NunnBetter
-
Posts
17 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by NunnBetter
-
-
I have copied the MBAM log first and the Hijackthis log second, separated by a line of "#########". Everything on the computer seems to be working without problems or errors so far since running these programs in your previous instructions.
Malwarebytes Anti-Malware (Trial) 1.65.1.1000
www.malwarebytes.org
Database version: v2012.12.19.13
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
NunnBetter :: NUNNBETTER [administrator]
Protection: Enabled
12/19/2012 7:29:30 PM
mbam-log-2012-12-19 (19-31-39).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 253978
Time elapsed: 1 minute(s), 56 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011341191} (PUP.GamePlayLab) -> No action taken.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 3
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
Folders Detected: 1
C:\Users\NunnBetter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection (Rogue.SystemProgressiveProtection) -> No action taken.
Files Detected: 1
C:\Users\NunnBetter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Progressive Protection\System Progressive Protection.lnk (Rogue.SystemProgressiveProtection) -> No action taken.
(end)
#################################################################################################
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:33:16 PM, on 12/19/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe
C:\Mitchell1\Manager\Series1\Series10.exe
C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\NunnBetter\Downloads\HijackThis.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [NeroLauncher] C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.medium-truck.net
O15 - Trusted Zone: *.ondemand5.com
O15 - Trusted Zone: *.repair-connect.net
O15 - Trusted Zone: *.shopkey5.com
O15 - Trusted Zone: *.tractor-trailer.net
O15 - Trusted Zone: *.vintage.mitchell1.com
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
O18 - Protocol: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - mscoree.dll (file missing)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: CDPforFilesSrv (filepathsrv) - Unknown owner - C:\Windows\system32\filepathsrv.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Dell DataSafe Online (NOBU) - Dell, Inc. - C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QBCFMonitorService - Intuit - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
O23 - Service: Intuit QuickBooks FCS (QBFCService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
O23 - Service: QBIDPService (QBVSS) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
O23 - Service: RalinkRegistryWriter - Ralink Technology, Corp. - C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
O23 - Service: RalinkRegistryWriter64 - Ralink Technology, Corp. - C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - c:\users\nunnbe~1\appdata\local\temp\teamviewer\version6\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13008 bytes
-
Here's the extra report. Thanks.
Adobe AIR
Adobe Reader X (10.1.4) MUI
Adobe Shockwave Player 11.6
Adobe SVG Viewer 3.0
avast! Free Antivirus
Bejeweled 2 Deluxe
Bing Rewards Client Installer
Blackhawk Striker 2
Blio
Bounce Symphony
Build-a-lot 2
Cake Mania
Chuzzle Deluxe
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Cisco WebEx Meetings
Consumer In-Home Service Agreement
Cozi
D3DX10
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Digital Delivery
Dell Getting Started Guide
Dell MusicStage
Dell PhotoStage
Dell Stage
Dell Stage Remote
Dell VideoStage
Diner Dash 2 Restaurant Rescue
DirectX 9 Runtime
Dora's World Adventure
DPR Client Manager
eBay
Escape Whisper Valley
Farm Frenzy
FATE
Final Drive Fury
Final Drive Nitro
Google Chrome
guru Media Editor v2.52
High-Definition Video Playback
Intel® Processor Graphics
Java Auto Updater
Java 6 Update 27
Jewel Quest
Jewel Quest Solitaire 2
Junk Mail filter update
K-Lite Codec Pack 7.0.0 (Standard)
Luxor
McAfee SecurityCenter
Mesh Runtime
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mitchell1/ShopKey QuickBooks Integrator v 1.1
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 Parser and SDK
Namco All-Stars PAC-MAN
Nero 10 Movie ThemePack Basic
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Update
NETGEAR WNDA4100 Genie
Norton Security Scan
OnDemand5
OnDemand5 Manager SU
Penguins!
PhotoShowExpress
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime x86
Poker Superstars III
Polar Bowler
Polar Golfer
QuickBooks
QuickBooks Pro 2011
ROBLOX Player
Roxio Activation Module
Roxio BackOnTrack
Roxio Burn
Roxio Creator Starter
Roxio Express Labeler 3
Samantha Swift
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Sonic CinePlayer Decoder Pack
Staples USB-to-Serial Adapter 2.04
swMSM
SyncUP
TrustedID
TrustedID IDMonitor Identity Protection
Unity Web Player
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update Installer for WildTangent Games App
Virtual Villagers 4 - The Tree of Life
Wedding Dash - Ready, Aim, Love!
WildTangent Games
WildTangent Games App (Dell Games)
Windows 7 Upgrade Advisor
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Zinio Reader 4
Zuma Deluxe
-
Hi,
I've rerun Combofix and the report is below. No problems running the program. The computer seems to be functioning without any abnormal delays, errors or otherwise. Thanks!
ComboFix 12-12-17.02 - NunnBetter 12/17/2012 10:48:27.6.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8105.6905 [GMT -6:00]
Running from: c:\users\NunnBetter\Desktop\username123.exe.exe
Command switches used :: c:\users\NunnBetter\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-11-17 to 2012-12-17 )))))))))))))))))))))))))))))))
.
.
2012-12-17 16:51 . 2012-12-17 16:51 -------- d-----w- c:\users\Tabatha\AppData\Local\temp
2012-12-17 16:51 . 2012-12-17 16:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 22:32 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 22:32 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-10 20:16 . 2012-12-10 20:16 -------- d-----w- c:\users\Shop
2012-12-09 23:31 . 2012-12-17 16:51 -------- d-----w- c:\users\NunnBetter\AppData\Local\temp
2012-12-03 09:02 . 2012-12-03 09:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-12-02 09:03 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-02 09:03 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-02 09:03 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-02 09:03 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-02 09:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-02 09:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-02 09:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-02 09:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-02 09:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-02 09:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-02 09:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-02 03:39 . 2012-12-02 03:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-02 02:31 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-12-02 02:31 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-12-02 02:11 . 2012-12-02 02:11 -------- d-----w- C:\FRST
2012-12-01 00:30 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-01 00:30 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-01 00:30 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-01 00:30 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-01 00:30 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-01 00:30 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-01 00:30 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-01 00:29 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-01 00:29 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-12-01 00:29 . 2012-12-01 00:29 -------- d-----w- c:\programdata\AVAST Software
2012-12-01 00:29 . 2012-12-01 00:29 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-13 09:02 . 2012-08-21 22:32 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-12-02 02:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-02 02:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-02 02:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-04 16:40 . 2012-12-12 22:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-20 1255736]
R4 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-09 173568]
R4 filepathsrv;CDPforFilesSrv;c:\windows\system32\filepathsrv.exe [2010-07-19 628608]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R4 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]
R4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
R4 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
R4 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-11-09 1248256]
R4 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2011-11-21 455424]
R4 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R4 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R4 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 FilePath;VitalFile;c:\windows\system32\DRIVERS\fp.sys [2010-07-19 316288]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 56340489
*NewlyCreated* - 71392672
*Deregistered* - 56340489
*Deregistered* - 71392672
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2690531696-1917535011-530222184-1001Core.job
- c:\users\NunnBetter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 21:08]
.
2012-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2690531696-1917535011-530222184-1001UA.job
- c:\users\NunnBetter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 21:08]
.
2012-06-08 c:\windows\Tasks\Norton Security Scan for NunnBetter.job
- c:\progra~2\NORTON~2\Engine\372~1.5\Nss.exe [2012-06-05 09:45]
.
2012-03-12 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]
.
2012-04-11 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: medium-truck.net
Trusted Zone: ondemand5.com
Trusted Zone: repair-connect.net
Trusted Zone: shopkey5.com
Trusted Zone: tractor-trailer.net
Trusted Zone: vintage.mitchell1.com
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-56340489.sys
SafeBoot-69072183.sys
AddRemove-OnDemand5 Manager SU - c:\mitchell1\Manager\Series1\RebootWiz
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-17 10:52:56
ComboFix-quarantined-files.txt 2012-12-17 16:52
ComboFix2.txt 2012-12-09 23:31
ComboFix3.txt 2012-12-01 18:47
ComboFix4.txt 2012-12-01 04:35
.
Pre-Run: 921,961,762,816 bytes free
Post-Run: 921,667,567,616 bytes free
.
- - End Of File - - F63D5490A9562C733A5CE373A5503FE3
-
17:13:44.0011 3252 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:13:44.0013 3252 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswAR.dll
17:13:44.0013 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswAR.dll - ok
17:13:44.0015 3252 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:13:44.0015 3252 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:13:44.0017 3252 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:13:44.0018 3252 C:\Windows\SysWOW64\winnsi.dll - ok
17:13:44.0020 3252 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswRawFS.dll
17:13:44.0020 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswRawFS.dll - ok
17:13:44.0022 3252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:13:44.0022 3252 C:\Windows\System32\wkssvc.dll - ok
17:13:44.0024 3252 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:13:44.0024 3252 C:\Windows\System32\cryptsvc.dll - ok
17:13:44.0026 3252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:13:44.0026 3252 C:\Windows\System32\dps.dll - ok
17:13:44.0028 3252 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:13:44.0028 3252 C:\Windows\System32\IKEEXT.DLL - ok
17:13:44.0030 3252 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] C:\Windows\System32\mfevtps.exe
17:13:44.0030 3252 C:\Windows\System32\mfevtps.exe - ok
17:13:44.0032 3252 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:13:44.0032 3252 C:\Windows\System32\sfc.dll - ok
17:13:44.0034 3252 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:13:44.0034 3252 C:\Windows\System32\sfc_os.dll - ok
17:13:44.0035 3252 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:13:44.0035 3252 C:\Windows\System32\cryptnet.dll - ok
17:13:44.0037 3252 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:13:44.0037 3252 C:\Windows\System32\netman.dll - ok
17:13:44.0039 3252 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:13:44.0039 3252 C:\Windows\System32\nlasvc.dll - ok
17:13:44.0041 3252 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:13:44.0041 3252 C:\Windows\System32\ncsi.dll - ok
17:13:44.0043 3252 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:13:44.0043 3252 C:\Windows\System32\winhttp.dll - ok
17:13:44.0045 3252 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:13:44.0045 3252 C:\Windows\System32\taskschd.dll - ok
17:13:44.0047 3252 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:13:44.0048 3252 C:\Windows\System32\pcasvc.dll - ok
17:13:44.0050 3252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
17:13:44.0050 3252 C:\Windows\System32\drivers\PEAuth.sys - ok
17:13:44.0052 3252 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:13:44.0052 3252 C:\Windows\System32\drivers\secdrv.sys - ok
17:13:44.0054 3252 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:13:44.0054 3252 C:\Windows\System32\webio.dll - ok
17:13:44.0056 3252 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
17:13:44.0056 3252 C:\Windows\System32\aepic.dll - ok
17:13:44.0058 3252 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:13:44.0058 3252 C:\Windows\System32\vssapi.dll - ok
17:13:44.0060 3252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
17:13:44.0060 3252 C:\Windows\System32\seclogon.dll - ok
17:13:44.0062 3252 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
17:13:44.0062 3252 C:\Windows\System32\drivers\Sftfslh.sys - ok
17:13:44.0064 3252 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
17:13:44.0064 3252 C:\Windows\System32\vpnikeapi.dll - ok
17:13:44.0066 3252 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:13:44.0066 3252 C:\Windows\System32\wfapigp.dll - ok
17:13:44.0068 3252 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:13:44.0068 3252 C:\Windows\System32\mscms.dll - ok
17:13:44.0070 3252 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:13:44.0070 3252 C:\Windows\System32\snmptrap.exe - ok
17:13:44.0072 3252 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:13:44.0072 3252 C:\Windows\System32\provsvc.dll - ok
17:13:44.0074 3252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:13:44.0074 3252 C:\Windows\System32\sstpsvc.dll - ok
17:13:44.0078 3252 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:13:44.0078 3252 C:\Windows\System32\vsstrace.dll - ok
17:13:44.0080 3252 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:13:44.0080 3252 C:\Windows\System32\ssdpapi.dll - ok
17:13:44.0082 3252 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:13:44.0082 3252 C:\Windows\SysWOW64\wship6.dll - ok
17:13:44.0084 3252 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:13:44.0084 3252 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:13:44.0086 3252 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
17:13:44.0086 3252 C:\Windows\System32\drivers\Sftplaylh.sys - ok
17:13:44.0088 3252 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:13:44.0088 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
17:13:44.0090 3252 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:13:44.0090 3252 C:\Windows\SysWOW64\profapi.dll - ok
17:13:44.0092 3252 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:13:44.0092 3252 C:\Windows\SysWOW64\userenv.dll - ok
17:13:44.0095 3252 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:13:44.0095 3252 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:13:44.0097 3252 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
17:13:44.0097 3252 C:\Windows\System32\drivers\srvnet.sys - ok
17:13:44.0099 3252 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:13:44.0099 3252 C:\Windows\SysWOW64\cryptsp.dll - ok
17:13:44.0101 3252 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
17:13:44.0101 3252 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:13:44.0103 3252 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
17:13:44.0103 3252 C:\Windows\System32\httpapi.dll - ok
17:13:44.0105 3252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
17:13:44.0105 3252 C:\Windows\System32\sysmain.dll - ok
17:13:44.0107 3252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
17:13:44.0107 3252 C:\Windows\System32\tapisrv.dll - ok
17:13:44.0109 3252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
17:13:44.0109 3252 C:\Windows\System32\wiaservc.dll - ok
17:13:44.0111 3252 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:13:44.0111 3252 C:\Windows\SysWOW64\credssp.dll - ok
17:13:44.0113 3252 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
17:13:44.0113 3252 C:\Windows\System32\wiatrace.dll - ok
17:13:44.0115 3252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:13:44.0115 3252 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:13:44.0117 3252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
17:13:44.0117 3252 C:\Windows\System32\trkwks.dll - ok
17:13:44.0119 3252 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:13:44.0119 3252 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:13:44.0121 3252 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:13:44.0121 3252 C:\Windows\System32\SensApi.dll - ok
17:13:44.0123 3252 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:13:44.0123 3252 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:13:44.0126 3252 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:13:44.0126 3252 C:\Windows\System32\wer.dll - ok
17:13:44.0128 3252 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
17:13:44.0128 3252 C:\Windows\System32\aeevts.dll - ok
17:13:44.0130 3252 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:13:44.0130 3252 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:13:44.0132 3252 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
17:13:44.0132 3252 C:\Windows\System32\msxml3.dll - ok
17:13:44.0134 3252 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
17:13:44.0134 3252 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe - ok
17:13:44.0136 3252 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
17:13:44.0136 3252 C:\Windows\System32\lz32.dll - ok
17:13:44.0139 3252 [ 6BFDC58CEACB90417FCE6BBBD7F3C660 ] C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll
17:13:44.0139 3252 C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll - ok
17:13:44.0141 3252 [ 9F688D9EE28AD1282DCB0F25F26775AE ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll
17:13:44.0141 3252 C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll - ok
17:13:44.0143 3252 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:13:44.0143 3252 C:\Windows\System32\wbemcomn.dll - ok
17:13:44.0145 3252 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:13:44.0145 3252 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:13:44.0148 3252 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:13:44.0148 3252 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:13:44.0150 3252 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:13:44.0150 3252 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:13:44.0152 3252 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:13:44.0152 3252 C:\Windows\System32\wbem\fastprox.dll - ok
17:13:44.0154 3252 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:13:44.0154 3252 C:\Windows\System32\ntdsapi.dll - ok
17:13:44.0156 3252 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:13:44.0156 3252 C:\Windows\System32\wbem\wbemprox.dll - ok
17:13:44.0158 3252 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:13:44.0158 3252 C:\Windows\System32\wbem\wbemcore.dll - ok
17:13:44.0161 3252 [ 915CCD0159ECD7957890E525A629E6DD ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll
17:13:44.0161 3252 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll - ok
17:13:44.0163 3252 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
17:13:44.0163 3252 C:\Windows\System32\shfolder.dll - ok
17:13:44.0165 3252 [ 43478C48F97846E7251EE48DFB698652 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll
17:13:44.0165 3252 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll - ok
17:13:44.0167 3252 [ BA9315165B80B742EA81FD4B745EBE71 ] C:\Program Files\Common Files\mcafee\systemcore\ftl.dll
17:13:44.0167 3252 C:\Program Files\Common Files\mcafee\systemcore\ftl.dll - ok
17:13:44.0169 3252 [ 0ACBDACAE25FF643049F5E9C7FB19E70 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll
17:13:44.0169 3252 C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll - ok
17:13:44.0172 3252 [ 4575380ECBAAB6C812731B0D4588D364 ] C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll
17:13:44.0172 3252 C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll - ok
17:13:44.0174 3252 [ 97C398750C8E80A48EB63999546F796E ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
17:13:44.0174 3252 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
17:13:44.0176 3252 [ B3455B5D864BD1E4F48D4E76FAFD8163 ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
17:13:44.0176 3252 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
17:13:44.0179 3252 [ 71C32E0008B01EDF7657D886662D21D5 ] C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
17:13:44.0179 3252 C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll - ok
17:13:44.0181 3252 [ 5731B230C7D6ADD88CC7CD07D247BEA8 ] C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll
17:13:44.0181 3252 C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll - ok
17:13:44.0183 3252 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:13:44.0183 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
17:13:44.0186 3252 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
17:13:44.0186 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
17:13:44.0188 3252 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
17:13:44.0188 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
17:13:44.0190 3252 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
17:13:44.0190 3252 C:\Windows\SysWOW64\mpr.dll - ok
17:13:44.0192 3252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
17:13:44.0192 3252 C:\Windows\System32\rasmans.dll - ok
17:13:44.0194 3252 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:13:44.0194 3252 C:\Windows\System32\wbem\esscli.dll - ok
17:13:44.0196 3252 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
17:13:44.0196 3252 C:\Windows\System32\rastapi.dll - ok
17:13:44.0198 3252 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
17:13:44.0199 3252 C:\Windows\System32\tapi32.dll - ok
17:13:44.0201 3252 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:13:44.0201 3252 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:13:44.0203 3252 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:13:44.0203 3252 C:\Windows\System32\wbem\wmiutils.dll - ok
17:13:44.0205 3252 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
17:13:44.0205 3252 C:\Windows\System32\unimdm.tsp - ok
17:13:44.0207 3252 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:13:44.0207 3252 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:13:44.0209 3252 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
17:13:44.0210 3252 C:\Windows\System32\hidphone.tsp - ok
17:13:44.0212 3252 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
17:13:44.0212 3252 C:\Windows\System32\kmddsp.tsp - ok
17:13:44.0213 3252 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
17:13:44.0214 3252 C:\Windows\System32\ndptsp.tsp - ok
17:13:44.0215 3252 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
17:13:44.0216 3252 C:\Windows\System32\uniplat.dll - ok
17:13:44.0217 3252 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
17:13:44.0217 3252 C:\Windows\System32\rasppp.dll - ok
17:13:44.0219 3252 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
17:13:44.0219 3252 C:\Windows\System32\vpnike.dll - ok
17:13:44.0221 3252 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
17:13:44.0221 3252 C:\Windows\System32\raschap.dll - ok
17:13:44.0223 3252 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
17:13:44.0223 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
17:13:44.0226 3252 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
17:13:44.0226 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
17:13:44.0228 3252 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
17:13:44.0229 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
17:13:44.0231 3252 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
17:13:44.0231 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
17:13:44.0233 3252 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
17:13:44.0233 3252 C:\Windows\SysWOW64\SensApi.dll - ok
17:13:44.0235 3252 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:13:44.0235 3252 C:\Windows\SysWOW64\crypt32.dll - ok
17:13:44.0237 3252 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:13:44.0237 3252 C:\Windows\SysWOW64\msasn1.dll - ok
17:13:44.0239 3252 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:13:44.0239 3252 C:\Windows\SysWOW64\winhttp.dll - ok
17:13:44.0241 3252 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:13:44.0241 3252 C:\Windows\SysWOW64\webio.dll - ok
17:13:44.0243 3252 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
17:13:44.0243 3252 C:\Windows\SysWOW64\logoncli.dll - ok
17:13:44.0245 3252 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:13:44.0245 3252 C:\Windows\SysWOW64\wintrust.dll - ok
17:13:44.0247 3252 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:13:44.0247 3252 C:\Windows\SysWOW64\msi.dll - ok
17:13:44.0249 3252 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
17:13:44.0249 3252 C:\Windows\System32\ipnathlp.dll - ok
17:13:44.0251 3252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
17:13:44.0251 3252 C:\Windows\System32\drivers\srv2.sys - ok
17:13:44.0253 3252 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
17:13:44.0253 3252 C:\Windows\System32\drivers\Sftredirlh.sys - ok
17:13:44.0255 3252 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:13:44.0255 3252 C:\Windows\System32\mprapi.dll - ok
17:13:44.0257 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
17:13:44.0257 3252 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe - ok
17:13:44.0259 3252 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:13:44.0259 3252 C:\Windows\System32\netshell.dll - ok
17:13:44.0261 3252 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
17:13:44.0262 3252 C:\Windows\System32\msvcr100.dll - ok
17:13:44.0264 3252 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
17:13:44.0264 3252 C:\Windows\SysWOW64\schannel.dll - ok
17:13:44.0266 3252 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
17:13:44.0266 3252 C:\Windows\System32\dssenh.dll - ok
17:13:44.0268 3252 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll
17:13:44.0268 3252 C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll - ok
17:13:44.0270 3252 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:13:44.0270 3252 C:\Windows\System32\iphlpsvc.dll - ok
17:13:44.0272 3252 [ 8422CE4E53738275C4C8539F91790A7F ] C:\PROGRA~1\mcafee\msc\McOobeSv.dll
17:13:44.0272 3252 C:\PROGRA~1\mcafee\msc\McOobeSv.dll - ok
17:13:44.0274 3252 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
17:13:44.0274 3252 C:\Windows\System32\sqmapi.dll - ok
17:13:44.0276 3252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
17:13:44.0276 3252 C:\Windows\System32\drivers\srv.sys - ok
17:13:44.0279 3252 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
17:13:44.0279 3252 C:\Windows\System32\wdscore.dll - ok
17:13:44.0281 3252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:13:44.0281 3252 C:\Windows\System32\browser.dll - ok
17:13:44.0283 3252 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:13:44.0283 3252 C:\Windows\System32\hnetcfg.dll - ok
17:13:44.0285 3252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:13:44.0285 3252 C:\Windows\System32\srvsvc.dll - ok
17:13:44.0287 3252 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:13:44.0287 3252 C:\Windows\System32\netmsg.dll - ok
17:13:44.0289 3252 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
17:13:44.0289 3252 C:\Windows\System32\sscore.dll - ok
17:13:44.0291 3252 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
17:13:44.0291 3252 C:\Windows\System32\clusapi.dll - ok
17:13:44.0294 3252 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
17:13:44.0294 3252 C:\Windows\System32\resutils.dll - ok
17:13:44.0295 3252 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
17:13:44.0296 3252 C:\Windows\System32\wsock32.dll - ok
17:13:44.0297 3252 [ E30E33FEA53642563CF4C240CACA5D2E ] C:\PROGRA~1\mcafee\mpf\MpfSvc.dll
17:13:44.0297 3252 C:\PROGRA~1\mcafee\mpf\MpfSvc.dll - ok
17:13:44.0299 3252 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:13:44.0300 3252 C:\Windows\System32\winspool.drv - ok
17:13:44.0302 3252 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:13:44.0302 3252 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:13:44.0304 3252 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:13:44.0304 3252 C:\Windows\System32\rasadhlp.dll - ok
17:13:44.0306 3252 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:13:44.0306 3252 C:\Windows\SysWOW64\clbcatq.dll - ok
17:13:44.0308 3252 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
17:13:44.0308 3252 C:\Windows\System32\localspl.dll - ok
17:13:44.0310 3252 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
17:13:44.0310 3252 C:\Windows\System32\spoolss.dll - ok
17:13:44.0312 3252 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
17:13:44.0312 3252 C:\Windows\SysWOW64\msxml6.dll - ok
17:13:44.0314 3252 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
17:13:44.0314 3252 C:\Windows\System32\FXSMON.dll - ok
17:13:44.0316 3252 [ 2E1729779D60F4003508F393E8343ED8 ] C:\Windows\System32\hpf3lw73.dll
17:13:44.0316 3252 C:\Windows\System32\hpf3lw73.dll - ok
17:13:44.0318 3252 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
17:13:44.0318 3252 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:13:44.0320 3252 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
17:13:44.0320 3252 C:\Windows\System32\tcpmon.dll - ok
17:13:44.0322 3252 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
17:13:44.0322 3252 C:\Windows\System32\snmpapi.dll - ok
17:13:44.0324 3252 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
17:13:44.0324 3252 C:\Windows\System32\wsnmp32.dll - ok
17:13:44.0326 3252 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
17:13:44.0326 3252 C:\Windows\System32\usbmon.dll - ok
17:13:44.0328 3252 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
17:13:44.0328 3252 C:\Windows\System32\WSDMon.dll - ok
17:13:44.0330 3252 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
17:13:44.0330 3252 C:\Windows\System32\WSDApi.dll - ok
17:13:44.0332 3252 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
17:13:44.0332 3252 C:\Windows\System32\webservices.dll - ok
17:13:44.0334 3252 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:13:44.0334 3252 C:\Windows\System32\fundisc.dll - ok
17:13:44.0336 3252 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
17:13:44.0336 3252 C:\Windows\SysWOW64\rsaenh.dll - ok
17:13:44.0338 3252 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
17:13:44.0338 3252 C:\Windows\System32\fdPnp.dll - ok
17:13:44.0340 3252 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
17:13:44.0340 3252 C:\Windows\System32\wsdchngr.dll - ok
17:13:44.0342 3252 [ AD911EBC4FADCCAA243E379FF23AB959 ] C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll
17:13:44.0342 3252 C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll - ok
17:13:44.0344 3252 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:13:44.0344 3252 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:13:44.0346 3252 [ 9F463B07C8EFA35FFA581844A9F4FE79 ] C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL
17:13:44.0346 3252 C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL - ok
17:13:44.0348 3252 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
17:13:44.0348 3252 C:\Windows\System32\win32spl.dll - ok
17:13:44.0350 3252 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
17:13:44.0350 3252 C:\Windows\System32\inetpp.dll - ok
17:13:44.0352 3252 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll
17:13:44.0352 3252 C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll - ok
17:13:44.0355 3252 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:13:44.0355 3252 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:13:44.0357 3252 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:13:44.0357 3252 C:\Windows\System32\ncobjapi.dll - ok
17:13:44.0359 3252 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:13:44.0359 3252 C:\Windows\System32\wbem\wbemess.dll - ok
17:13:44.0361 3252 [ 64A48342A57BC34943FA2014A2650550 ] C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll
17:13:44.0361 3252 C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll - ok
17:13:44.0363 3252 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
17:13:44.0363 3252 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
17:13:44.0365 3252 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
17:13:44.0365 3252 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
17:13:44.0367 3252 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:13:44.0367 3252 C:\Windows\System32\dllhost.exe - ok
17:13:44.0369 3252 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:13:44.0369 3252 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:13:44.0372 3252 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:13:44.0372 3252 C:\Windows\System32\IDStore.dll - ok
17:13:44.0374 3252 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
17:13:44.0374 3252 C:\Windows\System32\taskhost.exe - ok
17:13:44.0376 3252 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
17:13:44.0376 3252 C:\Windows\System32\HotStartUserAgent.dll - ok
17:13:44.0378 3252 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:13:44.0378 3252 C:\Windows\System32\mpr.dll - ok
17:13:44.0380 3252 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
17:13:44.0380 3252 C:\Windows\System32\taskeng.exe - ok
17:13:44.0382 3252 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:13:44.0382 3252 C:\Windows\System32\userinit.exe - ok
17:13:44.0384 3252 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
17:13:44.0384 3252 C:\Windows\System32\dwm.exe - ok
17:13:44.0386 3252 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
17:13:44.0386 3252 C:\Windows\System32\dwmcore.dll - ok
17:13:44.0388 3252 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
17:13:44.0388 3252 C:\Windows\System32\dwmredir.dll - ok
17:13:44.0390 3252 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
17:13:44.0390 3252 C:\Windows\System32\d3d10_1.dll - ok
17:13:44.0392 3252 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
17:13:44.0392 3252 C:\Windows\System32\d3d10_1core.dll - ok
17:13:44.0394 3252 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
17:13:44.0394 3252 C:\Windows\System32\dxgi.dll - ok
17:13:44.0396 3252 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:13:44.0396 3252 C:\Windows\explorer.exe - ok
17:13:44.0398 3252 [ CE291A12090CBB2A4BCB1F7A547DEC37 ] C:\Windows\System32\igd10umd64.dll
17:13:44.0398 3252 C:\Windows\System32\igd10umd64.dll - ok
17:13:44.0400 3252 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
17:13:44.0400 3252 C:\Windows\System32\PlaySndSrv.dll - ok
17:13:44.0402 3252 [ A7E1129289E833FC9E52018BBEE20C4D ] C:\Program Files (x86)\Mitchell1\DPR Client Manager\DPRClientManager.exe
17:13:44.0402 3252 C:\Program Files (x86)\Mitchell1\DPR Client Manager\DPRClientManager.exe - ok
17:13:44.0405 3252 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
17:13:44.0405 3252 C:\Windows\System32\TSChannel.dll - ok
17:13:44.0407 3252 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:13:44.0407 3252 C:\Windows\System32\ExplorerFrame.dll - ok
17:13:44.0409 3252 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
17:13:44.0409 3252 C:\Windows\System32\mscoree.dll - ok
17:13:44.0411 3252 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:13:44.0411 3252 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:13:44.0413 3252 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
17:13:44.0413 3252 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
17:13:44.0415 3252 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:13:44.0415 3252 C:\Windows\System32\msi.dll - ok
17:13:44.0417 3252 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
17:13:44.0417 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
17:13:44.0420 3252 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
17:13:44.0420 3252 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
17:13:44.0422 3252 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
17:13:44.0422 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
17:13:44.0424 3252 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
17:13:44.0424 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
17:13:44.0427 3252 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
17:13:44.0427 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
17:13:44.0429 3252 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:13:44.0429 3252 C:\Windows\System32\cscapi.dll - ok
17:13:44.0431 3252 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
17:13:44.0431 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
17:13:44.0433 3252 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
17:13:44.0433 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
17:13:44.0436 3252 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
17:13:44.0436 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
17:13:44.0438 3252 [ 2571D556FC661E22397D627AA2DDBD69 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\e56d345b174428dabaf908fa64a9642c\System.Web.Services.ni.dll
17:13:44.0438 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\e56d345b174428dabaf908fa64a9642c\System.Web.Services.ni.dll - ok
17:13:44.0441 3252 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
17:13:44.0441 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
17:13:44.0443 3252 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:13:44.0443 3252 C:\Windows\System32\MsCtfMonitor.dll - ok
17:13:44.0445 3252 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:13:44.0445 3252 C:\Windows\System32\msutb.dll - ok
17:13:44.0447 3252 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:13:44.0447 3252 C:\Windows\System32\EhStorShell.dll - ok
17:13:44.0449 3252 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
17:13:44.0449 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
17:13:44.0451 3252 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
17:13:44.0451 3252 C:\Windows\SysWOW64\credui.dll - ok
17:13:44.0453 3252 [ 625D390D5CBA512166571019E5EFECFB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll
17:13:44.0453 3252 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll - ok
17:13:44.0456 3252 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
17:13:44.0456 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
17:13:44.0458 3252 [ B574522827D94126C03975FD53F0B26B ] C:\Windows\System32\drivers\mfeapfk.sys
17:13:44.0458 3252 C:\Windows\System32\drivers\mfeapfk.sys - ok
17:13:44.0460 3252 [ 30830E9DA7F0BA3946665827D5247EC0 ] C:\PROGRA~1\mcafee\mpf\MpfEvt.dll
17:13:44.0460 3252 C:\PROGRA~1\mcafee\mpf\MpfEvt.dll - ok
17:13:44.0462 3252 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll
17:13:44.0462 3252 C:\Windows\System32\atl100.dll - ok
17:13:44.0464 3252 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
17:13:44.0464 3252 C:\Windows\SysWOW64\oleacc.dll - ok
17:13:44.0466 3252 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:13:44.0466 3252 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:13:44.0468 3252 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
17:13:44.0468 3252 C:\Windows\SysWOW64\hlink.dll - ok
17:13:44.0470 3252 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:13:44.0470 3252 C:\Windows\SysWOW64\setupapi.dll - ok
17:13:44.0472 3252 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:13:44.0472 3252 C:\Windows\SysWOW64\devobj.dll - ok
17:13:44.0475 3252 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
17:13:44.0475 3252 C:\Windows\System32\uDWM.dll - ok
17:13:44.0477 3252 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:13:44.0477 3252 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:13:44.0480 3252 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
17:13:44.0480 3252 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
17:13:44.0482 3252 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
17:13:44.0482 3252 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
17:13:44.0484 3252 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
17:13:44.0484 3252 C:\Windows\SysWOW64\msv1_0.dll - ok
17:13:44.0486 3252 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
17:13:44.0486 3252 C:\Windows\SysWOW64\cryptdll.dll - ok
17:13:44.0488 3252 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:13:44.0488 3252 C:\Windows\System32\ntshrui.dll - ok
17:13:44.0490 3252 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:13:44.0490 3252 C:\Windows\System32\IconCodecService.dll - ok
17:13:44.0492 3252 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:13:44.0492 3252 C:\Windows\System32\runonce.exe - ok
17:13:44.0494 3252 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:13:44.0494 3252 C:\Windows\SysWOW64\runonce.exe - ok
17:13:44.0496 3252 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:13:44.0496 3252 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:13:44.0499 3252 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:13:44.0499 3252 C:\Windows\SysWOW64\uxtheme.dll - ok
17:13:44.0501 3252 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
17:13:44.0501 3252 C:\Windows\SysWOW64\propsys.dll - ok
17:13:44.0503 3252 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
17:13:44.0503 3252 C:\Windows\System32\wbem\cimwin32.dll - ok
17:13:44.0505 3252 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
17:13:44.0505 3252 C:\Windows\SysWOW64\ntmarta.dll - ok
17:13:44.0507 3252 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
17:13:44.0507 3252 C:\Windows\SysWOW64\Wldap32.dll - ok
17:13:44.0509 3252 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
17:13:44.0509 3252 C:\Windows\System32\framedynos.dll - ok
17:13:44.0511 3252 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
17:13:44.0511 3252 C:\Windows\System32\security.dll - ok
17:13:44.0513 3252 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:13:44.0513 3252 C:\Windows\System32\browcli.dll - ok
17:13:44.0515 3252 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
17:13:44.0515 3252 C:\Windows\System32\schedcli.dll - ok
17:13:44.0517 3252 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
17:13:44.0517 3252 C:\Windows\SysWOW64\msxml3.dll - ok
17:13:44.0519 3252 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
17:13:44.0519 3252 C:\Windows\System32\wdi.dll - ok
17:13:44.0521 3252 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
17:13:44.0521 3252 C:\Windows\System32\diagperf.dll - ok
17:13:44.0523 3252 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:13:44.0523 3252 C:\Windows\System32\npmproxy.dll - ok
17:13:44.0525 3252 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
17:13:44.0525 3252 C:\Windows\System32\wpdbusenum.dll - ok
17:13:44.0527 3252 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:13:44.0527 3252 C:\Windows\System32\NapiNSP.dll - ok
17:13:44.0529 3252 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:13:44.0529 3252 C:\Windows\System32\pnrpnsp.dll - ok
17:13:44.0531 3252 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:13:44.0531 3252 C:\Windows\System32\winrnr.dll - ok
17:13:44.0533 3252 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
17:13:44.0533 3252 C:\Windows\System32\pnpts.dll - ok
17:13:44.0535 3252 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
17:13:44.0535 3252 C:\Windows\System32\radardt.dll - ok
17:13:44.0537 3252 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
17:13:44.0537 3252 C:\Windows\System32\wdiasqmmodule.dll - ok
17:13:44.0539 3252 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
17:13:44.0539 3252 C:\Windows\System32\mprmsg.dll - ok
17:13:44.0541 3252 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
17:13:44.0541 3252 C:\Windows\System32\ndiscapCfg.dll - ok
17:13:44.0544 3252 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:13:44.0544 3252 C:\Windows\System32\rascfg.dll - ok
17:13:44.0546 3252 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
17:13:44.0546 3252 C:\Windows\System32\tcpipcfg.dll - ok
17:13:44.0548 3252 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
17:13:44.0548 3252 C:\Windows\SysWOW64\apphelp.dll - ok
17:13:44.0550 3252 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
17:13:44.0550 3252 C:\Windows\System32\msvcp100.dll - ok
17:13:44.0552 3252 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
17:13:44.0552 3252 C:\Windows\SysWOW64\cmd.exe - ok
17:13:44.0554 3252 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
17:13:44.0554 3252 C:\Windows\System32\schtasks.exe - ok
17:13:44.0556 3252 [ F1F438402FC37991A0502F09CC0AA284 ] C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll
17:13:44.0556 3252 C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll - ok
17:13:44.0558 3252 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
17:13:44.0558 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
17:13:44.0560 3252 [ 8ED06C74B9BC9CE0E24EA0CB0C5CF2A7 ] C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll
17:13:44.0560 3252 C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll - ok
17:13:44.0563 3252 [ 19B8FEB9455D9D63425514271F5752E6 ] C:\PROGRA~1\mcafee\msc\mclwapi.dll
17:13:44.0563 3252 C:\PROGRA~1\mcafee\msc\mclwapi.dll - ok
17:13:44.0565 3252 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
17:13:44.0565 3252 C:\Windows\System32\perftrack.dll - ok
17:13:44.0567 3252 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
17:13:44.0567 3252 C:\Windows\SysWOW64\winbrand.dll - ok
17:13:44.0569 3252 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
17:13:44.0569 3252 C:\Windows\SysWOW64\ieframe.dll - ok
17:13:44.0571 3252 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
17:13:44.0571 3252 C:\Windows\SysWOW64\shdocvw.dll - ok
17:13:44.0573 3252 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\NunnBetter\AppData\Local\temp\16BEBFDA-4F68-45BB-A890-69FFF4E8B68B.exe
17:13:44.0573 3252 C:\Users\NunnBetter\AppData\Local\temp\16BEBFDA-4F68-45BB-A890-69FFF4E8B68B.exe - ok
17:13:44.0575 3252 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
17:13:44.0575 3252 C:\Windows\SysWOW64\imagehlp.dll - ok
17:13:44.0578 3252 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
17:13:44.0578 3252 C:\Windows\SysWOW64\ncrypt.dll - ok
17:13:44.0580 3252 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
17:13:44.0580 3252 C:\Windows\SysWOW64\bcrypt.dll - ok
