071552 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 09:09 - 2013-12-09 02:27 - 02152448 ____C (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 09:09 - 2013-12-09 02:19 - 00570880 ____C (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 09:09 - 2013-12-09 01:55 - 00444928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 09:09 - 2013-12-09 01:54 - 01317376 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 09:09 - 2013-11-21 08:42 - 04604416 ____C (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 09:09 - 2013-11-21 07:44 - 03936256 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 09:08 - 2014-02-06 14:16 - 23170048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 09:08 - 2014-02-06 13:30 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 09:08 - 2014-02-06 13:30 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 09:08 - 2014-02-06 13:12 - 02765824 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 09:08 - 2014-02-06 13:07 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 09:08 - 2014-02-06 13:06 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 09:08 - 2014-02-06 12:57 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 09:08 - 2014-02-06 12:56 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 09:08 - 2014-02-06 12:49 - 00139264 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 09:08 - 2014-02-06 12:48 - 00708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 09:08 - 2014-02-06 12:48 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 09:08 - 2014-02-06 12:38 - 17103872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 09:08 - 2014-02-06 12:32 - 00218624 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 09:08 - 2014-02-06 12:20 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 09:08 - 2014-02-06 12:17 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 09:08 - 2014-02-06 12:11 - 05768704 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 09:08 - 2014-02-06 12:01 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 09:08 - 2014-02-06 12:00 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 09:08 - 2014-02-06 11:57 - 02168320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 09:08 - 2014-02-06 11:57 - 00627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 09:08 - 2014-02-06 11:52 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 09:08 - 2014-02-06 11:52 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 09:08 - 2014-02-06 11:50 - 02041856 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 09:08 - 2014-02-06 11:47 - 00112128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 09:08 - 2014-02-06 11:46 - 00553472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 09:08 - 2014-02-06 11:25 - 04244480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 09:08 - 2014-02-06 11:25 - 00164864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 09:08 - 2014-02-06 11:24 - 02334208 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 09:08 - 2014-02-06 11:22 - 13051392 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 09:08 - 2014-02-06 11:13 - 00524288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 09:08 - 2014-02-06 11:09 - 01964032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 09:08 - 2014-02-06 11:03 - 11266048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 09:08 - 2014-02-06 10:55 - 01393664 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 09:08 - 2014-02-06 10:41 - 01820160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 09:08 - 2014-02-06 10:40 - 00817664 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 09:08 - 2014-02-06 10:36 - 01156096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 09:08 - 2014-02-06 10:34 - 00703488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 09:07 - 2014-01-04 22:50 - 01462216 ____C (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 09:07 - 2014-01-04 21:22 - 01202888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 09:07 - 2014-01-04 16:30 - 13209088 ____C (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 09:07 - 2014-01-04 16:23 - 11702272 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 09:07 - 2014-01-04 15:42 - 01105408 ____C (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 09:07 - 2014-01-04 15:40 - 07416832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 09:07 - 2014-01-04 15:36 - 00830976 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 09:07 - 2014-01-04 15:28 - 04961792 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 09:07 - 2013-12-21 04:10 - 00009701 ____C () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 09:07 - 2013-12-21 04:10 - 00009701 ____C () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 09:07 - 2013-12-09 04:57 - 00548864 ____C (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 09:07 - 2013-12-09 03:51 - 00454656 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-12 09:06 - 2014-01-07 09:03 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 09:06 - 2014-01-07 07:59 - 00017408 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 09:06 - 2013-12-20 12:10 - 01113040 ____C (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 09:06 - 2013-12-20 08:13 - 00835584 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 09:05 - 2014-01-09 10:25 - 02804224 ____C (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 09:05 - 2014-01-09 09:59 - 01020928 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 09:05 - 2014-01-09 09:59 - 00115712 ____C (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 09:05 - 2014-01-09 09:49 - 00919040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 09:05 - 2014-01-09 09:44 - 00720384 ____C (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 09:05 - 2014-01-09 09:43 - 00121344 ____C (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 09:05 - 2014-01-09 09:29 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 09:05 - 2014-01-09 09:28 - 04217344 ____C (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 09:05 - 2014-01-09 09:28 - 00628736 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 09:05 - 2014-01-09 09:18 - 00870912 ____C (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-10 23:29 - 2014-02-10 23:29 - 00002050 ____C () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-10 22:08 - 2014-02-10 22:08 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Nitro
2014-02-09 23:06 - 2014-02-09 23:06 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Macromedia
2014-02-09 23:03 - 2014-02-16 23:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-09 23:03 - 2014-02-09 23:04 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Mozilla
2014-02-09 23:03 - 2014-02-09 23:04 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Mozilla
2014-02-09 23:03 - 2014-02-09 23:03 - 00001170 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-09 23:03 - 2014-02-09 23:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-09 22:47 - 2014-02-09 22:47 - 00001852 ____C () C:\Users\Public\Desktop\Opera.lnk
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Opera
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Opera
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-02-09 22:45 - 2014-02-09 22:46 - 13156120 ____C (Opera Software ASA) C:\Users\Shlomi\Downloads\Opera_1216_int_Setup.exe
2014-02-05 04:47 - 2014-02-05 04:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-05 04:47 - 2014-02-05 04:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 _SHDC () C:\Recovery
2014-02-04 09:08 - 2014-02-03 23:44 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-04 09:06 - 2014-02-04 09:06 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-04 09:06 - 2014-02-04 09:06 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-04 09:05 - 2014-02-04 09:05 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-04 09:03 - 2014-02-04 09:03 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-04 09:03 - 2014-02-04 09:03 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-04 09:03 - 2014-02-04 09:03 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-04 09:01 - 2014-02-04 09:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-04 08:58 - 2014-02-03 23:27 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-04 08:57 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-02-04 08:57 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-02-04 08:57 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-02-04 08:57 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-02-04 08:57 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-02-04 08:57 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-02-04 01:03 - 2013-12-09 02:34 - 01227264 ____C (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-04 01:03 - 2013-12-09 02:04 - 00980480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-04 01:03 - 2013-11-27 17:34 - 03210528 ____C (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-04 01:03 - 2013-11-27 17:27 - 00809872 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-04 01:03 - 2013-11-27 16:00 - 00663680 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-04 01:03 - 2013-11-27 15:47 - 02804528 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-04 01:03 - 2013-11-27 14:02 - 00142848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-04 01:03 - 2013-11-27 12:54 - 00461824 ____C (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-04 01:03 - 2013-11-27 12:24 - 00306688 ____C (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-04 01:03 - 2013-11-27 12:08 - 00336384 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-04 01:03 - 2013-11-27 11:46 - 00273920 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-04 01:03 - 2013-11-27 11:41 - 00136704 ____C (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-04 01:03 - 2013-11-27 11:17 - 00263168 ____C (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-04 01:03 - 2013-11-27 11:10 - 00273408 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-04 01:03 - 2013-11-27 10:58 - 01503232 ____C (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-04 01:03 - 2013-11-27 10:56 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-04 01:03 - 2013-11-27 06:01 - 00385614 ____C () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-04 01:03 - 2013-11-26 15:22 - 01928144 ____C (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-04 01:03 - 2013-11-26 15:20 - 02131120 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-04 01:03 - 2013-11-26 15:20 - 01399176 ____C (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-04 01:03 - 2013-11-26 15:20 - 01374384 ____C (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-04 01:03 - 2013-11-26 13:50 - 01371312 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-04 01:03 - 2013-11-26 13:44 - 02142936 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-04 01:03 - 2013-11-26 13:44 - 01204968 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-04 01:03 - 2013-11-26 12:13 - 04191232 ____C (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-04 01:03 - 2013-11-26 11:21 - 18577920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-04 01:03 - 2013-11-26 10:28 - 13925888 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-04 01:03 - 2013-11-25 03:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-04 01:03 - 2013-11-25 03:32 - 01119064 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-04 01:03 - 2013-11-25 01:30 - 00513536 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-04 01:03 - 2013-11-25 01:28 - 00589824 ____C (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-04 01:03 - 2013-11-23 14:47 - 00032088 ____C (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-04 01:03 - 2013-11-23 13:49 - 21196664 ____C (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-04 01:03 - 2013-11-23 10:19 - 18642504 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-04 01:03 - 2013-11-23 09:13 - 00024064 ____C (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-04 01:03 - 2013-11-23 09:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-04 01:03 - 2013-11-23 09:08 - 00403456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-04 01:03 - 2013-11-23 06:50 - 00282112 ____C (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-04 01:03 - 2013-11-23 05:57 - 00637952 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-04 01:03 - 2013-11-23 05:48 - 00479744 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-04 01:03 - 2013-11-23 05:25 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-04 01:03 - 2013-11-23 05:25 - 00584192 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-04 01:03 - 2013-11-23 05:19 - 02617344 ____C (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-04 01:03 - 2013-11-23 05:15 - 02295808 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-04 01:03 - 2013-11-21 08:58 - 00207872 ____C (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-04 01:03 - 2013-11-21 08:26 - 01415680 ____C (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-04 01:03 - 2013-11-16 07:11 - 00764856 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-04 01:03 - 2013-11-15 20:19 - 00669344 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-04 01:03 - 2013-11-15 16:59 - 00470016 ____C (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-04 01:03 - 2013-11-15 16:25 - 00433664 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-04 01:03 - 2013-11-15 16:08 - 00202240 ____C (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-04 01:03 - 2013-11-15 15:24 - 00834048 ____C (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-04 01:03 - 2013-11-05 22:12 - 02551128 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-04 01:03 - 2013-10-31 02:29 - 00745336 ____C (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-04 01:03 - 2013-10-31 01:41 - 00552624 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-04 00:02 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-02-03 23:55 - 2014-02-03 23:55 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-02-03 23:55 - 2014-02-03 23:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-02-03 23:55 - 2014-02-03 23:55 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-02-03 23:54 - 2014-02-03 23:54 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-02-03 23:54 - 2014-02-03 23:54 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-02-03 23:53 - 2014-02-03 23:53 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-02-03 23:47 - 2014-02-25 18:26 - 00000000 __RDO () C:\Users\Shlomi\SkyDrive
2014-02-03 23:44 - 2014-02-03 23:44 - 00001453 _____ () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-03 23:44 - 2014-02-03 23:44 - 00000020 ___SH () C:\Users\Shlomi\ntuser.ini
2014-02-03 23:35 - 2014-02-27 04:30 - 01697913 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-03 23:34 - 2014-02-03 23:34 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-03 23:18 - 2014-02-03 23:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-03 23:16 - 2014-02-03 23:47 - 00000000 ____D () C:\Users\Shlomi
2014-02-03 23:16 - 2014-02-03 23:34 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-02-03 23:16 - 2014-02-03 23:34 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-02-03 23:16 - 2014-02-03 23:18 - 00000000 ___RD () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-03 23:16 - 2014-02-03 23:18 - 00000000 ___RD () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-03 23:16 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-02-03 23:16 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ___DC () C:\AMD
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\WINDOWS\VMC412
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\Realtek
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\AMD
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-02-03 22:28 - 2014-02-03 23:34 - 00006696 ____C () C:\WINDOWS\comsetup.log
2014-02-03 20:47 - 2014-02-17 22:37 - 00000059 ____C () C:\Users\Shlomi\Desktop\1.אסא.txt
2014-02-02 23:46 - 2014-02-25 18:26 - 00003366 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:46 - 2014-02-25 18:26 - 00003312 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:45 - 2014-02-02 23:45 - 00003386 ____C () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:03 - 2014-02-24 01:29 - 00003344 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:03 - 2014-02-24 01:29 - 00003290 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:01 - 2014-02-02 23:01 - 457815770 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-02 22:00 - 2014-02-02 22:00 - 00000000 ___HC () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-02-02 21:54 - 2014-02-02 22:00 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Apple Computer
2014-02-02 21:54 - 2014-02-02 21:54 - 00001794 ____C () C:\Users\Public\Desktop\iTunes.lnk
2014-02-02 21:54 - 2014-02-02 21:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Apple Computer
2014-02-02 21:54 - 2012-08-21 13:01 - 00033240 ____C (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-02-02 21:52 - 2014-02-02 21:53 - 00000000 ___DC () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-02 21:52 - 2014-02-02 21:53 - 00000000 ___DC () C:\Program Files\iTunes
2014-02-02 21:52 - 2014-02-02 21:53 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2014-02-02 21:52 - 2014-02-02 21:52 - 00000000 ___DC () C:\ProgramData\Apple Computer
2014-02-02 21:52 - 2014-02-02 21:52 - 00000000 ___DC () C:\Program Files\iPod
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\WINDOWS\System32\Tasks\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Program Files (x86)\Apple Software Update
2014-02-02 21:49 - 2014-02-02 21:50 - 00000000 ___DC () C:\ProgramData\Apple
2014-02-02 21:49 - 2014-02-02 21:49 - 00000000 ___DC () C:\Program Files\Bonjour
2014-02-02 21:49 - 2014-02-02 21:49 - 00000000 ___DC () C:\Program Files (x86)\Bonjour
2014-02-02 19:41 - 2014-02-02 19:41 - 00001275 ____C () C:\Users\Public\Desktop\RealPlayer.lnk
2014-02-02 19:41 - 2014-02-02 19:41 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\RealNetworks
2014-02-02 19:40 - 2014-02-02 19:41 - 00000000 ___DC () C:\Program Files (x86)\RealNetworks
2014-02-02 19:40 - 2014-02-02 19:40 - 00272896 ____C (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00201872 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00006656 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00005632 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00000000 ___DC () C:\ProgramData\RealNetworks
2014-02-02 19:40 - 2014-02-02 19:40 - 00000000 ___DC () C:\Program Files (x86)\Real
2014-02-02 19:39 - 2014-02-23 19:46 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Real
2014-02-02 19:37 - 2014-02-23 19:46 - 00000000 ___DC () C:\ProgramData\Real
2014-02-02 01:19 - 2014-02-02 01:19 - 00000000 ___DC () C:\ProgramData\WEBREG
2014-02-02 01:18 - 2014-02-02 01:20 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\HP
2014-02-02 01:18 - 2014-02-02 01:18 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\HP
2014-02-02 01:14 - 2014-02-03 23:25 - 00000000 ___DC () C:\WINDOWS\SysWOW64\spool
2014-02-02 01:14 - 2014-02-02 01:14 - 00001108 ____C () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ___DC () C:\ProgramData\HP Photo Creations
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ___DC () C:\Program Files (x86)\HP Photo Creations
2014-02-02 01:13 - 2014-02-09 01:20 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\HpUpdate
2014-02-02 01:12 - 2014-02-02 01:12 - 00001326 ____C () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-02-02 01:12 - 2014-02-02 01:12 - 00000000 ___DC () C:\ProgramData\HP Product Assistant
2014-02-02 01:11 - 2014-02-02 01:11 - 00001172 ____C () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-02-02 01:07 - 2014-02-02 01:14 - 00000000 ___DC () C:\Program Files (x86)\HP
2014-02-02 01:06 - 2014-02-02 01:19 - 00203610 ____C () C:\WINDOWS\hpoins19.dat
2014-02-02 01:06 - 2014-02-02 01:19 - 00000832 ____C () C:\ProgramData\hpzinstall.log
2014-02-02 01:06 - 2012-10-14 14:03 - 00015561 ____C () C:\WINDOWS\hpomdl19.dat
2014-02-02 01:05 - 2009-07-08 12:51 - 00861184 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpowiav1.dll
2014-02-02 01:05 - 2009-07-08 12:51 - 00730624 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpotscl1.dll
2014-02-02 01:05 - 2009-07-08 12:51 - 00498176 _____ (Hewlett-Packard Co.) C:\WINDOWS\system32\hpovst01.dll
2014-02-01 23:50 - 2014-02-01 23:50 - 00847344 ____C (Google Inc.) C:\Users\Shlomi\Downloads\ChromeSetup (1).exe
2014-02-01 23:49 - 2014-02-01 23:49 - 00847344 ____C (Google Inc.) C:\Users\Shlomi\Downloads\ChromeSetup.exe
2014-02-01 21:50 - 2014-02-22 12:32 - 00000000 ___DC () C:\FFOutput
2014-02-01 21:48 - 2014-02-03 23:27 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-02-01 21:48 - 2014-02-01 21:48 - 00001209 ____C () C:\Users\Shlomi\Desktop\Format Factory.lnk
2014-02-01 21:47 - 2014-02-01 21:47 - 00000000 ___DC () C:\Program Files (x86)\FreeTime
2014-02-01 21:12 - 2014-02-03 23:27 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-01 21:12 - 2014-02-01 21:12 - 00001117 ____C () C:\Users\Public\Desktop\Picasa 3.lnk
2014-02-01 21:10 - 2014-02-01 21:11 - 17660184 ____C (Google Inc.) C:\Users\Shlomi\Downloads\picasa39-setup.exe
2014-02-01 20:50 - 2014-02-02 01:20 - 00000000 ___DC () C:\ProgramData\HP
2014-02-01 20:49 - 2014-02-01 20:49 - 02338824 ____C () C:\Users\Shlomi\Downloads\hppiw.exe
2014-02-01 15:41 - 2014-02-24 19:00 - 00497664 __SHC () C:\Users\Shlomi\Desktop\Thumbs.db
2014-02-01 00:43 - 2014-02-24 18:50 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Skype
2014-02-01 00:43 - 2014-02-01 00:43 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Skype
2014-02-01 00:42 - 2014-02-01 00:42 - 00002697 ____C () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 00:42 - 2014-02-01 00:42 - 00000000 __RDC () C:\Program Files (x86)\Skype
2014-02-01 00:42 - 2014-02-01 00:42 - 00000000 ___DC () C:\ProgramData\Skype
2014-02-01 00:38 - 2014-02-01 00:38 - 00002917 ____C () C:\Users\Shlomi\Desktop\Microsoft Word 2010.lnk
2014-02-01 00:36 - 2014-02-27 06:35 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-01 00:36 - 2014-02-20 21:35 - 00003718 ____C () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-01-31 21:49 - 2014-02-16 22:17 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2014-01-31 21:49 - 2014-02-16 22:14 - 88567024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-31 21:00 - 2014-01-31 21:00 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-31 20:58 - 2014-01-31 20:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Sync Framework
2014-01-31 20:58 - 2014-01-31 20:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-31 20:53 - 2014-01-31 20:53 - 00000000 ___DC () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-31 20:50 - 2014-01-31 20:50 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-31 20:49 - 2014-01-31 20:49 - 00000000 ___DC () C:\Program Files\Microsoft Office
2014-01-31 20:47 - 2014-01-31 20:47 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Microsoft Help
2014-01-31 20:47 - 2014-01-31 20:47 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Analysis Services
2014-01-31 20:46 - 2014-02-12 20:12 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2014-01-31 20:45 - 2014-01-31 20:45 - 00000000 _RHDC () C:\MSOCache
2014-01-31 18:32 - 2014-01-31 19:32 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Google
2014-01-31 17:58 - 2014-01-31 17:58 - 00000000 ___HC () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-31 13:47 - 2014-01-31 13:47 - 00001977 ____C () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-31 13:47 - 2014-01-31 13:47 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\AVAST Software
2014-01-31 13:46 - 2014-02-27 06:02 - 00002214 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-31 13:46 - 2014-02-18 13:47 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-01-31 13:46 - 2014-01-31 13:46 - 00000000 ___DC () C:\ProgramData\Google
2014-01-31 13:46 - 2014-01-31 13:46 - 00000000 ___DC () C:\Program Files\Google
2014-01-31 13:45 - 2014-02-27 07:02 - 00000918 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 13:45 - 2014-02-27 06:02 - 00000914 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 13:45 - 2014-02-12 05:57 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-01-31 13:45 - 2014-02-12 05:57 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-01-31 13:45 - 2014-02-01 21:24 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Google
2014-01-31 13:45 - 2014-02-01 21:11 - 00000000 ___DC () C:\Program Files (x86)\Google
2014-01-31 13:45 - 2014-01-31 13:45 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-31 13:45 - 2014-01-31 13:45 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-31 13:45 - 2014-01-31 13:45 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-01-31 13:37 - 2014-01-31 13:37 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\wgvxqvuq.sys
2014-01-31 13:20 - 2014-01-31 13:20 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\njqlkmxh.sys
2014-01-31 13:17 - 2014-01-31 13:44 - 00000000 ___DC () C:\ProgramData\AVAST Software
2014-01-31 13:17 - 2014-01-31 13:17 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\okduzbru.sys
2014-01-31 13:10 - 2014-02-01 00:57 - 00000000 ___DC () C:\ldiag
2014-01-31 13:10 - 2014-01-31 13:17 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\LSC
2014-01-31 13:10 - 2014-01-31 13:10 - 00002002 ____C () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-01-31 13:10 - 2014-01-31 13:10 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\OEMSoftwareEngine
2014-01-31 13:02 - 2014-02-10 23:31 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Adobe
2014-01-31 13:02 - 2014-02-02 01:20 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Nitro PDF
2014-01-31 13:02 - 2014-01-31 13:02 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\LSC
2014-01-31 13:01 - 2014-02-27 06:07 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-424950133-3584039098-4252772914-1002
2014-01-31 12:58 - 2014-01-31 12:58 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\AMD
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\ATI
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\ATI
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\ProgramData\ATI
2014-01-31 12:54 - 2014-02-03 23:45 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-01-31 12:54 - 2014-01-31 12:55 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Lenovo
2014-01-31 12:54 - 2014-01-31 12:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Lenovo
2014-01-31 12:54 - 2014-01-31 12:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Power2Go
2014-01-31 12:53 - 2014-02-10 23:31 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Adobe
2014-01-31 12:53 - 2014-02-04 01:13 - 00000000 __RDC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-31 12:53 - 2014-02-04 01:13 - 00000000 __RDC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\VirtualStore
2014-01-31 12:51 - 2014-02-04 05:04 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Packages
2014-01-31 12:51 - 2013-09-15 01:34 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Macromedia

==================== One Month Modified Files and Folders =======

2014-02-27 07:24 - 2014-02-23 22:14 - 00000000 ___DC () C:\Users\Shlomi\Desktop\FRST-OlderVersion
2014-02-27 07:24 - 2014-02-22 22:20 - 00021908 ____C () C:\Users\Shlomi\Desktop\FRST.txt
2014-02-27 07:24 - 2014-02-22 22:19 - 00000000 ___DC () C:\FRST
2014-02-27 07:24 - 2014-02-22 22:15 - 02155520 ____C (Farbar) C:\Users\Shlomi\Desktop\FRST64.exe
2014-02-27 07:02 - 2014-01-31 13:45 - 00000918 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-27 07:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-27 06:35 - 2014-02-01 00:36 - 00000830 ____C () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-27 06:07 - 2014-01-31 13:01 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-424950133-3584039098-4252772914-1002
2014-02-27 06:02 - 2014-01-31 13:46 - 00002214 ____C () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-27 06:02 - 2014-01-31 13:45 - 00000914 ____C () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-27 04:30 - 2014-02-03 23:35 - 01697913 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-27 03:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-26 20:44 - 2014-02-23 01:07 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\ClassicShell
2014-02-25 20:32 - 2014-02-25 20:32 - 00987425 _____ () C:\Users\Shlomi\Desktop\SecurityCheck.exe
2014-02-25 18:42 - 2014-02-25 18:42 - 02347384 _____ (ESET) C:\Users\Shlomi\Desktop\esetsmartinstaller_enu.exe
2014-02-25 18:42 - 2014-02-25 18:42 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-02-25 18:32 - 2013-11-14 09:28 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-25 18:30 - 2014-02-25 18:30 - 00001132 ____C () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Malwarebytes
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-25 18:30 - 2014-02-25 18:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-25 18:29 - 2014-02-25 18:28 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Shlomi\Desktop\mbam-setup-1.75.0.1300.exe
2014-02-25 18:26 - 2014-02-03 23:47 - 00000000 __RDO () C:\Users\Shlomi\SkyDrive
2014-02-25 18:26 - 2014-02-02 23:46 - 00003366 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-25 18:26 - 2014-02-02 23:46 - 00003312 _____ () C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-25 18:25 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-25 18:24 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-25 18:16 - 2014-02-25 18:16 - 00448512 _____ (OldTimer Tools) C:\Users\Shlomi\Desktop\TFC.exe
2014-02-25 18:15 - 2013-09-15 01:04 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2014-02-24 19:00 - 2014-02-01 15:41 - 00497664 __SHC () C:\Users\Shlomi\Desktop\Thumbs.db
2014-02-24 18:50 - 2014-02-01 00:43 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Skype
2014-02-24 01:29 - 2014-02-02 23:03 - 00003344 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-24 01:29 - 2014-02-02 23:03 - 00003290 _____ () C:\WINDOWS\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-23 23:58 - 2014-02-23 22:17 - 00000000 ___DC () C:\AdwCleaner
2014-02-23 22:47 - 2014-02-22 22:28 - 00003578 ____C () C:\Users\Shlomi\Desktop\asw.txt
2014-02-23 22:47 - 2014-02-22 22:28 - 00000512 ____C () C:\Users\Shlomi\Desktop\MBR.dat
2014-02-23 22:42 - 2014-02-23 22:42 - 00000745 ____C () C:\Users\Shlomi\Desktop\JRT.txt
2014-02-23 22:30 - 2014-02-23 22:30 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-02-23 22:29 - 2014-02-23 22:29 - 01037734 _____ (Thisisu) C:\Users\Shlomi\Desktop\JRT.exe
2014-02-23 22:15 - 2014-02-23 22:15 - 01241834 _____ () C:\Users\Shlomi\Desktop\adwcleaner.exe
2014-02-23 19:46 - 2014-02-02 19:39 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Real
2014-02-23 19:46 - 2014-02-02 19:37 - 00000000 ___DC () C:\ProgramData\Real
2014-02-23 01:06 - 2014-02-23 01:06 - 00002181 _____ () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2014-02-23 01:06 - 2014-02-23 01:06 - 00000000 ____D () C:\Program Files\Classic Shell
2014-02-23 01:05 - 2014-02-23 01:05 - 05631168 _____ (IvoSoft) C:\Users\Shlomi\Desktop\ClassicShellSetup_4_0_4.exe
2014-02-22 22:27 - 2014-02-22 22:27 - 04745728 _____ (AVAST Software) C:\Users\Shlomi\Desktop\aswmbr.exe
2014-02-22 22:24 - 2014-02-22 22:22 - 00044807 ____C () C:\Users\Shlomi\Desktop\Addition.txt
2014-02-22 12:32 - 2014-02-01 21:50 - 00000000 ___DC () C:\FFOutput
2014-02-21 16:46 - 2014-02-21 16:46 - 00118149 ____C () C:\Users\Shlomi\Downloads\wmpChrome.crx
2014-02-20 21:35 - 2014-02-20 21:35 - 17858952 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-02-20 21:35 - 2014-02-01 00:36 - 00003718 ____C () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-02-18 13:47 - 2014-01-31 13:46 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-02-17 23:00 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 23:00 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 22:37 - 2014-02-03 20:47 - 00000059 ____C () C:\Users\Shlomi\Desktop\1.אסא.txt
2014-02-16 23:49 - 2014-02-09 23:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-16 22:17 - 2014-01-31 21:49 - 00000000 ___DC () C:\WINDOWS\system32\MRT
2014-02-16 22:14 - 2014-01-31 21:49 - 88567024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-15 11:25 - 2014-02-15 11:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 04:31 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-14 20:28 - 2013-11-14 09:20 - 00006100 _____ () C:\WINDOWS\PFRO.log
2014-02-14 20:26 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-14 20:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-14 20:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-14 20:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-14 20:24 - 2013-08-22 16:46 - 00289957 _____ () C:\WINDOWS\setupact.log
2014-02-12 20:12 - 2014-01-31 20:46 - 00000000 ___DC () C:\ProgramData\Microsoft Help
2014-02-12 19:59 - 2012-07-26 07:26 - 00000202 ____C () C:\WINDOWS\win.ini
2014-02-12 05:57 - 2014-01-31 13:45 - 00003890 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 05:57 - 2014-01-31 13:45 - 00003654 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 23:31 - 2014-01-31 13:02 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Adobe
2014-02-10 23:31 - 2014-01-31 12:53 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Adobe
2014-02-10 23:31 - 2013-09-15 01:34 - 00000000 ___DC () C:\ProgramData\Adobe
2014-02-10 23:29 - 2014-02-10 23:29 - 00002050 ____C () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-10 23:28 - 2013-09-15 01:34 - 00000000 ___DC () C:\Program Files (x86)\Adobe
2014-02-10 22:08 - 2014-02-10 22:08 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Nitro
2014-02-09 23:06 - 2014-02-09 23:06 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Macromedia
2014-02-09 23:04 - 2014-02-09 23:03 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Mozilla
2014-02-09 23:04 - 2014-02-09 23:03 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Mozilla
2014-02-09 23:03 - 2014-02-09 23:03 - 00001170 ____C () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-09 23:03 - 2014-02-09 23:03 - 00000000 ____D () C:\ProgramData\Mozilla
2014-02-09 22:47 - 2014-02-09 22:47 - 00001852 ____C () C:\Users\Public\Desktop\Opera.lnk
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Users\Shlomi\AppData\Roaming\Opera
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Users\Shlomi\AppData\Local\Opera
2014-02-09 22:47 - 2014-02-09 22:47 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-02-09 22:46 - 2014-02-09 22:45 - 13156120 ____C (Opera Software ASA) C:\Users\Shlomi\Downloads\Opera_1216_int_Setup.exe
2014-02-09 01:20 - 2014-02-02 01:13 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\HpUpdate
2014-02-06 17:59 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-02-06 14:16 - 2014-02-12 09:08 - 23170048 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 13:30 - 2014-02-12 09:08 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 13:30 - 2014-02-12 09:08 - 00004096 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 13:12 - 2014-02-12 09:08 - 02765824 ____C (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 13:07 - 2014-02-12 09:08 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 13:06 - 2014-02-12 09:08 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 12:57 - 2014-02-12 09:08 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 12:56 - 2014-02-12 09:08 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 12:49 - 2014-02-12 09:08 - 00139264 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 12:48 - 2014-02-12 09:08 - 00708608 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 12:48 - 2014-02-12 09:08 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 12:38 - 2014-02-12 09:08 - 17103872 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 12:32 - 2014-02-12 09:08 - 00218624 ____C (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 12:20 - 2014-02-12 09:08 - 02724864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 12:17 - 2014-02-12 09:08 - 00195584 ____C (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 12:11 - 2014-02-12 09:08 - 05768704 ____C (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 12:01 - 2014-02-12 09:08 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 12:00 - 2014-02-12 09:08 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 09:08 - 02168320 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 11:57 - 2014-02-12 09:08 - 00627200 ____C (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 11:52 - 2014-02-12 09:08 - 00043008 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 11:52 - 2014-02-12 09:08 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 11:50 - 2014-02-12 09:08 - 02041856 ____C (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 11:47 - 2014-02-12 09:08 - 00112128 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 11:46 - 2014-02-12 09:08 - 00553472 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 11:25 - 2014-02-12 09:08 - 04244480 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 11:25 - 2014-02-12 09:08 - 00164864 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 11:24 - 2014-02-12 09:08 - 02334208 ____C (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 11:22 - 2014-02-12 09:08 - 13051392 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 11:13 - 2014-02-12 09:08 - 00524288 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 11:09 - 2014-02-12 09:08 - 01964032 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 11:03 - 2014-02-12 09:08 - 11266048 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 10:55 - 2014-02-12 09:08 - 01393664 ____C (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 10:41 - 2014-02-12 09:08 - 01820160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 10:40 - 2014-02-12 09:08 - 00817664 ____C (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 10:36 - 2014-02-12 09:08 - 01156096 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 10:34 - 2014-02-12 09:08 - 00703488 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 04:47 - 2014-02-05 04:47 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-02-05 04:47 - 2014-02-05 04:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-02-04 09:08 - 2014-02-04 09:08 - 00000000 _SHDC () C:\Recovery
2014-02-04 09:06 - 2014-02-04 09:06 - 00075360 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-02-04 09:06 - 2014-02-04 09:06 - 00070680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-02-04 09:06 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-02-04 09:05 - 2014-02-04 09:05 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-02-04 09:05 - 2014-02-04 09:05 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-02-04 09:05 - 2014-02-04 09:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-02-04 09:05 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-04 09:03 - 2014-02-04 09:03 - 07399256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 02896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02570240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02143744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01843712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01765384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01765376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 01756160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01642016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-02-04 09:03 - 2014-02-04 09:03 - 01530200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 01506680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01476184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-02-04 09:03 - 2014-02-04 09:03 - 01391104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-02-04 09:03 - 2014-02-04 09:03 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00516496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00372568 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00358896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-02-04 09:03 - 2014-02-04 09:03 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\SerCx2.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00086872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00039768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-02-04 09:03 - 2014-02-04 09:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-02-04 09:03 - 2014-02-04 09:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2014-02-04 09:01 - 2014-02-04 09:01 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files\MSBuild
2014-02-04 08:58 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-02-04 05:04 - 2014-01-31 12:51 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Packages
2014-02-04 01:13 - 2014-01-31 12:53 - 00000000 __RDC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-04 01:13 - 2014-01-31 12:53 - 00000000 __RDC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-04 01:12 - 2013-08-22 16:44 - 00514744 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-04 01:10 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-04 01:10 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-03 23:55 - 2014-02-03 23:55 - 00003118 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe
2014-02-03 23:55 - 2014-02-03 23:55 - 00003092 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe
2014-02-03 23:55 - 2014-02-03 23:55 - 00003090 _____ () C:\WINDOWS\System32\Tasks\Microsoft_Hardware_Launch_itype_exe
2014-02-03 23:54 - 2014-02-03 23:54 - 00003062 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-02-03 23:54 - 2014-02-03 23:54 - 00003060 _____ () C:\WINDOWS\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-02-03 23:53 - 2014-02-03 23:53 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-02-03 23:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-02-03 23:47 - 2014-02-03 23:16 - 00000000 ____D () C:\Users\Shlomi
2014-02-03 23:45 - 2014-01-31 12:54 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-02-03 23:44 - 2014-02-04 09:08 - 00000000 ___DC () C:\WINDOWS\Panther
2014-02-03 23:44 - 2014-02-03 23:44 - 00001453 _____ () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-02-03 23:44 - 2014-02-03 23:44 - 00000020 ___SH () C:\Users\Shlomi\ntuser.ini
2014-02-03 23:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-03 23:34 - 2014-02-03 23:34 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-02-03 23:34 - 2014-02-03 23:16 - 00024768 _____ () C:\WINDOWS\diagwrn.xml
2014-02-03 23:34 - 2014-02-03 23:16 - 00024768 _____ () C:\WINDOWS\diagerr.xml
2014-02-03 23:34 - 2014-02-03 22:28 - 00006696 ____C () C:\WINDOWS\comsetup.log
2014-02-03 23:31 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-03 23:27 - 2014-02-04 08:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-02-03 23:27 - 2014-02-01 21:48 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2014-02-03 23:27 - 2014-02-01 21:12 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-03 23:27 - 2013-11-14 09:17 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-02-03 23:27 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-02-03 23:27 - 2013-08-22 15:25 - 00008192 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-03 23:25 - 2014-02-03 23:25 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-02-03 23:25 - 2014-02-02 01:14 - 00000000 ___DC () C:\WINDOWS\SysWOW64\spool
2014-02-03 23:25 - 2013-09-15 00:58 - 00000000 ___DC () C:\WINDOWS\SysWOW64\sda
2014-02-03 23:25 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-02-03 23:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-02-03 23:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-02-03 23:25 - 2012-07-26 07:37 - 00000000 ___DC () C:\Users\Default.migrated
2014-02-03 23:24 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-02-03 23:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-02-03 23:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-03 23:23 - 2012-10-10 01:10 - 00000000 ___DC () C:\ProgramData\PRICache
2014-02-03 23:18 - 2014-02-03 23:18 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-02-03 23:18 - 2014-02-03 23:16 - 00000000 ___RD () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-02-03 23:18 - 2014-02-03 23:16 - 00000000 ___RD () C:\Users\Shlomi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-02-03 23:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ___DC () C:\AMD
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\WINDOWS\VMC412
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\Realtek
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 ____D () C:\Program Files\AMD
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-02-03 23:10 - 2014-02-03 23:10 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-02-03 23:09 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-02-03 22:50 - 2013-09-15 00:53 - 01981838 ____C () C:\WINDOWS\WindowsUpdate (1).log
2014-02-03 21:56 - 2012-07-26 10:12 - 00000000 ___DC () C:\WINDOWS\AUInstallAgent
2014-02-02 23:45 - 2014-02-02 23:45 - 00003386 ____C () C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002
2014-02-02 23:01 - 2014-02-02 23:01 - 457815770 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-02 22:00 - 2014-02-02 22:00 - 00000000 ___HC () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-02-02 22:00 - 2014-02-02 21:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Apple Computer
2014-02-02 21:54 - 2014-02-02 21:54 - 00001794 ____C () C:\Users\Public\Desktop\iTunes.lnk
2014-02-02 21:54 - 2014-02-02 21:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Apple Computer
2014-02-02 21:53 - 2014-02-02 21:52 - 00000000 ___DC () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-02 21:53 - 2014-02-02 21:52 - 00000000 ___DC () C:\Program Files\iTunes
2014-02-02 21:53 - 2014-02-02 21:52 - 00000000 ___DC () C:\Program Files (x86)\iTunes
2014-02-02 21:52 - 2014-02-02 21:52 - 00000000 ___DC () C:\ProgramData\Apple Computer
2014-02-02 21:52 - 2014-02-02 21:52 - 00000000 ___DC () C:\Program Files\iPod
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\WINDOWS\System32\Tasks\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Program Files\Common Files\Apple
2014-02-02 21:50 - 2014-02-02 21:50 - 00000000 ___DC () C:\Program Files (x86)\Apple Software Update
2014-02-02 21:50 - 2014-02-02 21:49 - 00000000 ___DC () C:\ProgramData\Apple
2014-02-02 21:49 - 2014-02-02 21:49 - 00000000 ___DC () C:\Program Files\Bonjour
2014-02-02 21:49 - 2014-02-02 21:49 - 00000000 ___DC () C:\Program Files (x86)\Bonjour
2014-02-02 19:41 - 2014-02-02 19:41 - 00001275 ____C () C:\Users\Public\Desktop\RealPlayer.lnk
2014-02-02 19:41 - 2014-02-02 19:41 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\RealNetworks
2014-02-02 19:41 - 2014-02-02 19:40 - 00000000 ___DC () C:\Program Files (x86)\RealNetworks
2014-02-02 19:40 - 2014-02-02 19:40 - 00272896 ____C (Progressive Networks) C:\WINDOWS\SysWOW64\pncrt.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00201872 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00006656 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5016.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00005632 ____C (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\pndx5032.dll
2014-02-02 19:40 - 2014-02-02 19:40 - 00000000 ___DC () C:\ProgramData\RealNetworks
2014-02-02 19:40 - 2014-02-02 19:40 - 00000000 ___DC () C:\Program Files (x86)\Real
2014-02-02 19:40 - 2013-09-15 01:27 - 00499712 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll
2014-02-02 19:40 - 2013-09-15 01:27 - 00348160 ____C (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2014-02-02 01:20 - 2014-02-02 01:18 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\HP
2014-02-02 01:20 - 2014-02-01 20:50 - 00000000 ___DC () C:\ProgramData\HP
2014-02-02 01:20 - 2014-01-31 13:02 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Nitro PDF
2014-02-02 01:19 - 2014-02-02 01:19 - 00000000 ___DC () C:\ProgramData\WEBREG
2014-02-02 01:19 - 2014-02-02 01:06 - 00203610 ____C () C:\WINDOWS\hpoins19.dat
2014-02-02 01:19 - 2014-02-02 01:06 - 00000832 ____C () C:\ProgramData\hpzinstall.log
2014-02-02 01:18 - 2014-02-02 01:18 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\HP
2014-02-02 01:14 - 2014-02-02 01:14 - 00001108 ____C () C:\Users\Public\Desktop\HP Photo Creations.lnk
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ___DC () C:\ProgramData\HP Photo Creations
2014-02-02 01:14 - 2014-02-02 01:14 - 00000000 ___DC () C:\Program Files (x86)\HP Photo Creations
2014-02-02 01:14 - 2014-02-02 01:07 - 00000000 ___DC () C:\Program Files (x86)\HP
2014-02-02 01:12 - 2014-02-02 01:12 - 00001326 ____C () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-02-02 01:12 - 2014-02-02 01:12 - 00000000 ___DC () C:\ProgramData\HP Product Assistant
2014-02-02 01:11 - 2014-02-02 01:11 - 00001172 ____C () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-02-01 23:50 - 2014-02-01 23:50 - 00847344 ____C (Google Inc.) C:\Users\Shlomi\Downloads\ChromeSetup (1).exe
2014-02-01 23:49 - 2014-02-01 23:49 - 00847344 ____C (Google Inc.) C:\Users\Shlomi\Downloads\ChromeSetup.exe
2014-02-01 21:48 - 2014-02-01 21:48 - 00001209 ____C () C:\Users\Shlomi\Desktop\Format Factory.lnk
2014-02-01 21:47 - 2014-02-01 21:47 - 00000000 ___DC () C:\Program Files (x86)\FreeTime
2014-02-01 21:24 - 2014-01-31 13:45 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Google
2014-02-01 21:12 - 2014-02-01 21:12 - 00001117 ____C () C:\Users\Public\Desktop\Picasa 3.lnk
2014-02-01 21:11 - 2014-02-01 21:10 - 17660184 ____C (Google Inc.) C:\Users\Shlomi\Downloads\picasa39-setup.exe
2014-02-01 21:11 - 2014-01-31 13:45 - 00000000 ___DC () C:\Program Files (x86)\Google
2014-02-01 20:49 - 2014-02-01 20:49 - 02338824 ____C () C:\Users\Shlomi\Downloads\hppiw.exe
2014-02-01 00:57 - 2014-01-31 13:10 - 00000000 ___DC () C:\ldiag
2014-02-01 00:43 - 2014-02-01 00:43 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Skype
2014-02-01 00:42 - 2014-02-01 00:42 - 00002697 ____C () C:\Users\Public\Desktop\Skype.lnk
2014-02-01 00:42 - 2014-02-01 00:42 - 00000000 __RDC () C:\Program Files (x86)\Skype
2014-02-01 00:42 - 2014-02-01 00:42 - 00000000 ___DC () C:\ProgramData\Skype
2014-02-01 00:38 - 2014-02-01 00:38 - 00002917 ____C () C:\Users\Shlomi\Desktop\Microsoft Word 2010.lnk
2014-01-31 21:00 - 2014-01-31 21:00 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Synchronization Services
2014-01-31 20:58 - 2014-01-31 20:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Sync Framework
2014-01-31 20:58 - 2014-01-31 20:58 - 00000000 ___DC () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-01-31 20:58 - 2013-09-15 01:12 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Office
2014-01-31 20:53 - 2014-01-31 20:53 - 00000000 ___DC () C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-01-31 20:50 - 2014-01-31 20:50 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-01-31 20:49 - 2014-01-31 20:49 - 00000000 ___DC () C:\Program Files\Microsoft Office
2014-01-31 20:47 - 2014-01-31 20:47 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Microsoft Help
2014-01-31 20:47 - 2014-01-31 20:47 - 00000000 ___DC () C:\Program Files (x86)\Microsoft Analysis Services
2014-01-31 20:45 - 2014-01-31 20:45 - 00000000 _RHDC () C:\MSOCache
2014-01-31 19:32 - 2014-01-31 18:32 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Google
2014-01-31 17:58 - 2014-01-31 17:58 - 00000000 ___HC () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-01-31 13:47 - 2014-01-31 13:47 - 00001977 ____C () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-31 13:47 - 2014-01-31 13:47 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\AVAST Software
2014-01-31 13:46 - 2014-01-31 13:46 - 00000000 ___DC () C:\ProgramData\Google
2014-01-31 13:46 - 2014-01-31 13:46 - 00000000 ___DC () C:\Program Files\Google
2014-01-31 13:45 - 2014-01-31 13:45 - 01038072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00421704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00334136 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-01-31 13:45 - 2014-01-31 13:45 - 00207904 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00092544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00080184 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00078648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-01-31 13:45 - 2014-01-31 13:45 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-01-31 13:45 - 2014-01-31 13:45 - 00000000 ___DC () C:\Program Files\AVAST Software
2014-01-31 13:44 - 2014-01-31 13:17 - 00000000 ___DC () C:\ProgramData\AVAST Software
2014-01-31 13:40 - 2013-09-15 01:12 - 00000000 ___DC () C:\ProgramData\McAfee
2014-01-31 13:37 - 2014-01-31 13:37 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\wgvxqvuq.sys
2014-01-31 13:20 - 2014-01-31 13:20 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\njqlkmxh.sys
2014-01-31 13:17 - 2014-01-31 13:17 - 00421704 ____C (AVAST Software) C:\WINDOWS\system32\Drivers\okduzbru.sys
2014-01-31 13:17 - 2014-01-31 13:10 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\LSC
2014-01-31 13:10 - 2014-01-31 13:10 - 00002002 ____C () C:\Users\Public\Desktop\Lenovo Solution Center.lnk
2014-01-31 13:10 - 2014-01-31 13:10 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\OEMSoftwareEngine
2014-01-31 13:10 - 2013-09-15 01:01 - 00000000 ___DC () C:\Program Files\Lenovo
2014-01-31 13:08 - 2013-09-15 01:34 - 00000000 ___DC () C:\WINDOWS\Downloaded Installations
2014-01-31 13:02 - 2014-01-31 13:02 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\LSC
2014-01-31 12:58 - 2014-01-31 12:58 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\AMD
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\ATI
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\ATI
2014-01-31 12:56 - 2014-01-31 12:56 - 00000000 ___DC () C:\ProgramData\ATI
2014-01-31 12:55 - 2014-01-31 12:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Lenovo
2014-01-31 12:54 - 2014-01-31 12:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Roaming\Lenovo
2014-01-31 12:54 - 2014-01-31 12:54 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\Power2Go
2014-01-31 12:53 - 2013-09-15 02:41 - 00077479 ___HC () C:\WINDOWS\modules.log
2014-01-31 12:52 - 2014-01-31 12:52 - 00000000 ___DC () C:\Users\Shlomi\AppData\Local\VirtualStore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-27 03:56

==================== End Of Log ============================

[pystryker]

Let's take a deeper look at your system and make sure nothing is hiding.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
  
• Put a checkmark beside loaded modules.
  
  
  
• A reboot will be needed to apply the changes. Do it.
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
• Then click on Change parameters in TDSSKiller.
• Check all boxes then click OK.
  
  
  
• Click the Start Scan button.
  
  
  
• The scan should take no longer than 2 minutes.
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
  
  
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

[assaf1]

Hi

Here is the log you asked for.