17:13:44.0582 3252 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:13:44.0582 3252 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:13:44.0584 3252 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
17:13:44.0584 3252 C:\Windows\SysWOW64\gpapi.dll - ok
17:13:44.0586 3252 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
17:13:44.0586 3252 C:\Windows\SysWOW64\cryptnet.dll - ok
17:13:44.0588 3252 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
17:13:44.0588 3252 C:\Windows\SysWOW64\dwmapi.dll - ok
17:13:44.0590 3252 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:13:44.0590 3252 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:13:44.0592 3252 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
17:13:44.0592 3252 C:\Windows\SysWOW64\EhStorShell.dll - ok
17:13:44.0594 3252 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
17:13:44.0594 3252 C:\Windows\SysWOW64\ntshrui.dll - ok
17:13:44.0596 3252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:13:44.0596 3252 C:\Windows\System32\aelupsvc.dll - ok
17:13:44.0598 3252 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
17:13:44.0598 3252 C:\Windows\SysWOW64\slc.dll - ok
17:13:44.0600 3252 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
17:13:44.0600 3252 C:\Windows\SysWOW64\imageres.dll - ok
17:13:44.0602 3252 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:13:44.0602 3252 C:\Windows\System32\PortableDeviceApi.dll - ok
17:13:44.0604 3252 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
17:13:44.0604 3252 C:\Windows\System32\Apphlpdm.dll - ok
17:13:44.0606 3252 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
17:13:44.0606 3252 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:13:44.0609 3252 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:13:44.0609 3252 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:13:44.0611 3252 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
17:13:44.0611 3252 C:\Windows\System32\dimsjob.dll - ok
17:13:44.0613 3252 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
17:13:44.0613 3252 C:\Windows\System32\WUDFHost.exe - ok
17:13:44.0615 3252 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
17:13:44.0615 3252 C:\Windows\System32\certcli.dll - ok
17:13:44.0617 3252 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
17:13:44.0617 3252 C:\Windows\System32\CertEnroll.dll - ok
17:13:44.0619 3252 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
17:13:44.0619 3252 C:\Windows\System32\pautoenr.dll - ok
17:13:44.0621 3252 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
17:13:44.0621 3252 C:\Windows\System32\WUDFx.dll - ok
17:13:44.0623 3252 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
17:13:44.0623 3252 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
17:13:44.0625 3252 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
17:13:44.0625 3252 C:\Windows\System32\nci.dll - ok
17:13:44.0627 3252 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
17:13:44.0627 3252 C:\Windows\System32\wlaninst.dll - ok
17:13:44.0629 3252 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
17:13:44.0629 3252 C:\Windows\System32\wwaninst.dll - ok
17:13:44.0632 3252 [ D01AECEB5D1E1C137AF7D755DDBCC549 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
17:13:44.0632 3252 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll - ok
17:13:44.0634 3252 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll
17:13:44.0634 3252 C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll - ok
17:13:44.0636 3252 [ A7B282F4153D7E6715A1BB70113CF7EB ] C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll
17:13:44.0636 3252 C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll - ok
17:13:44.0638 3252 [ FD0D2E1FAEBAE5031BE2EB8000D973F1 ] C:\Program Files\Internet Explorer\iexplore.exe
17:13:44.0638 3252 C:\Program Files\Internet Explorer\iexplore.exe - ok
17:13:44.0640 3252 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\mcafee\msc\LangSel.dll
17:13:44.0640 3252 C:\Program Files\Common Files\mcafee\msc\LangSel.dll - ok
17:13:44.0642 3252 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\mcafee\msc\McRTMui.dll
17:13:44.0642 3252 C:\Program Files\Common Files\mcafee\msc\McRTMui.dll - ok
17:13:44.0644 3252 [ A444C15772749F572E61DAFED66F51C4 ] C:\Program Files\mcafee\msc\oemui.dll
17:13:44.0645 3252 C:\Program Files\mcafee\msc\oemui.dll - ok
17:13:44.0647 3252 [ 88FD96AD1B0C56474ADDC97100FFFA39 ] C:\Program Files\mcafee\mpf\L10N.dll
17:13:44.0647 3252 C:\Program Files\mcafee\mpf\L10N.dll - ok
17:13:44.0649 3252 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
17:13:44.0649 3252 C:\Windows\System32\WMVCORE.DLL - ok
17:13:44.0651 3252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
17:13:44.0651 3252 C:\Windows\System32\IPSECSVC.DLL - ok
17:13:44.0653 3252 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
17:13:44.0653 3252 C:\Windows\System32\FwRemoteSvr.dll - ok
17:13:44.0655 3252 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
17:13:44.0655 3252 C:\Windows\System32\WMASF.DLL - ok
17:13:44.0657 3252 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
17:13:44.0657 3252 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
17:13:44.0659 3252 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:13:44.0659 3252 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:13:44.0661 3252 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
17:13:44.0661 3252 C:\Windows\System32\wmi.dll - ok
17:13:44.0663 3252 [ 17880C5A11373D67993FA652358DC306 ] C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll
17:13:44.0663 3252 C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll - ok
17:13:44.0665 3252 [ 45B5A89DC41577282E5BF41B1165EA71 ] C:\Windows\System32\drivers\cfwids.sys
17:13:44.0665 3252 C:\Windows\System32\drivers\cfwids.sys - ok
17:13:44.0667 3252 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
17:13:44.0667 3252 C:\Windows\System32\rundll32.exe - ok
17:13:44.0669 3252 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:13:44.0669 3252 C:\Windows\System32\actxprxy.dll - ok
17:13:44.0671 3252 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
17:13:44.0671 3252 C:\Windows\System32\spfileq.dll - ok
17:13:44.0673 3252 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
17:13:44.0673 3252 C:\Windows\SysWOW64\sfc.dll - ok
17:13:44.0675 3252 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
17:13:44.0675 3252 C:\Windows\SysWOW64\sfc_os.dll - ok
17:13:44.0678 3252 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
17:13:44.0678 3252 C:\Windows\SysWOW64\devrtl.dll - ok
17:13:44.0679 3252 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
17:13:44.0679 3252 C:\Windows\System32\ie4uinit.exe - ok
17:13:44.0679 3252 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
17:13:44.0679 3252 C:\Windows\System32\iedkcs32.dll - ok
17:13:44.0679 3252 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:13:44.0679 3252 C:\Windows\System32\timedate.cpl - ok
17:13:44.0679 3252 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
17:13:44.0679 3252 C:\Windows\System32\drivers\fastfat.sys - ok
17:13:44.0679 3252 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:13:44.0679 3252 C:\Windows\System32\shdocvw.dll - ok
17:13:44.0679 3252 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:13:44.0679 3252 C:\Windows\System32\linkinfo.dll - ok
17:13:44.0679 3252 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
17:13:44.0679 3252 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
17:13:44.0695 3252 [ E62FF21F5B5F69CFA5BB2F97C03C0A5B ] C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL
17:13:44.0695 3252 C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL - ok
17:13:44.0695 3252 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:13:44.0695 3252 C:\Windows\System32\msftedit.dll - ok
17:13:44.0695 3252 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:13:44.0695 3252 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:13:44.0695 3252 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:13:44.0695 3252 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:13:44.0695 3252 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
17:13:44.0695 3252 C:\Windows\System32\msls31.dll - ok
17:13:44.0695 3252 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
17:13:44.0695 3252 C:\Windows\System32\gameux.dll - ok
17:13:44.0695 3252 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:13:44.0695 3252 C:\Windows\System32\DeviceCenter.dll - ok
17:13:44.0695 3252 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
17:13:44.0695 3252 C:\Windows\System32\ieframe.dll - ok
17:13:44.0710 3252 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:13:44.0710 3252 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
17:13:44.0710 3252 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
17:13:44.0710 3252 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
17:13:44.0710 3252 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
17:13:44.0710 3252 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
17:13:44.0710 3252 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
17:13:44.0710 3252 C:\Windows\SysWOW64\comdlg32.dll - ok
17:13:44.0710 3252 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
17:13:44.0710 3252 C:\Windows\SysWOW64\msimg32.dll - ok
17:13:44.0710 3252 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
17:13:44.0710 3252 C:\Windows\SysWOW64\winmm.dll - ok
17:13:44.0710 3252 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:13:44.0710 3252 C:\Windows\System32\oleacc.dll - ok
17:13:44.0710 3252 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
17:13:44.0710 3252 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
17:13:44.0726 3252 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
17:13:44.0726 3252 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
17:13:44.0726 3252 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:13:44.0726 3252 C:\Windows\System32\thumbcache.dll - ok
17:13:44.0726 3252 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
17:13:44.0726 3252 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
17:13:44.0726 3252 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
17:13:44.0726 3252 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
17:13:44.0726 3252 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
17:13:44.0726 3252 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
17:13:44.0726 3252 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:13:44.0726 3252 C:\Windows\System32\networkexplorer.dll - ok
17:13:44.0726 3252 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:13:44.0726 3252 C:\Windows\System32\msiltcfg.dll - ok
17:13:44.0742 3252 [ BD007D624E4CD905AB2E8DF2C6DE891C ] C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx
17:13:44.0742 3252 C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx - ok
17:13:44.0744 3252 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\87924368.sys
17:13:44.0744 3252 C:\Windows\System32\drivers\87924368.sys - ok
17:13:44.0746 3252 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:13:44.0746 3252 C:\Windows\SysWOW64\riched20.dll - ok
17:13:44.0749 3252 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:13:44.0749 3252 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:13:44.0751 3252 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
17:13:44.0751 3252 C:\Windows\SysWOW64\dsound.dll - ok
17:13:44.0753 3252 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
17:13:44.0753 3252 C:\Windows\SysWOW64\powrprof.dll - ok
17:13:44.0755 3252 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
17:13:44.0755 3252 C:\Windows\SysWOW64\d3d9.dll - ok
17:13:44.0757 3252 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
17:13:44.0757 3252 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
17:13:44.0760 3252 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:13:44.0760 3252 C:\Windows\SysWOW64\duser.dll - ok
17:13:44.0762 3252 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:13:44.0762 3252 C:\Windows\SysWOW64\dui70.dll - ok
17:13:44.0764 3252 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
17:13:44.0764 3252 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:13:44.0766 3252 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
17:13:44.0766 3252 C:\Windows\SysWOW64\mscms.dll - ok
17:13:44.0768 3252 [ DCA3940E902C2C90C5639505B77BFD1B ] C:\Windows\SysWOW64\igdumdx32.dll
17:13:44.0768 3252 C:\Windows\SysWOW64\igdumdx32.dll - ok
17:13:44.0770 3252 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
17:13:44.0770 3252 C:\Windows\System32\UIAnimation.dll - ok
17:13:44.0772 3252 [ F4AE686A174689A3B44B05D0CB2F5D58 ] C:\Windows\SysWOW64\igdumd32.dll
17:13:44.0772 3252 C:\Windows\SysWOW64\igdumd32.dll - ok
17:13:44.0775 3252 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
17:13:44.0775 3252 C:\Windows\AppPatch\AcGenral.dll - ok
17:13:44.0777 3252 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
17:13:44.0777 3252 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:13:44.0779 3252 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
17:13:44.0779 3252 C:\Windows\SysWOW64\oledlg.dll - ok
17:13:44.0781 3252 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
17:13:44.0781 3252 C:\Windows\SysWOW64\winspool.drv - ok
17:13:44.0783 3252 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
17:13:44.0783 3252 C:\Windows\SysWOW64\sxs.dll - ok
17:13:44.0785 3252 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
17:13:44.0785 3252 C:\Windows\SysWOW64\samcli.dll - ok
17:13:44.0787 3252 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
17:13:44.0787 3252 C:\Windows\SysWOW64\msacm32.dll - ok
17:13:44.0789 3252 [ 83D0C449C534CC014799BEC0A060726C ] C:\Program Files\AVAST Software\Avast\defs\12121301\uiext.dll
17:13:44.0789 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\uiext.dll - ok
17:13:44.0791 3252 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:13:44.0791 3252 C:\Windows\System32\stobject.dll - ok
17:13:44.0793 3252 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:13:44.0793 3252 C:\Windows\System32\batmeter.dll - ok
17:13:44.0795 3252 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:13:44.0795 3252 C:\Windows\System32\prnfldr.dll - ok
17:13:44.0797 3252 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:13:44.0797 3252 C:\Windows\System32\DXP.dll - ok
17:13:44.0799 3252 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:13:44.0799 3252 C:\Windows\System32\Syncreg.dll - ok
17:13:44.0801 3252 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:13:44.0801 3252 C:\Windows\ehome\ehSSO.dll - ok
17:13:44.0803 3252 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
17:13:44.0803 3252 C:\Windows\SysWOW64\rasapi32.dll - ok
17:13:44.0805 3252 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
17:13:44.0805 3252 C:\Windows\SysWOW64\netprofm.dll - ok
17:13:44.0807 3252 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
17:13:44.0807 3252 C:\Windows\SysWOW64\rasman.dll - ok
17:13:44.0809 3252 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
17:13:44.0809 3252 C:\Windows\SysWOW64\rtutils.dll - ok
17:13:44.0811 3252 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
17:13:44.0811 3252 C:\Windows\SysWOW64\nlaapi.dll - ok
17:13:44.0814 3252 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:13:44.0814 3252 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:13:44.0816 3252 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:13:44.0816 3252 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:13:44.0818 3252 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
17:13:44.0818 3252 C:\Windows\SysWOW64\npmproxy.dll - ok
17:13:44.0820 3252 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:13:44.0820 3252 C:\Windows\System32\AltTab.dll - ok
17:13:44.0822 3252 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:13:44.0822 3252 C:\Windows\System32\WPDShServiceObj.dll - ok
17:13:44.0824 3252 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
17:13:44.0824 3252 C:\Windows\System32\SearchIndexer.exe - ok
17:13:44.0826 3252 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:13:44.0826 3252 C:\Windows\System32\pnidui.dll - ok
17:13:44.0828 3252 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
17:13:44.0828 3252 C:\Windows\System32\tquery.dll - ok
17:13:44.0830 3252 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:13:44.0830 3252 C:\Windows\System32\QUTIL.DLL - ok
17:13:44.0832 3252 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:13:44.0832 3252 C:\Windows\System32\srchadmin.dll - ok
17:13:44.0834 3252 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
17:13:44.0834 3252 C:\Windows\System32\mssrch.dll - ok
17:13:44.0836 3252 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:13:44.0836 3252 C:\Windows\System32\bthprops.cpl - ok
17:13:44.0838 3252 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:13:44.0838 3252 C:\Windows\System32\rasdlg.dll - ok
17:13:44.0840 3252 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
17:13:44.0840 3252 C:\Windows\System32\esent.dll - ok
17:13:44.0843 3252 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:13:44.0843 3252 C:\Windows\System32\dot3api.dll - ok
17:13:44.0845 3252 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:13:44.0845 3252 C:\Windows\System32\wlanhlp.dll - ok
17:13:44.0847 3252 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:13:44.0847 3252 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:13:44.0849 3252 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:13:44.0849 3252 C:\Windows\System32\WWanAPI.dll - ok
17:13:44.0851 3252 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
17:13:44.0851 3252 C:\Windows\System32\msidle.dll - ok
17:13:44.0853 3252 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
17:13:44.0853 3252 C:\Windows\System32\mssprxy.dll - ok
17:13:44.0855 3252 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:13:44.0855 3252 C:\Windows\System32\wwapi.dll - ok
17:13:44.0857 3252 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:13:44.0857 3252 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:13:44.0859 3252 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:13:44.0859 3252 C:\Windows\System32\QAGENT.DLL - ok
17:13:44.0861 3252 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
17:13:44.0861 3252 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
17:13:44.0863 3252 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
17:13:44.0863 3252 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:13:44.0865 3252 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
17:13:44.0865 3252 C:\Windows\System32\drmv2clt.dll - ok
17:13:44.0867 3252 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
17:13:44.0867 3252 C:\Windows\System32\wmdrmdev.dll - ok
17:13:44.0869 3252 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:13:44.0869 3252 C:\Windows\System32\wmp.dll - ok
17:13:44.0871 3252 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
17:13:44.0871 3252 C:\Windows\System32\blackbox.dll - ok
17:13:44.0873 3252 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
17:13:44.0873 3252 C:\Windows\System32\upnp.dll - ok
17:13:44.0875 3252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
17:13:44.0875 3252 C:\Windows\System32\ssdpsrv.dll - ok
17:13:44.0878 3252 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
17:13:44.0878 3252 C:\Windows\System32\webcheck.dll - ok
17:13:44.0880 3252 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:13:44.0880 3252 C:\Windows\System32\mlang.dll - ok
17:13:44.0882 3252 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:13:44.0882 3252 C:\Windows\System32\SyncCenter.dll - ok
17:13:44.0884 3252 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:13:44.0884 3252 C:\Windows\System32\FXSST.dll - ok
17:13:44.0886 3252 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:13:44.0886 3252 C:\Windows\System32\FXSAPI.dll - ok
17:13:44.0888 3252 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:13:44.0888 3252 C:\Windows\System32\imapi2.dll - ok
17:13:44.0890 3252 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:13:44.0890 3252 C:\Windows\System32\FXSRESM.dll - ok
17:13:44.0893 3252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:13:44.0893 3252 C:\Windows\System32\FXSSVC.exe - ok
17:13:44.0895 3252 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:13:44.0895 3252 C:\Windows\System32\hgcpl.dll - ok
17:13:44.0896 3252 ============================================================
17:13:44.0896 3252 Scan finished
17:13:44.0896 3252 ============================================================
17:13:44.0901 3264 Detected object count: 0
17:13:44.0901 3264 Actual detected object count: 0
Sorry, it ended up being three posts.
-
17:13:41.0612 3252 ================ Scan global ===============================
17:13:41.0628 3252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:13:41.0643 3252 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:13:41.0659 3252 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:13:41.0659 3252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:13:41.0690 3252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:13:41.0690 3252 [Global] - ok
17:13:41.0706 3252 ================ Scan MBR ==================================
17:13:41.0706 3252 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:13:42.0564 3252 \Device\Harddisk0\DR0 - ok
17:13:42.0564 3252 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk2\DR2
17:13:43.0094 3252 \Device\Harddisk2\DR2 - ok
17:13:43.0094 3252 ================ Scan VBR ==================================
17:13:43.0110 3252 [ 01B7EC96C4E7AD93BD3DECCC0413B802 ] \Device\Harddisk0\DR0\Partition1
17:13:43.0125 3252 \Device\Harddisk0\DR0\Partition1 - ok
17:13:43.0125 3252 [ 1936D34ADE4DD5A75710E703DB221DE3 ] \Device\Harddisk0\DR0\Partition2
17:13:43.0141 3252 \Device\Harddisk0\DR0\Partition2 - ok
17:13:43.0141 3252 [ 0635C19AD12A8428B5E5DA0032FDCB94 ] \Device\Harddisk2\DR2\Partition1
17:13:43.0141 3252 \Device\Harddisk2\DR2\Partition1 - ok
17:13:43.0141 3252 ================ Scan active images ========================
17:13:43.0141 3252 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
17:13:43.0141 3252 C:\Windows\System32\drivers\atapi.sys - ok
17:13:43.0141 3252 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:13:43.0141 3252 C:\Windows\System32\drivers\crashdmp.sys - ok
17:13:43.0141 3252 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
17:13:43.0141 3252 C:\Windows\System32\drivers\Dumpata.sys - ok
17:13:43.0141 3252 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:13:43.0141 3252 C:\Windows\System32\drivers\dumpfve.sys - ok
17:13:43.0157 3252 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\cdrom.sys - ok
17:13:43.0157 3252 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] C:\Windows\System32\drivers\aswSnx.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\aswSnx.sys - ok
17:13:43.0157 3252 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\beep.sys - ok
17:13:43.0157 3252 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\null.sys - ok
17:13:43.0157 3252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:13:43.0157 3252 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:13:43.0157 3252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\vga.sys - ok
17:13:43.0157 3252 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:13:43.0157 3252 C:\Windows\System32\drivers\videoprt.sys - ok
17:13:43.0172 3252 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\watchdog.sys - ok
17:13:43.0172 3252 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:13:43.0172 3252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\msfs.sys - ok
17:13:43.0172 3252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\npfs.sys - ok
17:13:43.0172 3252 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\tdi.sys - ok
17:13:43.0172 3252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\tdx.sys - ok
17:13:43.0172 3252 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] C:\Windows\System32\drivers\aswTdi.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\aswTdi.sys - ok
17:13:43.0172 3252 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:13:43.0172 3252 C:\Windows\System32\drivers\netbt.sys - ok
17:13:43.0188 3252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\afd.sys - ok
17:13:43.0188 3252 [ 57768C7DB4681F2510F247F82EF31D4F ] C:\Windows\System32\drivers\aswRdr2.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\aswRdr2.sys - ok
17:13:43.0188 3252 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\netbios.sys - ok
17:13:43.0188 3252 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\pacer.sys - ok
17:13:43.0188 3252 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\rdbss.sys - ok
17:13:43.0188 3252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\termdd.sys - ok
17:13:43.0188 3252 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:13:43.0188 3252 C:\Windows\System32\drivers\vwififlt.sys - ok
17:13:43.0203 3252 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\wanarp.sys - ok
17:13:43.0203 3252 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\wfplwf.sys - ok
17:13:43.0203 3252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\ws2ifsl.sys - ok
17:13:43.0203 3252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\blbdrive.sys - ok
17:13:43.0203 3252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\dfsc.sys - ok
17:13:43.0203 3252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\discache.sys - ok
17:13:43.0203 3252 [ 1D684EFB269D24E02550536100799F9C ] C:\Windows\System32\drivers\Fp.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\Fp.sys - ok
17:13:43.0203 3252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:13:43.0203 3252 C:\Windows\System32\drivers\mssmbios.sys - ok
17:13:43.0219 3252 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:13:43.0219 3252 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:13:43.0219 3252 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] C:\Windows\System32\drivers\aswSP.sys
17:13:43.0219 3252 C:\Windows\System32\drivers\aswSP.sys - ok
17:13:43.0219 3252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:13:43.0219 3252 C:\Windows\System32\drivers\tunnel.sys - ok
17:13:43.0219 3252 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:13:43.0219 3252 C:\Windows\System32\ntdll.dll - ok
17:13:43.0219 3252 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:13:43.0219 3252 C:\Windows\System32\smss.exe - ok
17:13:43.0219 3252 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:13:43.0219 3252 C:\Windows\System32\autochk.exe - ok
17:13:43.0219 3252 [ EFE5A0AF39A8E179624117C521F1E012 ] C:\Windows\System32\drivers\igdkmd64.sys
17:13:43.0219 3252 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:13:43.0219 3252 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:13:43.0219 3252 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:13:43.0235 3252 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:13:43.0235 3252 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\HECIx64.sys - ok
17:13:43.0235 3252 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\usbport.sys - ok
17:13:43.0235 3252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:13:43.0235 3252 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\intelppm.sys - ok
17:13:43.0235 3252 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\Rt64win7.sys - ok
17:13:43.0235 3252 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:13:43.0235 3252 C:\Windows\System32\drivers\usbehci.sys - ok
17:13:43.0250 3252 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:13:43.0250 3252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\agilevpn.sys - ok
17:13:43.0250 3252 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:13:43.0250 3252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\ndistapi.sys - ok
17:13:43.0250 3252 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\ndiswan.sys - ok
17:13:43.0250 3252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\raspppoe.sys - ok
17:13:43.0250 3252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:13:43.0250 3252 C:\Windows\System32\drivers\kbdclass.sys - ok
17:13:43.0266 3252 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\ks.sys - ok
17:13:43.0266 3252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\mouclass.sys - ok
17:13:43.0266 3252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\raspptp.sys - ok
17:13:43.0266 3252 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\rassstp.sys - ok
17:13:43.0266 3252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\swenum.sys - ok
17:13:43.0266 3252 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\umbus.sys - ok
17:13:43.0266 3252 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:13:43.0266 3252 C:\Windows\System32\drivers\usbhub.sys - ok
17:13:43.0266 3252 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:13:43.0266 3252 C:\Windows\System32\difxapi.dll - ok
17:13:43.0281 3252 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
17:13:43.0281 3252 C:\Windows\System32\wininet.dll - ok
17:13:43.0281 3252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\ndproxy.sys - ok
17:13:43.0281 3252 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] C:\Windows\System32\drivers\CHDRT64.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\CHDRT64.sys - ok
17:13:43.0281 3252 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\drmk.sys - ok
17:13:43.0281 3252 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:13:43.0281 3252 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\ksthunk.sys - ok
17:13:43.0281 3252 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:13:43.0281 3252 C:\Windows\System32\drivers\portcls.sys - ok
17:13:43.0297 3252 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:13:43.0297 3252 C:\Windows\System32\ws2_32.dll - ok
17:13:43.0297 3252 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:13:43.0297 3252 C:\Windows\System32\msvcrt.dll - ok
17:13:43.0297 3252 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
17:13:43.0297 3252 C:\Windows\System32\iertutil.dll - ok
17:13:43.0297 3252 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:13:43.0297 3252 C:\Windows\System32\clbcatq.dll - ok
17:13:43.0297 3252 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
17:13:43.0297 3252 C:\Windows\System32\kernel32.dll - ok
17:13:43.0297 3252 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:13:43.0297 3252 C:\Windows\System32\comdlg32.dll - ok
17:13:43.0297 3252 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:13:43.0297 3252 C:\Windows\System32\normaliz.dll - ok
17:13:43.0297 3252 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:13:43.0297 3252 C:\Windows\System32\msctf.dll - ok
17:13:43.0313 3252 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:13:43.0313 3252 C:\Windows\System32\psapi.dll - ok
17:13:43.0313 3252 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:13:43.0313 3252 C:\Windows\System32\user32.dll - ok
17:13:43.0313 3252 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:13:43.0313 3252 C:\Windows\System32\nsi.dll - ok
17:13:43.0313 3252 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:13:43.0313 3252 C:\Windows\System32\setupapi.dll - ok
17:13:43.0313 3252 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:13:43.0313 3252 C:\Windows\System32\Wldap32.dll - ok
17:13:43.0313 3252 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:13:43.0313 3252 C:\Windows\System32\oleaut32.dll - ok
17:13:43.0313 3252 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:13:43.0313 3252 C:\Windows\System32\imagehlp.dll - ok
17:13:43.0313 3252 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:13:43.0313 3252 C:\Windows\System32\ole32.dll - ok
17:13:43.0328 3252 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:13:43.0328 3252 C:\Windows\System32\shlwapi.dll - ok
17:13:43.0328 3252 [ B393753ECE9A9E2307CB1984ACF3DA9D ] C:\Windows\System32\drivers\mfeavfk.sys
17:13:43.0328 3252 C:\Windows\System32\drivers\mfeavfk.sys - ok
17:13:43.0328 3252 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] C:\Windows\System32\drivers\mfefirek.sys
17:13:43.0328 3252 C:\Windows\System32\drivers\mfefirek.sys - ok
17:13:43.0328 3252 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
17:13:43.0328 3252 C:\Windows\System32\urlmon.dll - ok
17:13:43.0328 3252 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:13:43.0328 3252 C:\Windows\System32\rpcrt4.dll - ok
17:13:43.0328 3252 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
17:13:43.0328 3252 C:\Windows\System32\usp10.dll - ok
17:13:43.0328 3252 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:13:43.0328 3252 C:\Windows\System32\shell32.dll - ok
17:13:43.0328 3252 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
17:13:43.0328 3252 C:\Windows\System32\drivers\hidclass.sys - ok
17:13:43.0344 3252 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
17:13:43.0344 3252 C:\Windows\System32\drivers\hidparse.sys - ok
17:13:43.0344 3252 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
17:13:43.0344 3252 C:\Windows\System32\drivers\hidusb.sys - ok
17:13:43.0344 3252 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:13:43.0344 3252 C:\Windows\System32\drivers\usbd.sys - ok
17:13:43.0344 3252 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:13:43.0344 3252 C:\Windows\System32\advapi32.dll - ok
17:13:43.0344 3252 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:13:43.0344 3252 C:\Windows\System32\gdi32.dll - ok
17:13:43.0344 3252 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:13:43.0344 3252 C:\Windows\System32\imm32.dll - ok
17:13:43.0344 3252 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:13:43.0344 3252 C:\Windows\System32\lpk.dll - ok
17:13:43.0344 3252 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:13:43.0344 3252 C:\Windows\System32\sechost.dll - ok
17:13:43.0359 3252 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:13:43.0359 3252 C:\Windows\System32\cfgmgr32.dll - ok
17:13:43.0359 3252 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:13:43.0359 3252 C:\Windows\System32\crypt32.dll - ok
17:13:43.0359 3252 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
17:13:43.0359 3252 C:\Windows\System32\KernelBase.dll - ok
17:13:43.0359 3252 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:13:43.0359 3252 C:\Windows\System32\comctl32.dll - ok
17:13:43.0359 3252 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:13:43.0359 3252 C:\Windows\System32\devobj.dll - ok
17:13:43.0359 3252 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:13:43.0359 3252 C:\Windows\System32\wintrust.dll - ok
17:13:43.0359 3252 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:13:43.0359 3252 C:\Windows\System32\msasn1.dll - ok
17:13:43.0359 3252 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:13:43.0359 3252 C:\Windows\SysWOW64\normaliz.dll - ok
17:13:43.0375 3252 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:13:43.0375 3252 C:\Windows\System32\drivers\dxapi.sys - ok
17:13:43.0375 3252 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
17:13:43.0375 3252 C:\Windows\System32\win32k.sys - ok
17:13:43.0375 3252 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:13:43.0375 3252 C:\Windows\System32\csrss.exe - ok
17:13:43.0375 3252 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:13:43.0375 3252 C:\Windows\System32\csrsrv.dll - ok
17:13:43.0375 3252 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:13:43.0375 3252 C:\Windows\System32\basesrv.dll - ok
17:13:43.0375 3252 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
17:13:43.0375 3252 C:\Windows\System32\winsrv.dll - ok
17:13:43.0375 3252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
17:13:43.0375 3252 C:\Windows\System32\drivers\kbdhid.sys - ok
17:13:43.0391 3252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:13:43.0391 3252 C:\Windows\System32\drivers\monitor.sys - ok
17:13:43.0391 3252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
17:13:43.0391 3252 C:\Windows\System32\drivers\mouhid.sys - ok
17:13:43.0391 3252 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
17:13:43.0391 3252 C:\Windows\System32\drivers\usbprint.sys - ok
17:13:43.0391 3252 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:13:43.0391 3252 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:13:43.0391 3252 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:13:43.0391 3252 C:\Windows\System32\profapi.dll - ok
17:13:43.0391 3252 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:13:43.0391 3252 C:\Windows\System32\RpcRtRemote.dll - ok
17:13:43.0391 3252 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:13:43.0391 3252 C:\Windows\System32\sxssrv.dll - ok
17:13:43.0391 3252 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:13:43.0391 3252 C:\Windows\System32\tsddd.dll - ok
17:13:43.0406 3252 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:13:43.0406 3252 C:\Windows\System32\wininit.exe - ok
17:13:43.0406 3252 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:13:43.0406 3252 C:\Windows\System32\KBDUS.DLL - ok
17:13:43.0406 3252 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:13:43.0406 3252 C:\Windows\System32\cdd.dll - ok
17:13:43.0406 3252 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:13:43.0406 3252 C:\Windows\System32\WlS0WndH.dll - ok
17:13:43.0406 3252 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:13:43.0406 3252 C:\Windows\System32\cryptbase.dll - ok
17:13:43.0406 3252 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:13:43.0406 3252 C:\Windows\System32\sxs.dll - ok
17:13:43.0406 3252 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:13:43.0406 3252 C:\Windows\System32\apphelp.dll - ok
17:13:43.0406 3252 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\Services.exe
17:13:43.0406 3252 C:\Windows\System32\Services.exe - ok
17:13:43.0422 3252 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:13:43.0422 3252 C:\Windows\System32\lsasrv.dll - ok
17:13:43.0422 3252 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:13:43.0422 3252 C:\Windows\System32\lsass.exe - ok
17:13:43.0422 3252 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:13:43.0422 3252 C:\Windows\System32\lsm.exe - ok
17:13:43.0422 3252 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:13:43.0422 3252 C:\Windows\System32\sspicli.dll - ok
17:13:43.0422 3252 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:13:43.0422 3252 C:\Windows\System32\sspisrv.dll - ok
17:13:43.0422 3252 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:13:43.0422 3252 C:\Windows\System32\scesrv.dll - ok
17:13:43.0422 3252 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:13:43.0422 3252 C:\Windows\System32\scext.dll - ok
17:13:43.0422 3252 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:13:43.0422 3252 C:\Windows\System32\secur32.dll - ok
17:13:43.0437 3252 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:13:43.0437 3252 C:\Windows\System32\sysntfy.dll - ok
17:13:43.0437 3252 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:13:43.0437 3252 C:\Windows\System32\wmsgapi.dll - ok
17:13:43.0437 3252 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:13:43.0437 3252 C:\Windows\System32\samsrv.dll - ok
17:13:43.0437 3252 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:13:43.0437 3252 C:\Windows\System32\srvcli.dll - ok
17:13:43.0437 3252 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:13:43.0437 3252 C:\Windows\System32\cryptdll.dll - ok
17:13:43.0437 3252 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:13:43.0437 3252 C:\Windows\System32\wevtapi.dll - ok
17:13:43.0437 3252 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:13:43.0437 3252 C:\Windows\System32\authz.dll - ok
17:13:43.0453 3252 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:13:43.0453 3252 C:\Windows\System32\cngaudit.dll - ok
17:13:43.0453 3252 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
17:13:43.0453 3252 C:\Windows\System32\ncrypt.dll - ok
17:13:43.0453 3252 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:13:43.0453 3252 C:\Windows\System32\bcrypt.dll - ok
17:13:43.0453 3252 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:13:43.0453 3252 C:\Windows\System32\msprivs.dll - ok
17:13:43.0453 3252 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:13:43.0453 3252 C:\Windows\System32\netjoin.dll - ok
17:13:43.0453 3252 [ E543D373382C3B76D3BC27585DEF3907 ] C:\Windows\System32\atmfd.dll
17:13:43.0453 3252 C:\Windows\System32\atmfd.dll - ok
17:13:43.0453 3252 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:13:43.0453 3252 C:\Windows\System32\kerberos.dll - ok
17:13:43.0453 3252 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:13:43.0453 3252 C:\Windows\System32\negoexts.dll - ok
17:13:43.0469 3252 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:13:43.0469 3252 C:\Windows\System32\cryptsp.dll - ok
17:13:43.0469 3252 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:13:43.0469 3252 C:\Windows\System32\mswsock.dll - ok
17:13:43.0469 3252 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:13:43.0469 3252 C:\Windows\System32\winlogon.exe - ok
17:13:43.0469 3252 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:13:43.0469 3252 C:\Windows\System32\winsta.dll - ok
17:13:43.0469 3252 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:13:43.0469 3252 C:\Windows\System32\msv1_0.dll - ok
17:13:43.0469 3252 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:13:43.0469 3252 C:\Windows\System32\wship6.dll - ok
17:13:43.0469 3252 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:13:43.0469 3252 C:\Windows\System32\netlogon.dll - ok
17:13:43.0469 3252 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:13:43.0469 3252 C:\Windows\System32\dnsapi.dll - ok
17:13:43.0484 3252 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:13:43.0484 3252 C:\Windows\System32\logoncli.dll - ok
17:13:43.0484 3252 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:13:43.0484 3252 C:\Windows\System32\schannel.dll - ok
17:13:43.0484 3252 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:13:43.0484 3252 C:\Windows\System32\wdigest.dll - ok
17:13:43.0484 3252 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:13:43.0484 3252 C:\Windows\System32\rsaenh.dll - ok
17:13:43.0484 3252 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:13:43.0484 3252 C:\Windows\System32\TSpkg.dll - ok
17:13:43.0484 3252 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:13:43.0484 3252 C:\Windows\System32\pku2u.dll - ok
17:13:43.0484 3252 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:13:43.0484 3252 C:\Windows\System32\bcryptprimitives.dll - ok
17:13:43.0484 3252 [ B330CE846D1C672F640D3B3647CEF86D ] C:\Windows\System32\drivers\netr28ux.sys
17:13:43.0484 3252 C:\Windows\System32\drivers\netr28ux.sys - ok
17:13:43.0500 3252 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
17:13:43.0500 3252 C:\Windows\System32\LIVESSP.DLL - ok
17:13:43.0500 3252 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:13:43.0500 3252 C:\Windows\System32\credssp.dll - ok
17:13:43.0500 3252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:13:43.0500 3252 C:\Windows\System32\drivers\vwifibus.sys - ok
17:13:43.0500 3252 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:13:43.0500 3252 C:\Windows\System32\efslsaext.dll - ok
17:13:43.0500 3252 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:13:43.0500 3252 C:\Windows\System32\scecli.dll - ok
17:13:43.0500 3252 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:13:43.0500 3252 C:\Windows\System32\ubpm.dll - ok
17:13:43.0500 3252 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:13:43.0500 3252 C:\Windows\System32\svchost.exe - ok
17:13:43.0515 3252 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:13:43.0515 3252 C:\Windows\System32\umpnpmgr.dll - ok
17:13:43.0515 3252 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:13:43.0515 3252 C:\Windows\System32\devrtl.dll - ok
17:13:43.0515 3252 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:13:43.0515 3252 C:\Windows\System32\SPInf.dll - ok
17:13:43.0515 3252 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:13:43.0515 3252 C:\Windows\System32\gpapi.dll - ok
17:13:43.0515 3252 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:13:43.0515 3252 C:\Windows\System32\userenv.dll - ok
17:13:43.0515 3252 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
17:13:43.0515 3252 C:\Windows\System32\umpo.dll - ok
17:13:43.0515 3252 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:13:43.0515 3252 C:\Windows\System32\pcwum.dll - ok
17:13:43.0515 3252 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:13:43.0515 3252 C:\Windows\System32\powrprof.dll - ok
17:13:43.0531 3252 [ B50CDD87772D6A11CB90924AAD399DF8 ] C:\Windows\System32\drivers\aswMonFlt.sys
17:13:43.0531 3252 C:\Windows\System32\drivers\aswMonFlt.sys - ok
17:13:43.0531 3252 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] C:\Windows\System32\drivers\aswFsBlk.sys
17:13:43.0531 3252 C:\Windows\System32\drivers\aswFsBlk.sys - ok
17:13:43.0531 3252 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
17:13:43.0531 3252 C:\Windows\System32\drivers\Sftvollh.sys - ok
17:13:43.0531 3252 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
17:13:43.0531 3252 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:13:43.0531 3252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:13:43.0531 3252 C:\Windows\System32\rpcss.dll - ok
17:13:43.0531 3252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:13:43.0531 3252 C:\Windows\System32\RpcEpMap.dll - ok
17:13:43.0531 3252 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:13:43.0531 3252 C:\Windows\System32\wshqos.dll - ok
17:13:43.0531 3252 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:13:43.0531 3252 C:\Windows\System32\WSHTCPIP.DLL - ok
17:13:43.0547 3252 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:13:43.0547 3252 C:\Windows\System32\FirewallAPI.dll - ok
17:13:43.0547 3252 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:13:43.0547 3252 C:\Windows\System32\LogonUI.exe - ok
17:13:43.0547 3252 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:13:43.0547 3252 C:\Windows\System32\version.dll - ok
17:13:43.0547 3252 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:13:43.0547 3252 C:\Windows\System32\authui.dll - ok
17:13:43.0547 3252 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:13:43.0547 3252 C:\Windows\System32\wevtsvc.dll - ok
17:13:43.0547 3252 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:13:43.0547 3252 C:\Windows\System32\cryptui.dll - ok
17:13:43.0547 3252 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:13:43.0547 3252 C:\Windows\System32\audiosrv.dll - ok
17:13:43.0547 3252 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:13:43.0547 3252 C:\Windows\System32\avrt.dll - ok
17:13:43.0562 3252 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:13:43.0562 3252 C:\Windows\System32\mmcss.dll - ok
17:13:43.0562 3252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:13:43.0562 3252 C:\Windows\System32\profsvc.dll - ok
17:13:43.0562 3252 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:13:43.0562 3252 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:13:43.0562 3252 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:13:43.0562 3252 C:\Windows\System32\MMDevAPI.dll - ok
17:13:43.0562 3252 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:13:43.0562 3252 C:\Windows\System32\propsys.dll - ok
17:13:43.0562 3252 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:13:43.0562 3252 C:\Windows\System32\samlib.dll - ok
17:13:43.0562 3252 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:13:43.0562 3252 C:\Windows\System32\shacct.dll - ok
17:13:43.0562 3252 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:13:43.0562 3252 C:\Windows\System32\uxtheme.dll - ok
17:13:43.0578 3252 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:13:43.0578 3252 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:13:43.0578 3252 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:13:43.0578 3252 C:\Windows\System32\dui70.dll - ok
17:13:43.0578 3252 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:13:43.0578 3252 C:\Windows\System32\duser.dll - ok
17:13:43.0578 3252 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:13:43.0578 3252 C:\Windows\System32\SndVolSSO.dll - ok
17:13:43.0578 3252 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
17:13:43.0578 3252 C:\Windows\System32\audiodg.exe - ok
17:13:43.0578 3252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
17:13:43.0578 3252 C:\Windows\System32\drivers\serenum.sys - ok
17:13:43.0578 3252 [ 4FD2F1366055D55F0D10B2568526AB78 ] C:\Windows\System32\drivers\u2s2kxp64.sys
17:13:43.0578 3252 C:\Windows\System32\drivers\u2s2kxp64.sys - ok
17:13:43.0593 3252 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:13:43.0593 3252 C:\Windows\System32\dwmapi.dll - ok
17:13:43.0593 3252 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:13:43.0593 3252 C:\Windows\System32\hid.dll - ok
17:13:43.0593 3252 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:13:43.0593 3252 C:\Windows\System32\xmllite.dll - ok
17:13:43.0593 3252 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] C:\Windows\System32\drivers\point64.sys
17:13:43.0593 3252 C:\Windows\System32\drivers\point64.sys - ok
17:13:43.0593 3252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
17:13:43.0593 3252 C:\Windows\System32\gpsvc.dll - ok
17:13:43.0593 3252 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:13:43.0593 3252 C:\Windows\System32\ntmarta.dll - ok
17:13:43.0593 3252 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:13:43.0593 3252 C:\Windows\System32\atl.dll - ok
17:13:43.0593 3252 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:13:43.0593 3252 C:\Windows\System32\nlaapi.dll - ok
17:13:43.0609 3252 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
17:13:43.0609 3252 C:\Windows\System32\themeservice.dll - ok
17:13:43.0609 3252 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:13:43.0609 3252 C:\Windows\System32\dsrole.dll - ok
17:13:43.0609 3252 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:13:43.0609 3252 C:\Windows\System32\slc.dll - ok
17:13:43.0609 3252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:13:43.0609 3252 C:\Windows\System32\es.dll - ok
17:13:43.0609 3252 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
17:13:43.0609 3252 C:\Windows\System32\Sens.dll - ok
17:13:43.0609 3252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
17:13:43.0609 3252 C:\Windows\System32\uxsms.dll - ok
17:13:43.0609 3252 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:13:43.0609 3252 C:\Windows\System32\wtsapi32.dll - ok
17:13:43.0609 3252 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
17:13:43.0609 3252 C:\Windows\System32\WUDFPlatform.dll - ok
17:13:43.0625 3252 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
17:13:43.0625 3252 C:\Windows\System32\WUDFSvc.dll - ok
17:13:43.0625 3252 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
17:13:43.0625 3252 C:\Windows\System32\drivers\lltdio.sys - ok
17:13:43.0625 3252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
17:13:43.0625 3252 C:\Windows\System32\drivers\nwifi.sys - ok
17:13:43.0625 3252 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
17:13:43.0625 3252 C:\Windows\System32\WindowsCodecs.dll - ok
17:13:43.0625 3252 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:13:43.0625 3252 C:\Windows\System32\ksuser.dll - ok
17:13:43.0625 3252 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:13:43.0625 3252 C:\Windows\System32\wdmaud.drv - ok
17:13:43.0625 3252 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:13:43.0625 3252 C:\Windows\System32\winmm.dll - ok
17:13:43.0625 3252 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
17:13:43.0625 3252 C:\Windows\System32\drivers\ndisuio.sys - ok
17:13:43.0640 3252 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
17:13:43.0640 3252 C:\Windows\System32\drivers\rspndr.sys - ok
17:13:43.0640 3252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:13:43.0640 3252 C:\Windows\System32\dhcpcore.dll - ok
17:13:43.0640 3252 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:13:43.0640 3252 C:\Windows\System32\IPHLPAPI.DLL - ok
17:13:43.0640 3252 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:13:43.0640 3252 C:\Windows\System32\lmhsvc.dll - ok
17:13:43.0640 3252 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:13:43.0640 3252 C:\Windows\System32\nrpsrv.dll - ok
17:13:43.0640 3252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:13:43.0640 3252 C:\Windows\System32\nsisvc.dll - ok
17:13:43.0640 3252 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:13:43.0640 3252 C:\Windows\System32\winnsi.dll - ok
17:13:43.0656 3252 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:13:43.0656 3252 C:\Windows\System32\dhcpcore6.dll - ok
17:13:43.0656 3252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:13:43.0656 3252 C:\Windows\System32\dnsrslvr.dll - ok
17:13:43.0656 3252 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
17:13:43.0656 3252 C:\Windows\System32\eapphost.dll - ok
17:13:43.0656 3252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:13:43.0656 3252 C:\Windows\System32\eapsvc.dll - ok
17:13:43.0656 3252 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:13:43.0656 3252 C:\Windows\System32\FWPUCLNT.DLL - ok
17:13:43.0656 3252 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:13:43.0656 3252 C:\Windows\System32\keyiso.dll - ok
17:13:43.0656 3252 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:13:43.0656 3252 C:\Windows\System32\dhcpcsvc.dll - ok
17:13:43.0671 3252 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:13:43.0671 3252 C:\Windows\System32\dhcpcsvc6.dll - ok
17:13:43.0671 3252 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:13:43.0671 3252 C:\Windows\System32\dnsext.dll - ok
17:13:43.0671 3252 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
17:13:43.0671 3252 C:\Windows\System32\umb.dll - ok
17:13:43.0671 3252 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:13:43.0671 3252 C:\Windows\System32\winbrand.dll - ok
17:13:43.0671 3252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
17:13:43.0671 3252 C:\Windows\System32\wlansvc.dll - ok
17:13:43.0671 3252 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
17:13:43.0671 3252 C:\Windows\System32\wlanmsm.dll - ok
17:13:43.0671 3252 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
17:13:43.0671 3252 C:\Windows\System32\wlansec.dll - ok
17:13:43.0687 3252 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:13:43.0687 3252 C:\Windows\System32\eappcfg.dll - ok
17:13:43.0689 3252 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:13:43.0689 3252 C:\Windows\System32\eappprxy.dll - ok
17:13:43.0691 3252 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:13:43.0691 3252 C:\Windows\System32\onex.dll - ok
17:13:43.0693 3252 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
17:13:43.0694 3252 C:\Windows\System32\l2gpstore.dll - ok
17:13:43.0696 3252 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
17:13:43.0696 3252 C:\Windows\System32\msxml6.dll - ok
17:13:43.0697 3252 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
17:13:43.0698 3252 C:\Windows\System32\WinSCard.dll - ok
17:13:43.0700 3252 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:13:43.0700 3252 C:\Windows\System32\wlanutil.dll - ok
17:13:43.0702 3252 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
17:13:43.0702 3252 C:\Windows\System32\wlgpclnt.dll - ok
17:13:43.0704 3252 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
17:13:43.0704 3252 C:\Windows\System32\conhost.exe - ok
17:13:43.0706 3252 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
17:13:43.0706 3252 C:\Windows\System32\wlanext.exe - ok
17:13:43.0708 3252 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:13:43.0708 3252 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
17:13:43.0710 3252 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:13:43.0710 3252 C:\Windows\SysWOW64\ntdll.dll - ok
17:13:43.0712 3252 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
17:13:43.0712 3252 C:\Windows\System32\wow64.dll - ok
17:13:43.0714 3252 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
17:13:43.0714 3252 C:\Windows\System32\wow64win.dll - ok
17:13:43.0716 3252 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
17:13:43.0716 3252 C:\Windows\System32\wow64cpu.dll - ok
17:13:43.0718 3252 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
17:13:43.0718 3252 C:\Windows\SysWOW64\kernel32.dll - ok
17:13:43.0720 3252 [ A12F562D3520B78FC5FD7791BA2C1A6B ] C:\Windows\System32\RaIHV.dll
17:13:43.0720 3252 C:\Windows\System32\RaIHV.dll - ok
17:13:43.0722 3252 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
17:13:43.0722 3252 C:\Windows\SysWOW64\KernelBase.dll - ok
17:13:43.0724 3252 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:13:43.0724 3252 C:\Windows\SysWOW64\msvcrt.dll - ok
17:13:43.0726 3252 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:13:43.0727 3252 C:\Windows\SysWOW64\ws2_32.dll - ok
17:13:43.0728 3252 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:13:43.0728 3252 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:13:43.0730 3252 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:13:43.0730 3252 C:\Windows\System32\dbghelp.dll - ok
17:13:43.0732 3252 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:13:43.0732 3252 C:\Windows\SysWOW64\cryptbase.dll - ok
17:13:43.0734 3252 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
17:13:43.0734 3252 C:\Windows\SysWOW64\sspicli.dll - ok
17:13:43.0737 3252 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
17:13:43.0737 3252 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
17:13:43.0739 3252 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
17:13:43.0739 3252 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
17:13:43.0741 3252 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
17:13:43.0741 3252 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
17:13:43.0743 3252 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:13:43.0743 3252 C:\Windows\SysWOW64\nsi.dll - ok
17:13:43.0745 3252 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:13:43.0745 3252 C:\Windows\SysWOW64\sechost.dll - ok
17:13:43.0747 3252 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:13:43.0747 3252 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:13:43.0749 3252 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:13:43.0749 3252 C:\Windows\SysWOW64\user32.dll - ok
17:13:43.0751 3252 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:13:43.0751 3252 C:\Windows\System32\wlanapi.dll - ok
17:13:43.0753 3252 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:13:43.0753 3252 C:\Windows\SysWOW64\gdi32.dll - ok
17:13:43.0755 3252 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:13:43.0755 3252 C:\Windows\SysWOW64\advapi32.dll - ok
17:13:43.0757 3252 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:13:43.0757 3252 C:\Windows\SysWOW64\lpk.dll - ok
17:13:43.0759 3252 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
17:13:43.0759 3252 C:\Windows\SysWOW64\usp10.dll - ok
17:13:43.0761 3252 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:13:43.0762 3252 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:13:43.0764 3252 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
17:13:43.0764 3252 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
17:13:43.0766 3252 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
17:13:43.0766 3252 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
17:13:43.0768 3252 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:13:43.0768 3252 C:\Windows\SysWOW64\psapi.dll - ok
17:13:43.0770 3252 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:13:43.0770 3252 C:\Windows\SysWOW64\version.dll - ok
17:13:43.0772 3252 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
17:13:43.0772 3252 C:\Windows\SysWOW64\wininet.dll - ok
17:13:43.0774 3252 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
17:13:43.0774 3252 C:\Windows\SysWOW64\wsock32.dll - ok
17:13:43.0776 3252 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:13:43.0776 3252 C:\Windows\System32\netcfgx.dll - ok
17:13:43.0778 3252 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:13:43.0778 3252 C:\Windows\SysWOW64\shlwapi.dll - ok
17:13:43.0780 3252 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
17:13:43.0780 3252 C:\Windows\System32\drivers\vwifimp.sys - ok
17:13:43.0782 3252 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
17:13:43.0782 3252 C:\Windows\SysWOW64\iertutil.dll - ok
17:13:43.0784 3252 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:13:43.0784 3252 C:\Windows\System32\VaultCredProvider.dll - ok
17:13:43.0786 3252 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:13:43.0786 3252 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:13:43.0788 3252 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
17:13:43.0788 3252 C:\Windows\System32\BioCredProv.dll - ok
17:13:43.0790 3252 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
17:13:43.0790 3252 C:\Windows\System32\credui.dll - ok
17:13:43.0792 3252 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
17:13:43.0793 3252 C:\Windows\System32\winbio.dll - ok
17:13:43.0794 3252 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
17:13:43.0795 3252 C:\Windows\System32\netapi32.dll - ok
17:13:43.0797 3252 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:13:43.0797 3252 C:\Windows\System32\netutils.dll - ok
17:13:43.0799 3252 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
17:13:43.0799 3252 C:\Windows\System32\vaultcli.dll - ok
17:13:43.0800 3252 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:13:43.0800 3252 C:\Windows\System32\wkscli.dll - ok
17:13:43.0802 3252 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:13:43.0802 3252 C:\Windows\System32\samcli.dll - ok
17:13:43.0804 3252 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:13:43.0804 3252 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:13:43.0807 3252 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
17:13:43.0807 3252 C:\Windows\System32\certCredProvider.dll - ok
17:13:43.0809 3252 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
17:13:43.0809 3252 C:\Windows\System32\rasplap.dll - ok
17:13:43.0811 3252 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:13:43.0811 3252 C:\Windows\System32\rasapi32.dll - ok
17:13:43.0813 3252 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:13:43.0813 3252 C:\Windows\System32\rasman.dll - ok
17:13:43.0815 3252 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:13:43.0815 3252 C:\Windows\System32\rtutils.dll - ok
17:13:43.0817 3252 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
17:13:43.0817 3252 C:\Windows\System32\adtschema.dll - ok
17:13:43.0819 3252 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:13:43.0819 3252 C:\Windows\System32\comres.dll - ok
17:13:43.0821 3252 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:13:43.0821 3252 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:13:43.0823 3252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:13:43.0823 3252 C:\Windows\System32\netprofm.dll - ok
17:13:43.0825 3252 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:13:43.0825 3252 C:\Windows\System32\drivers\fltMgr.sys - ok
17:13:43.0828 3252 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:13:43.0828 3252 C:\Windows\System32\PSHED.DLL - ok
17:13:43.0830 3252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:13:43.0830 3252 C:\Windows\System32\MPSSVC.dll - ok
17:13:43.0832 3252 [ 11338E0557B07BC32CDB980B6EDB35AA ] C:\Windows\System32\ci.dll
17:13:43.0832 3252 C:\Windows\System32\ci.dll - ok
17:13:43.0834 3252 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:13:43.0834 3252 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:13:43.0836 3252 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:13:43.0836 3252 C:\Windows\System32\UXInit.dll - ok
17:13:43.0838 3252 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
17:13:43.0838 3252 C:\Windows\System32\AudioSes.dll - ok
17:13:43.0840 3252 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
17:13:43.0840 3252 C:\Windows\System32\msacm32.dll - ok
17:13:43.0842 3252 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
17:13:43.0842 3252 C:\Windows\System32\msacm32.drv - ok
17:13:43.0844 3252 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
17:13:43.0844 3252 C:\Windows\System32\midimap.dll - ok
17:13:43.0846 3252 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
17:13:43.0846 3252 C:\Windows\System32\AudioEng.dll - ok
17:13:43.0848 3252 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
17:13:43.0848 3252 C:\Windows\System32\AUDIOKSE.dll - ok
17:13:43.0850 3252 [ AA0B1A7B4750F655936F2F82B5E84428 ] C:\Windows\System32\CX64AP40.dll
17:13:43.0850 3252 C:\Windows\System32\CX64AP40.dll - ok
17:13:43.0852 3252 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:13:43.0852 3252 C:\Windows\System32\imageres.dll - ok
17:13:43.0854 3252 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
17:13:43.0854 3252 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:13:43.0856 3252 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
17:13:43.0856 3252 C:\Windows\System32\mfplat.dll - ok
17:13:43.0858 3252 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
17:13:43.0858 3252 C:\Windows\SysWOW64\urlmon.dll - ok
17:13:43.0860 3252 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:13:43.0860 3252 C:\Windows\SysWOW64\ole32.dll - ok
17:13:43.0862 3252 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:13:43.0862 3252 C:\Windows\SysWOW64\oleaut32.dll - ok
17:13:43.0864 3252 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:13:43.0864 3252 C:\Windows\SysWOW64\imm32.dll - ok
17:13:43.0866 3252 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:13:43.0866 3252 C:\Windows\SysWOW64\msctf.dll - ok
17:13:43.0868 3252 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
17:13:43.0868 3252 C:\Windows\SysWOW64\dbghelp.dll - ok
17:13:43.0870 3252 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
17:13:43.0870 3252 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
17:13:43.0872 3252 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
17:13:43.0872 3252 C:\Windows\SysWOW64\cscapi.dll - ok
17:13:43.0874 3252 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
17:13:43.0874 3252 C:\Windows\SysWOW64\netapi32.dll - ok
17:13:43.0876 3252 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
17:13:43.0876 3252 C:\Windows\SysWOW64\netutils.dll - ok
17:13:43.0879 3252 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
17:13:43.0879 3252 C:\Windows\SysWOW64\srvcli.dll - ok
17:13:43.0881 3252 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
17:13:43.0881 3252 C:\Windows\SysWOW64\wkscli.dll - ok
17:13:43.0883 3252 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
17:13:43.0883 3252 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
17:13:43.0885 3252 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
17:13:43.0885 3252 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
17:13:43.0888 3252 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
17:13:43.0888 3252 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
17:13:43.0890 3252 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
17:13:43.0890 3252 C:\Windows\System32\shsvcs.dll - ok
17:13:43.0892 3252 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
17:13:43.0892 3252 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
17:13:43.0895 3252 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
17:13:43.0895 3252 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
17:13:43.0897 3252 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
17:13:43.0897 3252 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
17:13:43.0899 3252 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
17:13:43.0899 3252 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
17:13:43.0901 3252 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
17:13:43.0901 3252 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
17:13:43.0903 3252 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
17:13:43.0903 3252 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
17:13:43.0905 3252 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
17:13:43.0905 3252 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
17:13:43.0907 3252 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
17:13:43.0907 3252 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
17:13:43.0910 3252 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
17:13:43.0910 3252 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
17:13:43.0912 3252 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:13:43.0912 3252 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:13:43.0914 3252 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
17:13:43.0914 3252 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:13:43.0916 3252 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:13:43.0916 3252 C:\Windows\System32\schedsvc.dll - ok
17:13:43.0918 3252 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:13:43.0918 3252 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:13:43.0920 3252 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
17:13:43.0920 3252 C:\Windows\System32\ktmw32.dll - ok
17:13:43.0922 3252 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
17:13:43.0922 3252 C:\Windows\SysWOW64\wscapi.dll - ok
17:13:43.0924 3252 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
17:13:43.0924 3252 C:\Windows\SysWOW64\wscisvif.dll - ok
17:13:43.0926 3252 [ 9184FA2B677CBF2F8E26098980E47304 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswEngin.dll
17:13:43.0926 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswEngin.dll - ok
17:13:43.0928 3252 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnOS.dll
17:13:43.0929 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnOS.dll - ok
17:13:43.0931 3252 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnIS.dll
17:13:43.0931 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnIS.dll - ok
17:13:43.0933 3252 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
17:13:43.0933 3252 C:\Windows\System32\fveapi.dll - ok
17:13:43.0935 3252 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnBS.dll
17:13:43.0935 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswCmnBS.dll - ok
17:13:43.0937 3252 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
17:13:43.0937 3252 C:\Windows\System32\fvecerts.dll - ok
17:13:43.0939 3252 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
17:13:43.0939 3252 C:\Windows\System32\taskcomp.dll - ok
17:13:43.0941 3252 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
17:13:43.0941 3252 C:\Windows\System32\tbs.dll - ok
17:13:43.0943 3252 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswScan.dll
17:13:43.0943 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswScan.dll - ok
17:13:43.0946 3252 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswRep.dll
17:13:43.0946 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswRep.dll - ok
17:13:43.0948 3252 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12121301\aswFiDb.dll
17:13:43.0948 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\aswFiDb.dll - ok
17:13:43.0950 3252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:13:43.0950 3252 C:\Windows\System32\drivers\http.sys - ok
17:13:43.0952 3252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
17:13:43.0952 3252 C:\Windows\System32\spoolsv.exe - ok
17:13:43.0954 3252 [ EA0D0017CF061990B9D90FEBBA2C948F ] C:\Program Files\AVAST Software\Avast\defs\12121301\algo.dll
17:13:43.0954 3252 C:\Program Files\AVAST Software\Avast\defs\12121301\algo.dll - ok
17:13:43.0956 3252 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:13:43.0956 3252 C:\Windows\System32\BFE.DLL - ok
17:13:43.0958 3252 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
17:13:43.0958 3252 C:\Windows\System32\wiarpc.dll - ok
17:13:43.0960 3252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:13:43.0960 3252 C:\Windows\System32\drivers\bowser.sys - ok
17:13:43.0963 3252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:13:43.0963 3252 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:13:43.0965 3252 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:13:43.0965 3252 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:13:43.0967 3252 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:13:43.0967 3252 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:13:43.0969 3252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:13:43.0969 3252 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:13:43.0971 3252 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
17:13:43.0971 3252 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
17:13:43.0973 3252 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:13:43.0973 3252 C:\Windows\SysWOW64\shell32.dll - ok
17:13:43.0976 3252 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
17:13:43.0976 3252 C:\Windows\SysWOW64\secur32.dll - ok
17:13:43.0978 3252 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
17:13:43.0978 3252 C:\Windows\SysWOW64\fltLib.dll - ok
17:13:43.0980 3252 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
17:13:43.0980 3252 C:\Windows\SysWOW64\winsta.dll - ok
17:13:43.0982 3252 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
17:13:43.0982 3252 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
17:13:43.0984 3252 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
17:13:43.0984 3252 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
17:13:43.0987 3252 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
17:13:43.0987 3252 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
17:13:43.0989 3252 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
17:13:43.0989 3252 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
17:13:43.0991 3252 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
17:13:43.0991 3252 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
17:13:43.0993 3252 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
17:13:43.0993 3252 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
17:13:43.0995 3252 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
17:13:43.0995 3252 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
17:13:43.0997 3252 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
17:13:43.0997 3252 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
17:13:43.0999 3252 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:13:43.0999 3252 C:\Windows\SysWOW64\mswsock.dll - ok
17:13:44.0001 3252 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:13:44.0001 3252 C:\Windows\SysWOW64\dnsapi.dll - ok
17:13:44.0003 3252 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
17:13:44.0003 3252 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:13:44.0005 3252 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:13:44.0005 3252 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:13:44.0007 3252 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:13:44.0007 3252 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:13:44.0009 3252 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
17:13:44.0009 3252 C:\Windows\SysWOW64\winrnr.dll - ok
17:13:44.0011 3252 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
-
Here, in two posts, is the report generated when I ran it again. I did not get an opportunity to select "delete" on anything. The scan showed everything was clean. Thanks.
17:13:08.0355 3540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:13:08.0870 3540 ============================================================
17:13:08.0870 3540 Current date / time: 2012/12/13 17:13:08.0870
17:13:08.0870 3540 SystemInfo:
17:13:08.0870 3540
17:13:08.0870 3540 OS Version: 6.1.7601 ServicePack: 1.0
17:13:08.0870 3540 Product type: Workstation
17:13:08.0870 3540 ComputerName: NUNNBETTER
17:13:08.0870 3540 UserName: NunnBetter
17:13:08.0870 3540 Windows directory: C:\Windows
17:13:08.0870 3540 System windows directory: C:\Windows
17:13:08.0870 3540 Running under WOW64
17:13:08.0870 3540 Processor architecture: Intel x64
17:13:08.0870 3540 Number of processors: 4
17:13:08.0870 3540 Page size: 0x1000
17:13:08.0870 3540 Boot type: Normal boot
17:13:08.0870 3540 ============================================================
17:13:11.0921 3540 BG loaded
17:13:12.0295 3540 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:13:12.0451 3540 Drive \Device\Harddisk2\DR2 - Size: 0x3C7C00000 (15.12 Gb), SectorSize: 0x200, Cylinders: 0x7B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:13:12.0451 3540 ============================================================
17:13:12.0451 3540 \Device\Harddisk0\DR0:
17:13:12.0467 3540 MBR partitions:
17:13:12.0467 3540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1DA0000
17:13:12.0467 3540 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DB4000, BlocksNum 0x72952000
17:13:12.0467 3540 \Device\Harddisk2\DR2:
17:13:12.0467 3540 MBR partitions:
17:13:12.0467 3540 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1E3A536
17:13:12.0467 3540 ============================================================
17:13:12.0498 3540 C: <-> \Device\Harddisk0\DR0\Partition2
17:13:12.0498 3540 ============================================================
17:13:12.0498 3540 Initialize success
17:13:12.0498 3540 ============================================================
17:13:14.0885 3252 ============================================================
17:13:14.0885 3252 Scan started
17:13:14.0885 3252 Mode: Manual;
17:13:14.0885 3252 ============================================================
17:13:22.0248 3252 ================ Scan system memory ========================
17:13:22.0248 3252 System memory - ok
17:13:22.0248 3252 ================ Scan services =============================
17:13:23.0402 3252 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:13:23.0511 3252 1394ohci - ok
17:13:23.0777 3252 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:13:23.0823 3252 ACPI - ok
17:13:23.0917 3252 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:13:23.0979 3252 AcpiPmi - ok
17:13:24.0089 3252 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:13:24.0089 3252 AdobeARMservice - ok
17:13:24.0120 3252 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:13:24.0120 3252 adp94xx - ok
17:13:24.0151 3252 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:13:24.0167 3252 adpahci - ok
17:13:24.0182 3252 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:13:24.0182 3252 adpu320 - ok
17:13:24.0229 3252 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:13:24.0229 3252 AeLookupSvc - ok
17:13:24.0245 3252 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:13:24.0260 3252 AFD - ok
17:13:24.0276 3252 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:13:24.0276 3252 agp440 - ok
17:13:24.0291 3252 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:13:24.0291 3252 ALG - ok
17:13:24.0307 3252 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:13:24.0307 3252 aliide - ok
17:13:24.0323 3252 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:13:24.0323 3252 amdide - ok
17:13:24.0354 3252 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:13:24.0354 3252 AmdK8 - ok
17:13:24.0369 3252 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:13:24.0369 3252 AmdPPM - ok
17:13:24.0385 3252 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:13:24.0385 3252 amdsata - ok
17:13:24.0401 3252 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:13:24.0416 3252 amdsbs - ok
17:13:24.0432 3252 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:13:24.0432 3252 amdxata - ok
17:13:24.0447 3252 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:13:24.0447 3252 AppID - ok
17:13:24.0463 3252 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:13:24.0463 3252 AppIDSvc - ok
17:13:24.0463 3252 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:13:24.0479 3252 Appinfo - ok
17:13:24.0525 3252 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
17:13:24.0525 3252 arc - ok
17:13:24.0541 3252 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:13:24.0541 3252 arcsas - ok
17:13:24.0557 3252 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
17:13:24.0557 3252 aswFsBlk - ok
17:13:24.0603 3252 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:13:24.0603 3252 aswMonFlt - ok
17:13:24.0635 3252 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
17:13:24.0635 3252 aswRdr - ok
17:13:24.0650 3252 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:13:24.0650 3252 aswSnx - ok
17:13:24.0681 3252 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:13:24.0697 3252 aswSP - ok
17:13:24.0697 3252 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
17:13:24.0697 3252 aswTdi - ok
17:13:24.0728 3252 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:13:24.0728 3252 AsyncMac - ok
17:13:24.0775 3252 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:13:24.0775 3252 atapi - ok
17:13:24.0791 3252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:13:24.0791 3252 AudioEndpointBuilder - ok
17:13:24.0806 3252 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:13:24.0822 3252 AudioSrv - ok
17:13:24.0900 3252 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:13:24.0900 3252 avast! Antivirus - ok
17:13:24.0947 3252 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:13:24.0947 3252 AxInstSV - ok
17:13:24.0993 3252 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:13:25.0025 3252 b06bdrv - ok
17:13:25.0071 3252 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:13:25.0071 3252 b57nd60a - ok
17:13:25.0087 3252 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:13:25.0103 3252 BDESVC - ok
17:13:25.0165 3252 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:13:25.0165 3252 Beep - ok
17:13:25.0524 3252 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:13:25.0524 3252 BFE - ok
17:13:25.0555 3252 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
17:13:25.0555 3252 BITS - ok
17:13:25.0617 3252 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:13:25.0617 3252 blbdrive - ok
17:13:25.0695 3252 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:13:25.0695 3252 bowser - ok
17:13:25.0711 3252 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:13:25.0711 3252 BrFiltLo - ok
17:13:25.0742 3252 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:13:25.0742 3252 BrFiltUp - ok
17:13:25.0836 3252 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
17:13:25.0836 3252 BridgeMP - ok
17:13:25.0867 3252 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:13:25.0867 3252 Browser - ok
17:13:25.0965 3252 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:13:26.0052 3252 Brserid - ok
17:13:26.0131 3252 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:13:26.0150 3252 BrSerWdm - ok
17:13:26.0252 3252 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:13:26.0277 3252 BrUsbMdm - ok
17:13:26.0355 3252 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:13:26.0369 3252 BrUsbSer - ok
17:13:26.0424 3252 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:13:26.0432 3252 BTHMODEM - ok
17:13:26.0467 3252 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:13:26.0492 3252 bthserv - ok
17:13:26.0548 3252 catchme - ok
17:13:26.0571 3252 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:13:26.0574 3252 cdfs - ok
17:13:26.0696 3252 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:13:26.0697 3252 cdrom - ok
17:13:26.0736 3252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:13:26.0739 3252 CertPropSvc - ok
17:13:26.0767 3252 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
17:13:26.0768 3252 cfwids - ok
17:13:26.0796 3252 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
17:13:26.0800 3252 circlass - ok
17:13:26.0843 3252 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:13:26.0852 3252 CLFS - ok
17:13:27.0068 3252 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:13:27.0153 3252 clr_optimization_v2.0.50727_32 - ok
17:13:27.0273 3252 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:13:27.0303 3252 clr_optimization_v2.0.50727_64 - ok
17:13:27.0635 3252 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:13:27.0909 3252 clr_optimization_v4.0.30319_32 - ok
17:13:28.0068 3252 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:13:28.0125 3252 clr_optimization_v4.0.30319_64 - ok
17:13:28.0153 3252 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:13:28.0154 3252 CmBatt - ok
17:13:28.0184 3252 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:13:28.0209 3252 cmdide - ok
17:13:28.0308 3252 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:13:28.0322 3252 CNG - ok
17:13:28.0538 3252 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
17:13:28.0545 3252 CnxtHdAudService - ok
17:13:28.0567 3252 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:13:28.0569 3252 Compbatt - ok
17:13:28.0617 3252 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:13:28.0618 3252 CompositeBus - ok
17:13:28.0654 3252 COMSysApp - ok
17:13:28.0705 3252 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:13:28.0714 3252 crcdisk - ok
17:13:28.0751 3252 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:13:28.0752 3252 CryptSvc - ok
17:13:29.0000 3252 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:13:29.0004 3252 cvhsvc - ok
17:13:29.0121 3252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:13:29.0125 3252 DcomLaunch - ok
17:13:29.0252 3252 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:13:29.0265 3252 defragsvc - ok
17:13:29.0409 3252 [ 3A42B00C88E3E68080DAB6B27BB35B6E ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
17:13:29.0436 3252 DellDigitalDelivery - ok
17:13:29.0467 3252 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:13:29.0467 3252 DfsC - ok
17:13:29.0482 3252 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:13:29.0482 3252 Dhcp - ok
17:13:29.0498 3252 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:13:29.0498 3252 discache - ok
17:13:29.0547 3252 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
17:13:29.0550 3252 Disk - ok
17:13:29.0575 3252 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:13:29.0577 3252 Dnscache - ok
17:13:29.0589 3252 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:13:29.0597 3252 dot3svc - ok
17:13:29.0624 3252 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:13:29.0625 3252 DPS - ok
17:13:29.0665 3252 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:13:29.0667 3252 drmkaud - ok
17:13:29.0788 3252 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:13:29.0793 3252 DXGKrnl - ok
17:13:29.0814 3252 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:13:29.0815 3252 EapHost - ok
17:13:30.0353 3252 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:13:30.0401 3252 ebdrv - ok
17:13:30.0435 3252 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:13:30.0437 3252 EFS - ok
17:13:30.0656 3252 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:13:30.0718 3252 ehRecvr - ok
17:13:30.0737 3252 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:13:30.0750 3252 ehSched - ok
17:13:30.0771 3252 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:13:30.0777 3252 elxstor - ok
17:13:30.0813 3252 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:13:30.0885 3252 ErrDev - ok
17:13:30.0932 3252 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:13:30.0934 3252 EventSystem - ok
17:13:30.0967 3252 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:13:30.0970 3252 exfat - ok
17:13:30.0987 3252 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:13:30.0988 3252 fastfat - ok
17:13:31.0011 3252 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:13:31.0015 3252 Fax - ok
17:13:31.0032 3252 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
17:13:31.0034 3252 fdc - ok
17:13:31.0056 3252 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:13:31.0057 3252 fdPHost - ok
17:13:31.0068 3252 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:13:31.0070 3252 FDResPub - ok
17:13:31.0082 3252 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:13:31.0093 3252 FileInfo - ok
17:13:31.0126 3252 [ 1D684EFB269D24E02550536100799F9C ] FilePath C:\Windows\system32\DRIVERS\fp.sys
17:13:31.0128 3252 FilePath - ok
17:13:31.0182 3252 [ 9B09A03D1A47220AE9C6F6627FB317B8 ] filepathsrv C:\Windows\system32\filepathsrv.exe
17:13:31.0189 3252 filepathsrv - ok
17:13:31.0201 3252 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:13:31.0202 3252 Filetrace - ok
17:13:31.0217 3252 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:13:31.0219 3252 flpydisk - ok
17:13:31.0243 3252 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:13:31.0245 3252 FltMgr - ok
17:13:31.0280 3252 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:13:31.0294 3252 FontCache - ok
17:13:31.0319 3252 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:13:31.0333 3252 FontCache3.0.0.0 - ok
17:13:31.0344 3252 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:13:31.0347 3252 FsDepends - ok
17:13:31.0381 3252 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:13:31.0382 3252 Fs_Rec - ok
17:13:31.0395 3252 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:13:31.0399 3252 fvevol - ok
17:13:31.0422 3252 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:13:31.0424 3252 gagp30kx - ok
17:13:31.0500 3252 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:13:31.0504 3252 GamesAppService - ok
17:13:31.0540 3252 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:13:31.0544 3252 gpsvc - ok
17:13:31.0552 3252 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:13:31.0560 3252 hcw85cir - ok
17:13:31.0583 3252 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:13:31.0584 3252 HDAudBus - ok
17:13:31.0596 3252 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:13:31.0597 3252 HidBatt - ok
17:13:31.0607 3252 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:13:31.0609 3252 HidBth - ok
17:13:31.0619 3252 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
17:13:31.0644 3252 HidIr - ok
17:13:31.0668 3252 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
17:13:31.0670 3252 hidserv - ok
17:13:31.0749 3252 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:13:31.0749 3252 HidUsb - ok
17:13:31.0788 3252 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:13:31.0801 3252 HipShieldK - ok
17:13:31.0820 3252 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:13:31.0823 3252 hkmsvc - ok
17:13:31.0848 3252 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:13:31.0896 3252 HomeGroupListener - ok
17:13:31.0933 3252 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:13:31.0935 3252 HomeGroupProvider - ok
17:13:31.0957 3252 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:13:31.0964 3252 HpSAMD - ok
17:13:32.0018 3252 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:13:32.0021 3252 HTTP - ok
17:13:32.0047 3252 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:13:32.0056 3252 hwpolicy - ok
17:13:32.0100 3252 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:13:32.0102 3252 i8042prt - ok
17:13:32.0187 3252 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:13:32.0192 3252 iaStorV - ok
17:13:32.0264 3252 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:13:32.0282 3252 idsvc - ok
17:13:32.0779 3252 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:13:32.0828 3252 igfx - ok
17:13:32.0845 3252 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:13:32.0848 3252 iirsp - ok
17:13:32.0939 3252 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:13:32.0943 3252 IKEEXT - ok
17:13:32.0972 3252 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:13:32.0974 3252 IntcDAud - ok
17:13:32.0979 3252 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:13:32.0980 3252 intelide - ok
17:13:33.0003 3252 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:13:33.0004 3252 intelppm - ok
17:13:33.0041 3252 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:13:33.0043 3252 IPBusEnum - ok
17:13:33.0060 3252 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:13:33.0075 3252 IpFilterDriver - ok
17:13:33.0320 3252 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:13:33.0324 3252 iphlpsvc - ok
17:13:33.0374 3252 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:13:33.0376 3252 IPMIDRV - ok
17:13:33.0420 3252 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:13:33.0422 3252 IPNAT - ok
17:13:33.0434 3252 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:13:33.0436 3252 IRENUM - ok
17:13:33.0455 3252 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:13:33.0457 3252 isapnp - ok
17:13:33.0466 3252 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:13:33.0470 3252 iScsiPrt - ok
17:13:33.0493 3252 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:13:33.0494 3252 kbdclass - ok
17:13:33.0512 3252 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:13:33.0512 3252 kbdhid - ok
17:13:33.0532 3252 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:13:33.0533 3252 KeyIso - ok
17:13:33.0544 3252 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:13:33.0546 3252 KSecDD - ok
17:13:33.0559 3252 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:13:33.0561 3252 KSecPkg - ok
17:13:33.0570 3252 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:13:33.0571 3252 ksthunk - ok
17:13:33.0591 3252 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:13:33.0596 3252 KtmRm - ok
17:13:33.0627 3252 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
17:13:33.0630 3252 LanmanServer - ok
17:13:33.0638 3252 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:13:33.0641 3252 LanmanWorkstation - ok
17:13:33.0650 3252 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:13:33.0651 3252 lltdio - ok
17:13:33.0662 3252 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:13:33.0666 3252 lltdsvc - ok
17:13:33.0679 3252 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:13:33.0681 3252 lmhosts - ok
17:13:33.0710 3252 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:13:33.0712 3252 LSI_FC - ok
17:13:33.0728 3252 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:13:33.0730 3252 LSI_SAS - ok
17:13:33.0737 3252 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:13:33.0737 3252 LSI_SAS2 - ok
17:13:33.0753 3252 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:13:33.0753 3252 LSI_SCSI - ok
17:13:33.0769 3252 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:13:33.0784 3252 luafv - ok