Thanks

20:17:55.0690 3708 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:17:55.0690 3708 UEFI system
20:17:56.0971 3708 ============================================================
20:17:56.0971 3708 Current date / time: 2014/02/27 20:17:56.0971
20:17:56.0971 3708 SystemInfo:
20:17:56.0971 3708
20:17:56.0971 3708 OS Version: 6.2.9200 ServicePack: 0.0
20:17:56.0971 3708 Product type: Workstation
20:17:56.0987 3708 ComputerName: SHLOMI-PC
20:17:56.0987 3708 UserName: Shlomi
20:17:56.0987 3708 Windows directory: C:\WINDOWS
20:17:56.0987 3708 System windows directory: C:\WINDOWS
20:17:56.0987 3708 Running under WOW64
20:17:56.0987 3708 Processor architecture: Intel x64
20:17:56.0987 3708 Number of processors: 2
20:17:56.0987 3708 Page size: 0x1000
20:17:56.0987 3708 Boot type: Normal boot
20:17:56.0987 3708 ============================================================
20:17:57.0221 3708 BG loaded
20:17:57.0674 3708 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:17:57.0674 3708 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:17:57.0674 3708 ============================================================
20:17:57.0674 3708 \Device\Harddisk0\DR0:
20:17:57.0690 3708 GPT partitions:
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {570E4157-BDAF-4A9C-B02B-0E36F080BEF0}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C6367F81-71B0-4C83-B2D2-115BE1933E20}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {A284E545-36C7-4B42-8317-856FF58F0FFE}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BCD15355-EF8D-4FA1-BBEC-0F630B634B3A}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C051DB7D-8B3C-4F25-B5EB-5291955B5A3C}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x711D3000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9861E47F-865B-49DB-8363-AD279D6EFAB2}, Name: , StartLBA 0x71583800, BlocksNum 0xAF000
20:17:57.0690 3708 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {41A4F5E5-FDE7-4B53-8E9C-51D4ABD3225C}, Name: , StartLBA 0x71632800, BlocksNum 0x30D4000
20:17:57.0690 3708 MBR partitions:
20:17:57.0690 3708 \Device\Harddisk1\DR1:
20:17:57.0690 3708 MBR partitions:
20:17:57.0690 3708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
20:17:57.0690 3708 ============================================================
20:17:57.0721 3708 C: <-> \Device\Harddisk0\DR0\Partition5
20:17:57.0752 3708 E: <-> \Device\Harddisk1\DR1\Partition1
20:17:57.0752 3708 ============================================================
20:17:57.0752 3708 Initialize success
20:17:57.0752 3708 ============================================================
20:19:53.0528 5992 ============================================================
20:19:53.0528 5992 Scan started
20:19:53.0528 5992 Mode: Manual; SigCheck; TDLFS;
20:19:53.0528 5992 ============================================================
20:19:54.0262 5992 ================ Scan system memory ========================
20:19:54.0262 5992 System memory - ok
20:19:54.0262 5992 ================ Scan services =============================
20:19:54.0403 5992 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
20:19:54.0528 5992 1394ohci - ok
20:19:54.0543 5992 Suspicious service (Hidden): 25326564
20:19:54.0559 5992 25326564 ( HiddenService.Multi.Generic ) - warning
20:19:54.0559 5992 25326564 - detected HiddenService.Multi.Generic (1)
20:19:54.0590 5992 [ AD508A1A46EC21B740AB31C28EFDFDB1 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
20:19:54.0606 5992 3ware - ok
20:19:54.0637 5992 [ 3D30878A269D934100FA5F972E53AF39 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
20:19:54.0684 5992 ACPI - ok
20:19:54.0700 5992 [ AC8279D229398BCF05C3154ADCA86813 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
20:19:54.0731 5992 acpiex - ok
20:19:54.0746 5992 [ A8970D9BF23CD309E0403978A1B58F3F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
20:19:54.0778 5992 acpipagr - ok
20:19:54.0793 5992 [ 111A89C99C5B4F1A7BCE5F643DD86F65 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
20:19:54.0825 5992 AcpiPmi - ok
20:19:54.0840 5992 [ 5758387D68A20AE7D3245011B07E36E7 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
20:19:54.0887 5992 acpitime - ok
20:19:54.0934 5992 [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:19:54.0950 5992 AdobeARMservice - ok
20:19:55.0028 5992 [ F7AB315A4D400CA876381D1E188A2E20 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:19:55.0043 5992 AdobeFlashPlayerUpdateSvc - ok
20:19:55.0075 5992 [ 7C1FDF1B48298CBA7CE4BDD4978951AD ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:19:55.0137 5992 ADP80XX - ok
20:19:55.0168 5992 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
20:19:55.0231 5992 AeLookupSvc - ok
20:19:55.0246 5992 [ 239268BAB58EAE9A3FF4E08334C00451 ] AFD C:\WINDOWS\system32\drivers\afd.sys
20:19:55.0309 5992 AFD - ok
20:19:55.0325 5992 [ 7DFAEBA9AD62D20102B576D5CAC45EC8 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
20:19:55.0356 5992 agp440 - ok
20:19:55.0371 5992 [ 8E8E34B7BA059050EED827410D0697A2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:19:55.0434 5992 ahcache - ok
20:19:55.0465 5992 [ A91D8E1E433EFB32551BCE69037E1CE7 ] ALG C:\WINDOWS\System32\alg.exe
20:19:55.0512 5992 ALG - ok
20:19:55.0543 5992 [ 66B54471B5856E314947881E28263A6D ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:19:55.0621 5992 AMD External Events Utility - ok
20:19:55.0653 5992 AMD FUEL Service - ok
20:19:55.0668 5992 [ 7589DE749DB6F71A68489DCE04158729 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
20:19:55.0715 5992 AmdK8 - ok
20:19:55.0918 5992 [ FBB35875FEFE53D4280259842069ED72 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
20:19:56.0278 5992 amdkmdag - ok
20:19:56.0309 5992 [ A32BCAD9377E3B75D034CAFBA463A0AE ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:19:56.0356 5992 amdkmdap - ok
20:19:56.0403 5992 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
20:19:56.0418 5992 AmdPPM - ok
20:19:56.0450 5992 [ D2BF2F94A47D332814910FD47C6BBCD2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
20:19:56.0465 5992 amdsata - ok
20:19:56.0496 5992 [ A8E04943C7BBA7219AA50400272C3C6E ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
20:19:56.0528 5992 amdsbs - ok
20:19:56.0528 5992 [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
20:19:56.0559 5992 amdxata - ok
20:19:56.0575 5992 [ 0E6F9683928F99DF16E0E7924E4807D9 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
20:19:56.0621 5992 amd_sata - ok
20:19:56.0637 5992 [ F9254DE6FA0A2782A4810726F2D677EF ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
20:19:56.0653 5992 amd_xata - ok
20:19:56.0684 5992 [ 04951A9A937CBE28A2D3FEEA360B6D1F ] AppID C:\WINDOWS\system32\drivers\appid.sys
20:19:56.0731 5992 AppID - ok
20:19:56.0762 5992 [ C0DC3F58214A227980AEB091CFD2F973 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
20:19:56.0809 5992 AppIDSvc - ok
20:19:56.0825 5992 [ 7E790DE2487CEDB349D1750B9E47F090 ] Appinfo C:\WINDOWS\System32\appinfo.dll
20:19:56.0887 5992 Appinfo - ok
20:19:56.0918 5992 [ F518545E5B7623AD49ABE7F8776EFA46 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:56.0965 5992 Apple Mobile Device - ok
20:19:56.0996 5992 [ 4B964AE0DF433A3BFA7BD24713BC2E9B ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
20:19:57.0059 5992 AppReadiness - ok
20:19:57.0121 5992 [ 0B726D9ED75C787D6FFAF1E3873BCC70 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
20:19:57.0188 5992 AppXSvc - ok
20:19:57.0220 5992 [ 65045784366F7EC5FB4E71BCF923187B ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
20:19:57.0235 5992 arcsas - ok
20:19:57.0266 5992 [ 0ACC3F49015E628590CA4372322EB46B ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
20:19:57.0298 5992 aswMonFlt - ok
20:19:57.0298 5992 [ 679712B7A353EE665B9301592164A172 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
20:19:57.0329 5992 aswRdr - ok
20:19:57.0345 5992 [ C04F7B373881009D7994D9BF55D24AB4 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
20:19:57.0360 5992 aswRvrt - ok
20:19:57.0391 5992 [ 43599E630DFC30AD4E6A2B4B269EB1C0 ] aswSnx C:\windows\system32\drivers\aswSnx.sys
20:19:57.0438 5992 aswSnx - ok
20:19:57.0454 5992 [ F22DE5F5BA8ADA0A861441B624B51EB5 ] aswSP C:\windows\system32\drivers\aswSP.sys
20:19:57.0485 5992 aswSP - ok
20:19:57.0501 5992 [ FD3EA14ADF6216BDF4030DB2EFD43D96 ] aswStm C:\windows\system32\drivers\aswStm.sys
20:19:57.0516 5992 aswStm - ok
20:19:57.0532 5992 [ 90399625F341AB76BA4B85A5E860EB1F ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
20:19:57.0563 5992 aswVmm - ok
20:19:57.0579 5992 [ 74B14192CF79A72F7536B27CB8814FBD ] atapi C:\WINDOWS\system32\drivers\atapi.sys
20:19:57.0595 5992 atapi - ok
20:19:57.0704 5992 [ 2C7676F892E88FD190F08D98048C7C6C ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:19:57.0860 5992 athr - ok
20:19:57.0923 5992 [ 005D1AA28FFAA7FB327842B3CAFF726E ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
20:19:57.0970 5992 AtiHDAudioService - ok
20:19:57.0985 5992 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:19:58.0048 5992 AudioEndpointBuilder - ok
20:19:58.0095 5992 [ EF276593AD1BDF5A99032F62D6272848 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
20:19:58.0141 5992 Audiosrv - ok
20:19:58.0188 5992 [ CC42F104172B4A62793083D380867317 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:19:58.0204 5992 avast! Antivirus - ok
20:19:58.0220 5992 [ 96E8CAF20FC4B6C31CAD7816A801EB78 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
20:19:58.0266 5992 AxInstSV - ok
20:19:58.0298 5992 [ A4A73F631FE2AA2826FBE4A399B04DEF ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
20:19:58.0345 5992 b06bdrv - ok
20:19:58.0360 5992 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:19:58.0391 5992 BasicDisplay - ok
20:19:58.0407 5992 [ 2748E116F8621A4DB0D39FCDD7318C01 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
20:19:58.0438 5992 BasicRender - ok
20:19:58.0532 5992 [ F2E8CEFC8CF4D6454F4121C5FF93136A ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.exe
20:19:58.0548 5992 BBSvc - ok
20:19:58.0579 5992 [ 6E1BCC590C9D30FEE8FC14DBD053CE94 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
20:19:58.0595 5992 BBUpdate - ok
20:19:58.0641 5992 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
20:19:58.0673 5992 bcmfn2 - ok
20:19:58.0688 5992 [ BBE61A40665B83488901E41082A6097D ] BDESVC C:\WINDOWS\System32\bdesvc.dll
20:19:58.0735 5992 BDESVC - ok
20:19:58.0767 5992 [ EC19013E4CF87609534165DF897274D6 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:19:58.0813 5992 Beep - ok
20:19:58.0845 5992 [ 6468B696C65775D51A06615830E0E79D ] BFE C:\WINDOWS\System32\bfe.dll
20:19:58.0892 5992 BFE - ok
20:19:58.0923 5992 [ 15225081966C785A9192782401643FD4 ] BITS C:\WINDOWS\System32\qmgr.dll
20:19:59.0016 5992 BITS - ok
20:19:59.0048 5992 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:19:59.0079 5992 Bonjour Service - ok
20:19:59.0095 5992 [ 6B4FFFDDC618FCF64473CAA86E305697 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
20:19:59.0141 5992 bowser - ok
20:19:59.0190 5992 [ A6207A88B596F726DE558425F3B7E592 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:19:59.0237 5992 BrokerInfrastructure - ok
20:19:59.0252 5992 [ D528D6A92D187777691993DD757AF19A ] Browser C:\WINDOWS\System32\browser.dll
20:19:59.0299 5992 Browser - ok
20:19:59.0315 5992 [ A8F23D453A424FF4DE04989C4727ECC7 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:19:59.0346 5992 BthAvrcpTg - ok
20:19:59.0362 5992 [ 746B9F94214915AECDE4B7FEA5FF9664 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
20:19:59.0409 5992 BthHFEnum - ok
20:19:59.0424 5992 [ 71FE2A48E4C93DDB9798C024880B6C07 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
20:19:59.0471 5992 bthhfhid - ok
20:19:59.0487 5992 [ 07E33226AD218A2A162662A05CAFB52F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
20:19:59.0534 5992 BTHMODEM - ok
20:19:59.0549 5992 [ E5E48FEED73D463175EAB1542495191C ] bthserv C:\WINDOWS\system32\bthserv.dll
20:19:59.0581 5992 bthserv - ok
20:19:59.0612 5992 [ 2FA6510E33F7DEFEC03658B74101A9B9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:19:59.0643 5992 cdfs - ok
20:19:59.0674 5992 [ C6796EA22B513E3457514D92DCDB1A3D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
20:19:59.0706 5992 cdrom - ok
20:19:59.0721 5992 [ AB285CE3431FF3D2ACE669245874C1C7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
20:19:59.0768 5992 CertPropSvc - ok
20:19:59.0784 5992 [ BE9936EDD3267FAAFF94A7835867F00B ] circlass C:\WINDOWS\System32\drivers\circlass.sys
20:19:59.0815 5992 circlass - ok
20:19:59.0831 5992 [ 7F006813C2AFE622C13D7AF94F56CD07 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
20:19:59.0877 5992 CLFS - ok
20:19:59.0909 5992 [ EF6EF85DADC3184A10D8F2F7159973CB ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
20:19:59.0956 5992 CmBatt - ok
20:19:59.0971 5992 [ 825BE21E6395E00698D8A23955A87972 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
20:20:00.0018 5992 CNG - ok
20:20:00.0049 5992 [ 03AAED827C36F35D70900558B8274905 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
20:20:00.0081 5992 CompositeBus - ok
20:20:00.0096 5992 COMSysApp - ok
20:20:00.0112 5992 [ A1FF7DFBFBE164CF92603C651D304DD2 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
20:20:00.0143 5992 condrv - ok
20:20:00.0174 5992 [ 0EFE4B5884A8032617826A4D76F80969 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
20:20:00.0221 5992 CryptSvc - ok
20:20:00.0237 5992 [ 315BA4BC19316D72B2E037534E048B93 ] dam C:\WINDOWS\system32\drivers\dam.sys
20:20:00.0253 5992 dam - ok
20:20:00.0299 5992 [ EAE8F2C2053792DBDA6227923C044D68 ] Dashboard Service C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
20:20:00.0331 5992 Dashboard Service ( UnsignedFile.Multi.Generic ) - warning
20:20:00.0331 5992 Dashboard Service - detected UnsignedFile.Multi.Generic (1)
20:20:00.0346 5992 [ C6E1C081C0849E08FECEC18DF73B10C4 ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
20:20:00.0362 5992 dc3d - ok
20:20:00.0409 5992 [ 3FD5AE42EC87C6F532A931F96BE731DD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:20:00.0456 5992 DcomLaunch - ok
20:20:00.0487 5992 [ F4CCAADC2C78F57E4F16B24C9201CE22 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
20:20:00.0534 5992 defragsvc - ok
20:20:00.0565 5992 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:20:00.0612 5992 DeviceAssociationService - ok
20:20:00.0690 5992 [ 752A457320A946E03C3AA86C3ACD735E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
20:20:00.0799 5992 DeviceInstall - ok
20:20:00.0831 5992 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
20:20:00.0877 5992 Dfsc - ok
20:20:00.0940 5992 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
20:20:01.0018 5992 Dhcp - ok
20:20:01.0049 5992 [ 4D40C9B33F738797CF50E77CB7C53E85 ] disk C:\WINDOWS\system32\drivers\disk.sys
20:20:01.0065 5992 disk - ok
20:20:01.0081 5992 [ EB70A894708D1BC176AFD690FF06085F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
20:20:01.0112 5992 dmvsc - ok
20:20:01.0127 5992 [ 5BAF7714E68F93515A937A3FA8587EF9 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:20:01.0177 5992 Dnscache - ok
20:20:01.0208 5992 [ 50288EA079BB520C2B8C8A154202D518 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
20:20:01.0239 5992 dot3svc - ok
20:20:01.0271 5992 [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
20:20:01.0286 5992 dot4 - ok
20:20:01.0302 5992 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
20:20:01.0317 5992 Dot4Print - ok
20:20:01.0333 5992 [ B7D595F2F464F7B628AD53F06547792C ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
20:20:01.0349 5992 dot4usb - ok
20:20:01.0380 5992 [ 281BEE07BA97E3E98D12A822D923D0D8 ] DPS C:\WINDOWS\system32\dps.dll
20:20:01.0411 5992 DPS - ok
20:20:01.0427 5992 [ DDC11A202207C0400CBE07315B8FDE5E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:20:01.0458 5992 drmkaud - ok
20:20:01.0474 5992 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
20:20:01.0536 5992 DsmSvc - ok
20:20:01.0599 5992 [ A3D1CB64DF885ACE126543E6D7067348 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:20:01.0708 5992 DXGKrnl - ok
20:20:01.0755 5992 [ 6073537F250B45E1CB2A02E97F0FE1B2 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
20:20:01.0802 5992 Eaphost - ok
20:20:01.0895 5992 [ 114BCFDF367FF37C3F1B0A96AF542E4D ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
20:20:02.0052 5992 ebdrv - ok
20:20:02.0067 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] EFS C:\WINDOWS\System32\lsass.exe
20:20:02.0099 5992 EFS - ok
20:20:02.0130 5992 [ 43531A5993380CC5113242C29D265FD9 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
20:20:02.0145 5992 EhStorClass - ok
20:20:02.0161 5992 [ 6F8E738A9505A388B1157FDDE7B3101B ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:20:02.0192 5992 EhStorTcgDrv - ok
20:20:02.0208 5992 [ DFFFAE1442BA4076E18EED5E406FA0D3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
20:20:02.0224 5992 ErrDev - ok
20:20:02.0271 5992 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] EventSystem C:\WINDOWS\system32\es.dll
20:20:02.0302 5992 EventSystem - ok
20:20:02.0317 5992 [ 7729D294A555C7AEB281ED8E4D0E01E4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
20:20:02.0364 5992 exfat - ok
20:20:02.0380 5992 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
20:20:02.0411 5992 fastfat - ok
20:20:02.0442 5992 [ 2BC8532ABF2B3756B78FA1DA54147DDE ] Fax C:\WINDOWS\system32\fxssvc.exe
20:20:02.0489 5992 Fax - ok
20:20:02.0505 5992 [ 5D8402613E778B3BD45E687A8372710B ] fdc C:\WINDOWS\System32\drivers\fdc.sys
20:20:02.0552 5992 fdc - ok
20:20:02.0567 5992 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
20:20:02.0614 5992 fdPHost - ok
20:20:02.0630 5992 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
20:20:02.0677 5992 FDResPub - ok
20:20:02.0692 5992 [ 0046E0BD031213D37123876B0D0FA61C ] fhsvc C:\WINDOWS\system32\fhsvc.dll
20:20:02.0755 5992 fhsvc - ok
20:20:02.0771 5992 [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
20:20:02.0802 5992 FileInfo - ok
20:20:02.0817 5992 [ A1A66C4FDAFD6B0289523232AFB7D8AF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
20:20:02.0849 5992 Filetrace - ok
20:20:02.0880 5992 [ BE743083CF7063C486A4398E3AEFE59A ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
20:20:02.0911 5992 flpydisk - ok
20:20:02.0927 5992 [ 60D5067FCE6D9433D35E04C01D8538B3 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:20:02.0974 5992 FltMgr - ok
20:20:03.0005 5992 [ 183CA7699474FDE235853967D1DA4D9B ] FontCache C:\WINDOWS\system32\FntCache.dll
20:20:03.0099 5992 FontCache - ok
20:20:03.0177 5992 [ 1C52387BF5A127F5F3BFB31288F30D93 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:03.0192 5992 FontCache3.0.0.0 - ok
20:20:03.0208 5992 [ 35005534E600E993A90B036E4E599F2B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
20:20:03.0239 5992 FsDepends - ok
20:20:03.0255 5992 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:20:03.0286 5992 Fs_Rec - ok
20:20:03.0317 5992 [ 83E1F0983B02A6F8EC764D18E24ECF10 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:20:03.0364 5992 fvevol - ok
20:20:03.0380 5992 [ 9591D0B9351ED489EAFD9D1CE52A8015 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
20:20:03.0411 5992 FxPPM - ok
20:20:03.0427 5992 [ FC3EF65EE20D39F8749C2218DBA681CA ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
20:20:03.0442 5992 gagp30kx - ok
20:20:03.0474 5992 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:20:03.0489 5992 GEARAspiWDM - ok
20:20:03.0505 5992 [ 0BF5CAD281E25F1418E5B8875DC5ADD1 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
20:20:03.0536 5992 gencounter - ok
20:20:03.0567 5992 [ FDA72810CA2F8409D9B31E833C448E34 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:20:03.0599 5992 GPIOClx0101 - ok
20:20:03.0646 5992 [ 0BDE0FCF597E9B65600121EF54FF8340 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
20:20:03.0708 5992 gpsvc - ok
20:20:03.0771 5992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:03.0786 5992 gupdate - ok
20:20:03.0833 5992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:03.0849 5992 gupdatem - ok
20:20:03.0864 5992 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:03.0896 5992 gusvc - ok
20:20:03.0911 5992 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
20:20:03.0942 5992 HDAudBus - ok
20:20:03.0958 5992 [ 10A70BC1871CD955D85CD88372724906 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
20:20:03.0989 5992 HidBatt - ok
20:20:04.0005 5992 [ 1EA1B4FABB8CC348E73CA90DBA22E104 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
20:20:04.0036 5992 HidBth - ok
20:20:04.0067 5992 [ C241A8BAFBBFC90176EA0F5240EACC17 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
20:20:04.0099 5992 hidi2c - ok
20:20:04.0114 5992 [ 9BDDEE26255421017E161CCB9D5EDA95 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
20:20:04.0146 5992 HidIr - ok
20:20:04.0161 5992 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] hidserv C:\WINDOWS\system32\hidserv.dll
20:20:04.0192 5992 hidserv - ok
20:20:04.0208 5992 [ F31397220D9687E11EB448649AA6E038 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
20:20:04.0255 5992 HidUsb - ok
20:20:04.0271 5992 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
20:20:04.0317 5992 hkmsvc - ok
20:20:04.0349 5992 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:20:04.0396 5992 HomeGroupListener - ok
20:20:04.0427 5992 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:20:04.0489 5992 HomeGroupProvider - ok
20:20:04.0552 5992 [ 0D0213498683414DDE29B1686A4C08D5 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:20:04.0567 5992 hpqcxs08 - ok
20:20:04.0599 5992 [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:20:04.0614 5992 hpqddsvc - ok
20:20:04.0646 5992 [ A6AACEA4C785789BDA5912AD1FEDA80D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
20:20:04.0661 5992 HpSAMD - ok
20:20:04.0693 5992 [ 3502776E366C913D49C0DA928AE3E6CB ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
20:20:04.0755 5992 HTTP - ok
20:20:04.0786 5992 [ 90656C0B3864804B090434EFC582404F ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
20:20:04.0802 5992 hwpolicy - ok
20:20:04.0833 5992 [ 6D6F9E3BF0484967E52F7E846BFF1CA1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
20:20:04.0864 5992 hyperkbd - ok
20:20:04.0880 5992 [ 907C870F8C31F8DDD6F090857B46AB25 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:20:04.0896 5992 HyperVideo - ok
20:20:04.0958 5992 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
20:20:04.0989 5992 i8042prt - ok
20:20:05.0005 5992 [ 5D90E32E36CE5D4C535D17CE08AEAF05 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:20:05.0021 5992 iaLPSSi_GPIO - ok
20:20:05.0052 5992 [ DD05E7E80F52ADE9AEB292819920F32C ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:20:05.0067 5992 iaLPSSi_I2C - ok
20:20:05.0099 5992 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
20:20:05.0130 5992 iaStorAV - ok
20:20:05.0146 5992 [ A2200C3033FA4EF249FC096A7A7D02A2 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
20:20:05.0192 5992 iaStorV - ok
20:20:05.0302 5992 [ DEA2F976E7327716AA0038EBF550003A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:20:05.0380 5992 IconMan_R - ok
20:20:05.0411 5992 [ 97E5D62965DE167388B9C5D08665FE43 ] IdeaTouch.LocalDataServer.Education C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
20:20:05.0427 5992 IdeaTouch.LocalDataServer.Education ( UnsignedFile.Multi.Generic ) - warning
20:20:05.0427 5992 IdeaTouch.LocalDataServer.Education - detected UnsignedFile.Multi.Generic (1)
20:20:05.0442 5992 IEEtwCollectorService - ok
20:20:05.0489 5992 [ B82255670D270B75D2D2F0F8747D1443 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
20:20:05.0536 5992 IKEEXT - ok
20:20:05.0599 5992 [ 6C7970A8E0546A4D9466E0045C7DB199 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:20:05.0708 5992 IntcAzAudAddService - ok
20:20:05.0724 5992 [ 4E448FCFFD00E8D657CD9E48D3E47157 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
20:20:05.0755 5992 intelide - ok
20:20:05.0771 5992 [ 139CFCDCD36B1B1782FD8C0014AC9B0E ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
20:20:05.0802 5992 intelpep - ok
20:20:05.0817 5992 [ 47E74A8E53C7C24DCE38311E1451C1D9 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
20:20:05.0849 5992 intelppm - ok
20:20:05.0864 5992 [ 9DB76D7F9E4E53EFE5DD8C53DE837514 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:20:05.0911 5992 IpFilterDriver - ok
20:20:05.0927 5992 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
20:20:05.0974 5992 iphlpsvc - ok
20:20:05.0989 5992 [ 9949A3C7590B8C536C05312205079A82 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:20:06.0036 5992 IPMIDRV - ok
20:20:06.0068 5992 [ B7342B3C58E91107F6E946A93D9D4EFD ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
20:20:06.0099 5992 IPNAT - ok
20:20:06.0146 5992 [ F7ED08D4BC89D7AC6135C1556A89157F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:20:06.0178 5992 iPod Service - ok
20:20:06.0209 5992 [ AE44C526AB5F8A487D941CEB57B10C97 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
20:20:06.0240 5992 IRENUM - ok
20:20:06.0256 5992 [ 8AFEEA3955AA43616A60F133B1D25F21 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
20:20:06.0271 5992 isapnp - ok
20:20:06.0303 5992 [ 034D4BD9DC67C64F3A4C8A049B5173BF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
20:20:06.0334 5992 iScsiPrt - ok
20:20:06.0349 5992 [ 8BE92376799B6B44D543E8D07CDCF885 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
20:20:06.0381 5992 kbdclass - ok
20:20:06.0396 5992 [ FB6E47E569D4872ABEB506BE03A45FBA ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
20:20:06.0428 5992 kbdhid - ok
20:20:06.0443 5992 [ 813871C7D402A05F2E3A7075F9584A05 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:20:06.0474 5992 kdnic - ok
20:20:06.0490 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] KeyIso C:\WINDOWS\system32\lsass.exe
20:20:06.0521 5992 KeyIso - ok
20:20:06.0537 5992 [ ADDECBCC777665BD113BED437E602AB0 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
20:20:06.0568 5992 KSecDD - ok
20:20:06.0584 5992 [ 7296EA420134EAC390798B3232D066A4 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:20:06.0615 5992 KSecPkg - ok
20:20:06.0631 5992 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
20:20:06.0662 5992 ksthunk - ok
20:20:06.0693 5992 [ 32B1A8351160F307A8C66BCB0F94A9C2 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
20:20:06.0740 5992 KtmRm - ok
20:20:06.0756 5992 [ 27B58E16CF895AC1F1A97C04814C2239 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
20:20:06.0803 5992 LanmanServer - ok
20:20:06.0818 5992 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:20:06.0865 5992 LanmanWorkstation - ok
20:20:06.0896 5992 [ EE289BD147FDFF95EF1B9BD65D3B974A ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
20:20:06.0959 5992 lfsvc - ok
20:20:06.0974 5992 [ C09010B3680860131631F53E8FE7BAD8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:20:07.0006 5992 lltdio - ok
20:20:07.0037 5992 [ 00E070FC0C673311AFD4B068D1242780 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
20:20:07.0084 5992 lltdsvc - ok
20:20:07.0100 5992 [ D113FAD71A5E67AA94B32A0F8828D265 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
20:20:07.0146 5992 lmhosts - ok
20:20:07.0240 5992 [ 649982D990F825800FAA8BDAD98A1C30 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
20:20:07.0303 5992 LSCWinService - ok
20:20:07.0318 5992 [ C755AE4635457AA2A11F79C0DF857ABC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
20:20:07.0349 5992 LSI_SAS - ok
20:20:07.0365 5992 [ ADAC09CBE7A2040B7F68B5E5C9A75141 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:20:07.0381 5992 LSI_SAS2 - ok
20:20:07.0412 5992 [ 04D1274BB9BBCCF12BD12374002AA191 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:20:07.0428 5992 LSI_SAS3 - ok
20:20:07.0443 5992 [ 327469EEF3833D0C584B7E88A76AEC0C ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
20:20:07.0474 5992 LSI_SSS - ok
20:20:07.0490 5992 [ B6B69FF200F68888A7FAFDF204D00C91 ] LSM C:\WINDOWS\System32\lsm.dll
20:20:07.0553 5992 LSM - ok
20:20:07.0553 5992 [ 5EF604B0698F4FA962778285E8C5F1F2 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
20:20:07.0599 5992 luafv - ok
20:20:07.0615 5992 [ EB5C03A070F30D64A6DF80E53B22F53F ] megasas C:\WINDOWS\system32\drivers\megasas.sys
20:20:07.0646 5992 megasas - ok
20:20:07.0662 5992 [ F6F13533196DE7A582D422B0241E4363 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
20:20:07.0709 5992 megasr - ok
20:20:07.0787 5992 Microsoft SharePoint Workspace Audit Service - ok
20:20:07.0803 5992 [ FD788C2D96EA91469A3C1D13E80D7473 ] MMCSS C:\WINDOWS\system32\mmcss.dll
20:20:07.0834 5992 MMCSS - ok
20:20:07.0865 5992 [ 8B38C44F69259987C95135C9627E2378 ] Modem C:\WINDOWS\system32\drivers\modem.sys
20:20:07.0896 5992 Modem - ok
20:20:07.0912 5992 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
20:20:07.0943 5992 monitor - ok
20:20:07.0943 5992 [ CEAC6D40FE887CE8406C2393CF97DE06 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
20:20:07.0974 5992 mouclass - ok
20:20:07.0990 5992 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
20:20:08.0021 5992 mouhid - ok
20:20:08.0037 5992 [ 515549560D481138E6E21AF7C6998E56 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
20:20:08.0068 5992 mountmgr - ok
20:20:08.0084 5992 [ 338037EFA0E8E8699B2667D57B751574 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:20:08.0115 5992 MozillaMaintenance - ok
20:20:08.0131 5992 [ F170510BE94CF45E3C6274578F6204B2 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
20:20:08.0178 5992 mpsdrv - ok
20:20:08.0225 5992 [ D186C5844393252147BE934F3871DB7A ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
20:20:08.0287 5992 MpsSvc - ok
20:20:08.0303 5992 [ 59DCEC7499095DE5AED741358037AE2D ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
20:20:08.0350 5992 MRxDAV - ok
20:20:08.0381 5992 [ 79B6F3DF7CDFD12159871FF71464F0CE ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:20:08.0428 5992 mrxsmb - ok
20:20:08.0443 5992 [ 295771B092D4F7FCF2B62F80CCD14320 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:20:08.0490 5992 mrxsmb10 - ok
20:20:08.0506 5992 [ AAF56E4E84D35411B4E446C445732DFE ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:20:08.0553 5992 mrxsmb20 - ok
20:20:08.0568 5992 [ 4E888019078AC363076A5433E89AA4F8 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
20:20:08.0600 5992 MsBridge - ok
20:20:08.0631 5992 [ A082C17D14D0790E27D064EA4B138AE1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
20:20:08.0678 5992 MSDTC - ok
20:20:08.0709 5992 [ D13329FBF8345B28AB30F44CC247DC08 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:20:08.0740 5992 Msfs - ok
20:20:08.0772 5992 [ C6B474E46F9E543B875981ED3FFE6ADD ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:20:08.0787 5992 msgpiowin32 - ok
20:20:08.0803 5992 [ 65C92EB9D08DB5C69F28C7FFD4E84E31 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:20:08.0834 5992 mshidkmdf - ok
20:20:08.0850 5992 [ 52299F086AC2DAFD100DD5DC4A8614BA ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
20:20:08.0881 5992 mshidumdf - ok
20:20:08.0897 5992 [ 36D92AF3343C3A3E57FEF11C449AEA4C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
20:20:08.0928 5992 msisadrv - ok
20:20:08.0943 5992 [ 810F8A0A0680662BB0CE44D0E2CEF90C ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
20:20:08.0975 5992 MSiSCSI - ok
20:20:08.0990 5992 msiserver - ok
20:20:09.0022 5992 [ A9BBBD2BAE6142253B9195E949AC2E8D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:20:09.0053 5992 MSKSSRV - ok
20:20:09.0068 5992 [ 375E44168F2DFB91A68B8A3F619C5A7C ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:20:09.0100 5992 MsLldp - ok
20:20:09.0115 5992 [ 7B2128EB875DCBC006E6A913211006D6 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:20:09.0147 5992 MSPCLOCK - ok
20:20:09.0209 5992 [ 1E88171579B218115C7A772F8DE04BD8 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:20:09.0225 5992 MSPQM - ok
20:20:09.0256 5992 [ BBE2A455053E63BECBF42C2F9B21FAE0 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
20:20:09.0287 5992 MsRPC - ok
20:20:09.0303 5992 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
20:20:09.0334 5992 mssmbios - ok
20:20:09.0334 5992 [ 115019AE01E0EB9C048530D2928AB4A2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:20:09.0365 5992 MSTEE - ok
20:20:09.0381 5992 [ 96D604A35070360F0DD4A7A8AF410B5E ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
20:20:09.0412 5992 MTConfig - ok
20:20:09.0428 5992 [ 619CA29326B82372621DB2C0964D8365 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
20:20:09.0459 5992 Mup - ok
20:20:09.0475 5992 [ B8C35C94DCB2DFEAF03BB42131F2F77F ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
20:20:09.0506 5992 mvumis - ok
20:20:09.0537 5992 [ 41A45D2A75494EABF2806EA051E00376 ] napagent C:\WINDOWS\system32\qagentRT.dll
20:20:09.0584 5992 napagent - ok
20:20:09.0615 5992 [ CF8B989D89D6807B887690F2CF24EFD9 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:20:09.0662 5992 NativeWifiP - ok
20:20:09.0693 5992 [ 71E3C0100AA19D11373CCEB2F51A6008 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
20:20:09.0740 5992 NcaSvc - ok
20:20:09.0756 5992 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] NcbService C:\WINDOWS\System32\ncbservice.dll
20:20:09.0787 5992 NcbService - ok
20:20:09.0803 5992 [ 2586C4C167499210DCBF3ECFD8CCE210 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
20:20:09.0865 5992 NcdAutoSetup - ok
20:20:09.0912 5992 [ ED39D676080A1AEA755F1DEC1A8DF1A4 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
20:20:09.0975 5992 NDIS - ok
20:20:10.0006 5992 [ C6BB12BC35D1637CA17AE16D3A4725EB ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:20:10.0053 5992 NdisCap - ok
20:20:10.0068 5992 [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:20:10.0115 5992 NdisImPlatform - ok
20:20:10.0131 5992 [ 9423421E735BD5394351E0C47C76BB92 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:20:10.0173 5992 NdisTapi - ok
20:20:10.0187 5992 [ B832B35055BA2B7B4181861FF94D8E59 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:20:10.0219 5992 Ndisuio - ok
20:20:10.0234 5992 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:20:10.0265 5992 NdisVirtualBus - ok
20:20:10.0297 5992 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:20:10.0328 5992 NdisWan - ok
20:20:10.0344 5992 [ DEC29080202D4F9F17F55E18BCFCC41A ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:20:10.0375 5992 NdisWanLegacy - ok
20:20:10.0391 5992 [ A5BD69A8812FA79D1A487691DD3FB244 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:20:10.0422 5992 NDProxy - ok
20:20:10.0437 5992 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
20:20:10.0469 5992 Ndu - ok
20:20:10.0500 5992 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
20:20:10.0515 5992 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:20:10.0515 5992 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:20:10.0531 5992 [ A83D67D347A684F10B7D3019C8A6380C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:20:10.0562 5992 NetBIOS - ok
20:20:10.0578 5992 [ 0217532E19A748F0E5D569307363D5FD ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:20:10.0625 5992 NetBT - ok
20:20:10.0640 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:20:10.0672 5992 Netlogon - ok
20:20:10.0719 5992 [ B7AD851A21FEBA3BA214972627614207 ] Netman C:\WINDOWS\System32\netman.dll
20:20:10.0750 5992 Netman - ok
20:20:10.0781 5992 [ F0F0A372C2EF6358399C4936F91B6131 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
20:20:10.0844 5992 netprofm - ok
20:20:10.0875 5992 [ 1092B3190E69E0C5ECBCE90F171DE047 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:20:10.0922 5992 NetTcpPortSharing - ok
20:20:10.0937 5992 [ 70414DB660BFBB7BD58FCE8EA4364E1B ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
20:20:10.0969 5992 netvsc - ok
20:20:11.0000 5992 [ FC91D7804B8FE5C2F0B12585C612F592 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
20:20:11.0031 5992 NitroDriverReadSpool8 - ok
20:20:11.0047 5992 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
20:20:11.0094 5992 NlaSvc - ok
20:20:11.0140 5992 [ 21D28C3448983A072B907E9BAC93D223 ] nlsX86cc C:\windows\SysWOW64\NLSSRV32.EXE
20:20:11.0172 5992 nlsX86cc - ok
20:20:11.0172 5992 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:20:11.0219 5992 Npfs - ok
20:20:11.0234 5992 [ CBDB4F0871C88DF930FC0E8588CA67FC ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
20:20:11.0281 5992 npsvctrig - ok
20:20:11.0297 5992 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] nsi C:\WINDOWS\system32\nsisvc.dll
20:20:11.0328 5992 nsi - ok
20:20:11.0344 5992 [ E490B459978CB87779E84C761D22B827 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
20:20:11.0375 5992 nsiproxy - ok
20:20:11.0422 5992 [ 4412D565C0278C401575E11072C7DCE3 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:20:11.0515 5992 Ntfs - ok
20:20:11.0531 5992 [ EF1B290FC9F0E47CC0B537292BEE5904 ] Null C:\WINDOWS\system32\drivers\Null.sys
20:20:11.0562 5992 Null - ok
20:20:11.0578 5992 [ BC6B5942AFF25EBAF62DE43C3807EDF8 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
20:20:11.0609 5992 nvraid - ok
20:20:11.0625 5992 [ 1F43ABFFAC3D6CA356851D517392966E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
20:20:11.0656 5992 nvstor - ok
20:20:11.0672 5992 [ 6934A936A7369DFE37B7DBA93F5E5E49 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
20:20:11.0703 5992 nv_agp - ok
20:20:11.0750 5992 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:11.0765 5992 ose - ok
20:20:11.0953 5992 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:20:12.0109 5992 osppsvc - ok
20:20:12.0156 5992 [ 3B510F20806B94E389784ED09DBD2111 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
20:20:12.0204 5992 p2pimsvc - ok
20:20:12.0235 5992 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] p2psvc C:\WINDOWS\system32\p2psvc.dll
20:20:12.0282 5992 p2psvc - ok
20:20:12.0298 5992 [ 764B1121867B2D9B31C491668AC72B2B ] Parport C:\WINDOWS\System32\drivers\parport.sys
20:20:12.0329 5992 Parport - ok
20:20:12.0345 5992 [ EF0C1749C9A8CEE9A457473D433CC00F ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
20:20:12.0376 5992 partmgr - ok
20:20:12.0391 5992 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
20:20:12.0438 5992 PcaSvc - ok
20:20:12.0470 5992 [ C0D3F3BC1C84B4BA746D9847314C1164 ] pci C:\WINDOWS\system32\drivers\pci.sys
20:20:12.0501 5992 pci - ok
20:20:12.0516 5992 [ 346E38FCC6859A727DD28AFAD1F0AFF4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
20:20:12.0548 5992 pciide - ok
20:20:12.0563 5992 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
20:20:12.0595 5992 pcmcia - ok
20:20:12.0610 5992 [ BF28771D1436C88BE1D297D3098B0F7D ] pcw C:\WINDOWS\system32\drivers\pcw.sys
20:20:12.0626 5992 pcw - ok
20:20:12.0657 5992 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
20:20:12.0673 5992 pdc - ok
20:20:12.0720 5992 [ BA50CC0BD19004AAB88BE37338B6FA0D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
20:20:12.0766 5992 PEAUTH - ok
20:20:12.0813 5992 [ 8E3C640FFF5A963F570233AE99C0FFF3 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
20:20:12.0860 5992 PerfHost - ok
20:20:12.0907 5992 [ 928061178CD9856CA6B67FFFCE6BA766 ] pla C:\WINDOWS\system32\pla.dll
20:20:12.0985 5992 pla - ok
20:20:13.0001 5992 [ 752A457320A946E03C3AA86C3ACD735E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
20:20:13.0048 5992 PlugPlay - ok
20:20:13.0079 5992 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
20:20:13.0095 5992 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
20:20:13.0095 5992 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
20:20:13.0110 5992 [ 045EB4F260606A03BE340D09DEAF3BA4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
20:20:13.0141 5992 PNRPAutoReg - ok
20:20:13.0157 5992 [ 3B510F20806B94E389784ED09DBD2111 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
20:20:13.0204 5992 PNRPsvc - ok
20:20:13.0235 5992 [ 520D48ECB54A33821C95EE496A4235AF ] Point64 C:\WINDOWS\System32\drivers\point64.sys
20:20:13.0251 5992 Point64 - ok
20:20:13.0266 5992 [ C16097D77A232A288D65F299E2E01105 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
20:20:13.0329 5992 PolicyAgent - ok
20:20:13.0345 5992 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] Power C:\WINDOWS\system32\umpo.dll
20:20:13.0391 5992 Power - ok
20:20:13.0485 5992 [ B7DB57A000D46D4DE75BC0C563E58072 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:20:13.0579 5992 PrintNotify - ok
20:20:13.0610 5992 [ ECD373F9571C745894367CC2635EA44F ] Processor C:\WINDOWS\System32\drivers\processr.sys
20:20:13.0641 5992 Processor - ok
20:20:13.0657 5992 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
20:20:13.0704 5992 ProfSvc - ok
20:20:13.0735 5992 [ 8528BB05E4D4E25945F78B00B2555FB7 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
20:20:13.0766 5992 Psched - ok
20:20:13.0798 5992 [ AF90BB44C99D6820BE52C9BBAA523283 ] QWAVE C:\WINDOWS\system32\qwave.dll
20:20:13.0845 5992 QWAVE - ok
20:20:13.0876 5992 [ 3FB466684609A4329858CF2EBD62E0FD ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
20:20:13.0923 5992 QWAVEdrv - ok
20:20:13.0923 5992 [ 2C56F0EE27E4EF70CA4B4983D3638905 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:20:13.0954 5992 RasAcd - ok
20:20:13.0970 5992 [ 5F061AC45266841A2860C1858ED863B8 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:20:14.0016 5992 RasAuto - ok
20:20:14.0032 5992 [ BF3B17016764F20F9D28CF1A8DC210C0 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:20:14.0079 5992 RasMan - ok
20:20:14.0095 5992 [ 5247F308C4103CDC4FE12AE1D235800A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:20:14.0141 5992 RasPppoe - ok
20:20:14.0157 5992 [ B939A2A0F9D6C6C186721E268EB6FA93 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:20:14.0188 5992 rdbss - ok
20:20:14.0204 5992 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
20:20:14.0251 5992 rdpbus - ok
20:20:14.0266 5992 [ 680C1DAE268B6FB67FA21B389A8B79EF ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
20:20:14.0298 5992 RDPDR - ok
20:20:14.0329 5992 [ 858776908AF838E3790F3261B799CDA6 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:20:14.0345 5992 RdpVideoMiniport - ok
20:20:14.0360 5992 [ 847C6A08912C3515807049C93E526D65 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
20:20:14.0407 5992 rdyboost - ok
20:20:14.0454 5992 [ 96EFEC24346A8EB1157E80523079ADDC ] RealNetworks Downloader Resolver Service C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
20:20:14.0470 5992 RealNetworks Downloader Resolver Service - ok
20:20:14.0501 5992 [ 036746D54347FD2D0385668E2A4064E4 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
20:20:14.0563 5992 ReFS - ok
20:20:14.0610 5992 [ BFFB40FBE6D2C3469F8D06EE5E4934AB ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:20:14.0673 5992 RemoteAccess - ok
20:20:14.0704 5992 [ 4DCCABE03D06955ED61BABBD8EF9F30F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:20:14.0766 5992 RemoteRegistry - ok
20:20:14.0798 5992 [ D894CBD7DA753C881EE8D5E33B583225 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
20:20:14.0845 5992 RpcEptMapper - ok
20:20:14.0876 5992 [ 5CAE8F47B31D5CFC322B5B898C19E0FE ] RpcLocator C:\WINDOWS\system32\locator.exe
20:20:14.0907 5992 RpcLocator - ok
20:20:14.0938 5992 [ 3FD5AE42EC87C6F532A931F96BE731DD ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:20:14.0985 5992 RpcSs - ok
20:20:15.0016 5992 [ 60BCF0F09DD963D0F89F571F9D1EB8C1 ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
20:20:15.0048 5992 RSP2STOR - ok
20:20:15.0063 5992 [ 2D05A5508F4685412F2B89E8C2189ABC ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:20:15.0095 5992 rspndr - ok
20:20:15.0126 5992 [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:20:15.0173 5992 RTL8168 - ok
20:20:15.0204 5992 [ 1A063730F221B2746FF00457AE17E4F0 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
20:20:15.0251 5992 s3cap - ok
20:20:15.0266 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] SamSs C:\WINDOWS\system32\lsass.exe
20:20:15.0298 5992 SamSs - ok