17:13:33.0876 3252 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
17:13:33.0880 3252 McAWFwk - ok
17:13:33.0932 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:13:33.0933 3252 McMPFSvc - ok
17:13:33.0947 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:13:33.0949 3252 mcmscsvc - ok
17:13:33.0956 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:13:33.0957 3252 McNaiAnn - ok
17:13:33.0971 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:13:33.0973 3252 McNASvc - ok
17:13:34.0001 3252 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
17:13:34.0006 3252 McODS - ok
17:13:34.0009 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:13:34.0010 3252 McOobeSv - ok
17:13:34.0014 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
17:13:34.0015 3252 McProxy - ok
17:13:34.0030 3252 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
17:13:34.0031 3252 McShield - ok
17:13:34.0051 3252 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:13:34.0054 3252 Mcx2Svc - ok
17:13:34.0075 3252 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
17:13:34.0076 3252 megasas - ok
17:13:34.0095 3252 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:13:34.0128 3252 MegaSR - ok
17:13:34.0171 3252 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:13:34.0172 3252 MEIx64 - ok
17:13:34.0306 3252 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
17:13:34.0307 3252 mfeapfk - ok
17:13:34.0328 3252 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
17:13:34.0330 3252 mfeavfk - ok
17:13:34.0339 3252 mfeavfk01 - ok
17:13:34.0356 3252 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
17:13:34.0357 3252 mfefire - ok
17:13:34.0376 3252 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
17:13:34.0379 3252 mfefirek - ok
17:13:34.0406 3252 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
17:13:34.0413 3252 mfehidk - ok
17:13:34.0426 3252 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
17:13:34.0428 3252 mferkdet - ok
17:13:34.0451 3252 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
17:13:34.0453 3252 mfevtp - ok
17:13:34.0469 3252 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
17:13:34.0472 3252 mfewfpk - ok
17:13:34.0494 3252 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:13:34.0495 3252 MMCSS - ok
17:13:34.0513 3252 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:13:34.0515 3252 Modem - ok
17:13:34.0530 3252 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:13:34.0530 3252 monitor - ok
17:13:34.0540 3252 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:13:34.0541 3252 mouclass - ok
17:13:34.0551 3252 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:13:34.0552 3252 mouhid - ok
17:13:34.0565 3252 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:13:34.0567 3252 mountmgr - ok
17:13:34.0578 3252 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:13:34.0580 3252 mpio - ok
17:13:34.0595 3252 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:13:34.0596 3252 mpsdrv - ok
17:13:34.0642 3252 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:13:34.0647 3252 MpsSvc - ok
17:13:34.0655 3252 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:13:34.0657 3252 MRxDAV - ok
17:13:34.0671 3252 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:13:34.0672 3252 mrxsmb - ok
17:13:34.0683 3252 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:13:34.0685 3252 mrxsmb10 - ok
17:13:34.0695 3252 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:13:34.0696 3252 mrxsmb20 - ok
17:13:34.0711 3252 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:13:34.0713 3252 msahci - ok
17:13:34.0722 3252 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:13:34.0724 3252 msdsm - ok
17:13:34.0736 3252 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:13:34.0739 3252 MSDTC - ok
17:13:34.0752 3252 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:13:34.0753 3252 Msfs - ok
17:13:34.0774 3252 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:13:34.0775 3252 mshidkmdf - ok
17:13:34.0785 3252 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:13:34.0786 3252 msisadrv - ok
17:13:34.0800 3252 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:13:34.0804 3252 MSiSCSI - ok
17:13:34.0806 3252 msiserver - ok
17:13:34.0830 3252 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
17:13:34.0832 3252 MSK80Service - ok
17:13:34.0852 3252 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:13:34.0854 3252 MSKSSRV - ok
17:13:34.0860 3252 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:13:34.0861 3252 MSPCLOCK - ok
17:13:34.0866 3252 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:13:34.0867 3252 MSPQM - ok
17:13:34.0884 3252 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:13:34.0888 3252 MsRPC - ok
17:13:34.0906 3252 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:13:34.0906 3252 mssmbios - ok
17:13:34.0917 3252 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:13:34.0919 3252 MSTEE - ok
17:13:34.0932 3252 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:13:34.0933 3252 MTConfig - ok
17:13:34.0964 3252 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:13:34.0965 3252 Mup - ok
17:13:34.0988 3252 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:13:34.0994 3252 napagent - ok
17:13:35.0020 3252 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:13:35.0022 3252 NativeWifiP - ok
17:13:35.0151 3252 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:13:35.0168 3252 NAUpdate - ok
17:13:35.0190 3252 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:13:35.0198 3252 NDIS - ok
17:13:35.0202 3252 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:13:35.0202 3252 NdisCap - ok
17:13:35.0218 3252 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:13:35.0218 3252 NdisTapi - ok
17:13:35.0233 3252 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:13:35.0233 3252 Ndisuio - ok
17:13:35.0249 3252 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:13:35.0249 3252 NdisWan - ok
17:13:35.0265 3252 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:13:35.0265 3252 NDProxy - ok
17:13:35.0265 3252 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:13:35.0280 3252 NetBIOS - ok
17:13:35.0309 3252 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:13:35.0311 3252 NetBT - ok
17:13:35.0322 3252 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:13:35.0324 3252 Netlogon - ok
17:13:35.0357 3252 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:13:35.0360 3252 Netman - ok
17:13:35.0405 3252 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:35.0407 3252 NetMsmqActivator - ok
17:13:35.0410 3252 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:35.0411 3252 NetPipeActivator - ok
17:13:35.0430 3252 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:13:35.0434 3252 netprofm - ok
17:13:35.0472 3252 [ B330CE846D1C672F640D3B3647CEF86D ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
17:13:35.0479 3252 netr28ux - ok
17:13:35.0483 3252 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:35.0484 3252 NetTcpActivator - ok
17:13:35.0487 3252 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:13:35.0488 3252 NetTcpPortSharing - ok
17:13:35.0497 3252 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:13:35.0499 3252 nfrd960 - ok
17:13:35.0527 3252 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:13:35.0530 3252 NlaSvc - ok
17:13:35.0642 3252 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
17:13:35.0681 3252 NOBU - ok
17:13:35.0694 3252 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:13:35.0695 3252 Npfs - ok
17:13:35.0717 3252 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:13:35.0718 3252 nsi - ok
17:13:35.0748 3252 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:13:35.0748 3252 nsiproxy - ok
17:13:35.0785 3252 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:13:35.0809 3252 Ntfs - ok
17:13:35.0818 3252 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:13:35.0819 3252 Null - ok
17:13:35.0844 3252 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:13:35.0846 3252 nvraid - ok
17:13:35.0860 3252 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:13:35.0862 3252 nvstor - ok
17:13:35.0889 3252 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:13:35.0892 3252 nv_agp - ok
17:13:35.0904 3252 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:13:35.0906 3252 ohci1394 - ok
17:13:35.0954 3252 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:35.0976 3252 ose - ok
17:13:36.0069 3252 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:13:36.0146 3252 osppsvc - ok
17:13:36.0200 3252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:13:36.0221 3252 p2pimsvc - ok
17:13:36.0279 3252 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:13:36.0312 3252 p2psvc - ok
17:13:36.0334 3252 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
17:13:36.0346 3252 Parport - ok
17:13:36.0376 3252 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:13:36.0377 3252 partmgr - ok
17:13:36.0388 3252 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:13:36.0391 3252 PcaSvc - ok
17:13:36.0404 3252 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:13:36.0407 3252 pci - ok
17:13:36.0414 3252 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:13:36.0416 3252 pciide - ok
17:13:36.0429 3252 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:13:36.0432 3252 pcmcia - ok
17:13:36.0444 3252 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:13:36.0445 3252 pcw - ok
17:13:36.0462 3252 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:13:36.0465 3252 PEAUTH - ok
17:13:36.0539 3252 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:13:36.0541 3252 PerfHost - ok
17:13:36.0579 3252 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:13:36.0604 3252 pla - ok
17:13:36.0634 3252 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:13:36.0638 3252 PlugPlay - ok
17:13:36.0646 3252 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:13:36.0655 3252 PNRPAutoReg - ok
17:13:36.0670 3252 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:13:36.0673 3252 PNRPsvc - ok
17:13:36.0686 3252 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:13:36.0686 3252 Point64 - ok
17:13:36.0719 3252 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:13:36.0722 3252 PolicyAgent - ok
17:13:36.0743 3252 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
17:13:36.0746 3252 Power - ok
17:13:36.0764 3252 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:13:36.0766 3252 PptpMiniport - ok
17:13:36.0801 3252 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
17:13:36.0809 3252 Processor - ok
17:13:36.0831 3252 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:13:36.0834 3252 ProfSvc - ok
17:13:36.0845 3252 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:13:36.0847 3252 ProtectedStorage - ok
17:13:36.0864 3252 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:13:36.0865 3252 Psched - ok
17:13:36.0884 3252 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:13:36.0886 3252 PxHlpa64 - ok
17:13:36.0945 3252 [ DEE107066B957D9846D5036A5D40ED0C ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
17:13:36.0969 3252 QBCFMonitorService - ok
17:13:36.0990 3252 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
17:13:36.0992 3252 QBFCService - ok
17:13:37.0029 3252 [ 147552E28311DB3E86188A356A7A9F9C ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
17:13:37.0054 3252 QBVSS - ok
17:13:37.0103 3252 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:13:37.0129 3252 ql2300 - ok
17:13:37.0141 3252 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:13:37.0144 3252 ql40xx - ok
17:13:37.0192 3252 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:13:37.0192 3252 QWAVE - ok
17:13:37.0208 3252 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:13:37.0208 3252 QWAVEdrv - ok
17:13:37.0287 3252 [ 37C3272E58976598BEF1CDF321019209 ] RalinkRegistryWriter C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
17:13:37.0293 3252 RalinkRegistryWriter - ok
17:13:37.0305 3252 [ 25DAAD73732B51A46B11C6DF788F3322 ] RalinkRegistryWriter64 C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
17:13:37.0309 3252 RalinkRegistryWriter64 - ok
17:13:37.0323 3252 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:13:37.0324 3252 RasAcd - ok
17:13:37.0338 3252 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:13:37.0339 3252 RasAgileVpn - ok
17:13:37.0351 3252 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:13:37.0354 3252 RasAuto - ok
17:13:37.0360 3252 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:13:37.0361 3252 Rasl2tp - ok
17:13:37.0380 3252 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:13:37.0383 3252 RasMan - ok
17:13:37.0390 3252 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:13:37.0391 3252 RasPppoe - ok
17:13:37.0403 3252 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:13:37.0404 3252 RasSstp - ok
17:13:37.0415 3252 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:13:37.0417 3252 rdbss - ok
17:13:37.0428 3252 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
17:13:37.0429 3252 rdpbus - ok
17:13:37.0441 3252 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:13:37.0442 3252 RDPCDD - ok
17:13:37.0448 3252 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:13:37.0449 3252 RDPENCDD - ok
17:13:37.0457 3252 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:13:37.0458 3252 RDPREFMP - ok
17:13:37.0472 3252 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:13:37.0475 3252 RDPWD - ok
17:13:37.0491 3252 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:13:37.0494 3252 rdyboost - ok
17:13:37.0514 3252 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:13:37.0516 3252 RemoteAccess - ok
17:13:37.0530 3252 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:13:37.0533 3252 RemoteRegistry - ok
17:13:37.0675 3252 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:13:37.0708 3252 RoxMediaDB12OEM - ok
17:13:37.0726 3252 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:13:37.0729 3252 RoxWatch12 - ok
17:13:37.0746 3252 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:13:37.0748 3252 RpcEptMapper - ok
17:13:37.0772 3252 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:13:37.0774 3252 RpcLocator - ok
17:13:37.0803 3252 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:13:37.0807 3252 RpcSs - ok
17:13:37.0811 3252 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:13:37.0812 3252 rspndr - ok
17:13:37.0838 3252 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:13:37.0841 3252 RTL8167 - ok
17:13:37.0860 3252 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:13:37.0862 3252 SamSs - ok
17:13:37.0873 3252 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:13:37.0879 3252 sbp2port - ok
17:13:37.0894 3252 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:13:37.0897 3252 SCardSvr - ok
17:13:37.0909 3252 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:13:37.0911 3252 scfilter - ok
17:13:37.0933 3252 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:13:37.0938 3252 Schedule - ok
17:13:37.0958 3252 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:13:37.0958 3252 SCPolicySvc - ok
17:13:37.0963 3252 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:13:37.0967 3252 SDRSVC - ok
17:13:37.0987 3252 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:13:37.0987 3252 secdrv - ok
17:13:37.0995 3252 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:13:37.0997 3252 seclogon - ok
17:13:38.0007 3252 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
17:13:38.0009 3252 SENS - ok
17:13:38.0022 3252 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:13:38.0025 3252 SensrSvc - ok
17:13:38.0028 3252 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:13:38.0029 3252 Serenum - ok
17:13:38.0056 3252 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
17:13:38.0059 3252 Serial - ok
17:13:38.0081 3252 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:13:38.0083 3252 sermouse - ok
17:13:38.0103 3252 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:13:38.0107 3252 SessionEnv - ok
17:13:38.0115 3252 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:13:38.0117 3252 sffdisk - ok
17:13:38.0125 3252 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:13:38.0127 3252 sffp_mmc - ok
17:13:38.0134 3252 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:13:38.0135 3252 sffp_sd - ok
17:13:38.0151 3252 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:13:38.0152 3252 sfloppy - ok
17:13:38.0186 3252 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:13:38.0189 3252 Sftfs - ok
17:13:38.0227 3252 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:13:38.0227 3252 sftlist - ok
17:13:38.0243 3252 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:13:38.0243 3252 Sftplay - ok
17:13:38.0243 3252 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:13:38.0243 3252 Sftredir - ok
17:13:38.0289 3252 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
17:13:38.0321 3252 SftService - ok
17:13:38.0321 3252 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:13:38.0321 3252 Sftvol - ok
17:13:38.0336 3252 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:13:38.0336 3252 sftvsa - ok
17:13:38.0383 3252 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:13:38.0399 3252 SharedAccess - ok
17:13:38.0399 3252 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:13:38.0399 3252 ShellHWDetection - ok
17:13:38.0414 3252 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:13:38.0414 3252 SiSRaid2 - ok
17:13:38.0430 3252 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:13:38.0430 3252 SiSRaid4 - ok
17:13:38.0445 3252 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:13:38.0445 3252 Smb - ok
17:13:38.0477 3252 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:13:38.0477 3252 SNMPTRAP - ok
17:13:38.0508 3252 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:13:38.0508 3252 spldr - ok
17:13:38.0539 3252 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:13:38.0539 3252 Spooler - ok
17:13:38.0601 3252 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:13:38.0648 3252 sppsvc - ok
17:13:38.0664 3252 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:13:38.0711 3252 sppuinotify - ok
17:13:38.0742 3252 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:13:38.0742 3252 srv - ok
17:13:38.0757 3252 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:13:38.0757 3252 srv2 - ok
17:13:38.0773 3252 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:13:38.0773 3252 srvnet - ok
17:13:38.0804 3252 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:13:38.0804 3252 SSDPSRV - ok
17:13:38.0820 3252 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:13:38.0820 3252 SstpSvc - ok
17:13:38.0835 3252 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:13:38.0835 3252 stexstor - ok
17:13:38.0851 3252 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:13:38.0851 3252 stisvc - ok
17:13:38.0898 3252 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:13:38.0945 3252 stllssvr - ok
17:13:38.0976 3252 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:13:38.0976 3252 swenum - ok
17:13:39.0007 3252 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:13:39.0023 3252 swprv - ok
17:13:39.0054 3252 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:13:39.0054 3252 SysMain - ok
17:13:39.0069 3252 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:13:39.0069 3252 TabletInputService - ok
17:13:39.0085 3252 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:13:39.0085 3252 TapiSrv - ok
17:13:39.0101 3252 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:13:39.0101 3252 TBS - ok
17:13:39.0147 3252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:13:39.0179 3252 Tcpip - ok
17:13:39.0210 3252 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:13:39.0225 3252 TCPIP6 - ok
17:13:39.0241 3252 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:13:39.0241 3252 tcpipreg - ok
17:13:39.0257 3252 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:13:39.0257 3252 TDPIPE - ok
17:13:39.0272 3252 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:13:39.0272 3252 TDTCP - ok
17:13:39.0288 3252 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:13:39.0288 3252 tdx - ok
17:13:39.0303 3252 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:13:39.0303 3252 TermDD - ok
17:13:39.0350 3252 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:13:39.0350 3252 TermService - ok
17:13:39.0366 3252 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:13:39.0366 3252 Themes - ok
17:13:39.0381 3252 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:13:39.0381 3252 THREADORDER - ok
17:13:39.0397 3252 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:13:39.0397 3252 TrkWks - ok
17:13:39.0444 3252 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:13:39.0444 3252 TrustedInstaller - ok
17:13:39.0459 3252 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:13:39.0459 3252 tssecsrv - ok
17:13:39.0491 3252 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:13:39.0491 3252 TsUsbFlt - ok
17:13:39.0506 3252 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:13:39.0506 3252 TsUsbGD - ok
17:13:39.0522 3252 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:13:39.0522 3252 tunnel - ok
17:13:39.0553 3252 [ 4FD2F1366055D55F0D10B2568526AB78 ] U2SP C:\Windows\system32\DRIVERS\u2s2kxp64.sys
17:13:39.0553 3252 U2SP - ok
17:13:39.0569 3252 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:13:39.0569 3252 uagp35 - ok
17:13:39.0584 3252 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:13:39.0584 3252 udfs - ok
17:13:39.0615 3252 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:13:39.0615 3252 UI0Detect - ok
17:13:39.0631 3252 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:13:39.0631 3252 uliagpkx - ok
17:13:39.0647 3252 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:13:39.0647 3252 umbus - ok
17:13:39.0678 3252 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:13:39.0678 3252 UmPass - ok
17:13:39.0693 3252 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:13:39.0693 3252 upnphost - ok
17:13:39.0725 3252 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
17:13:39.0740 3252 usbccgp - ok
17:13:39.0756 3252 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:13:39.0756 3252 usbcir - ok
17:13:39.0771 3252 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:13:39.0771 3252 usbehci - ok
17:13:39.0787 3252 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:13:39.0787 3252 usbhub - ok
17:13:39.0803 3252 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:13:39.0803 3252 usbohci - ok
17:13:39.0818 3252 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:13:39.0818 3252 usbprint - ok
17:13:39.0818 3252 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:13:39.0834 3252 USBSTOR - ok
17:13:39.0834 3252 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:13:39.0834 3252 usbuhci - ok
17:13:39.0849 3252 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:13:39.0865 3252 UxSms - ok
17:13:39.0865 3252 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:13:39.0865 3252 VaultSvc - ok
17:13:39.0881 3252 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:13:39.0881 3252 vdrvroot - ok
17:13:39.0943 3252 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:13:39.0974 3252 vds - ok
17:13:40.0005 3252 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:13:40.0021 3252 vga - ok
17:13:40.0037 3252 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:13:40.0037 3252 VgaSave - ok
17:13:40.0052 3252 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:13:40.0052 3252 vhdmp - ok
17:13:40.0068 3252 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:13:40.0068 3252 viaide - ok
17:13:40.0099 3252 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:13:40.0115 3252 volmgr - ok
17:13:40.0130 3252 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:13:40.0130 3252 volmgrx - ok
17:13:40.0146 3252 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:13:40.0146 3252 volsnap - ok
17:13:40.0161 3252 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:13:40.0161 3252 vsmraid - ok
17:13:40.0193 3252 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:13:40.0224 3252 VSS - ok
17:13:40.0255 3252 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:13:40.0255 3252 vwifibus - ok
17:13:40.0286 3252 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:13:40.0286 3252 vwififlt - ok
17:13:40.0302 3252 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:13:40.0302 3252 vwifimp - ok
17:13:40.0317 3252 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:13:40.0333 3252 W32Time - ok
17:13:40.0333 3252 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:13:40.0333 3252 WacomPen - ok
17:13:40.0349 3252 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:13:40.0364 3252 WANARP - ok
17:13:40.0364 3252 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:13:40.0364 3252 Wanarpv6 - ok
17:13:40.0411 3252 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:13:40.0442 3252 WatAdminSvc - ok
17:13:40.0473 3252 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:13:40.0489 3252 wbengine - ok
17:13:40.0520 3252 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:13:40.0520 3252 WbioSrvc - ok
17:13:40.0536 3252 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:13:40.0536 3252 wcncsvc - ok
17:13:40.0551 3252 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:13:40.0551 3252 WcsPlugInService - ok
17:13:40.0567 3252 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
17:13:40.0567 3252 Wd - ok
17:13:40.0583 3252 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:13:40.0598 3252 Wdf01000 - ok
17:13:40.0614 3252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:13:40.0614 3252 WdiServiceHost - ok
17:13:40.0614 3252 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:13:40.0614 3252 WdiSystemHost - ok
17:13:40.0661 3252 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:13:40.0661 3252 WebClient - ok
17:13:40.0676 3252 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:13:40.0676 3252 Wecsvc - ok
17:13:40.0692 3252 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:13:40.0692 3252 wercplsupport - ok
17:13:40.0707 3252 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:13:40.0707 3252 WerSvc - ok
17:13:40.0723 3252 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:13:40.0723 3252 WfpLwf - ok
17:13:40.0739 3252 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
17:13:40.0739 3252 WimFltr - ok
17:13:40.0754 3252 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:13:40.0754 3252 WIMMount - ok
17:13:40.0801 3252 WinDefend - ok
17:13:40.0801 3252 WinHttpAutoProxySvc - ok
17:13:40.0832 3252 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:13:40.0848 3252 Winmgmt - ok
17:13:40.0895 3252 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:13:40.0926 3252 WinRM - ok
17:13:40.0973 3252 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:13:40.0973 3252 WinUsb - ok
17:13:41.0004 3252 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:13:41.0004 3252 Wlansvc - ok
17:13:41.0035 3252 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:13:41.0035 3252 wlcrasvc - ok
17:13:41.0175 3252 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:13:41.0191 3252 wlidsvc - ok
17:13:41.0207 3252 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:13:41.0269 3252 WmiAcpi - ok
17:13:41.0300 3252 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:13:41.0300 3252 wmiApSrv - ok
17:13:41.0300 3252 WMPNetworkSvc - ok
17:13:41.0316 3252 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:13:41.0316 3252 WPCSvc - ok
17:13:41.0347 3252 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:13:41.0347 3252 WPDBusEnum - ok
17:13:41.0347 3252 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:13:41.0347 3252 ws2ifsl - ok
17:13:41.0394 3252 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
17:13:41.0394 3252 wscsvc - ok
17:13:41.0409 3252 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:13:41.0409 3252 WSDPrintDevice - ok
17:13:41.0409 3252 WSearch - ok
17:13:41.0487 3252 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:13:41.0534 3252 wuauserv - ok
17:13:41.0534 3252 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:13:41.0534 3252 WudfPf - ok
17:13:41.0550 3252 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:13:41.0550 3252 WUDFRd - ok
17:13:41.0581 3252 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:13:41.0581 3252 wudfsvc - ok
17:13:41.0597 3252 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:13:41.0597 3252 WwanSvc - ok
-
Farbar Recovery Scan Tool (x64) Version: 06-12-2012
Ran by SYSTEM at 2012-12-10 17:25:05
Running from F:\
================== Search: "services.exe" ===================
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 17:19] - [2009-07-13 19:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\System32\Services.exe
[2009-07-13 17:19] - [2009-07-13 19:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
C:\Windows\erdnt\cache64\Services.exe
[2012-11-30 22:32] - [2009-07-13 19:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
====== End Of Search ======
-
Okay. I've run the Farbar Recovery Scan Tool and other steps as you indicated. Here are the logs you need. Again, they are in multiple posts due to the size. Thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2012
Ran by SYSTEM at 10-12-2012 17:23:39
Running from F:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4297136 2012-10-30] (AVAST Software)
HKU\NunnBetter\...\Policies\system: [LogonHoursAction] 2
HKU\NunnBetter\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Shop\...\Policies\system: [LogonHoursAction] 2
HKU\Shop\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Tabatha\...\Policies\system: [LogonHoursAction] 2
HKU\Tabatha\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Tcpip\Parameters: [DhcpNameServer] 192.168.1.235
==================== Services (Whitelisted) ===================
2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [44808 2012-10-30] (AVAST Software)
4 filepathsrv; C:\Windows\system32\filepathsrv.exe [628608 2010-07-19] (IBM Corporation)
4 McAWFwk; C:\PROGRA~1\mcafee\msc\mcawfwk.exe [224704 2011-03-08] (McAfee, Inc.)
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 mcmscsvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 McNaiAnn; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 McNASvc; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 McODS; "C:\Program Files\mcafee\VirusScan\mcods.exe" [383608 2012-09-10] (McAfee, Inc.)
4 McOobeSv; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 McProxy; "C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [237920 2012-06-22] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [218320 2012-06-22] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [177144 2012-06-22] (McAfee, Inc.)
4 MSK80Service; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [201304 2012-08-31] (McAfee, Inc.)
4 RalinkRegistryWriter; "C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe" [377088 2011-11-21] (Ralink Technology, Corp.)
4 RalinkRegistryWriter64; "C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe" [455424 2011-11-21] (Ralink Technology, Corp.)
3 catchme; \??\C:\username123.exe\catchme.sys [x]
==================== Drivers (Whitelisted) =====================
2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-30] (AVAST Software)
2 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [71600 2012-10-30] (AVAST Software)
1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-30] (AVAST Software)
1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-30] (AVAST Software)
1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-30] (AVAST Software)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [69672 2012-06-22] (McAfee, Inc.)
1 FilePath; C:\Windows\System32\DRIVERS\fp.sys [316288 2010-07-19] (IBM Corporation)
3 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [169320 2012-06-22] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [300392 2012-06-22] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [513456 2012-06-22] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [752672 2012-06-22] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [106112 2012-06-22] (McAfee, Inc.)
0 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [335784 2012-06-22] (McAfee, Inc.)
3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp64.sys [91008 2010-05-27] (Magic Control Technology Corp.)
3 mfeavfk01; [x]
==================== NetSvcs (Whitelisted) ====================
==================== One Month Created Files and Folders ========
2012-12-10 17:16 - 2012-12-10 17:16 - 01461029 ____A (Farbar) C:\Users\NunnBetter\Downloads\FRST64.exe
2012-12-10 14:32 - 2012-12-10 14:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (7).exe
2012-12-10 14:32 - 2012-12-10 14:32 - 00001486 ____A C:\Users\NunnBetter\Desktop\tdsskiller (7) - Shortcut.lnk
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Local Settings\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Local Settings\Application Data\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\TeamViewer
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Roxio
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Dell Touch Zone
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Adobe
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\TeamViewer
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Roxio
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Dell Touch Zone
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Adobe
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Local\Dell
2012-12-10 14:16 - 2012-12-10 14:16 - 00000632 _RASH C:\Users\Shop\ntuser.pol
2012-12-10 14:16 - 2012-12-10 14:16 - 00000020 __ASH C:\Users\Shop\ntuser.ini
2012-12-10 14:16 - 2012-12-10 14:16 - 00000000 ____D C:\users\Shop
2012-12-10 14:16 - 2012-12-09 17:38 - 00000000 ____D C:\Users\Shop\Local Settings\SoftThinks
2012-12-10 14:16 - 2012-12-09 17:38 - 00000000 ____D C:\Users\Shop\Local Settings\Application Data\SoftThinks
2012-12-10 14:16 - 2012-12-09 17:38 - 00000000 ____D C:\Users\Shop\AppData\Local\SoftThinks
2012-12-10 14:16 - 2012-02-16 01:41 - 00000000 ____D C:\Users\Shop\Application Data\Macromedia
2012-12-10 14:16 - 2012-02-16 01:41 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Macromedia
2012-12-10 14:16 - 2012-02-16 01:28 - 00000000 ___RD C:\Users\Shop\Desktop\Play Games
2012-12-10 14:08 - 2012-12-10 14:08 - 00024576 ____A C:\Users\NunnBetter\Desktop\OD5Browser.exe
2012-12-10 13:39 - 2012-12-10 13:39 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (6).exe
2012-12-10 13:37 - 2012-12-10 13:37 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (5).exe
2012-12-10 13:36 - 2012-12-10 13:36 - 00180000 ____A (Kaspersky Lab) C:\Users\NunnBetter\Downloads\kss12.0.1.117EN_RU_DE_FR_2926.exe
2012-12-10 13:33 - 2012-12-10 13:33 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (4).exe
2012-12-10 13:32 - 2012-12-10 13:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (3).exe
2012-12-10 13:32 - 2012-12-10 13:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (2).exe
2012-12-10 13:31 - 2012-12-10 13:31 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (1).exe
2012-12-09 17:31 - 2012-12-09 17:31 - 00016805 ____A C:\ComboFix.txt
2012-12-09 17:21 - 2012-12-10 13:49 - 00001592 ____A C:\Users\NunnBetter\Desktop\Virus Instructions.txt
2012-12-05 15:58 - 2012-12-05 16:00 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup (2).exe
2012-12-05 15:36 - 2012-12-05 16:00 - 52023296 ____A C:\Users\NunnBetter\Downloads\Lot Wizard.msi
2012-12-05 15:34 - 2012-12-05 15:36 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup (1).exe
2012-12-05 15:31 - 2012-12-05 15:33 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup.exe
2012-12-05 12:42 - 2012-12-05 12:42 - 00021875 ____A C:\Users\NunnBetter\Downloads\Resume2012.odt
2012-12-04 19:56 - 2012-12-04 19:56 - 00386366 ____A C:\Users\NunnBetter\Downloads\Receipts to Print.zip
2012-12-04 19:51 - 2012-12-04 19:51 - 00001171 ____A C:\Users\NunnBetter\Desktop\RKreport[2]_D_12042012_02d1951.txt
2012-12-04 19:50 - 2012-12-04 19:50 - 00000000 ____D C:\Users\NunnBetter\Desktop\RK_Quarantine
2012-12-04 19:49 - 2012-12-04 19:50 - 00752128 ____A C:\Users\NunnBetter\Downloads\RogueKiller (1).exe
2012-12-02 03:03 - 2012-10-08 06:19 - 17811968 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-12-02 03:03 - 2012-10-08 05:31 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-12-02 03:03 - 2012-10-08 05:24 - 01346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-12-02 03:03 - 2012-10-08 05:23 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-12-02 03:03 - 2012-10-08 05:22 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-12-02 03:03 - 2012-10-08 05:22 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-12-02 03:03 - 2012-10-08 05:20 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-12-02 03:03 - 2012-10-08 05:18 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-12-02 03:03 - 2012-10-08 05:17 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-12-02 03:03 - 2012-10-08 05:17 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-12-02 03:03 - 2012-10-08 05:15 - 02144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-12-02 03:03 - 2012-10-08 05:15 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-12-02 03:03 - 2012-10-08 05:13 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-12-02 03:03 - 2012-10-08 05:13 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-12-02 03:03 - 2012-10-08 05:09 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-12-02 03:03 - 2012-10-08 02:28 - 12320768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-12-02 03:03 - 2012-10-08 01:56 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-12-02 03:03 - 2012-10-08 01:48 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-12-02 03:03 - 2012-10-08 01:48 - 01103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-12-02 03:03 - 2012-10-08 01:47 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-12-02 03:03 - 2012-10-08 01:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-12-02 03:03 - 2012-10-08 01:45 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-12-02 03:03 - 2012-10-08 01:44 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-12-02 03:03 - 2012-10-08 01:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-12-02 03:03 - 2012-10-08 01:43 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-12-02 03:03 - 2012-10-08 01:42 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-12-02 03:03 - 2012-10-08 01:41 - 01793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-12-02 03:03 - 2012-10-08 01:41 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-12-02 03:03 - 2012-10-08 01:40 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-12-02 03:03 - 2012-10-08 01:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-12-02 03:03 - 2012-07-25 22:55 - 00785512 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-12-02 03:03 - 2012-07-25 22:55 - 00054376 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-12-02 03:03 - 2012-07-25 20:36 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-12-02 03:03 - 2012-06-02 08:35 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-12-02 03:02 - 2012-10-08 05:42 - 10925568 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-12-02 03:02 - 2012-10-08 02:02 - 09738240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-12-02 03:01 - 2012-07-25 21:08 - 00744448 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-12-02 03:01 - 2012-07-25 21:08 - 00229888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-12-02 03:01 - 2012-07-25 21:08 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-12-02 03:01 - 2012-07-25 21:08 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-12-02 03:01 - 2012-07-25 21:08 - 00045056 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-12-02 03:01 - 2012-07-25 20:26 - 00198656 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-12-02 03:01 - 2012-07-25 20:26 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-12-02 03:01 - 2012-06-02 08:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-12-02 00:00 - 2012-12-10 14:23 - 00001242 _RASH C:\Users\NunnBetter\ntuser.pol
2012-12-02 00:00 - 2012-12-02 00:01 - 00000632 _RASH C:\Users\Tabatha\ntuser.pol
2012-12-01 23:56 - 2012-12-01 23:56 - 00000000 ____D C:\Users\Tabatha\Application Data\Adobe
2012-12-01 23:56 - 2012-12-01 23:56 - 00000000 ____D C:\Users\Tabatha\AppData\Roaming\Adobe
2012-12-01 21:39 - 2012-12-01 21:39 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-12-01 21:38 - 2012-12-01 21:38 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller.exe
2012-12-01 21:01 - 2012-12-01 21:01 - 00752128 ____A C:\Users\NunnBetter\Downloads\RogueKiller.exe
2012-12-01 20:32 - 2012-10-18 12:25 - 03149824 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-12-01 20:32 - 2012-10-09 12:17 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcore6.dll
2012-12-01 20:32 - 2012-10-09 12:17 - 00055296 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll
2012-12-01 20:32 - 2012-10-09 11:40 - 00193536 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2012-12-01 20:32 - 2012-10-09 11:40 - 00044032 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2012-12-01 20:32 - 2012-10-03 11:56 - 01914248 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-12-01 20:32 - 2012-10-03 11:44 - 00303104 ____A (Microsoft Corporation) C:\Windows\System32\nlasvc.dll
2012-12-01 20:32 - 2012-10-03 11:44 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\netcorehc.dll
2012-12-01 20:32 - 2012-10-03 11:44 - 00216576 ____A (Microsoft Corporation) C:\Windows\System32\ncsi.dll
2012-12-01 20:32 - 2012-10-03 11:44 - 00070656 ____A (Microsoft Corporation) C:\Windows\System32\nlaapi.dll
2012-12-01 20:32 - 2012-10-03 11:44 - 00018944 ____A (Microsoft Corporation) C:\Windows\System32\netevent.dll
2012-12-01 20:32 - 2012-10-03 11:42 - 00569344 ____A (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2012-12-01 20:32 - 2012-10-03 10:42 - 00175104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2012-12-01 20:32 - 2012-10-03 10:42 - 00156672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2012-12-01 20:32 - 2012-10-03 10:42 - 00018944 ____A (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2012-12-01 20:32 - 2012-10-03 10:07 - 00045568 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpipreg.sys
2012-12-01 20:32 - 2012-01-13 01:12 - 00052224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2012-12-01 20:31 - 2012-09-25 16:47 - 00078336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2012-12-01 20:31 - 2012-09-25 16:46 - 00095744 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-12-01 20:11 - 2012-12-01 20:11 - 00000000 ____D C:\FRST
2012-11-30 21:46 - 2011-06-26 00:45 - 00256000 ____A C:\Windows\PEV.exe
2012-11-30 21:46 - 2010-11-07 11:20 - 00208896 ____A C:\Windows\MBR.exe
2012-11-30 21:46 - 2009-04-19 22:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-11-30 21:46 - 2000-08-30 18:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-11-30 21:46 - 2000-08-30 18:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-11-30 21:46 - 2000-08-30 18:00 - 00098816 ____A C:\Windows\sed.exe
2012-11-30 21:46 - 2000-08-30 18:00 - 00080412 ____A C:\Windows\grep.exe
2012-11-30 21:46 - 2000-08-30 18:00 - 00068096 ____A C:\Windows\zip.exe
2012-11-30 21:39 - 2012-12-09 17:32 - 00000000 ____D C:\Qoobox
2012-11-30 21:39 - 2012-11-30 22:32 - 00000000 ____D C:\Windows\erdnt
2012-11-30 21:38 - 2012-11-30 21:38 - 05009291 ____R (Swearware) C:\Users\NunnBetter\Downloads\username123.exe.exe
2012-11-30 19:26 - 2012-11-30 19:27 - 00262144 ____A C:\Windows\Minidump\113012-3102282-01.dmp
2012-11-30 18:30 - 2012-11-30 18:30 - 00001920 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-30 18:30 - 2012-11-30 18:30 - 00001920 ____A C:\Users\All Users\Desktop\avast! Free Antivirus.lnk
2012-11-30 18:30 - 2012-11-30 18:30 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-30 18:30 - 2012-10-30 17:51 - 00984144 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys
2012-11-30 18:30 - 2012-10-30 17:51 - 00370288 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys
2012-11-30 18:30 - 2012-10-30 17:51 - 00071600 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys
2012-11-30 18:30 - 2012-10-30 17:51 - 00059728 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys
2012-11-30 18:30 - 2012-10-30 17:51 - 00025232 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys
2012-11-30 18:30 - 2012-10-30 17:50 - 00285328 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe
2012-11-30 18:30 - 2012-10-15 10:59 - 00054072 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr2.sys
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Users\All Users\Application Data\AVAST Software
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-30 18:29 - 2012-10-30 17:51 - 00041224 ____A (AVAST Software) C:\Windows\avastSS.scr
2012-11-30 18:29 - 2012-10-30 17:50 - 00227648 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe
2012-11-30 18:25 - 2012-11-30 18:28 - 97495576 ____A C:\Users\NunnBetter\Downloads\avast_free_antivirus_setup.exe
2012-11-16 16:29 - 2012-11-16 16:29 - 00001317 ____A C:\Users\NunnBetter\Desktop\ROBLOX Player.lnk
2012-11-16 16:28 - 2012-11-16 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-16 16:27 - 2012-11-16 16:27 - 00201400 ____A C:\Users\NunnBetter\Downloads\roblox (2).exe
==================== One Month Modified Files and Folders =======
2012-12-10 17:17 - 2012-02-17 16:04 - 00002133 ____A C:\Windows\Series10.ini
2012-12-10 17:17 - 2012-02-16 02:52 - 01869351 ____A C:\Windows\WindowsUpdate.log
2012-12-10 17:17 - 2009-07-13 23:13 - 00725096 ____A C:\Windows\System32\PerfStringBackup.INI
2012-12-10 17:16 - 2012-12-10 17:16 - 01461029 ____A (Farbar) C:\Users\NunnBetter\Downloads\FRST64.exe
2012-12-10 17:13 - 2012-05-29 11:20 - 06356992 ___RA C:\Users\NunnBetter\Downloads\Nunn Better, LLC (QuickBooks2011 Apr 30,2012 03 21 PM).QBW.TLG
2012-12-10 17:13 - 2012-05-29 11:20 - 00000391 ____A C:\Users\NunnBetter\Downloads\Nunn Better, LLC (QuickBooks2011 Apr 30,2012 03 21 PM).QBW.ND
2012-12-10 17:13 - 2012-05-29 11:19 - 19279872 ___RA C:\Users\NunnBetter\Downloads\Nunn Better, LLC (QuickBooks2011 Apr 30,2012 03 21 PM).QBW
2012-12-10 15:50 - 2012-02-17 17:17 - 00000148 ____A C:\Windows\PickList.ini
2012-12-10 14:48 - 2012-02-17 16:06 - 00000109 ____A C:\Windows\mrid32
2012-12-10 14:48 - 2012-02-17 16:06 - 00000092 ____A C:\Windows\crw.ini
2012-12-10 14:41 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-12-10 14:41 - 2009-07-13 22:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-12-10 14:34 - 2009-07-13 23:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-12-10 14:34 - 2009-07-13 22:51 - 00039639 ____A C:\Windows\setupact.log
2012-12-10 14:32 - 2012-12-10 14:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (7).exe
2012-12-10 14:32 - 2012-12-10 14:32 - 00001486 ____A C:\Users\NunnBetter\Desktop\tdsskiller (7) - Shortcut.lnk
2012-12-10 14:23 - 2012-12-02 00:00 - 00001242 _RASH C:\Users\NunnBetter\ntuser.pol
2012-12-10 14:23 - 2012-02-17 16:36 - 00000000 ____D C:\users\NunnBetter
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-10 14:22 - 2012-12-10 14:22 - 00079616 ____A C:\Users\Shop\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-10 14:21 - 2010-11-20 21:47 - 00070228 ____A C:\Windows\PFRO.log
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Local Settings\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Local Settings\Application Data\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\TeamViewer
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Roxio
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Dell Touch Zone
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\Application Data\Adobe
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\TeamViewer
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Roxio
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Dell Touch Zone
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Dell
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Roaming\Adobe
2012-12-10 14:17 - 2012-12-10 14:17 - 00000000 ____D C:\Users\Shop\AppData\Local\Dell
2012-12-10 14:16 - 2012-12-10 14:16 - 00000632 _RASH C:\Users\Shop\ntuser.pol
2012-12-10 14:16 - 2012-12-10 14:16 - 00000020 __ASH C:\Users\Shop\ntuser.ini
2012-12-10 14:16 - 2012-12-10 14:16 - 00000000 ____D C:\users\Shop
2012-12-10 14:16 - 2012-02-16 01:15 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2012-12-10 14:08 - 2012-12-10 14:08 - 00024576 ____A C:\Users\NunnBetter\Desktop\OD5Browser.exe
2012-12-10 13:58 - 2012-02-17 17:22 - 00000000 ____D C:\Users\NunnBetter\Application Data\TeamViewer
2012-12-10 13:58 - 2012-02-17 17:22 - 00000000 ____D C:\Users\NunnBetter\AppData\Roaming\TeamViewer
2012-12-10 13:49 - 2012-12-09 17:21 - 00001592 ____A C:\Users\NunnBetter\Desktop\Virus Instructions.txt
2012-12-10 13:39 - 2012-12-10 13:39 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (6).exe
2012-12-10 13:37 - 2012-12-10 13:37 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (5).exe
2012-12-10 13:36 - 2012-12-10 13:36 - 00180000 ____A (Kaspersky Lab) C:\Users\NunnBetter\Downloads\kss12.0.1.117EN_RU_DE_FR_2926.exe
2012-12-10 13:33 - 2012-12-10 13:33 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (4).exe
2012-12-10 13:32 - 2012-12-10 13:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (3).exe
2012-12-10 13:32 - 2012-12-10 13:32 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (2).exe
2012-12-10 13:31 - 2012-12-10 13:31 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller (1).exe
2012-12-09 17:50 - 2012-02-17 16:53 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Nero
2012-12-09 17:50 - 2012-02-17 16:53 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Application Data\Nero
2012-12-09 17:50 - 2012-02-17 16:53 - 00000000 ____D C:\Users\NunnBetter\AppData\Local\Nero
2012-12-09 17:38 - 2012-12-10 14:16 - 00000000 ____D C:\Users\Shop\Local Settings\SoftThinks
2012-12-09 17:38 - 2012-12-10 14:16 - 00000000 ____D C:\Users\Shop\Local Settings\Application Data\SoftThinks
2012-12-09 17:38 - 2012-12-10 14:16 - 00000000 ____D C:\Users\Shop\AppData\Local\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2012-12-09 17:38 - 2012-02-16 01:45 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2012-12-09 17:32 - 2012-11-30 21:39 - 00000000 ____D C:\Qoobox
2012-12-09 17:31 - 2012-12-09 17:31 - 00016805 ____A C:\ComboFix.txt
2012-12-09 17:30 - 2009-07-13 20:34 - 00000215 ____A C:\Windows\system.ini
2012-12-09 17:21 - 2012-02-22 16:59 - 00000000 ____D C:\Users\NunnBetter\Application Data\SoftGrid Client
2012-12-09 17:21 - 2012-02-22 16:59 - 00000000 ____D C:\Users\NunnBetter\AppData\Roaming\SoftGrid Client
2012-12-09 17:21 - 2012-02-17 14:29 - 00079616 ____A C:\Users\Tabatha\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-09 17:21 - 2012-02-17 14:29 - 00079616 ____A C:\Users\Tabatha\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-09 17:21 - 2012-02-17 14:29 - 00079616 ____A C:\Users\Tabatha\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-05 16:00 - 2012-12-05 15:58 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup (2).exe
2012-12-05 16:00 - 2012-12-05 15:36 - 52023296 ____A C:\Users\NunnBetter\Downloads\Lot Wizard.msi
2012-12-05 15:36 - 2012-12-05 15:34 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup (1).exe
2012-12-05 15:33 - 2012-12-05 15:31 - 53825744 ____A (Friday Systems Inc. ) C:\Users\NunnBetter\Downloads\lwsetup.exe
2012-12-05 12:42 - 2012-12-05 12:42 - 00021875 ____A C:\Users\NunnBetter\Downloads\Resume2012.odt
2012-12-04 19:56 - 2012-12-04 19:56 - 00386366 ____A C:\Users\NunnBetter\Downloads\Receipts to Print.zip
2012-12-04 19:51 - 2012-12-04 19:51 - 00001171 ____A C:\Users\NunnBetter\Desktop\RKreport[2]_D_12042012_02d1951.txt
2012-12-04 19:50 - 2012-12-04 19:50 - 00000000 ____D C:\Users\NunnBetter\Desktop\RK_Quarantine
2012-12-04 19:50 - 2012-12-04 19:49 - 00752128 ____A C:\Users\NunnBetter\Downloads\RogueKiller (1).exe
2012-12-03 17:01 - 2012-05-03 10:44 - 00000000 ____D C:\Users\NunnBetter\Downloads\QuickBooksAutoDataRecovery
2012-12-03 17:01 - 2012-02-17 15:34 - 00000000 ____D C:\Users\All Users\SQL Anywhere 11
2012-12-03 17:01 - 2012-02-17 15:34 - 00000000 ____D C:\Users\All Users\Application Data\SQL Anywhere 11
2012-12-03 07:56 - 2012-02-17 16:37 - 00079616 ____A C:\Users\NunnBetter\Local Settings\GDIPFONTCACHEV1.DAT
2012-12-03 07:56 - 2012-02-17 16:37 - 00079616 ____A C:\Users\NunnBetter\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2012-12-03 07:56 - 2012-02-17 16:37 - 00079616 ____A C:\Users\NunnBetter\AppData\Local\GDIPFONTCACHEV1.DAT
2012-12-03 03:02 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2012-12-02 03:21 - 2009-07-13 22:45 - 00336656 ____A C:\Windows\System32\FNTCACHE.DAT
2012-12-02 03:01 - 2012-08-21 16:32 - 66395536 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-12-02 00:01 - 2012-12-02 00:00 - 00000632 _RASH C:\Users\Tabatha\ntuser.pol
2012-12-02 00:01 - 2012-02-17 14:18 - 00000000 ____D C:\users\Tabatha
2012-12-02 00:00 - 2009-07-13 21:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2012-12-01 23:56 - 2012-12-01 23:56 - 00000000 ____D C:\Users\Tabatha\Application Data\Adobe
2012-12-01 23:56 - 2012-12-01 23:56 - 00000000 ____D C:\Users\Tabatha\AppData\Roaming\Adobe
2012-12-01 23:46 - 2012-02-22 16:22 - 00000000 ____D C:\Program Files (x86)\M1SKQB
2012-12-01 21:39 - 2012-12-01 21:39 - 00000000 ____D C:\TDSSKiller_Quarantine
2012-12-01 21:38 - 2012-12-01 21:38 - 02213976 ____A (Kaspersky Lab ZAO) C:\Users\NunnBetter\Downloads\tdsskiller.exe
2012-12-01 21:01 - 2012-12-01 21:01 - 00752128 ____A C:\Users\NunnBetter\Downloads\RogueKiller.exe
2012-12-01 20:11 - 2012-12-01 20:11 - 00000000 ____D C:\FRST
2012-12-01 12:55 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\NDF
2012-11-30 22:35 - 2009-07-13 21:20 - 00000000 ____D C:\users\Default
2012-11-30 22:32 - 2012-11-30 21:39 - 00000000 ____D C:\Windows\erdnt
2012-11-30 21:38 - 2012-11-30 21:38 - 05009291 ____R (Swearware) C:\Users\NunnBetter\Downloads\username123.exe.exe
2012-11-30 20:42 - 2012-06-27 20:26 - 00000000 ____D C:\Users\All Users\NETGEAR
2012-11-30 20:42 - 2012-06-27 20:26 - 00000000 ____D C:\Users\All Users\Application Data\NETGEAR
2012-11-30 19:41 - 2012-09-05 02:00 - 00000000 ____D C:\Users\NunnBetter\Application Data\Skype
2012-11-30 19:41 - 2012-09-05 02:00 - 00000000 ____D C:\Users\NunnBetter\AppData\Roaming\Skype
2012-11-30 19:41 - 2012-02-16 01:17 - 00000000 ____D C:\Users\All Users\Skype
2012-11-30 19:41 - 2012-02-16 01:17 - 00000000 ____D C:\Users\All Users\Application Data\Skype
2012-11-30 19:40 - 2012-10-30 15:57 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Facebook
2012-11-30 19:40 - 2012-10-30 15:57 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Application Data\Facebook
2012-11-30 19:40 - 2012-10-30 15:57 - 00000000 ____D C:\Users\NunnBetter\AppData\Local\Facebook
2012-11-30 19:27 - 2012-11-30 19:26 - 00262144 ____A C:\Windows\Minidump\113012-3102282-01.dmp
2012-11-30 19:26 - 2012-10-29 07:17 - 602654799 ____A C:\Windows\MEMORY.DMP
2012-11-30 19:26 - 2012-10-29 07:17 - 00000000 ____D C:\Windows\Minidump
2012-11-30 18:30 - 2012-11-30 18:30 - 00001920 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2012-11-30 18:30 - 2012-11-30 18:30 - 00001920 ____A C:\Users\All Users\Desktop\avast! Free Antivirus.lnk
2012-11-30 18:30 - 2012-11-30 18:30 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Users\All Users\AVAST Software
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Users\All Users\Application Data\AVAST Software
2012-11-30 18:29 - 2012-11-30 18:29 - 00000000 ____D C:\Program Files\AVAST Software
2012-11-30 18:28 - 2012-11-30 18:25 - 97495576 ____A C:\Users\NunnBetter\Downloads\avast_free_antivirus_setup.exe
2012-11-30 17:26 - 2010-11-21 01:17 - 00000000 ____D C:\Program Files\Windows Journal
2012-11-30 17:26 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2012-11-30 17:26 - 2009-07-13 23:32 - 00000000 ____D C:\Program Files\DVD Maker
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 __RSD C:\Windows\Media
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\zh-HK
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\uk-UA
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\tr-TR
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\th-TH
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\sr-Latn-CS
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\sppui
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\sl-SI
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\sk-SK
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\ro-RO
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\ras
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\oobe
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\Msdtc
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\migwiz
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\manifeststore
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\lv-LV
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\lt-LT
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\icsxml
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\ias
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\hr-HR
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\he-IL
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\et-EE
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\com
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\bg-BG
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\ar-SA
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\servicing
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\IME
2012-11-30 17:26 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\Cursors
2012-11-30 17:25 - 2012-02-18 14:37 - 00000000 ____D C:\Program Files\Microsoft IntelliPoint
2012-11-30 17:25 - 2012-02-17 16:52 - 00000000 ___RD C:\Users\NunnBetter\Desktop\MySyncUPFiles
2012-11-30 17:25 - 2012-02-17 14:34 - 00000000 ____D C:\TrustedID IDMonitor Identity Protection
2012-11-30 17:25 - 2012-02-16 02:37 - 00000000 ____D C:\Program Files\Dell Games Folder
2012-11-30 17:25 - 2012-02-16 01:41 - 00000000 ____D C:\Program Files (x86)\Zinio Reader 4
2012-11-30 17:25 - 2009-07-13 23:32 - 00000000 ____D C:\Windows\System32\restore
2012-11-30 17:25 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\sysprep
2012-11-30 17:25 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\System32\spool
2012-11-30 17:24 - 2012-10-11 02:23 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2012-11-30 17:24 - 2012-06-27 16:34 - 00000000 ____D C:\Program Files (x86)\guru Media Editor
2012-11-30 17:24 - 2012-02-22 16:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-11-30 17:24 - 2012-02-21 18:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2012-11-30 17:24 - 2012-02-16 01:18 - 00000000 ____D C:\Program Files (x86)\eBay
2012-11-30 17:23 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2012-11-30 13:48 - 2012-02-18 15:09 - 00002472 ____A C:\Users\NunnBetter\Desktop\Google Chrome.lnk
2012-11-26 15:41 - 2012-02-17 15:34 - 00000090 ____A C:\Windows\QBChanUtil_Trigger.ini
2012-11-21 12:05 - 2012-09-22 11:43 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Unity
2012-11-21 12:05 - 2012-09-22 11:43 - 00000000 ____D C:\Users\NunnBetter\Local Settings\Application Data\Unity
2012-11-21 12:05 - 2012-09-22 11:43 - 00000000 ____D C:\Users\NunnBetter\AppData\Local\Unity
2012-11-16 16:29 - 2012-11-16 16:29 - 00001317 ____A C:\Users\NunnBetter\Desktop\ROBLOX Player.lnk
2012-11-16 16:28 - 2012-11-16 16:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-11-16 16:27 - 2012-11-16 16:27 - 00201400 ____A C:\Users\NunnBetter\Downloads\roblox (2).exe
2012-11-13 13:55 - 2012-02-17 15:34 - 00000000 ____D C:\Users\All Users\Intuit
2012-11-13 13:55 - 2012-02-17 15:34 - 00000000 ____D C:\Users\All Users\Application Data\Intuit
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-12-02 03:00:30
Restore point made on: 2012-12-03 03:00:32
Restore point made on: 2012-12-03 17:14:32
Restore point made on: 2012-12-04 03:00:29
Restore point made on: 2012-12-04 15:34:26
Restore point made on: 2012-12-05 15:39:22
Restore point made on: 2012-12-05 16:01:04
Restore point made on: 2012-12-06 11:06:47
Restore point made on: 2012-12-09 17:26:13
Restore point made on: 2012-12-10 08:24:09
Restore point made on: 2012-12-10 10:57:03
==================== Memory info ===========================
Percentage of memory in use: 9%
Total physical RAM: 8104.63 MB
Available physical RAM: 7295.72 MB
Total Pagefile: 8102.83 MB
Available Pagefile: 7287.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
==================== Partitions =============================
1 Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:860.12 GB) NTFS
4 Drive f: (Backup Flashdrive) (Removable) (Total:15.11 GB) (Free:0.01 GB) NTFS
5 Drive g: (RECOVERY) (Fixed) (Total:14.81 GB) (Free:5.82 GB) NTFS ==>[system with boot components (obtained from reading drive)]
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 931 GB 0 B
Disk 1 No Media 0 B 0 B
Disk 2 Online 15 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 14 GB 40 MB
Partition 3 Primary 916 GB 14 GB
==================================================================================
Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 5 FAT Partition 39 MB Healthy Hidden
=========================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 G RECOVERY NTFS Partition 14 GB Healthy
=========================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C OS NTFS Partition 916 GB Healthy
=========================================================
Partitions of Disk 2:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 15 GB 31 KB
==================================================================================
Disk: 2
Partition 1
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 F Backup Flas NTFS Removable 15 GB Healthy
=========================================================
Last Boot: 2012-04-09 10:59
==================== End Of Log =============================
-
14:37:09.0452 5064 C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll - ok
14:37:09.0454 5064 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
14:37:09.0454 5064 C:\Windows\System32\IDStore.dll - ok
14:37:09.0456 5064 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
14:37:09.0456 5064 C:\Windows\System32\rasmans.dll - ok
14:37:09.0458 5064 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
14:37:09.0458 5064 C:\Windows\System32\rastapi.dll - ok
14:37:09.0460 5064 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
14:37:09.0460 5064 C:\Windows\System32\tapi32.dll - ok
14:37:09.0462 5064 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
14:37:09.0462 5064 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
14:37:09.0464 5064 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
14:37:09.0464 5064 C:\Windows\System32\msxml3.dll - ok
14:37:09.0467 5064 [ 6177E1A8F215576A56D437B48A00848B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
14:37:09.0467 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
14:37:09.0469 5064 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
14:37:09.0469 5064 C:\Windows\System32\hnetcfg.dll - ok
14:37:09.0471 5064 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
14:37:09.0471 5064 C:\Windows\System32\taskhost.exe - ok
14:37:09.0473 5064 [ 295E1F2BC1AFDAFD98FF426BCE524BA9 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
14:37:09.0473 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
14:37:09.0475 5064 [ 7760899D95C2D1AAC5C1D34AF41A11C7 ] C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll
14:37:09.0475 5064 C:\Program Files\mcafee\virusscan\Engine\5500.1093\mscan64a.dll - ok
14:37:09.0478 5064 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
14:37:09.0478 5064 C:\Windows\System32\MsCtfMonitor.dll - ok
14:37:09.0480 5064 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
14:37:09.0480 5064 C:\Windows\System32\msutb.dll - ok
14:37:09.0482 5064 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
14:37:09.0482 5064 C:\Windows\System32\mpr.dll - ok
14:37:09.0484 5064 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
14:37:09.0484 5064 C:\Windows\System32\dwm.exe - ok
14:37:09.0485 5064 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
14:37:09.0486 5064 C:\Windows\System32\unimdm.tsp - ok
14:37:09.0488 5064 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
14:37:09.0488 5064 C:\Windows\System32\userinit.exe - ok
14:37:09.0490 5064 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
14:37:09.0490 5064 C:\Windows\System32\dwmredir.dll - ok
14:37:09.0492 5064 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
14:37:09.0492 5064 C:\Windows\System32\dwmcore.dll - ok
14:37:09.0494 5064 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
14:37:09.0494 5064 C:\Windows\System32\wbem\wbemcore.dll - ok
14:37:09.0496 5064 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
14:37:09.0496 5064 C:\Windows\System32\HotStartUserAgent.dll - ok
14:37:09.0498 5064 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
14:37:09.0498 5064 C:\Windows\System32\PlaySndSrv.dll - ok
14:37:09.0500 5064 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
14:37:09.0500 5064 C:\Windows\System32\uniplat.dll - ok
14:37:09.0502 5064 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
14:37:09.0502 5064 C:\Windows\System32\kmddsp.tsp - ok
14:37:09.0504 5064 [ A733CC986EB51F8FBF598B981DC19FBA ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
14:37:09.0504 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
14:37:09.0506 5064 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
14:37:09.0506 5064 C:\Windows\System32\ndptsp.tsp - ok
14:37:09.0508 5064 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
14:37:09.0508 5064 C:\Windows\System32\hidphone.tsp - ok
14:37:09.0510 5064 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
14:37:09.0510 5064 C:\Windows\SysWOW64\ncrypt.dll - ok
14:37:09.0512 5064 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
14:37:09.0512 5064 C:\Windows\SysWOW64\bcrypt.dll - ok
14:37:09.0514 5064 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
14:37:09.0514 5064 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
14:37:09.0517 5064 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
14:37:09.0517 5064 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
14:37:09.0519 5064 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
14:37:09.0519 5064 C:\Windows\SysWOW64\gpapi.dll - ok
14:37:09.0520 5064 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
14:37:09.0521 5064 C:\Windows\explorer.exe - ok
14:37:09.0523 5064 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
14:37:09.0523 5064 C:\Windows\System32\wbem\esscli.dll - ok
14:37:09.0525 5064 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
14:37:09.0525 5064 C:\Windows\SysWOW64\propsys.dll - ok
14:37:09.0527 5064 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
14:37:09.0527 5064 C:\Windows\System32\d3d10_1.dll - ok
14:37:09.0529 5064 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
14:37:09.0529 5064 C:\Windows\System32\wbem\wbemsvc.dll - ok
14:37:09.0531 5064 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
14:37:09.0531 5064 C:\Windows\System32\dssenh.dll - ok
14:37:09.0533 5064 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
14:37:09.0533 5064 C:\Windows\System32\rasppp.dll - ok
14:37:09.0535 5064 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
14:37:09.0535 5064 C:\Windows\System32\vpnike.dll - ok
14:37:09.0537 5064 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
14:37:09.0537 5064 C:\Windows\System32\d3d10_1core.dll - ok
14:37:09.0539 5064 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
14:37:09.0539 5064 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
14:37:09.0541 5064 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
14:37:09.0541 5064 C:\Windows\System32\dxgi.dll - ok
14:37:09.0543 5064 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
14:37:09.0543 5064 C:\Windows\System32\wbem\wmiutils.dll - ok
14:37:09.0545 5064 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
14:37:09.0545 5064 C:\Windows\System32\raschap.dll - ok
14:37:09.0547 5064 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
14:37:09.0547 5064 C:\Windows\System32\rasadhlp.dll - ok
14:37:09.0549 5064 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
14:37:09.0549 5064 C:\Windows\System32\localspl.dll - ok
14:37:09.0552 5064 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
14:37:09.0552 5064 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
14:37:09.0554 5064 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
14:37:09.0554 5064 C:\Windows\System32\wbem\repdrvfs.dll - ok
14:37:09.0556 5064 [ CE291A12090CBB2A4BCB1F7A547DEC37 ] C:\Windows\System32\igd10umd64.dll
14:37:09.0556 5064 C:\Windows\System32\igd10umd64.dll - ok
14:37:09.0558 5064 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
14:37:09.0558 5064 C:\Windows\System32\taskeng.exe - ok
14:37:09.0560 5064 [ 32BFCF1CA719F2A3A31C721BD5F90303 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
14:37:09.0560 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
14:37:09.0562 5064 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
14:37:09.0562 5064 C:\Windows\System32\spoolss.dll - ok
14:37:09.0564 5064 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
14:37:09.0564 5064 C:\Windows\System32\winspool.drv - ok
14:37:09.0567 5064 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
14:37:09.0567 5064 C:\Windows\System32\FXSMON.dll - ok
14:37:09.0569 5064 [ 2E1729779D60F4003508F393E8343ED8 ] C:\Windows\System32\hpf3lw73.dll
14:37:09.0569 5064 C:\Windows\System32\hpf3lw73.dll - ok
14:37:09.0571 5064 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
14:37:09.0571 5064 C:\Windows\System32\PrintIsolationProxy.dll - ok
14:37:09.0573 5064 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
14:37:09.0573 5064 C:\Windows\System32\tcpmon.dll - ok
14:37:09.0575 5064 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
14:37:09.0575 5064 C:\Windows\SysWOW64\clbcatq.dll - ok
14:37:09.0577 5064 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
14:37:09.0577 5064 C:\Windows\System32\TSChannel.dll - ok
14:37:09.0579 5064 [ 40EE4E67311F4019CCA2120D88C60576 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
14:37:09.0579 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
14:37:09.0582 5064 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
14:37:09.0582 5064 C:\Windows\System32\snmpapi.dll - ok
14:37:09.0584 5064 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
14:37:09.0584 5064 C:\Windows\System32\usbmon.dll - ok
14:37:09.0586 5064 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
14:37:09.0586 5064 C:\Windows\System32\WSDApi.dll - ok
14:37:09.0588 5064 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
14:37:09.0588 5064 C:\Windows\System32\WSDMon.dll - ok
14:37:09.0590 5064 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
14:37:09.0590 5064 C:\Windows\System32\wsnmp32.dll - ok
14:37:09.0592 5064 [ A7E1129289E833FC9E52018BBEE20C4D ] C:\Program Files (x86)\Mitchell1\DPR Client Manager\DPRClientManager.exe
14:37:09.0592 5064 C:\Program Files (x86)\Mitchell1\DPR Client Manager\DPRClientManager.exe - ok
14:37:09.0594 5064 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
14:37:09.0594 5064 C:\Windows\System32\ExplorerFrame.dll - ok
14:37:09.0596 5064 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
14:37:09.0596 5064 C:\Windows\SysWOW64\apphelp.dll - ok
14:37:09.0598 5064 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:37:09.0598 5064 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:37:09.0600 5064 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
14:37:09.0600 5064 C:\Windows\System32\webservices.dll - ok
14:37:09.0602 5064 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
14:37:09.0602 5064 C:\Windows\System32\ncobjapi.dll - ok
14:37:09.0604 5064 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
14:37:09.0604 5064 C:\Windows\System32\wbem\wbemess.dll - ok
14:37:09.0606 5064 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
14:37:09.0606 5064 C:\Windows\System32\fundisc.dll - ok
14:37:09.0608 5064 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
14:37:09.0608 5064 C:\Windows\System32\mscoree.dll - ok
14:37:09.0610 5064 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
14:37:09.0610 5064 C:\Windows\System32\fdPnp.dll - ok
14:37:09.0612 5064 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
14:37:09.0612 5064 C:\Windows\System32\wsdchngr.dll - ok
14:37:09.0614 5064 [ 09AB81CEE443569D9A3CC151DDF70444 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
14:37:09.0615 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
14:37:09.0617 5064 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
14:37:09.0617 5064 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
14:37:09.0619 5064 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
14:37:09.0619 5064 C:\Windows\SysWOW64\winhttp.dll - ok
14:37:09.0621 5064 [ AD911EBC4FADCCAA243E379FF23AB959 ] C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll
14:37:09.0621 5064 C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll - ok
14:37:09.0623 5064 [ 9F463B07C8EFA35FFA581844A9F4FE79 ] C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL
14:37:09.0623 5064 C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL - ok
14:37:09.0625 5064 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
14:37:09.0625 5064 C:\Windows\SysWOW64\logoncli.dll - ok
14:37:09.0627 5064 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
14:37:09.0627 5064 C:\Windows\SysWOW64\webio.dll - ok
14:37:09.0629 5064 [ 867C93CE4B4CCFCDE65CE48A769CD227 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
14:37:09.0629 5064 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
14:37:09.0631 5064 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
14:37:09.0631 5064 C:\Windows\System32\msi.dll - ok
14:37:09.0633 5064 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
14:37:09.0633 5064 C:\Windows\System32\win32spl.dll - ok
14:37:09.0635 5064 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
14:37:09.0635 5064 C:\Windows\SysWOW64\msi.dll - ok
14:37:09.0637 5064 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
14:37:09.0637 5064 C:\Windows\System32\inetpp.dll - ok
14:37:09.0639 5064 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
14:37:09.0639 5064 C:\Windows\System32\cscapi.dll - ok
14:37:09.0641 5064 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
14:37:09.0641 5064 C:\Windows\System32\EhStorShell.dll - ok
14:37:09.0643 5064 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
14:37:09.0643 5064 C:\Windows\System32\drivers\srv2.sys - ok
14:37:09.0645 5064 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
14:37:09.0645 5064 C:\Windows\System32\ipnathlp.dll - ok
14:37:09.0648 5064 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
14:37:09.0648 5064 C:\Windows\System32\mprapi.dll - ok
14:37:09.0650 5064 [ 64A48342A57BC34943FA2014A2650550 ] C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll
14:37:09.0650 5064 C:\Program Files\Common Files\mcafee\systemcore\mfeapfa.dll - ok
14:37:09.0652 5064 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
14:37:09.0652 5064 C:\Windows\System32\netshell.dll - ok
14:37:09.0654 5064 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
14:37:09.0654 5064 C:\Windows\System32\uDWM.dll - ok
14:37:09.0656 5064 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
14:37:09.0656 5064 C:\Windows\System32\ntshrui.dll - ok
14:37:09.0658 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
14:37:09.0658 5064 C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe - ok
14:37:09.0660 5064 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
14:37:09.0660 5064 C:\Windows\System32\IconCodecService.dll - ok
14:37:09.0661 5064 [ B574522827D94126C03975FD53F0B26B ] C:\Windows\System32\drivers\mfeapfk.sys
14:37:09.0661 5064 C:\Windows\System32\drivers\mfeapfk.sys - ok
14:37:09.0664 5064 [ 617E29A0B0A2807466560D4C4E338D3E ] C:\Windows\System32\drivers\Sftredirlh.sys
14:37:09.0664 5064 C:\Windows\System32\drivers\Sftredirlh.sys - ok
14:37:09.0666 5064 [ DF3CA8D16BDED6A54977B30E66864D33 ] C:\Windows\System32\msvcr100.dll
14:37:09.0666 5064 C:\Windows\System32\msvcr100.dll - ok
14:37:09.0668 5064 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
14:37:09.0668 5064 C:\Windows\System32\runonce.exe - ok
14:37:09.0670 5064 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
14:37:09.0670 5064 C:\Windows\SysWOW64\runonce.exe - ok
14:37:09.0672 5064 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
14:37:09.0672 5064 C:\Windows\SysWOW64\schannel.dll - ok
14:37:09.0674 5064 [ 2C0D7AA2DACF6E11C71F22BFC0050147 ] C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll
14:37:09.0674 5064 C:\Program Files\Common Files\mcafee\msc\LogCntrl.dll - ok
14:37:09.0676 5064 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
14:37:09.0676 5064 C:\Windows\SysWOW64\cmd.exe - ok
14:37:09.0678 5064 [ 8422CE4E53738275C4C8539F91790A7F ] C:\PROGRA~1\mcafee\msc\McOobeSv.dll
14:37:09.0678 5064 C:\PROGRA~1\mcafee\msc\McOobeSv.dll - ok
14:37:09.0680 5064 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
14:37:09.0680 5064 C:\Windows\SysWOW64\winbrand.dll - ok
14:37:09.0683 5064 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
14:37:09.0683 5064 C:\Windows\System32\drivers\srv.sys - ok
14:37:09.0685 5064 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
14:37:09.0685 5064 C:\Windows\System32\browser.dll - ok
14:37:09.0687 5064 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
14:37:09.0687 5064 C:\Windows\System32\srvsvc.dll - ok
14:37:09.0689 5064 [ A6B73FCB9496DB101F3066CAF5A7DA4B ] C:\Windows\SysWOW64\ieframe.dll
14:37:09.0689 5064 C:\Windows\SysWOW64\ieframe.dll - ok
14:37:09.0691 5064 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
14:37:09.0691 5064 C:\Windows\System32\netmsg.dll - ok
14:37:09.0693 5064 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
14:37:09.0693 5064 C:\Windows\System32\sscore.dll - ok
14:37:09.0695 5064 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
14:37:09.0695 5064 C:\Windows\System32\clusapi.dll - ok
14:37:09.0697 5064 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
14:37:09.0697 5064 C:\Windows\System32\resutils.dll - ok
14:37:09.0699 5064 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
14:37:09.0699 5064 C:\Windows\System32\wsock32.dll - ok
14:37:09.0701 5064 [ E30E33FEA53642563CF4C240CACA5D2E ] C:\PROGRA~1\mcafee\mpf\MpfSvc.dll
14:37:09.0701 5064 C:\PROGRA~1\mcafee\mpf\MpfSvc.dll - ok
14:37:09.0703 5064 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
14:37:09.0703 5064 C:\Windows\SysWOW64\msxml6.dll - ok
14:37:09.0705 5064 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
14:37:09.0705 5064 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
14:37:09.0707 5064 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
14:37:09.0707 5064 C:\Windows\SysWOW64\oleacc.dll - ok
14:37:09.0709 5064 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
14:37:09.0709 5064 C:\Windows\SysWOW64\shdocvw.dll - ok
14:37:09.0711 5064 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\NunnBetter\AppData\Local\temp\1A671DDC-65E4-4D1B-B396-5B1CD53375BD.exe
14:37:09.0711 5064 C:\Users\NunnBetter\AppData\Local\temp\1A671DDC-65E4-4D1B-B396-5B1CD53375BD.exe - ok
14:37:09.0713 5064 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
14:37:09.0713 5064 C:\Windows\System32\ntprint.dll - ok
14:37:09.0715 5064 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
14:37:09.0715 5064 C:\Windows\SysWOW64\cryptnet.dll - ok
14:37:09.0717 5064 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
14:37:09.0717 5064 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
14:37:09.0719 5064 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
14:37:09.0720 5064 C:\Windows\SysWOW64\EhStorShell.dll - ok
14:37:09.0722 5064 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
14:37:09.0722 5064 C:\Windows\SysWOW64\ntshrui.dll - ok
14:37:09.0724 5064 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
14:37:09.0724 5064 C:\Windows\SysWOW64\imageres.dll - ok
14:37:09.0726 5064 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
14:37:09.0726 5064 C:\Windows\SysWOW64\slc.dll - ok
14:37:09.0728 5064 [ 72794D112CBAFF3BC0C29BF7350D4741 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
14:37:09.0728 5064 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
14:37:09.0730 5064 [ C797D1677BA81306AFBB9FA8A9A8F483 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
14:37:09.0730 5064 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
14:37:09.0732 5064 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
14:37:09.0732 5064 C:\Windows\SysWOW64\credui.dll - ok
14:37:09.0734 5064 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
14:37:09.0735 5064 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
14:37:09.0737 5064 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
14:37:09.0737 5064 C:\Windows\SysWOW64\hlink.dll - ok
14:37:09.0739 5064 [ 74AF1FFCAFD60DA88A386AE161F56438 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
14:37:09.0739 5064 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
14:37:09.0741 5064 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
14:37:09.0741 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
14:37:09.0743 5064 [ B08E3476F0874DBAD672D0AC4FB2580B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
14:37:09.0743 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
14:37:09.0746 5064 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
14:37:09.0746 5064 C:\Windows\SysWOW64\msv1_0.dll - ok
14:37:09.0748 5064 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
14:37:09.0748 5064 C:\Windows\SysWOW64\cryptdll.dll - ok
14:37:09.0750 5064 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
14:37:09.0750 5064 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
14:37:09.0752 5064 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
14:37:09.0752 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
14:37:09.0754 5064 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
14:37:09.0755 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
14:37:09.0757 5064 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
14:37:09.0757 5064 C:\Windows\SysWOW64\msxml3.dll - ok
14:37:09.0758 5064 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
14:37:09.0758 5064 C:\Windows\System32\wdi.dll - ok
14:37:09.0760 5064 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
14:37:09.0760 5064 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
14:37:09.0762 5064 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
14:37:09.0762 5064 C:\Windows\System32\diagperf.dll - ok
14:37:09.0765 5064 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
14:37:09.0765 5064 C:\Windows\System32\NapiNSP.dll - ok
14:37:09.0767 5064 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
14:37:09.0767 5064 C:\Windows\System32\npmproxy.dll - ok
14:37:09.0769 5064 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
14:37:09.0769 5064 C:\Windows\System32\wpdbusenum.dll - ok
14:37:09.0771 5064 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
14:37:09.0771 5064 C:\Windows\System32\pnrpnsp.dll - ok
14:37:09.0773 5064 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
14:37:09.0773 5064 C:\Windows\System32\PortableDeviceApi.dll - ok
14:37:09.0775 5064 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
14:37:09.0775 5064 C:\Windows\System32\winrnr.dll - ok
14:37:09.0777 5064 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
14:37:09.0777 5064 C:\Windows\System32\Apphlpdm.dll - ok
14:37:09.0779 5064 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
14:37:09.0779 5064 C:\Windows\System32\pnpts.dll - ok
14:37:09.0781 5064 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:37:09.0781 5064 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:37:09.0783 5064 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
14:37:09.0783 5064 C:\Windows\System32\radardt.dll - ok
14:37:09.0785 5064 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
14:37:09.0786 5064 C:\Windows\System32\perftrack.dll - ok
14:37:09.0788 5064 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
14:37:09.0788 5064 C:\Windows\System32\wdiasqmmodule.dll - ok
14:37:09.0790 5064 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
14:37:09.0790 5064 C:\Windows\System32\drivers\WUDFRd.sys - ok
14:37:09.0792 5064 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
14:37:09.0792 5064 C:\Windows\System32\mprmsg.dll - ok
14:37:09.0794 5064 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
14:37:09.0794 5064 C:\Windows\System32\ndiscapCfg.dll - ok
14:37:09.0796 5064 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
14:37:09.0796 5064 C:\Windows\System32\rascfg.dll - ok
14:37:09.0798 5064 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
14:37:09.0798 5064 C:\Windows\System32\tcpipcfg.dll - ok
14:37:09.0800 5064 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
14:37:09.0800 5064 C:\Windows\System32\WUDFHost.exe - ok
14:37:09.0802 5064 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
14:37:09.0803 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
14:37:09.0805 5064 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
14:37:09.0805 5064 C:\Windows\System32\WUDFx.dll - ok
14:37:09.0807 5064 [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
14:37:09.0807 5064 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
14:37:09.0809 5064 [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
14:37:09.0809 5064 C:\Windows\System32\WMVCORE.DLL - ok
14:37:09.0811 5064 [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
14:37:09.0811 5064 C:\Windows\System32\WMASF.DLL - ok
14:37:09.0813 5064 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
14:37:09.0813 5064 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
14:37:09.0815 5064 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
14:37:09.0815 5064 C:\Windows\System32\PortableDeviceTypes.dll - ok
14:37:09.0817 5064 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
14:37:09.0817 5064 C:\Windows\System32\aelupsvc.dll - ok
14:37:09.0819 5064 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
14:37:09.0819 5064 C:\Windows\System32\dimsjob.dll - ok
14:37:09.0821 5064 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
14:37:09.0821 5064 C:\Windows\System32\pautoenr.dll - ok
14:37:09.0823 5064 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
14:37:09.0823 5064 C:\Windows\System32\certcli.dll - ok
14:37:09.0825 5064 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
14:37:09.0825 5064 C:\Windows\System32\CertEnroll.dll - ok
14:37:09.0827 5064 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
14:37:09.0827 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
14:37:09.0830 5064 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
14:37:09.0830 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
14:37:09.0832 5064 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
14:37:09.0832 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
14:37:09.0835 5064 [ 2571D556FC661E22397D627AA2DDBD69 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\e56d345b174428dabaf908fa64a9642c\System.Web.Services.ni.dll
14:37:09.0835 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\e56d345b174428dabaf908fa64a9642c\System.Web.Services.ni.dll - ok
14:37:09.0837 5064 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
14:37:09.0837 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
14:37:09.0839 5064 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
14:37:09.0839 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
14:37:09.0842 5064 [ 625D390D5CBA512166571019E5EFECFB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll
14:37:09.0842 5064 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll - ok
14:37:09.0844 5064 [ 30830E9DA7F0BA3946665827D5247EC0 ] C:\PROGRA~1\mcafee\mpf\MpfEvt.dll
14:37:09.0844 5064 C:\PROGRA~1\mcafee\mpf\MpfEvt.dll - ok
14:37:09.0846 5064 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
14:37:09.0846 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
14:37:09.0848 5064 [ 5A55E3E6F53592F8170623DEFA2B7954 ] C:\Windows\System32\atl100.dll
14:37:09.0848 5064 C:\Windows\System32\atl100.dll - ok
14:37:09.0850 5064 [ 4F096D96285E06CD51AEF7D2D3DE04DA ] C:\Windows\System32\msvcp100.dll
14:37:09.0850 5064 C:\Windows\System32\msvcp100.dll - ok
14:37:09.0852 5064 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
14:37:09.0852 5064 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
14:37:09.0854 5064 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
14:37:09.0854 5064 C:\Windows\System32\wbem\cimwin32.dll - ok
14:37:09.0856 5064 [ F1F438402FC37991A0502F09CC0AA284 ] C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll
14:37:09.0856 5064 C:\PROGRA~1\COMMON~1\mcafee\HACKER~1\HWAPI.dll - ok
14:37:09.0859 5064 [ 8ED06C74B9BC9CE0E24EA0CB0C5CF2A7 ] C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll
14:37:09.0859 5064 C:\PROGRA~1\COMMON~1\mcafee\core\McEvtBrk.dll - ok
14:37:09.0861 5064 [ 19B8FEB9455D9D63425514271F5752E6 ] C:\PROGRA~1\mcafee\msc\mclwapi.dll
14:37:09.0861 5064 C:\PROGRA~1\mcafee\msc\mclwapi.dll - ok
14:37:09.0863 5064 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
14:37:09.0863 5064 C:\Windows\System32\framedynos.dll - ok
14:37:09.0865 5064 [ 254C46A466484D4169DFF44B29F6A979 ] C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll
14:37:09.0865 5064 C:\PROGRA~1\COMMON~1\mcafee\msc\mcutil\11_6_2~1\mcutil.dll - ok
14:37:09.0867 5064 [ A7B282F4153D7E6715A1BB70113CF7EB ] C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll
14:37:09.0867 5064 C:\Program Files\Common Files\mcafee\VSCore\lockdown.dll - ok
14:37:09.0869 5064 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
14:37:09.0869 5064 C:\Windows\System32\security.dll - ok
14:37:09.0871 5064 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
14:37:09.0871 5064 C:\Windows\System32\browcli.dll - ok
14:37:09.0873 5064 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
14:37:09.0873 5064 C:\Windows\System32\schedcli.dll - ok
14:37:09.0875 5064 [ 49442BA6DCE4B4E3C1CB0AB193FE29AD ] C:\Program Files\Internet Explorer\iexplore.exe
14:37:09.0875 5064 C:\Program Files\Internet Explorer\iexplore.exe - ok
14:37:09.0877 5064 [ C97C8EC408AC6F2453EB9417E5EF355A ] C:\Program Files\Common Files\mcafee\msc\McRTMui.dll
14:37:09.0877 5064 C:\Program Files\Common Files\mcafee\msc\McRTMui.dll - ok
14:37:09.0879 5064 [ 57FA62B72A77EA12B95EB73501D92B63 ] C:\Program Files\Common Files\mcafee\msc\LangSel.dll
14:37:09.0879 5064 C:\Program Files\Common Files\mcafee\msc\LangSel.dll - ok
14:37:09.0882 5064 [ A444C15772749F572E61DAFED66F51C4 ] C:\Program Files\mcafee\msc\oemui.dll
14:37:09.0882 5064 C:\Program Files\mcafee\msc\oemui.dll - ok
14:37:09.0884 5064 [ 88FD96AD1B0C56474ADDC97100FFFA39 ] C:\Program Files\mcafee\mpf\L10N.dll
14:37:09.0884 5064 C:\Program Files\mcafee\mpf\L10N.dll - ok
14:37:09.0886 5064 [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
14:37:09.0886 5064 C:\Windows\System32\schtasks.exe - ok
14:37:09.0888 5064 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
14:37:09.0888 5064 C:\Windows\System32\nci.dll - ok
14:37:09.0890 5064 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
14:37:09.0890 5064 C:\Windows\System32\wlaninst.dll - ok
14:37:09.0892 5064 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
14:37:09.0892 5064 C:\Windows\System32\wwaninst.dll - ok
14:37:09.0894 5064 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
14:37:09.0894 5064 C:\Windows\System32\rundll32.exe - ok
14:37:09.0896 5064 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
14:37:09.0896 5064 C:\Windows\System32\actxprxy.dll - ok
14:37:09.0898 5064 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
14:37:09.0898 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
14:37:09.0900 5064 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
14:37:09.0900 5064 C:\Windows\System32\IPSECSVC.DLL - ok
14:37:09.0902 5064 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
14:37:09.0902 5064 C:\Windows\System32\FwRemoteSvr.dll - ok
14:37:09.0904 5064 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
14:37:09.0904 5064 C:\Windows\System32\wmi.dll - ok
14:37:09.0906 5064 [ 17880C5A11373D67993FA652358DC306 ] C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll
14:37:09.0906 5064 C:\Program Files\Common Files\mcafee\systemcore\mfefwctl.dll - ok
14:37:09.0908 5064 [ 45B5A89DC41577282E5BF41B1165EA71 ] C:\Windows\System32\drivers\cfwids.sys
14:37:09.0908 5064 C:\Windows\System32\drivers\cfwids.sys - ok
14:37:09.0910 5064 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
14:37:09.0910 5064 C:\Windows\System32\spfileq.dll - ok
14:37:09.0912 5064 [ D01AECEB5D1E1C137AF7D755DDBCC549 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll
14:37:09.0912 5064 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorlib.dll - ok
14:37:09.0914 5064 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
14:37:09.0914 5064 C:\Windows\System32\drivers\fastfat.sys - ok
14:37:09.0917 5064 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
14:37:09.0917 5064 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
14:37:09.0919 5064 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
14:37:09.0919 5064 C:\Windows\SysWOW64\comdlg32.dll - ok
14:37:09.0921 5064 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
14:37:09.0921 5064 C:\Windows\SysWOW64\winspool.drv - ok
14:37:09.0923 5064 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
14:37:09.0923 5064 C:\Windows\SysWOW64\powrprof.dll - ok
14:37:09.0925 5064 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
14:37:09.0925 5064 C:\Windows\AppPatch\AcGenral.dll - ok
14:37:09.0927 5064 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
14:37:09.0927 5064 C:\Windows\SysWOW64\oledlg.dll - ok
14:37:09.0929 5064 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
14:37:09.0929 5064 C:\Windows\SysWOW64\winmm.dll - ok
14:37:09.0931 5064 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
14:37:09.0931 5064 C:\Windows\SysWOW64\msacm32.dll - ok
14:37:09.0933 5064 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
14:37:09.0933 5064 C:\Windows\SysWOW64\sfc.dll - ok
14:37:09.0935 5064 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