20:20:15.0329 5992 [ C624A1B32211C3166EDB3F4AB02A30B7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
20:20:15.0360 5992 sbp2port - ok
20:20:15.0376 5992 [ 47C497FA4DDEA908633CAA60CEBE6805 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
20:20:15.0423 5992 SCardSvr - ok
20:20:15.0438 5992 [ E76C4E98302AE39CC6FA5D20FC8B5438 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
20:20:15.0485 5992 ScDeviceEnum - ok
20:20:15.0501 5992 [ ABD0237B15DBD2B4695F4B7D734A58F7 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:20:15.0548 5992 scfilter - ok
20:20:15.0595 5992 [ 888A30EAB651502352C18745367FD179 ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:20:15.0657 5992 Schedule - ok
20:20:15.0704 5992 [ AB285CE3431FF3D2ACE669245874C1C7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
20:20:15.0735 5992 SCPolicySvc - ok
20:20:15.0766 5992 [ 2F9A3380B8C0380E5608E29C7AA66899 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
20:20:15.0798 5992 sdbus - ok
20:20:15.0829 5992 [ 4EAF4DCF9DBD9A56952A58F56D61C005 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
20:20:15.0860 5992 sdstor - ok
20:20:15.0876 5992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
20:20:15.0907 5992 secdrv - ok
20:20:15.0938 5992 [ C49009F897BA4F2F4F31043663AA1485 ] seclogon C:\WINDOWS\system32\seclogon.dll
20:20:15.0985 5992 seclogon - ok
20:20:16.0016 5992 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] SENS C:\WINDOWS\System32\sens.dll
20:20:16.0063 5992 SENS - ok
20:20:16.0095 5992 [ E66A7C8CE7ED22DED6DF1CA479FB4790 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
20:20:16.0157 5992 SensrSvc - ok
20:20:16.0202 5992 [ DB2FF24CE0BDD15FE75870AFE312BA89 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
20:20:16.0220 5992 SerCx - ok
20:20:16.0251 5992 [ 0044B31F93946D5D41982314381FE431 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
20:20:16.0282 5992 SerCx2 - ok
20:20:16.0298 5992 [ 3CD600C089C1251BEEB4CD4CD5164F9E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
20:20:16.0329 5992 Serenum - ok
20:20:16.0345 5992 [ D864381BC9C725FAB01D94C060660166 ] Serial C:\WINDOWS\System32\drivers\serial.sys
20:20:16.0376 5992 Serial - ok
20:20:16.0407 5992 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
20:20:16.0439 5992 sermouse - ok
20:20:16.0486 5992 [ 441E6FF1F34D7A942946DB42A15FB519 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
20:20:16.0548 5992 SessionEnv - ok
20:20:16.0579 5992 [ 472B7A5AC181C050888DB454663DD764 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
20:20:16.0611 5992 sfloppy - ok
20:20:16.0658 5992 [ F4414F57DF2CECB8FC969AA43A6B0D50 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:20:16.0704 5992 SharedAccess - ok
20:20:16.0751 5992 [ 0D190D8B4B20446BE6299AC734DFADF1 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:20:16.0798 5992 ShellHWDetection - ok
20:20:16.0845 5992 [ 2F518D13DD6F3053837FE606F1A2EA1F ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:20:16.0876 5992 SiSRaid2 - ok
20:20:16.0892 5992 [ 1AC9A200A9C49C4508F04AAFFCA34A3F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
20:20:16.0907 5992 SiSRaid4 - ok
20:20:16.0970 5992 [ 50D9949020E02B847CD48F1243FCB895 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:16.0986 5992 SkypeUpdate - ok
20:20:17.0017 5992 [ 587ACA15210D1B01FBF272E07A08F91A ] smphost C:\WINDOWS\System32\smphost.dll
20:20:17.0079 5992 smphost - ok
20:20:17.0126 5992 [ 49EEB92DE930B8566EF615D600781DB4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
20:20:17.0189 5992 SNMPTRAP - ok
20:20:17.0236 5992 [ F6EBE514D13ECE7EDC23440039CDF9AB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
20:20:17.0282 5992 spaceport - ok
20:20:17.0298 5992 [ F337BE11071818FC3F5DC2940B6BDE34 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
20:20:17.0329 5992 SpbCx - ok
20:20:17.0361 5992 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] Spooler C:\WINDOWS\System32\spoolsv.exe
20:20:17.0423 5992 Spooler - ok
20:20:17.0532 5992 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
20:20:17.0798 5992 sppsvc - ok
20:20:17.0892 5992 [ 2B78788A1485F9B99A578A299DF42C02 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:20:17.0939 5992 srv - ok
20:20:17.0970 5992 [ C1AE59C0B0817236EC083A91C396005A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
20:20:18.0017 5992 srv2 - ok
20:20:18.0048 5992 [ 77195C32175FC63D6054EBA5A066D727 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:20:18.0095 5992 srvnet - ok
20:20:18.0142 5992 [ BB9ED3EDD8E85008215A7250D325A72E ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:20:18.0235 5992 SSDPSRV - ok
20:20:18.0298 5992 [ 3911418AFDE10EA6823B7799E4815524 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
20:20:18.0329 5992 SstpSvc - ok
20:20:18.0423 5992 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
20:20:18.0454 5992 stexstor - ok
20:20:18.0501 5992 [ D638904FE86A5FE542A1BA13A9D68E5C ] stisvc C:\WINDOWS\System32\wiaservc.dll
20:20:18.0563 5992 stisvc - ok
20:20:18.0579 5992 [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
20:20:18.0610 5992 storahci - ok
20:20:18.0626 5992 [ 7A08CEE1535F5A448215634C5EA74E50 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
20:20:18.0642 5992 storflt - ok
20:20:18.0673 5992 [ 6B06E2D11E604BE2B1A406C4CB3B90DE ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
20:20:18.0688 5992 stornvme - ok
20:20:18.0720 5992 [ 3118058E3D07021A55324A943C6D722B ] StorSvc C:\WINDOWS\system32\storsvc.dll
20:20:18.0767 5992 StorSvc - ok
20:20:18.0798 5992 [ 548759755BC73DAD663250239D7E0B9F ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
20:20:18.0813 5992 storvsc - ok
20:20:18.0829 5992 [ D8E1AE075AB3E8AD56F69C44AA978596 ] svsvc C:\WINDOWS\system32\svsvc.dll
20:20:18.0876 5992 svsvc - ok
20:20:18.0907 5992 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
20:20:18.0923 5992 swenum - ok
20:20:18.0954 5992 [ A5DC2E63F5E5D3C0B843307374998479 ] swprv C:\WINDOWS\System32\swprv.dll
20:20:19.0017 5992 swprv - ok
20:20:19.0064 5992 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] SysMain C:\WINDOWS\system32\sysmain.dll
20:20:19.0142 5992 SysMain - ok
20:20:19.0173 5992 [ D65B1C952AEB864C2BAC7A770B17ECCE ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:20:19.0220 5992 SystemEventsBroker - ok
20:20:19.0235 5992 [ BA6DD39266A5E15515C8C14DA2DA3E5C ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:20:19.0282 5992 TabletInputService - ok
20:20:19.0313 5992 [ B517410F157693043DACA21B19B258A6 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:20:19.0360 5992 TapiSrv - ok
20:20:19.0485 5992 [ 3D9A5AC880D7AA2305812D665D24ED23 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
20:20:19.0626 5992 Tcpip - ok
20:20:19.0720 5992 [ 3D9A5AC880D7AA2305812D665D24ED23 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:20:19.0845 5992 TCPIP6 - ok
20:20:19.0907 5992 [ 33A7D83EEB15431773A6E186CFAABA21 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
20:20:19.0954 5992 tcpipreg - ok
20:20:19.0985 5992 [ FFF28F9F6823EB1756C60F1649560BBF ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
20:20:20.0032 5992 tdx - ok
20:20:20.0048 5992 [ 232D185D2337F141311D0CF1983E1431 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
20:20:20.0079 5992 terminpt - ok
20:20:20.0110 5992 [ 2C77831737491F4D684D315B95C62883 ] TermService C:\WINDOWS\System32\termsrv.dll
20:20:20.0173 5992 TermService - ok
20:20:20.0189 5992 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] Themes C:\WINDOWS\system32\themeservice.dll
20:20:20.0251 5992 Themes - ok
20:20:20.0314 5992 [ FD788C2D96EA91469A3C1D13E80D7473 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
20:20:20.0345 5992 THREADORDER - ok
20:20:20.0360 5992 [ 347A3E49CE18402305B8119A6EC7CFEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
20:20:20.0423 5992 TimeBroker - ok
20:20:20.0470 5992 [ 82F909359600D3603FE852DB7F135626 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
20:20:20.0501 5992 TPM - ok
20:20:20.0548 5992 [ C97E14BB6A196B0554D6EB67D8818175 ] TrkWks C:\WINDOWS\System32\trkwks.dll
20:20:20.0579 5992 TrkWks - ok
20:20:20.0626 5992 [ DA56FFA46030E6FEB215E3D5DAA65B11 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:20:20.0673 5992 TrustedInstaller - ok
20:20:20.0704 5992 [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
20:20:20.0751 5992 TsUsbFlt - ok
20:20:20.0767 5992 [ E0088068DCE2EE82897027DDB8E05254 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:20:20.0798 5992 TsUsbGD - ok
20:20:20.0829 5992 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:20:20.0860 5992 tunnel - ok
20:20:20.0876 5992 [ F6EEAD052943B5A3104C1405BB856C54 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
20:20:20.0907 5992 uagp35 - ok
20:20:20.0923 5992 [ FE6067B1FD4E63650C667B33D080565B ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
20:20:20.0954 5992 UASPStor - ok
20:20:20.0970 5992 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
20:20:21.0001 5992 UCX01000 - ok
20:20:21.0017 5992 [ 1EC649F112896FAE33250F0B97AC5D0B ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
20:20:21.0064 5992 udfs - ok
20:20:21.0095 5992 [ 9578691F297E1B1F519970FE6D47CB21 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
20:20:21.0126 5992 UEFI - ok
20:20:21.0142 5992 [ 320878AFECDBBD61BBE98624A6CAAC08 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
20:20:21.0189 5992 UI0Detect - ok
20:20:21.0235 5992 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
20:20:21.0267 5992 uliagpkx - ok
20:20:21.0285 5992 [ DA34C39A18E60E7C3FA0630566408034 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
20:20:21.0311 5992 umbus - ok
20:20:21.0311 5992 [ AE8294875E5446E359B1E8035D40C05E ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
20:20:21.0342 5992 UmPass - ok
20:20:21.0358 5992 [ E3DDF7D43E05784FAA5E042605EEE528 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
20:20:21.0405 5992 UmRdpService - ok
20:20:21.0436 5992 [ 4A2FFDAC45F317E17DF642C7160EB633 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:20:21.0483 5992 upnphost - ok
20:20:21.0514 5992 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:20:21.0545 5992 USBAAPL64 - ok
20:20:21.0577 5992 [ 755A90F1C949B8260D7670AEF6DB4912 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:20:21.0608 5992 usbaudio - ok
20:20:21.0624 5992 [ 433ECDE01A52691FA7ACA51C10C09B70 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
20:20:21.0655 5992 usbccgp - ok
20:20:21.0670 5992 [ B3D6457D841A0CAEF4C52D88621715F2 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
20:20:21.0702 5992 usbcir - ok
20:20:21.0717 5992 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
20:20:21.0749 5992 usbehci - ok
20:20:21.0780 5992 [ 504901430B6E03B99EBB6BF26E0868C6 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
20:20:21.0795 5992 usbfilter - ok
20:20:21.0827 5992 [ DF56C2C04EFA328D7A66B69007130266 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
20:20:21.0874 5992 usbhub - ok
20:20:21.0920 5992 [ C0E33820326199CE3CFD3B9F27F81D99 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
20:20:21.0983 5992 USBHUB3 - ok
20:20:21.0999 5992 [ 3019097FB6C985EF24C058090FF3BDBD ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
20:20:22.0030 5992 usbohci - ok
20:20:22.0045 5992 [ 4D655E3B684BE9B0F7FFD8A2935C348C ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
20:20:22.0077 5992 usbprint - ok
20:20:22.0092 5992 [ F04D164C4168701A4E7835607722E5F1 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:20:22.0139 5992 usbscan - ok
20:20:22.0155 5992 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:20:22.0186 5992 USBSTOR - ok
20:20:22.0217 5992 [ BA4FA655E0FC577DB7436FC963932CE4 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
20:20:22.0249 5992 usbuhci - ok
20:20:22.0264 5992 [ 3B44CB989757428208CCFCC028C13110 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:20:22.0305 5992 USBXHCI - ok
20:20:22.0313 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] VaultSvc C:\WINDOWS\system32\lsass.exe
20:20:22.0345 5992 VaultSvc - ok
20:20:22.0360 5992 [ FEB26E3B8345A7E8D62F945C4AE86562 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
20:20:22.0376 5992 vdrvroot - ok
20:20:22.0423 5992 [ CFBAD6B48EDFAA0828A52646B7C4C08D ] vds C:\WINDOWS\System32\vds.exe
20:20:22.0501 5992 vds - ok
20:20:22.0532 5992 [ A026EDEAA5EECAE0B08E2748B616D4BD ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
20:20:22.0563 5992 VerifierExt - ok
20:20:22.0595 5992 [ 041D3EF364E624DBB2703A64A5AADF89 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
20:20:22.0642 5992 vhdmp - ok
20:20:22.0657 5992 [ 06D38968028E9AB19DE9B618C7B6D199 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
20:20:22.0673 5992 viaide - ok
20:20:22.0688 5992 [ C6305BDFC4F7CE51F72BB072C03D4ACE ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
20:20:22.0720 5992 vmbus - ok
20:20:22.0735 5992 [ DA40BEA0A863CE768C940CA9723BF81F ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
20:20:22.0767 5992 VMBusHID - ok
20:20:22.0798 5992 [ AD15850D7F16D8D9E178D225E2B166BE ] VMC412 C:\WINDOWS\System32\Drivers\VMC412.sys
20:20:22.0845 5992 VMC412 - ok
20:20:22.0892 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:20:22.0923 5992 vmicguestinterface - ok
20:20:22.0938 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
20:20:22.0985 5992 vmicheartbeat - ok
20:20:23.0001 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:20:23.0048 5992 vmickvpexchange - ok
20:20:23.0063 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
20:20:23.0110 5992 vmicrdv - ok
20:20:23.0126 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
20:20:23.0157 5992 vmicshutdown - ok
20:20:23.0173 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
20:20:23.0220 5992 vmictimesync - ok
20:20:23.0220 5992 [ 9067880BBB1C18703DBFF27D731D7ECA ] vmicvss C:\WINDOWS\System32\ICSvc.dll
20:20:23.0267 5992 vmicvss - ok
20:20:23.0298 5992 [ CBA3A54541ED9D2A44802BD5F1A885F1 ] vmuacflt C:\WINDOWS\System32\Drivers\vmuacflt.sys
20:20:23.0330 5992 vmuacflt - ok
20:20:23.0345 5992 [ 55D7D963DE85162F1C49721E502F9744 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
20:20:23.0376 5992 volmgr - ok
20:20:23.0392 5992 [ CCB9E901F7254BF96D28EB1B0E5329B7 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
20:20:23.0439 5992 volmgrx - ok
20:20:23.0455 5992 [ 9F9CE33B50611A1C61A46B8911E0B30B ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
20:20:23.0501 5992 volsnap - ok
20:20:23.0533 5992 [ 01355C98B5C3ED1EC446743CDA848FCE ] vpci C:\WINDOWS\System32\drivers\vpci.sys
20:20:23.0548 5992 vpci - ok
20:20:23.0564 5992 [ 4539F45F9F4C9757A86A56C949421E07 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
20:20:23.0595 5992 vsmraid - ok
20:20:23.0642 5992 [ D51D7EF1EA5ED2BB01E9D07E6E0533BC ] VSS C:\WINDOWS\system32\vssvc.exe
20:20:23.0720 5992 VSS - ok
20:20:23.0751 5992 [ 0849B7260F26FE05EA56DED0672E2F4B ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
20:20:23.0783 5992 VSTXRAID - ok
20:20:23.0798 5992 [ BE970C369E43B509C1EDA2B8FA7CECB0 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
20:20:23.0830 5992 vwifibus - ok
20:20:23.0845 5992 [ 6B26AD573CCDD5209DF4397438B76354 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:20:23.0876 5992 vwififlt - ok
20:20:23.0892 5992 [ 0B48E0DFB44EE475F4FD8A8EE599AF30 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:20:23.0939 5992 vwifimp - ok
20:20:23.0970 5992 [ 7599E582CA3A6AAA95A18FFE1172D339 ] W32Time C:\WINDOWS\system32\w32time.dll
20:20:24.0017 5992 W32Time - ok
20:20:24.0033 5992 [ 0910AB9ED404C1434E2D0376C2AD5D8B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
20:20:24.0064 5992 WacomPen - ok
20:20:24.0095 5992 [ 92BF4B3EBD6F163B94B7A20C65E7B698 ] wbengine C:\WINDOWS\system32\wbengine.exe
20:20:24.0173 5992 wbengine - ok
20:20:24.0205 5992 [ 58F28103889817C93E5B5AFABC87E709 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
20:20:24.0251 5992 WbioSrvc - ok
20:20:24.0267 5992 [ 772365894F14652D376B2E5030179DC9 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
20:20:24.0330 5992 Wcmsvc - ok
20:20:24.0361 5992 [ D2726823DF7E19F213F4805A9D6D145F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
20:20:24.0408 5992 wcncsvc - ok
20:20:24.0439 5992 [ 846C02A8B48CBD921A3D6AB521AA0DC4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:20:24.0486 5992 WcsPlugInService - ok
20:20:24.0486 5992 [ 694B28DE12AD47031FFB4B052662131A ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
20:20:24.0517 5992 WdBoot - ok
20:20:24.0564 5992 [ CB6C63FF8342B467E2EF76E98D5B934D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
20:20:24.0611 5992 Wdf01000 - ok
20:20:24.0642 5992 [ 0B99529A3BECC3528D865DDECB62503B ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
20:20:24.0674 5992 WdFilter - ok
20:20:24.0689 5992 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
20:20:24.0752 5992 WdiServiceHost - ok
20:20:24.0767 5992 [ 40C67D1A4891120874767F6E6604D6C5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
20:20:24.0814 5992 WdiSystemHost - ok
20:20:24.0830 5992 [ 282E7D46310338FF4A6B7680440EB0DA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:20:24.0861 5992 WdNisDrv - ok
20:20:24.0892 5992 WdNisSvc - ok
20:20:24.0908 5992 [ 6588A957873326361AB1CAC4E76F8394 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:20:24.0955 5992 WebClient - ok
20:20:24.0970 5992 [ 3274312F263882B51B964329FAF49734 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
20:20:25.0033 5992 Wecsvc - ok
20:20:25.0049 5992 [ 7CDD84E0023A0C5C230B06A7965EC65E ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
20:20:25.0095 5992 WEPHOSTSVC - ok
20:20:25.0111 5992 [ AA1315B87D9B2E39584165318A59F15D ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
20:20:25.0189 5992 wercplsupport - ok
20:20:25.0189 5992 [ 22B4C24AB921BFF7827FFBCA1F4E1BB3 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
20:20:25.0252 5992 WerSvc - ok
20:20:25.0283 5992 [ 2E3E82D7B1076B90F4E228A8EF17B261 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:20:25.0314 5992 WFPLWFS - ok
20:20:25.0330 5992 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
20:20:25.0361 5992 WiaRpc - ok
20:20:25.0377 5992 [ 867BCC69ED9C31C501465EB0E8BA9DFA ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
20:20:25.0408 5992 WIMMount - ok
20:20:25.0424 5992 WinDefend - ok
20:20:25.0471 5992 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:20:25.0517 5992 WinHttpAutoProxySvc - ok
20:20:25.0549 5992 [ 66C365B542195C1F6E2FF4A7D8F3827C ] WinI2C-DDC C:\WINDOWS\system32\drivers\DDCDrv.sys
20:20:25.0580 5992 WinI2C-DDC - ok
20:20:25.0611 5992 [ 9DB490F3E823C5C3C070644B96CB9D59 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:20:25.0642 5992 Winmgmt - ok
20:20:25.0736 5992 [ 690C3FC5C9DBD6B9AEDF8341EC720E41 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
20:20:25.0830 5992 WinRM - ok
20:20:25.0892 5992 [ AC263C2F66405589528995AA41040599 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:20:25.0924 5992 WinUsb - ok
20:20:26.0017 5992 [ 728D3349FAB251B0265EFA55C67DCA2D ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
20:20:26.0080 5992 WlanSvc - ok
20:20:26.0127 5992 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
20:20:26.0189 5992 wlidsvc - ok
20:20:26.0221 5992 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
20:20:26.0267 5992 WmiAcpi - ok
20:20:26.0299 5992 [ 7AFAC828F52D62F304A911EC32F42EEE ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:20:26.0346 5992 wmiApSrv - ok
20:20:26.0361 5992 WMPNetworkSvc - ok
20:20:26.0424 5992 [ E178371E493BF17EB90FE71ABA8BE643 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
20:20:26.0486 5992 workfolderssvc - ok
20:20:26.0517 5992 [ E746BCDBA2E02CF6B8D6B26FB167FBE0 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:20:26.0549 5992 wpcfltr - ok
20:20:26.0580 5992 [ 4E6A0F60DA7EF050D3D26417CD4D24E9 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
20:20:26.0642 5992 WPCSvc - ok
20:20:26.0658 5992 [ D27491CFCE452C154CECFA155AD0EBC8 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
20:20:26.0705 5992 WPDBusEnum - ok
20:20:26.0721 5992 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:20:26.0752 5992 WpdUpFltr - ok
20:20:26.0767 5992 [ AE072B0339D0A18E455DC21666CAD572 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:20:26.0814 5992 ws2ifsl - ok
20:20:26.0846 5992 [ 5CFA46C4ACB2FD70572017052378DAE5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
20:20:26.0892 5992 wscsvc - ok
20:20:26.0908 5992 WSearch - ok
20:20:26.0971 5992 [ D8E3A4701376CCFD0BE542D745FA4809 ] WSService C:\WINDOWS\System32\WSService.dll
20:20:27.0158 5992 WSService - ok
20:20:27.0174 5992 [ 72B4E9DF6456C43C42A1419B09486045 ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
20:20:27.0205 5992 wsvd - ok
20:20:27.0267 5992 [ 86D0BF4F792053A50D6EE43DFA5837A5 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
20:20:27.0385 5992 wuauserv - ok
20:20:27.0401 5992 [ 2FEAE33E9B2B56104596E1BA444405A9 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
20:20:27.0432 5992 WudfPf - ok
20:20:27.0448 5992 [ 19240C13F526125554B5370566F21A0A ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
20:20:27.0495 5992 WUDFRd - ok
20:20:27.0510 5992 [ 19240C13F526125554B5370566F21A0A ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:20:27.0542 5992 WUDFSensorLP - ok
20:20:27.0557 5992 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
20:20:27.0620 5992 wudfsvc - ok
20:20:27.0635 5992 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:20:27.0667 5992 WUDFWpdFs - ok
20:20:27.0682 5992 [ 19240C13F526125554B5370566F21A0A ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:20:27.0714 5992 WUDFWpdMtp - ok
20:20:27.0729 5992 [ 2FA9794CA36147756F3FDFD6CA29B46F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
20:20:27.0776 5992 WwanSvc - ok
20:20:27.0839 5992 [ C6B289A70A2D36242A2CCAA2715E1747 ] X5XSEx_Pr148 C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
20:20:27.0854 5992 X5XSEx_Pr148 - ok
20:20:27.0870 5992 ================ Scan global ===============================
20:20:27.0901 5992 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\WINDOWS\system32\basesrv.dll
20:20:27.0932 5992 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\WINDOWS\system32\winsrv.dll
20:20:27.0964 5992 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\WINDOWS\system32\sxssrv.dll
20:20:27.0995 5992 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\WINDOWS\system32\services.exe
20:20:27.0995 5992 [Global] - ok
20:20:27.0995 5992 ================ Scan MBR ==================================
20:20:28.0010 5992 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:20:28.0089 5992 \Device\Harddisk0\DR0 - ok
20:20:28.0104 5992 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:20:28.0276 5992 \Device\Harddisk1\DR1 - ok
20:20:28.0276 5992 ================ Scan VBR ==================================
20:20:28.0276 5992 [ AD036DBC1F74D70323310C7201A5B3F0 ] \Device\Harddisk0\DR0\Partition1
20:20:28.0292 5992 \Device\Harddisk0\DR0\Partition1 - ok
20:20:28.0307 5992 [ E5AC8F0E1843D8882A4257BF585334B9 ] \Device\Harddisk0\DR0\Partition2
20:20:28.0307 5992 \Device\Harddisk0\DR0\Partition2 - ok
20:20:28.0307 5992 [ 48E1B56A2D20AFA037E1ACF89B64FF84 ] \Device\Harddisk0\DR0\Partition3
20:20:28.0307 5992 \Device\Harddisk0\DR0\Partition3 - ok
20:20:28.0325 5992 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
20:20:28.0325 5992 \Device\Harddisk0\DR0\Partition4 - ok
20:20:28.0341 5992 [ 3070957AF4D24A86409788AE1F9806E5 ] \Device\Harddisk0\DR0\Partition5
20:20:28.0341 5992 \Device\Harddisk0\DR0\Partition5 - ok
20:20:28.0372 5992 [ 8BA9AD6D3E0EAF7217CBA074CE2728C1 ] \Device\Harddisk0\DR0\Partition6
20:20:28.0404 5992 \Device\Harddisk0\DR0\Partition6 - ok
20:20:28.0435 5992 [ 40FFD140FD89694C31221096C7F3680E ] \Device\Harddisk0\DR0\Partition7
20:20:28.0450 5992 \Device\Harddisk0\DR0\Partition7 - ok
20:20:28.0466 5992 [ 0BE715B8967D4CCCC9842B109DF632C5 ] \Device\Harddisk1\DR1\Partition1
20:20:28.0466 5992 \Device\Harddisk1\DR1\Partition1 - ok
20:20:28.0466 5992 ================ Scan active images ========================
20:20:28.0466 5992 [ FA47B0AA255B7CF4519E995C6404AE22 ] C:\Windows\System32\drivers\crashdmp.sys
20:20:28.0466 5992 C:\Windows\System32\drivers\crashdmp.sys - ok
20:20:28.0482 5992 [ 224C2CB37497472C345CB2A02DF11363 ] C:\Windows\System32\drivers\Diskdump.sys
20:20:28.0482 5992 C:\Windows\System32\drivers\Diskdump.sys - ok
20:20:28.0497 5992 [ 0E6F9683928F99DF16E0E7924E4807D9 ] C:\Windows\System32\drivers\amd_sata.sys
20:20:28.0497 5992 C:\Windows\System32\drivers\amd_sata.sys - ok
20:20:28.0497 5992 [ 05C674A72412E6400D5A2684C867402D ] C:\Windows\System32\drivers\dumpfve.sys
20:20:28.0497 5992 C:\Windows\System32\drivers\dumpfve.sys - ok
20:20:28.0513 5992 [ C6796EA22B513E3457514D92DCDB1A3D ] C:\Windows\System32\drivers\cdrom.sys
20:20:28.0513 5992 C:\Windows\System32\drivers\cdrom.sys - ok
20:20:28.0513 5992 [ 43599E630DFC30AD4E6A2B4B269EB1C0 ] C:\Windows\System32\drivers\aswSnx.sys
20:20:28.0513 5992 C:\Windows\System32\drivers\aswSnx.sys - ok
20:20:28.0528 5992 [ F22DE5F5BA8ADA0A861441B624B51EB5 ] C:\Windows\System32\drivers\aswSP.sys
20:20:28.0528 5992 C:\Windows\System32\drivers\aswSP.sys - ok
20:20:28.0544 5992 [ EF1B290FC9F0E47CC0B537292BEE5904 ] C:\Windows\System32\drivers\null.sys
20:20:28.0544 5992 C:\Windows\System32\drivers\null.sys - ok
20:20:28.0544 5992 [ EC19013E4CF87609534165DF897274D6 ] C:\Windows\System32\drivers\beep.sys
20:20:28.0544 5992 C:\Windows\System32\drivers\beep.sys - ok
20:20:28.0560 5992 [ 2748E116F8621A4DB0D39FCDD7318C01 ] C:\Windows\System32\drivers\BasicRender.sys
20:20:28.0560 5992 C:\Windows\System32\drivers\BasicRender.sys - ok
20:20:28.0560 5992 [ A3D1CB64DF885ACE126543E6D7067348 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:20:28.0560 5992 C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:20:28.0575 5992 [ 602811E8AAE68030C151345C84A0CDAF ] C:\Windows\System32\drivers\watchdog.sys
20:20:28.0575 5992 C:\Windows\System32\drivers\watchdog.sys - ok
20:20:28.0591 5992 [ 8CC7F7E4AFCBA605921B137ED7992C68 ] C:\Windows\System32\drivers\BasicDisplay.sys
20:20:28.0591 5992 C:\Windows\System32\drivers\BasicDisplay.sys - ok
20:20:28.0591 5992 [ 9E167CDB2AEEF7994434543D0543AEEB ] C:\Windows\System32\drivers\dxgmms1.sys
20:20:28.0591 5992 C:\Windows\System32\drivers\dxgmms1.sys - ok
20:20:28.0607 5992 [ D13329FBF8345B28AB30F44CC247DC08 ] C:\Windows\System32\drivers\msfs.sys
20:20:28.0607 5992 C:\Windows\System32\drivers\msfs.sys - ok
20:20:28.0607 5992 [ 8F44A2F57C9F1A19AC9C6288C10FB351 ] C:\Windows\System32\drivers\npfs.sys
20:20:28.0607 5992 C:\Windows\System32\drivers\npfs.sys - ok
20:20:28.0622 5992 [ 3C7361E0A5A6966DB957B94ECF924A9E ] C:\Windows\System32\drivers\tdi.sys
20:20:28.0622 5992 C:\Windows\System32\drivers\tdi.sys - ok
20:20:28.0638 5992 [ FFF28F9F6823EB1756C60F1649560BBF ] C:\Windows\System32\drivers\tdx.sys
20:20:28.0638 5992 C:\Windows\System32\drivers\tdx.sys - ok
20:20:28.0638 5992 [ 679712B7A353EE665B9301592164A172 ] C:\Windows\System32\drivers\aswRdr2.sys
20:20:28.0638 5992 C:\Windows\System32\drivers\aswRdr2.sys - ok
20:20:28.0653 5992 [ 0217532E19A748F0E5D569307363D5FD ] C:\Windows\System32\drivers\netbt.sys
20:20:28.0653 5992 C:\Windows\System32\drivers\netbt.sys - ok
20:20:28.0653 5992 [ 239268BAB58EAE9A3FF4E08334C00451 ] C:\Windows\System32\drivers\afd.sys
20:20:28.0653 5992 C:\Windows\System32\drivers\afd.sys - ok
20:20:28.0669 5992 [ A83D67D347A684F10B7D3019C8A6380C ] C:\Windows\System32\drivers\netbios.sys
20:20:28.0669 5992 C:\Windows\System32\drivers\netbios.sys - ok
20:20:28.0685 5992 [ 8528BB05E4D4E25945F78B00B2555FB7 ] C:\Windows\System32\drivers\pacer.sys
20:20:28.0685 5992 C:\Windows\System32\drivers\pacer.sys - ok
20:20:28.0685 5992 [ 6B26AD573CCDD5209DF4397438B76354 ] C:\Windows\System32\drivers\vwififlt.sys
20:20:28.0685 5992 C:\Windows\System32\drivers\vwififlt.sys - ok
20:20:28.0700 5992 [ CBDB4F0871C88DF930FC0E8588CA67FC ] C:\Windows\System32\drivers\npsvctrig.sys
20:20:28.0700 5992 C:\Windows\System32\drivers\npsvctrig.sys - ok
20:20:28.0700 5992 [ E490B459978CB87779E84C761D22B827 ] C:\Windows\System32\drivers\nsiproxy.sys
20:20:28.0700 5992 C:\Windows\System32\drivers\nsiproxy.sys - ok
20:20:28.0716 5992 [ B939A2A0F9D6C6C186721E268EB6FA93 ] C:\Windows\System32\drivers\rdbss.sys
20:20:28.0716 5992 C:\Windows\System32\drivers\rdbss.sys - ok
20:20:28.0716 5992 [ 315BA4BC19316D72B2E037534E048B93 ] C:\Windows\System32\drivers\dam.sys
20:20:28.0716 5992 C:\Windows\System32\drivers\dam.sys - ok
20:20:28.0732 5992 [ 5DB26D7E0216D0BF364A81D3829AD7B9 ] C:\Windows\System32\drivers\dfsc.sys
20:20:28.0732 5992 C:\Windows\System32\drivers\dfsc.sys - ok
20:20:28.0747 5992 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E ] C:\Windows\System32\drivers\mssmbios.sys
20:20:28.0747 5992 C:\Windows\System32\drivers\mssmbios.sys - ok
20:20:28.0747 5992 [ 8E8E34B7BA059050EED827410D0697A2 ] C:\Windows\System32\drivers\ahcache.sys
20:20:28.0747 5992 C:\Windows\System32\drivers\ahcache.sys - ok
20:20:28.0763 5992 [ 03AAED827C36F35D70900558B8274905 ] C:\Windows\System32\drivers\CompositeBus.sys
20:20:28.0763 5992 C:\Windows\System32\drivers\CompositeBus.sys - ok
20:20:28.0763 5992 [ 813871C7D402A05F2E3A7075F9584A05 ] C:\Windows\System32\drivers\kdnic.sys
20:20:28.0763 5992 C:\Windows\System32\drivers\kdnic.sys - ok
20:20:28.0778 5992 [ DA34C39A18E60E7C3FA0630566408034 ] C:\Windows\System32\drivers\umbus.sys
20:20:28.0778 5992 C:\Windows\System32\drivers\umbus.sys - ok
20:20:28.0794 5992 [ D81C3AAEE50F952A20C3548809CB5CE7 ] C:\Windows\System32\ntdll.dll
20:20:28.0794 5992 C:\Windows\System32\ntdll.dll - ok
20:20:28.0794 5992 [ 89B91AEEE4C0C5D3708C0F177C97B630 ] C:\Windows\System32\smss.exe
20:20:28.0794 5992 C:\Windows\System32\smss.exe - ok
20:20:28.0810 5992 [ A32BCAD9377E3B75D034CAFBA463A0AE ] C:\Windows\System32\drivers\atikmpag.sys
20:20:28.0810 5992 C:\Windows\System32\drivers\atikmpag.sys - ok
20:20:28.0810 5992 [ 37D01B8BC15E263F4405367C9A442824 ] C:\Windows\System32\autochk.exe
20:20:28.0810 5992 C:\Windows\System32\autochk.exe - ok
20:20:28.0825 5992 [ FBB35875FEFE53D4280259842069ED72 ] C:\Windows\System32\drivers\atikmdag.sys
20:20:28.0825 5992 C:\Windows\System32\drivers\atikmdag.sys - ok
20:20:28.0841 5992 [ 03909BDBFF0DCACCABF2B2D4ADEE44DC ] C:\Windows\System32\drivers\hdaudbus.sys
20:20:28.0841 5992 C:\Windows\System32\drivers\hdaudbus.sys - ok
20:20:28.0841 5992 [ 19764658C1468C2C0CEF133D28414A6B ] C:\Windows\System32\drivers\Rt630x64.sys
20:20:28.0841 5992 C:\Windows\System32\drivers\Rt630x64.sys - ok
20:20:28.0857 5992 [ 7C4E0D5900B2A1D11EDD626D6DDB937B ] C:\Windows\System32\drivers\fastfat.sys
20:20:28.0857 5992 C:\Windows\System32\drivers\fastfat.sys - ok
20:20:28.0857 5992 [ 60BCF0F09DD963D0F89F571F9D1EB8C1 ] C:\Windows\System32\drivers\RtsP2Stor.sys
20:20:28.0857 5992 C:\Windows\System32\drivers\RtsP2Stor.sys - ok
20:20:28.0872 5992 [ 3B44CB989757428208CCFCC028C13110 ] C:\Windows\System32\drivers\USBXHCI.SYS
20:20:28.0872 5992 C:\Windows\System32\drivers\USBXHCI.SYS - ok
20:20:28.0888 5992 [ 5D1B430EA11064C56E7C8F84B90DEB6A ] C:\Windows\System32\drivers\UCX01000.SYS
20:20:28.0888 5992 C:\Windows\System32\drivers\UCX01000.SYS - ok
20:20:28.0888 5992 [ 504901430B6E03B99EBB6BF26E0868C6 ] C:\Windows\System32\drivers\usbfilter.sys
20:20:28.0888 5992 C:\Windows\System32\drivers\usbfilter.sys - ok
20:20:28.0903 5992 [ 75428240F81D41B9F8F7CE5DDB07CA0F ] C:\Windows\System32\nsi.dll
20:20:28.0903 5992 C:\Windows\System32\nsi.dll - ok
20:20:28.0919 5992 [ 8ACE1F60D8C4E8209F25BF945A828D96 ] C:\Windows\System32\comdlg32.dll
20:20:28.0919 5992 C:\Windows\System32\comdlg32.dll - ok
20:20:28.0919 5992 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:20:28.0919 5992 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:20:28.0935 5992 [ 3019097FB6C985EF24C058090FF3BDBD ] C:\Windows\System32\drivers\usbohci.sys
20:20:28.0935 5992 C:\Windows\System32\drivers\usbohci.sys - ok
20:20:28.0935 5992 [ 32F2E6BAD9FA8E14B55E97280661801E ] C:\Windows\System32\drivers\usbport.sys
20:20:28.0935 5992 C:\Windows\System32\drivers\usbport.sys - ok
20:20:28.0950 5992 [ 5477D6E27C7D266EF8C152B9A25ADE5E ] C:\Windows\System32\drivers\usbehci.sys
20:20:28.0950 5992 C:\Windows\System32\drivers\usbehci.sys - ok
20:20:28.0966 5992 [ 84CFC5EFA97D0C965EDE1D56F116A541 ] C:\Windows\System32\drivers\i8042prt.sys
20:20:28.0966 5992 C:\Windows\System32\drivers\i8042prt.sys - ok
20:20:28.0966 5992 [ 8BE92376799B6B44D543E8D07CDCF885 ] C:\Windows\System32\drivers\kbdclass.sys
20:20:28.0966 5992 C:\Windows\System32\drivers\kbdclass.sys - ok
20:20:28.0982 5992 [ 2834D9D3B4F554A39C72F00EA3F0E128 ] C:\Windows\System32\drivers\wmiacpi.sys
20:20:28.0982 5992 C:\Windows\System32\drivers\wmiacpi.sys - ok
20:20:28.0982 5992 [ B46D2D89AFF8A9490FA8C98C7A5616E3 ] C:\Windows\System32\drivers\amdppm.sys
20:20:28.0982 5992 C:\Windows\System32\drivers\amdppm.sys - ok
20:20:28.0997 5992 [ 1F58E48EF75F34C35D8E93A0DC535CFE ] C:\Windows\System32\drivers\NdisVirtualBus.sys
20:20:28.0997 5992 C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
20:20:28.0997 5992 [ 9578691F297E1B1F519970FE6D47CB21 ] C:\Windows\System32\drivers\uefi.sys
20:20:28.0997 5992 C:\Windows\System32\drivers\uefi.sys - ok
20:20:29.0013 5992 [ 65EBBB459B66C818E809DD8135DCFFA2 ] C:\Windows\System32\drivers\ks.sys
20:20:29.0013 5992 C:\Windows\System32\drivers\ks.sys - ok
20:20:29.0028 5992 [ 84E0F5D41C138C5CC975137A2A98F6D3 ] C:\Windows\System32\drivers\swenum.sys
20:20:29.0028 5992 C:\Windows\System32\drivers\swenum.sys - ok
20:20:29.0028 5992 [ 6B21EBF892CD8CACB71669B35AB5DE32 ] C:\Windows\System32\drivers\rdpbus.sys
20:20:29.0028 5992 C:\Windows\System32\drivers\rdpbus.sys - ok
20:20:29.0044 5992 [ 447CB6699A8EAD2BC516991738A16277 ] C:\Windows\System32\imagehlp.dll
20:20:29.0044 5992 C:\Windows\System32\imagehlp.dll - ok
20:20:29.0044 5992 [ 142F612FE5988CBDAEF4DA16E38BD080 ] C:\Windows\System32\kernel32.dll
20:20:29.0044 5992 C:\Windows\System32\kernel32.dll - ok
20:20:29.0060 5992 [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC ] C:\Windows\System32\normaliz.dll
20:20:29.0060 5992 C:\Windows\System32\normaliz.dll - ok
20:20:29.0060 5992 [ 450C44450C72E3C75CEFA5E9C8371A23 ] C:\Windows\System32\wow64win.dll
20:20:29.0060 5992 C:\Windows\System32\wow64win.dll - ok
20:20:29.0075 5992 [ CFCDAAA210D62B277A2183F62FEE068F ] C:\Windows\System32\rpcrt4.dll
20:20:29.0075 5992 C:\Windows\System32\rpcrt4.dll - ok
20:20:29.0091 5992 [ AD5CE3C874A6229D4B80F977FAF6EF87 ] C:\Windows\System32\GdiPlus.dll
20:20:29.0091 5992 C:\Windows\System32\GdiPlus.dll - ok
20:20:29.0091 5992 [ 1AEFA4B25F72772F131D760F664ED7E1 ] C:\Windows\System32\difxapi.dll
20:20:29.0091 5992 C:\Windows\System32\difxapi.dll - ok
20:20:29.0107 5992 [ B65523C830308241407F6EBCC6484E70 ] C:\Windows\System32\sechost.dll
20:20:29.0107 5992 C:\Windows\System32\sechost.dll - ok
20:20:29.0107 5992 [ FADE737DEAFE3BF4CFC151AD0F548A47 ] C:\Windows\System32\wow64.dll
20:20:29.0107 5992 C:\Windows\System32\wow64.dll - ok
20:20:29.0122 5992 [ 6F997D98C6A30D79C622811FBAB9119E ] C:\Windows\System32\ws2_32.dll
20:20:29.0122 5992 C:\Windows\System32\ws2_32.dll - ok
20:20:29.0138 5992 [ D84E30C42F76768B2040EB2A32A0F6E3 ] C:\Windows\System32\advapi32.dll
20:20:29.0138 5992 C:\Windows\System32\advapi32.dll - ok
20:20:29.0138 5992 [ 1A811BAFA2114C2FC878507F9F86566C ] C:\Windows\System32\user32.dll
20:20:29.0138 5992 C:\Windows\System32\user32.dll - ok
20:20:29.0153 5992 [ B7564AB4F8A12A16C568F256EC6C429B ] C:\Windows\System32\psapi.dll
20:20:29.0153 5992 C:\Windows\System32\psapi.dll - ok
20:20:29.0153 5992 [ 905A32D35E8CC1F08F040F77B03697FF ] C:\Windows\System32\shlwapi.dll
20:20:29.0153 5992 C:\Windows\System32\shlwapi.dll - ok
20:20:29.0169 5992 [ DACC0040F6BB7F524BAE1D653B9FC329 ] C:\Windows\System32\Wldap32.dll
20:20:29.0169 5992 C:\Windows\System32\Wldap32.dll - ok
20:20:29.0185 5992 [ 179E2B1F19FD949761EEAB36AD5DAB35 ] C:\Windows\System32\msctf.dll
20:20:29.0185 5992 C:\Windows\System32\msctf.dll - ok
20:20:29.0185 5992 [ CC29613C244DA266D40DBACC108FEAB5 ] C:\Windows\System32\wow64cpu.dll
20:20:29.0185 5992 C:\Windows\System32\wow64cpu.dll - ok
20:20:29.0200 5992 [ 74B258D5896FC8F8256E8D03459AC2A2 ] C:\Windows\System32\lpk.dll
20:20:29.0200 5992 C:\Windows\System32\lpk.dll - ok
20:20:29.0200 5992 [ 3E7B2C9026986C821E507A3319EA1D80 ] C:\Windows\System32\combase.dll
20:20:29.0200 5992 C:\Windows\System32\combase.dll - ok
20:20:29.0216 5992 [ DB0F2D3A7561ECC396DF8878674B6DD9 ] C:\Windows\System32\ole32.dll
20:20:29.0216 5992 C:\Windows\System32\ole32.dll - ok
20:20:29.0216 5992 [ 882222A9961418A75A08CB68671679D5 ] C:\Windows\System32\drivers\usbd.sys
20:20:29.0216 5992 C:\Windows\System32\drivers\usbd.sys - ok
20:20:29.0232 5992 [ DF56C2C04EFA328D7A66B69007130266 ] C:\Windows\System32\drivers\usbhub.sys
20:20:29.0232 5992 C:\Windows\System32\drivers\usbhub.sys - ok
20:20:29.0232 5992 [ A4B86A08CEC7841895C817430CB76CE2 ] C:\Windows\System32\clbcatq.dll
20:20:29.0232 5992 C:\Windows\System32\clbcatq.dll - ok
20:20:29.0247 5992 [ 5F9799975EAB95431BF78428B26B4FF6 ] C:\Windows\System32\shell32.dll
20:20:29.0247 5992 C:\Windows\System32\shell32.dll - ok
20:20:29.0263 5992 [ C0E33820326199CE3CFD3B9F27F81D99 ] C:\Windows\System32\drivers\USBHUB3.SYS
20:20:29.0263 5992 C:\Windows\System32\drivers\USBHUB3.SYS - ok
20:20:29.0263 5992 [ B9FC41CEC711DC0E1BFE927EEDC49176 ] C:\Windows\System32\oleaut32.dll
20:20:29.0263 5992 C:\Windows\System32\oleaut32.dll - ok
20:20:29.0278 5992 [ 3103BBAB41F0C75BE6FA302439C9B9D6 ] C:\Windows\System32\drivers\drmk.sys
20:20:29.0278 5992 C:\Windows\System32\drivers\drmk.sys - ok
20:20:29.0278 5992 [ 486F21443BD82029284AE82F238DA44C ] C:\Windows\System32\drivers\portcls.sys
20:20:29.0278 5992 C:\Windows\System32\drivers\portcls.sys - ok
20:20:29.0294 5992 [ 6C7970A8E0546A4D9466E0045C7DB199 ] C:\Windows\System32\drivers\RTKVHD64.sys
20:20:29.0294 5992 C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:20:29.0310 5992 [ 11AFB527AA370B1DAFD5C36F35F6D45F ] C:\Windows\System32\drivers\ksthunk.sys
20:20:29.0310 5992 C:\Windows\System32\drivers\ksthunk.sys - ok
20:20:29.0310 5992 [ C49981A2AD6B2793891075FD514F5728 ] C:\Windows\System32\gdi32.dll
20:20:29.0310 5992 C:\Windows\System32\gdi32.dll - ok
20:20:29.0325 5992 [ 722B699957393AC38AD18C84964EFFA6 ] C:\Windows\System32\setupapi.dll
20:20:29.0325 5992 C:\Windows\System32\setupapi.dll - ok
20:20:29.0325 5992 [ F3A96882598EA84470646C6501917A98 ] C:\Windows\System32\imm32.dll
20:20:29.0325 5992 C:\Windows\System32\imm32.dll - ok
20:20:29.0341 5992 [ 7CE4D5AB5626A26A6E6DFC7397179841 ] C:\Windows\System32\msvcrt.dll
20:20:29.0341 5992 C:\Windows\System32\msvcrt.dll - ok
20:20:29.0357 5992 [ 8D2DF744C20A8960C022BF71505D3B45 ] C:\Windows\System32\cfgmgr32.dll
20:20:29.0357 5992 C:\Windows\System32\cfgmgr32.dll - ok
20:20:29.0357 5992 [ 980CDCBF3EDB80CA20921F2C88260406 ] C:\Windows\System32\comctl32.dll
20:20:29.0357 5992 C:\Windows\System32\comctl32.dll - ok
20:20:29.0372 5992 [ 6EFAF0D87291F9FBD7C0ED3BD56511AA ] C:\Windows\System32\crypt32.dll
20:20:29.0372 5992 C:\Windows\System32\crypt32.dll - ok
20:20:29.0372 5992 [ D13EE1D0B33D2B19C048EFA53DD41A2B ] C:\Windows\System32\KernelBase.dll
20:20:29.0388 5992 C:\Windows\System32\KernelBase.dll - ok
20:20:29.0388 5992 [ 005D1AA28FFAA7FB327842B3CAFF726E ] C:\Windows\System32\drivers\AtihdW86.sys
20:20:29.0388 5992 C:\Windows\System32\drivers\AtihdW86.sys - ok
20:20:29.0403 5992 [ 433ECDE01A52691FA7ACA51C10C09B70 ] C:\Windows\System32\drivers\usbccgp.sys
20:20:29.0403 5992 C:\Windows\System32\drivers\usbccgp.sys - ok
20:20:29.0403 5992 [ C6E1C081C0849E08FECEC18DF73B10C4 ] C:\Windows\System32\drivers\dc3d.sys
20:20:29.0403 5992 C:\Windows\System32\drivers\dc3d.sys - ok
20:20:29.0419 5992 [ 7FFB24B4A54B1ACD46CF6899D879CC9F ] C:\Windows\System32\drivers\hidparse.sys
20:20:29.0419 5992 C:\Windows\System32\drivers\hidparse.sys - ok
20:20:29.0435 5992 [ ADB26481D4D247C1D6986EC45FFDAB53 ] C:\Windows\System32\drivers\hidclass.sys
20:20:29.0435 5992 C:\Windows\System32\drivers\hidclass.sys - ok
20:20:29.0435 5992 [ F31397220D9687E11EB448649AA6E038 ] C:\Windows\System32\drivers\hidusb.sys
20:20:29.0435 5992 C:\Windows\System32\drivers\hidusb.sys - ok
20:20:29.0450 5992 [ FB6E47E569D4872ABEB506BE03A45FBA ] C:\Windows\System32\drivers\kbdhid.sys
20:20:29.0450 5992 C:\Windows\System32\drivers\kbdhid.sys - ok
20:20:29.0450 5992 [ 02D98BF804084E9A0D69D1C69B02CCA9 ] C:\Windows\System32\drivers\mouhid.sys
20:20:29.0450 5992 C:\Windows\System32\drivers\mouhid.sys - ok
20:20:29.0466 5992 [ 520D48ECB54A33821C95EE496A4235AF ] C:\Windows\System32\drivers\point64.sys
20:20:29.0466 5992 C:\Windows\System32\drivers\point64.sys - ok
20:20:29.0482 5992 [ CEAC6D40FE887CE8406C2393CF97DE06 ] C:\Windows\System32\drivers\mouclass.sys
20:20:29.0482 5992 C:\Windows\System32\drivers\mouclass.sys - ok
20:20:29.0482 5992 [ 4628B415A84EA9D4D396A56F1D0CB6C6 ] C:\Windows\System32\drivers\USBSTOR.SYS
20:20:29.0482 5992 C:\Windows\System32\drivers\USBSTOR.SYS - ok
20:20:29.0497 5992 [ AD15850D7F16D8D9E178D225E2B166BE ] C:\Windows\System32\drivers\vmc412.sys
20:20:29.0497 5992 C:\Windows\System32\drivers\vmc412.sys - ok
20:20:29.0497 5992 [ 755A90F1C949B8260D7670AEF6DB4912 ] C:\Windows\System32\drivers\USBAUDIO.sys
20:20:29.0497 5992 C:\Windows\System32\drivers\USBAUDIO.sys - ok
20:20:29.0513 5992 [ CBA3A54541ED9D2A44802BD5F1A885F1 ] C:\Windows\System32\drivers\vmuacflt.sys
20:20:29.0513 5992 C:\Windows\System32\drivers\vmuacflt.sys - ok
20:20:29.0513 5992 [ 05579A2C16277280E0FAD02245B80C2D ] C:\Windows\System32\wintrust.dll
20:20:29.0513 5992 C:\Windows\System32\wintrust.dll - ok
20:20:29.0528 5992 [ 7DA935827BC3F48AE146BA4B2755F1AD ] C:\Windows\System32\msasn1.dll
20:20:29.0528 5992 C:\Windows\System32\msasn1.dll - ok
20:20:29.0544 5992 [ 32F9650CD23F6F36706E9EA23ECCF484 ] C:\Windows\SysWOW64\lpk.dll
20:20:29.0544 5992 C:\Windows\SysWOW64\lpk.dll - ok
20:20:29.0544 5992 [ 00542019B2969529C5E9C68C83BD6F88 ] C:\Windows\SysWOW64\normaliz.dll
20:20:29.0544 5992 C:\Windows\SysWOW64\normaliz.dll - ok
20:20:29.0560 5992 [ 0E0796E3413D38A396B1C1591CE2B72E ] C:\Windows\System32\win32k.sys
20:20:29.0560 5992 C:\Windows\System32\win32k.sys - ok
20:20:29.0575 5992 [ 885901A37E73FA25F3F87A848BA8033F ] C:\Windows\System32\csrsrv.dll
20:20:29.0575 5992 C:\Windows\System32\csrsrv.dll - ok
20:20:29.0575 5992 [ B2D3F07F5E8A13AF988A8B3C0A800880 ] C:\Windows\System32\csrss.exe
20:20:29.0575 5992 C:\Windows\System32\csrss.exe - ok
20:20:29.0591 5992 [ C89780A6F58D113C28A96D85D1261DC5 ] C:\Windows\System32\basesrv.dll
20:20:29.0591 5992 C:\Windows\System32\basesrv.dll - ok
20:20:29.0591 5992 [ 599F1244C60E3D6C28A8DA7FBA7A2C13 ] C:\Windows\System32\winsrv.dll
20:20:29.0591 5992 C:\Windows\System32\winsrv.dll - ok
20:20:29.0607 5992 [ 601589000CC90F0DF8DA2CC254A3CCC9 ] C:\Windows\System32\drivers\monitor.sys
20:20:29.0607 5992 C:\Windows\System32\drivers\monitor.sys - ok
20:20:29.0622 5992 [ 8D3421127B05432B743719C239ABF80F ] C:\Windows\System32\tsddd.dll
20:20:29.0622 5992 C:\Windows\System32\tsddd.dll - ok
20:20:29.0622 5992 [ 9C1833ABD62876856836C5AE55C7CE86 ] C:\Windows\System32\sxssrv.dll
20:20:29.0622 5992 C:\Windows\System32\sxssrv.dll - ok
20:20:29.0638 5992 [ 48CFA7BE561A7BE144C29BB912055016 ] C:\Windows\System32\wininit.exe
20:20:29.0638 5992 C:\Windows\System32\wininit.exe - ok
20:20:29.0653 5992 [ 8ED638461EFFCF584AF5A8C291A2F9DF ] C:\Windows\System32\profapi.dll
20:20:29.0653 5992 C:\Windows\System32\profapi.dll - ok
20:20:29.0653 5992 [ A7B9FCF37B64E878310EC62E6DCB9059 ] C:\Windows\System32\KBDUS.DLL
20:20:29.0653 5992 C:\Windows\System32\KBDUS.DLL - ok
20:20:29.0669 5992 [ 55D0BC5BA19B1BA3A82F75A33828BCC0 ] C:\Windows\System32\wininitext.dll
20:20:29.0669 5992 C:\Windows\System32\wininitext.dll - ok
20:20:29.0669 5992 [ 5EC5EC3A6118227CA3FFD1353BC61344 ] C:\Windows\System32\cdd.dll
20:20:29.0669 5992 C:\Windows\System32\cdd.dll - ok
20:20:29.0685 5992 [ 7C94FDA3809015B8F2208D2E1C221F17 ] C:\Windows\System32\winlogon.exe
20:20:29.0685 5992 C:\Windows\System32\winlogon.exe - ok
20:20:29.0700 5992 [ 1DBC3C3728F7787A36BEDF2DF7E48AB3 ] C:\Windows\System32\powrprof.dll
20:20:29.0700 5992 C:\Windows\System32\powrprof.dll - ok
20:20:29.0700 5992 [ 04F8A9CC544B08634EC932E017434457 ] C:\Windows\System32\winlogonext.dll
20:20:29.0700 5992 C:\Windows\System32\winlogonext.dll - ok
20:20:29.0716 5992 [ 0CC541E39B69E886A5B2083367C17E59 ] C:\Windows\System32\kbdhebl3.dll
20:20:29.0716 5992 C:\Windows\System32\kbdhebl3.dll - ok
20:20:29.0732 5992 [ BC18914CB16B0A7BF5D103A65359FAE4 ] C:\Windows\System32\WlS0WndH.dll
20:20:29.0732 5992 C:\Windows\System32\WlS0WndH.dll - ok
20:20:29.0732 5992 [ BCECD25BCFFE2FC4498374BF2E572DBE ] C:\Windows\System32\sxs.dll
20:20:29.0732 5992 C:\Windows\System32\sxs.dll - ok
20:20:29.0747 5992 [ B83B06508CADBC204B3DAEECC395A571 ] C:\Windows\System32\cryptbase.dll
20:20:29.0747 5992 C:\Windows\System32\cryptbase.dll - ok
20:20:29.0763 5992 [ 876A3E1A4DB8720DF66D653BDBAD3E5D ] C:\Windows\System32\bcryptprimitives.dll
20:20:29.0763 5992 C:\Windows\System32\bcryptprimitives.dll - ok
20:20:29.0763 5992 [ B4B610BBCB002EC478C6FD80CF915697 ] C:\Windows\System32\services.exe
20:20:29.0763 5992 C:\Windows\System32\services.exe - ok
20:20:29.0778 5992 [ F6F209DDB94959BA104FC8FC87C53759 ] C:\Windows\System32\lsass.exe
20:20:29.0778 5992 C:\Windows\System32\lsass.exe - ok
20:20:29.0778 5992 [ 0D85B43A59FB7A63782F6A8969B5BB43 ] C:\Windows\System32\sspisrv.dll
20:20:29.0778 5992 C:\Windows\System32\sspisrv.dll - ok
20:20:29.0794 5992 [ 652D7E7BC8D6A909480FF2BBD0E46210 ] C:\Windows\System32\sspicli.dll
20:20:29.0794 5992 C:\Windows\System32\sspicli.dll - ok
20:20:29.0810 5992 [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648 ] C:\Windows\System32\dabapi.dll
20:20:29.0810 5992 C:\Windows\System32\dabapi.dll - ok
20:20:29.0810 5992 [ 61BAE7A83A8650CFC976E8242CE2E4DE ] C:\Windows\System32\EventAggregation.dll
20:20:29.0810 5992 C:\Windows\System32\EventAggregation.dll - ok
20:20:29.0825 5992 [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC ] C:\Windows\System32\scext.dll
20:20:29.0825 5992 C:\Windows\System32\scext.dll - ok
20:20:29.0841 5992 [ AA9973F611039A02C8D1F71A65F8C775 ] C:\Windows\System32\srvcli.dll
20:20:29.0841 5992 C:\Windows\System32\srvcli.dll - ok
20:20:29.0841 5992 [ 13E04B8546D3F0D9533DA880A3357F12 ] C:\Windows\System32\SPInf.dll
20:20:29.0841 5992 C:\Windows\System32\SPInf.dll - ok
20:20:29.0857 5992 [ E18E9C9EBCFCA456B74BB6A80B1DB226 ] C:\Windows\System32\lsasrv.dll
20:20:29.0857 5992 C:\Windows\System32\lsasrv.dll - ok
20:20:29.0857 5992 [ C0F957C92D21EE003BF57DB6B8E77FE5 ] C:\Windows\System32\samsrv.dll
20:20:29.0857 5992 C:\Windows\System32\samsrv.dll - ok
20:20:29.0872 5992 [ 187926CDEFF85D00FB055FC1CA89C3FB ] C:\Windows\System32\bcrypt.dll
20:20:29.0872 5992 C:\Windows\System32\bcrypt.dll - ok
20:20:29.0888 5992 [ BED41BC388BAF9D31152E9B0B4F88360 ] C:\Windows\System32\ncrypt.dll
20:20:29.0888 5992 C:\Windows\System32\ncrypt.dll - ok
20:20:29.0888 5992 [ 5AF14A9AEB3092F4304F5E5EC4328B67 ] C:\Windows\System32\ntasn1.dll
20:20:29.0888 5992 C:\Windows\System32\ntasn1.dll - ok
20:20:29.0903 5992 [ FF6AE8D9D0F0264656DC55C7F60C1EE5 ] C:\Windows\System32\msprivs.dll
20:20:29.0903 5992 C:\Windows\System32\msprivs.dll - ok
20:20:29.0919 5992 [ EECF7FE667129D5B52B1CCD54CB9EEF2 ] C:\Windows\System32\netjoin.dll
20:20:29.0919 5992 C:\Windows\System32\netjoin.dll - ok
20:20:29.0919 5992 [ 853037685DDFA140E8386BA66A096BF8 ] C:\Windows\System32\cryptdll.dll
20:20:29.0919 5992 C:\Windows\System32\cryptdll.dll - ok
20:20:29.0935 5992 [ 4D1E2DC40048C2E07CE4B2ADEFF6A020 ] C:\Windows\System32\kerberos.dll
20:20:29.0935 5992 C:\Windows\System32\kerberos.dll - ok
20:20:29.0935 5992 [ 7D4665483FF800B8972E517748726AB6 ] C:\Windows\System32\negoexts.dll
20:20:29.0935 5992 C:\Windows\System32\negoexts.dll - ok
20:20:29.0950 5992 [ 51DA757F8E4B7FB3DCB14184304C9328 ] C:\Windows\System32\cryptsp.dll
20:20:29.0950 5992 C:\Windows\System32\cryptsp.dll - ok
20:20:29.0966 5992 [ 896B307E803430F67EC772807F9CC023 ] C:\Windows\System32\mswsock.dll
20:20:29.0966 5992 C:\Windows\System32\mswsock.dll - ok
20:20:29.0966 5992 [ 53DC027553EB54B3F84B07122DEEE0CC ] C:\Windows\System32\msv1_0.dll
20:20:29.0966 5992 C:\Windows\System32\msv1_0.dll - ok
20:20:29.0982 5992 [ E01B8CE6646E055D2B806AE4DD5A1202 ] C:\Windows\System32\netlogon.dll
20:20:29.0982 5992 C:\Windows\System32\netlogon.dll - ok
20:20:29.0997 5992 [ 5A2020DDCCBB0ED08BAC2355A075F303 ] C:\Windows\System32\dnsapi.dll
20:20:29.0997 5992 C:\Windows\System32\dnsapi.dll - ok
20:20:29.0997 5992 [ 66385FE1DDCEA70EDFB25F57C8507D7B ] C:\Windows\System32\logoncli.dll
20:20:29.0997 5992 C:\Windows\System32\logoncli.dll - ok
20:20:30.0013 5992 [ 64E2C7176D189E4A838D04F7C724CAE7 ] C:\Windows\System32\userenv.dll
20:20:30.0013 5992 C:\Windows\System32\userenv.dll - ok
20:20:30.0013 5992 [ 40B10EAB69F4087C60DC21B5C92A4702 ] C:\Windows\System32\TSpkg.dll
20:20:30.0013 5992 C:\Windows\System32\TSpkg.dll - ok
20:20:30.0028 5992 [ C51CF4D9DA57EA894967752090F6E2CF ] C:\Windows\System32\pku2u.dll
20:20:30.0028 5992 C:\Windows\System32\pku2u.dll - ok
20:20:30.0028 5992 [ D617071B11C99CFE5C4BD0FD82C0609C ] C:\Windows\System32\livessp.dll
20:20:30.0028 5992 C:\Windows\System32\livessp.dll - ok
20:20:30.0044 5992 [ 4CB3F50D37FD6CF3282D018011FE6E87 ] C:\Windows\System32\rsaenh.dll
20:20:30.0044 5992 C:\Windows\System32\rsaenh.dll - ok
20:20:30.0060 5992 [ 45E4A2FADA3579F6DC68F2A0998C3419 ] C:\Windows\System32\wdigest.dll
20:20:30.0060 5992 C:\Windows\System32\wdigest.dll - ok
20:20:30.0060 5992 [ 9D27BB60487764A781FE453F9DED8F1F ] C:\Windows\System32\schannel.dll
20:20:30.0060 5992 C:\Windows\System32\schannel.dll - ok
20:20:30.0075 5992 [ A41455649982EE080BE5CA8A72153808 ] C:\Windows\System32\winsta.dll
20:20:30.0075 5992 C:\Windows\System32\winsta.dll - ok
20:20:30.0075 5992 [ 5EBAF77D01D75CAFEF78B47840C75569 ] C:\Windows\System32\efslsaext.dll
20:20:30.0075 5992 C:\Windows\System32\efslsaext.dll - ok
20:20:30.0091 5992 [ 700BB3365D04B1606A03FB1D6B19C138 ] C:\Windows\System32\credssp.dll
20:20:30.0091 5992 C:\Windows\System32\credssp.dll - ok
20:20:30.0091 5992 [ 995F43F02C9C99A895A72AAF8310CFE1 ] C:\Windows\System32\dpapisrv.dll
20:20:30.0091 5992 C:\Windows\System32\dpapisrv.dll - ok
20:20:30.0107 5992 [ 1F1B8D07708E40E54C55B392C78ECCE2 ] C:\Windows\System32\scecli.dll
20:20:30.0107 5992 C:\Windows\System32\scecli.dll - ok
20:20:30.0122 5992 [ 7172D44ED18787964B43146863466672 ] C:\Windows\System32\scesrv.dll
20:20:30.0122 5992 C:\Windows\System32\scesrv.dll - ok
20:20:30.0122 5992 [ 1FCCB71ADD51C919D003DD0D95FB8992 ] C:\Windows\System32\authz.dll
20:20:30.0122 5992 C:\Windows\System32\authz.dll - ok
20:20:30.0138 5992 [ 296823744D624E98A46759AD58911FC3 ] C:\Windows\System32\netutils.dll
20:20:30.0138 5992 C:\Windows\System32\netutils.dll - ok
20:20:30.0138 5992 [ E4CA434F251681590D0538BC21C32D2F ] C:\Windows\System32\svchost.exe
20:20:30.0138 5992 C:\Windows\System32\svchost.exe - ok
20:20:30.0153 5992 [ 752A457320A946E03C3AA86C3ACD735E ] C:\Windows\System32\umpnpmgr.dll
20:20:30.0153 5992 C:\Windows\System32\umpnpmgr.dll - ok
20:20:30.0169 5992 [ 85936A752E6BBE740D9FCF156E1AC5E1 ] C:\Windows\System32\hid.dll
20:20:30.0169 5992 C:\Windows\System32\hid.dll - ok
20:20:30.0169 5992 [ 45F36BBDFD50134488ECA96BB9231818 ] C:\Windows\System32\pcwum.dll
20:20:30.0169 5992 C:\Windows\System32\pcwum.dll - ok
20:20:30.0185 5992 [ 00E08B30E7F7C13ECE2CDF4F46A77311 ] C:\Windows\System32\umpo.dll
20:20:30.0185 5992 C:\Windows\System32\umpo.dll - ok
20:20:30.0185 5992 [ 9FF64147DB9078337C15F41A6043C74F ] C:\Windows\System32\umpoext.dll
20:20:30.0185 5992 C:\Windows\System32\umpoext.dll - ok
20:20:30.0200 5992 [ 2788CA31DD51CF747D9C94772CE93E02 ] C:\Windows\System32\gpapi.dll
20:20:30.0200 5992 C:\Windows\System32\gpapi.dll - ok
20:20:30.0200 5992 [ 3FD5AE42EC87C6F532A931F96BE731DD ] C:\Windows\System32\rpcss.dll
20:20:30.0200 5992 C:\Windows\System32\rpcss.dll - ok
20:20:30.0216 5992 [ D894CBD7DA753C881EE8D5E33B583225 ] C:\Windows\System32\RpcEpMap.dll
20:20:30.0216 5992 C:\Windows\System32\RpcEpMap.dll - ok
20:20:30.0232 5992 [ 0D86DEB93CC1D2B32CAF658439350241 ] C:\Windows\System32\RpcRtRemote.dll
20:20:30.0232 5992 C:\Windows\System32\RpcRtRemote.dll - ok
20:20:30.0232 5992 [ A6207A88B596F726DE558425F3B7E592 ] C:\Windows\System32\bisrv.dll
20:20:30.0232 5992 C:\Windows\System32\bisrv.dll - ok
20:20:30.0247 5992 [ 3260D5308DD9AE069FE4881D65389A84 ] C:\Windows\System32\FirewallAPI.dll
20:20:30.0247 5992 C:\Windows\System32\FirewallAPI.dll - ok
20:20:30.0247 5992 [ B6B69FF200F68888A7FAFDF204D00C91 ] C:\Windows\System32\lsm.dll
20:20:30.0263 5992 C:\Windows\System32\lsm.dll - ok
20:20:30.0263 5992 [ 54A9F4AC86F2A4E7C3ADE47CAE5DE8E0 ] C:\Windows\System32\psmsrv.dll
20:20:30.0263 5992 C:\Windows\System32\psmsrv.dll - ok
20:20:30.0278 5992 [ 9A1175EF7B9E297FDC0ADD33783EF8FF ] C:\Windows\System32\sysntfy.dll
20:20:30.0278 5992 C:\Windows\System32\sysntfy.dll - ok
20:20:30.0278 5992 [ E55B850489F154F85110AE3B436A40D6 ] C:\Windows\System32\wmsgapi.dll
20:20:30.0278 5992 C:\Windows\System32\wmsgapi.dll - ok
20:20:30.0294 5992 [ 0D50F3C3D50B878CEAE21B9BE3F6A638 ] C:\Windows\System32\kernel.appcore.dll
20:20:30.0294 5992 C:\Windows\System32\kernel.appcore.dll - ok
20:20:30.0294 5992 [ 1596DE403BD75918317F724776487262 ] C:\Windows\System32\UXInit.dll
20:20:30.0294 5992 C:\Windows\System32\UXInit.dll - ok
20:20:30.0310 5992 [ 5B19A3ED994EB972FBD99AC18D0AEA13 ] C:\Windows\System32\devobj.dll
20:20:30.0310 5992 C:\Windows\System32\devobj.dll - ok
20:20:30.0325 5992 [ D65B1C952AEB864C2BAC7A770B17ECCE ] C:\Windows\System32\SystemEventsBrokerServer.dll
20:20:30.0325 5992 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
20:20:30.0325 5992 [ CD45E3FE736150D45EFDC9145DA53757 ] C:\Windows\System32\bi.dll
20:20:30.0325 5992 C:\Windows\System32\bi.dll - ok
20:20:30.0341 5992 [ 3BE05B2695179F8F3CF1136544E46A14 ] C:\Windows\System32\uxtheme.dll
20:20:30.0341 5992 C:\Windows\System32\uxtheme.dll - ok
20:20:30.0341 5992 [ 92ABF534E992C61730C24F003BBE192A ] C:\Windows\System32\dpapi.dll
20:20:30.0341 5992 C:\Windows\System32\dpapi.dll - ok
20:20:30.0357 5992 [ F5ED5BA1243201C5078764F916B0387E ] C:\Windows\System32\dab.dll
20:20:30.0357 5992 C:\Windows\System32\dab.dll - ok
20:20:30.0372 5992 [ ABDD2AAA3C3842492FF11D68421D7648 ] C:\Windows\System32\apphelp.dll
20:20:30.0372 5992 C:\Windows\System32\apphelp.dll - ok
20:20:30.0372 5992 [ 5EF604B0698F4FA962778285E8C5F1F2 ] C:\Windows\System32\drivers\luafv.sys
20:20:30.0372 5992 C:\Windows\System32\drivers\luafv.sys - ok
20:20:30.0388 5992 [ B4BBC6E4998042EF21437EED52EC0273 ] C:\Windows\System32\dwm.exe
20:20:30.0388 5992 C:\Windows\System32\dwm.exe - ok
20:20:30.0388 5992 [ 66B54471B5856E314947881E28263A6D ] C:\Windows\System32\atiesrxx.exe
20:20:30.0388 5992 C:\Windows\System32\atiesrxx.exe - ok
20:20:30.0403 5992 [ 0ACC3F49015E628590CA4372322EB46B ] C:\Windows\System32\drivers\aswMonFlt.sys
20:20:30.0403 5992 C:\Windows\System32\drivers\aswMonFlt.sys - ok
20:20:30.0419 5992 [ 8721643ED5447F245762DF0A976AB87A ] C:\Windows\System32\wtsapi32.dll
20:20:30.0419 5992 C:\Windows\System32\wtsapi32.dll - ok
20:20:30.0419 5992 [ 3710A8A7508B36AD96A97CE79E17403E ] C:\Windows\System32\LogonUI.exe
20:20:30.0419 5992 C:\Windows\System32\LogonUI.exe - ok
20:20:30.0435 5992 [ 9FF95D589B5626852CECA2444C5C5A58 ] C:\Windows\System32\authui.dll
20:20:30.0435 5992 C:\Windows\System32\authui.dll - ok
20:20:30.0435 5992 [ 4E905C48CA38770B2C62508E32DB974B ] C:\Windows\System32\dwmcore.dll
20:20:30.0435 5992 C:\Windows\System32\dwmcore.dll - ok
20:20:30.0450 5992 [ 9E5FB30E22B37AC7A2CDB445F6AF71A1 ] C:\Windows\System32\dwmredir.dll
20:20:30.0450 5992 C:\Windows\System32\dwmredir.dll - ok
20:20:30.0466 5992 [ 2F80A4B09F735EA880F4A836232613A2 ] C:\Windows\System32\SHCore.dll
20:20:30.0466 5992 C:\Windows\System32\SHCore.dll - ok
20:20:30.0466 5992 [ 6443D4EC94E47804389F323A272B5DC2 ] C:\Windows\System32\dui70.dll
20:20:30.0466 5992 C:\Windows\System32\dui70.dll - ok
20:20:30.0482 5992 [ 1A818AF9E4AFC277C19082B9B644C5E7 ] C:\Windows\System32\dcomp.dll
20:20:30.0482 5992 C:\Windows\System32\dcomp.dll - ok
20:20:30.0482 5992 [ 534677561FABA42D0EA52E054B8334D4 ] C:\Windows\System32\dwmapi.dll
20:20:30.0482 5992 C:\Windows\System32\dwmapi.dll - ok
20:20:30.0497 5992 [ 5802776C98F842CA255F04067ACBB355 ] C:\Windows\System32\WindowsCodecs.dll
20:20:30.0497 5992 C:\Windows\System32\WindowsCodecs.dll - ok
20:20:30.0513 5992 [ 37A1B06AB3493CB276195B7358A6A805 ] C:\Windows\System32\avrt.dll
20:20:30.0513 5992 C:\Windows\System32\avrt.dll - ok
20:20:30.0513 5992 [ 18102CA0EB09DCFE520E69152590EE93 ] C:\Windows\System32\d3d11.dll
20:20:30.0513 5992 C:\Windows\System32\d3d11.dll - ok
20:20:30.0528 5992 [ 59575523BCA5E8555208621719A32F62 ] C:\Windows\System32\dxgi.dll
20:20:30.0528 5992 C:\Windows\System32\dxgi.dll - ok
20:20:30.0528 5992 [ 389C4E97E3A498159B625A7A13EA4560 ] C:\Windows\System32\d3d10warp.dll
20:20:30.0528 5992 C:\Windows\System32\d3d10warp.dll - ok
20:20:30.0544 5992 [ 35109E2FBC865F881D5DC61684A513FE ] C:\Windows\System32\aticfx64.dll
20:20:30.0544 5992 C:\Windows\System32\aticfx64.dll - ok
20:20:30.0544 5992 [ 3B03178E65E6903328644E329B24D8B2 ] C:\Windows\System32\version.dll
20:20:30.0544 5992 C:\Windows\System32\version.dll - ok
20:20:30.0560 5992 [ A50621AF8812D32B9F83ADF5EDD05275 ] C:\Windows\System32\atiuxp64.dll
20:20:30.0560 5992 C:\Windows\System32\atiuxp64.dll - ok
20:20:30.0560 5992 [ 9F5405BA90DBD4E148FA0FD695145192 ] C:\Windows\System32\atidxx64.dll
20:20:30.0560 5992 C:\Windows\System32\atidxx64.dll - ok
20:20:30.0575 5992 [ 9860C19010CFB3F70DC6EDAEB1F1A5E2 ] C:\Windows\System32\wevtsvc.dll
20:20:30.0575 5992 C:\Windows\System32\wevtsvc.dll - ok
20:20:30.0591 5992 [ 8513A1E7AE4B9DC82C4B4F432C648A58 ] C:\Windows\System32\profsvc.dll
20:20:30.0591 5992 C:\Windows\System32\profsvc.dll - ok
20:20:30.0591 5992 [ 0BDE0FCF597E9B65600121EF54FF8340 ] C:\Windows\System32\gpsvc.dll
20:20:30.0591 5992 C:\Windows\System32\gpsvc.dll - ok
20:20:30.0607 5992 [ 835D33D2EF07743028475486D0BA5696 ] C:\Windows\System32\wevtapi.dll
20:20:30.0607 5992 C:\Windows\System32\wevtapi.dll - ok
20:20:30.0607 5992 [ E5DFD54D2DAA70738F581D1AC74C09CD ] C:\Windows\System32\nlaapi.dll
20:20:30.0607 5992 C:\Windows\System32\nlaapi.dll - ok
20:20:30.0622 5992 [ A5F79CC03396AAC79F79C1368DA08A95 ] C:\Windows\System32\ntdsapi.dll
20:20:30.0622 5992 C:\Windows\System32\ntdsapi.dll - ok
20:20:30.0638 5992 [ C77D967840F17DED03DA4BA9D3C40FDB ] C:\Windows\System32\profsvcext.dll
20:20:30.0638 5992 C:\Windows\System32\profsvcext.dll - ok
20:20:30.0638 5992 [ 070B4DE2729515E9F22E4AAFD7B2497C ] C:\Windows\System32\ntmarta.dll
20:20:30.0638 5992 C:\Windows\System32\ntmarta.dll - ok
20:20:30.0653 5992 [ D60F99ECBFCE0C01BE4C5B06E09435DB ] C:\Windows\System32\atl.dll
20:20:30.0653 5992 C:\Windows\System32\atl.dll - ok
20:20:30.0669 5992 [ BA25717D6694B6C472129AD93893A03D ] C:\Windows\System32\netapi32.dll
20:20:30.0669 5992 C:\Windows\System32\netapi32.dll - ok
20:20:30.0669 5992 [ 2527134BDF1302597BC6E531B3B53D2A ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll
20:20:30.0669 5992 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503\comctl32.dll - ok
20:20:30.0685 5992 [ 05FBE1F7C13E87AF7A414CDF288B1F62 ] C:\Windows\System32\themeservice.dll
20:20:30.0685 5992 C:\Windows\System32\themeservice.dll - ok
20:20:30.0685 5992 [ F71E12EBA575EBD58B499BC7C39D0CD0 ] C:\Windows\System32\wkscli.dll
20:20:30.0685 5992 C:\Windows\System32\wkscli.dll - ok
20:20:30.0700 5992 [ 0341F92E52A8FF814671761179C103FB ] C:\Windows\System32\dsrole.dll
20:20:30.0700 5992 C:\Windows\System32\dsrole.dll - ok
20:20:30.0716 5992 [ 5E47B467A1CD51943C370BF781E1A4F1 ] C:\Windows\System32\taskschd.dll
20:20:30.0716 5992 C:\Windows\System32\taskschd.dll - ok
20:20:30.0716 5992 [ 6C9C1917F2C29AFADDC3DD10F28A9F56 ] C:\Windows\System32\atieclxx.exe
20:20:30.0716 5992 C:\Windows\System32\atieclxx.exe - ok
20:20:30.0732 5992 [ 4C66C21B6244A09DD671485D67D13DB9 ] C:\Windows\System32\duser.dll
20:20:30.0732 5992 C:\Windows\System32\duser.dll - ok
20:20:30.0747 5992 [ 8476172591FC115D931EA8DBBB4733FF ] C:\Windows\System32\SndVolSSO.dll
20:20:30.0747 5992 C:\Windows\System32\SndVolSSO.dll - ok
20:20:30.0747 5992 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3 ] C:\Windows\System32\es.dll
20:20:30.0747 5992 C:\Windows\System32\es.dll - ok
20:20:30.0763 5992 [ A88882E64BDC1D8E8D6E727B71CCCC53 ] C:\Windows\System32\Sens.dll
20:20:30.0763 5992 C:\Windows\System32\Sens.dll - ok
20:20:30.0763 5992 [ 4903CBC14742B5AB4DCF7A92F7DEC483 ] C:\Windows\System32\AudioEndpointBuilder.dll
20:20:30.0763 5992 C:\Windows\System32\AudioEndpointBuilder.dll - ok
20:20:30.0778 5992 [ 183CA7699474FDE235853967D1DA4D9B ] C:\Windows\System32\FntCache.dll
20:20:30.0778 5992 C:\Windows\System32\FntCache.dll - ok
20:20:30.0778 5992 [ FD788C2D96EA91469A3C1D13E80D7473 ] C:\Windows\System32\mmcss.dll
20:20:30.0778 5992 C:\Windows\System32\mmcss.dll - ok
20:20:30.0794 5992 [ BFD87A50EB3C37FABF6B1BB072D850E7 ] C:\Windows\System32\MMDevAPI.dll
20:20:30.0794 5992 C:\Windows\System32\MMDevAPI.dll - ok
20:20:30.0794 5992 [ 529011B16EF71630645DCFD195294332 ] C:\Windows\System32\slc.dll
20:20:30.0810 5992 C:\Windows\System32\slc.dll - ok
20:20:30.0810 5992 [ 949906B18AAE3C6AF975D8E4E9AFEC24 ] C:\Windows\System32\sppc.dll
20:20:30.0810 5992 C:\Windows\System32\sppc.dll - ok
20:20:30.0825 5992 [ EF276593AD1BDF5A99032F62D6272848 ] C:\Windows\System32\audiosrv.dll
20:20:30.0825 5992 C:\Windows\System32\audiosrv.dll - ok
20:20:30.0825 5992 [ C09010B3680860131631F53E8FE7BAD8 ] C:\Windows\System32\drivers\lltdio.sys
20:20:30.0825 5992 C:\Windows\System32\drivers\lltdio.sys - ok
20:20:30.0841 5992 [ CF8B989D89D6807B887690F2CF24EFD9 ] C:\Windows\System32\drivers\nwifi.sys
20:20:30.0841 5992 C:\Windows\System32\drivers\nwifi.sys - ok
20:20:30.0857 5992 [ B832B35055BA2B7B4181861FF94D8E59 ] C:\Windows\System32\drivers\ndisuio.sys
20:20:30.0857 5992 C:\Windows\System32\drivers\ndisuio.sys - ok
20:20:30.0857 5992 [ 3B85C2DC57230C3EA71E2AF88EEB9DEC ] C:\Windows\System32\BCP47Langs.dll
20:20:30.0857 5992 C:\Windows\System32\BCP47Langs.dll - ok
20:20:30.0872 5992 [ 2898E39D1E0CB9074C18988A2F8B73D3 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:20:30.0872 5992 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:20:30.0888 5992 [ 50D1A7BF4F35D3897657EAAFA377369D ] C:\Windows\System32\samlib.dll
20:20:30.0888 5992 C:\Windows\System32\samlib.dll - ok
20:20:30.0888 5992 [ 2D05A5508F4685412F2B89E8C2189ABC ] C:\Windows\System32\drivers\rspndr.sys
20:20:30.0888 5992 C:\Windows\System32\drivers\rspndr.sys - ok
20:20:30.0903 5992 [ 0D12F606DE18A5739AF27F12A32C6A6E ] C:\Windows\System32\IPHLPAPI.DLL
20:20:30.0903 5992 C:\Windows\System32\IPHLPAPI.DLL - ok
20:20:30.0919 5992 [ D113FAD71A5E67AA94B32A0F8828D265 ] C:\Windows\System32\lmhsvc.dll
20:20:30.0919 5992 C:\Windows\System32\lmhsvc.dll - ok
20:20:30.0919 5992 [ DB9657253BD51C172B3262B9CD5463F3 ] C:\Windows\System32\nrpsrv.dll
20:20:30.0919 5992 C:\Windows\System32\nrpsrv.dll - ok
20:20:30.0935 5992 [ 6E2271ED0C3E95B8E29F3752B91B9E84 ] C:\Windows\System32\nsisvc.dll
20:20:30.0935 5992 C:\Windows\System32\nsisvc.dll - ok
20:20:30.0950 5992 [ FD9683552D97156E0C5B948BDABA2569 ] C:\Windows\System32\winnsi.dll
20:20:30.0950 5992 C:\Windows\System32\winnsi.dll - ok
20:20:30.0950 5992 [ 8B107F55FD61654A6C9F1B819AEC5FC4 ] C:\Windows\System32\dhcpcore.dll
20:20:30.0950 5992 C:\Windows\System32\dhcpcore.dll - ok
20:20:30.0966 5992 [ 5BAF7714E68F93515A937A3FA8587EF9 ] C:\Windows\System32\dnsrslvr.dll
20:20:30.0966 5992 C:\Windows\System32\dnsrslvr.dll - ok
20:20:30.0966 5992 [ D381B446466B468D27BF23A7A372D205 ] C:\Windows\System32\cngcredui.dll
20:20:30.0966 5992 C:\Windows\System32\cngcredui.dll - ok
20:20:30.0982 5992 [ 906664AF9FCE80DD4FDA268A3506FF13 ] C:\Windows\System32\DWrite.dll
20:20:30.0982 5992 C:\Windows\System32\DWrite.dll - ok
20:20:30.0997 5992 [ EF5A9D7523E4530D2030D4EA2D90FEC3 ] C:\Windows\System32\uDWM.dll
20:20:30.0997 5992 C:\Windows\System32\uDWM.dll - ok
20:20:30.0997 5992 [ 511238503CDDDCA563BB201EED26E7A0 ] C:\Windows\System32\wcmcsp.dll
20:20:30.0997 5992 C:\Windows\System32\wcmcsp.dll - ok
20:20:31.0013 5992 [ 772365894F14652D376B2E5030179DC9 ] C:\Windows\System32\wcmsvc.dll
20:20:31.0013 5992 C:\Windows\System32\wcmsvc.dll - ok
20:20:31.0028 5992 [ E475BEF9B460F4F678972F88C5FF50D2 ] C:\Windows\System32\wmiclnt.dll
20:20:31.0028 5992 C:\Windows\System32\wmiclnt.dll - ok
20:20:31.0028 5992 [ 1946308C7FF73E4CD47579F34F9F6E1B ] C:\Windows\System32\dhcpcore6.dll
20:20:31.0028 5992 C:\Windows\System32\dhcpcore6.dll - ok
20:20:31.0044 5992 [ D4CFAC89188EC0B887CFFCA7C80E495D ] C:\Windows\System32\dhcpcsvc6.dll
20:20:31.0044 5992 C:\Windows\System32\dhcpcsvc6.dll - ok
20:20:31.0044 5992 [ 728D3349FAB251B0265EFA55C67DCA2D ] C:\Windows\System32\wlansvc.dll
20:20:31.0044 5992 C:\Windows\System32\wlansvc.dll - ok
20:20:31.0060 5992 [ 91E000AE0DA97BE6280376FDD477C476 ] C:\Windows\System32\FWPUCLNT.DLL
20:20:31.0060 5992 C:\Windows\System32\FWPUCLNT.DLL - ok
20:20:31.0060 5992 [ 8D25DE2AC85BC807DC19D4DAF6AA6D27 ] C:\Windows\System32\dnsext.dll
20:20:31.0060 5992 C:\Windows\System32\dnsext.dll - ok
20:20:31.0075 5992 [ D852B5E8CCB3ECB68B99449685CF5163 ] C:\Windows\System32\atiadlxx.dll
20:20:31.0075 5992 C:\Windows\System32\atiadlxx.dll - ok
20:20:31.0091 5992 [ 3378C5241A1FE2F1D34BCC3ABC99F435 ] C:\Windows\System32\dhcpcsvc.dll
20:20:31.0091 5992 C:\Windows\System32\dhcpcsvc.dll - ok
20:20:31.0091 5992 [ 30D839DEBD6B0E89D13B9259C39B3FFA ] C:\Windows\System32\propsys.dll
20:20:31.0091 5992 C:\Windows\System32\propsys.dll - ok
20:20:31.0107 5992 [ E521CCD352373B1825BEA80DEC2B7D97 ] C:\Windows\System32\oleacc.dll
20:20:31.0107 5992 C:\Windows\System32\oleacc.dll - ok
20:20:31.0107 5992 [ A956CC9503FD75F2372A6B673E1C07B2 ] C:\Windows\System32\UIAnimation.dll
20:20:31.0107 5992 C:\Windows\System32\UIAnimation.dll - ok
20:20:31.0122 5992 [ 7E9AFBB34ACF6CDC4D596006CEEC74E5 ] C:\Windows\System32\BioCredProv.dll
20:20:31.0122 5992 C:\Windows\System32\BioCredProv.dll - ok
20:20:31.0138 5992 [ 8BDD004DC92D09CCD1F3922C59983019 ] C:\Windows\System32\winbio.dll
20:20:31.0138 5992 C:\Windows\System32\winbio.dll - ok
20:20:31.0138 5992 [ 813292CC10F625BDAAEA76EABDECD82F ] C:\Windows\System32\winbrand.dll
20:20:31.0138 5992 C:\Windows\System32\winbrand.dll - ok
20:20:31.0153 5992 [ 053472337FDD116BD010C88DB0C34DF1 ] C:\Windows\System32\d2d1.dll
20:20:31.0153 5992 C:\Windows\System32\d2d1.dll - ok
20:20:31.0153 5992 [ 1547E5B7D2EF477D422EBE0FE58508CC ] C:\Windows\System32\AuthExt.dll
20:20:31.0153 5992 C:\Windows\System32\AuthExt.dll - ok
20:20:31.0169 5992 [ F3C88687207F4F75773D288A6D4B61F7 ] C:\Windows\System32\certCredProvider.dll
20:20:31.0169 5992 C:\Windows\System32\certCredProvider.dll - ok
20:20:31.0185 5992 [ 119CE6CF93183EB144F5EA9A4A5A6AB3 ] C:\Windows\System32\rasplap.dll
20:20:31.0185 5992 C:\Windows\System32\rasplap.dll - ok
20:20:31.0185 5992 [ 96F4101AA72C55A7554733A05A797088 ] C:\Windows\System32\wlidcredprov.dll
20:20:31.0185 5992 C:\Windows\System32\wlidcredprov.dll - ok
20:20:31.0200 5992 [ 9543FE667E9709640F1D9852BCF97A17 ] C:\Windows\System32\xmllite.dll
20:20:31.0200 5992 C:\Windows\System32\xmllite.dll - ok
20:20:31.0200 5992 [ 4D8F3CEF04AFF366972ED6411DB2E0E0 ] C:\Windows\System32\rasapi32.dll
20:20:31.0200 5992 C:\Windows\System32\rasapi32.dll - ok
20:20:31.0216 5992 [ 9FB85E37238FEA836E5E6779A93DA461 ] C:\Windows\System32\rasman.dll
20:20:31.0216 5992 C:\Windows\System32\rasman.dll - ok
20:20:31.0232 5992 [ 950E87673E2AE1A536869BCC4E711D67 ] C:\Windows\System32\rtutils.dll
20:20:31.0232 5992 C:\Windows\System32\rtutils.dll - ok
20:20:31.0232 5992 [ FE04048C1D11EEC3FA40982F78CA0178 ] C:\Windows\System32\wlanmsm.dll
20:20:31.0232 5992 C:\Windows\System32\wlanmsm.dll - ok
20:20:31.0247 5992 [ 59C04629522B5815BF39F8A310FD2C81 ] C:\Windows\System32\onex.dll
20:20:31.0247 5992 C:\Windows\System32\onex.dll - ok
20:20:31.0247 5992 [ 8E54F32766CFFC9112800533D721236C ] C:\Windows\System32\wlansec.dll
20:20:31.0247 5992 C:\Windows\System32\wlansec.dll - ok
20:20:31.0263 5992 [ EC2DB85DD72A3506D60B428A36F5E27E ] C:\Windows\System32\NetworkStatus.dll
20:20:31.0263 5992 C:\Windows\System32\NetworkStatus.dll - ok
20:20:31.0278 5992 [ 1CE1F2BBF92DF79CF8638FDA04DB4F10 ] C:\Windows\System32\shacct.dll
20:20:31.0278 5992 C:\Windows\System32\shacct.dll - ok
20:20:31.0278 5992 [ 04B39CF60E0E379D400750DAB02D12DB ] C:\Windows\System32\InputSwitch.dll
20:20:31.0278 5992 C:\Windows\System32\InputSwitch.dll - ok
20:20:31.0294 5992 [ F22BC2C1BD805F874540B7595F0C804D ] C:\Windows\System32\IDStore.dll
20:20:31.0294 5992 C:\Windows\System32\IDStore.dll - ok
20:20:31.0294 5992 [ 46E0F92B51247ECCE5A837D613517182 ] C:\Windows\System32\samcli.dll
20:20:31.0294 5992 C:\Windows\System32\samcli.dll - ok
20:20:31.0310 5992 [ F5946BC89C6D350ADADDA9676DF28CF3 ] C:\Windows\System32\eappprxy.dll
20:20:31.0310 5992 C:\Windows\System32\eappprxy.dll - ok
20:20:31.0310 5992 [ 3B04158DE50AB283B3A5FB5E70C48FB4 ] C:\Windows\System32\wlansvcpal.dll
20:20:31.0310 5992 C:\Windows\System32\wlansvcpal.dll - ok
20:20:31.0325 5992 [ D9D2CC3B8C41B59B1E964D0F89CCA330 ] C:\Windows\System32\msxml6.dll
20:20:31.0325 5992 C:\Windows\System32\msxml6.dll - ok
20:20:31.0341 5992 [ 0DF0FA32C2841537B0610B4179320A3A ] C:\Windows\System32\TetheringIeProvider.dll
20:20:31.0341 5992 C:\Windows\System32\TetheringIeProvider.dll - ok
20:20:31.0351 5992 [ 58F28103889817C93E5B5AFABC87E709 ] C:\Windows\System32\wbiosrvc.dll
20:20:31.0351 5992 C:\Windows\System32\wbiosrvc.dll - ok
20:20:31.0351 5992 [ 9F309FB487DBA2D53EEC8418029D1784 ] C:\Windows\System32\WiFiDisplay.dll
20:20:31.0351 5992 C:\Windows\System32\WiFiDisplay.dll - ok
20:20:31.0367 5992 [ 4607B84C62D4537B0B7D69B217B8A999 ] C:\Windows\System32\wlanapi.dll
20:20:31.0367 5992 C:\Windows\System32\wlanapi.dll - ok
20:20:31.0367 5992 [ 6234321BF60C3CC6D344D3F1B10F0E7C ] C:\Windows\System32\l2gpstore.dll
20:20:31.0367 5992 C:\Windows\System32\l2gpstore.dll - ok
20:20:31.0382 5992 [ 682C1B06C4E00A9DC995E4B2FD626CB2 ] C:\Windows\System32\wlgpclnt.dll
20:20:31.0382 5992 C:\Windows\System32\wlgpclnt.dll - ok
20:20:31.0398 5992 [ 2988ACC988D3FC47447D368CB5450162 ] C:\Windows\System32\wlanhlp.dll
20:20:31.0398 5992 C:\Windows\System32\wlanhlp.dll - ok
20:20:31.0398 5992 [ 4897A55EEBC1D3F6DFEB1CD94C241F48 ] C:\Windows\System32\SubscriptionMgr.dll
20:20:31.0398 5992 C:\Windows\System32\SubscriptionMgr.dll - ok
20:20:31.0414 5992 [ CC42F104172B4A62793083D380867317 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:20:31.0414 5992 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
20:20:31.0414 5992 [ A7316E660E2DAC6D94A3B1D820C3A7F4 ] C:\Windows\SysWOW64\ntdll.dll
20:20:31.0414 5992 C:\Windows\SysWOW64\ntdll.dll - ok
20:20:31.0429 5992 [ D736E64AE79B7650CCFD03F9B7EB1311 ] C:\Windows\SysWOW64\kernel32.dll
20:20:31.0429 5992 C:\Windows\SysWOW64\kernel32.dll - ok
20:20:31.0445 5992 [ 94443607F11CA635408A89F598C16DDD ] C:\Windows\SysWOW64\KernelBase.dll
20:20:31.0445 5992 C:\Windows\SysWOW64\KernelBase.dll - ok
20:20:31.0445 5992 [ 80B7844BF20D44E1789EA6F46FC9CA9B ] C:\Windows\SysWOW64\advapi32.dll
20:20:31.0445 5992 C:\Windows\SysWOW64\advapi32.dll - ok
20:20:31.0461 5992 [ 11E6E18476FEBEAF5C165B7EA3AE3435 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
20:20:31.0461 5992 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
20:20:31.0461 5992 [ 3E29914113EC4B968BA5EB1F6D194A0A ] C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
20:20:31.0461 5992 C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
20:20:31.0476 5992 [ C255ED6DB3110F1441B9D9A620F3D819 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
20:20:31.0476 5992 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
20:20:31.0492 5992 [ 428AF7FA03FF09CE1CD373ABFEBAD8A3 ] C:\Windows\SysWOW64\ws2_32.dll
20:20:31.0492 5992 C:\Windows\SysWOW64\ws2_32.dll - ok
20:20:31.0492 5992 [ 6CB5CFF7F48B8E226523BF2E849AA6E5 ] C:\Windows\SysWOW64\shlwapi.dll
20:20:31.0492 5992 C:\Windows\SysWOW64\shlwapi.dll - ok
20:20:31.0507 5992 [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6 ] C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
20:20:31.0507 5992 C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
20:20:31.0507 5992 [ 6EBA4AA97BA64CEB363C1C8CE12214F9 ] C:\Windows\SysWOW64\msvcrt.dll
20:20:31.0507 5992 C:\Windows\SysWOW64\msvcrt.dll - ok
20:20:31.0523 5992 [ 2294AB089A055F4621FDE40DDFAD4D7E ] C:\Windows\SysWOW64\rpcrt4.dll
20:20:31.0523 5992 C:\Windows\SysWOW64\rpcrt4.dll - ok
20:20:31.0539 5992 [ 3503F1397CB9BEE0D9684A7CA4C1C315 ] C:\Windows\SysWOW64\sechost.dll
20:20:31.0539 5992 C:\Windows\SysWOW64\sechost.dll - ok
20:20:31.0539 5992 [ DB530B4C83DC2439EA2397613C841AF4 ] C:\Windows\SysWOW64\version.dll
20:20:31.0539 5992 C:\Windows\SysWOW64\version.dll - ok
20:20:31.0554 5992 [ 3510BDECCBCCFC97A5238BE65CE1EC42 ] C:\Windows\SysWOW64\wsock32.dll
20:20:31.0554 5992 C:\Windows\SysWOW64\wsock32.dll - ok
20:20:31.0554 5992 [ 52EF8037A22F0EB0083AA29EAC706495 ] C:\Windows\SysWOW64\psapi.dll
20:20:31.0554 5992 C:\Windows\SysWOW64\psapi.dll - ok
20:20:31.0570 5992 [ 9FAC7693213C54B25D0DC48BC20686CF ] C:\Windows\SysWOW64\crypt32.dll
20:20:31.0570 5992 C:\Windows\SysWOW64\crypt32.dll - ok
20:20:31.0570 5992 [ C72456BFFE941714CF05B0AA0BEE5B45 ] C:\Windows\SysWOW64\user32.dll
20:20:31.0570 5992 C:\Windows\SysWOW64\user32.dll - ok
20:20:31.0586 5992 [ E46E5AC5AFF7DB8E39E2405AD6083138 ] C:\Windows\SysWOW64\gdi32.dll
20:20:31.0586 5992 C:\Windows\SysWOW64\gdi32.dll - ok
20:20:31.0601 5992 [ E6C4FC3A95086D8ACAF786D9CF16D855 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
20:20:31.0601 5992 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
20:20:31.0601 5992 [ 0601A49C6C32740BB25FD2AF759F5960 ] C:\Windows\SysWOW64\setupapi.dll
20:20:31.0601 5992 C:\Windows\SysWOW64\setupapi.dll - ok
20:20:31.0617 5992 [ FE99DE976076CC9DFB4DEE863D3128B2 ] C:\Program Files\AVAST Software\Avast\avastIP.dll
20:20:31.0617 5992 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
20:20:31.0617 5992 [ 1211E0DE5744485D555C2C4E9BED8A3E ] C:\Program Files\AVAST Software\Avast\aswCommChannel.dll
20:20:31.0617 5992 C:\Program Files\AVAST Software\Avast\aswCommChannel.dll - ok
20:20:31.0632 5992 [ 99BF6705F6BA20FE6C7B76D5A9ED3AD0 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
20:20:31.0632 5992 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
20:20:31.0648 5992 [ E72577A49FABC5FB4C2B6D3D904EE320 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
20:20:31.0648 5992 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
20:20:31.0648 5992 [ 9C89246184979A070B0C6CCF61C68136 ] C:\Windows\SysWOW64\wininet.dll
20:20:31.0648 5992 C:\Windows\SysWOW64\wininet.dll - ok
20:20:31.0664 5992 [ DD5B2173CFD5A32C66497B5C83D2F38D ] C:\Windows\SysWOW64\ole32.dll
20:20:31.0664 5992 C:\Windows\SysWOW64\ole32.dll - ok
20:20:31.0664 5992 [ A6A82DE8976069DBA0256AE5327110B5 ] C:\Windows\SysWOW64\combase.dll
20:20:31.0664 5992 C:\Windows\SysWOW64\combase.dll - ok
20:20:31.0679 5992 [ 64A5D80882CF405F515A1A1D3F136B6A ] C:\Windows\SysWOW64\nsi.dll
20:20:31.0679 5992 C:\Windows\SysWOW64\nsi.dll - ok
20:20:31.0695 5992 [ 8685F31A9319FB0FA882C736783F5F5E ] C:\Windows\SysWOW64\msasn1.dll
20:20:31.0695 5992 C:\Windows\SysWOW64\msasn1.dll - ok
20:20:31.0695 5992 [ 1CF1F62F2484C996DFB99D511E18D662 ] C:\Windows\SysWOW64\sspicli.dll
20:20:31.0695 5992 C:\Windows\SysWOW64\sspicli.dll - ok
20:20:31.0711 5992 [ A56878CE81935A6E3269C1B1669F9354 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:20:31.0711 5992 C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:20:31.0711 5992 [ ACBA82820AF2B51B31969A0570A993F7 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:20:31.0711 5992 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:20:31.0726 5992 [ 984B3226C7A4CFC9FE91D7BACA133D8D ] C:\Windows\SysWOW64\winhttp.dll
20:20:31.0726 5992 C:\Windows\SysWOW64\winhttp.dll - ok
20:20:31.0742 5992 [ D4E028B34B8069DF1906EB9ADAF285FA ] C:\Windows\SysWOW64\Wldap32.dll
20:20:31.0742 5992 C:\Windows\SysWOW64\Wldap32.dll - ok
20:20:31.0742 5992 [ 34CBED7698D557DDB43F8732FBC2ACB9 ] C:\Windows\SysWOW64\iertutil.dll
20:20:31.0742 5992 C:\Windows\SysWOW64\iertutil.dll - ok
20:20:31.0757 5992 [ C70E652B7D507AAB25208E1602B29B89 ] C:\Windows\SysWOW64\cryptbase.dll
20:20:31.0757 5992 C:\Windows\SysWOW64\cryptbase.dll - ok
20:20:31.0773 5992 [ 3265F568468AB87950342764F6D77E78 ] C:\Windows\SysWOW64\winnsi.dll
20:20:31.0773 5992 C:\Windows\SysWOW64\winnsi.dll - ok
20:20:31.0773 5992 [ 623825C1F07CC2C80C550FBD6CD3E65B ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:20:31.0773 5992 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:20:31.0789 5992 [ 2244C13A861137EE7D518607592C221D ] C:\Windows\System32\Windows.UI.Immersive.dll
20:20:31.0789 5992 C:\Windows\System32\Windows.UI.Immersive.dll - ok
20:20:31.0804 5992 [ B8FA402B238DB49C35CAF711D5BC9843 ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
20:20:31.0804 5992 C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
20:20:31.0804 5992 [ A1FF7DFBFBE164CF92603C651D304DD2 ] C:\Windows\System32\drivers\condrv.sys
20:20:31.0804 5992 C:\Windows\System32\drivers\condrv.sys - ok
20:20:31.0820 5992 [ 626A9EC445D06FBC1502BF53A1E3356B ] C:\Windows\System32\conhost.exe
20:20:31.0820 5992 C:\Windows\System32\conhost.exe - ok
20:20:31.0820 5992 [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
20:20:31.0820 5992 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
20:20:31.0836 5992 [ 4AA086E7596F67076B8BDDB90315F4AF ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
20:20:31.0836 5992 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
20:20:31.0851 5992 [ CDADF961272033E04D9C0B8EB075F840 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
20:20:31.0851 5992 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
20:20:31.0851 5992 [ E0C156E4380CE5C64CFBF2650895038D ] C:\Windows\SysWOW64\shell32.dll
20:20:31.0851 5992 C:\Windows\SysWOW64\shell32.dll - ok
20:20:31.0867 5992 [ 188B2746E1F436B9524BF38806CEF7D0 ] C:\Program Files\AVAST Software\Avast\libeay32.dll
20:20:31.0867 5992 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
20:20:31.0882 5992 [ A5BD16CF06D4ECB6445BFCAC9C0A366F ] C:\Windows\SysWOW64\netapi32.dll
20:20:31.0882 5992 C:\Windows\SysWOW64\netapi32.dll - ok
20:20:31.0882 5992 [ 0E9317A95DD3E678AFCD457DAAD01DA5 ] C:\Windows\SysWOW64\netutils.dll
20:20:31.0882 5992 C:\Windows\SysWOW64\netutils.dll - ok
20:20:31.0898 5992 [ 522BF7088E69948A20DD5C89D359B2C4 ] C:\Windows\SysWOW64\srvcli.dll
20:20:31.0898 5992 C:\Windows\SysWOW64\srvcli.dll - ok
20:20:31.0914 5992 [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9 ] C:\Windows\SysWOW64\wkscli.dll
20:20:31.0914 5992 C:\Windows\SysWOW64\wkscli.dll - ok
20:20:31.0914 5992 [ 9D519CCC49EBEF2AB0F3282C097B141B ] C:\Windows\SysWOW64\cryptsp.dll
20:20:31.0914 5992 C:\Windows\SysWOW64\cryptsp.dll - ok
20:20:31.0929 5992 [ CCE7CC084B49324283C34FC3FFC37044 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
20:20:31.0929 5992 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
20:20:31.0929 5992 [ 6C5E0C9161B814376664444ECB45A3F4 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
20:20:31.0929 5992 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
20:20:31.0945 5992 [ FCA4D9D06C44BA66878DD01D132CD816 ] C:\Windows\SysWOW64\SHCore.dll
20:20:31.0945 5992 C:\Windows\SysWOW64\SHCore.dll - ok
20:20:31.0945 5992 [ CC877931A205C47710456FFEE0BEF29D ] C:\Windows\SysWOW64\profapi.dll
20:20:31.0945 5992 C:\Windows\SysWOW64\profapi.dll - ok
20:20:31.0961 5992 [ 68516BC692B58959933B5029747F2A2A ] C:\Windows\SysWOW64\rsaenh.dll
20:20:31.0961 5992 C:\Windows\SysWOW64\rsaenh.dll - ok
20:20:31.0976 5992 [ B832E4D96463DBF77FC3AC35EC6390B3 ] C:\Windows\SysWOW64\bcrypt.dll
20:20:31.0976 5992 C:\Windows\SysWOW64\bcrypt.dll - ok
20:20:31.0976 5992 [ 1CD1B2F038D2697EA7AA7127551ED429 ] C:\Windows\System32\wlidres.dll
20:20:31.0976 5992 C:\Windows\System32\wlidres.dll - ok
20:20:31.0992 5992 [ 5EC234995AFB7356A8B1A22C9244F243 ] C:\Windows\System32\wuaext.dll
20:20:31.0992 5992 C:\Windows\System32\wuaext.dll - ok
20:20:32.0007 5992 [ 222A7BAFC6CA227452D5FCDC568B8C56 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
20:20:32.0007 5992 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
20:20:32.0007 5992 [ 0D190D8B4B20446BE6299AC734DFADF1 ] C:\Windows\System32\shsvcs.dll
20:20:32.0007 5992 C:\Windows\System32\shsvcs.dll - ok
20:20:32.0023 5992 [ 9BF990B5575B71B44A35D1B3B465D8D0 ] C:\Windows\SysWOW64\rasapi32.dll
20:20:32.0023 5992 C:\Windows\SysWOW64\rasapi32.dll - ok
20:20:32.0023 5992 [ 091D8FB056CE6B0E7CA4A2106B58F216 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
20:20:32.0039 5992 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
20:20:32.0039 5992 [ E1292587DA6B205EB4AAC8D58B3C2F9E ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
20:20:32.0039 5992 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
20:20:32.0054 5992 [ D22B436A7C99A287CAB674F1F8A9FADC ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
20:20:32.0054 5992 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
20:20:32.0054 5992 [ FC9495E0522BB07E3683D75E0332EE1B ] C:\Program Files\AVAST Software\Avast\aswLog.dll
20:20:32.0054 5992 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
20:20:32.0070 5992 [ 5F007FBB81EA22FE437186965AD95A69 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
20:20:32.0070 5992 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
20:20:32.0070 5992 [ 5AA00CDF4892B97C64F3A1E1DE108769 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
20:20:32.0070 5992 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
20:20:32.0086 5992 [ CA74D01029E5AC7DA8824EE2D0449ADA ] C:\Program Files\AVAST Software\Avast\aswAux.dll
20:20:32.0086 5992 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
20:20:32.0101 5992 [ BD91E0E0B09D89E4932DEE4FC23E2BD0 ] C:\Windows\SysWOW64\rasman.dll
20:20:32.0101 5992 C:\Windows\SysWOW64\rasman.dll - ok
20:20:32.0101 5992 [ DFD3F397BE9B1EE411A25DE34B6D58CE ] C:\Windows\SysWOW64\userenv.dll
20:20:32.0101 5992 C:\Windows\SysWOW64\userenv.dll - ok
20:20:32.0117 5992 [ F4992A36DF4FA2ED6C06A0C39516BD24 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
20:20:32.0117 5992 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
20:20:32.0117 5992 [ C386F4A32947092776A8E4EB88BFCD9E ] C:\Windows\System32\fveapi.dll
20:20:32.0117 5992 C:\Windows\System32\fveapi.dll - ok
20:20:32.0132 5992 [ 7913D3236FC4EE7EB28B80361B1737BD ] C:\Windows\System32\bcd.dll
20:20:32.0132 5992 C:\Windows\System32\bcd.dll - ok
20:20:32.0132 5992 [ D50705D14E8C876A47FF14B999B4A6C3 ] C:\Windows\System32\fvecerts.dll
20:20:32.0148 5992 C:\Windows\System32\fvecerts.dll - ok
20:20:32.0148 5992 [ 888A30EAB651502352C18745367FD179 ] C:\Windows\System32\schedsvc.dll
20:20:32.0148 5992 C:\Windows\System32\schedsvc.dll - ok
20:20:32.0164 5992 [ E04863DDDA4D5386895D316B9A26958F ] C:\Windows\System32\ktmw32.dll
20:20:32.0164 5992 C:\Windows\System32\ktmw32.dll - ok
20:20:32.0164 5992 [ 39435F4007F1CEDEF04356892B18D174 ] C:\Windows\System32\ubpm.dll
20:20:32.0164 5992 C:\Windows\System32\ubpm.dll - ok
20:20:32.0179 5992 [ 5B9290D5540BDC461500DB84FC3606F0 ] C:\Windows\System32\CSystemEventsBrokerClient.dll
20:20:32.0179 5992 C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
20:20:32.0179 5992 [ CF4C3815E577C7DC32BB8DB90F0B34C1 ] C:\Windows\SysWOW64\oleaut32.dll
20:20:32.0179 5992 C:\Windows\SysWOW64\oleaut32.dll - ok
20:20:32.0195 5992 [ CDFC746E798A7AEFED4B996F75C9F8E8 ] C:\Windows\SysWOW64\wscisvif.dll
20:20:32.0195 5992 C:\Windows\SysWOW64\wscisvif.dll - ok
20:20:32.0211 5992 [ 68DEABD4CB0CF3920D3B6CCAA36173BC ] C:\Windows\System32\taskcomp.dll
20:20:32.0211 5992 C:\Windows\System32\taskcomp.dll - ok
20:20:32.0211 5992 [ 5D4BE903C0A693DC0CD2D441DBEBAE00 ] C:\Windows\SysWOW64\wscapi.dll
20:20:32.0211 5992 C:\Windows\SysWOW64\wscapi.dll - ok
20:20:32.0226 5992 [ 3502776E366C913D49C0DA928AE3E6CB ] C:\Windows\System32\drivers\http.sys
20:20:32.0226 5992 C:\Windows\System32\drivers\http.sys - ok
20:20:32.0226 5992 [ FE0CB40F36D3FCDD3A1B312EF72C38D5 ] C:\Windows\System32\spoolsv.exe
20:20:32.0226 5992 C:\Windows\System32\spoolsv.exe - ok
20:20:32.0242 5992 [ F34DFDB29CDCF6E9E2CA983BC953BDAB ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswEngin.dll
20:20:32.0242 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswEngin.dll - ok
20:20:32.0257 5992 [ 18C5D1F23F58EB5245CA7437650A7A68 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnIS.dll
20:20:32.0257 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnIS.dll - ok
20:20:32.0257 5992 [ 3F2D6F868680310BB2C77658041312FD ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnOS.dll
20:20:32.0257 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnOS.dll - ok
20:20:32.0273 5992 [ 6468B696C65775D51A06615830E0E79D ] C:\Windows\System32\BFE.DLL
20:20:32.0273 5992 C:\Windows\System32\BFE.DLL - ok
20:20:32.0273 5992 [ AC2B63B7E37EBCFE9BB8FA43D8B620A1 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnBS.dll
20:20:32.0273 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswCmnBS.dll - ok
20:20:32.0289 5992 [ 8E328CD47FF301688A2832BCCA71613D ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswScan.dll
20:20:32.0289 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswScan.dll - ok
20:20:32.0304 5992 [ 08ACE4629632221B2BC9D2374DCDA1C9 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswRep.dll
20:20:32.0304 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswRep.dll - ok
20:20:32.0304 5992 [ 5DAE3F209B5F68F7FA22B573BE5AAD13 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswFiDb.dll
20:20:32.0304 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswFiDb.dll - ok
20:20:32.0320 5992 [ 26C2EE5314A7B6D1D22B864C4C67DC0A ] C:\Program Files\AVAST Software\Avast\defs\14022700\algo.dll
20:20:32.0320 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\algo.dll - ok
20:20:32.0320 5992 [ 6B4FFFDDC618FCF64473CAA86E305697 ] C:\Windows\System32\drivers\bowser.sys
20:20:32.0320 5992 C:\Windows\System32\drivers\bowser.sys - ok
20:20:32.0336 5992 [ F170510BE94CF45E3C6274578F6204B2 ] C:\Windows\System32\drivers\mpsdrv.sys
20:20:32.0336 5992 C:\Windows\System32\drivers\mpsdrv.sys - ok
20:20:32.0351 5992 [ D186C5844393252147BE934F3871DB7A ] C:\Windows\System32\MPSSVC.dll
20:20:32.0351 5992 C:\Windows\System32\MPSSVC.dll - ok
20:20:32.0351 5992 [ 79B6F3DF7CDFD12159871FF71464F0CE ] C:\Windows\System32\drivers\mrxsmb.sys
20:20:32.0351 5992 C:\Windows\System32\drivers\mrxsmb.sys - ok
20:20:32.0367 5992 [ E572557FD4CA855642A0B26CC9F3C788 ] C:\Windows\SysWOW64\secur32.dll
20:20:32.0367 5992 C:\Windows\SysWOW64\secur32.dll - ok
20:20:32.0367 5992 [ 138A81702EEC01DC703541710F801172 ] C:\Windows\SysWOW64\fltLib.dll
20:20:32.0367 5992 C:\Windows\SysWOW64\fltLib.dll - ok
20:20:32.0383 5992 [ 9EE220DEE3DA294D3815E2D4EB56A7D9 ] C:\Windows\SysWOW64\wtsapi32.dll
20:20:32.0383 5992 C:\Windows\SysWOW64\wtsapi32.dll - ok
20:20:32.0398 5992 [ 5878613C2E0EFB4F656DDADC452551B6 ] C:\Windows\SysWOW64\winsta.dll
20:20:32.0398 5992 C:\Windows\SysWOW64\winsta.dll - ok
20:20:32.0398 5992 [ CB46B06B8708DD19CD9FD59E1D42F543 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
20:20:32.0398 5992 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
20:20:32.0414 5992 [ EDE582496D0CADEE35EA2B1076FF19A8 ] C:\Windows\System32\taskhost.exe
20:20:32.0414 5992 C:\Windows\System32\taskhost.exe - ok
20:20:32.0429 5992 [ 1E10B23560C34A90A0FA6ECD26E8565F ] C:\Windows\System32\ProximityService.dll
20:20:32.0429 5992 C:\Windows\System32\ProximityService.dll - ok
20:20:32.0429 5992 [ 02C6DF84328E271C3F844E477CB25169 ] C:\Windows\System32\ProximityServicePal.dll