14:37:09.0935 5064 C:\Windows\SysWOW64\sfc_os.dll - ok
14:37:09.0937 5064 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
14:37:09.0937 5064 C:\Windows\SysWOW64\rasapi32.dll - ok
14:37:09.0939 5064 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
14:37:09.0939 5064 C:\Windows\SysWOW64\netprofm.dll - ok
14:37:09.0941 5064 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
14:37:09.0941 5064 C:\Windows\SysWOW64\nlaapi.dll - ok
14:37:09.0943 5064 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
14:37:09.0943 5064 C:\Windows\SysWOW64\rasman.dll - ok
14:37:09.0945 5064 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
14:37:09.0945 5064 C:\Windows\SysWOW64\rtutils.dll - ok
14:37:09.0947 5064 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
14:37:09.0947 5064 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
14:37:09.0949 5064 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
14:37:09.0949 5064 C:\Windows\SysWOW64\npmproxy.dll - ok
14:37:09.0951 5064 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
14:37:09.0951 5064 C:\Windows\SysWOW64\devrtl.dll - ok
14:37:09.0953 5064 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
14:37:09.0953 5064 C:\Windows\System32\ie4uinit.exe - ok
14:37:09.0955 5064 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
14:37:09.0955 5064 C:\Windows\System32\iedkcs32.dll - ok
14:37:09.0958 5064 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
14:37:09.0958 5064 C:\Windows\System32\timedate.cpl - ok
14:37:09.0960 5064 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
14:37:09.0960 5064 C:\Windows\System32\shdocvw.dll - ok
14:37:09.0962 5064 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
14:37:09.0962 5064 C:\Windows\System32\linkinfo.dll - ok
14:37:09.0964 5064 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
14:37:09.0964 5064 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
14:37:09.0966 5064 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
14:37:09.0966 5064 C:\Windows\System32\msftedit.dll - ok
14:37:09.0968 5064 [ E62FF21F5B5F69CFA5BB2F97C03C0A5B ] C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL
14:37:09.0968 5064 C:\PROGRA~2\Dell\VIDEOS~1\MUITRA~1\STMTEN~1.DLL - ok
14:37:09.0970 5064 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
14:37:09.0970 5064 C:\Windows\System32\msls31.dll - ok
14:37:09.0972 5064 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
14:37:09.0972 5064 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
14:37:09.0974 5064 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
14:37:09.0974 5064 C:\Windows\System32\gameux.dll - ok
14:37:09.0976 5064 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
14:37:09.0976 5064 C:\Windows\System32\DeviceCenter.dll - ok
14:37:09.0978 5064 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:37:09.0978 5064 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
14:37:09.0980 5064 [ 180A7380320AF73CCF7F7D8880CA2193 ] C:\Windows\System32\ieframe.dll
14:37:09.0980 5064 C:\Windows\System32\ieframe.dll - ok
14:37:09.0982 5064 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
14:37:09.0982 5064 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
14:37:09.0985 5064 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
14:37:09.0985 5064 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
14:37:09.0987 5064 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
14:37:09.0987 5064 C:\Windows\System32\oleacc.dll - ok
14:37:09.0989 5064 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
14:37:09.0989 5064 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
14:37:09.0991 5064 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
14:37:09.0991 5064 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
14:37:09.0993 5064 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
14:37:09.0993 5064 C:\Windows\System32\msiltcfg.dll - ok
14:37:09.0995 5064 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
14:37:09.0995 5064 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
14:37:09.0997 5064 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
14:37:09.0997 5064 C:\Windows\System32\thumbcache.dll - ok
14:37:09.0999 5064 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
14:37:09.0999 5064 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
14:37:10.0001 5064 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
14:37:10.0001 5064 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
14:37:10.0004 5064 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
14:37:10.0004 5064 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
14:37:10.0006 5064 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
14:37:10.0006 5064 C:\Windows\System32\networkexplorer.dll - ok
14:37:10.0008 5064 [ BD007D624E4CD905AB2E8DF2C6DE891C ] C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx
14:37:10.0008 5064 C:\Windows\SysWOW64\Macromed\Flash\Flash11c.ocx - ok
14:37:10.0010 5064 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
14:37:10.0010 5064 C:\Windows\SysWOW64\dsound.dll - ok
14:37:10.0012 5064 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
14:37:10.0012 5064 C:\Windows\SysWOW64\d3d9.dll - ok
14:37:10.0014 5064 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
14:37:10.0014 5064 C:\Windows\SysWOW64\d3d8thk.dll - ok
14:37:10.0016 5064 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
14:37:10.0016 5064 C:\Windows\SysWOW64\mscms.dll - ok
14:37:10.0018 5064 [ DCA3940E902C2C90C5639505B77BFD1B ] C:\Windows\SysWOW64\igdumdx32.dll
14:37:10.0018 5064 C:\Windows\SysWOW64\igdumdx32.dll - ok
14:37:10.0020 5064 [ F4AE686A174689A3B44B05D0CB2F5D58 ] C:\Windows\SysWOW64\igdumd32.dll
14:37:10.0020 5064 C:\Windows\SysWOW64\igdumd32.dll - ok
14:37:10.0022 5064 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
14:37:10.0022 5064 C:\Windows\SysWOW64\MMDevAPI.dll - ok
14:37:10.0024 5064 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
14:37:10.0024 5064 C:\Windows\SysWOW64\sxs.dll - ok
14:37:10.0026 5064 [ 1B2E6F9665DE9FF4A5A1812D397BE473 ] C:\Program Files\AVAST Software\Avast\defs\12121000\uiext.dll
14:37:10.0026 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\uiext.dll - ok
14:37:10.0028 5064 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\98879821.sys
14:37:10.0028 5064 C:\Windows\System32\drivers\98879821.sys - ok
14:37:10.0030 5064 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
14:37:10.0030 5064 C:\Windows\SysWOW64\riched20.dll - ok
14:37:10.0033 5064 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
14:37:10.0033 5064 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
14:37:10.0035 5064 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
14:37:10.0035 5064 C:\Windows\SysWOW64\duser.dll - ok
14:37:10.0037 5064 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
14:37:10.0037 5064 C:\Windows\SysWOW64\dui70.dll - ok
14:37:10.0038 5064 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
14:37:10.0038 5064 C:\Windows\System32\UIAnimation.dll - ok
14:37:10.0040 5064 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
14:37:10.0040 5064 C:\Windows\System32\stobject.dll - ok
14:37:10.0043 5064 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
14:37:10.0043 5064 C:\Windows\System32\batmeter.dll - ok
14:37:10.0045 5064 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
14:37:10.0045 5064 C:\Windows\System32\prnfldr.dll - ok
14:37:10.0046 5064 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
14:37:10.0046 5064 C:\Windows\System32\DXP.dll - ok
14:37:10.0049 5064 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
14:37:10.0049 5064 C:\Windows\System32\Syncreg.dll - ok
14:37:10.0051 5064 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
14:37:10.0051 5064 C:\Windows\ehome\ehSSO.dll - ok
14:37:10.0053 5064 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
14:37:10.0053 5064 C:\Windows\System32\AltTab.dll - ok
14:37:10.0055 5064 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
14:37:10.0055 5064 C:\Windows\System32\WPDShServiceObj.dll - ok
14:37:10.0057 5064 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
14:37:10.0057 5064 C:\Windows\System32\SearchIndexer.exe - ok
14:37:10.0059 5064 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
14:37:10.0059 5064 C:\Windows\System32\tquery.dll - ok
14:37:10.0060 5064 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
14:37:10.0060 5064 C:\Windows\System32\mssrch.dll - ok
14:37:10.0062 5064 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
14:37:10.0062 5064 C:\Windows\System32\pnidui.dll - ok
14:37:10.0064 5064 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
14:37:10.0064 5064 C:\Windows\System32\QUTIL.DLL - ok
14:37:10.0066 5064 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
14:37:10.0066 5064 C:\Windows\System32\esent.dll - ok
14:37:10.0068 5064 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
14:37:10.0068 5064 C:\Windows\System32\srchadmin.dll - ok
14:37:10.0070 5064 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
14:37:10.0070 5064 C:\Windows\System32\msidle.dll - ok
14:37:10.0072 5064 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
14:37:10.0072 5064 C:\Windows\System32\rasdlg.dll - ok
14:37:10.0075 5064 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
14:37:10.0075 5064 C:\Windows\System32\mssprxy.dll - ok
14:37:10.0077 5064 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
14:37:10.0077 5064 C:\Windows\System32\dot3api.dll - ok
14:37:10.0079 5064 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
14:37:10.0079 5064 C:\Windows\System32\wlanhlp.dll - ok
14:37:10.0081 5064 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
14:37:10.0081 5064 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
14:37:10.0083 5064 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
14:37:10.0083 5064 C:\Windows\System32\WWanAPI.dll - ok
14:37:10.0085 5064 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
14:37:10.0085 5064 C:\Windows\System32\en-US\tquery.dll.mui - ok
14:37:10.0087 5064 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
14:37:10.0087 5064 C:\Windows\System32\wwapi.dll - ok
14:37:10.0089 5064 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
14:37:10.0089 5064 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
14:37:10.0091 5064 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
14:37:10.0091 5064 C:\Windows\System32\QAGENT.DLL - ok
14:37:10.0093 5064 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
14:37:10.0093 5064 C:\Windows\System32\bthprops.cpl - ok
14:37:10.0095 5064 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:37:10.0095 5064 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:37:10.0097 5064 [ A555EC9827745E760BBABB7C6D4CE37F ] C:\Program Files\Internet Explorer\ieproxy.dll
14:37:10.0097 5064 C:\Program Files\Internet Explorer\ieproxy.dll - ok
14:37:10.0099 5064 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
14:37:10.0099 5064 C:\Windows\System32\wmdrmdev.dll - ok
14:37:10.0101 5064 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
14:37:10.0101 5064 C:\Windows\System32\wmp.dll - ok
14:37:10.0103 5064 [ 9209994CFBDF2814AC8CB16DA267600D ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe
14:37:10.0104 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\chrome.exe - ok
14:37:10.0106 5064 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
14:37:10.0106 5064 C:\Windows\System32\drmv2clt.dll - ok
14:37:10.0108 5064 [ F52634E7D7A363F2AB4AB2120E4A8ACE ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\chrome.dll
14:37:10.0108 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\chrome.dll - ok
14:37:10.0110 5064 [ 885FD19118BC7514590C5EEF31CD7D71 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\icudt.dll
14:37:10.0110 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\icudt.dll - ok
14:37:10.0112 5064 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
14:37:10.0112 5064 C:\Windows\System32\webcheck.dll - ok
14:37:10.0114 5064 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
14:37:10.0114 5064 C:\Windows\System32\mlang.dll - ok
14:37:10.0116 5064 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
14:37:10.0116 5064 C:\Windows\System32\SyncCenter.dll - ok
14:37:10.0118 5064 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
14:37:10.0118 5064 C:\Windows\System32\FXSST.dll - ok
14:37:10.0120 5064 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
14:37:10.0120 5064 C:\Windows\System32\FXSAPI.dll - ok
14:37:10.0122 5064 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
14:37:10.0122 5064 C:\Windows\System32\FXSRESM.dll - ok
14:37:10.0124 5064 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
14:37:10.0124 5064 C:\Windows\System32\blackbox.dll - ok
14:37:10.0126 5064 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
14:37:10.0126 5064 C:\Windows\System32\imapi2.dll - ok
14:37:10.0128 5064 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
14:37:10.0128 5064 C:\Windows\System32\FXSSVC.exe - ok
14:37:10.0130 5064 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
14:37:10.0130 5064 C:\Windows\System32\upnp.dll - ok
14:37:10.0132 5064 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
14:37:10.0132 5064 C:\Windows\System32\ssdpsrv.dll - ok
14:37:10.0134 5064 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
14:37:10.0134 5064 C:\Windows\System32\hgcpl.dll - ok
14:37:10.0136 5064 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
14:37:10.0136 5064 C:\Windows\SysWOW64\KBDUS.DLL - ok
14:37:10.0138 5064 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
14:37:10.0138 5064 C:\Windows\SysWOW64\mssprxy.dll - ok
14:37:10.0140 5064 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
14:37:10.0140 5064 C:\Windows\System32\wmploc.DLL - ok
14:37:10.0142 5064 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
14:37:10.0142 5064 C:\Windows\SysWOW64\Wpc.dll - ok
14:37:10.0144 5064 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
14:37:10.0144 5064 C:\Windows\SysWOW64\wevtapi.dll - ok
14:37:10.0146 5064 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
14:37:10.0146 5064 C:\Windows\SysWOW64\samlib.dll - ok
14:37:10.0148 5064 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
14:37:10.0148 5064 C:\Windows\SysWOW64\msftedit.dll - ok
14:37:10.0151 5064 [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\d3dcompiler_43.dll
14:37:10.0151 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\d3dcompiler_43.dll - ok
14:37:10.0153 5064 [ 0F2F2C982672FAD5D55450298E7E962C ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
14:37:10.0153 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll - ok
14:37:10.0155 5064 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
14:37:10.0155 5064 C:\Windows\SysWOW64\linkinfo.dll - ok
14:37:10.0157 5064 [ 86E39E9161C3D930D93822F1563C280D ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\d3dx9_43.dll
14:37:10.0157 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\d3dx9_43.dll - ok
14:37:10.0160 5064 [ 8B62C93760524569B9254DB70B16D98B ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll
14:37:10.0160 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppgooglenaclpluginchrome.dll - ok
14:37:10.0162 5064 [ 5BCFBC1BD4F8BAB9A2A15DFEAE5CE1DD ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll
14:37:10.0162 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll - ok
14:37:10.0163 5064 [ F37B4AEB402CE4DC7DDCC55AD0FD2EDF ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
14:37:10.0163 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll - ok
14:37:10.0166 5064 [ 28EE522EC405CC08A69F16A16921EF99 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll
14:37:10.0166 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll - ok
14:37:10.0168 5064 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
14:37:10.0168 5064 C:\Windows\SysWOW64\dxva2.dll - ok
14:37:10.0170 5064 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
14:37:10.0170 5064 C:\Windows\SysWOW64\mf.dll - ok
14:37:10.0172 5064 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
14:37:10.0172 5064 C:\Windows\System32\wmpps.dll - ok
14:37:10.0174 5064 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
14:37:10.0174 5064 C:\Windows\System32\notepad.exe - ok
14:37:10.0176 5064 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
14:37:10.0176 5064 C:\Windows\System32\oleres.dll - ok
14:37:10.0178 5064 [ 8862D4B7722A3E631435C33A78BB7B20 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
14:37:10.0178 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll - ok
14:37:10.0180 5064 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
14:37:10.0180 5064 C:\Windows\SysWOW64\atl.dll - ok
14:37:10.0182 5064 [ 92E76B2B0382A89E6A0C897D88065952 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
14:37:10.0182 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll - ok
14:37:10.0184 5064 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
14:37:10.0184 5064 C:\Windows\SysWOW64\mfplat.dll - ok
14:37:10.0186 5064 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
14:37:10.0186 5064 C:\Windows\SysWOW64\avrt.dll - ok
14:37:10.0188 5064 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
14:37:10.0188 5064 C:\Windows\SysWOW64\ksuser.dll - ok
14:37:10.0190 5064 [ 3DE43BFDAF3F8979699650202AA18B12 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
14:37:10.0190 5064 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
14:37:10.0192 5064 [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
14:37:10.0192 5064 C:\Windows\SysWOW64\evr.dll - ok
14:37:10.0194 5064 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
14:37:10.0194 5064 C:\Windows\SysWOW64\sqmapi.dll - ok
14:37:10.0196 5064 [ 50180B04EC08921D30B736122A691FA3 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll
14:37:10.0197 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\23.0.1271.95\PepperFlash\pepflashplayer.dll - ok
14:37:10.0199 5064 [ 0A7B01235B1CBFA387B04A91E2F2B7D0 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
14:37:10.0199 5064 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
14:37:10.0201 5064 [ 71DAA9A24C288CB7DF2DD5652A349A41 ] C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
14:37:10.0201 5064 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll - ok
14:37:10.0204 5064 [ 41700402834F793A8C06731E5CFBA62A ] C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
14:37:10.0204 5064 C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll - ok
14:37:10.0206 5064 [ 07BE13E5344FE1765BD10B9121CBD5A5 ] C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll
14:37:10.0206 5064 C:\Users\NunnBetter\AppData\Local\Google\Chrome\Application\plugins\npatgpc.dll - ok
14:37:10.0208 5064 [ 7B882AEBC5F6DBEA4E0361C0FC3E36D4 ] C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
14:37:10.0208 5064 C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL - ok
14:37:10.0210 5064 [ 84CBD6F6AA7EE399FBDC265B8EA64474 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
14:37:10.0210 5064 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
14:37:10.0213 5064 [ 7F7DB35D3F3EF1A860BB100A694912F8 ] C:\Program Files (x86)\Roblox\Versions\version-3ebe0cca16b6421c\NPRobloxProxy.dll
14:37:10.0213 5064 C:\Program Files (x86)\Roblox\Versions\version-3ebe0cca16b6421c\NPRobloxProxy.dll - ok
14:37:10.0215 5064 [ 7DD91826994E43192ABD0BD2AABE7954 ] C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
14:37:10.0215 5064 C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll - ok
14:37:10.0217 5064 [ AC421A44DE902F2627F1E63793ED89CD ] C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
14:37:10.0217 5064 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll - ok
14:37:10.0220 5064 [ 6A8A6B3C42CA4D1403C8FEA50BACEC63 ] C:\Users\NunnBetter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
14:37:10.0220 5064 C:\Users\NunnBetter\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - ok
14:37:10.0222 5064 [ 586FDC4E02623EE228EC35B9604AE5F2 ] C:\Users\NunnBetter\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
14:37:10.0222 5064 C:\Users\NunnBetter\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll - ok
14:37:10.0224 5064 [ 3D3CAF586124C4E8102764C8B3063BB6 ] C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
14:37:10.0224 5064 C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - ok
14:37:10.0226 5064 [ 9013599B12923A45C029C34E8D2211AC ] C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
14:37:10.0226 5064 C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll - ok
14:37:10.0229 5064 [ A44BFFA5D6CC1E909E6A3C16D9BB009B ] C:\PROGRA~2\McAfee\msc\NPMCSN~1.DLL
14:37:10.0229 5064 C:\PROGRA~2\McAfee\msc\NPMCSN~1.DLL - ok
14:37:10.0231 5064 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
14:37:10.0231 5064 C:\Windows\SysWOW64\devenum.dll - ok
14:37:10.0233 5064 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
14:37:10.0233 5064 C:\Windows\SysWOW64\msdmo.dll - ok
14:37:10.0235 5064 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
14:37:10.0235 5064 C:\Windows\SysWOW64\avicap32.dll - ok
14:37:10.0237 5064 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
14:37:10.0237 5064 C:\Windows\SysWOW64\msvfw32.dll - ok
14:37:10.0239 5064 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
14:37:10.0239 5064 C:\Windows\System32\wbem\NCProv.dll - ok
14:37:10.0241 5064 [ 2898035F522BA2989BBA8B9CFB020FD2 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aspColl.dll
14:37:10.0241 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aspColl.dll - ok
14:37:10.0243 5064 ============================================================
14:37:10.0243 5064 Scan finished
14:37:10.0243 5064 ============================================================
14:37:10.0247 5056 Detected object count: 5
14:37:10.0247 5056 Actual detected object count: 5
14:37:49.0594 5056 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - skipped by user
14:37:49.0594 5056 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:37:49.0594 5056 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
14:37:49.0594 5056 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:37:49.0596 5056 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user
14:37:49.0596 5056 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:37:49.0597 5056 QBVSS ( UnsignedFile.Multi.Generic ) - skipped by user
14:37:49.0597 5056 QBVSS ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:37:49.0598 5056 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:37:49.0598 5056 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
-
14:37:08.0024 5064 ================ Scan global ===============================
14:37:08.0041 5064 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:37:08.0049 5064 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:37:08.0055 5064 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
14:37:08.0071 5064 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:37:08.0100 5064 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:37:08.0106 5064 [Global] - ok
14:37:08.0106 5064 ================ Scan MBR ==================================
14:37:08.0120 5064 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
14:37:08.0330 5064 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:37:08.0330 5064 \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:37:08.0331 5064 ================ Scan VBR ==================================
14:37:08.0333 5064 [ 01B7EC96C4E7AD93BD3DECCC0413B802 ] \Device\Harddisk0\DR0\Partition1
14:37:08.0335 5064 \Device\Harddisk0\DR0\Partition1 - ok
14:37:08.0362 5064 [ 1936D34ADE4DD5A75710E703DB221DE3 ] \Device\Harddisk0\DR0\Partition2
14:37:08.0364 5064 \Device\Harddisk0\DR0\Partition2 - ok
14:37:08.0365 5064 ================ Scan active images ========================
14:37:08.0367 5064 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:37:08.0367 5064 C:\Windows\System32\drivers\crashdmp.sys - ok
14:37:08.0371 5064 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
14:37:08.0371 5064 C:\Windows\System32\drivers\Dumpata.sys - ok
14:37:08.0375 5064 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
14:37:08.0375 5064 C:\Windows\System32\drivers\atapi.sys - ok
14:37:08.0379 5064 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:37:08.0379 5064 C:\Windows\System32\drivers\dumpfve.sys - ok
14:37:08.0383 5064 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] C:\Windows\System32\drivers\aswSnx.sys
14:37:08.0383 5064 C:\Windows\System32\drivers\aswSnx.sys - ok
14:37:08.0387 5064 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:37:08.0387 5064 C:\Windows\System32\drivers\cdrom.sys - ok
14:37:08.0391 5064 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:37:08.0391 5064 C:\Windows\System32\drivers\beep.sys - ok
14:37:08.0393 5064 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:37:08.0393 5064 C:\Windows\System32\drivers\null.sys - ok
14:37:08.0395 5064 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:37:08.0395 5064 C:\Windows\System32\drivers\vga.sys - ok
14:37:08.0397 5064 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:37:08.0398 5064 C:\Windows\System32\drivers\videoprt.sys - ok
14:37:08.0400 5064 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:37:08.0400 5064 C:\Windows\System32\drivers\watchdog.sys - ok
14:37:08.0402 5064 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] C:\Windows\System32\drivers\aswTdi.sys
14:37:08.0402 5064 C:\Windows\System32\drivers\aswTdi.sys - ok
14:37:08.0404 5064 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
14:37:08.0404 5064 C:\Windows\System32\drivers\msfs.sys - ok
14:37:08.0406 5064 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
14:37:08.0406 5064 C:\Windows\System32\drivers\npfs.sys - ok
14:37:08.0408 5064 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:37:08.0408 5064 C:\Windows\System32\drivers\RDPCDD.sys - ok
14:37:08.0410 5064 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:37:08.0410 5064 C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:37:08.0412 5064 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
14:37:08.0412 5064 C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:37:08.0414 5064 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
14:37:08.0414 5064 C:\Windows\System32\drivers\tdi.sys - ok
14:37:08.0416 5064 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
14:37:08.0416 5064 C:\Windows\System32\drivers\tdx.sys - ok
14:37:08.0418 5064 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
14:37:08.0418 5064 C:\Windows\System32\drivers\afd.sys - ok
14:37:08.0420 5064 [ 57768C7DB4681F2510F247F82EF31D4F ] C:\Windows\System32\drivers\aswRdr2.sys
14:37:08.0420 5064 C:\Windows\System32\drivers\aswRdr2.sys - ok
14:37:08.0422 5064 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
14:37:08.0422 5064 C:\Windows\System32\drivers\netbt.sys - ok
14:37:08.0424 5064 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
14:37:08.0424 5064 C:\Windows\System32\drivers\ws2ifsl.sys - ok
14:37:08.0426 5064 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
14:37:08.0426 5064 C:\Windows\System32\drivers\netbios.sys - ok
14:37:08.0428 5064 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
14:37:08.0428 5064 C:\Windows\System32\drivers\nsiproxy.sys - ok
14:37:08.0430 5064 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
14:37:08.0430 5064 C:\Windows\System32\drivers\pacer.sys - ok
14:37:08.0432 5064 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
14:37:08.0432 5064 C:\Windows\System32\drivers\rdbss.sys - ok
14:37:08.0435 5064 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
14:37:08.0435 5064 C:\Windows\System32\drivers\termdd.sys - ok
14:37:08.0437 5064 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
14:37:08.0437 5064 C:\Windows\System32\drivers\vwififlt.sys - ok
14:37:08.0439 5064 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
14:37:08.0439 5064 C:\Windows\System32\drivers\wanarp.sys - ok
14:37:08.0441 5064 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
14:37:08.0441 5064 C:\Windows\System32\drivers\wfplwf.sys - ok
14:37:08.0443 5064 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
14:37:08.0443 5064 C:\Windows\System32\drivers\blbdrive.sys - ok
14:37:08.0445 5064 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
14:37:08.0445 5064 C:\Windows\System32\drivers\dfsc.sys - ok
14:37:08.0447 5064 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
14:37:08.0447 5064 C:\Windows\System32\drivers\discache.sys - ok
14:37:08.0449 5064 [ 1D684EFB269D24E02550536100799F9C ] C:\Windows\System32\drivers\Fp.sys
14:37:08.0449 5064 C:\Windows\System32\drivers\Fp.sys - ok
14:37:08.0451 5064 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
14:37:08.0451 5064 C:\Windows\System32\drivers\mssmbios.sys - ok
14:37:08.0453 5064 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] C:\Windows\System32\drivers\aswSP.sys
14:37:08.0453 5064 C:\Windows\System32\drivers\aswSP.sys - ok
14:37:08.0455 5064 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
14:37:08.0455 5064 C:\Windows\System32\drivers\tunnel.sys - ok
14:37:08.0457 5064 [ EFE5A0AF39A8E179624117C521F1E012 ] C:\Windows\System32\drivers\igdkmd64.sys
14:37:08.0457 5064 C:\Windows\System32\drivers\igdkmd64.sys - ok
14:37:08.0460 5064 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
14:37:08.0460 5064 C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:37:08.0461 5064 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
14:37:08.0461 5064 C:\Windows\System32\ntdll.dll - ok
14:37:08.0463 5064 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
14:37:08.0463 5064 C:\Windows\System32\smss.exe - ok
14:37:08.0466 5064 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
14:37:08.0466 5064 C:\Windows\System32\drivers\dxgmms1.sys - ok
14:37:08.0468 5064 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
14:37:08.0468 5064 C:\Windows\System32\drivers\HECIx64.sys - ok
14:37:08.0470 5064 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
14:37:08.0470 5064 C:\Windows\System32\drivers\hdaudbus.sys - ok
14:37:08.0472 5064 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
14:37:08.0472 5064 C:\Windows\System32\drivers\Rt64win7.sys - ok
14:37:08.0474 5064 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
14:37:08.0474 5064 C:\Windows\System32\drivers\usbehci.sys - ok
14:37:08.0476 5064 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
14:37:08.0476 5064 C:\Windows\System32\drivers\usbport.sys - ok
14:37:08.0478 5064 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
14:37:08.0478 5064 C:\Windows\System32\drivers\agilevpn.sys - ok
14:37:08.0480 5064 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
14:37:08.0480 5064 C:\Windows\System32\drivers\CompositeBus.sys - ok
14:37:08.0483 5064 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
14:37:08.0483 5064 C:\Windows\System32\drivers\intelppm.sys - ok
14:37:08.0485 5064 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
14:37:08.0485 5064 C:\Windows\System32\drivers\ndistapi.sys - ok
14:37:08.0487 5064 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
14:37:08.0487 5064 C:\Windows\System32\drivers\ndiswan.sys - ok
14:37:08.0489 5064 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
14:37:08.0489 5064 C:\Windows\System32\drivers\rasl2tp.sys - ok
14:37:08.0491 5064 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
14:37:08.0491 5064 C:\Windows\System32\drivers\kbdclass.sys - ok
14:37:08.0493 5064 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
14:37:08.0493 5064 C:\Windows\System32\drivers\mouclass.sys - ok
14:37:08.0495 5064 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
14:37:08.0495 5064 C:\Windows\System32\drivers\raspppoe.sys - ok
14:37:08.0497 5064 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
14:37:08.0497 5064 C:\Windows\System32\drivers\raspptp.sys - ok
14:37:08.0500 5064 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
14:37:08.0500 5064 C:\Windows\System32\drivers\rassstp.sys - ok
14:37:08.0502 5064 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
14:37:08.0502 5064 C:\Windows\System32\autochk.exe - ok
14:37:08.0504 5064 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
14:37:08.0504 5064 C:\Windows\System32\drivers\ks.sys - ok
14:37:08.0506 5064 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
14:37:08.0506 5064 C:\Windows\System32\drivers\swenum.sys - ok
14:37:08.0508 5064 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
14:37:08.0508 5064 C:\Windows\System32\drivers\umbus.sys - ok
14:37:08.0510 5064 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
14:37:08.0510 5064 C:\Windows\System32\drivers\usbhub.sys - ok
14:37:08.0512 5064 [ A19DB004D954BBC9C4EC125711E1D1C2 ] C:\Windows\System32\wininet.dll
14:37:08.0512 5064 C:\Windows\System32\wininet.dll - ok
14:37:08.0514 5064 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
14:37:08.0514 5064 C:\Windows\System32\comdlg32.dll - ok
14:37:08.0516 5064 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
14:37:08.0516 5064 C:\Windows\System32\drivers\ndproxy.sys - ok
14:37:08.0518 5064 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
14:37:08.0518 5064 C:\Windows\System32\drivers\drmk.sys - ok
14:37:08.0520 5064 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] C:\Windows\System32\drivers\CHDRT64.sys
14:37:08.0521 5064 C:\Windows\System32\drivers\CHDRT64.sys - ok
14:37:08.0523 5064 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
14:37:08.0523 5064 C:\Windows\System32\drivers\IntcDAud.sys - ok
14:37:08.0525 5064 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
14:37:08.0525 5064 C:\Windows\System32\drivers\ksthunk.sys - ok
14:37:08.0527 5064 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
14:37:08.0527 5064 C:\Windows\System32\drivers\portcls.sys - ok
14:37:08.0529 5064 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
14:37:08.0529 5064 C:\Windows\System32\nsi.dll - ok
14:37:08.0531 5064 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
14:37:08.0531 5064 C:\Windows\System32\ws2_32.dll - ok
14:37:08.0533 5064 [ B393753ECE9A9E2307CB1984ACF3DA9D ] C:\Windows\System32\drivers\mfeavfk.sys
14:37:08.0533 5064 C:\Windows\System32\drivers\mfeavfk.sys - ok
14:37:08.0535 5064 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] C:\Windows\System32\drivers\mfefirek.sys
14:37:08.0535 5064 C:\Windows\System32\drivers\mfefirek.sys - ok
14:37:08.0537 5064 [ E519FD2CE6D57062400537C95C3B17FD ] C:\Windows\System32\urlmon.dll
14:37:08.0537 5064 C:\Windows\System32\urlmon.dll - ok
14:37:08.0539 5064 [ EAF41CFBA5281834CBC383C710AC7965 ] C:\Windows\System32\kernel32.dll
14:37:08.0539 5064 C:\Windows\System32\kernel32.dll - ok
14:37:08.0541 5064 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
14:37:08.0541 5064 C:\Windows\System32\msvcrt.dll - ok
14:37:08.0543 5064 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
14:37:08.0543 5064 C:\Windows\System32\lpk.dll - ok
14:37:08.0545 5064 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
14:37:08.0545 5064 C:\Windows\System32\oleaut32.dll - ok
14:37:08.0547 5064 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
14:37:08.0547 5064 C:\Windows\System32\rpcrt4.dll - ok
14:37:08.0549 5064 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
14:37:08.0549 5064 C:\Windows\System32\sechost.dll - ok
14:37:08.0551 5064 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
14:37:08.0551 5064 C:\Windows\System32\shlwapi.dll - ok
14:37:08.0553 5064 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
14:37:08.0553 5064 C:\Windows\System32\shell32.dll - ok
14:37:08.0555 5064 [ 6F6D81F3D513D927EB6D393EEC7FF851 ] C:\Windows\System32\usp10.dll
14:37:08.0555 5064 C:\Windows\System32\usp10.dll - ok
14:37:08.0557 5064 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
14:37:08.0557 5064 C:\Windows\System32\msctf.dll - ok
14:37:08.0559 5064 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
14:37:08.0559 5064 C:\Windows\System32\psapi.dll - ok
14:37:08.0561 5064 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
14:37:08.0561 5064 C:\Windows\System32\advapi32.dll - ok
14:37:08.0563 5064 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
14:37:08.0563 5064 C:\Windows\System32\user32.dll - ok
14:37:08.0565 5064 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
14:37:08.0565 5064 C:\Windows\System32\imm32.dll - ok
14:37:08.0567 5064 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
14:37:08.0567 5064 C:\Windows\System32\Wldap32.dll - ok
14:37:08.0569 5064 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
14:37:08.0569 5064 C:\Windows\System32\difxapi.dll - ok
14:37:08.0571 5064 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
14:37:08.0571 5064 C:\Windows\System32\setupapi.dll - ok
14:37:08.0573 5064 [ D25968D163EC487A50C8C6A91D4134B4 ] C:\Windows\System32\iertutil.dll
14:37:08.0573 5064 C:\Windows\System32\iertutil.dll - ok
14:37:08.0575 5064 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
14:37:08.0575 5064 C:\Windows\System32\imagehlp.dll - ok
14:37:08.0577 5064 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
14:37:08.0577 5064 C:\Windows\System32\ole32.dll - ok
14:37:08.0579 5064 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
14:37:08.0579 5064 C:\Windows\System32\clbcatq.dll - ok
14:37:08.0581 5064 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
14:37:08.0581 5064 C:\Windows\System32\gdi32.dll - ok
14:37:08.0584 5064 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
14:37:08.0584 5064 C:\Windows\System32\normaliz.dll - ok
14:37:08.0586 5064 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
14:37:08.0586 5064 C:\Windows\System32\cfgmgr32.dll - ok
14:37:08.0588 5064 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
14:37:08.0588 5064 C:\Windows\System32\devobj.dll - ok
14:37:08.0590 5064 [ CF0997050DB2B359D7F4103092296A1B ] C:\Windows\System32\KernelBase.dll
14:37:08.0590 5064 C:\Windows\System32\KernelBase.dll - ok
14:37:08.0592 5064 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
14:37:08.0592 5064 C:\Windows\System32\crypt32.dll - ok
14:37:08.0594 5064 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
14:37:08.0594 5064 C:\Windows\System32\comctl32.dll - ok
14:37:08.0596 5064 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
14:37:08.0596 5064 C:\Windows\System32\wintrust.dll - ok
14:37:08.0598 5064 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
14:37:08.0598 5064 C:\Windows\System32\msasn1.dll - ok
14:37:08.0600 5064 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
14:37:08.0600 5064 C:\Windows\SysWOW64\normaliz.dll - ok
14:37:08.0602 5064 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
14:37:08.0602 5064 C:\Windows\System32\drivers\hidclass.sys - ok
14:37:08.0604 5064 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
14:37:08.0604 5064 C:\Windows\System32\drivers\hidparse.sys - ok
14:37:08.0607 5064 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
14:37:08.0607 5064 C:\Windows\System32\drivers\hidusb.sys - ok
14:37:08.0609 5064 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
14:37:08.0609 5064 C:\Windows\System32\drivers\usbd.sys - ok
14:37:08.0611 5064 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
14:37:08.0611 5064 C:\Windows\System32\drivers\dxapi.sys - ok
14:37:08.0613 5064 [ 34B419EDEAC6F12B34908DE3758F98C9 ] C:\Windows\System32\win32k.sys
14:37:08.0613 5064 C:\Windows\System32\win32k.sys - ok
14:37:08.0615 5064 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
14:37:08.0615 5064 C:\Windows\System32\drivers\kbdhid.sys - ok
14:37:08.0617 5064 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
14:37:08.0617 5064 C:\Windows\System32\drivers\usbprint.sys - ok
14:37:08.0619 5064 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
14:37:08.0619 5064 C:\Windows\System32\drivers\USBSTOR.SYS - ok
14:37:08.0621 5064 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
14:37:08.0621 5064 C:\Windows\System32\drivers\mouhid.sys - ok
14:37:08.0623 5064 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
14:37:08.0623 5064 C:\Windows\System32\csrss.exe - ok
14:37:08.0625 5064 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
14:37:08.0625 5064 C:\Windows\System32\csrsrv.dll - ok
14:37:08.0627 5064 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
14:37:08.0627 5064 C:\Windows\System32\basesrv.dll - ok
14:37:08.0629 5064 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\System32\winsrv.dll
14:37:08.0629 5064 C:\Windows\System32\winsrv.dll - ok
14:37:08.0631 5064 [ B330CE846D1C672F640D3B3647CEF86D ] C:\Windows\System32\drivers\netr28ux.sys
14:37:08.0631 5064 C:\Windows\System32\drivers\netr28ux.sys - ok
14:37:08.0633 5064 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
14:37:08.0633 5064 C:\Windows\System32\drivers\serenum.sys - ok
14:37:08.0635 5064 [ 4FD2F1366055D55F0D10B2568526AB78 ] C:\Windows\System32\drivers\u2s2kxp64.sys
14:37:08.0635 5064 C:\Windows\System32\drivers\u2s2kxp64.sys - ok
14:37:08.0637 5064 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
14:37:08.0637 5064 C:\Windows\System32\drivers\vwifibus.sys - ok
14:37:08.0640 5064 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
14:37:08.0640 5064 C:\Windows\System32\drivers\monitor.sys - ok
14:37:08.0642 5064 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] C:\Windows\System32\drivers\point64.sys
14:37:08.0642 5064 C:\Windows\System32\drivers\point64.sys - ok
14:37:08.0644 5064 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
14:37:08.0644 5064 C:\Windows\System32\tsddd.dll - ok
14:37:08.0645 5064 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
14:37:08.0646 5064 C:\Windows\System32\KBDUS.DLL - ok
14:37:08.0648 5064 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
14:37:08.0648 5064 C:\Windows\System32\profapi.dll - ok
14:37:08.0650 5064 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
14:37:08.0650 5064 C:\Windows\System32\RpcRtRemote.dll - ok
14:37:08.0652 5064 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
14:37:08.0652 5064 C:\Windows\System32\sxssrv.dll - ok
14:37:08.0654 5064 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
14:37:08.0654 5064 C:\Windows\System32\wininit.exe - ok
14:37:08.0656 5064 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
14:37:08.0656 5064 C:\Windows\System32\cdd.dll - ok
14:37:08.0658 5064 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
14:37:08.0658 5064 C:\Windows\System32\WlS0WndH.dll - ok
14:37:08.0660 5064 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
14:37:08.0660 5064 C:\Windows\System32\sxs.dll - ok
14:37:08.0661 5064 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
14:37:08.0661 5064 C:\Windows\System32\cryptbase.dll - ok
14:37:08.0663 5064 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
14:37:08.0663 5064 C:\Windows\System32\apphelp.dll - ok
14:37:08.0665 5064 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
14:37:08.0665 5064 C:\Windows\System32\winlogon.exe - ok
14:37:08.0667 5064 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
14:37:08.0667 5064 C:\Windows\System32\winsta.dll - ok
14:37:08.0669 5064 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
14:37:08.0669 5064 C:\Windows\System32\lsasrv.dll - ok
14:37:08.0671 5064 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
14:37:08.0671 5064 C:\Windows\System32\lsass.exe - ok
14:37:08.0673 5064 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
14:37:08.0673 5064 C:\Windows\System32\lsm.exe - ok
14:37:08.0675 5064 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
14:37:08.0675 5064 C:\Windows\System32\scext.dll - ok
14:37:08.0677 5064 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
14:37:08.0677 5064 C:\Windows\System32\secur32.dll - ok
14:37:08.0679 5064 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\Services.exe
14:37:08.0679 5064 C:\Windows\System32\Services.exe - ok
14:37:08.0681 5064 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
14:37:08.0681 5064 C:\Windows\System32\sspicli.dll - ok
14:37:08.0683 5064 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
14:37:08.0683 5064 C:\Windows\System32\sspisrv.dll - ok
14:37:08.0685 5064 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
14:37:08.0685 5064 C:\Windows\System32\scesrv.dll - ok
14:37:08.0687 5064 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
14:37:08.0687 5064 C:\Windows\System32\sysntfy.dll - ok
14:37:08.0689 5064 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
14:37:08.0689 5064 C:\Windows\System32\wmsgapi.dll - ok
14:37:08.0691 5064 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
14:37:08.0691 5064 C:\Windows\System32\cryptdll.dll - ok
14:37:08.0693 5064 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
14:37:08.0693 5064 C:\Windows\System32\samsrv.dll - ok
14:37:08.0695 5064 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
14:37:08.0695 5064 C:\Windows\System32\srvcli.dll - ok
14:37:08.0697 5064 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
14:37:08.0697 5064 C:\Windows\System32\wevtapi.dll - ok
14:37:08.0699 5064 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
14:37:08.0699 5064 C:\Windows\System32\authz.dll - ok
14:37:08.0701 5064 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
14:37:08.0701 5064 C:\Windows\System32\bcrypt.dll - ok
14:37:08.0703 5064 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
14:37:08.0703 5064 C:\Windows\System32\cngaudit.dll - ok
14:37:08.0705 5064 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
14:37:08.0705 5064 C:\Windows\System32\msprivs.dll - ok
14:37:08.0707 5064 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
14:37:08.0707 5064 C:\Windows\System32\ncrypt.dll - ok
14:37:08.0709 5064 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
14:37:08.0709 5064 C:\Windows\System32\netjoin.dll - ok
14:37:08.0711 5064 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
14:37:08.0711 5064 C:\Windows\System32\negoexts.dll - ok
14:37:08.0713 5064 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
14:37:08.0713 5064 C:\Windows\System32\cryptsp.dll - ok
14:37:08.0715 5064 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
14:37:08.0715 5064 C:\Windows\System32\kerberos.dll - ok
14:37:08.0717 5064 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
14:37:08.0717 5064 C:\Windows\System32\msv1_0.dll - ok
14:37:08.0719 5064 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
14:37:08.0719 5064 C:\Windows\System32\mswsock.dll - ok
14:37:08.0721 5064 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
14:37:08.0721 5064 C:\Windows\System32\wship6.dll - ok
14:37:08.0723 5064 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
14:37:08.0723 5064 C:\Windows\System32\netlogon.dll - ok
14:37:08.0725 5064 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
14:37:08.0725 5064 C:\Windows\System32\atmfd.dll - ok
14:37:08.0727 5064 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
14:37:08.0727 5064 C:\Windows\System32\dnsapi.dll - ok
14:37:08.0729 5064 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
14:37:08.0729 5064 C:\Windows\System32\logoncli.dll - ok
14:37:08.0731 5064 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
14:37:08.0731 5064 C:\Windows\System32\schannel.dll - ok
14:37:08.0733 5064 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
14:37:08.0734 5064 C:\Windows\System32\wdigest.dll - ok
14:37:08.0735 5064 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
14:37:08.0735 5064 C:\Windows\System32\rsaenh.dll - ok
14:37:08.0737 5064 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