20:20:32.0429 5992 C:\Windows\System32\ProximityServicePal.dll - ok
20:20:32.0445 5992 [ 02E72187BE9329E4D9255BC5AE6D8286 ] C:\Windows\System32\ProximityCommon.dll
20:20:32.0445 5992 C:\Windows\System32\ProximityCommon.dll - ok
20:20:32.0445 5992 [ 1EE65FEAA57FBC2050AE153D07C8DC3F ] C:\Windows\System32\ProximityCommonPal.dll
20:20:32.0445 5992 C:\Windows\System32\ProximityCommonPal.dll - ok
20:20:32.0461 5992 [ AAF56E4E84D35411B4E446C445732DFE ] C:\Windows\System32\drivers\mrxsmb20.sys
20:20:32.0461 5992 C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:20:32.0461 5992 [ 9B95FCB49595A869F27034916382FE57 ] C:\Windows\System32\adhapi.dll
20:20:32.0461 5992 C:\Windows\System32\adhapi.dll - ok
20:20:32.0476 5992 [ D0D9C2ECA4D03A8F06DCD91236B90C98 ] C:\Windows\System32\wkssvc.dll
20:20:32.0476 5992 C:\Windows\System32\wkssvc.dll - ok
20:20:32.0492 5992 [ 098A6AC9EC3D8958F2404073E488945A ] C:\Windows\System32\netcfgx.dll
20:20:32.0492 5992 C:\Windows\System32\netcfgx.dll - ok
20:20:32.0492 5992 [ BA0655E1856A16A14C9BC1FB27B111B9 ] C:\Windows\System32\TpmTasks.dll
20:20:32.0492 5992 C:\Windows\System32\TpmTasks.dll - ok
20:20:32.0508 5992 [ 0D0CD1020D821F4D2AC95280213D2F2E ] C:\Windows\System32\aepic.dll
20:20:32.0508 5992 C:\Windows\System32\aepic.dll - ok
20:20:32.0508 5992 [ D1A3B6C2F8F39EC7F75D03740A8112A1 ] C:\Windows\System32\tbs.dll
20:20:32.0508 5992 C:\Windows\System32\tbs.dll - ok
20:20:32.0523 5992 [ 9DF590DEA96B6756CF8D73C2525797BE ] C:\Windows\System32\wfapigp.dll
20:20:32.0523 5992 C:\Windows\System32\wfapigp.dll - ok
20:20:32.0539 5992 [ B362181ED3771DC03B4141927C80F801 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:32.0539 5992 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:20:32.0539 5992 [ E947B141DAAC7CBCD7C59FE2E63AFBBE ] C:\Windows\SysWOW64\wintrust.dll
20:20:32.0539 5992 C:\Windows\SysWOW64\wintrust.dll - ok
20:20:32.0554 5992 [ F2629AF810E939672173CB17ECAC1667 ] C:\Windows\System32\MrmCoreR.dll
20:20:32.0554 5992 C:\Windows\System32\MrmCoreR.dll - ok
20:20:32.0554 5992 [ 22874047B810B5B174C68ACD7C0B6510 ] C:\Windows\System32\urlmon.dll
20:20:32.0554 5992 C:\Windows\System32\urlmon.dll - ok
20:20:32.0570 5992 [ 6300AD525D639CECBB3D144B6D7B30F9 ] C:\Windows\System32\iertutil.dll
20:20:32.0570 5992 C:\Windows\System32\iertutil.dll - ok
20:20:32.0570 5992 [ 263B6E451526A90FF8B1CEC759F22956 ] C:\Windows\System32\wininet.dll
20:20:32.0570 5992 C:\Windows\System32\wininet.dll - ok
20:20:32.0586 5992 [ 770D71782A90BE9C48C4310C5C35E25B ] C:\Windows\System32\sfc_os.dll
20:20:32.0586 5992 C:\Windows\System32\sfc_os.dll - ok
20:20:32.0601 5992 [ 03CC7C6D00212DF6D6CB5C93432410ED ] C:\Windows\System32\UIAutomationCore.dll
20:20:32.0601 5992 C:\Windows\System32\UIAutomationCore.dll - ok
20:20:32.0601 5992 [ 059D36ABEC9F2D3F677B8EA9240405CD ] C:\Windows\System32\batmeter.dll
20:20:32.0601 5992 C:\Windows\System32\batmeter.dll - ok
20:20:32.0617 5992 [ 4BF0AEF9854A36EBD6D82C60A554E24E ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
20:20:32.0617 5992 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
20:20:32.0617 5992 [ F95F97F8CF42EDAAFC7B86D6D78558B2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
20:20:32.0617 5992 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
20:20:32.0633 5992 [ 80B19A5E8AE27EB09D670BD313C2ACB0 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
20:20:32.0633 5992 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
20:20:32.0648 5992 [ D229F8699331DE4F5E812CEC5701031D ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:20:32.0648 5992 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:20:32.0648 5992 [ 8F36F399F9EFBA4FA7B6A4E5305817EA ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:20:32.0648 5992 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:20:32.0664 5992 [ 31D858C6F1C453AF516343758A4B2C69 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
20:20:32.0664 5992 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll - ok
20:20:32.0664 5992 [ 62E1D84B1A1B3F805C31699B1F27BB3D ] C:\Windows\SysWOW64\netshell.dll
20:20:32.0664 5992 C:\Windows\SysWOW64\netshell.dll - ok
20:20:32.0679 5992 [ 740BD903F77DA36EF89EC3C472BDEBA8 ] C:\Windows\SysWOW64\wlanapi.dll
20:20:32.0679 5992 C:\Windows\SysWOW64\wlanapi.dll - ok
20:20:32.0695 5992 [ AA21423B380157AFAA2F82E96D910E0F ] C:\Windows\SysWOW64\kernel.appcore.dll
20:20:32.0695 5992 C:\Windows\SysWOW64\kernel.appcore.dll - ok
20:20:32.0695 5992 [ F604350906CE4E3F67D81384566DE3E4 ] C:\Windows\SysWOW64\nlaapi.dll
20:20:32.0695 5992 C:\Windows\SysWOW64\nlaapi.dll - ok
20:20:32.0711 5992 [ A7DDBD5DA334F3BA342EB828012FD1A5 ] C:\Windows\SysWOW64\clbcatq.dll
20:20:32.0711 5992 C:\Windows\SysWOW64\clbcatq.dll - ok
20:20:32.0711 5992 [ A00AC770F2CBF9D75C22D7A9CB7C1E1C ] C:\Program Files\AVAST Software\Avast\aswJSScan.dll
20:20:32.0711 5992 C:\Program Files\AVAST Software\Avast\aswJSScan.dll - ok
20:20:32.0726 5992 [ 87223BE782994EFAC825F2E21108BEA7 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
20:20:32.0726 5992 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
20:20:32.0742 5992 [ A76A00A5244DA1CE40DE8BFBAD1E2C4E ] C:\Windows\SysWOW64\samcli.dll
20:20:32.0742 5992 C:\Windows\SysWOW64\samcli.dll - ok
20:20:32.0742 5992 [ BA247631B40720DAEA89BEFAA4632EB6 ] C:\Windows\System32\PhotoMetadataHandler.dll
20:20:32.0742 5992 C:\Windows\System32\PhotoMetadataHandler.dll - ok
20:20:32.0758 5992 [ FEDDCB3D44D556840B399E09DF18056F ] C:\Program Files\AVAST Software\Avast\defs\14022700\swhealthex.dll
20:20:32.0758 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\swhealthex.dll - ok
20:20:32.0773 5992 [ 998FFD2EDC85F4FB1FED94FEEE37CB46 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
20:20:32.0773 5992 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
20:20:32.0773 5992 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
20:20:32.0773 5992 C:\Windows\System32\msvcp100.dll - ok
20:20:32.0789 5992 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
20:20:32.0789 5992 C:\Windows\System32\msvcr100.dll - ok
20:20:32.0804 5992 [ 5D306463535067E4E275C12B678311AF ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
20:20:32.0804 5992 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
20:20:32.0804 5992 [ 61808C6BD3AAE01938B684A3C835069C ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
20:20:32.0804 5992 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
20:20:32.0820 5992 [ F518545E5B7623AD49ABE7F8776EFA46 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:20:32.0820 5992 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:20:32.0820 5992 [ 2C0A8B0B4CB11F3F61090B5CB3ADEAA8 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
20:20:32.0820 5992 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
20:20:32.0836 5992 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
20:20:32.0836 5992 C:\Windows\SysWOW64\msvcp100.dll - ok
20:20:32.0851 5992 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
20:20:32.0851 5992 C:\Windows\SysWOW64\msvcr100.dll - ok
20:20:32.0851 5992 [ 29158B1DC3F86D4B0D6A127FE586ADFF ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:20:32.0851 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:20:32.0867 5992 [ AC867DEC5E0E12BA342BF9B00D93F2B6 ] C:\Windows\System32\Windows.Globalization.dll
20:20:32.0867 5992 C:\Windows\System32\Windows.Globalization.dll - ok
20:20:32.0883 5992 [ 461299398E15909598B7002B3FAABCE8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:20:32.0883 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:20:32.0883 5992 [ B18663FEBCDF060FCD182CBE1C1C6F1A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:20:32.0883 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:20:32.0898 5992 [ 8EAEB0ED23A98DE0F0C812D756E47CE9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
20:20:32.0898 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:20:32.0898 5992 [ 5760B2B5BAA3449C045B6FA222205F60 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
20:20:32.0898 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:20:32.0914 5992 [ EA6C35EBF9F3ED65724E1D65F09E6E7F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
20:20:32.0914 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
20:20:32.0929 5992 [ BCE7DD8098CE6DD28EE2B0D5D5028B47 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
20:20:32.0929 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:20:32.0929 5992 [ 922563953E405AA9762F90778B711F77 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
20:20:32.0929 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:20:32.0945 5992 [ 8A606C90276DCAC67F3D45A0A235ECD6 ] C:\Windows\SysWOW64\winmm.dll
20:20:32.0945 5992 C:\Windows\SysWOW64\winmm.dll - ok
20:20:32.0945 5992 [ 54023DF1A9A7D481B4762B09ECCA330F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll
20:20:32.0945 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll - ok
20:20:32.0961 5992 [ B232087914F1D97B79B712AF4CBF4AEF ] C:\Windows\SysWOW64\winmmbase.dll
20:20:32.0961 5992 C:\Windows\SysWOW64\winmmbase.dll - ok
20:20:32.0976 5992 [ E494AC90229C06ADB8ACC8D20A3F27CB ] C:\Windows\SysWOW64\devobj.dll
20:20:32.0976 5992 C:\Windows\SysWOW64\devobj.dll - ok
20:20:32.0976 5992 [ 3452419032093CAB86ED6F5885B01F89 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:20:32.0976 5992 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:20:32.0992 5992 [ 78B5B7A7932CFED6BE0DE992D8D94746 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:20:32.0992 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:20:33.0008 5992 [ 3095D55353A22224E7972F9B552AA69D ] C:\Windows\System32\msftedit.dll
20:20:33.0008 5992 C:\Windows\System32\msftedit.dll - ok
20:20:33.0008 5992 [ 1E8C23B0C11090FFCB42679289855451 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll
20:20:33.0008 5992 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll - ok
20:20:33.0023 5992 [ D2D08C4A5EAFE12CEF7D48BC5A3CCED5 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll
20:20:33.0023 5992 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll - ok
20:20:33.0023 5992 [ 7A1BAB2BDCF59A506588DDF58ED43E21 ] C:\Windows\System32\globinputhost.dll
20:20:33.0023 5992 C:\Windows\System32\globinputhost.dll - ok
20:20:33.0039 5992 [ 6A5C1EA6E0B31B168FDE21A1FDC078C2 ] C:\Windows\System32\msimg32.dll
20:20:33.0039 5992 C:\Windows\System32\msimg32.dll - ok
20:20:33.0054 5992 [ BE455F14E0E0028F3CF8B91308AD1A59 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
20:20:33.0054 5992 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
20:20:33.0054 5992 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
20:20:33.0054 5992 C:\Windows\SysWOW64\dnssd.dll - ok
20:20:33.0070 5992 [ 5B4FF009D24F73F6FC6EB4870A789843 ] C:\Windows\SysWOW64\mswsock.dll
20:20:33.0070 5992 C:\Windows\SysWOW64\mswsock.dll - ok
20:20:33.0070 5992 [ 775965CF80FA406DEF00A1415372E82A ] C:\Windows\System32\ninput.dll
20:20:33.0070 5992 C:\Windows\System32\ninput.dll - ok
20:20:33.0086 5992 [ 9C8E85B318BE2619170D7A9D684CDFB5 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:20:33.0086 5992 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:20:33.0086 5992 [ 725AB72D5DD462F2EDAF1A6C59C8CFB5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
20:20:33.0086 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:20:33.0101 5992 [ 7F5061210C2B7A91F4B58602DFE32E6C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:20:33.0101 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:20:33.0117 5992 [ 4EDB186C455CDEADA24A708AAB884AE3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
20:20:33.0117 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:20:33.0117 5992 [ 57A6362D71B5003C48EE21F2DBB624B1 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
20:20:33.0117 5992 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:20:33.0133 5992 [ F2E8CEFC8CF4D6454F4121C5FF93136A ] C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE
20:20:33.0133 5992 C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BBSvc.EXE - ok
20:20:33.0148 5992 [ 8491F03503076D67196436D29D153A2C ] C:\Windows\SysWOW64\msi.dll
20:20:33.0148 5992 C:\Windows\SysWOW64\msi.dll - ok
20:20:33.0148 5992 [ 9CB652EAE0AB5EB27DD0B589D4A0D345 ] C:\Windows\SysWOW64\SensApi.dll
20:20:33.0148 5992 C:\Windows\SysWOW64\SensApi.dll - ok
20:20:33.0164 5992 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
20:20:33.0164 5992 C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:20:33.0164 5992 [ 0EFE4B5884A8032617826A4D76F80969 ] C:\Windows\System32\cryptsvc.dll
20:20:33.0164 5992 C:\Windows\System32\cryptsvc.dll - ok
20:20:33.0179 5992 [ 6AB51A84C2400F1346CCD6B65766DDCD ] C:\Windows\System32\cryptcatsvc.dll
20:20:33.0179 5992 C:\Windows\System32\cryptcatsvc.dll - ok
20:20:33.0195 5992 [ ED8901D9AF4023CAD4738D3A4DF9645B ] C:\Windows\System32\crypttpmeksvc.dll
20:20:33.0195 5992 C:\Windows\System32\crypttpmeksvc.dll - ok
20:20:33.0195 5992 [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7 ] C:\Windows\System32\vssapi.dll
20:20:33.0195 5992 C:\Windows\System32\vssapi.dll - ok
20:20:33.0211 5992 [ 2B9EED6835D269F35B310DC03D0F5768 ] C:\Windows\SysWOW64\dnsapi.dll
20:20:33.0211 5992 C:\Windows\SysWOW64\dnsapi.dll - ok
20:20:33.0211 5992 [ 941EDC6791A09356EEBEC309C1633CA2 ] C:\Windows\System32\vsstrace.dll
20:20:33.0211 5992 C:\Windows\System32\vsstrace.dll - ok
20:20:33.0226 5992 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
20:20:33.0226 5992 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
20:20:33.0226 5992 [ B6C010F42053ED92E421EE5476E10645 ] C:\Windows\SysWOW64\rasadhlp.dll
20:20:33.0226 5992 C:\Windows\SysWOW64\rasadhlp.dll - ok
20:20:33.0242 5992 [ AF6B7381C18DBCE4FEB296FA5441AE0D ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:20:33.0242 5992 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:20:33.0242 5992 [ EAE8F2C2053792DBDA6227923C044D68 ] C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
20:20:33.0242 5992 C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe - ok
20:20:33.0258 5992 [ 2A857CCAFE18B1D396484AC9CC0B9B80 ] C:\Windows\System32\mscoree.dll
20:20:33.0258 5992 C:\Windows\System32\mscoree.dll - ok
20:20:33.0273 5992 [ CC6AE7509ED274E0D904B60537BADDD4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
20:20:33.0273 5992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
20:20:33.0273 5992 [ 8BEF7E7E6477489F85F467DC8AAEFC05 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
20:20:33.0273 5992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
20:20:33.0289 5992 [ 88028A645052327CE652A4CFCA16DBC9 ] C:\Windows\SysWOW64\apphelp.dll
20:20:33.0289 5992 C:\Windows\SysWOW64\apphelp.dll - ok
20:20:33.0304 5992 [ E6633716EE2AC06BCB4A58FF993015F3 ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
20:20:33.0304 5992 C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
20:20:33.0304 5992 [ BCDEA07CD91EF85BBCC869DF4906C8C1 ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
20:20:33.0304 5992 C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
20:20:33.0320 5992 [ 3D7B4D033FE80A86B1FC530A03A53754 ] C:\Windows\SysWOW64\msimg32.dll
20:20:33.0320 5992 C:\Windows\SysWOW64\msimg32.dll - ok
20:20:33.0320 5992 [ 8325177BBD77C2DAD43ED031A4EAE843 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll
20:20:33.0320 5992 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09\comctl32.dll - ok
20:20:33.0336 5992 [ 2C95C9CB5DA80E779BF8A1C0ACD803A3 ] C:\Windows\SysWOW64\uxtheme.dll
20:20:33.0336 5992 C:\Windows\SysWOW64\uxtheme.dll - ok
20:20:33.0336 5992 [ 8FE3ADBB0BA2C6818D90FA12B976A8D5 ] C:\Windows\SysWOW64\oledlg.dll
20:20:33.0351 5992 C:\Windows\SysWOW64\oledlg.dll - ok
20:20:33.0351 5992 [ 204A549F6AA4DC2F4CAF371FAA16747A ] C:\Windows\SysWOW64\oleacc.dll
20:20:33.0351 5992 C:\Windows\SysWOW64\oleacc.dll - ok
20:20:33.0367 5992 [ 73752F6A4E766AAE97C03C85DD322308 ] C:\Windows\SysWOW64\powrprof.dll
20:20:33.0367 5992 C:\Windows\SysWOW64\powrprof.dll - ok
20:20:33.0367 5992 [ 61DD8DB0E175F31EE83CA5C5A556E508 ] C:\Windows\SysWOW64\GdiPlus.dll
20:20:33.0367 5992 C:\Windows\SysWOW64\GdiPlus.dll - ok
20:20:33.0383 5992 [ A49453C2A68A410B0A9801954B99AA16 ] C:\Windows\SysWOW64\imm32.dll
20:20:33.0383 5992 C:\Windows\SysWOW64\imm32.dll - ok
20:20:33.0398 5992 [ 2850EDC032C59C7673246BF8B1D301BC ] C:\Windows\SysWOW64\winspool.drv
20:20:33.0398 5992 C:\Windows\SysWOW64\winspool.drv - ok
20:20:33.0398 5992 [ A973AAC70312A0ABA7801BA4E38B96D7 ] C:\Windows\SysWOW64\comdlg32.dll
20:20:33.0398 5992 C:\Windows\SysWOW64\comdlg32.dll - ok
20:20:33.0414 5992 [ 88F8095C355E6BA4ACCBF2F3E07552E7 ] C:\Windows\SysWOW64\msctf.dll
20:20:33.0414 5992 C:\Windows\SysWOW64\msctf.dll - ok
20:20:33.0414 5992 [ D69139606B4DCF4399DCD6DC6B19B52D ] C:\Windows\System32\msvcr120_clr0400.dll
20:20:33.0429 5992 C:\Windows\System32\msvcr120_clr0400.dll - ok
20:20:33.0429 5992 [ 98B0FCF48B4B910E3160728FC48D3E15 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll
20:20:33.0429 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\1c4f23e80bd4b68fb3f56bdb16dbb647\mscorlib.ni.dll - ok
20:20:33.0445 5992 [ 02D2A49F6F3C3C0257ECBA8C06E47887 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswAR.dll
20:20:33.0445 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswAR.dll - ok
20:20:33.0445 5992 [ 0752E49C9A4311C9C04CC1D4E571B025 ] C:\Program Files\AVAST Software\Avast\defs\14022700\aswRawFS.dll
20:20:33.0445 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\aswRawFS.dll - ok
20:20:33.0461 5992 [ B2EBC679512A580B74F095E18738D907 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
20:20:33.0461 5992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
20:20:33.0476 5992 [ 2F2FC5E089D9A91E675817DFB0F78ADB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll
20:20:33.0476 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\12a9441955ada5ecaf8c97b8b10d9201\System.ni.dll - ok
20:20:33.0476 5992 [ 610C3BA3E10CD2A7DB741FBE061ED093 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll
20:20:33.0476 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\f3c0cdd1a50bb94384842fe39f729887\System.ServiceProcess.ni.dll - ok
20:20:33.0492 5992 [ D4E522C78B262827479FF27EF4B9A903 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll
20:20:33.0492 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\fea2f8a826ae196534065b33fdaca702\System.Core.ni.dll - ok
20:20:33.0508 5992 [ 661E67B6CF3FC779622A7C706AF4A7A5 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\2f37302bc5207c239d9902ca05b45b87\System.ServiceModel.ni.dll
20:20:33.0508 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\2f37302bc5207c239d9902ca05b45b87\System.ServiceModel.ni.dll - ok
20:20:33.0508 5992 [ 521ED020A6708FECA2473AF00B73FC4D ] C:\Windows\System32\dimsjob.dll
20:20:33.0508 5992 C:\Windows\System32\dimsjob.dll - ok
20:20:33.0523 5992 [ 5CEC21295040B8FA8F26CB07D650954D ] C:\Windows\System32\netprofm.dll
20:20:33.0523 5992 C:\Windows\System32\netprofm.dll - ok
20:20:33.0523 5992 [ 0BC71D4D3B5883903C37BF4E13B0F0C5 ] C:\Windows\System32\das.dll
20:20:33.0523 5992 C:\Windows\System32\das.dll - ok
20:20:33.0539 5992 [ 281BEE07BA97E3E98D12A822D923D0D8 ] C:\Windows\System32\dps.dll
20:20:33.0539 5992 C:\Windows\System32\dps.dll - ok
20:20:33.0539 5992 [ 425E22D9F5C01616AFC92987791B19E9 ] C:\Windows\SysWOW64\svchost.exe
20:20:33.0539 5992 C:\Windows\SysWOW64\svchost.exe - ok
20:20:33.0554 5992 [ E58C37EB5CB0E57947EEC56B697EDBBC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\62bc4afa618599caabca9da3cde9e7ca\SMDiagnostics.ni.dll
20:20:33.0554 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\62bc4afa618599caabca9da3cde9e7ca\SMDiagnostics.ni.dll - ok
20:20:33.0570 5992 [ CD95892713570725F4CBBA99F07CDDF2 ] C:\Windows\System32\dasHost.exe
20:20:33.0570 5992 C:\Windows\System32\dasHost.exe - ok
20:20:33.0570 5992 [ EE281DD6843F3F697C1AD7933EEB1E9B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
20:20:33.0570 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll - ok
20:20:33.0586 5992 [ DEA2F976E7327716AA0038EBF550003A ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:20:33.0586 5992 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe - ok
20:20:33.0586 5992 [ DF14559B0F039E3BF23A4B9334132401 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll
20:20:33.0586 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\d638c61f174d826289707884c0f2b48f\System.Configuration.ni.dll - ok
20:20:33.0601 5992 [ F52DA6F31C7F197520ACC89F512CE848 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll
20:20:33.0601 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddcmn.dll - ok
20:20:33.0617 5992 [ 5433EE6EE9AD64B8D45729815221866B ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll
20:20:33.0617 5992 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll - ok
20:20:33.0617 5992 [ 1397A34A5220FE2658C9A2F0EDB45FE2 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\c75126b22324f0defb554f96e9a466bb\System.ServiceModel.Internals.ni.dll
20:20:33.0617 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\c75126b22324f0defb554f96e9a466bb\System.ServiceModel.Internals.ni.dll - ok
20:20:33.0633 5992 [ 45566BEAE514B157C3AC821EBE6A8784 ] C:\Windows\System32\winspool.drv
20:20:33.0633 5992 C:\Windows\System32\winspool.drv - ok
20:20:33.0648 5992 [ 6AA868B3C2A014AE76ECF53B667BF086 ] C:\Windows\System32\winmm.dll
20:20:33.0648 5992 C:\Windows\System32\winmm.dll - ok
20:20:33.0648 5992 [ F12D8EB9E944BEB0FB4C5E4F1336401B ] C:\Windows\System32\winmmbase.dll
20:20:33.0648 5992 C:\Windows\System32\winmmbase.dll - ok
20:20:33.0664 5992 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:20:33.0664 5992 C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:20:33.0664 5992 [ D66BCEA2916397F62F6EA2BA5191BA28 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll
20:20:33.0664 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\c7628024429c2d82a3fabcc43b193e36\System.Xml.ni.dll - ok
20:20:33.0679 5992 [ 97E5D62965DE167388B9C5D08665FE43 ] C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
20:20:33.0679 5992 C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe - ok
20:20:33.0695 5992 [ E372BBF897005442ECEB7843CEB394D2 ] C:\Windows\System32\rasadhlp.dll
20:20:33.0695 5992 C:\Windows\System32\rasadhlp.dll - ok
20:20:33.0695 5992 [ 72D406DD434AD782CE32B5DEC0F8C14B ] C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll
20:20:33.0695 5992 C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RsCRLib.dll - ok
20:20:33.0711 5992 [ 444E6E871B992C8665BDD682BA294522 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7aff7773a067dd551ea971df8030f45a\System.Runtime.Serialization.ni.dll
20:20:33.0711 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\7aff7773a067dd551ea971df8030f45a\System.Runtime.Serialization.ni.dll - ok
20:20:33.0711 5992 [ F4919DE524DEE12DB0027E4D9A353B3B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\0b4da38fbada9eb21f89af3aa631dd8b\System.ServiceModel.Web.ni.dll
20:20:33.0711 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servf73e6522#\0b4da38fbada9eb21f89af3aa631dd8b\System.ServiceModel.Web.ni.dll - ok
20:20:33.0726 5992 [ 5C42A41CEEFBFFD6AA4F84B2EFFADB25 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Net.Http\3c606a6355863e205592698f310498db\System.Net.Http.ni.dll
20:20:33.0726 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Net.Http\3c606a6355863e205592698f310498db\System.Net.Http.ni.dll - ok
20:20:33.0742 5992 [ 53F983565134C592B0A8DFD074D9F38C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\df5e57cafab8e301e01682b98f6d6cc7\System.IdentityModel.ni.dll
20:20:33.0742 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\df5e57cafab8e301e01682b98f6d6cc7\System.IdentityModel.ni.dll - ok
20:20:33.0742 5992 [ 7F0CAAAE7892D8FF702676F0045AA195 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servae423458#\feec1da78df48e5b77004c6e51b60c64\System.ServiceModel.Discovery.ni.dll
20:20:33.0742 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servae423458#\feec1da78df48e5b77004c6e51b60c64\System.ServiceModel.Discovery.ni.dll - ok
20:20:33.0758 5992 [ 589DBCBC569A0536010D854928D10EA1 ] C:\Windows\System32\httpapi.dll
20:20:33.0758 5992 C:\Windows\System32\httpapi.dll - ok
20:20:33.0773 5992 [ 473A57E8FD8D080C213EA2E2E6DB6C36 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll
20:20:33.0773 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\1a12af41b5744d9b770dbdde358933b7\System.Transactions.ni.dll - ok
20:20:33.0773 5992 [ 21BDA757C27D923985E11118F18800A7 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv14259fd9#\eaf4cdf9e2792f278f2e2feb20b82322\System.ServiceModel.Activities.ni.dll
20:20:33.0773 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv14259fd9#\eaf4cdf9e2792f278f2e2feb20b82322\System.ServiceModel.Activities.ni.dll - ok
20:20:33.0789 5992 [ D6AE16663985EA7E81E17A1A810AC547 ] C:\Windows\SysWOW64\ntmarta.dll
20:20:33.0789 5992 C:\Windows\SysWOW64\ntmarta.dll - ok
20:20:33.0804 5992 [ 295771B092D4F7FCF2B62F80CCD14320 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:20:33.0804 5992 C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:20:33.0804 5992 [ 5A072F0B90C29C5233D78BE33EF5ED78 ] C:\Windows\System32\drivers\Ndu.sys
20:20:33.0804 5992 C:\Windows\System32\drivers\Ndu.sys - ok
20:20:33.0820 5992 [ 2334DC48997BA203B794DF3EE70521DB ] C:\Windows\System32\HPZinw12.dll
20:20:33.0820 5992 C:\Windows\System32\HPZinw12.dll - ok
20:20:33.0820 5992 [ BEA61BAC330230D3B1340F29A2312DD2 ] C:\Windows\System32\wsock32.dll
20:20:33.0820 5992 C:\Windows\System32\wsock32.dll - ok
20:20:33.0836 5992 [ FC91D7804B8FE5C2F0B12585C612F592 ] C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
20:20:33.0836 5992 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe - ok
20:20:33.0851 5992 [ 3A280F3B3C7A46E29C404ACD46ECBF5E ] C:\Windows\System32\nlasvc.dll
20:20:33.0851 5992 C:\Windows\System32\nlasvc.dll - ok
20:20:33.0851 5992 [ E58B2EA7B004184E229854A3D1C00CBB ] C:\Windows\System32\localspl.dll
20:20:33.0851 5992 C:\Windows\System32\localspl.dll - ok
20:20:33.0867 5992 [ 21D28C3448983A072B907E9BAC93D223 ] C:\Windows\SysWOW64\NLSSRV32.EXE
20:20:33.0867 5992 C:\Windows\SysWOW64\NLSSRV32.EXE - ok
20:20:33.0867 5992 [ 380AA537624F698F4C51C55806D30E69 ] C:\Windows\System32\ncsi.dll
20:20:33.0867 5992 C:\Windows\System32\ncsi.dll - ok
20:20:33.0883 5992 [ DD079EC8F44DCA3A176B345C6ADEFB66 ] C:\Windows\System32\winhttp.dll
20:20:33.0883 5992 C:\Windows\System32\winhttp.dll - ok
20:20:33.0898 5992 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD ] C:\Windows\System32\pcasvc.dll
20:20:33.0898 5992 C:\Windows\System32\pcasvc.dll - ok
20:20:33.0898 5992 [ 4F1E771801EED912FB37CEB838F8F153 ] C:\Windows\System32\PrintIsolationProxy.dll
20:20:33.0898 5992 C:\Windows\System32\PrintIsolationProxy.dll - ok
20:20:33.0914 5992 [ 024A5FF9EB31F7D1E98E1167D28C6781 ] C:\Windows\System32\spoolss.dll
20:20:33.0914 5992 C:\Windows\System32\spoolss.dll - ok
20:20:33.0914 5992 [ BA50CC0BD19004AAB88BE37338B6FA0D ] C:\Windows\System32\drivers\PEAuth.sys
20:20:33.0914 5992 C:\Windows\System32\drivers\PEAuth.sys - ok
20:20:33.0929 5992 [ 64362206C83D3C300E37267118D5936B ] C:\Windows\System32\FXSMON.dll
20:20:33.0929 5992 C:\Windows\System32\FXSMON.dll - ok
20:20:33.0945 5992 [ E2B08D19F5F3BDD73A6F046E2B371A41 ] C:\Windows\System32\HPZLLWN7.DLL
20:20:33.0945 5992 C:\Windows\System32\HPZLLWN7.DLL - ok
20:20:33.0945 5992 [ 90B06AD0BA271ABDD56A77040B39C525 ] C:\Windows\System32\ssdpapi.dll
20:20:33.0945 5992 C:\Windows\System32\ssdpapi.dll - ok
20:20:33.0961 5992 [ 82B1F0C029A2882417E699C3A75C6AA1 ] C:\Windows\System32\nitrolocalmon2.dll
20:20:33.0961 5992 C:\Windows\System32\nitrolocalmon2.dll - ok
20:20:33.0961 5992 [ 70179FFB5487A8A2BB4A1AB1B22219E6 ] C:\Windows\System32\tcpmon.dll
20:20:33.0961 5992 C:\Windows\System32\tcpmon.dll - ok
20:20:33.0976 5992 [ 3B17ED08AD8C86A1C6407CEE7CCF446B ] C:\Windows\System32\snmpapi.dll
20:20:33.0976 5992 C:\Windows\System32\snmpapi.dll - ok
20:20:33.0992 5992 [ 91F658373C97A1A2633690730B05C081 ] C:\Windows\System32\wsnmp32.dll
20:20:33.0992 5992 C:\Windows\System32\wsnmp32.dll - ok
20:20:33.0992 5992 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] C:\Windows\System32\HPZipm12.dll
20:20:33.0992 5992 C:\Windows\System32\HPZipm12.dll - ok
20:20:34.0008 5992 [ 9BE4639FD1A3F8A9FECFE958D7B04F9A ] C:\Windows\System32\usbmon.dll
20:20:34.0008 5992 C:\Windows\System32\usbmon.dll - ok
20:20:34.0008 5992 [ 48B5A62750FC3E3E8733106FB7E2DF0F ] C:\Windows\System32\WSDMon.dll
20:20:34.0008 5992 C:\Windows\System32\WSDMon.dll - ok
20:20:34.0023 5992 [ 76C6058F3702751BD8C669AE9714238A ] C:\Windows\System32\hotspotauth.dll
20:20:34.0023 5992 C:\Windows\System32\hotspotauth.dll - ok
20:20:34.0039 5992 [ 96EFEC24346A8EB1157E80523079ADDC ] C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
20:20:34.0039 5992 C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe - ok
20:20:34.0039 5992 [ 50D9949020E02B847CD48F1243FCB895 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
20:20:34.0039 5992 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
20:20:34.0054 5992 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
20:20:34.0054 5992 C:\Windows\System32\drivers\secdrv.sys - ok
20:20:34.0054 5992 [ 7206E0063F3F083A934E8808506F125C ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
20:20:34.0054 5992 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
20:20:34.0070 5992 [ 77195C32175FC63D6054EBA5A066D727 ] C:\Windows\System32\drivers\srvnet.sys
20:20:34.0070 5992 C:\Windows\System32\drivers\srvnet.sys - ok
20:20:34.0086 5992 [ 33A7D83EEB15431773A6E186CFAABA21 ] C:\Windows\System32\drivers\tcpipreg.sys
20:20:34.0086 5992 C:\Windows\System32\drivers\tcpipreg.sys - ok
20:20:34.0086 5992 [ E45DA7CBBA34510C8B9473AD7D4FFD0B ] C:\Windows\System32\sysmain.dll
20:20:34.0086 5992 C:\Windows\System32\sysmain.dll - ok
20:20:34.0101 5992 [ D638904FE86A5FE542A1BA13A9D68E5C ] C:\Windows\System32\wiaservc.dll
20:20:34.0101 5992 C:\Windows\System32\wiaservc.dll - ok
20:20:34.0101 5992 [ C6B289A70A2D36242A2CCAA2715E1747 ] C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys
20:20:34.0101 5992 C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.sys - ok
20:20:34.0117 5992 [ 9DB490F3E823C5C3C070644B96CB9D59 ] C:\Windows\System32\wbem\WMIsvc.dll
20:20:34.0117 5992 C:\Windows\System32\wbem\WMIsvc.dll - ok
20:20:34.0117 5992 [ C1AE59C0B0817236EC083A91C396005A ] C:\Windows\System32\drivers\srv2.sys
20:20:34.0117 5992 C:\Windows\System32\drivers\srv2.sys - ok
20:20:34.0133 5992 [ 527429623E2A20C53DB246C51E6F2726 ] C:\Windows\System32\wbemcomn.dll
20:20:34.0133 5992 C:\Windows\System32\wbemcomn.dll - ok
20:20:34.0148 5992 [ 2B78788A1485F9B99A578A299DF42C02 ] C:\Windows\System32\drivers\srv.sys
20:20:34.0148 5992 C:\Windows\System32\drivers\srv.sys - ok
20:20:34.0148 5992 [ 27B58E16CF895AC1F1A97C04814C2239 ] C:\Windows\System32\srvsvc.dll
20:20:34.0148 5992 C:\Windows\System32\srvsvc.dll - ok
20:20:34.0164 5992 [ C97E14BB6A196B0554D6EB67D8818175 ] C:\Windows\System32\trkwks.dll
20:20:34.0164 5992 C:\Windows\System32\trkwks.dll - ok
20:20:34.0164 5992 [ DFC4050D58565ADBEE793A8D4AEBDAE6 ] C:\Windows\System32\iphlpsvc.dll
20:20:34.0164 5992 C:\Windows\System32\iphlpsvc.dll - ok
20:20:34.0179 5992 [ 6E49FFDFBAC4AC6CB45238C67E3E15F2 ] C:\Windows\System32\wiatrace.dll
20:20:34.0179 5992 C:\Windows\System32\wiatrace.dll - ok
20:20:34.0195 5992 [ 1B8B4F73EE08B5A6EC5A70C96DA90667 ] C:\Windows\System32\adhsvc.dll
20:20:34.0195 5992 C:\Windows\System32\adhsvc.dll - ok
20:20:34.0195 5992 [ 70DAA70A39D15868A0DDEDC46B7A823F ] C:\Windows\System32\httpprxm.dll
20:20:34.0195 5992 C:\Windows\System32\httpprxm.dll - ok
20:20:34.0211 5992 [ 056A7F991CCBDACB5A132419FA244C3E ] C:\Windows\System32\mi.dll
20:20:34.0211 5992 C:\Windows\System32\mi.dll - ok
20:20:34.0211 5992 [ 830445350C7CDEC426FA5E1F9E1B0DAD ] C:\Windows\System32\sscore.dll
20:20:34.0211 5992 C:\Windows\System32\sscore.dll - ok
20:20:34.0226 5992 [ 3A8A50121A2600AEC63E4713AF6F25E7 ] C:\Windows\System32\sscoreext.dll
20:20:34.0226 5992 C:\Windows\System32\sscoreext.dll - ok
20:20:34.0242 5992 [ 536175601D6FDA57917D18D21476915A ] C:\Windows\System32\wsdchngr.dll
20:20:34.0242 5992 C:\Windows\System32\wsdchngr.dll - ok
20:20:34.0242 5992 [ 415EE38FA22E6489ED95D0C0F1560BD8 ] C:\Windows\System32\deviceassociation.dll
20:20:34.0242 5992 C:\Windows\System32\deviceassociation.dll - ok
20:20:34.0258 5992 [ 16BF6ADAED1427A7AF08125DD14BA52C ] C:\Windows\System32\fdPnp.dll
20:20:34.0258 5992 C:\Windows\System32\fdPnp.dll - ok
20:20:34.0258 5992 [ B801371569B9E310BBD068E21D486F1A ] C:\Windows\System32\fundisc.dll
20:20:34.0258 5992 C:\Windows\System32\fundisc.dll - ok
20:20:34.0273 5992 [ E8E50E7703204AE06C6B5FEFE2F701E7 ] C:\Windows\System32\miutils.dll
20:20:34.0273 5992 C:\Windows\System32\miutils.dll - ok
20:20:34.0289 5992 [ 582ED9A6D0B34F2F55607562FDA263E9 ] C:\Windows\System32\sqmapi.dll
20:20:34.0289 5992 C:\Windows\System32\sqmapi.dll - ok
20:20:34.0289 5992 [ C8E0E78B5D284C2FF59BDFFDAF997242 ] C:\Windows\System32\drivers\tunnel.sys
20:20:34.0289 5992 C:\Windows\System32\drivers\tunnel.sys - ok
20:20:34.0304 5992 [ 6E98157791491AEBF64B1392293E48A7 ] C:\Windows\System32\nci.dll
20:20:34.0304 5992 C:\Windows\System32\nci.dll - ok
20:20:34.0320 5992 [ 5FE61B0E223FAC7316526A7B588E9F2D ] C:\Windows\System32\wdscore.dll
20:20:34.0320 5992 C:\Windows\System32\wdscore.dll - ok
20:20:34.0320 5992 [ CB79FA82A5D7CEAAA804EF15E87CC6D2 ] C:\Windows\System32\webservices.dll
20:20:34.0320 5992 C:\Windows\System32\webservices.dll - ok
20:20:34.0336 5992 [ 8E2B57DA0ED837DB04030157A6C112CE ] C:\Windows\System32\WSDApi.dll
20:20:34.0336 5992 C:\Windows\System32\WSDApi.dll - ok
20:20:34.0351 5992 [ EF4C4EA376D172D966AB31388B3B63B6 ] C:\Windows\System32\drvstore.dll
20:20:34.0351 5992 C:\Windows\System32\drvstore.dll - ok
20:20:34.0351 5992 [ 07106140D0596D785328DEFE0297166A ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
20:20:34.0351 5992 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
20:20:34.0367 5992 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
20:20:34.0367 5992 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
20:20:34.0367 5992 [ EB1910FCBC61A478E07FCB59487B56AD ] C:\Windows\System32\win32spl.dll
20:20:34.0367 5992 C:\Windows\System32\win32spl.dll - ok
20:20:34.0383 5992 [ BE0FC6BFE7181F8621B2BD572658A83E ] C:\Windows\System32\inetpp.dll
20:20:34.0383 5992 C:\Windows\System32\inetpp.dll - ok
20:20:34.0398 5992 [ E9286577AD0D3BE9158DCE178A879123 ] C:\Windows\System32\devrtl.dll
20:20:34.0398 5992 C:\Windows\System32\devrtl.dll - ok
20:20:34.0398 5992 [ AB8DC63BB90A2A3DE13B38D8B64B4DC6 ] C:\Windows\System32\cscapi.dll
20:20:34.0398 5992 C:\Windows\System32\cscapi.dll - ok
20:20:34.0414 5992 [ 38DF4E3D3559F58793E70ED8093A6F2B ] C:\Windows\System32\wmidcom.dll
20:20:34.0414 5992 C:\Windows\System32\wmidcom.dll - ok
20:20:34.0429 5992 [ 0F9594CB8B35FAF12825285415414F85 ] C:\Windows\System32\clusapi.dll
20:20:34.0429 5992 C:\Windows\System32\clusapi.dll - ok
20:20:34.0429 5992 [ 66F78ECB93F16BBDA095D9EA71CD712B ] C:\Windows\System32\resutils.dll
20:20:34.0429 5992 C:\Windows\System32\resutils.dll - ok
20:20:34.0445 5992 [ 218F874A78CB670172280A39A58B8F8A ] C:\Windows\System32\winrnr.dll
20:20:34.0445 5992 C:\Windows\System32\winrnr.dll - ok
20:20:34.0461 5992 [ AF033A6377288725830CF3CCD3C12773 ] C:\Windows\System32\bidispl.dll
20:20:34.0461 5992 C:\Windows\System32\bidispl.dll - ok
20:20:34.0461 5992 [ 4CD5B246B2DB81DC403B7C9041456B0E ] C:\Windows\System32\NapiNSP.dll
20:20:34.0461 5992 C:\Windows\System32\NapiNSP.dll - ok
20:20:34.0476 5992 [ F916298AF3C6AC9887427E545C7E3A69 ] C:\Windows\System32\pnrpnsp.dll
20:20:34.0476 5992 C:\Windows\System32\pnrpnsp.dll - ok
20:20:34.0492 5992 [ 0D0213498683414DDE29B1686A4C08D5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
20:20:34.0492 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll - ok
20:20:34.0492 5992 [ 40C67D1A4891120874767F6E6604D6C5 ] C:\Windows\System32\wdi.dll
20:20:34.0492 5992 C:\Windows\System32\wdi.dll - ok
20:20:34.0508 5992 [ AC25073CEBD9D5CE2F61D6AF93BC9585 ] C:\Windows\SysWOW64\shfolder.dll
20:20:34.0508 5992 C:\Windows\SysWOW64\shfolder.dll - ok
20:20:34.0508 5992 [ B7AD851A21FEBA3BA214972627614207 ] C:\Windows\System32\netman.dll
20:20:34.0508 5992 C:\Windows\System32\netman.dll - ok
20:20:34.0523 5992 [ F0F0A372C2EF6358399C4936F91B6131 ] C:\Windows\System32\netprofmsvc.dll
20:20:34.0523 5992 C:\Windows\System32\netprofmsvc.dll - ok
20:20:34.0539 5992 [ 15225081966C785A9192782401643FD4 ] C:\Windows\System32\qmgr.dll
20:20:34.0539 5992 C:\Windows\System32\qmgr.dll - ok
20:20:34.0539 5992 [ BCE87B456D851A0C9E726331A040CE3F ] C:\Windows\System32\netshell.dll
20:20:34.0539 5992 C:\Windows\System32\netshell.dll - ok
20:20:34.0554 5992 [ D0BAD4E2BCA23BD0DC9930EE4DEA6658 ] C:\Windows\System32\dafupnp.dll
20:20:34.0554 5992 C:\Windows\System32\dafupnp.dll - ok
20:20:34.0554 5992 [ 03694A8350222AC9F0E8693986E92BE2 ] C:\Windows\System32\diagperf.dll
20:20:34.0554 5992 C:\Windows\System32\diagperf.dll - ok
20:20:34.0570 5992 [ 449A20A674AA3FAA7F0DD4E33EE2DC20 ] C:\Windows\System32\hidserv.dll
20:20:34.0570 5992 C:\Windows\System32\hidserv.dll - ok
20:20:34.0586 5992 [ F0DF4F8D9F1F8FA36BA30ACAC213D03D ] C:\Windows\System32\PortableDeviceApi.dll
20:20:34.0586 5992 C:\Windows\System32\PortableDeviceApi.dll - ok
20:20:34.0586 5992 [ D27491CFCE452C154CECFA155AD0EBC8 ] C:\Windows\System32\wpdbusenum.dll
20:20:34.0586 5992 C:\Windows\System32\wpdbusenum.dll - ok
20:20:34.0601 5992 [ 397006C14C023F8E494093E0EAFADC2A ] C:\Windows\System32\perftrack.dll
20:20:34.0601 5992 C:\Windows\System32\perftrack.dll - ok
20:20:34.0601 5992 [ 59A343C3BD792AF308400B2EE5E1A924 ] C:\Windows\System32\wer.dll
20:20:34.0601 5992 C:\Windows\System32\wer.dll - ok
20:20:34.0617 5992 [ B4FC38795A0AFC18539E220F56348764 ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:20:34.0617 5992 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:20:34.0617 5992 [ 28C35503056748FA88499DAECF3D5557 ] C:\Windows\System32\npmproxy.dll
20:20:34.0617 5992 C:\Windows\System32\npmproxy.dll - ok
20:20:34.0633 5992 [ BB9ED3EDD8E85008215A7250D325A72E ] C:\Windows\System32\ssdpsrv.dll
20:20:34.0633 5992 C:\Windows\System32\ssdpsrv.dll - ok
20:20:34.0633 5992 [ CBCA90CF2ACE96038571ED0A7BD3D756 ] C:\Windows\System32\esent.dll
20:20:34.0648 5992 C:\Windows\System32\esent.dll - ok
20:20:34.0648 5992 [ 647B3E3A60DED8DAECF4F798A058EADB ] C:\Windows\System32\srumsvc.dll
20:20:34.0648 5992 C:\Windows\System32\srumsvc.dll - ok
20:20:34.0664 5992 [ 0BDB5190B3AFAEFF93800F149781F942 ] C:\Windows\System32\pautoenr.dll
20:20:34.0664 5992 C:\Windows\System32\pautoenr.dll - ok
20:20:34.0664 5992 [ B344479C30A24B05C2E08EE35EF69530 ] C:\Windows\System32\certca.dll
20:20:34.0664 5992 C:\Windows\System32\certca.dll - ok
20:20:34.0679 5992 [ F99300CAF66307E295438355E9B11ACD ] C:\Windows\System32\CertEnroll.dll
20:20:34.0679 5992 C:\Windows\System32\CertEnroll.dll - ok
20:20:34.0679 5992 [ DC1A78BCCCB7EE53D6FD3BD615A8E222 ] C:\Windows\System32\fdPHost.dll
20:20:34.0679 5992 C:\Windows\System32\fdPHost.dll - ok
20:20:34.0695 5992 [ E5AD448F2DC84B1CF387FA7F2A3D1936 ] C:\Windows\System32\FDResPub.dll
20:20:34.0695 5992 C:\Windows\System32\FDResPub.dll - ok
20:20:34.0711 5992 [ 45E8FB1F9A9191B1F7DF09DE346B81A7 ] C:\Windows\System32\fdWSD.dll
20:20:34.0711 5992 C:\Windows\System32\fdWSD.dll - ok
20:20:34.0711 5992 [ 7969580698D60958265942B9DDC12B63 ] C:\Windows\System32\fdSSDP.dll
20:20:34.0711 5992 C:\Windows\System32\fdSSDP.dll - ok
20:20:34.0726 5992 [ 205B59C8B291A707B24C97B123834E70 ] C:\Windows\System32\pnpts.dll
20:20:34.0726 5992 C:\Windows\System32\pnpts.dll - ok
20:20:34.0726 5992 [ 6AF7948D08E59B5690D3559AEB8E0F93 ] C:\Windows\System32\wdiasqmmodule.dll
20:20:34.0726 5992 C:\Windows\System32\wdiasqmmodule.dll - ok
20:20:34.0742 5992 [ BEA157D1857FA63205558750720D9071 ] C:\Windows\System32\appsruprov.dll
20:20:34.0742 5992 C:\Windows\System32\appsruprov.dll - ok
20:20:34.0758 5992 [ 8449B6B3E281AF44BEA98D318D7481A5 ] C:\Windows\System32\nduprov.dll
20:20:34.0758 5992 C:\Windows\System32\nduprov.dll - ok
20:20:34.0758 5992 [ D3F794546CE8666B663A0A906CA97DCA ] C:\Windows\System32\wpnsruprov.dll
20:20:34.0758 5992 C:\Windows\System32\wpnsruprov.dll - ok
20:20:34.0773 5992 [ F06F60158842691FA4B5DE0E08F55B29 ] C:\Windows\System32\ncuprov.dll
20:20:34.0773 5992 C:\Windows\System32\ncuprov.dll - ok
20:20:34.0773 5992 [ F12B563360D2BA8AD323A74986AF8A5B ] C:\Windows\System32\wwapi.dll
20:20:34.0773 5992 C:\Windows\System32\wwapi.dll - ok
20:20:34.0789 5992 [ BE5F89BAFBD4272D5A0C0A37B97865ED ] C:\Windows\System32\provsvc.dll
20:20:34.0789 5992 C:\Windows\System32\provsvc.dll - ok
20:20:34.0804 5992 [ 2586C4C167499210DCBF3ECFD8CCE210 ] C:\Windows\System32\NcdAutoSetup.dll
20:20:34.0804 5992 C:\Windows\System32\NcdAutoSetup.dll - ok
20:20:34.0804 5992 [ 465E8A5B79FF5134CECE8E43031ADBE1 ] C:\Windows\System32\dtsh.dll
20:20:34.0804 5992 C:\Windows\System32\dtsh.dll - ok
20:20:34.0820 5992 [ 8DB30DA1FA8620A5C4AF53DEB85194D8 ] C:\Windows\SysWOW64\NapiNSP.dll
20:20:34.0820 5992 C:\Windows\SysWOW64\NapiNSP.dll - ok
20:20:34.0820 5992 [ 4947B4C100BE88C83F027D1C8DBC4B84 ] C:\Windows\SysWOW64\pnrpnsp.dll
20:20:34.0820 5992 C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:20:34.0836 5992 [ 8700883867FBD565BF6C2DAE8B2D7810 ] C:\Windows\SysWOW64\winrnr.dll
20:20:34.0836 5992 C:\Windows\SysWOW64\winrnr.dll - ok
20:20:34.0851 5992 [ 4A1780F986DC1EAE2FADF3219F211C8D ] C:\Windows\SysWOW64\sxs.dll
20:20:34.0851 5992 C:\Windows\SysWOW64\sxs.dll - ok
20:20:34.0851 5992 [ CBD8F6EAC15E1EF69917B3961315C4D4 ] C:\Windows\System32\bitsperf.dll
20:20:34.0851 5992 C:\Windows\System32\bitsperf.dll - ok
20:20:34.0867 5992 [ 1B76D48A97E3E61661846A5BF64E2008 ] C:\Windows\System32\FXSRESM.dll
20:20:34.0867 5992 C:\Windows\System32\FXSRESM.dll - ok
20:20:34.0867 5992 [ B19CA8E441D35AA2B1EE51C10B27DA1B ] C:\Windows\System32\aelupsvc.dll
20:20:34.0867 5992 C:\Windows\System32\aelupsvc.dll - ok
20:20:34.0883 5992 [ E90A3C2460984362BE38F572842C890A ] C:\Windows\System32\activeds.dll
20:20:34.0883 5992 C:\Windows\System32\activeds.dll - ok
20:20:34.0883 5992 [ 52564ADAFDECBCD05B83C11F4401826C ] C:\Windows\System32\P2P.dll
20:20:34.0883 5992 C:\Windows\System32\P2P.dll - ok
20:20:34.0898 5992 [ 0488E461EEE18F5CFCE7C1774BBFCBB3 ] C:\Windows\System32\adsldp.dll
20:20:34.0898 5992 C:\Windows\System32\adsldp.dll - ok
20:20:34.0914 5992 [ E7CD6B5449030F4F9B29C742664B63B3 ] C:\Windows\System32\adsldpc.dll
20:20:34.0914 5992 C:\Windows\System32\adsldpc.dll - ok
20:20:34.0914 5992 [ D528D6A92D187777691993DD757AF19A ] C:\Windows\System32\browser.dll
20:20:34.0914 5992 C:\Windows\System32\browser.dll - ok
20:20:34.0929 5992 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18 ] C:\Windows\System32\ListSvc.dll
20:20:34.0929 5992 C:\Windows\System32\ListSvc.dll - ok
20:20:34.0929 5992 [ DD02C0806C03506E03A24C984502B92B ] C:\Windows\System32\secur32.dll
20:20:34.0929 5992 C:\Windows\System32\secur32.dll - ok
20:20:34.0945 5992 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8 ] C:\Windows\System32\DeviceSetupManager.dll
20:20:34.0945 5992 C:\Windows\System32\DeviceSetupManager.dll - ok
20:20:34.0961 5992 [ 3B510F20806B94E389784ED09DBD2111 ] C:\Windows\System32\pnrpsvc.dll
20:20:34.0961 5992 C:\Windows\System32\pnrpsvc.dll - ok
20:20:34.0961 5992 [ 72C7BC98E2393F1DDD41459C659CC6E2 ] C:\Windows\System32\newdev.dll
20:20:34.0961 5992 C:\Windows\System32\newdev.dll - ok
20:20:34.0976 5992 [ BC4895DC55FAF5CF3FE4147F9C71CFD7 ] C:\Windows\System32\dot3api.dll
20:20:34.0976 5992 C:\Windows\System32\dot3api.dll - ok
20:20:34.0976 5992 [ E32D2083EB6EC8EBD56D1A509268492B ] C:\Windows\System32\energyprov.dll
20:20:34.0976 5992 C:\Windows\System32\energyprov.dll - ok
20:20:34.0992 5992 [ 90AC8D4574103FCF8942C526998F46BF ] C:\Windows\System32\srumapi.dll
20:20:34.0992 5992 C:\Windows\System32\srumapi.dll - ok
20:20:35.0008 5992 [ 19240C13F526125554B5370566F21A0A ] C:\Windows\System32\drivers\WUDFRd.sys
20:20:35.0008 5992 C:\Windows\System32\drivers\WUDFRd.sys - ok
20:20:35.0008 5992 [ 5C8EE485EF4AEA9BCECD36A46599E5C9 ] C:\Windows\System32\eappcfg.dll
20:20:35.0008 5992 C:\Windows\System32\eappcfg.dll - ok
20:20:35.0023 5992 [ 448D8F8B51F785EAB56947D94EBDFC66 ] C:\Windows\System32\hnetcfg.dll
20:20:35.0023 5992 C:\Windows\System32\hnetcfg.dll - ok
20:20:35.0023 5992 [ D9053149D55CEB13C66A69A00A1B6D7D ] C:\Windows\System32\wbem\wbemprox.dll
20:20:35.0023 5992 C:\Windows\System32\wbem\wbemprox.dll - ok
20:20:35.0039 5992 [ 2F60047076D57730FFD1981F53ACE052 ] C:\Windows\System32\fdProxy.dll
20:20:35.0039 5992 C:\Windows\System32\fdProxy.dll - ok
20:20:35.0054 5992 [ 25F83CCBFA07077EFB4EEFCFF3CC3E7A ] C:\Windows\System32\bitsigd.dll
20:20:35.0054 5992 C:\Windows\System32\bitsigd.dll - ok
20:20:35.0054 5992 [ 16A19EB29CDE3883DF43DC83D14F1817 ] C:\Windows\System32\upnp.dll
20:20:35.0054 5992 C:\Windows\System32\upnp.dll - ok
20:20:35.0070 5992 [ 8F5E6EC1728272080B24A92F23DE78FA ] C:\Windows\System32\DeviceDriverRetrievalClient.dll
20:20:35.0070 5992 C:\Windows\System32\DeviceDriverRetrievalClient.dll - ok
20:20:35.0086 5992 [ 9F671913B8C75A72188A4B1CCFA592A3 ] C:\Windows\System32\DevPropMgr.dll
20:20:35.0086 5992 C:\Windows\System32\DevPropMgr.dll - ok
20:20:35.0086 5992 [ 1968E2E5143D2EB964F836BA19A51104 ] C:\Windows\System32\actxprxy.dll
20:20:35.0086 5992 C:\Windows\System32\actxprxy.dll - ok
20:20:35.0101 5992 [ 80D6B89F62395284E3CE5DE2E5F4D6A0 ] C:\Windows\System32\webio.dll
20:20:35.0101 5992 C:\Windows\System32\webio.dll - ok
20:20:35.0101 5992 [ 55D6A7C1A1AA9E118140C9F87016A58A ] C:\Windows\System32\fhlisten.dll
20:20:35.0101 5992 C:\Windows\System32\fhlisten.dll - ok
20:20:35.0117 5992 [ 62D2F0DEED2F7A6B2A7F84977DF9A23A ] C:\Windows\System32\cabinet.dll
20:20:35.0117 5992 C:\Windows\System32\cabinet.dll - ok
20:20:35.0133 5992 [ DA7967BD9CD17F436E6059C3A7A1BF7C ] C:\Windows\System32\DeviceMetadataRetrievalClient.dll
20:20:35.0133 5992 C:\Windows\System32\DeviceMetadataRetrievalClient.dll - ok
20:20:35.0133 5992 [ EA9AB560BA0A9C8E0E4A50C84733E088 ] C:\Windows\System32\IdListen.dll
20:20:35.0133 5992 C:\Windows\System32\IdListen.dll - ok
20:20:35.0148 5992 [ AABABEF97D4863A3490163802D41B39F ] C:\Windows\System32\ndiscapCfg.dll
20:20:35.0148 5992 C:\Windows\System32\ndiscapCfg.dll - ok
20:20:35.0148 5992 [ E1D793FCCD26B862839217612830ECFC ] C:\Windows\System32\wbem\wbemcore.dll
20:20:35.0148 5992 C:\Windows\System32\wbem\wbemcore.dll - ok
20:20:35.0164 5992 [ 2C6B75D50B9917766FE7BA0C11A1FA23 ] C:\Windows\System32\wbem\esscli.dll
20:20:35.0164 5992 C:\Windows\System32\wbem\esscli.dll - ok
20:20:35.0164 5992 [ C510810D292782189F8BE12A1B0E366E ] C:\Windows\System32\wbem\fastprox.dll
20:20:35.0164 5992 C:\Windows\System32\wbem\fastprox.dll - ok
20:20:35.0179 5992 [ 23C9D50C50954642D5B9224AF35858EC ] C:\Windows\System32\brdgcfg.dll
20:20:35.0179 5992 C:\Windows\System32\brdgcfg.dll - ok
20:20:35.0195 5992 [ D465E438E2356C21A51A416E67041F80 ] C:\Windows\System32\rascfg.dll
20:20:35.0195 5992 C:\Windows\System32\rascfg.dll - ok
20:20:35.0195 5992 [ 36BC2FF91264BB032FEB927B03DE4C29 ] C:\Windows\System32\wbem\wbemsvc.dll
20:20:35.0195 5992 C:\Windows\System32\wbem\wbemsvc.dll - ok
20:20:35.0211 5992 [ 4F32FE0318A902949E461F699030DA45 ] C:\Windows\System32\DAFWSD.dll
20:20:35.0211 5992 C:\Windows\System32\DAFWSD.dll - ok
20:20:35.0211 5992 [ 95ED0EB4E1D30448AF1C55BB2B4F014C ] C:\Windows\System32\mprapi.dll
20:20:35.0211 5992 C:\Windows\System32\mprapi.dll - ok
20:20:35.0226 5992 [ A46C1D6EE4BC27E8A767079CECCADE9E ] C:\Windows\System32\mprmsg.dll
20:20:35.0226 5992 C:\Windows\System32\mprmsg.dll - ok
20:20:35.0242 5992 [ 319A44F3656F89E045BCFAFD544810F5 ] C:\Windows\System32\qmgrprxy.dll
20:20:35.0242 5992 C:\Windows\System32\qmgrprxy.dll - ok
20:20:35.0242 5992 [ 5FB52C4367FCABB27373F701C714192C ] C:\Windows\System32\wbem\wmiutils.dll
20:20:35.0242 5992 C:\Windows\System32\wbem\wmiutils.dll - ok
20:20:35.0258 5992 [ FEF48CEA8EEB03CE5588BF7DE1859EF1 ] C:\Windows\SysWOW64\qmgrprxy.dll
20:20:35.0258 5992 C:\Windows\SysWOW64\qmgrprxy.dll - ok
20:20:35.0258 5992 [ 3CD8F1967D355842CC044B25269EEDFE ] C:\Windows\System32\NdisImPlatform.dll
20:20:35.0258 5992 C:\Windows\System32\NdisImPlatform.dll - ok
20:20:35.0273 5992 [ 23B8FA7B494D249EF162C1FE4DE99567 ] C:\Windows\System32\LldpNotify.dll
20:20:35.0273 5992 C:\Windows\System32\LldpNotify.dll - ok
20:20:35.0289 5992 [ D8F986E9781C4153EC73B52D19CF2E0D ] C:\Windows\System32\tcpipcfg.dll
20:20:35.0289 5992 C:\Windows\System32\tcpipcfg.dll - ok
20:20:35.0289 5992 [ 4845FC917AB257CAE4F16A80ADC15412 ] C:\Windows\System32\wbem\repdrvfs.dll
20:20:35.0289 5992 C:\Windows\System32\wbem\repdrvfs.dll - ok
20:20:35.0304 5992 [ 1FC8997292BE3362A5B40EBBBD137982 ] C:\Windows\System32\radardt.dll
20:20:35.0304 5992 C:\Windows\System32\radardt.dll - ok
20:20:35.0320 5992 [ EBE2E282ED098C9C5FEE4341713A950F ] C:\Windows\System32\hgprint.dll
20:20:35.0320 5992 C:\Windows\System32\hgprint.dll - ok
20:20:35.0320 5992 [ 824BC775A6B475D872431F6B36DD8BA3 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:20:35.0320 5992 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:20:35.0336 5992 [ A19F9B39E739E89698E662896F4A76B5 ] C:\Windows\System32\ncobjapi.dll
20:20:35.0336 5992 C:\Windows\System32\ncobjapi.dll - ok
20:20:35.0352 5992 [ B2CF1AF98C13B3C19FDD7EF1EF56C05F ] C:\Windows\System32\wbem\wbemess.dll
20:20:35.0352 5992 C:\Windows\System32\wbem\wbemess.dll - ok
20:20:35.0359 5992 [ 2FEAE33E9B2B56104596E1BA444405A9 ] C:\Windows\System32\drivers\WUDFPf.sys
20:20:35.0359 5992 C:\Windows\System32\drivers\WUDFPf.sys - ok
20:20:35.0359 5992 [ E74B152C1ED467FBA246EB2E826FA9FD ] C:\Windows\System32\P2PGraph.dll
20:20:35.0359 5992 C:\Windows\System32\P2PGraph.dll - ok
20:20:35.0375 5992 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B ] C:\Windows\System32\p2psvc.dll
20:20:35.0375 5992 C:\Windows\System32\p2psvc.dll - ok
20:20:35.0391 5992 [ 4D92CCDBF7BAE2228B1974849D8FDF13 ] C:\Windows\System32\WUDFPlatform.dll
20:20:35.0391 5992 C:\Windows\System32\WUDFPlatform.dll - ok
20:20:35.0391 5992 [ BB73CBC65AABC4EA0A5C6A1474A0A743 ] C:\Windows\System32\WUDFSvc.dll
20:20:35.0391 5992 C:\Windows\System32\WUDFSvc.dll - ok
20:20:35.0406 5992 [ 9F2904B55F6CECCD1A8D986B5CE2609A ] C:\Windows\System32\drivers\WpdUpFltr.sys
20:20:35.0406 5992 C:\Windows\System32\drivers\WpdUpFltr.sys - ok
20:20:35.0406 5992 [ 2EAF0A1F9E4DF34862CC5A2B5437E450 ] C:\Windows\System32\SettingSyncCore.dll
20:20:35.0406 5992 C:\Windows\System32\SettingSyncCore.dll - ok
20:20:35.0422 5992 [ C213A16E1673E9C9C124048D755DF029 ] C:\Windows\System32\WUDFHost.exe
20:20:35.0422 5992 C:\Windows\System32\WUDFHost.exe - ok
20:20:35.0438 5992 [ 0934499394EB3D8027B8AB78C07D56CB ] C:\Windows\System32\dllhost.exe
20:20:35.0438 5992 C:\Windows\System32\dllhost.exe - ok
20:20:35.0438 5992 [ 974EE33E2A2ECE48BC82F8B1786C65F9 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
20:20:35.0438 5992 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
20:20:35.0453 5992 [ 83C140F98869F21D89FA4FAE82947661 ] C:\Windows\System32\WMVCORE.DLL
20:20:35.0453 5992 C:\Windows\System32\WMVCORE.DLL - ok
20:20:35.0453 5992 [ F89E07781DB858C9A20370CAE1B5AF7A ] C:\Windows\System32\WMASF.DLL
20:20:35.0469 5992 C:\Windows\System32\WMASF.DLL - ok
20:20:35.0469 5992 [ 2E7722C5CE11EC7C163E92AAAE9AAF0E ] C:\Windows\System32\WUDFx.dll
20:20:35.0469 5992 C:\Windows\System32\WUDFx.dll - ok
20:20:35.0484 5992 [ 6709E0125318568DCDD6787597153A71 ] C:\Windows\System32\PortableDeviceClassExtension.dll
20:20:35.0484 5992 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
20:20:35.0500 5992 [ DE320127B1ED10BF465AF9FB7EBD4557 ] C:\Windows\System32\PortableDeviceTypes.dll
20:20:35.0500 5992 C:\Windows\System32\PortableDeviceTypes.dll - ok
20:20:35.0500 5992 [ 418CE7366D46EB9F008DD8CEDE9A2CEC ] C:\Windows\System32\CredentialMigrationHandler.dll
20:20:35.0500 5992 C:\Windows\System32\CredentialMigrationHandler.dll - ok
20:20:35.0516 5992 [ 8744BDDA941E77B6402C91D220EFD4F9 ] C:\Windows\System32\AppxAllUserStore.dll
20:20:35.0516 5992 C:\Windows\System32\AppxAllUserStore.dll - ok
20:20:35.0516 5992 [ 66A4E31B7F095ED862711B7152665EAC ] C:\Windows\System32\iuilp.dll
20:20:35.0516 5992 C:\Windows\System32\iuilp.dll - ok
20:20:35.0531 5992 [ E41C0291E2F2FDFBF2875E4473F81031 ] C:\Windows\System32\mpr.dll
20:20:35.0531 5992 C:\Windows\System32\mpr.dll - ok
20:20:35.0547 5992 [ 4CEC4C390F0B53AC8AEA2407D88A0ABF ] C:\Windows\SysWOW64\webio.dll
20:20:35.0547 5992 C:\Windows\SysWOW64\webio.dll - ok
20:20:35.0547 5992 [ 40BD4960734B0FA0872AF71B1E4314CE ] C:\Windows\System32\taskhostex.exe
20:20:35.0547 5992 C:\Windows\System32\taskhostex.exe - ok
20:20:35.0563 5992 [ 08C191B2917862BE90C33E31CB6B6D79 ] C:\Windows\System32\userinit.exe
20:20:35.0563 5992 C:\Windows\System32\userinit.exe - ok
20:20:35.0563 5992 [ D8EB154CC954E526970E7C56B724E659 ] C:\Windows\System32\userinitext.dll
20:20:35.0563 5992 C:\Windows\System32\userinitext.dll - ok
20:20:35.0578 5992 [ 63DC38C3E4564B2405D562855643ABA2 ] C:\Windows\explorer.exe
20:20:35.0578 5992 C:\Windows\explorer.exe - ok
20:20:35.0594 5992 [ A9D93140473987744835BCB7C18C62B3 ] C:\Windows\SysWOW64\schannel.dll
20:20:35.0594 5992 C:\Windows\SysWOW64\schannel.dll - ok
20:20:35.0594 5992 [ 91F27BC87BEB6DFDC709FF484F64F1D4 ] C:\Windows\System32\PlaySndSrv.dll
20:20:35.0594 5992 C:\Windows\System32\PlaySndSrv.dll - ok
20:20:35.0609 5992 [ C5817E2699AA8048FD4D3869EE9A3CC0 ] C:\Windows\System32\ncryptsslp.dll
20:20:35.0609 5992 C:\Windows\System32\ncryptsslp.dll - ok
20:20:35.0609 5992 [ 5E536FD2C9EBFB9388DD76BCC56C7232 ] C:\Windows\System32\MsCtfMonitor.dll
20:20:35.0609 5992 C:\Windows\System32\MsCtfMonitor.dll - ok
20:20:35.0625 5992 [ 9729D3F9896B6F309DC50CE3769AC9C1 ] C:\Windows\System32\msutb.dll
20:20:35.0625 5992 C:\Windows\System32\msutb.dll - ok
20:20:35.0625 5992 [ 02959B2556E18276DE7DDE527CFCB502 ] C:\Windows\System32\ncryptprov.dll
20:20:35.0625 5992 C:\Windows\System32\ncryptprov.dll - ok
20:20:35.0641 5992 [ D9D960D70B1866A513BCBBA2FBEE6144 ] C:\Windows\System32\dssenh.dll
20:20:35.0641 5992 C:\Windows\System32\dssenh.dll - ok
20:20:35.0656 5992 [ 40932AF9B3D04E307F019784243A18F3 ] C:\Windows\System32\twinapi.dll
20:20:35.0656 5992 C:\Windows\System32\twinapi.dll - ok
20:20:35.0656 5992 [ 73E50B6C22F18C6FBC4553B9ED983B9B ] C:\Windows\SysWOW64\gpapi.dll
20:20:35.0656 5992 C:\Windows\SysWOW64\gpapi.dll - ok
20:20:35.0672 5992 [ 88244F5A24F9CD98E74472FDFA827FA2 ] C:\Windows\SysWOW64\ncrypt.dll
20:20:35.0672 5992 C:\Windows\SysWOW64\ncrypt.dll - ok
20:20:35.0672 5992 [ 13B9417E93437480E168669EDE36298B ] C:\Windows\SysWOW64\ntasn1.dll
20:20:35.0672 5992 C:\Windows\SysWOW64\ntasn1.dll - ok
20:20:35.0688 5992 [ 675DE4EC2D88A6D68C39C662A3204596 ] C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
20:20:35.0688 5992 C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe - ok
20:20:35.0688 5992 [ 00A3F73C3A9E4EC0E11A4EA84C4BF788 ] C:\Windows\System32\taskeng.exe
20:20:35.0688 5992 C:\Windows\System32\taskeng.exe - ok
20:20:35.0703 5992 [ 2A356FA2650E30E139F0476979548BF6 ] C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
20:20:35.0703 5992 C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe - ok
20:20:35.0719 5992 [ 4E35D4D943D6D00668BE4B0C344F3BC9 ] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
20:20:35.0719 5992 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe - ok
20:20:35.0719 5992 [ 6F79F69BD894EADC42D62365EEC823D2 ] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
20:20:35.0719 5992 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe - ok
20:20:35.0734 5992 [ F093C6F81029B71569D635CF68DF9C12 ] C:\Windows\SysWOW64\ncryptsslp.dll
20:20:35.0734 5992 C:\Windows\SysWOW64\ncryptsslp.dll - ok
20:20:35.0734 5992 [ 7E790DE2487CEDB349D1750B9E47F090 ] C:\Windows\System32\appinfo.dll
20:20:35.0750 5992 C:\Windows\System32\appinfo.dll - ok
20:20:35.0750 5992 [ 494BB20A0251BC1315ED380687EEBAA1 ] C:\Windows\System32\TSChannel.dll
20:20:35.0750 5992 C:\Windows\System32\TSChannel.dll - ok
20:20:35.0766 5992 [ 17C9CEA667906DA7CAA1175DE437F4FC ] C:\Windows\System32\runonce.exe
20:20:35.0766 5992 C:\Windows\System32\runonce.exe - ok
20:20:35.0766 5992 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:35.0766 5992 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:20:35.0781 5992 [ 349B1D5D8D1B5A7B10BCD01470BD5F64 ] C:\Windows\System32\msvcp110.dll
20:20:35.0781 5992 C:\Windows\System32\msvcp110.dll - ok
20:20:35.0781 5992 [ C72ABC6B7B90A61364B6DD889B5435F3 ] C:\Windows\System32\msvcr110.dll
20:20:35.0797 5992 C:\Windows\System32\msvcr110.dll - ok
20:20:35.0797 5992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll
20:20:35.0797 5992 C:\Program Files\Microsoft Mouse and Keyboard Center\SQMAPI.dll - ok
20:20:35.0813 5992 [ A43B937C580F5DFC43EF63EF72992FE9 ] C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll
20:20:35.0813 5992 C:\Program Files (x86)\Google\Update\1.3.22.5\goopdate.dll - ok
20:20:35.0813 5992 [ BB4E644BCD9747951146EC2155DED915 ] C:\Windows\System32\dbghelp.dll
20:20:35.0813 5992 C:\Windows\System32\dbghelp.dll - ok
20:20:35.0828 5992 [ 8BE1C89BD0C6F659C3AE3A2C8D0955C4 ] C:\Windows\SysWOW64\runonce.exe
20:20:35.0828 5992 C:\Windows\SysWOW64\runonce.exe - ok
20:20:35.0844 5992 [ 5AA28997F6A30EB196A5AB09F684B7BE ] C:\Windows\SysWOW64\imagehlp.dll
20:20:35.0844 5992 C:\Windows\SysWOW64\imagehlp.dll - ok
20:20:35.0844 5992 [ 46C6D8A6B4DEBBB55B6DA6B92C100599 ] C:\Windows\SysWOW64\propsys.dll
20:20:35.0844 5992 C:\Windows\SysWOW64\propsys.dll - ok
20:20:35.0859 5992 [ 2C4965FA375C7C2C1FBD18EFD75F61CF ] C:\Windows\SysWOW64\cscapi.dll
20:20:35.0859 5992 C:\Windows\SysWOW64\cscapi.dll - ok
20:20:35.0859 5992 [ 750F6E09044B88636ED257FD0305C689 ] C:\Windows\SysWOW64\dbghelp.dll
20:20:35.0859 5992 C:\Windows\SysWOW64\dbghelp.dll - ok
20:20:35.0875 5992 [ 30F88258703D26127258F4B23B150D41 ] C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
20:20:35.0875 5992 C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL - ok
20:20:35.0891 5992 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
20:20:35.0891 5992 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
20:20:35.0891 5992 [ 883D87AA9D3C15C3D57B11BABC180B4E ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:20:35.0891 5992 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:20:35.0906 5992 [ 04666E7A3CDCE8625B93DC4AB27EE883 ] C:\Windows\System32\drttransport.dll
20:20:35.0906 5992 C:\Windows\System32\drttransport.dll - ok
20:20:35.0906 5992 [ 5D9DC6332A4FC66388B09BBE7CF53750 ] C:\Windows\SysWOW64\urlmon.dll
20:20:35.0906 5992 C:\Windows\SysWOW64\urlmon.dll - ok
20:20:35.0922 5992 [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
20:20:35.0922 5992 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
20:20:35.0922 5992 [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
20:20:35.0938 5992 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
20:20:35.0938 5992 [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
20:20:35.0938 5992 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
20:20:35.0953 5992 [ 59A1D4FACD7B333F76C4142CD42D3ABA ] C:\Windows\SysWOW64\cmd.exe
20:20:35.0953 5992 C:\Windows\SysWOW64\cmd.exe - ok
20:20:35.0953 5992 [ 4C50680BDC98B551CE5C173BAB1C62D7 ] C:\Windows\SysWOW64\cmdext.dll
20:20:35.0953 5992 C:\Windows\SysWOW64\cmdext.dll - ok
20:20:35.0969 5992 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Shlomi\AppData\Local\Temp\C7667217-D77B-4225-A6C3-14F3BBA4ECB1.exe
20:20:35.0969 5992 C:\Users\Shlomi\AppData\Local\Temp\C7667217-D77B-4225-A6C3-14F3BBA4ECB1.exe - ok
20:20:35.0984 5992 [ 0320929A497A57A243ED157BA082896D ] C:\Windows\SysWOW64\pcacli.dll
20:20:35.0984 5992 C:\Windows\SysWOW64\pcacli.dll - ok
20:20:35.0984 5992 [ 5D7148704D8715482695A534887359FA ] C:\Windows\SysWOW64\mpr.dll
20:20:35.0984 5992 C:\Windows\SysWOW64\mpr.dll - ok
20:20:36.0000 5992 [ EB5BB44DBA9F55DB59076E58F6E42C03 ] C:\Windows\SysWOW64\sfc_os.dll
20:20:36.0000 5992 C:\Windows\SysWOW64\sfc_os.dll - ok
20:20:36.0000 5992 [ C3C9B251ABFA347AA454B6AA17068FA1 ] C:\Windows\SysWOW64\devrtl.dll
20:20:36.0000 5992 C:\Windows\SysWOW64\devrtl.dll - ok
20:20:36.0016 5992 [ 7C2E3117F0BF7B6F010B8C071253404C ] C:\Windows\System32\cryptnet.dll
20:20:36.0016 5992 C:\Windows\System32\cryptnet.dll - ok
20:20:36.0031 5992 [ 5BD47B7C7DF76203FD639F2568A8C7B7 ] C:\Windows\System32\twinui.dll
20:20:36.0031 5992 C:\Windows\System32\twinui.dll - ok
20:20:36.0031 5992 [ 7254BFFB866CA443285A4D62294250BB ] C:\Windows\SysWOW64\dwmapi.dll
20:20:36.0031 5992 C:\Windows\SysWOW64\dwmapi.dll - ok
20:20:36.0047 5992 [ C98ACDE22458C8F46FD0503CB9E2D01F ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
20:20:36.0047 5992 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe - ok
20:20:36.0047 5992 [ EA8B5B41163A06FFA8930F5316473035 ] C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
20:20:36.0047 5992 C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe - ok
20:20:36.0063 5992 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\96253696.sys
20:20:36.0063 5992 C:\Windows\System32\drivers\96253696.sys - ok
20:20:36.0078 5992 [ 1ADF42CE2ABD1DA523DCD5B71A7C314C ] C:\Windows\System32\drt.dll
20:20:36.0078 5992 C:\Windows\System32\drt.dll - ok
20:20:36.0078 5992 [ 9D2136DDE6753B36A0771FF34337B5D1 ] C:\Windows\SysWOW64\riched20.dll
20:20:36.0078 5992 C:\Windows\SysWOW64\riched20.dll - ok
20:20:36.0094 5992 [ A2D053D11E3756DB3C5642AACA84E69B ] C:\Windows\SysWOW64\usp10.dll
20:20:36.0094 5992 C:\Windows\SysWOW64\usp10.dll - ok
20:20:36.0094 5992 [ 2FE534AC99FE081D9A6950C0C8032751 ] C:\Windows\SysWOW64\msls31.dll
20:20:36.0094 5992 C:\Windows\SysWOW64\msls31.dll - ok
20:20:36.0109 5992 [ 8387AF7783F772EC1D208409080CB5B8 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:20:36.0109 5992 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:20:36.0125 5992 [ CFE23A35E84A2CCA5DE8DF34DC238782 ] C:\Windows\SysWOW64\duser.dll
20:20:36.0125 5992 C:\Windows\SysWOW64\duser.dll - ok
20:20:36.0125 5992 [ FB34E929D9C8082D30EF87F6661C3A31 ] C:\Windows\SysWOW64\dui70.dll
20:20:36.0125 5992 C:\Windows\SysWOW64\dui70.dll - ok
20:20:36.0141 5992 [ 2550646804DCCFCCA8D1542DF1FF81ED ] C:\Program Files (x86)\RealNetworks\RealDownloader\Common\hxmedpltfm.dll
20:20:36.0141 5992 C:\Program Files (x86)\RealNetworks\RealDownloader\Common\hxmedpltfm.dll - ok
20:20:36.0141 5992 [ 4878EB5F04D9DD02E76190D2105EC0F9 ] C:\Windows\System32\twinapi.appcore.dll
20:20:36.0141 5992 C:\Windows\System32\twinapi.appcore.dll - ok
20:20:36.0156 5992 [ 1A8273A1327E9AD0492ED097E8912B72 ] C:\Windows\System32\StartMenuHelper64.dll
20:20:36.0156 5992 C:\Windows\System32\StartMenuHelper64.dll - ok
20:20:36.0172 5992 [ CF879A95A0D4B7BACCA5CF68579ACCEB ] C:\Windows\System32\ExplorerFrame.dll
20:20:36.0172 5992 C:\Windows\System32\ExplorerFrame.dll - ok
20:20:36.0172 5992 [ C4642DD25768D4F8088DF9D2FC4EC380 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
20:20:36.0172 5992 C:\Program Files\Classic Shell\ClassicStartMenu.exe - ok
20:20:36.0188 5992 [ C8F06985E7FBFE3FA689AB958406501A ] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
20:20:36.0188 5992 C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll - ok
20:20:36.0188 5992 [ 74541452095D89F4A9F5426AC53CB416 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
20:20:36.0188 5992 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
20:20:36.0203 5992 [ 63CB763FE4CEADFFF5F047332814E8F9 ] C:\Windows\System32\wldp.dll
20:20:36.0203 5992 C:\Windows\System32\wldp.dll - ok
20:20:36.0219 5992 [ D8E54AB89C84C0AD065EE0BDEBD50A99 ] C:\Windows\System32\twinui.appcore.dll
20:20:36.0219 5992 C:\Windows\System32\twinui.appcore.dll - ok
20:20:36.0219 5992 [ 56FCA8AA450BD181A0BA94F25E244C46 ] C:\Windows\System32\wpncore.dll
20:20:36.0219 5992 C:\Windows\System32\wpncore.dll - ok
20:20:36.0234 5992 [ C399CCD155AB26F2CC8A9045FC569BBC ] C:\Windows\System32\WinTypes.dll
20:20:36.0234 5992 C:\Windows\System32\WinTypes.dll - ok
20:20:36.0250 5992 [ 23FDC5425E6D8398B190F1FA02347F83 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe
20:20:36.0250 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\livecomm.exe - ok
20:20:36.0250 5992 [ CF9076FE886AABE8C5ED6FBFCDF70DA1 ] C:\Windows\System32\wlidprov.dll
20:20:36.0250 5992 C:\Windows\System32\wlidprov.dll - ok
20:20:36.0266 5992 [ F78580C6B84E2129867B5C94077EB4D4 ] C:\Windows\System32\thumbcache.dll
20:20:36.0266 5992 C:\Windows\System32\thumbcache.dll - ok
20:20:36.0281 5992 [ 813B52550153A284ED6583A5EAAC44AF ] C:\Windows\System32\Windows.Networking.Connectivity.dll
20:20:36.0281 5992 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
20:20:36.0281 5992 [ D4E3BC36A7A0D7A445DCF7342DCB3566 ] C:\Windows\System32\ELSCore.dll
20:20:36.0281 5992 C:\Windows\System32\ELSCore.dll - ok
20:20:36.0297 5992 [ 51DF09CAB2CAC64FEE3E371D9028ED01 ] C:\Windows\System32\ncbservice.dll
20:20:36.0297 5992 C:\Windows\System32\ncbservice.dll - ok
20:20:36.0297 5992 [ 347A3E49CE18402305B8119A6EC7CFEB ] C:\Windows\System32\TimeBrokerServer.dll
20:20:36.0297 5992 C:\Windows\System32\TimeBrokerServer.dll - ok
20:20:36.0313 5992 [ EB248189E980B367D09C36A1C2A6FC3D ] C:\Windows\System32\linkinfo.dll
20:20:36.0313 5992 C:\Windows\System32\linkinfo.dll - ok
20:20:36.0328 5992 [ 121BCF3FB6C1F8AA214EB83C76B944FB ] C:\Windows\System32\elsTrans.dll
20:20:36.0328 5992 C:\Windows\System32\elsTrans.dll - ok
20:20:36.0328 5992 [ E8511D133B449BEE41CABFCA6EB35526 ] C:\Windows\System32\BrokerLib.dll
20:20:36.0328 5992 C:\Windows\System32\BrokerLib.dll - ok
20:20:36.0344 5992 [ 4CB85D450E4816BEDBBDB8ABD697F597 ] C:\Windows\System32\elslad.dll
20:20:36.0344 5992 C:\Windows\System32\elslad.dll - ok
20:20:36.0360 5992 [ 8F15F54BBA6EDE7C120C17C97FBE9523 ] C:\Windows\System32\IconCodecService.dll
20:20:36.0360 5992 C:\Windows\System32\IconCodecService.dll - ok
20:20:36.0360 5992 [ 7668892E7ABC6FE867DCB097B36B6F3C ] C:\Windows\System32\Windows.UI.dll
20:20:36.0360 5992 C:\Windows\System32\Windows.UI.dll - ok
20:20:36.0375 5992 [ EB34CE5EFA1591915F973EB30C77A1D8 ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
20:20:36.0375 5992 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
20:20:36.0391 5992 [ 91AA701CC14DEDD1DD62E27CCADFD99B ] C:\Windows\System32\ThumbnailExtractionHost.exe
20:20:36.0391 5992 C:\Windows\System32\ThumbnailExtractionHost.exe - ok
20:20:36.0391 5992 [ CFEB08503784A596CE9E28D2E9FDDEF7 ] C:\Windows\System32\SettingSyncPolicy.dll
20:20:36.0391 5992 C:\Windows\System32\SettingSyncPolicy.dll - ok
20:20:36.0406 5992 [ E617B946FE0BCBE709F60BE611724618 ] C:\Windows\System32\stobject.dll
20:20:36.0406 5992 C:\Windows\System32\stobject.dll - ok
20:20:36.0422 5992 [ 2B96525A8E9A3FDD6516A0FFB6E7C0AF ] C:\Windows\System32\prnfldr.dll
20:20:36.0422 5992 C:\Windows\System32\prnfldr.dll - ok
20:20:36.0422 5992 [ DB5F0DFF669AB88296134F82258AEFB8 ] C:\Windows\System32\AudioSes.dll
20:20:36.0422 5992 C:\Windows\System32\AudioSes.dll - ok
20:20:36.0438 5992 [ 9415D8364F64C603853D4CA27CECB3BA ] C:\Windows\System32\DXP.dll
20:20:36.0438 5992 C:\Windows\System32\DXP.dll - ok
20:20:36.0438 5992 [ AC7C39F7A866BF81103042244CE85827 ] C:\Windows\System32\msxml3.dll
20:20:36.0453 5992 C:\Windows\System32\msxml3.dll - ok
20:20:36.0453 5992 [ 17F26A480391D5AB4935AE77D4F6F18A ] C:\Windows\System32\shdocvw.dll
20:20:36.0453 5992 C:\Windows\System32\shdocvw.dll - ok
20:20:36.0469 5992 [ 9590CA2728AACAD7ECE35008D789C3B6 ] C:\Windows\System32\Syncreg.dll
20:20:36.0469 5992 C:\Windows\System32\Syncreg.dll - ok
20:20:36.0485 5992 [ A5B1D64DD67915243BABC0E53048EB9A ] C:\Windows\System32\wpnprv.dll
20:20:36.0485 5992 C:\Windows\System32\wpnprv.dll - ok
20:20:36.0485 5992 [ A030B48F73CB01B89AD5CF725240401A ] C:\Windows\System32\OnDemandConnRouteHelper.dll
20:20:36.0485 5992 C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
20:20:36.0500 5992 [ 9079D01C4785CB8D69DC162ADFCE6172 ] C:\Windows\System32\AltTab.dll
20:20:36.0500 5992 C:\Windows\System32\AltTab.dll - ok
20:20:36.0500 5992 [ FCEA631F1D30CADF368F93ACC1B839C5 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
20:20:36.0500 5992 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
20:20:36.0516 5992 [ 776F9D8FA4186E2976DBC89D99CB59A6 ] C:\Windows\System32\WPDShServiceObj.dll
20:20:36.0516 5992 C:\Windows\System32\WPDShServiceObj.dll - ok
20:20:36.0531 5992 [ C2838466CCC44FAEF2C3D4C1E5971ECB ] C:\Windows\System32\wlidsvc.dll
20:20:36.0531 5992 C:\Windows\System32\wlidsvc.dll - ok
20:20:36.0531 5992 [ D0BB041536BB107963F55D6852298DAA ] C:\Program Files\Windows Portable Devices\sqmapi.dll
20:20:36.0531 5992 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
20:20:36.0547 5992 [ 226572AB3AF54C551072D623FE29255A ] C:\Windows\System32\SettingMonitor.dll
20:20:36.0547 5992 C:\Windows\System32\SettingMonitor.dll - ok
20:20:36.0563 5992 [ 622BA2CC9CB692623E4015DE54060DE4 ] C:\Windows\System32\AepRoam.dll
20:20:36.0563 5992 C:\Windows\System32\AepRoam.dll - ok
20:20:36.0563 5992 [ FF61A6193677644D25C9CE1361676AFB ] C:\Windows\System32\pnidui.dll
20:20:36.0563 5992 C:\Windows\System32\pnidui.dll - ok
20:20:36.0578 5992 [ B91BD9AB96E803F80C8F7C0F4CA0FD3A ] C:\Program Files\Internet Explorer\sqmapi.dll
20:20:36.0578 5992 C:\Program Files\Internet Explorer\sqmapi.dll - ok
20:20:36.0578 5992 [ 991FB4D35BCA212FF14314D9AB34833E ] C:\Windows\System32\PackageStateRoaming.dll
20:20:36.0578 5992 C:\Windows\System32\PackageStateRoaming.dll - ok
20:20:36.0594 5992 [ DB02F4D37E5F7F07A0D0F9FAA68249EE ] C:\Windows\System32\ieframe.dll
20:20:36.0594 5992 C:\Windows\System32\ieframe.dll - ok
20:20:36.0594 5992 [ 7101124E9C48FDBCD7C3DA690990010B ] C:\Windows\System32\bthprops.cpl
20:20:36.0594 5992 C:\Windows\System32\bthprops.cpl - ok
20:20:36.0610 5992 [ 89C84BF2D5A2A5DD867E046488B8DDE3 ] C:\Windows\System32\BluetoothApis.dll
20:20:36.0610 5992 C:\Windows\System32\BluetoothApis.dll - ok
20:20:36.0625 5992 [ 2125D681978F5893568D0BC59845FAFF ] C:\Windows\System32\WindowsCodecsExt.dll
20:20:36.0625 5992 C:\Windows\System32\WindowsCodecsExt.dll - ok
20:20:36.0625 5992 [ EE7C82B0D69F038245CECBCE9EC45A9A ] C:\Windows\SysWOW64\dllhost.exe
20:20:36.0625 5992 C:\Windows\SysWOW64\dllhost.exe - ok
20:20:36.0641 5992 [ F310AB7C5A54C42C38C4DA974BDB4271 ] C:\Windows\System32\ActionCenter.dll
20:20:36.0641 5992 C:\Windows\System32\ActionCenter.dll - ok
20:20:36.0641 5992 [ 8A0F4A267F23C08C02C5D094C712AD62 ] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
20:20:36.0641 5992 C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll - ok
20:20:36.0656 5992 [ 5764E8261620179F4B9472D2E589E5D9 ] C:\Windows\System32\TimeBrokerClient.dll
20:20:36.0656 5992 C:\Windows\System32\TimeBrokerClient.dll - ok
20:20:36.0672 5992 [ F611E6125B86F2CFB6D2C6A4F98E487A ] C:\Windows\System32\ntshrui.dll
20:20:36.0672 5992 C:\Windows\System32\ntshrui.dll - ok
20:20:36.0672 5992 [ 5D2A65C08953962327A21A51B5FC2089 ] C:\Windows\SysWOW64\actxprxy.dll
20:20:36.0672 5992 C:\Windows\SysWOW64\actxprxy.dll - ok
20:20:36.0688 5992 [ 4235066EB3F3FE7F3153D7AC3BCD059A ] C:\Windows\System32\bitsprx2.dll
20:20:36.0688 5992 C:\Windows\System32\bitsprx2.dll - ok
20:20:36.0688 5992 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
20:20:36.0688 5992 C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
20:20:36.0703 5992 [ 858CE77F3476265F64250BD2F7927C6D ] C:\Windows\System32\gameux.dll
20:20:36.0703 5992 C:\Windows\System32\gameux.dll - ok
20:20:36.0703 5992 [ EF9A6365F4E2A331E79CA1DBBA9D0141 ] C:\Windows\System32\VAN.dll
20:20:36.0703 5992 C:\Windows\System32\VAN.dll - ok
20:20:36.0719 5992 [ DAF25B7F36517AAEA748819E78DCF6BD ] C:\Windows\System32\bitsprx7.dll
20:20:36.0719 5992 C:\Windows\System32\bitsprx7.dll - ok
20:20:36.0735 5992 [ D121570F6E7A06B5C26686C3C3AF1127 ] C:\Windows\System32\bitsprx5.dll
20:20:36.0735 5992 C:\Windows\System32\bitsprx5.dll - ok
20:20:36.0735 5992 [ 4585BC6152F3F255EF1E10A663D0FB0D ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll
20:20:36.0735 5992 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll - ok
20:20:36.0750 5992 [ CD3B0300647818BBF24350C32BA21004 ] C:\Windows\System32\bitsprx3.dll
20:20:36.0750 5992 C:\Windows\System32\bitsprx3.dll - ok
20:20:36.0750 5992 [ 475FB7084CC6D2D11A2B6E56CF91C57B ] C:\Windows\System32\msiltcfg.dll
20:20:36.0750 5992 C:\Windows\System32\msiltcfg.dll - ok
20:20:36.0766 5992 [ B9B896F671BB26960E3F6BF1BA525F68 ] C:\Windows\System32\srchadmin.dll
20:20:36.0766 5992 C:\Windows\System32\srchadmin.dll - ok
20:20:36.0766 5992 [ 3E9F09C81250B892623CCB5E5FC4EB33 ] C:\Windows\System32\msi.dll
20:20:36.0766 5992 C:\Windows\System32\msi.dll - ok
20:20:36.0781 5992 [ E6B65614304E4695C87FC4BD8894F3B3 ] C:\Windows\System32\networkexplorer.dll
20:20:36.0781 5992 C:\Windows\System32\networkexplorer.dll - ok
20:20:36.0797 5992 [ 79227C1E2225DE455F365B607A6D46FB ] C:\Windows\System32\SearchIndexer.exe
20:20:36.0797 5992 C:\Windows\System32\SearchIndexer.exe - ok
20:20:36.0797 5992 [ FA5BCD67BC10E0828D2A0A0FF52E62DE ] C:\Windows\System32\fontext.dll
20:20:36.0797 5992 C:\Windows\System32\fontext.dll - ok
20:20:36.0813 5992 [ 616DF4ADC4E04753BB4951D3464B8157 ] C:\Windows\System32\tquery.dll
20:20:36.0813 5992 C:\Windows\System32\tquery.dll - ok
20:20:36.0813 5992 [ 1E93DEF34A2368E7355467B34DE7A965 ] C:\Windows\System32\DeviceCenter.dll
20:20:36.0813 5992 C:\Windows\System32\DeviceCenter.dll - ok
20:20:36.0828 5992 [ 96BD578CA0CDCEC566A3259D73C4330C ] C:\Windows\System32\mssrch.dll
20:20:36.0828 5992 C:\Windows\System32\mssrch.dll - ok
20:20:36.0844 5992 [ 49F60588AB685D85DD93A9B500C19356 ] C:\Windows\System32\wscui.cpl
20:20:36.0844 5992 C:\Windows\System32\wscui.cpl - ok
20:20:36.0844 5992 [ 951AECDFBE4925B59769D49873DD8051 ] C:\Windows\System32\msidle.dll
20:20:36.0844 5992 C:\Windows\System32\msidle.dll - ok
20:20:36.0860 5992 [ 1300F74B95965CD749A2F3E66FBC4EBB ] C:\Windows\System32\mssprxy.dll
20:20:36.0860 5992 C:\Windows\System32\mssprxy.dll - ok
20:20:36.0860 5992 [ F4DD265D2D7F23C903FCF502B7A1C508 ] C:\Windows\System32\wscapi.dll
20:20:36.0860 5992 C:\Windows\System32\wscapi.dll - ok
20:20:36.0875 5992 [ 10D13A1D82C9E5752D1D2904CA4331A8 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
20:20:36.0875 5992 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
20:20:36.0891 5992 [ A7069E793D4434CC7F4E5D0AFF493939 ] C:\Windows\System32\mlang.dll
20:20:36.0891 5992 C:\Windows\System32\mlang.dll - ok
20:20:36.0891 5992 [ 3BDB77EBDBC4AA34E75DB4A5CF7B477F ] C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll
20:20:36.0891 5992 C:\Program Files\WindowsApps\Microsoft.VCLibs.120.00_12.0.21005.1_x64__8wekyb3d8bbwe\msvcr120_app.dll - ok
20:20:36.0906 5992 [ 51E0339BAA4C418D894B0BF888A344A6 ] C:\Windows\System32\EhStorShell.dll
20:20:36.0906 5992 C:\Windows\System32\EhStorShell.dll - ok
20:20:36.0922 5992 [ 3704B79027CA15E907BA320824D0069B ] C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
20:20:36.0922 5992 C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL - ok
20:20:36.0922 5992 [ 49EB088F318D2C59896EB5394734A4D2 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\wllog.dll
20:20:36.0922 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\wllog.dll - ok
20:20:36.0938 5992 [ 99D7AB7FCE26E2820D796B74F66DCA4E ] C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.11\Installer\setup.exe
20:20:36.0938 5992 C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.11\Installer\setup.exe - ok
20:20:36.0938 5992 [ D6021013D7C4E248AEB8BED12D3DCC88 ] C:\Windows\System32\SearchProtocolHost.exe
20:20:36.0938 5992 C:\Windows\System32\SearchProtocolHost.exe - ok
20:20:36.0953 5992 [ 8B4FF31A06DA3BFB82D37D77040B2019 ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll
20:20:36.0953 5992 C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll - ok
20:20:36.0969 5992 [ 6FDD9C4020C60836E36DC7F09E5D1991 ] C:\Windows\System32\msshooks.dll
20:20:36.0969 5992 C:\Windows\System32\msshooks.dll - ok
20:20:36.0969 5992 [ 18E756E0FE2FFCD5DE35F6B9F91244A6 ] C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll
20:20:36.0969 5992 C:\Windows\WinSxS\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.4148_none_0a1d2fcba76b3f00\ATL90.dll - ok
20:20:36.0985 5992 [ 4213C13D04AC31B7CE1FB802C3A35A7F ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
20:20:36.0985 5992 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
20:20:37.0000 5992 [ 572D14ECE0B882AAC770E59B72977481 ] C:\Windows\System32\SearchFilterHost.exe
20:20:37.0000 5992 C:\Windows\System32\SearchFilterHost.exe - ok
20:20:37.0000 5992 [ 624C204DF35A554A085723EBF39E9B7E ] C:\Windows\System32\mssph.dll
20:20:37.0000 5992 C:\Windows\System32\mssph.dll - ok
20:20:37.0016 5992 [ 4A895F718857F9A7F6198951F3B106CB ] C:\Windows\System32\mapi32.dll
20:20:37.0016 5992 C:\Windows\System32\mapi32.dll - ok
20:20:37.0016 5992 [ DF53187727C823D410E9050CFD3DC9BA ] C:\PROGRA~1\MICROS~1\Office14\1037\GrooveIntlResource.dll
20:20:37.0016 5992 C:\PROGRA~1\MICROS~1\Office14\1037\GrooveIntlResource.dll - ok
20:20:37.0031 5992 [ C5FF5B1327F10075129443A8B33C9477 ] C:\Program Files\Classic Shell\ClassicExplorer64.dll
20:20:37.0031 5992 C:\Program Files\Classic Shell\ClassicExplorer64.dll - ok
20:20:37.0047 5992 [ 5A9895295C7C6174C73496BD06B2E288 ] C:\Windows\System32\SkyDrive.exe
20:20:37.0047 5992 C:\Windows\System32\SkyDrive.exe - ok
20:20:37.0047 5992 [ CE6D08350D0A1278E9A97D94023D1800 ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:20:37.0047 5992 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:20:37.0063 5992 [ 8A0B04A69BFFDA2E7DA712EC2CCB19E9 ] C:\Windows\System32\SyncCenter.dll
20:20:37.0063 5992 C:\Windows\System32\SyncCenter.dll - ok
20:20:37.0063 5992 [ 5C6F6CC5C1395A8B5864713CD3F7F329 ] C:\Windows\System32\SkyDriveTelemetry.dll
20:20:37.0063 5992 C:\Windows\System32\SkyDriveTelemetry.dll - ok
20:20:37.0078 5992 [ F67102E9791A5B80070B30ADF1159A3C ] C:\Windows\System32\SyncEngine.dll
20:20:37.0078 5992 C:\Windows\System32\SyncEngine.dll - ok
20:20:37.0094 5992 [ 2D8DBA0B5F56D329A72D1DB5D18707F4 ] C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll
20:20:37.0094 5992 C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll - ok
20:20:37.0094 5992 [ 0515B5D282D87678EE47D23AF95A948A ] C:\Windows\System32\imapi2.dll
20:20:37.0094 5992 C:\Windows\System32\imapi2.dll - ok
20:20:37.0110 5992 [ BBB9A31169B4969169ADE608231E2985 ] C:\Windows\System32\winbici.dll
20:20:37.0110 5992 C:\Windows\System32\winbici.dll - ok
20:20:37.0125 5992 [ E4B40D5609F2E5513E616F5BF9D32689 ] C:\Windows\System32\loadperf.dll
20:20:37.0125 5992 C:\Windows\System32\loadperf.dll - ok
20:20:37.0125 5992 [ BFC0069A46E1D1F38AFB253F76964471 ] C:\Windows\System32\wbem\wmiprov.dll
20:20:37.0125 5992 C:\Windows\System32\wbem\wmiprov.dll - ok
20:20:37.0141 5992 [ 490965811840F1A0A0B5A15B22C5D755 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll
20:20:37.0141 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.service.dll - ok
20:20:37.0141 5992 [ 7C514A95C3EAB34547DDBEA9AB09FC19 ] C:\Windows\System32\hgcpl.dll
20:20:37.0141 5992 C:\Windows\System32\hgcpl.dll - ok
20:20:37.0156 5992 [ 5577CAB1056C24B8E1A887A6402A1110 ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
20:20:37.0156 5992 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
20:20:37.0172 5992 [ 964FB74B16BC3FEC83B4AD79197653CC ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\bici.dll
20:20:37.0172 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\bici.dll - ok
20:20:37.0172 5992 [ 13FD5C8E6451BAB58ADD147356ACA41F ] C:\Windows\System32\threadpoolwinrt.dll
20:20:37.0172 5992 C:\Windows\System32\threadpoolwinrt.dll - ok
20:20:37.0188 5992 [ BC786FF9CF7253BDD416E18420519B09 ] C:\Windows\System32\biwinrt.dll
20:20:37.0188 5992 C:\Windows\System32\biwinrt.dll - ok
20:20:37.0188 5992 [ 1EAF5D0C199CC26298788BF58695B8DA ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll
20:20:37.0188 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.dll - ok
20:20:37.0203 5992 [ 41BD327A7518C4102969FCEE8F3D5030 ] C:\Windows\System32\SkyDriveShell.dll
20:20:37.0203 5992 C:\Windows\System32\SkyDriveShell.dll - ok
20:20:37.0203 5992 [ 6CA842F30CB19D0789F1B599B7A62B76 ] C:\Windows\System32\StructuredQuery.dll
20:20:37.0203 5992 C:\Windows\System32\StructuredQuery.dll - ok
20:20:37.0219 5992 [ 816E872CBED92DBC7DBE9C2BF899D813 ] C:\Program Files (x86)\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll
20:20:37.0219 5992 C:\Program Files (x86)\RealNetworks\RealDownloader\RCAPlugins\upgrade.dll - ok
20:20:37.0235 5992 [ A9154084EBC2A190943548AE4275A0E9 ] C:\Windows\System32\SearchFolder.dll
20:20:37.0235 5992 C:\Windows\System32\SearchFolder.dll - ok
20:20:37.0250 5992 [ A8BDFE5F5203FE07E45CAF65B47A3597 ] C:\Program Files (x86)\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll
20:20:37.0250 5992 C:\Program Files (x86)\RealNetworks\RealDownloader\RCAPlugins\rpsharedcomponents.dll - ok
20:20:37.0250 5992 [ FD18FDF7A70803A42ECEA1D7C9709E7C ] C:\Windows\System32\mssvp.dll
20:20:37.0250 5992 C:\Windows\System32\mssvp.dll - ok
20:20:37.0266 5992 [ ECCE051BB49773BEE210B515669AFC6E ] C:\Windows\System32\keyiso.dll
20:20:37.0266 5992 C:\Windows\System32\keyiso.dll - ok
20:20:37.0266 5992 [ 53FB52AC29DF3DF005273AC179141E62 ] C:\Windows\System32\drprov.dll
20:20:37.0266 5992 C:\Windows\System32\drprov.dll - ok
20:20:37.0281 5992 [ EDC796C4C9588D28CCB6031E365C4F32 ] C:\Windows\System32\ntlanman.dll
20:20:37.0281 5992 C:\Windows\System32\ntlanman.dll - ok
20:20:37.0297 5992 [ 4292F8C1722134F6F6AC6A6D048772BC ] C:\Windows\System32\davclnt.dll
20:20:37.0297 5992 C:\Windows\System32\davclnt.dll - ok
20:20:37.0297 5992 [ 8F37ADC302D59D09E0A9D29B9A78D3A6 ] C:\Windows\System32\davhlpr.dll
20:20:37.0297 5992 C:\Windows\System32\davhlpr.dll - ok
20:20:37.0313 5992 [ CD025287F85E55599C8BF514BBE9ADD8 ] C:\Windows\System32\CertPolEng.dll
20:20:37.0313 5992 C:\Windows\System32\CertPolEng.dll - ok
20:20:37.0328 5992 [ DC225130BCAE999B1A660EEBF3D2E813 ] C:\Windows\System32\MSWB7.dll
20:20:37.0328 5992 C:\Windows\System32\MSWB7.dll - ok
20:20:37.0328 5992 [ 8DD36FCF5E893714029B4315A88EF785 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
20:20:37.0328 5992 C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe - ok
20:20:37.0344 5992 [ 04B470896143EA0BCCB210467DC69498 ] C:\Windows\System32\apprepapi.dll
20:20:37.0344 5992 C:\Windows\System32\apprepapi.dll - ok
20:20:37.0360 5992 [ E0BC37F2051E1CB6B768A53D9514E3FA ] C:\Windows\System32\pcacli.dll
20:20:37.0360 5992 C:\Windows\System32\pcacli.dll - ok
20:20:37.0360 5992 [ D9184C5FF3FD526761D518A95ABA74A3 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
20:20:37.0360 5992 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
20:20:37.0375 5992 [ EA29C6580768516C37A54544FC4A59AA ] C:\Program Files\AVAST Software\Avast\snxhk.dll
20:20:37.0375 5992 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
20:20:37.0391 5992 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
20:20:37.0391 5992 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
20:20:37.0391 5992 [ EFCD571D096682970EF998DD7154EBC3 ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
20:20:37.0391 5992 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
20:20:37.0406 5992 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
20:20:37.0406 5992 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
20:20:37.0406 5992 [ F87EAF29C38913728E14EF9645EED92F ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
20:20:37.0406 5992 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
20:20:37.0422 5992 [ 7919F90EAE0C6B6085E7AF7F47B14C0F ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
20:20:37.0422 5992 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
20:20:37.0438 5992 [ BC04711CF420FDB5F275F329D0F92EFC ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
20:20:37.0438 5992 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
20:20:37.0438 5992 [ 80537057E6EFDC1272F8AF572DAF0FBB ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
20:20:37.0438 5992 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
20:20:37.0453 5992 [ 0A09A781B1A209BDCC8E7431055E4C45 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
20:20:37.0453 5992 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
20:20:37.0453 5992 [ DA7214AF0526F182E5AB0244358AE365 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
20:20:37.0453 5992 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
20:20:37.0469 5992 [ 2EC3B52F3359E87461F88C3D485B85C2 ] C:\Windows\System32\WWanAPI.dll
20:20:37.0469 5992 C:\Windows\System32\WWanAPI.dll - ok
20:20:37.0485 5992 [ 2ABD44418721B2502A3FF1928DB07F0B ] C:\Windows\SysWOW64\DWrite.dll
20:20:37.0485 5992 C:\Windows\SysWOW64\DWrite.dll - ok
20:20:37.0485 5992 [ 637C513A8A3FFBB3AA05FAFAC3F9174D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:20:37.0485 5992 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
20:20:37.0500 5992 [ C6097B864F628594ED3E53BA55FE0E0C ] C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
20:20:37.0500 5992 C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll - ok
20:20:37.0516 5992 [ 787648B9C1E7503D097D49EE46D9621F ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:20:37.0516 5992 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:20:37.0516 5992 [ 20CF6C36949E73BE4462F09E1CAA1951 ] C:\Windows\SysWOW64\wbemcomn.dll
20:20:37.0516 5992 C:\Windows\SysWOW64\wbemcomn.dll - ok
20:20:37.0531 5992 [ F66CE44D86EA704B31BED2BF2BEDDF75 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:20:37.0531 5992 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
20:20:37.0547 5992 [ 5F540AD6674AEFD64C1051648FF87DE3 ] C:\Windows\System32\dsound.dll
20:20:37.0547 5992 C:\Windows\System32\dsound.dll - ok
20:20:37.0547 5992 [ 17804FCA602C24F7EF30791D4AF90885 ] C:\Windows\System32\oledlg.dll
20:20:37.0547 5992 C:\Windows\System32\oledlg.dll - ok
20:20:37.0563 5992 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
20:20:37.0563 5992 C:\Windows\System32\RtkCfg64.dll - ok
20:20:37.0563 5992 [ FF4E08E412247F28DC3F93D474788998 ] C:\Windows\System32\RtkApi64.dll
20:20:37.0563 5992 C:\Windows\System32\RtkApi64.dll - ok
20:20:37.0578 5992 [ 998AA337D8CA0E8832B3BB4AF8BBC7A0 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:20:37.0578 5992 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:20:37.0594 5992 [ 8DE93017BA7F77E95DF57E753269623D ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:20:37.0594 5992 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:20:37.0594 5992 [ 3A77BFCAC8E7FE25A0F3E822354FFDE8 ] C:\Windows\System32\RtkAPO64.dll
20:20:37.0594 5992 C:\Windows\System32\RtkAPO64.dll - ok
20:20:37.0610 5992 [ 3BADC3E73CB058338765BEA4FE73AFBE ] C:\Windows\System32\AudioEng.dll
20:20:37.0610 5992 C:\Windows\System32\AudioEng.dll - ok
20:20:37.0610 5992 [ 50DEB18784AE4A4B8BE4F8ED4D2BC6E6 ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe
20:20:37.0610 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe - ok
20:20:37.0625 5992 [ 33F5EE33BAAD7DEF96DA4270D0F4B308 ] C:\Windows\System32\wbem\cimwin32.dll
20:20:37.0625 5992 C:\Windows\System32\wbem\cimwin32.dll - ok
20:20:37.0641 5992 [ C32ADB033616D0409641BCD4439033F8 ] C:\Windows\System32\framedynos.dll
20:20:37.0641 5992 C:\Windows\System32\framedynos.dll - ok
20:20:37.0641 5992 [ E864425BF77080E8D780A3AEB3AF7E13 ] C:\Windows\System32\wmi.dll
20:20:37.0641 5992 C:\Windows\System32\wmi.dll - ok
20:20:37.0656 5992 [ 2F65C548322123B479616DFA8238770A ] C:\Windows\System32\RuntimeBroker.exe
20:20:37.0656 5992 C:\Windows\System32\RuntimeBroker.exe - ok
20:20:37.0656 5992 [ 716228882A7BE5133B97D70CDDB69E6B ] C:\Windows\System32\Windows.ApplicationModel.dll
20:20:37.0656 5992 C:\Windows\System32\Windows.ApplicationModel.dll - ok
20:20:37.0672 5992 [ 00AF22B51F217DC4C536F6039577B28C ] C:\Windows\SysWOW64\dxgi.dll
20:20:37.0672 5992 C:\Windows\SysWOW64\dxgi.dll - ok