14:37:08.0737 5064 C:\Windows\System32\TSpkg.dll - ok
14:37:08.0739 5064 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
14:37:08.0739 5064 C:\Windows\System32\pku2u.dll - ok
14:37:08.0741 5064 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
14:37:08.0741 5064 C:\Windows\System32\bcryptprimitives.dll - ok
14:37:08.0744 5064 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
14:37:08.0744 5064 C:\Windows\System32\LIVESSP.DLL - ok
14:37:08.0746 5064 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
14:37:08.0746 5064 C:\Windows\System32\credssp.dll - ok
14:37:08.0748 5064 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
14:37:08.0748 5064 C:\Windows\System32\efslsaext.dll - ok
14:37:08.0750 5064 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
14:37:08.0750 5064 C:\Windows\System32\scecli.dll - ok
14:37:08.0752 5064 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
14:37:08.0752 5064 C:\Windows\System32\ubpm.dll - ok
14:37:08.0754 5064 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
14:37:08.0754 5064 C:\Windows\System32\svchost.exe - ok
14:37:08.0756 5064 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
14:37:08.0756 5064 C:\Windows\System32\umpnpmgr.dll - ok
14:37:08.0758 5064 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
14:37:08.0758 5064 C:\Windows\System32\SPInf.dll - ok
14:37:08.0760 5064 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
14:37:08.0760 5064 C:\Windows\System32\devrtl.dll - ok
14:37:08.0762 5064 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
14:37:08.0762 5064 C:\Windows\System32\gpapi.dll - ok
14:37:08.0764 5064 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
14:37:08.0764 5064 C:\Windows\System32\userenv.dll - ok
14:37:08.0766 5064 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
14:37:08.0766 5064 C:\Windows\System32\umpo.dll - ok
14:37:08.0768 5064 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
14:37:08.0768 5064 C:\Windows\System32\pcwum.dll - ok
14:37:08.0770 5064 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
14:37:08.0770 5064 C:\Windows\System32\powrprof.dll - ok
14:37:08.0772 5064 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] C:\Windows\System32\drivers\aswFsBlk.sys
14:37:08.0772 5064 C:\Windows\System32\drivers\aswFsBlk.sys - ok
14:37:08.0774 5064 [ B50CDD87772D6A11CB90924AAD399DF8 ] C:\Windows\System32\drivers\aswMonFlt.sys
14:37:08.0774 5064 C:\Windows\System32\drivers\aswMonFlt.sys - ok
14:37:08.0776 5064 [ 8F571F016FA1976F445147E9E6C8AE9B ] C:\Windows\System32\drivers\Sftvollh.sys
14:37:08.0776 5064 C:\Windows\System32\drivers\Sftvollh.sys - ok
14:37:08.0778 5064 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
14:37:08.0778 5064 C:\Windows\System32\drivers\WUDFPf.sys - ok
14:37:08.0780 5064 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
14:37:08.0780 5064 C:\Windows\System32\RpcEpMap.dll - ok
14:37:08.0782 5064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
14:37:08.0782 5064 C:\Windows\System32\rpcss.dll - ok
14:37:08.0785 5064 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
14:37:08.0785 5064 C:\Windows\System32\WSHTCPIP.DLL - ok
14:37:08.0787 5064 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
14:37:08.0787 5064 C:\Windows\System32\wshqos.dll - ok
14:37:08.0789 5064 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
14:37:08.0789 5064 C:\Windows\System32\FirewallAPI.dll - ok
14:37:08.0791 5064 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
14:37:08.0791 5064 C:\Windows\System32\version.dll - ok
14:37:08.0793 5064 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
14:37:08.0793 5064 C:\Windows\System32\wevtsvc.dll - ok
14:37:08.0795 5064 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
14:37:08.0795 5064 C:\Windows\System32\avrt.dll - ok
14:37:08.0797 5064 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
14:37:08.0797 5064 C:\Windows\System32\mmcss.dll - ok
14:37:08.0799 5064 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
14:37:08.0799 5064 C:\Windows\System32\audiosrv.dll - ok
14:37:08.0801 5064 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
14:37:08.0801 5064 C:\Windows\System32\MMDevAPI.dll - ok
14:37:08.0803 5064 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
14:37:08.0803 5064 C:\Windows\System32\netprofm.dll - ok
14:37:08.0805 5064 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
14:37:08.0805 5064 C:\Windows\System32\propsys.dll - ok
14:37:08.0807 5064 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
14:37:08.0807 5064 C:\Windows\System32\audiodg.exe - ok
14:37:08.0809 5064 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
14:37:08.0809 5064 C:\Windows\System32\LogonUI.exe - ok
14:37:08.0811 5064 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
14:37:08.0811 5064 C:\Windows\System32\ntmarta.dll - ok
14:37:08.0813 5064 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
14:37:08.0813 5064 C:\Windows\System32\gpsvc.dll - ok
14:37:08.0815 5064 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
14:37:08.0815 5064 C:\Windows\System32\nlaapi.dll - ok
14:37:08.0817 5064 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
14:37:08.0817 5064 C:\Windows\System32\profsvc.dll - ok
14:37:08.0819 5064 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
14:37:08.0819 5064 C:\Windows\System32\atl.dll - ok
14:37:08.0821 5064 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
14:37:08.0821 5064 C:\Windows\System32\dsrole.dll - ok
14:37:08.0823 5064 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
14:37:08.0823 5064 C:\Windows\System32\slc.dll - ok
14:37:08.0825 5064 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
14:37:08.0825 5064 C:\Windows\System32\themeservice.dll - ok
14:37:08.0827 5064 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
14:37:08.0827 5064 C:\Windows\System32\es.dll - ok
14:37:08.0829 5064 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
14:37:08.0829 5064 C:\Windows\System32\Sens.dll - ok
14:37:08.0831 5064 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
14:37:08.0831 5064 C:\Windows\System32\uxsms.dll - ok
14:37:08.0833 5064 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
14:37:08.0833 5064 C:\Windows\System32\wtsapi32.dll - ok
14:37:08.0835 5064 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
14:37:08.0835 5064 C:\Windows\System32\WUDFPlatform.dll - ok
14:37:08.0837 5064 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
14:37:08.0837 5064 C:\Windows\System32\WUDFSvc.dll - ok
14:37:08.0840 5064 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
14:37:08.0840 5064 C:\Windows\System32\drivers\lltdio.sys - ok
14:37:08.0842 5064 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
14:37:08.0842 5064 C:\Windows\System32\drivers\nwifi.sys - ok
14:37:08.0844 5064 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
14:37:08.0844 5064 C:\Windows\System32\drivers\ndisuio.sys - ok
14:37:08.0846 5064 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
14:37:08.0846 5064 C:\Windows\System32\dhcpcore.dll - ok
14:37:08.0848 5064 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
14:37:08.0848 5064 C:\Windows\System32\dnsrslvr.dll - ok
14:37:08.0850 5064 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
14:37:08.0850 5064 C:\Windows\System32\drivers\rspndr.sys - ok
14:37:08.0852 5064 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
14:37:08.0852 5064 C:\Windows\System32\IPHLPAPI.DLL - ok
14:37:08.0854 5064 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
14:37:08.0854 5064 C:\Windows\System32\keyiso.dll - ok
14:37:08.0856 5064 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
14:37:08.0856 5064 C:\Windows\System32\lmhsvc.dll - ok
14:37:08.0858 5064 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
14:37:08.0858 5064 C:\Windows\System32\nrpsrv.dll - ok
14:37:08.0860 5064 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
14:37:08.0860 5064 C:\Windows\System32\nsisvc.dll - ok
14:37:08.0862 5064 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
14:37:08.0862 5064 C:\Windows\System32\winnsi.dll - ok
14:37:08.0864 5064 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
14:37:08.0864 5064 C:\Windows\System32\dhcpcore6.dll - ok
14:37:08.0866 5064 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
14:37:08.0866 5064 C:\Windows\System32\eapphost.dll - ok
14:37:08.0868 5064 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
14:37:08.0868 5064 C:\Windows\System32\eapsvc.dll - ok
14:37:08.0870 5064 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
14:37:08.0870 5064 C:\Windows\System32\FWPUCLNT.DLL - ok
14:37:08.0872 5064 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
14:37:08.0872 5064 C:\Windows\System32\dhcpcsvc.dll - ok
14:37:08.0874 5064 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
14:37:08.0874 5064 C:\Windows\System32\dhcpcsvc6.dll - ok
14:37:08.0876 5064 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
14:37:08.0876 5064 C:\Windows\System32\dnsext.dll - ok
14:37:08.0878 5064 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
14:37:08.0878 5064 C:\Windows\System32\adtschema.dll - ok
14:37:08.0880 5064 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
14:37:08.0880 5064 C:\Windows\System32\umb.dll - ok
14:37:08.0882 5064 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
14:37:08.0882 5064 C:\Windows\System32\wlansvc.dll - ok
14:37:08.0884 5064 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
14:37:08.0884 5064 C:\Windows\System32\onex.dll - ok
14:37:08.0886 5064 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
14:37:08.0886 5064 C:\Windows\System32\wlanmsm.dll - ok
14:37:08.0888 5064 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
14:37:08.0888 5064 C:\Windows\System32\wlansec.dll - ok
14:37:08.0891 5064 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
14:37:08.0891 5064 C:\Windows\System32\eappcfg.dll - ok
14:37:08.0893 5064 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
14:37:08.0893 5064 C:\Windows\System32\eappprxy.dll - ok
14:37:08.0895 5064 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
14:37:08.0895 5064 C:\Windows\System32\l2gpstore.dll - ok
14:37:08.0897 5064 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
14:37:08.0897 5064 C:\Windows\System32\WinSCard.dll - ok
14:37:08.0899 5064 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
14:37:08.0899 5064 C:\Windows\System32\wlanutil.dll - ok
14:37:08.0901 5064 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
14:37:08.0901 5064 C:\Windows\System32\wlgpclnt.dll - ok
14:37:08.0903 5064 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
14:37:08.0903 5064 C:\Windows\System32\msxml6.dll - ok
14:37:08.0905 5064 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
14:37:08.0905 5064 C:\Windows\System32\wlanext.exe - ok
14:37:08.0907 5064 [ 402B44B31C7183FCF2C4E1083AF317FA ] C:\Windows\System32\conhost.exe
14:37:08.0907 5064 C:\Windows\System32\conhost.exe - ok
14:37:08.0909 5064 [ A12F562D3520B78FC5FD7791BA2C1A6B ] C:\Windows\System32\RaIHV.dll
14:37:08.0909 5064 C:\Windows\System32\RaIHV.dll - ok
14:37:08.0910 5064 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
14:37:08.0910 5064 C:\Windows\System32\authui.dll - ok
14:37:08.0912 5064 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
14:37:08.0912 5064 C:\Windows\System32\comres.dll - ok
14:37:08.0914 5064 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
14:37:08.0914 5064 C:\Windows\System32\cryptui.dll - ok
14:37:08.0917 5064 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
14:37:08.0917 5064 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
14:37:08.0919 5064 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
14:37:08.0919 5064 C:\Windows\System32\samlib.dll - ok
14:37:08.0921 5064 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
14:37:08.0921 5064 C:\Windows\System32\shacct.dll - ok
14:37:08.0923 5064 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
14:37:08.0923 5064 C:\Windows\System32\uxtheme.dll - ok
14:37:08.0925 5064 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
14:37:08.0925 5064 C:\Windows\System32\ksuser.dll - ok
14:37:08.0927 5064 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
14:37:08.0927 5064 C:\Windows\System32\wdmaud.drv - ok
14:37:08.0929 5064 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
14:37:08.0929 5064 C:\Windows\System32\winmm.dll - ok
14:37:08.0931 5064 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
14:37:08.0931 5064 C:\Windows\System32\AudioSes.dll - ok
14:37:08.0933 5064 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
14:37:08.0933 5064 C:\Windows\System32\midimap.dll - ok
14:37:08.0935 5064 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
14:37:08.0935 5064 C:\Windows\System32\msacm32.dll - ok
14:37:08.0937 5064 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
14:37:08.0937 5064 C:\Windows\System32\msacm32.drv - ok
14:37:08.0939 5064 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
14:37:08.0939 5064 C:\Windows\System32\AudioEng.dll - ok
14:37:08.0941 5064 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
14:37:08.0941 5064 C:\Windows\System32\AUDIOKSE.dll - ok
14:37:08.0943 5064 [ AA0B1A7B4750F655936F2F82B5E84428 ] C:\Windows\System32\CX64AP40.dll
14:37:08.0943 5064 C:\Windows\System32\CX64AP40.dll - ok
14:37:08.0945 5064 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
14:37:08.0945 5064 C:\Windows\System32\WMALFXGFXDSP.dll - ok
14:37:08.0947 5064 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
14:37:08.0947 5064 C:\Windows\System32\mfplat.dll - ok
14:37:08.0950 5064 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
14:37:08.0950 5064 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
14:37:08.0952 5064 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
14:37:08.0952 5064 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
14:37:08.0954 5064 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:37:08.0954 5064 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
14:37:08.0956 5064 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
14:37:08.0956 5064 C:\Windows\System32\dui70.dll - ok
14:37:08.0958 5064 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
14:37:08.0958 5064 C:\Windows\System32\duser.dll - ok
14:37:08.0960 5064 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
14:37:08.0960 5064 C:\Windows\System32\MPSSVC.dll - ok
14:37:08.0962 5064 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
14:37:08.0962 5064 C:\Windows\System32\dwmapi.dll - ok
14:37:08.0964 5064 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
14:37:08.0964 5064 C:\Windows\System32\hid.dll - ok
14:37:08.0966 5064 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
14:37:08.0966 5064 C:\Windows\System32\SndVolSSO.dll - ok
14:37:08.0968 5064 [ D29902687A6110FE637F87189C6A3FB5 ] C:\Windows\System32\wow64.dll
14:37:08.0968 5064 C:\Windows\System32\wow64.dll - ok
14:37:08.0970 5064 [ CFBE90EF20EE550F4A6B74CED16DAFCA ] C:\Windows\System32\wow64win.dll
14:37:08.0970 5064 C:\Windows\System32\wow64win.dll - ok
14:37:08.0972 5064 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
14:37:08.0972 5064 C:\Windows\System32\xmllite.dll - ok
14:37:08.0974 5064 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
14:37:08.0974 5064 C:\Windows\SysWOW64\ntdll.dll - ok
14:37:08.0976 5064 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
14:37:08.0976 5064 C:\Windows\System32\WindowsCodecs.dll - ok
14:37:08.0978 5064 [ E9EEC159B08BFDD76FAD2C1C333223B3 ] C:\Windows\System32\wow64cpu.dll
14:37:08.0978 5064 C:\Windows\System32\wow64cpu.dll - ok
14:37:08.0980 5064 [ 9B98D47916EAD4F69EF51B56B0C2323C ] C:\Windows\SysWOW64\kernel32.dll
14:37:08.0980 5064 C:\Windows\SysWOW64\kernel32.dll - ok
14:37:08.0982 5064 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
14:37:08.0982 5064 C:\Windows\System32\drivers\fltMgr.sys - ok
14:37:08.0984 5064 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
14:37:08.0984 5064 C:\Windows\System32\PSHED.DLL - ok
14:37:08.0986 5064 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
14:37:08.0986 5064 C:\Windows\System32\winbrand.dll - ok
14:37:08.0988 5064 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
14:37:08.0988 5064 C:\Windows\System32\VaultCredProvider.dll - ok
14:37:08.0991 5064 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:37:08.0991 5064 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:37:08.0993 5064 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
14:37:08.0993 5064 C:\Windows\System32\BioCredProv.dll - ok
14:37:08.0995 5064 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
14:37:08.0995 5064 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
14:37:08.0997 5064 [ 53BB811ED12D2C867B354390FABF9612 ] C:\Windows\SysWOW64\KernelBase.dll
14:37:08.0997 5064 C:\Windows\SysWOW64\KernelBase.dll - ok
14:37:08.0999 5064 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
14:37:08.0999 5064 C:\Windows\SysWOW64\ws2_32.dll - ok
14:37:09.0001 5064 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
14:37:09.0001 5064 C:\Windows\System32\credui.dll - ok
14:37:09.0003 5064 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
14:37:09.0003 5064 C:\Windows\System32\winbio.dll - ok
14:37:09.0005 5064 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
14:37:09.0005 5064 C:\Windows\System32\netapi32.dll - ok
14:37:09.0007 5064 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
14:37:09.0007 5064 C:\Windows\System32\vaultcli.dll - ok
14:37:09.0009 5064 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
14:37:09.0009 5064 C:\Windows\SysWOW64\msvcrt.dll - ok
14:37:09.0011 5064 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
14:37:09.0011 5064 C:\Windows\System32\netutils.dll - ok
14:37:09.0013 5064 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
14:37:09.0013 5064 C:\Windows\System32\wkscli.dll - ok
14:37:09.0015 5064 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
14:37:09.0015 5064 C:\Windows\System32\samcli.dll - ok
14:37:09.0017 5064 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
14:37:09.0017 5064 C:\Windows\System32\certCredProvider.dll - ok
14:37:09.0019 5064 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
14:37:09.0019 5064 C:\Windows\SysWOW64\rpcrt4.dll - ok
14:37:09.0021 5064 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
14:37:09.0021 5064 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
14:37:09.0023 5064 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
14:37:09.0023 5064 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
14:37:09.0025 5064 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
14:37:09.0025 5064 C:\Windows\SysWOW64\cryptbase.dll - ok
14:37:09.0027 5064 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
14:37:09.0027 5064 C:\Windows\SysWOW64\nsi.dll - ok
14:37:09.0029 5064 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
14:37:09.0029 5064 C:\Windows\SysWOW64\sechost.dll - ok
14:37:09.0032 5064 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
14:37:09.0032 5064 C:\Windows\SysWOW64\sspicli.dll - ok
14:37:09.0034 5064 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
14:37:09.0034 5064 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
14:37:09.0036 5064 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
14:37:09.0036 5064 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
14:37:09.0038 5064 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
14:37:09.0038 5064 C:\Windows\System32\rasapi32.dll - ok
14:37:09.0040 5064 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
14:37:09.0040 5064 C:\Windows\System32\rasplap.dll - ok
14:37:09.0042 5064 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:37:09.0042 5064 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:37:09.0044 5064 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
14:37:09.0044 5064 C:\Windows\System32\rasman.dll - ok
14:37:09.0046 5064 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
14:37:09.0046 5064 C:\Windows\System32\rtutils.dll - ok
14:37:09.0048 5064 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
14:37:09.0048 5064 C:\Windows\SysWOW64\user32.dll - ok
14:37:09.0050 5064 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
14:37:09.0050 5064 C:\Windows\System32\UXInit.dll - ok
14:37:09.0052 5064 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
14:37:09.0052 5064 C:\Windows\SysWOW64\gdi32.dll - ok
14:37:09.0054 5064 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
14:37:09.0054 5064 C:\Windows\SysWOW64\lpk.dll - ok
14:37:09.0056 5064 [ CC19A4AE696C2191E965A9835F1E6399 ] C:\Windows\SysWOW64\usp10.dll
14:37:09.0056 5064 C:\Windows\SysWOW64\usp10.dll - ok
14:37:09.0058 5064 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
14:37:09.0058 5064 C:\Windows\SysWOW64\advapi32.dll - ok
14:37:09.0061 5064 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:37:09.0061 5064 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:37:09.0063 5064 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
14:37:09.0063 5064 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
14:37:09.0065 5064 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
14:37:09.0065 5064 C:\Windows\SysWOW64\wsock32.dll - ok
14:37:09.0067 5064 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
14:37:09.0067 5064 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
14:37:09.0069 5064 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
14:37:09.0069 5064 C:\Windows\SysWOW64\psapi.dll - ok
14:37:09.0071 5064 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
14:37:09.0071 5064 C:\Windows\SysWOW64\version.dll - ok
14:37:09.0073 5064 [ 9CB0D2A9A77D91D9614355EE9FF00519 ] C:\Windows\SysWOW64\wininet.dll
14:37:09.0073 5064 C:\Windows\SysWOW64\wininet.dll - ok
14:37:09.0075 5064 [ 3178C47DB9F1615E5334029607BD3459 ] C:\Windows\SysWOW64\iertutil.dll
14:37:09.0075 5064 C:\Windows\SysWOW64\iertutil.dll - ok
14:37:09.0077 5064 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
14:37:09.0077 5064 C:\Windows\SysWOW64\shlwapi.dll - ok
14:37:09.0079 5064 [ FC4EE980C3BD87D35816EC55007E00B5 ] C:\Windows\SysWOW64\urlmon.dll
14:37:09.0079 5064 C:\Windows\SysWOW64\urlmon.dll - ok
14:37:09.0081 5064 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
14:37:09.0081 5064 C:\Windows\System32\imageres.dll - ok
14:37:09.0083 5064 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
14:37:09.0084 5064 C:\Windows\SysWOW64\ole32.dll - ok
14:37:09.0085 5064 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
14:37:09.0086 5064 C:\Windows\SysWOW64\oleaut32.dll - ok
14:37:09.0087 5064 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
14:37:09.0088 5064 C:\Windows\SysWOW64\imm32.dll - ok
14:37:09.0089 5064 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
14:37:09.0089 5064 C:\Windows\SysWOW64\msctf.dll - ok
14:37:09.0091 5064 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
14:37:09.0091 5064 C:\Windows\SysWOW64\dbghelp.dll - ok
14:37:09.0093 5064 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
14:37:09.0093 5064 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
14:37:09.0095 5064 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
14:37:09.0096 5064 C:\Windows\SysWOW64\cscapi.dll - ok
14:37:09.0097 5064 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
14:37:09.0098 5064 C:\Windows\SysWOW64\netapi32.dll - ok
14:37:09.0100 5064 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
14:37:09.0100 5064 C:\Windows\SysWOW64\netutils.dll - ok
14:37:09.0102 5064 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
14:37:09.0102 5064 C:\Windows\SysWOW64\srvcli.dll - ok
14:37:09.0104 5064 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
14:37:09.0104 5064 C:\Windows\SysWOW64\wkscli.dll - ok
14:37:09.0106 5064 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
14:37:09.0106 5064 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
14:37:09.0108 5064 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
14:37:09.0108 5064 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
14:37:09.0110 5064 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
14:37:09.0110 5064 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
14:37:09.0112 5064 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
14:37:09.0112 5064 C:\Windows\System32\shsvcs.dll - ok
14:37:09.0114 5064 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
14:37:09.0114 5064 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
14:37:09.0116 5064 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
14:37:09.0116 5064 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
14:37:09.0118 5064 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
14:37:09.0119 5064 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
14:37:09.0121 5064 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
14:37:09.0121 5064 C:\Windows\System32\dbghelp.dll - ok
14:37:09.0123 5064 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
14:37:09.0123 5064 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
14:37:09.0125 5064 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
14:37:09.0125 5064 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
14:37:09.0127 5064 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
14:37:09.0127 5064 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
14:37:09.0129 5064 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
14:37:09.0129 5064 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
14:37:09.0131 5064 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
14:37:09.0132 5064 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
14:37:09.0134 5064 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
14:37:09.0134 5064 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
14:37:09.0136 5064 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
14:37:09.0136 5064 C:\Windows\SysWOW64\cfgmgr32.dll - ok
14:37:09.0138 5064 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
14:37:09.0138 5064 C:\Windows\SysWOW64\wtsapi32.dll - ok
14:37:09.0140 5064 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
14:37:09.0140 5064 C:\Windows\System32\schedsvc.dll - ok
14:37:09.0142 5064 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
14:37:09.0142 5064 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
14:37:09.0144 5064 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
14:37:09.0144 5064 C:\Windows\SysWOW64\wscapi.dll - ok
14:37:09.0146 5064 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
14:37:09.0146 5064 C:\Windows\SysWOW64\wscisvif.dll - ok
14:37:09.0148 5064 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
14:37:09.0148 5064 C:\Windows\System32\ktmw32.dll - ok
14:37:09.0150 5064 [ 07875861B582427B8B97D720DB5EAF39 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswEngin.dll
14:37:09.0150 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswEngin.dll - ok
14:37:09.0152 5064 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
14:37:09.0152 5064 C:\Windows\System32\fveapi.dll - ok
14:37:09.0154 5064 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
14:37:09.0154 5064 C:\Windows\System32\fvecerts.dll - ok
14:37:09.0156 5064 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
14:37:09.0156 5064 C:\Windows\System32\tbs.dll - ok
14:37:09.0159 5064 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnOS.dll
14:37:09.0159 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnOS.dll - ok
14:37:09.0160 5064 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
14:37:09.0160 5064 C:\Windows\System32\taskcomp.dll - ok
14:37:09.0162 5064 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnIS.dll
14:37:09.0162 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnIS.dll - ok
14:37:09.0165 5064 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
14:37:09.0165 5064 C:\Windows\System32\wiarpc.dll - ok
14:37:09.0167 5064 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnBS.dll
14:37:09.0167 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnBS.dll - ok
14:37:09.0169 5064 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswScan.dll
14:37:09.0169 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswScan.dll - ok
14:37:09.0171 5064 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
14:37:09.0171 5064 C:\Windows\System32\drivers\http.sys - ok
14:37:09.0173 5064 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswRep.dll
14:37:09.0173 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswRep.dll - ok
14:37:09.0176 5064 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswFiDb.dll
14:37:09.0176 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswFiDb.dll - ok
14:37:09.0178 5064 [ 2BD243BA4CD50EC05146317B7093FE6D ] C:\Program Files\AVAST Software\Avast\defs\12121000\algo.dll
14:37:09.0178 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\algo.dll - ok
14:37:09.0180 5064 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
14:37:09.0180 5064 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
14:37:09.0182 5064 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
14:37:09.0182 5064 C:\Windows\SysWOW64\shell32.dll - ok
14:37:09.0184 5064 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
14:37:09.0184 5064 C:\Windows\SysWOW64\secur32.dll - ok
14:37:09.0186 5064 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
14:37:09.0186 5064 C:\Windows\SysWOW64\fltLib.dll - ok
14:37:09.0188 5064 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
14:37:09.0188 5064 C:\Windows\SysWOW64\winsta.dll - ok
14:37:09.0190 5064 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
14:37:09.0190 5064 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
14:37:09.0192 5064 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
14:37:09.0192 5064 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
14:37:09.0195 5064 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
14:37:09.0195 5064 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
14:37:09.0197 5064 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
14:37:09.0197 5064 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
14:37:09.0199 5064 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
14:37:09.0199 5064 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
14:37:09.0201 5064 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
14:37:09.0201 5064 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
14:37:09.0203 5064 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
14:37:09.0203 5064 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
14:37:09.0205 5064 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
14:37:09.0205 5064 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
14:37:09.0208 5064 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
14:37:09.0208 5064 C:\Windows\SysWOW64\mswsock.dll - ok
14:37:09.0210 5064 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
14:37:09.0210 5064 C:\Windows\System32\wlanapi.dll - ok
14:37:09.0212 5064 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
14:37:09.0212 5064 C:\Windows\System32\spoolsv.exe - ok
14:37:09.0214 5064 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
14:37:09.0214 5064 C:\Windows\System32\netcfgx.dll - ok
14:37:09.0217 5064 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
14:37:09.0217 5064 C:\Windows\System32\drivers\vwifimp.sys - ok
14:37:09.0219 5064 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
14:37:09.0219 5064 C:\Windows\SysWOW64\dnsapi.dll - ok
14:37:09.0221 5064 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswAR.dll
14:37:09.0221 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswAR.dll - ok
14:37:09.0223 5064 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
14:37:09.0223 5064 C:\Windows\SysWOW64\NapiNSP.dll - ok
14:37:09.0225 5064 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
14:37:09.0225 5064 C:\Windows\SysWOW64\pnrpnsp.dll - ok
14:37:09.0227 5064 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
14:37:09.0227 5064 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
14:37:09.0229 5064 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswRawFS.dll
14:37:09.0229 5064 C:\Program Files\AVAST Software\Avast\defs\12121000\aswRawFS.dll - ok
14:37:09.0231 5064 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
14:37:09.0231 5064 C:\Windows\SysWOW64\winrnr.dll - ok
14:37:09.0233 5064 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
14:37:09.0233 5064 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
14:37:09.0235 5064 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
14:37:09.0235 5064 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
14:37:09.0237 5064 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
14:37:09.0237 5064 C:\Windows\SysWOW64\rasadhlp.dll - ok
14:37:09.0239 5064 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
14:37:09.0239 5064 C:\Windows\SysWOW64\winnsi.dll - ok
14:37:09.0241 5064 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
14:37:09.0242 5064 C:\Windows\SysWOW64\wship6.dll - ok
14:37:09.0243 5064 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
14:37:09.0243 5064 C:\Windows\System32\BFE.DLL - ok
14:37:09.0245 5064 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
14:37:09.0246 5064 C:\Windows\System32\drivers\bowser.sys - ok
14:37:09.0248 5064 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
14:37:09.0248 5064 C:\Windows\System32\drivers\mpsdrv.sys - ok
14:37:09.0250 5064 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
14:37:09.0250 5064 C:\Windows\System32\drivers\mrxsmb.sys - ok
14:37:09.0252 5064 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
14:37:09.0252 5064 C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:37:09.0254 5064 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
14:37:09.0254 5064 C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:37:09.0256 5064 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
14:37:09.0256 5064 C:\Windows\System32\wkssvc.dll - ok
14:37:09.0258 5064 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
14:37:09.0258 5064 C:\Windows\System32\cryptnet.dll - ok
14:37:09.0260 5064 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
14:37:09.0260 5064 C:\Windows\System32\cryptsvc.dll - ok
14:37:09.0262 5064 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
14:37:09.0262 5064 C:\Windows\System32\dps.dll - ok
14:37:09.0264 5064 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
14:37:09.0264 5064 C:\Windows\System32\IKEEXT.DLL - ok
14:37:09.0266 5064 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] C:\Windows\System32\mfevtps.exe
14:37:09.0266 5064 C:\Windows\System32\mfevtps.exe - ok
14:37:09.0268 5064 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
14:37:09.0268 5064 C:\Windows\System32\netman.dll - ok
14:37:09.0270 5064 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
14:37:09.0270 5064 C:\Windows\System32\sfc.dll - ok
14:37:09.0272 5064 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
14:37:09.0272 5064 C:\Windows\System32\sfc_os.dll - ok
14:37:09.0274 5064 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
14:37:09.0274 5064 C:\Windows\System32\taskschd.dll - ok
14:37:09.0276 5064 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
14:37:09.0276 5064 C:\Windows\System32\vssapi.dll - ok
14:37:09.0278 5064 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
14:37:09.0278 5064 C:\Windows\System32\pcasvc.dll - ok
14:37:09.0280 5064 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
14:37:09.0280 5064 C:\Windows\System32\vsstrace.dll - ok
14:37:09.0282 5064 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
14:37:09.0282 5064 C:\Windows\System32\wfapigp.dll - ok
14:37:09.0284 5064 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
14:37:09.0284 5064 C:\Windows\System32\drivers\PEAuth.sys - ok
14:37:09.0286 5064 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
14:37:09.0286 5064 C:\Windows\System32\drivers\secdrv.sys - ok
14:37:09.0288 5064 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
14:37:09.0288 5064 C:\Windows\System32\ncsi.dll - ok
14:37:09.0290 5064 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
14:37:09.0290 5064 C:\Windows\System32\nlasvc.dll - ok
14:37:09.0292 5064 [ C6CC9297BD53E5229653303E556AA539 ] C:\Windows\System32\drivers\Sftfslh.sys
14:37:09.0292 5064 C:\Windows\System32\drivers\Sftfslh.sys - ok
14:37:09.0294 5064 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
14:37:09.0294 5064 C:\Windows\System32\winhttp.dll - ok
14:37:09.0296 5064 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
14:37:09.0296 5064 C:\Windows\System32\mscms.dll - ok
14:37:09.0298 5064 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
14:37:09.0298 5064 C:\Windows\System32\aepic.dll - ok
14:37:09.0300 5064 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
14:37:09.0300 5064 C:\Windows\System32\seclogon.dll - ok
14:37:09.0302 5064 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
14:37:09.0302 5064 C:\Windows\System32\vpnikeapi.dll - ok
14:37:09.0304 5064 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
14:37:09.0304 5064 C:\Windows\System32\webio.dll - ok
14:37:09.0306 5064 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
14:37:09.0306 5064 C:\Windows\System32\ssdpapi.dll - ok
14:37:09.0308 5064 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
14:37:09.0308 5064 C:\Windows\System32\aeevts.dll - ok
14:37:09.0310 5064 [ 390AA7BC52CEE43F6790CDEA1E776703 ] C:\Windows\System32\drivers\Sftplaylh.sys
14:37:09.0310 5064 C:\Windows\System32\drivers\Sftplaylh.sys - ok
14:37:09.0312 5064 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
14:37:09.0312 5064 C:\Windows\System32\snmptrap.exe - ok
14:37:09.0315 5064 [ C3CDDD18F43D44AB713CF8C4916F7696 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:37:09.0315 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
14:37:09.0317 5064 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
14:37:09.0317 5064 C:\Windows\System32\provsvc.dll - ok
14:37:09.0319 5064 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
14:37:09.0319 5064 C:\Windows\SysWOW64\profapi.dll - ok
14:37:09.0321 5064 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
14:37:09.0321 5064 C:\Windows\SysWOW64\userenv.dll - ok
14:37:09.0323 5064 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
14:37:09.0323 5064 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
14:37:09.0326 5064 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
14:37:09.0326 5064 C:\Windows\System32\sstpsvc.dll - ok
14:37:09.0328 5064 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
14:37:09.0328 5064 C:\Windows\System32\drivers\srvnet.sys - ok
14:37:09.0330 5064 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
14:37:09.0330 5064 C:\Windows\System32\drivers\tcpipreg.sys - ok
14:37:09.0332 5064 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
14:37:09.0332 5064 C:\Windows\System32\httpapi.dll - ok
14:37:09.0334 5064 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
14:37:09.0334 5064 C:\Windows\System32\sysmain.dll - ok
14:37:09.0336 5064 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
14:37:09.0336 5064 C:\Windows\System32\tapisrv.dll - ok
14:37:09.0338 5064 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
14:37:09.0338 5064 C:\Windows\SysWOW64\credssp.dll - ok
14:37:09.0340 5064 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
14:37:09.0340 5064 C:\Windows\SysWOW64\cryptsp.dll - ok
14:37:09.0342 5064 [ F15C619AB2084DA83AEFA8641C4B55A7 ] C:\Users\Shop\AppData\Local\temp\TeamViewer\Version6\TeamViewer_Service.exe
14:37:09.0342 5064 C:\Users\Shop\AppData\Local\temp\TeamViewer\Version6\TeamViewer_Service.exe - ok
14:37:09.0344 5064 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
14:37:09.0344 5064 C:\Windows\SysWOW64\mpr.dll - ok
14:37:09.0346 5064 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
14:37:09.0346 5064 C:\Windows\SysWOW64\setupapi.dll - ok
14:37:09.0348 5064 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
14:37:09.0349 5064 C:\Windows\SysWOW64\crypt32.dll - ok
14:37:09.0351 5064 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
14:37:09.0351 5064 C:\Windows\SysWOW64\devobj.dll - ok
14:37:09.0353 5064 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
14:37:09.0353 5064 C:\Windows\SysWOW64\msasn1.dll - ok
14:37:09.0355 5064 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
14:37:09.0355 5064 C:\Windows\SysWOW64\imagehlp.dll - ok
14:37:09.0357 5064 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
14:37:09.0357 5064 C:\Windows\SysWOW64\SensApi.dll - ok
14:37:09.0359 5064 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
14:37:09.0359 5064 C:\Windows\System32\trkwks.dll - ok
14:37:09.0361 5064 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
14:37:09.0361 5064 C:\Windows\System32\wbem\WMIsvc.dll - ok
14:37:09.0363 5064 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
14:37:09.0363 5064 C:\Windows\SysWOW64\dwmapi.dll - ok
14:37:09.0365 5064 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
14:37:09.0365 5064 C:\Windows\SysWOW64\msimg32.dll - ok
14:37:09.0367 5064 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
14:37:09.0367 5064 C:\Windows\SysWOW64\wintrust.dll - ok
14:37:09.0369 5064 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
14:37:09.0369 5064 C:\Windows\SysWOW64\uxtheme.dll - ok
14:37:09.0371 5064 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
14:37:09.0371 5064 C:\Windows\SysWOW64\shfolder.dll - ok
14:37:09.0373 5064 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
14:37:09.0373 5064 C:\Windows\System32\wbemcomn.dll - ok
14:37:09.0375 5064 [ 50D09C6DBD5D5E447B284116D1A26F62 ] C:\Windows\SysWOW64\jsproxy.dll
14:37:09.0375 5064 C:\Windows\SysWOW64\jsproxy.dll - ok
14:37:09.0377 5064 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
14:37:09.0377 5064 C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:37:09.0379 5064 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
14:37:09.0379 5064 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
14:37:09.0381 5064 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
14:37:09.0381 5064 C:\Windows\SysWOW64\samcli.dll - ok
14:37:09.0383 5064 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
14:37:09.0383 5064 C:\Windows\System32\wbem\fastprox.dll - ok
14:37:09.0385 5064 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
14:37:09.0385 5064 C:\Windows\SysWOW64\browcli.dll - ok
14:37:09.0387 5064 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
14:37:09.0387 5064 C:\Windows\System32\ntdsapi.dll - ok
14:37:09.0389 5064 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
14:37:09.0389 5064 C:\Windows\System32\wiaservc.dll - ok
14:37:09.0391 5064 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:37:09.0391 5064 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
14:37:09.0394 5064 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
14:37:09.0394 5064 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
14:37:09.0396 5064 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
14:37:09.0396 5064 C:\Windows\System32\SensApi.dll - ok
14:37:09.0398 5064 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
14:37:09.0398 5064 C:\Windows\System32\wer.dll - ok
14:37:09.0400 5064 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
14:37:09.0400 5064 C:\Windows\System32\dllhost.exe - ok
14:37:09.0402 5064 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
14:37:09.0402 5064 C:\Windows\System32\wbem\wbemprox.dll - ok
14:37:09.0404 5064 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
14:37:09.0404 5064 C:\Windows\SysWOW64\ntmarta.dll - ok
14:37:09.0406 5064 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
14:37:09.0406 5064 C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe - ok
14:37:09.0408 5064 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
14:37:09.0408 5064 C:\Windows\System32\iphlpsvc.dll - ok
14:37:09.0411 5064 [ 6BFDC58CEACB90417FCE6BBBD7F3C660 ] C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll
14:37:09.0411 5064 C:\Program Files\Common Files\mcafee\systemcore\lockdown.dll - ok
14:37:09.0412 5064 [ 9F688D9EE28AD1282DCB0F25F26775AE ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll
14:37:09.0412 5064 C:\Program Files\Common Files\mcafee\systemcore\mytilus3.dll - ok
14:37:09.0415 5064 [ 43478C48F97846E7251EE48DFB698652 ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll
14:37:09.0415 5064 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_server.dll - ok
14:37:09.0417 5064 [ 915CCD0159ECD7957890E525A629E6DD ] C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll
14:37:09.0417 5064 C:\Program Files\Common Files\mcafee\systemcore\mytilus3_worker.dll - ok
14:37:09.0419 5064 [ 295657F93F6B19DEEA804048E1CB4FF9 ] C:\Windows\System32\lz32.dll
14:37:09.0419 5064 C:\Windows\System32\lz32.dll - ok
14:37:09.0421 5064 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
14:37:09.0421 5064 C:\Windows\System32\shfolder.dll - ok
14:37:09.0423 5064 [ 0ACBDACAE25FF643049F5E9C7FB19E70 ] C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll
14:37:09.0423 5064 C:\Program Files\Common Files\mcafee\systemcore\mcshield.dll - ok
14:37:09.0425 5064 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
14:37:09.0425 5064 C:\Windows\SysWOW64\Wldap32.dll - ok
14:37:09.0428 5064 [ BA9315165B80B742EA81FD4B745EBE71 ] C:\Program Files\Common Files\mcafee\systemcore\ftl.dll
14:37:09.0428 5064 C:\Program Files\Common Files\mcafee\systemcore\ftl.dll - ok
14:37:09.0430 5064 [ 4575380ECBAAB6C812731B0D4588D364 ] C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll
14:37:09.0430 5064 C:\Program Files\Common Files\mcafee\systemcore\mfeelama.dll - ok
14:37:09.0432 5064 [ 97C398750C8E80A48EB63999546F796E ] C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
14:37:09.0432 5064 C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe - ok
14:37:09.0434 5064 [ B3455B5D864BD1E4F48D4E76FAFD8163 ] C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll
14:37:09.0434 5064 C:\Program Files\Common Files\mcafee\systemcore\mfehida.dll - ok
14:37:09.0437 5064 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
14:37:09.0437 5064 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
14:37:09.0439 5064 [ 71C32E0008B01EDF7657D886662D21D5 ] C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll
14:37:09.0439 5064 C:\Program Files\Common Files\mcafee\systemcore\mfevtpa.dll - ok
14:37:09.0441 5064 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
14:37:09.0441 5064 C:\Windows\System32\sqmapi.dll - ok
14:37:09.0443 5064 [ 13693B6354DD6E72DC5131DA7D764B90 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:37:09.0443 5064 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
14:37:09.0446 5064 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
14:37:09.0446 5064 C:\Windows\System32\wdscore.dll - ok
14:37:09.0448 5064 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
14:37:09.0448 5064 C:\Windows\System32\wiatrace.dll - ok
14:37:09.0450 5064 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
14:37:09.0450 5064 C:\Windows\SysWOW64\rsaenh.dll - ok
14:37:09.0452 5064 [ 5731B230C7D6ADD88CC7CD07D247BEA8 ] C:\Program Files\Common Files\mcafee\systemcore\mfeavfa.dll
-
Here's the log I found after doing as you instructed above. Cure was NOT an option on anything listed, so as you instructed, I selected "Skip". I've entered the log into multiple posts, because I continue getting an error message indicating "post too long" when I try to enter as one. Thanks.