20:20:37.0688 5992 [ 7AA16F25BC85ED1787D5060AE54CEB54 ] C:\Windows\SysWOW64\d3d10_1.dll
20:20:37.0688 5992 C:\Windows\SysWOW64\d3d10_1.dll - ok
20:20:37.0688 5992 [ 76DEAB0C58518C0BD4CCD799211C09E0 ] C:\Windows\SysWOW64\d3d10_1core.dll
20:20:37.0688 5992 C:\Windows\SysWOW64\d3d10_1core.dll - ok
20:20:37.0703 5992 [ A4A91575D08F9835F6A5E94AF218B8FF ] C:\Windows\SysWOW64\d3d11.dll
20:20:37.0703 5992 C:\Windows\SysWOW64\d3d11.dll - ok
20:20:37.0703 5992 [ AA99B1C1690199041C5DC25C65CABF32 ] C:\Windows\SysWOW64\aticfx32.dll
20:20:37.0703 5992 C:\Windows\SysWOW64\aticfx32.dll - ok
20:20:37.0719 5992 [ B3E49B1E8ACCB13F8704B65821D42A85 ] C:\Windows\SysWOW64\atiuxpag.dll
20:20:37.0719 5992 C:\Windows\SysWOW64\atiuxpag.dll - ok
20:20:37.0719 5992 [ 14E268DF8F3F4CC60A7458408FFDEBC1 ] C:\Windows\SysWOW64\atidxx32.dll
20:20:37.0719 5992 C:\Windows\SysWOW64\atidxx32.dll - ok
20:20:37.0735 5992 [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
20:20:37.0735 5992 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
20:20:37.0750 5992 [ AEB43D2A8158FB535F48F440CC266953 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gtn.dll
20:20:37.0750 5992 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\gtn.dll - ok
20:20:37.0750 5992 [ B715110E1F4A0F0F3561E928A3617053 ] C:\Windows\SysWOW64\rtutils.dll
20:20:37.0750 5992 C:\Windows\SysWOW64\rtutils.dll - ok
20:20:37.0766 5992 [ C9C0B562C7AA50A672766AAC8112DF05 ] C:\Windows\SysWOW64\d2d1.dll
20:20:37.0766 5992 C:\Windows\SysWOW64\d2d1.dll - ok
20:20:37.0781 5992 [ D3088606C810A355EAE9B9056C9B5392 ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
20:20:37.0781 5992 C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll - ok
20:20:37.0781 5992 [ 3958E82529DA716D1D2F0C44E6F14187 ] C:\Windows\System32\pcadm.dll
20:20:37.0781 5992 C:\Windows\System32\pcadm.dll - ok
20:20:37.0797 5992 [ 688FF87A0A328A880FBE32ABB1EE16BF ] C:\Windows\SysWOW64\dpapi.dll
20:20:37.0797 5992 C:\Windows\SysWOW64\dpapi.dll - ok
20:20:37.0797 5992 [ 04767A913945012ADD32E2FCF4B0BE4B ] C:\Windows\SysWOW64\mscms.dll
20:20:37.0797 5992 C:\Windows\SysWOW64\mscms.dll - ok
20:20:37.0813 5992 [ 63A2D767B9261B4F33F97BF88F2FB197 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
20:20:37.0813 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe - ok
20:20:37.0813 5992 [ 564B43AE09C66E6D7D442B0B5C5925CD ] C:\Windows\SysWOW64\comctl32.dll
20:20:37.0828 5992 C:\Windows\SysWOW64\comctl32.dll - ok
20:20:37.0828 5992 [ 8CC87E14A249BDAFBC8D864E4EB741B8 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:20:37.0828 5992 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
20:20:37.0844 5992 [ E034B873FFB81EE0D0B2AE53BC4F3BE1 ] C:\Windows\System32\sfc.dll
20:20:37.0844 5992 C:\Windows\System32\sfc.dll - ok
20:20:37.0844 5992 [ 40B4AD535A454BE8B9344DE7C728DA2B ] C:\Windows\SysWOW64\atiadlxy.dll
20:20:37.0844 5992 C:\Windows\SysWOW64\atiadlxy.dll - ok
20:20:37.0860 5992 [ 5CCF34813D589FB8D682201BBC8F7181 ] C:\Windows\SysWOW64\MMDevAPI.dll
20:20:37.0860 5992 C:\Windows\SysWOW64\MMDevAPI.dll - ok
20:20:37.0875 5992 [ E0A9E2538A01364FBA8D180FD476FCC0 ] C:\Windows\SysWOW64\AudioSes.dll
20:20:37.0875 5992 C:\Windows\SysWOW64\AudioSes.dll - ok
20:20:37.0875 5992 [ 18A42CDF285C0720E01099D4678F8391 ] C:\Windows\SysWOW64\msiltcfg.dll
20:20:37.0875 5992 C:\Windows\SysWOW64\msiltcfg.dll - ok
20:20:37.0891 5992 [ 37898A45C72A08464357CF805AD79162 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
20:20:37.0891 5992 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
20:20:37.0891 5992 [ 3AA79A83EC7D1B16D296029035A9C399 ] C:\Windows\SysWOW64\sfc.dll
20:20:37.0891 5992 C:\Windows\SysWOW64\sfc.dll - ok
20:20:37.0906 5992 [ 5E2428A834E4749981F206BC673C30A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
20:20:37.0906 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll - ok
20:20:37.0922 5992 [ EBDB50C7BD8023CE98380A4648857F4B ] C:\Windows\System32\msauserext.dll
20:20:37.0922 5992 C:\Windows\System32\msauserext.dll - ok
20:20:37.0922 5992 [ 99D2F96C49336EFA01A4F14EC72AA7B6 ] C:\Windows\System32\AuthBroker.dll
20:20:37.0922 5992 C:\Windows\System32\AuthBroker.dll - ok
20:20:37.0938 5992 [ 1B0E47227901BDCCE2CBA17C3B4FA013 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
20:20:37.0938 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc - ok
20:20:37.0938 5992 [ FC08FEB94B06673FC23FA82453C9E62D ] C:\Windows\SysWOW64\msxml6.dll
20:20:37.0938 5992 C:\Windows\SysWOW64\msxml6.dll - ok
20:20:37.0953 5992 [ FB35BA3010711105C6A7C9DD3BC9F76B ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
20:20:37.0953 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll - ok
20:20:37.0969 5992 [ 8B623D50C30C128C027602637E6EB7F3 ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
20:20:37.0969 5992 C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
20:20:37.0969 5992 [ 50299DBA20F8A1735830914777B55932 ] C:\Program Files\Lenovo\LVT\LJYZ.exe
20:20:37.0969 5992 C:\Program Files\Lenovo\LVT\LJYZ.exe - ok
20:20:37.0985 5992 [ 94BF66DE07C48EBEC9B4E09E465ABBC7 ] C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe
20:20:37.0985 5992 C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe - ok
20:20:37.0985 5992 [ 2A499DA867865F84E6287D12CB21012F ] C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe
20:20:37.0985 5992 C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe - ok
20:20:38.0000 5992 [ 84F20198CAE435DE32ABDB4511550BD7 ] C:\Windows\SysWOW64\mscoree.dll
20:20:38.0000 5992 C:\Windows\SysWOW64\mscoree.dll - ok
20:20:38.0016 5992 [ EAA293B3C52C76449ABA8419C8AEC839 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:20:38.0016 5992 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:20:38.0016 5992 [ 572EA523849EC996B61065E8E6BF9D37 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
20:20:38.0016 5992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
20:20:38.0031 5992 [ A58E3C42883F36D743F9BE9B21BFC990 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
20:20:38.0031 5992 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll - ok
20:20:38.0031 5992 [ C6BCC1BE95AE7258D013EEA1C9159C8D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
20:20:38.0031 5992 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
20:20:38.0047 5992 [ 193A0626CA65A5AEDDDD161560615D24 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
20:20:38.0047 5992 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
20:20:38.0063 5992 [ CAD0B60DF3E790FA7DDD205C117BA5C0 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
20:20:38.0063 5992 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
20:20:38.0063 5992 [ 463DADBE8F36AB3C8906D5BE6012659D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
20:20:38.0063 5992 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
20:20:38.0078 5992 [ ABC05B8D756A6981DBCD2B6C1D62E159 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll
20:20:38.0078 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3de119146ed0e59408f896aa69cdfc42\mscorlib.ni.dll - ok
20:20:38.0078 5992 [ A5B39B59E91EAC9585DB3F7ABDC67109 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
20:20:38.0078 5992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
20:20:38.0094 5992 [ 1BA05E6A8212AFBA262635D5131D4CA9 ] C:\Windows\SysWOW64\cryptnet.dll
20:20:38.0094 5992 C:\Windows\SysWOW64\cryptnet.dll - ok
20:20:38.0110 5992 [ EF54D5BEF570516BFA9C0DB9BE99D7F0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll
20:20:38.0110 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\20af51394609c937507288c2b1cf2c8c\System.ni.dll - ok
20:20:38.0110 5992 [ B3293AFBCFD4E8B6A9827BEC07F9A046 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3dce9bc573ada6f51434af3d3460a746\WindowsBase.ni.dll
20:20:38.0110 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3dce9bc573ada6f51434af3d3460a746\WindowsBase.ni.dll - ok
20:20:38.0125 5992 [ 8B73A5D5B568CB3002CBC2D418CEBD18 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eb357737121e026292287e3f53aae21\PresentationCore.ni.dll
20:20:38.0125 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eb357737121e026292287e3f53aae21\PresentationCore.ni.dll - ok
20:20:38.0141 5992 [ A1741C3B79F9DF8895E05EF43579E74B ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
20:20:38.0141 5992 C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe - ok
20:20:38.0141 5992 [ 4B9AE6A6FE4147A1B5FC3B684B451507 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\495d89631724cf0e7b1ace2c1edb4fa9\PresentationFramework.ni.dll
20:20:38.0141 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\495d89631724cf0e7b1ace2c1edb4fa9\PresentationFramework.ni.dll - ok
20:20:38.0156 5992 [ A9669D7EB8431CBCE3F1382ED625A5DD ] C:\Windows\SysWOW64\devenum.dll
20:20:38.0156 5992 C:\Windows\SysWOW64\devenum.dll - ok
20:20:38.0156 5992 [ DD51A0A01A20D1CFEAE681EAC9A789C6 ] C:\Windows\SysWOW64\msdmo.dll
20:20:38.0156 5992 C:\Windows\SysWOW64\msdmo.dll - ok
20:20:38.0172 5992 [ C0B4E207F403024DB67C79497D4B3546 ] C:\Windows\SysWOW64\avicap32.dll
20:20:38.0172 5992 C:\Windows\SysWOW64\avicap32.dll - ok
20:20:38.0188 5992 [ 2E8111191A367645DDAF84D49361B532 ] C:\Windows\SysWOW64\msvfw32.dll
20:20:38.0188 5992 C:\Windows\SysWOW64\msvfw32.dll - ok
20:20:38.0188 5992 [ B4A43FCFDF2D2B29BBDE0BFDFD6A4E86 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
20:20:38.0188 5992 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
20:20:38.0203 5992 [ 99DB2F9BFAE614880930B2BBDD78E3A6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
20:20:38.0203 5992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
20:20:38.0219 5992 [ 343292C9EF7DCEF2FAB90771306E14BA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7ddae86c32a1906e92c0f6f3ed884a3b\Microsoft.VisualBasic.ni.dll
20:20:38.0219 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\7ddae86c32a1906e92c0f6f3ed884a3b\Microsoft.VisualBasic.ni.dll - ok
20:20:38.0219 5992 [ E643415CDC2DA38AAA0B20B7F26A14B0 ] C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll
20:20:38.0219 5992 C:\Program Files\Lenovo\Lenovo Eye Distance System\KeyStoneAdapter.dll - ok
20:20:38.0235 5992 [ 79EDDBCBFFC23585BC1495AFC03CC4D7 ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
20:20:38.0235 5992 C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe - ok
20:20:38.0235 5992 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
20:20:38.0235 5992 C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
20:20:38.0250 5992 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
20:20:38.0250 5992 C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
20:20:38.0266 5992 [ C5928ACC75D5684516860CC7DD20A971 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll
20:20:38.0266 5992 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll - ok
20:20:38.0266 5992 [ 2326B79A5B3CCF433E00AA1782E8E84C ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcm90.dll
20:20:38.0266 5992 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcm90.dll - ok
20:20:38.0281 5992 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
20:20:38.0281 5992 C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
20:20:38.0297 5992 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
20:20:38.0297 5992 C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
20:20:38.0297 5992 [ 7448354E89900479C227DD3118EBD6FD ] C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUITransfer.dll
20:20:38.0313 5992 C:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUITransfer.dll - ok
20:20:38.0313 5992 [ 24452FF70765FC7C61F5C54449B5F122 ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsDaemon.exe
20:20:38.0313 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsDaemon.exe - ok
20:20:38.0328 5992 [ 0A7684320BE53D0599CBCDF6601DB1D3 ] C:\Program Files (x86)\Lenovo\YouCam\MFC71u.dll
20:20:38.0328 5992 C:\Program Files (x86)\Lenovo\YouCam\MFC71u.dll - ok
20:20:38.0328 5992 [ AC012E0BBA6D35E367453DFD5A918379 ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsComm.dll
20:20:38.0328 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsComm.dll - ok
20:20:38.0344 5992 [ 368DE8C4CD87BA4674BBDB7927F2BF30 ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsUtil.dll
20:20:38.0344 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsUtil.dll - ok
20:20:38.0360 5992 [ 3FD95BF0A1523516C2066C18B0B938AE ] C:\Program Files (x86)\Lenovo\YouCam\msvcr71.dll
20:20:38.0360 5992 C:\Program Files (x86)\Lenovo\YouCam\msvcr71.dll - ok
20:20:38.0368 5992 [ 4D4CCD99C796F12B076177B07937AFDC ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsDrv.dll
20:20:38.0368 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsDrv.dll - ok
20:20:38.0384 5992 [ 521656ADE11095633C88F9E95A2E84AB ] C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsHooks.dll
20:20:38.0384 5992 C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsHooks.dll - ok
20:20:38.0384 5992 [ 1653FBC8CDBC2A0C0231F1F12C8CA1F2 ] C:\Program Files (x86)\Lenovo\YouCam\msvcp71.dll
20:20:38.0384 5992 C:\Program Files (x86)\Lenovo\YouCam\msvcp71.dll - ok
20:20:38.0399 5992 [ BFD45BB45C7F5B98B50B911B3E1FF63A ] C:\Windows\SysWOW64\KeyStone.ax
20:20:38.0399 5992 C:\Windows\SysWOW64\KeyStone.ax - ok
20:20:38.0415 5992 [ 0B427D9943C838620AFA30CBB24A6D77 ] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
20:20:38.0415 5992 C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe - ok
20:20:38.0415 5992 [ 406B28AA4CED8748CD541DB5086A1939 ] C:\Windows\SysWOW64\ksproxy.ax
20:20:38.0415 5992 C:\Windows\SysWOW64\ksproxy.ax - ok
20:20:38.0431 5992 [ 48A65754A8BC9FD748CF855B812FA484 ] C:\Program Files (x86)\Lenovo\Power2Go\msvcp71.dll
20:20:38.0431 5992 C:\Program Files (x86)\Lenovo\Power2Go\msvcp71.dll - ok
20:20:38.0431 5992 [ 83481CF1FAD89FAA7E3CDF6AF10C11D1 ] C:\Windows\System32\wpnapps.dll
20:20:38.0431 5992 C:\Windows\System32\wpnapps.dll - ok
20:20:38.0446 5992 [ 0757E3969B6C0FE8A8323E92219BFD65 ] C:\Windows\SysWOW64\ksuser.dll
20:20:38.0446 5992 C:\Windows\SysWOW64\ksuser.dll - ok
20:20:38.0462 5992 [ 42C49E7C19344381E569E5B324541C72 ] C:\Program Files (x86)\Lenovo\Power2Go\msvcr71.dll
20:20:38.0462 5992 C:\Program Files (x86)\Lenovo\Power2Go\msvcr71.dll - ok
20:20:38.0462 5992 [ D85F310B0871AF13961D1C9A9695D756 ] C:\Windows\SysWOW64\d3d9.dll
20:20:38.0462 5992 C:\Windows\SysWOW64\d3d9.dll - ok
20:20:38.0477 5992 [ 5254A52E0F354BC7955E309C4166CE0A ] C:\Windows\SysWOW64\msxml3.dll
20:20:38.0477 5992 C:\Windows\SysWOW64\msxml3.dll - ok
20:20:38.0477 5992 [ 074299AEE7E11131438324C1E92B32EA ] C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
20:20:38.0477 5992 C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll - ok
20:20:38.0493 5992 [ B0A1456EABA9EFBB0AAF0F6C687D323C ] C:\Windows\SysWOW64\Kswdmcap.ax
20:20:38.0493 5992 C:\Windows\SysWOW64\Kswdmcap.ax - ok
20:20:38.0493 5992 [ 5EE3F33B544E1836DB677E0E30DE30FE ] C:\Windows\SysWOW64\vidcap.ax
20:20:38.0493 5992 C:\Windows\SysWOW64\vidcap.ax - ok
20:20:38.0509 5992 [ CA1A0BDF3293CDBE690EEF19E7661D70 ] C:\Windows\SysWOW64\wmp.dll
20:20:38.0509 5992 C:\Windows\SysWOW64\wmp.dll - ok
20:20:38.0524 5992 [ 553DF0972BACAD324BE8199CCA05D6DC ] C:\Windows\SysWOW64\mfc42.dll
20:20:38.0524 5992 C:\Windows\SysWOW64\mfc42.dll - ok
20:20:38.0524 5992 [ B27C56D844AB064547D40BF4F0A96EAE ] C:\Windows\SysWOW64\odbc32.dll
20:20:38.0524 5992 C:\Windows\SysWOW64\odbc32.dll - ok
20:20:38.0540 5992 [ CDBB25D12F247D894F03EED59E2390AF ] C:\Windows\SysWOW64\vmctrl.ax
20:20:38.0540 5992 C:\Windows\SysWOW64\vmctrl.ax - ok
20:20:38.0540 5992 [ 0CB8C7B3207CFC6EADA732C1A42729A5 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll
20:20:38.0540 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.dll - ok
20:20:38.0556 5992 [ 8F83160C43C61FC6775391B46B7C16BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
20:20:38.0556 5992 C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe - ok
20:20:38.0571 5992 [ DFED9CAA6027B65DE02CB79179AB5599 ] C:\Program Files (x86)\Lenovo\YouCam\Custom\Lang\Enu\IM.dll
20:20:38.0571 5992 C:\Program Files (x86)\Lenovo\YouCam\Custom\Lang\Enu\IM.dll - ok
20:20:38.0571 5992 [ BD9CC4BD175C294459FAEDB1E82BA0AE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll
20:20:38.0571 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\d76ae95d56d39a59f727f5518ac8e396\System.Drawing.ni.dll - ok
20:20:38.0587 5992 [ BB0F9F1CB377ED96FB4EFE12E98CED9C ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
20:20:38.0587 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc - ok
20:20:38.0602 5992 [ 2BB04B67B907B341648376161070AF69 ] C:\Windows\SysWOW64\riched32.dll
20:20:38.0602 5992 C:\Windows\SysWOW64\riched32.dll - ok
20:20:38.0602 5992 [ D4607C4D0E171359F65633D19623DE52 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
20:20:38.0602 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll - ok
20:20:38.0618 5992 [ 43E946AAD268FEAFB1E286677E70CB5D ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
20:20:38.0618 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe - ok
20:20:38.0634 5992 [ 6403B9CB0267A6EAB6950DEA178C6121 ] C:\Windows\SysWOW64\wmploc.DLL
20:20:38.0634 5992 C:\Windows\SysWOW64\wmploc.DLL - ok
20:20:38.0634 5992 [ 2FFB68AC6B868F5A0345A0041B349F74 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
20:20:38.0634 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll - ok
20:20:38.0649 5992 [ 45DAC1E7A89EE4AF1487DC62116295C3 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
20:20:38.0649 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll - ok
20:20:38.0665 5992 [ 46D43D31506D0E35C8C7A59B9D3D5D71 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
20:20:38.0665 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll - ok
20:20:38.0665 5992 [ 66110A1A3071C3B11C9ED84AFD6C0946 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll
20:20:38.0665 5992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\a673aacf407b499981342bb709cce917\System.Windows.Forms.ni.dll - ok
20:20:38.0681 5992 [ B7995C675014EEBE77A0BEB7AFCCFC08 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
20:20:38.0681 5992 C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe - ok
20:20:38.0696 5992 [ 079529232DCE0513655CAEBE46854626 ] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
20:20:38.0696 5992 C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll - ok
20:20:38.0696 5992 [ 809A1EC7868924B5E92421F018587AC9 ] C:\Program Files (x86)\Lenovo\PowerDVD10\CLRCEngine3.dll
20:20:38.0696 5992 C:\Program Files (x86)\Lenovo\PowerDVD10\CLRCEngine3.dll - ok
20:20:38.0712 5992 [ 499BA0D7D07635F452F57B733B8D44A6 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll
20:20:38.0712 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqrif08.dll - ok
20:20:38.0712 5992 [ 579E58522C26B77062BD8A15C5972660 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll
20:20:38.0712 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll - ok
20:20:38.0727 5992 [ F31D09FF7262F767F8717086C03DABAE ] C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll
20:20:38.0727 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll - ok
20:20:38.0727 5992 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Lenovo\PowerDVD10\msvcr71.dll
20:20:38.0727 5992 C:\Program Files (x86)\Lenovo\PowerDVD10\msvcr71.dll - ok
20:20:38.0743 5992 [ 6F12EFBBCDCF90FB1A1C6A7BFD1C791D ] C:\Program Files (x86)\Intel\IntelAppStore\bin\AgentInfo.dll
20:20:38.0743 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\AgentInfo.dll - ok
20:20:38.0759 5992 [ 74EE29411B1FEA2C3C37DC94CF7A79C1 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
20:20:38.0759 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll - ok
20:20:38.0759 5992 [ B4B561789462B02D0BB5311BC86F4954 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll
20:20:38.0759 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll - ok
20:20:38.0774 5992 [ 0DB764FA0B8F32E6C39B3E6976C61D04 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
20:20:38.0774 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll - ok
20:20:38.0774 5992 [ C1DDD7D3E1AC9FE37C6C7704B035C9D2 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll
20:20:38.0774 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll - ok
20:20:38.0790 5992 [ 197A3060D57EB54BCB20EC69B17AEF4A ] C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll
20:20:38.0790 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll - ok
20:20:38.0806 5992 [ 6FB36F2977B38AE356781380EFCCAEB6 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\sm_uuid.dll
20:20:38.0806 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\sm_uuid.dll - ok
20:20:38.0806 5992 [ B3FB360040585245DF0A4E63A8987BDF ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ssleay32.dll
20:20:38.0806 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\ssleay32.dll - ok
20:20:38.0821 5992 [ F9A5AEDEB954D37BE3C13F2CAC02727B ] C:\Program Files (x86)\Intel\IntelAppStore\bin\libeay32.dll
20:20:38.0821 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\libeay32.dll - ok
20:20:38.0837 5992 [ 3E0222256F124FDF490D7B210EF1CE87 ] C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe
20:20:38.0837 5992 C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe - ok
20:20:38.0837 5992 [ F6252071299496777D1E3EC407A90929 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
20:20:38.0837 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll - ok
20:20:38.0852 5992 [ 9A4580A4E47C6DD652DED943884CDCA1 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\CorePersistenceAPI.dll
20:20:38.0852 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\CorePersistenceAPI.dll - ok
20:20:38.0852 5992 [ 32D05BF51477ADFA8E458477D60295B9 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll
20:20:38.0852 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpocxi08.dll - ok
20:20:38.0868 5992 [ 0F1C747E75D4E654859615D4B858B23E ] C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll
20:20:38.0868 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll - ok
20:20:38.0884 5992 [ 93432F05BEAB2B957541CFA44561F00E ] C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll
20:20:38.0884 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll - ok
20:20:38.0884 5992 [ 09F66A1325A6680D6BF51DC12ACB4665 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll
20:20:38.0884 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcob08.dll - ok
20:20:38.0899 5992 [ A78AAB0D2D70EF7DD56B7328AC502059 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
20:20:38.0899 5992 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
20:20:38.0915 5992 [ 0AFF867CE95E7215A2F349E1275E4622 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
20:20:38.0915 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll - ok
20:20:38.0915 5992 [ 9743899CE8E4C9686DC8D87E3AD2B0D3 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
20:20:38.0915 5992 C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll - ok
20:20:38.0931 5992 [ 187F4C75A89E3F412322C94526320074 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
20:20:38.0931 5992 C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe - ok
20:20:38.0931 5992 [ 6D961EE2903CA42C673D72F3CC331B11 ] C:\Program Files\AVAST Software\Avast\libcef.dll
20:20:38.0931 5992 C:\Program Files\AVAST Software\Avast\libcef.dll - ok
20:20:38.0946 5992 [ 9911D485A187BF4A78F30CAB8707B41F ] C:\Windows\SysWOW64\taskschd.dll
20:20:38.0946 5992 C:\Windows\SysWOW64\taskschd.dll - ok
20:20:38.0962 5992 [ D658AB1B55127D18DCFBCAC8CAAEA522 ] C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
20:20:38.0962 5992 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe - ok
20:20:38.0962 5992 [ 602CEC60E4F41C2FD196869E5FE1E9E0 ] C:\Windows\SysWOW64\cryptui.dll
20:20:38.0962 5992 C:\Windows\SysWOW64\cryptui.dll - ok
20:20:38.0977 5992 [ F9D0ADF9DA9EF0866C08112FAE0165BE ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll
20:20:38.0977 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpodio08.dll - ok
20:20:38.0977 5992 [ 38602AB6C4E2E28D49E355795C3136B1 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
20:20:38.0977 5992 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
20:20:38.0993 5992 [ EA2E74FC07C354D58F64CDF4080229CA ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\3748ff76f137c66adc4ecf68ecc1aeed\WindowsBase.ni.dll
20:20:38.0993 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\3748ff76f137c66adc4ecf68ecc1aeed\WindowsBase.ni.dll - ok
20:20:38.0993 5992 [ F6158734F1E24C6C510155CF0D363911 ] C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
20:20:38.0993 5992 C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe - ok
20:20:39.0009 5992 [ B8DE851298E99A005BFD34AA906B3FE8 ] C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
20:20:39.0009 5992 C:\Windows\WinSxS\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll - ok
20:20:39.0024 5992 [ DC730F5EA07F8CE98E49BBBD110EAA14 ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
20:20:39.0024 5992 C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
20:20:39.0024 5992 [ 2FB757B35C94B1C1C65BA35E4E7EC0F2 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
20:20:39.0024 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe - ok
20:20:39.0040 5992 [ 947E09E9669A264420A13C24C669E7C0 ] C:\Windows\SysWOW64\xmllite.dll
20:20:39.0040 5992 C:\Windows\SysWOW64\xmllite.dll - ok
20:20:39.0040 5992 [ 085BE68B52CE5A5FA4621507AD518CF3 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:20:39.0040 5992 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
20:20:39.0056 5992 [ 22F2DB923F0E04740619963169F811F9 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
20:20:39.0056 5992 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
20:20:39.0071 5992 [ EBE31F23BF3EF06EE08CE4AC4F26DC80 ] C:\Windows\SysWOW64\shsvcs.dll
20:20:39.0071 5992 C:\Windows\SysWOW64\shsvcs.dll - ok
20:20:39.0071 5992 [ A2A6F802D87CCE216C39B045FC118F60 ] C:\Windows\SysWOW64\hid.dll
20:20:39.0071 5992 C:\Windows\SysWOW64\hid.dll - ok
20:20:39.0087 5992 [ EB0AB6EA8A5781AF844901040A621F18 ] C:\Program Files (x86)\Real\RealPlayer\Update\setu3270.dll
20:20:39.0087 5992 C:\Program Files (x86)\Real\RealPlayer\Update\setu3270.dll - ok
20:20:39.0102 5992 [ 447FC81330CD96CA26459DB2E86C3630 ] C:\Program Files (x86)\Real\RealPlayer\realplay.exe
20:20:39.0102 5992 C:\Program Files (x86)\Real\RealPlayer\realplay.exe - ok
20:20:39.0102 5992 [ 8E1EAC50E7C1C5E14A6873670867C9D8 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
20:20:39.0102 5992 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
20:20:39.0118 5992 [ 653E4146F54641AD764D6273CAAA0835 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:20:39.0118 5992 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:20:39.0118 5992 [ 61E14BAACC1B6204492513A192567028 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\c094976ca6bbbf3485430df7bb1c6417\PresentationCore.ni.dll
20:20:39.0118 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\c094976ca6bbbf3485430df7bb1c6417\PresentationCore.ni.dll - ok
20:20:39.0134 5992 [ D7F53267FE3ED2AE3E1BEB543F8699C7 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
20:20:39.0134 5992 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
20:20:39.0149 5992 [ 7AF1074DAB6D56D0A575F507B6AC266E ] C:\Windows\SysWOW64\mstask.dll
20:20:39.0149 5992 C:\Windows\SysWOW64\mstask.dll - ok
20:20:39.0149 5992 [ 048EA4B978851788E9F5E8E4F081DF7A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:20:39.0149 5992 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:20:39.0165 5992 [ 88C01207F7772D6D16C36D63E0544DC1 ] C:\Windows\apppatch\AcGenral.dll
20:20:39.0165 5992 C:\Windows\apppatch\AcGenral.dll - ok
20:20:39.0181 5992 [ F9DFC08677FC9AC81DD5ACA5EE879E47 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
20:20:39.0181 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe - ok
20:20:39.0181 5992 [ 33EC6E67BF1DAA3A157D99BC6F27E461 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\3db57fc9e3f86d9ee92493fcd83e0b5b\PresentationFramework.ni.dll
20:20:39.0181 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\3db57fc9e3f86d9ee92493fcd83e0b5b\PresentationFramework.ni.dll - ok
20:20:39.0196 5992 [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
20:20:39.0196 5992 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
20:20:39.0196 5992 [ 072DCDE92DC60E332F0E8793F78AD606 ] C:\Program Files\AVAST Software\Avast\aswData.dll
20:20:39.0196 5992 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
20:20:39.0212 5992 [ 59806E57772AC01A8AB61203E812D1F0 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll
20:20:39.0212 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqwso08.dll - ok
20:20:39.0227 5992 [ 75CB211098079B11AE5C640B0B7CBB4E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
20:20:39.0227 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll - ok
20:20:39.0227 5992 [ F82F374417148CF545221DD88876219F ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
20:20:39.0227 5992 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
20:20:39.0243 5992 [ 72382D171B62448152771D3C744F131D ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
20:20:39.0243 5992 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
20:20:39.0259 5992 [ 77823E431B74579925C581331AE84476 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:20:39.0259 5992 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:20:39.0259 5992 [ 5D9B166EFBA673C8221C5C97CCFB5BFE ] C:\Windows\System32\wcmapi.dll
20:20:39.0259 5992 C:\Windows\System32\wcmapi.dll - ok
20:20:39.0274 5992 [ 44645B49EE00160E7B3EF5FC20B04DE2 ] C:\Windows\SysWOW64\cabinet.dll
20:20:39.0274 5992 C:\Windows\SysWOW64\cabinet.dll - ok
20:20:39.0274 5992 [ 1CD5C2DFD2A5BF6DA720386679F3C449 ] C:\Windows\SysWOW64\HPZipr12.dll
20:20:39.0274 5992 C:\Windows\SysWOW64\HPZipr12.dll - ok
20:20:39.0290 5992 [ 9ED4CBBA0E5CC1257062C3D3A9371E19 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
20:20:39.0290 5992 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
20:20:39.0290 5992 [ DEBA9D68BE1AEE64E88493B7EF0735E3 ] C:\Program Files\AVAST Software\Avast\aswResourceLib.dll
20:20:39.0290 5992 C:\Program Files\AVAST Software\Avast\aswResourceLib.dll - ok
20:20:39.0306 5992 [ 8FA3F6CCA00339AE38610359C2045726 ] C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
20:20:39.0306 5992 C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll - ok
20:20:39.0306 5992 [ 83F65B02082862BB470703C1F1C14946 ] C:\Windows\System32\SystemEventsBrokerClient.dll
20:20:39.0306 5992 C:\Windows\System32\SystemEventsBrokerClient.dll - ok
20:20:39.0321 5992 [ C52C5B33623735B9B97834F04324F189 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll
20:20:39.0321 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsti08.dll - ok
20:20:39.0337 5992 [ 5BE1CD443E2D6495E22CBB40D532E1F0 ] C:\Program Files\AVAST Software\Avast\icudt.dll
20:20:39.0337 5992 C:\Program Files\AVAST Software\Avast\icudt.dll - ok
20:20:39.0337 5992 [ EDE12A54BA16B91BC359F2843A54D872 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll
20:20:39.0337 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpb01.dll - ok
20:20:39.0352 5992 [ F7ED08D4BC89D7AC6135C1556A89157F ] C:\Program Files\iPod\bin\iPodService.exe
20:20:39.0352 5992 C:\Program Files\iPod\bin\iPodService.exe - ok
20:20:39.0368 5992 [ B2F0B501A7C017F21C4B4417623895BD ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
20:20:39.0368 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe - ok
20:20:39.0368 5992 [ CC6FDABA99EBF6A117D055106984C98A ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
20:20:39.0368 5992 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
20:20:39.0384 5992 [ 5AC18CD8B3F1432FA6501D6A5EFD1170 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:20:39.0384 5992 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:20:39.0399 5992 [ F38C0260339CB7340B204F0481C0DD40 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\20564f3a8d62818550f8e8ce6f0da456\System.Xaml.ni.dll
20:20:39.0399 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\20564f3a8d62818550f8e8ce6f0da456\System.Xaml.ni.dll - ok
20:20:39.0415 5992 [ 81A254E3252095820202D7A0D2CC64D4 ] C:\Windows\SysWOW64\WinSATAPI.dll
20:20:39.0415 5992 C:\Windows\SysWOW64\WinSATAPI.dll - ok
20:20:39.0415 5992 [ 2BFF31508A58EA3F82CA8D6620AE6E13 ] C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
20:20:39.0415 5992 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
20:20:39.0431 5992 [ 93C2645F115CC9DE63ECE5E1A4C48778 ] C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx
20:20:39.0431 5992 C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx - ok
20:20:39.0431 5992 [ FF409C974A9AD58B82374DEEF6B44CBB ] C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
20:20:39.0431 5992 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe - ok
20:20:39.0446 5992 [ C7AE6A1EAE773F8CEC7F1180CAAB2072 ] C:\Windows\SysWOW64\dsound.dll
20:20:39.0446 5992 C:\Windows\SysWOW64\dsound.dll - ok
20:20:39.0462 5992 [ 5D7373FB7AEB1EB13348DDF1B6630FCB ] C:\Windows\SysWOW64\dinput8.dll
20:20:39.0462 5992 C:\Windows\SysWOW64\dinput8.dll - ok
20:20:39.0462 5992 [ BBFD73042D7CB18120EEE089A9F761EE ] C:\Windows\SysWOW64\UIAutomationCore.dll
20:20:39.0462 5992 C:\Windows\SysWOW64\UIAutomationCore.dll - ok
20:20:39.0478 5992 [ 79FA7D8B488F90EDE325963379A6F738 ] C:\Windows\SysWOW64\ieframe.dll
20:20:39.0478 5992 C:\Windows\SysWOW64\ieframe.dll - ok
20:20:39.0493 5992 [ D775FA6F1E88B3B99E69E8A0D6C3A819 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
20:20:39.0493 5992 C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll - ok
20:20:39.0493 5992 [ 5B323587DA8F47A136EED8B2F177C800 ] C:\Program Files\AVAST Software\Avast\defs\14022700\uiext.dll
20:20:39.0493 5992 C:\Program Files\AVAST Software\Avast\defs\14022700\uiext.dll - ok
20:20:39.0509 5992 [ 0E28DA18EF14D77E236B4BD0E111BEC8 ] C:\Windows\SysWOW64\activeds.dll
20:20:39.0509 5992 C:\Windows\SysWOW64\activeds.dll - ok
20:20:39.0509 5992 [ 25E3826F8A5CB3E8E95926AD271ED365 ] C:\Windows\SysWOW64\adsldpc.dll
20:20:39.0509 5992 C:\Windows\SysWOW64\adsldpc.dll - ok
20:20:39.0524 5992 [ 47DF8A0C94A86E465BC8DDA41F08F067 ] C:\Windows\SysWOW64\adsldp.dll
20:20:39.0524 5992 C:\Windows\SysWOW64\adsldp.dll - ok
20:20:39.0540 5992 [ 0642800E69522E29B93EF4C6BE00D13E ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
20:20:39.0540 5992 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe - ok
20:20:39.0540 5992 [ 2A2104AF3487D47A8B577A9BE0665D33 ] C:\Windows\SysWOW64\logoncli.dll
20:20:39.0540 5992 C:\Windows\SysWOW64\logoncli.dll - ok
20:20:39.0556 5992 [ E83A5BFCA23E9082447F49F1F6FE040E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll
20:20:39.0556 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.dll - ok
20:20:39.0571 5992 [ DD9C67249175844A65783F0A7335E06E ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
20:20:39.0571 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc - ok
20:20:39.0571 5992 [ 0379D09E8D407F5BBE07C9D06DDA783D ] C:\Windows\SysWOW64\mlang.dll
20:20:39.0571 5992 C:\Windows\SysWOW64\mlang.dll - ok
20:20:39.0587 5992 [ 16B5CCB46BB172BAEC8EFEEA74DE1575 ] C:\Windows\SysWOW64\icm32.dll
20:20:39.0587 5992 C:\Windows\SysWOW64\icm32.dll - ok
20:20:39.0603 5992 [ 0D70F07EB0BCCE2B13652EFFF0DDD75F ] C:\Windows\SysWOW64\msacm32.dll
20:20:39.0603 5992 C:\Windows\SysWOW64\msacm32.dll - ok
20:20:39.0603 5992 [ DAA011B2F7CE339B7705656C957FEBA4 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
20:20:39.0603 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll - ok
20:20:39.0618 5992 [ E81AC183EE021B3EC81B4005F4CE2D7D ] C:\Windows\SysWOW64\linkinfo.dll
20:20:39.0618 5992 C:\Windows\SysWOW64\linkinfo.dll - ok
20:20:39.0634 5992 [ 1AEA7E273E344C30C9883254DE75B180 ] C:\Windows\SysWOW64\ntshrui.dll
20:20:39.0634 5992 C:\Windows\SysWOW64\ntshrui.dll - ok
20:20:39.0634 5992 [ D0EB28022A91A5C084E8A7DEBB08D8D2 ] C:\Windows\System32\R4EEL64A.dll
20:20:39.0634 5992 C:\Windows\System32\R4EEL64A.dll - ok
20:20:39.0649 5992 [ 0B5EF50E26CFD1E7BF01E32E053532B2 ] C:\Windows\System32\R4EED64A.dll
20:20:39.0649 5992 C:\Windows\System32\R4EED64A.dll - ok
20:20:39.0649 5992 [ 81CB299043CCA918FB4BC74C893E355C ] C:\Windows\System32\audiodg.exe
20:20:39.0649 5992 C:\Windows\System32\audiodg.exe - ok
20:20:39.0665 5992 [ 8BA0BC4503A1234917A5FEA9C8988CC0 ] C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll
20:20:39.0665 5992 C:\Program Files (x86)\Real\RealPlayer\rpwa3260.dll - ok
20:20:39.0681 5992 [ B953A10B98ED83C2EF7C7D9153F18924 ] C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
20:20:39.0681 5992 C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll - ok
20:20:39.0681 5992 [ 3E618C3EE48151B24624F97E7C291E63 ] C:\Windows\System32\AUDIOKSE.dll
20:20:39.0681 5992 C:\Windows\System32\AUDIOKSE.dll - ok
20:20:39.0696 5992 [ 5E13A714112998487C056B07D3B11C11 ] C:\Windows\System32\deviceaccess.dll
20:20:39.0696 5992 C:\Windows\System32\deviceaccess.dll - ok
20:20:39.0696 5992 [ 24550CB7F9B445B2782E3278C19CEA18 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
20:20:39.0712 5992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
20:20:39.0712 5992 [ 063020D87AF347CA0866ECA46B702F59 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
20:20:39.0712 5992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
20:20:39.0728 5992 [ 8A50547F54A3BD5BE9A1E151E15D3F92 ] C:\Windows\System32\profext.dll
20:20:39.0728 5992 C:\Windows\System32\profext.dll - ok
20:20:39.0728 5992 [ FD13C6D2A647A09F56DC0DBE643E6934 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\2cf5aef9c4a0b079a72a1b66a56419ea\System.Drawing.ni.dll
20:20:39.0728 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\2cf5aef9c4a0b079a72a1b66a56419ea\System.Drawing.ni.dll - ok
20:20:39.0743 5992 [ C2FE66E76FFE80DEAC5EB5AF8704EACE ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4cc365f501860843d5d66fda0076c834\System.Windows.Forms.ni.dll
20:20:39.0743 5992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\4cc365f501860843d5d66fda0076c834\System.Windows.Forms.ni.dll - ok
20:20:39.0759 5992 [ 0569ABAB7FF5283BC57CE0EF07F444DA ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
20:20:39.0759 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc - ok
20:20:39.0759 5992 [ 435B77B364863A4468C676EC56F1811E ] C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
20:20:39.0759 5992 C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll - ok
20:20:39.0774 5992 [ DF30279BBC862195DB750037E05FE665 ] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll
20:20:39.0774 5992 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpreh.dll - ok
20:20:39.0774 5992 [ 8882AD10853E45402CABD3BAF48A7EFC ] C:\Windows\System32\R4EEA64A.dll
20:20:39.0774 5992 C:\Windows\System32\R4EEA64A.dll - ok
20:20:39.0790 5992 [ 1C10E59024357AA7CAB8B836B767FB5B ] C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll
20:20:39.0790 5992 C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll - ok
20:20:39.0790 5992 [ 9776DC73C92C0919B29BB6AEF5A20FDF ] C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll
20:20:39.0790 5992 C:\Program Files\Microsoft Mouse and Keyboard Center\Components\Commands\DPGHnt\DPGHnt.dll - ok
20:20:39.0806 5992 [ 64C7A2E64FDB98A8FE963F402426F044 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\wlcore.dll
20:20:39.0806 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\wlcore.dll - ok
20:20:39.0821 5992 [ D1B5D53F75C783D50CF57F5C0D8C8482 ] C:\Windows\SysWOW64\msisip.dll
20:20:39.0821 5992 C:\Windows\SysWOW64\msisip.dll - ok
20:20:39.0821 5992 [ 49D8DB54743BB8C3571B054C0573517F ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.calendar.dll
20:20:39.0821 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.calendar.dll - ok
20:20:39.0837 5992 [ 43B223C4799777C4DA008469DD913813 ] C:\Windows\System32\wbem\NCProv.dll
20:20:39.0837 5992 C:\Windows\System32\wbem\NCProv.dll - ok
20:20:39.0853 5992 [ 83E48DE98AD7DC90A4B6371EDE61EA36 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.eas.dll
20:20:39.0853 5992 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\microsoft.windowslive.platform.eas.dll - ok
20:20:39.0853 5992 [ E6DEC72A2A23FAA53EB9FEC3C7E29D66 ] C:\Windows\System32\sppsvc.exe
20:20:39.0853 5992 C:\Windows\System32\sppsvc.exe - ok
20:20:39.0868 5992 [ 325D9D1D5D819BD6474BC3E674650138 ] C:\Windows\System32\cryptxml.dll
20:20:39.0868 5992 C:\Windows\System32\cryptxml.dll - ok
20:20:39.0868 5992 [ 5CFA46C4ACB2FD70572017052378DAE5 ] C:\Windows\System32\wscsvc.dll
20:20:39.0868 5992 C:\Windows\System32\wscsvc.dll - ok
20:20:39.0884 5992 [ 8CC7ED11965BDF475585156059392CD1 ] C:\Windows\System32\wuapi.dll
20:20:39.0884 5992 C:\Windows\System32\wuapi.dll - ok
20:20:39.0899 5992 [ 36215D975F1DCB76752F4C32B1D31C4A ] C:\Windows\System32\wups.dll
20:20:39.0899 5992 C:\Windows\System32\wups.dll - ok
20:20:39.0899 5992 [ 9CE95E2A32023CE9D9B38EE2295688A9 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
20:20:39.0899 5992 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
20:20:39.0915 5992 [ 1A1B60D269F745C021F69564B5906AD0 ] C:\Windows\System32\wmpmde.dll
20:20:39.0915 5992 C:\Windows\System32\wmpmde.dll - ok
20:20:39.0915 5992 [ 029D89926A1C52C785B4F2E697FD7105 ] C:\Windows\System32\mfplat.dll
20:20:39.0915 5992 C:\Windows\System32\mfplat.dll - ok
20:20:39.0931 5992 [ 16DF8849D099979B878755DCD258E7B0 ] C:\Windows\System32\RTWorkQ.dll
20:20:39.0931 5992 C:\Windows\System32\RTWorkQ.dll - ok
20:20:39.0946 5992 [ CA336E6ABF539A6D14DA3C49DDD24696 ] C:\Windows\System32\mfcore.dll
20:20:39.0946 5992 C:\Windows\System32\mfcore.dll - ok
20:20:39.0946 5992 [ 8420491FFA891600A88FD12F5059A54C ] C:\Windows\System32\ksuser.dll
20:20:39.0946 5992 C:\Windows\System32\ksuser.dll - ok
20:20:39.0962 5992 [ 03F03B8E77492EB7324F2FA979FC7E64 ] C:\Windows\System32\WinSATAPI.dll
20:20:39.0962 5992 C:\Windows\System32\WinSATAPI.dll - ok
20:20:39.0962 5992 [ D484A8427675AA26EBC87A12349F6B34 ] C:\Windows\System32\MSMPEG2ENC.DLL
20:20:39.0962 5992 C:\Windows\System32\MSMPEG2ENC.DLL - ok
20:20:39.0978 5992 [ 4A2FFDAC45F317E17DF642C7160EB633 ] C:\Windows\System32\upnphost.dll
20:20:39.0978 5992 C:\Windows\System32\upnphost.dll - ok
20:20:39.0993 5992 [ 4BDA81E32B28ECEF27305A9580D3CBEB ] C:\Windows\System32\sppwinob.dll
20:20:39.0993 5992 C:\Windows\System32\sppwinob.dll - ok
20:20:39.0993 5992 [ 0C1DB99164874B08B687891B1A2A4D68 ] C:\Windows\System32\sppobjs.dll
20:20:39.0993 5992 C:\Windows\System32\sppobjs.dll - ok
20:20:40.0009 5992 [ BBDAE44A49657B63E0EC653DFDBABD83 ] C:\Windows\System32\udhisapi.dll
20:20:40.0009 5992 C:\Windows\System32\udhisapi.dll - ok
20:20:40.0009 5992 [ 0C1DD5D08EFBC9308BD8CA08E7CBA48D ] C:\Windows\System32\Windows.Media.Streaming.dll
20:20:40.0009 5992 C:\Windows\System32\Windows.Media.Streaming.dll - ok
20:20:40.0024 5992 [ ABE67B52D1D9EC1EB8B7BA973B425489 ] C:\Program Files\AVAST Software\Avast\aswRvrt.dll
20:20:40.0024 5992 C:\Program Files\AVAST Software\Avast\aswRvrt.dll - ok
20:20:40.0024 5992 ============================================================
20:20:40.0024 5992 Scan finished
20:20:40.0024 5992 ============================================================
20:20:40.0056 2252 Detected object count: 5
20:20:40.0056 2252 Actual detected object count: 5
20:21:28.0649 2252 25326564 ( HiddenService.Multi.Generic ) - skipped by user
20:21:28.0649 2252 25326564 ( HiddenService.Multi.Generic ) - User select action: Skip
20:21:28.0665 2252 Dashboard Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:28.0665 2252 Dashboard Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:28.0665 2252 IdeaTouch.LocalDataServer.Education ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:28.0665 2252 IdeaTouch.LocalDataServer.Education ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:28.0665 2252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:28.0665 2252 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:28.0665 2252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:28.0665 2252 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:25:06.0098 3676 Deinitialize success

[pystryker]

Well, TDSSKiller didn't find any Active Threats and you say Chrome is a the worst browser, so let's try resetting it and see if that helps.

Please follow the link below to reset Chrome. Please be sure to read what it will reset at the bottom of the page. Let me know if Chrome is performing any better after this.

https://support.goog...r/3296214?hl=en

[assaf1]

Hi

I did the reset on Chrome but no significant change.Firefox was better on the 23.2 actually.

[pystryker]

Ok, let's see what the big boy finds. I don't see any malware, and if ComboFix doesn't find anything, we may be looking at a hardware issue. But let's take a look see.

Download ComboFix

• Please download ComboFix to your desktop by clicking here or here.
  
• ComboFix will ask you if you with to install the Recovery Console. Please answer Yes when it does. This will allow us to boot into a special repair mode if necessary.
  
• ComboFix may also require one or more reboots of your computer to complete it's work. This is normal, so please do not worry.
  
• The scan may take a few minutes to complete to quite a while to complete, depending on the severity of your malware infection(s).

Before Running ComboFix

• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  
• Close any open web browsers.

Running ComboFix

• Double click combofix.exe and follow the prompts. Please remember to answer YES to installing the Recovery Console.
  
• DO NOT click on ComboFix's window while it is in operation. This may cause it to hang.
  
• Once ComboFix has finished it's scan, it will produce a log for you. Please post that log in your next reply.

Please include in your next post

• ComboFix log
  
• How is the machine running?

[assaf1]

Hi,i couldn't run ComboFix.there was an error message: "ComboFix is not meant to run in 'Compatibility Mode' The program shell now exit"


This despite my Antivirus was Disabled and all the programs were closed.

[pystryker]

Ok, no worries there, let's go with a different tool to take a look then.

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Please download Malwarebytes AntiRootkit and save it to your desktop.

Full instructions how to use MBAR
Please note: This is a beta version so please be sure to read the disclaimer and note of it.

• Unzip/unrar MBAR in a folder to your Desktop and MBAM shall run ...

• Click on Next > then on Update button to download fresh definitions.


• When database updates click Next

• In the following window ensure "Targets" scan for Drivers; Sectors; System are ticked. Then select "Scan button"


• If an infection/s are found ensure "Create Restore Point" is checked, then select the "Cleanup Button" to remove threats.
Or if you are sure any entries should not be kept, just untick them. A list of infected files will be listed.


• The Clean up procedure will be Scheduled for process.
• When complete pop-up will show you. Select the Yes button and the system should re-boot to complete the cleaning process.

>> Please post the two following logs from the mbar folder:

system-log.txt
and
mbar-log-year-month-day (hour-minute-second).txt.

Question: How is the computer running now?