14:35:30.0321 2876 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:35:31.0003 2876 ============================================================
14:35:31.0003 2876 Current date / time: 2012/12/10 14:35:31.0003
14:35:31.0003 2876 SystemInfo:
14:35:31.0003 2876
14:35:31.0003 2876 OS Version: 6.1.7601 ServicePack: 1.0
14:35:31.0003 2876 Product type: Workstation
14:35:31.0003 2876 ComputerName: NUNNBETTER
14:35:31.0003 2876 UserName: NunnBetter
14:35:31.0003 2876 Windows directory: C:\Windows
14:35:31.0003 2876 System windows directory: C:\Windows
14:35:31.0003 2876 Running under WOW64
14:35:31.0003 2876 Processor architecture: Intel x64
14:35:31.0003 2876 Number of processors: 4
14:35:31.0003 2876 Page size: 0x1000
14:35:31.0003 2876 Boot type: Normal boot
14:35:31.0003 2876 ============================================================
14:35:32.0961 2876 BG loaded
14:35:33.0179 2876 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:33.0195 2876 ============================================================
14:35:33.0195 2876 \Device\Harddisk0\DR0:
14:35:33.0195 2876 MBR partitions:
14:35:33.0195 2876 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1DA0000
14:35:33.0195 2876 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DB4000, BlocksNum 0x72952000
14:35:33.0195 2876 ============================================================
14:35:33.0210 2876 C: <-> \Device\Harddisk0\DR0\Partition2
14:35:33.0210 2876 ============================================================
14:35:33.0210 2876 Initialize success
14:35:33.0210 2876 ============================================================
14:36:38.0660 5064 ============================================================
14:36:38.0660 5064 Scan started
14:36:38.0660 5064 Mode: Manual; SigCheck; TDLFS;
14:36:38.0660 5064 ============================================================
14:36:40.0520 5064 ================ Scan system memory ========================
14:36:40.0520 5064 System memory - ok
14:36:40.0520 5064 ================ Scan services =============================
14:36:40.0635 5064 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:36:40.0780 5064 1394ohci - ok
14:36:40.0800 5064 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:36:40.0816 5064 ACPI - ok
14:36:40.0829 5064 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:36:40.0904 5064 AcpiPmi - ok
14:36:41.0003 5064 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:36:41.0023 5064 AdobeARMservice - ok
14:36:41.0050 5064 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:36:41.0069 5064 adp94xx - ok
14:36:41.0099 5064 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:36:41.0124 5064 adpahci - ok
14:36:41.0135 5064 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:36:41.0147 5064 adpu320 - ok
14:36:41.0183 5064 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:36:41.0306 5064 AeLookupSvc - ok
14:36:41.0324 5064 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:36:41.0388 5064 AFD - ok
14:36:41.0404 5064 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:36:41.0416 5064 agp440 - ok
14:36:41.0428 5064 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:36:41.0494 5064 ALG - ok
14:36:41.0509 5064 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:36:41.0521 5064 aliide - ok
14:36:41.0532 5064 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:36:41.0543 5064 amdide - ok
14:36:41.0561 5064 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:36:41.0601 5064 AmdK8 - ok
14:36:41.0623 5064 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:36:41.0663 5064 AmdPPM - ok
14:36:41.0688 5064 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:36:41.0709 5064 amdsata - ok
14:36:41.0719 5064 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:36:41.0733 5064 amdsbs - ok
14:36:41.0743 5064 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:36:41.0753 5064 amdxata - ok
14:36:41.0762 5064 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:36:41.0914 5064 AppID - ok
14:36:41.0935 5064 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:36:42.0001 5064 AppIDSvc - ok
14:36:42.0026 5064 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:36:42.0088 5064 Appinfo - ok
14:36:42.0130 5064 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
14:36:42.0147 5064 arc - ok
14:36:42.0152 5064 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:36:42.0164 5064 arcsas - ok
14:36:42.0179 5064 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:36:42.0192 5064 aswFsBlk - ok
14:36:42.0207 5064 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:36:42.0216 5064 aswMonFlt - ok
14:36:42.0227 5064 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:36:42.0236 5064 aswRdr - ok
14:36:42.0264 5064 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:36:42.0283 5064 aswSnx - ok
14:36:42.0317 5064 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:36:42.0336 5064 aswSP - ok
14:36:42.0362 5064 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:36:42.0372 5064 aswTdi - ok
14:36:42.0411 5064 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:36:42.0460 5064 AsyncMac - ok
14:36:42.0484 5064 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:36:42.0494 5064 atapi - ok
14:36:42.0511 5064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:36:42.0565 5064 AudioEndpointBuilder - ok
14:36:42.0573 5064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:36:42.0604 5064 AudioSrv - ok
14:36:42.0669 5064 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:36:42.0685 5064 avast! Antivirus - ok
14:36:42.0697 5064 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:36:42.0794 5064 AxInstSV - ok
14:36:42.0815 5064 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:36:42.0919 5064 b06bdrv - ok
14:36:42.0937 5064 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:36:42.0991 5064 b57nd60a - ok
14:36:43.0028 5064 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:36:43.0092 5064 BDESVC - ok
14:36:43.0116 5064 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:36:43.0193 5064 Beep - ok
14:36:43.0232 5064 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:36:43.0288 5064 BFE - ok
14:36:43.0336 5064 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
14:36:43.0401 5064 BITS - ok
14:36:43.0434 5064 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:36:43.0458 5064 blbdrive - ok
14:36:43.0485 5064 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:36:43.0541 5064 bowser - ok
14:36:43.0552 5064 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:36:43.0568 5064 BrFiltLo - ok
14:36:43.0582 5064 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:36:43.0596 5064 BrFiltUp - ok
14:36:43.0608 5064 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:36:43.0655 5064 BridgeMP - ok
14:36:43.0687 5064 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:36:43.0707 5064 Browser - ok
14:36:43.0724 5064 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:36:43.0753 5064 Brserid - ok
14:36:43.0762 5064 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:36:43.0778 5064 BrSerWdm - ok
14:36:43.0792 5064 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:36:43.0807 5064 BrUsbMdm - ok
14:36:43.0812 5064 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:36:43.0825 5064 BrUsbSer - ok
14:36:43.0839 5064 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:36:43.0884 5064 BTHMODEM - ok
14:36:43.0936 5064 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:36:44.0009 5064 bthserv - ok
14:36:44.0029 5064 catchme - ok
14:36:44.0045 5064 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:36:44.0074 5064 cdfs - ok
14:36:44.0098 5064 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:36:44.0111 5064 cdrom - ok
14:36:44.0126 5064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:36:44.0191 5064 CertPropSvc - ok
14:36:44.0232 5064 [ 45B5A89DC41577282E5BF41B1165EA71 ] cfwids C:\Windows\system32\drivers\cfwids.sys
14:36:44.0247 5064 cfwids - ok
14:36:44.0261 5064 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
14:36:44.0276 5064 circlass - ok
14:36:44.0308 5064 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:36:44.0334 5064 CLFS - ok
14:36:44.0408 5064 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:36:44.0428 5064 clr_optimization_v2.0.50727_32 - ok
14:36:44.0464 5064 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:36:44.0484 5064 clr_optimization_v2.0.50727_64 - ok
14:36:44.0528 5064 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:36:44.0574 5064 clr_optimization_v4.0.30319_32 - ok
14:36:44.0607 5064 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:36:44.0661 5064 clr_optimization_v4.0.30319_64 - ok
14:36:44.0685 5064 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:36:44.0723 5064 CmBatt - ok
14:36:44.0733 5064 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:36:44.0752 5064 cmdide - ok
14:36:44.0778 5064 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:36:44.0814 5064 CNG - ok
14:36:44.0849 5064 [ 5C855932E4DF00B1B6F5F6F57E82B6C5 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:36:44.0885 5064 CnxtHdAudService - ok
14:36:44.0899 5064 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:36:44.0910 5064 Compbatt - ok
14:36:44.0933 5064 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:36:44.0967 5064 CompositeBus - ok
14:36:44.0970 5064 COMSysApp - ok
14:36:44.0996 5064 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:36:45.0015 5064 crcdisk - ok
14:36:45.0058 5064 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:36:45.0119 5064 CryptSvc - ok
14:36:45.0190 5064 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:36:45.0214 5064 cvhsvc - ok
14:36:45.0246 5064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:36:45.0298 5064 DcomLaunch - ok
14:36:45.0348 5064 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:36:45.0395 5064 defragsvc - ok
14:36:45.0437 5064 [ 3A42B00C88E3E68080DAB6B27BB35B6E ] DellDigitalDelivery C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
14:36:45.0466 5064 DellDigitalDelivery ( UnsignedFile.Multi.Generic ) - warning
14:36:45.0466 5064 DellDigitalDelivery - detected UnsignedFile.Multi.Generic (1)
14:36:45.0487 5064 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:36:45.0569 5064 DfsC - ok
14:36:45.0591 5064 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:36:45.0651 5064 Dhcp - ok
14:36:45.0665 5064 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:36:45.0726 5064 discache - ok
14:36:45.0764 5064 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
14:36:45.0775 5064 Disk - ok
14:36:45.0805 5064 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:36:45.0869 5064 Dnscache - ok
14:36:45.0887 5064 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:36:45.0958 5064 dot3svc - ok
14:36:45.0968 5064 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:36:46.0016 5064 DPS - ok
14:36:46.0048 5064 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:36:46.0093 5064 drmkaud - ok
14:36:46.0130 5064 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:36:46.0164 5064 DXGKrnl - ok
14:36:46.0176 5064 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:36:46.0234 5064 EapHost - ok
14:36:46.0310 5064 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:36:46.0392 5064 ebdrv - ok
14:36:46.0410 5064 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:36:46.0503 5064 EFS - ok
14:36:46.0558 5064 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:36:46.0591 5064 ehRecvr - ok
14:36:46.0604 5064 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:36:46.0618 5064 ehSched - ok
14:36:46.0644 5064 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:36:46.0662 5064 elxstor - ok
14:36:46.0671 5064 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:36:46.0701 5064 ErrDev - ok
14:36:46.0739 5064 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:36:46.0804 5064 EventSystem - ok
14:36:46.0833 5064 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:36:46.0864 5064 exfat - ok
14:36:46.0878 5064 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:36:46.0909 5064 fastfat - ok
14:36:46.0943 5064 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:36:46.0995 5064 Fax - ok
14:36:47.0041 5064 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
14:36:47.0091 5064 fdc - ok
14:36:47.0122 5064 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:36:47.0166 5064 fdPHost - ok
14:36:47.0176 5064 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:36:47.0205 5064 FDResPub - ok
14:36:47.0215 5064 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:36:47.0226 5064 FileInfo - ok
14:36:47.0241 5064 [ 1D684EFB269D24E02550536100799F9C ] FilePath C:\Windows\system32\DRIVERS\fp.sys
14:36:47.0253 5064 FilePath - ok
14:36:47.0272 5064 [ 9B09A03D1A47220AE9C6F6627FB317B8 ] filepathsrv C:\Windows\system32\filepathsrv.exe
14:36:47.0291 5064 filepathsrv - ok
14:36:47.0301 5064 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:36:47.0368 5064 Filetrace - ok
14:36:47.0392 5064 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:36:47.0416 5064 flpydisk - ok
14:36:47.0434 5064 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:36:47.0447 5064 FltMgr - ok
14:36:47.0468 5064 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
14:36:47.0516 5064 FontCache - ok
14:36:47.0557 5064 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:36:47.0575 5064 FontCache3.0.0.0 - ok
14:36:47.0586 5064 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:36:47.0602 5064 FsDepends - ok
14:36:47.0614 5064 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:36:47.0624 5064 Fs_Rec - ok
14:36:47.0647 5064 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:36:47.0662 5064 fvevol - ok
14:36:47.0680 5064 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:36:47.0692 5064 gagp30kx - ok
14:36:47.0766 5064 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
14:36:47.0785 5064 GamesAppService - ok
14:36:47.0804 5064 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:36:47.0837 5064 gpsvc - ok
14:36:47.0860 5064 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:36:47.0918 5064 hcw85cir - ok
14:36:47.0927 5064 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:36:47.0965 5064 HDAudBus - ok
14:36:47.0995 5064 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:36:48.0020 5064 HidBatt - ok
14:36:48.0032 5064 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:36:48.0047 5064 HidBth - ok
14:36:48.0060 5064 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
14:36:48.0074 5064 HidIr - ok
14:36:48.0093 5064 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
14:36:48.0154 5064 hidserv - ok
14:36:48.0190 5064 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:36:48.0202 5064 HidUsb - ok
14:36:48.0228 5064 [ A894FB2CAE6A29F5D9C8EDA47B074623 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
14:36:48.0247 5064 HipShieldK - ok
14:36:48.0264 5064 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:36:48.0331 5064 hkmsvc - ok
14:36:48.0367 5064 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:36:48.0399 5064 HomeGroupListener - ok
14:36:48.0424 5064 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:36:48.0439 5064 HomeGroupProvider - ok
14:36:48.0448 5064 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:36:48.0460 5064 HpSAMD - ok
14:36:48.0483 5064 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:36:48.0534 5064 HTTP - ok
14:36:48.0554 5064 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:36:48.0565 5064 hwpolicy - ok
14:36:48.0575 5064 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:36:48.0588 5064 i8042prt - ok
14:36:48.0612 5064 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:36:48.0628 5064 iaStorV - ok
14:36:48.0671 5064 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:36:48.0702 5064 idsvc - ok
14:36:48.0860 5064 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:36:49.0018 5064 igfx - ok
14:36:49.0037 5064 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:36:49.0054 5064 iirsp - ok
14:36:49.0073 5064 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:36:49.0125 5064 IKEEXT - ok
14:36:49.0164 5064 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:36:49.0195 5064 IntcDAud - ok
14:36:49.0203 5064 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:36:49.0214 5064 intelide - ok
14:36:49.0228 5064 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:36:49.0241 5064 intelppm - ok
14:36:49.0272 5064 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:36:49.0336 5064 IPBusEnum - ok
14:36:49.0360 5064 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:36:49.0388 5064 IpFilterDriver - ok
14:36:49.0444 5064 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:36:49.0517 5064 iphlpsvc - ok
14:36:49.0532 5064 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:36:49.0570 5064 IPMIDRV - ok
14:36:49.0595 5064 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:36:49.0652 5064 IPNAT - ok
14:36:49.0684 5064 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:36:49.0700 5064 IRENUM - ok
14:36:49.0713 5064 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:36:49.0724 5064 isapnp - ok
14:36:49.0741 5064 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:36:49.0755 5064 iScsiPrt - ok
14:36:49.0768 5064 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:36:49.0779 5064 kbdclass - ok
14:36:49.0786 5064 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:36:49.0819 5064 kbdhid - ok
14:36:49.0840 5064 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:36:49.0852 5064 KeyIso - ok
14:36:49.0862 5064 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:36:49.0874 5064 KSecDD - ok
14:36:49.0883 5064 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:36:49.0895 5064 KSecPkg - ok
14:36:49.0903 5064 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:36:49.0949 5064 ksthunk - ok
14:36:49.0974 5064 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:36:50.0041 5064 KtmRm - ok
14:36:50.0077 5064 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:36:50.0146 5064 LanmanServer - ok
14:36:50.0171 5064 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:36:50.0215 5064 LanmanWorkstation - ok
14:36:50.0238 5064 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:36:50.0282 5064 lltdio - ok
14:36:50.0320 5064 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:36:50.0352 5064 lltdsvc - ok
14:36:50.0363 5064 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:36:50.0390 5064 lmhosts - ok
14:36:50.0409 5064 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:36:50.0421 5064 LSI_FC - ok
14:36:50.0427 5064 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:36:50.0439 5064 LSI_SAS - ok
14:36:50.0451 5064 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:36:50.0462 5064 LSI_SAS2 - ok
14:36:50.0474 5064 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:36:50.0486 5064 LSI_SCSI - ok
14:36:50.0497 5064 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:36:50.0543 5064 luafv - ok
14:36:50.0609 5064 [ 9504F1DDA1B67FB8D526FD4F8CC882F3 ] McAWFwk c:\PROGRA~1\mcafee\msc\mcawfwk.exe
14:36:50.0632 5064 McAWFwk - ok
14:36:50.0696 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McMPFSvc C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:36:50.0717 5064 McMPFSvc - ok
14:36:50.0729 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] mcmscsvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:36:50.0740 5064 mcmscsvc - ok
14:36:50.0746 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNaiAnn C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:36:50.0757 5064 McNaiAnn - ok
14:36:50.0767 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McNASvc C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:36:50.0778 5064 McNASvc - ok
14:36:50.0810 5064 [ BE7C8C3F8FE52D8F7826E14CF11DE949 ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
14:36:50.0837 5064 McODS - ok
14:36:50.0842 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McOobeSv C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:36:50.0852 5064 McOobeSv - ok
14:36:50.0856 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] McProxy C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
14:36:50.0866 5064 McProxy - ok
14:36:50.0889 5064 [ 4DEC9B5BEDAA97B1FF6A3923E1C4F58A ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:36:50.0900 5064 McShield - ok
14:36:50.0916 5064 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:36:50.0932 5064 Mcx2Svc - ok
14:36:50.0948 5064 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
14:36:50.0959 5064 megasas - ok
14:36:50.0969 5064 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:36:50.0983 5064 MegaSR - ok
14:36:50.0995 5064 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:36:51.0004 5064 MEIx64 - ok
14:36:51.0026 5064 [ B574522827D94126C03975FD53F0B26B ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys
14:36:51.0036 5064 mfeapfk - ok
14:36:51.0060 5064 [ B393753ECE9A9E2307CB1984ACF3DA9D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
14:36:51.0072 5064 mfeavfk - ok
14:36:51.0093 5064 mfeavfk01 - ok
14:36:51.0114 5064 [ 97C398750C8E80A48EB63999546F796E ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:36:51.0135 5064 mfefire - ok
14:36:51.0150 5064 [ C52A1ABF03DD219375EA0F6A8BE941C3 ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
14:36:51.0164 5064 mfefirek - ok
14:36:51.0197 5064 [ 7092A6C6158FC4F5AA39EBEB9D5AF03D ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
14:36:51.0231 5064 mfehidk - ok
14:36:51.0257 5064 [ D2A941C82A0A9227CD6F47AD40A40F69 ] mferkdet C:\Windows\system32\drivers\mferkdet.sys
14:36:51.0275 5064 mferkdet - ok
14:36:51.0291 5064 [ 04D48692EFF181DA46DD8EA8BE9FFB2B ] mfevtp C:\Windows\system32\mfevtps.exe
14:36:51.0302 5064 mfevtp - ok
14:36:51.0317 5064 [ 1631E2DA6C4B47D97ECA94842836592E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
14:36:51.0331 5064 mfewfpk - ok
14:36:51.0351 5064 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:36:51.0417 5064 MMCSS - ok
14:36:51.0436 5064 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:36:51.0506 5064 Modem - ok
14:36:51.0537 5064 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:36:51.0596 5064 monitor - ok
14:36:51.0613 5064 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:36:51.0626 5064 mouclass - ok
14:36:51.0650 5064 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:36:51.0688 5064 mouhid - ok
14:36:51.0722 5064 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:36:51.0745 5064 mountmgr - ok
14:36:51.0778 5064 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:36:51.0808 5064 mpio - ok
14:36:51.0852 5064 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:36:51.0893 5064 mpsdrv - ok
14:36:51.0963 5064 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:36:52.0040 5064 MpsSvc - ok
14:36:52.0062 5064 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:36:52.0120 5064 MRxDAV - ok
14:36:52.0136 5064 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:36:52.0193 5064 mrxsmb - ok
14:36:52.0224 5064 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:36:52.0250 5064 mrxsmb10 - ok
14:36:52.0259 5064 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:36:52.0271 5064 mrxsmb20 - ok
14:36:52.0292 5064 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:36:52.0303 5064 msahci - ok
14:36:52.0312 5064 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:36:52.0324 5064 msdsm - ok
14:36:52.0342 5064 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:36:52.0377 5064 MSDTC - ok
14:36:52.0400 5064 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:36:52.0428 5064 Msfs - ok
14:36:52.0447 5064 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:36:52.0476 5064 mshidkmdf - ok
14:36:52.0483 5064 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:36:52.0504 5064 msisadrv - ok
14:36:52.0515 5064 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:36:52.0564 5064 MSiSCSI - ok
14:36:52.0567 5064 msiserver - ok
14:36:52.0585 5064 [ F928E5E72BBA15DD0CE9A26E0413D236 ] MSK80Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
14:36:52.0596 5064 MSK80Service - ok
14:36:52.0616 5064 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:36:52.0678 5064 MSKSSRV - ok
14:36:52.0707 5064 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:36:52.0795 5064 MSPCLOCK - ok
14:36:52.0805 5064 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:36:52.0866 5064 MSPQM - ok
14:36:52.0890 5064 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:36:52.0905 5064 MsRPC - ok
14:36:52.0928 5064 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:36:52.0938 5064 mssmbios - ok
14:36:52.0981 5064 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:36:53.0080 5064 MSTEE - ok
14:36:53.0163 5064 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:36:53.0184 5064 MTConfig - ok
14:36:53.0198 5064 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:36:53.0209 5064 Mup - ok
14:36:53.0228 5064 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:36:53.0311 5064 napagent - ok
14:36:53.0343 5064 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:36:53.0392 5064 NativeWifiP - ok
14:36:53.0550 5064 [ 934BB0D23A25C8C136570800A5A149B6 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
14:36:53.0608 5064 NAUpdate - ok
14:36:53.0825 5064 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:36:53.0935 5064 NDIS - ok
14:36:53.0978 5064 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:36:54.0034 5064 NdisCap - ok
14:36:54.0066 5064 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:36:54.0095 5064 NdisTapi - ok
14:36:54.0117 5064 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:36:54.0205 5064 Ndisuio - ok
14:36:54.0234 5064 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:36:54.0304 5064 NdisWan - ok
14:36:54.0325 5064 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:36:54.0352 5064 NDProxy - ok
14:36:54.0369 5064 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:36:54.0426 5064 NetBIOS - ok
14:36:54.0461 5064 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:36:54.0491 5064 NetBT - ok
14:36:54.0543 5064 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:36:54.0564 5064 Netlogon - ok
14:36:54.0594 5064 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:36:54.0656 5064 Netman - ok
14:36:54.0701 5064 [ 3E5A36127E201DDF663176B66828FAFE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:36:54.0712 5064 NetMsmqActivator - ok
14:36:54.0714 5064 [ 3E5A36127E201DDF663176B66828FAFE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:36:54.0724 5064 NetPipeActivator - ok
14:36:54.0743 5064 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:36:54.0797 5064 netprofm - ok
14:36:54.0843 5064 [ B330CE846D1C672F640D3B3647CEF86D ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
14:36:54.0869 5064 netr28ux - ok
14:36:54.0872 5064 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:36:54.0882 5064 NetTcpActivator - ok
14:36:54.0885 5064 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:36:54.0895 5064 NetTcpPortSharing - ok
14:36:54.0909 5064 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:36:54.0920 5064 nfrd960 - ok
14:36:54.0939 5064 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:36:54.0972 5064 NlaSvc - ok
14:36:55.0179 5064 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
14:36:55.0251 5064 NOBU - ok
14:36:55.0273 5064 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:36:55.0300 5064 Npfs - ok
14:36:55.0370 5064 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:36:55.0441 5064 nsi - ok
14:36:55.0484 5064 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:36:55.0582 5064 nsiproxy - ok
14:36:55.0682 5064 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:36:55.0744 5064 Ntfs - ok
14:36:55.0760 5064 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:36:55.0787 5064 Null - ok
14:36:55.0831 5064 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:36:55.0853 5064 nvraid - ok
14:36:55.0871 5064 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:36:55.0884 5064 nvstor - ok
14:36:55.0909 5064 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:36:55.0931 5064 nv_agp - ok
14:36:55.0949 5064 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:36:55.0962 5064 ohci1394 - ok
14:36:56.0008 5064 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:36:56.0041 5064 ose - ok
14:36:56.0264 5064 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:36:56.0380 5064 osppsvc - ok
14:36:56.0437 5064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:36:56.0555 5064 p2pimsvc - ok
14:36:56.0581 5064 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:36:56.0599 5064 p2psvc - ok
14:36:56.0612 5064 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
14:36:56.0626 5064 Parport - ok
14:36:56.0657 5064 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:36:56.0689 5064 partmgr - ok
14:36:56.0708 5064 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:36:56.0754 5064 PcaSvc - ok
14:36:56.0789 5064 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:36:56.0812 5064 pci - ok
14:36:56.0825 5064 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:36:56.0836 5064 pciide - ok
14:36:56.0849 5064 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:36:56.0862 5064 pcmcia - ok
14:36:56.0871 5064 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:36:56.0882 5064 pcw - ok
14:36:56.0898 5064 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:36:56.0962 5064 PEAUTH - ok
14:36:57.0042 5064 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:36:57.0092 5064 PerfHost - ok
14:36:57.0136 5064 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:36:57.0221 5064 pla - ok
14:36:57.0245 5064 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:36:57.0314 5064 PlugPlay - ok
14:36:57.0323 5064 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:36:57.0368 5064 PNRPAutoReg - ok
14:36:57.0394 5064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:36:57.0417 5064 PNRPsvc - ok
14:36:57.0438 5064 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
14:36:57.0447 5064 Point64 - ok
14:36:57.0463 5064 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:36:57.0529 5064 PolicyAgent - ok
14:36:57.0563 5064 [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power C:\Windows\system32\umpo.dll
14:36:57.0629 5064 Power - ok
14:36:57.0652 5064 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:36:57.0719 5064 PptpMiniport - ok
14:36:57.0745 5064 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
14:36:57.0787 5064 Processor - ok
14:36:57.0825 5064 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:36:57.0865 5064 ProfSvc - ok
14:36:57.0889 5064 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:36:57.0909 5064 ProtectedStorage - ok
14:36:57.0924 5064 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:36:57.0987 5064 Psched - ok
14:36:58.0011 5064 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
14:36:58.0030 5064 PxHlpa64 - ok
14:36:58.0092 5064 [ DEE107066B957D9846D5036A5D40ED0C ] QBCFMonitorService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
14:36:58.0101 5064 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
14:36:58.0101 5064 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)
14:36:58.0125 5064 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
14:36:58.0155 5064 QBFCService ( UnsignedFile.Multi.Generic ) - warning
14:36:58.0155 5064 QBFCService - detected UnsignedFile.Multi.Generic (1)
14:36:58.0216 5064 [ 147552E28311DB3E86188A356A7A9F9C ] QBVSS C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
14:36:58.0273 5064 QBVSS ( UnsignedFile.Multi.Generic ) - warning
14:36:58.0273 5064 QBVSS - detected UnsignedFile.Multi.Generic (1)
14:36:58.0326 5064 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:36:58.0376 5064 ql2300 - ok
14:36:58.0393 5064 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:36:58.0405 5064 ql40xx - ok
14:36:58.0427 5064 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:36:58.0446 5064 QWAVE - ok
14:36:58.0456 5064 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:36:58.0489 5064 QWAVEdrv - ok
14:36:58.0574 5064 [ 37C3272E58976598BEF1CDF321019209 ] RalinkRegistryWriter C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
14:36:58.0599 5064 RalinkRegistryWriter - ok
14:36:58.0615 5064 [ 25DAAD73732B51A46B11C6DF788F3322 ] RalinkRegistryWriter64 C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
14:36:58.0630 5064 RalinkRegistryWriter64 - ok
14:36:58.0641 5064 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:36:58.0706 5064 RasAcd - ok
14:36:58.0741 5064 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:36:58.0778 5064 RasAgileVpn - ok
14:36:58.0787 5064 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:36:58.0853 5064 RasAuto - ok
14:36:58.0873 5064 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:36:58.0940 5064 Rasl2tp - ok
14:36:58.0964 5064 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:36:59.0017 5064 RasMan - ok
14:36:59.0043 5064 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:36:59.0103 5064 RasPppoe - ok
14:36:59.0131 5064 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:36:59.0160 5064 RasSstp - ok
14:36:59.0176 5064 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:36:59.0206 5064 rdbss - ok
14:36:59.0213 5064 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:36:59.0229 5064 rdpbus - ok
14:36:59.0246 5064 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:36:59.0273 5064 RDPCDD - ok
14:36:59.0287 5064 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:36:59.0344 5064 RDPENCDD - ok
14:36:59.0365 5064 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:36:59.0392 5064 RDPREFMP - ok
14:36:59.0408 5064 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:36:59.0435 5064 RDPWD - ok
14:36:59.0453 5064 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:36:59.0466 5064 rdyboost - ok
14:36:59.0480 5064 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:36:59.0511 5064 RemoteAccess - ok
14:36:59.0524 5064 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:36:59.0555 5064 RemoteRegistry - ok
14:36:59.0622 5064 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
14:36:59.0670 5064 RoxMediaDB12OEM - ok
14:36:59.0690 5064 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
14:36:59.0702 5064 RoxWatch12 - ok
14:36:59.0711 5064 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:36:59.0757 5064 RpcEptMapper - ok
14:36:59.0793 5064 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:36:59.0816 5064 RpcLocator - ok
14:36:59.0849 5064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:36:59.0891 5064 RpcSs - ok
14:36:59.0899 5064 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:36:59.0949 5064 rspndr - ok
14:36:59.0982 5064 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
14:36:59.0996 5064 RTL8167 - ok
14:37:00.0004 5064 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:37:00.0017 5064 SamSs - ok
14:37:00.0025 5064 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:37:00.0037 5064 sbp2port - ok
14:37:00.0052 5064 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:37:00.0083 5064 SCardSvr - ok
14:37:00.0095 5064 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:37:00.0142 5064 scfilter - ok
14:37:00.0196 5064 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:37:00.0258 5064 Schedule - ok
14:37:00.0284 5064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:37:00.0326 5064 SCPolicySvc - ok
14:37:00.0338 5064 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:37:00.0358 5064 SDRSVC - ok
14:37:00.0372 5064 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:37:00.0436 5064 secdrv - ok
14:37:00.0464 5064 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:37:00.0492 5064 seclogon - ok
14:37:00.0506 5064 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
14:37:00.0572 5064 SENS - ok
14:37:00.0607 5064 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:37:00.0626 5064 SensrSvc - ok
14:37:00.0633 5064 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:37:00.0678 5064 Serenum - ok
14:37:00.0708 5064 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
14:37:00.0753 5064 Serial - ok
14:37:00.0791 5064 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:37:00.0828 5064 sermouse - ok
14:37:00.0854 5064 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:37:00.0907 5064 SessionEnv - ok
14:37:00.0917 5064 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:37:00.0931 5064 sffdisk - ok
14:37:00.0935 5064 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:37:00.0950 5064 sffp_mmc - ok
14:37:00.0960 5064 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:37:00.0975 5064 sffp_sd - ok
14:37:00.0986 5064 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:37:00.0998 5064 sfloppy - ok
14:37:01.0027 5064 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
14:37:01.0043 5064 Sftfs - ok
14:37:01.0117 5064 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:37:01.0138 5064 sftlist - ok
14:37:01.0160 5064 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:37:01.0171 5064 Sftplay - ok
14:37:01.0179 5064 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:37:01.0188 5064 Sftredir - ok
14:37:01.0251 5064 [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
14:37:01.0317 5064 SftService - ok
14:37:01.0325 5064 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
14:37:01.0333 5064 Sftvol - ok
14:37:01.0344 5064 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:37:01.0355 5064 sftvsa - ok
14:37:01.0397 5064 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:37:01.0428 5064 SharedAccess - ok
14:37:01.0443 5064 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:37:01.0491 5064 ShellHWDetection - ok
14:37:01.0520 5064 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:37:01.0541 5064 SiSRaid2 - ok
14:37:01.0552 5064 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:37:01.0564 5064 SiSRaid4 - ok
14:37:01.0571 5064 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:37:01.0621 5064 Smb - ok
14:37:01.0672 5064 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:37:01.0717 5064 SNMPTRAP - ok
14:37:01.0740 5064 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:37:01.0751 5064 spldr - ok
14:37:01.0783 5064 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:37:01.0813 5064 Spooler - ok
14:37:01.0891 5064 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:37:01.0953 5064 sppsvc - ok
14:37:01.0964 5064 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:37:01.0993 5064 sppuinotify - ok
14:37:02.0011 5064 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:37:02.0078 5064 srv - ok
14:37:02.0093 5064 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:37:02.0128 5064 srv2 - ok
14:37:02.0151 5064 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:37:02.0163 5064 srvnet - ok
14:37:02.0176 5064 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:37:02.0206 5064 SSDPSRV - ok
14:37:02.0217 5064 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:37:02.0246 5064 SstpSvc - ok
14:37:02.0255 5064 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:37:02.0266 5064 stexstor - ok
14:37:02.0289 5064 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:37:02.0309 5064 stisvc - ok
14:37:02.0352 5064 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
14:37:02.0369 5064 stllssvr - ok
14:37:02.0379 5064 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:37:02.0392 5064 swenum - ok
14:37:02.0404 5064 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:37:02.0461 5064 swprv - ok
14:37:02.0504 5064 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:37:02.0566 5064 SysMain - ok
14:37:02.0593 5064 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:37:02.0611 5064 TabletInputService - ok
14:37:02.0621 5064 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:37:02.0667 5064 TapiSrv - ok
14:37:02.0690 5064 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:37:02.0720 5064 TBS - ok
14:37:02.0766 5064 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:37:02.0828 5064 Tcpip - ok
14:37:02.0869 5064 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:37:02.0897 5064 TCPIP6 - ok
14:37:02.0908 5064 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:37:02.0920 5064 tcpipreg - ok
14:37:02.0933 5064 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:37:02.0997 5064 TDPIPE - ok
14:37:03.0012 5064 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:37:03.0029 5064 TDTCP - ok
14:37:03.0049 5064 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:37:03.0086 5064 tdx - ok
14:37:03.0099 5064 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:37:03.0109 5064 TermDD - ok
14:37:03.0128 5064 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:37:03.0198 5064 TermService - ok
14:37:03.0222 5064 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:37:03.0266 5064 Themes - ok
14:37:03.0297 5064 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:37:03.0337 5064 THREADORDER - ok
14:37:03.0352 5064 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:37:03.0419 5064 TrkWks - ok
14:37:03.0473 5064 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:37:03.0515 5064 TrustedInstaller - ok
14:37:03.0523 5064 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:37:03.0569 5064 tssecsrv - ok
14:37:03.0582 5064 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:37:03.0611 5064 TsUsbFlt - ok
14:37:03.0620 5064 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:37:03.0633 5064 TsUsbGD - ok
14:37:03.0652 5064 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:37:03.0700 5064 tunnel - ok
14:37:03.0730 5064 [ 4FD2F1366055D55F0D10B2568526AB78 ] U2SP C:\Windows\system32\DRIVERS\u2s2kxp64.sys
14:37:03.0740 5064 U2SP - ok
14:37:03.0754 5064 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:37:03.0765 5064 uagp35 - ok
14:37:03.0808 5064 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:37:03.0850 5064 udfs - ok
14:37:03.0879 5064 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:37:03.0894 5064 UI0Detect - ok
14:37:03.0916 5064 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:37:03.0927 5064 uliagpkx - ok
14:37:03.0940 5064 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:37:03.0976 5064 umbus - ok
14:37:04.0018 5064 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:37:04.0066 5064 UmPass - ok
14:37:04.0107 5064 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:37:04.0165 5064 upnphost - ok
14:37:04.0189 5064 [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
14:37:04.0252 5064 usbccgp - ok
14:37:04.0268 5064 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:37:04.0290 5064 usbcir - ok
14:37:04.0300 5064 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:37:04.0331 5064 usbehci - ok
14:37:04.0372 5064 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:37:04.0415 5064 usbhub - ok
14:37:04.0444 5064 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:37:04.0484 5064 usbohci - ok
14:37:04.0515 5064 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:37:04.0554 5064 usbprint - ok
14:37:04.0581 5064 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:37:04.0613 5064 USBSTOR - ok
14:37:04.0627 5064 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:37:04.0669 5064 usbuhci - ok
14:37:04.0703 5064 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:37:04.0772 5064 UxSms - ok
14:37:04.0791 5064 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:37:04.0803 5064 VaultSvc - ok
14:37:04.0812 5064 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:37:04.0823 5064 vdrvroot - ok
14:37:04.0864 5064 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:37:04.0945 5064 vds - ok
14:37:04.0970 5064 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:37:04.0996 5064 vga - ok
14:37:05.0014 5064 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:37:05.0041 5064 VgaSave - ok
14:37:05.0058 5064 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:37:05.0071 5064 vhdmp - ok
14:37:05.0080 5064 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:37:05.0090 5064 viaide - ok
14:37:05.0101 5064 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:37:05.0112 5064 volmgr - ok
14:37:05.0122 5064 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:37:05.0137 5064 volmgrx - ok
14:37:05.0142 5064 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:37:05.0155 5064 volsnap - ok
14:37:05.0183 5064 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:37:05.0205 5064 vsmraid - ok
14:37:05.0237 5064 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:37:05.0332 5064 VSS - ok
14:37:05.0361 5064 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:37:05.0404 5064 vwifibus - ok
14:37:05.0437 5064 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:37:05.0453 5064 vwififlt - ok
14:37:05.0475 5064 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:37:05.0490 5064 vwifimp - ok
14:37:05.0526 5064 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:37:05.0559 5064 W32Time - ok
14:37:05.0569 5064 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:37:05.0600 5064 WacomPen - ok
14:37:05.0628 5064 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:37:05.0696 5064 WANARP - ok
14:37:05.0699 5064 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:37:05.0725 5064 Wanarpv6 - ok
14:37:05.0791 5064 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:37:05.0846 5064 WatAdminSvc - ok
14:37:05.0897 5064 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:37:05.0985 5064 wbengine - ok
14:37:06.0005 5064 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:37:06.0025 5064 WbioSrvc - ok
14:37:06.0037 5064 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:37:06.0059 5064 wcncsvc - ok
14:37:06.0074 5064 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:37:06.0098 5064 WcsPlugInService - ok
14:37:06.0110 5064 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
14:37:06.0121 5064 Wd - ok
14:37:06.0145 5064 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:37:06.0167 5064 Wdf01000 - ok
14:37:06.0200 5064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:37:06.0306 5064 WdiServiceHost - ok
14:37:06.0311 5064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:37:06.0333 5064 WdiSystemHost - ok
14:37:06.0350 5064 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:37:06.0386 5064 WebClient - ok
14:37:06.0416 5064 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:37:06.0486 5064 Wecsvc - ok
14:37:06.0514 5064 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:37:06.0545 5064 wercplsupport - ok
14:37:06.0571 5064 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:37:06.0601 5064 WerSvc - ok
14:37:06.0614 5064 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:37:06.0641 5064 WfpLwf - ok
14:37:06.0665 5064 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:37:06.0678 5064 WimFltr - ok
14:37:06.0689 5064 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:37:06.0700 5064 WIMMount - ok
14:37:06.0734 5064 WinDefend - ok
14:37:06.0738 5064 WinHttpAutoProxySvc - ok
14:37:06.0773 5064 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:37:06.0821 5064 Winmgmt - ok
14:37:06.0858 5064 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:37:06.0938 5064 WinRM - ok
14:37:06.0958 5064 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:37:06.0972 5064 WinUsb - ok
14:37:06.0998 5064 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:37:07.0048 5064 Wlansvc - ok
14:37:07.0111 5064 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:37:07.0130 5064 wlcrasvc - ok
14:37:07.0196 5064 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:37:07.0235 5064 wlidsvc - ok
14:37:07.0243 5064 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:37:07.0274 5064 WmiAcpi - ok
14:37:07.0316 5064 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:37:07.0367 5064 wmiApSrv - ok
14:37:07.0372 5064 WMPNetworkSvc - ok
14:37:07.0398 5064 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:37:07.0432 5064 WPCSvc - ok
14:37:07.0464 5064 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:37:07.0492 5064 WPDBusEnum - ok
14:37:07.0499 5064 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:37:07.0526 5064 ws2ifsl - ok
14:37:07.0554 5064 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
14:37:07.0602 5064 wscsvc - ok
14:37:07.0635 5064 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
14:37:07.0649 5064 WSDPrintDevice - ok
14:37:07.0652 5064 WSearch - ok
14:37:07.0712 5064 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:37:07.0756 5064 wuauserv - ok
14:37:07.0783 5064 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:37:07.0822 5064 WudfPf - ok
14:37:07.0845 5064 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:37:07.0883 5064 WUDFRd - ok
14:37:07.0913 5064 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:37:07.0963 5064 wudfsvc - ok
14:37:07.0989 5064 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:37:08.0009 5064 WwanSvc - ok
-
Hi. I tried running tdsskiller.exe; however, when I launch it, I get a warning box that advises "Can't Initialize log". The initialization box reads 10% and never changes until I click "OK" in the Warning box. Once I click "OK", a new warning box appears that advises "Can't load driver" and the initialization box remains at 40% until I click "OK" in the warning box. After I click the final "OK", a new box appears so that I can select Start Scan; however, when I select it, the box immediately changes indicating Process: 1 object, details. All other items read "0". The details report is blank.
Thanks.
-
Hi Gringo,
Sorry for the delay in responding. I've copied the Combofix log below. I haven't used the computer since running it; however, most things appear to be running okay. I did get errors in a couple of programs prior to running Combofix, but I'm not certain they are related. Thanks again.
ComboFix 12-12-07.01 - Tabatha 12/09/2012 17:26:56.5.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8105.5978 [GMT -6:00]
Running from: c:\users\Tabatha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VLHAR5H\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-11-09 to 2012-12-09 )))))))))))))))))))))))))))))))
.
.
2012-12-09 23:30 . 2012-12-09 23:30 -------- d-----w- c:\users\NunnBetter\AppData\Local\temp
2012-12-09 23:30 . 2012-12-09 23:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-03 09:02 . 2012-12-03 09:02 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-12-02 09:02 . 2012-10-08 11:42 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-02 09:01 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-02 09:01 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-02 09:01 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-02 09:01 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-02 09:01 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-02 09:01 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-02 09:01 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-02 03:39 . 2012-12-02 03:39 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-02 02:31 . 2012-09-25 22:47 78336 ----a-w- c:\windows\SysWow64\synceng.dll
2012-12-02 02:31 . 2012-09-25 22:46 95744 ----a-w- c:\windows\system32\synceng.dll
2012-12-02 02:11 . 2012-12-02 02:11 -------- d-----w- C:\FRST
2012-12-01 18:47 . 2012-12-09 23:30 -------- d-----w- c:\users\Tabatha\AppData\Local\temp
2012-12-01 00:30 . 2012-10-30 23:51 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-01 00:30 . 2012-10-30 23:51 370288 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-01 00:30 . 2012-10-15 16:59 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-12-01 00:30 . 2012-10-30 23:51 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-01 00:30 . 2012-10-30 23:51 984144 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-01 00:30 . 2012-10-30 23:51 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-12-01 00:30 . 2012-10-30 23:50 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-01 00:29 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-01 00:29 . 2012-10-30 23:50 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-12-01 00:29 . 2012-12-01 00:29 -------- d-----w- c:\programdata\AVAST Software
2012-12-01 00:29 . 2012-12-01 00:29 -------- d-----w- c:\program files\AVAST Software
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-02 09:01 . 2012-08-21 22:32 66395536 ----a-w- c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-12-02 02:31 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-02 02:31 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-02 02:31 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-09-14 19:19 . 2012-10-10 13:16 2048 ----a-w- c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 13:16 2048 ----a-w- c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2012-07-27 35768]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-09-12 1535112]
"NeroLauncher"="c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe" [2012-02-06 66872]
"AccuWeatherWidget"="c:\program files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" [2011-04-30 885760]
"Intuit SyncManager"="c:\program files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2012-10-08 2643320]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 filepathsrv;CDPforFilesSrv;c:\windows\system32\filepathsrv.exe [2010-07-19 628608]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-04-20 196440]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2011-03-08 224704]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-06-22 106112]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-20 1255736]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-06-22 335784]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 FilePath;VitalFile;c:\windows\system32\DRIVERS\fp.sys [2010-07-19 316288]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [2012-10-09 173568]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [2012-08-31 201304]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2012-06-22 218320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2012-06-22 177144]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe [2011-11-25 687400]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 QBVSS;QBIDPService;c:\program files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [2011-11-09 1248256]
S2 RalinkRegistryWriter64;RalinkRegistryWriter64;c:\program files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [2011-11-21 455424]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-09-22 1692480]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-06-22 69672]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-06-22 513456]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Other Services/Drivers In Memory ---
.
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2690531696-1917535011-530222184-1001Core.job
- c:\users\NunnBetter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 21:08]
.
2012-09-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2690531696-1917535011-530222184-1001UA.job
- c:\users\NunnBetter\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18 21:08]
.
2012-06-08 c:\windows\Tasks\Norton Security Scan for NunnBetter.job
- c:\progra~2\NORTON~2\Engine\372~1.5\Nss.exe [2012-06-05 09:45]
.
2012-03-12 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-03-22 17:20]
.
2012-04-11 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-03-22 17:20]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-04 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-04 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-04 418328]
"Stage Remote"="c:\program files (x86)\Dell\Stage Remote\StageRemote.exe" [2011-06-28 2022976]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-04-30 2055016]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-33491813.sys
AddRemove-OnDemand5 Manager SU - c:\mitchell1\Manager\Series1\RebootWiz
AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11c_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11c.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-09 17:31:58
ComboFix-quarantined-files.txt 2012-12-09 23:31
ComboFix2.txt 2012-12-01 18:47
ComboFix3.txt 2012-12-01 04:35
.
Pre-Run: 924,270,768,128 bytes free
Post-Run: 923,996,401,664 bytes free
.
- - End Of File - - FBAEE0EEE16A952A763DAF51FD628077
-
Thanks again. It doesn't look like it was gone. Here's the report from RogueKiller I just ran.
RogueKiller V8.3.1 [Dec 2 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : NunnBetter [Restricted rights]
Mode : Remove -- Date : 12/04/2012 19:51:18
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 1 ¤¤¤
[HOSTS] HKLM\[...]\Parameters : DataBasePath () -> NOT REMOVED, USE HOSTSFIX
¤¤¤ Particular Files / Folders: ¤¤¤
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{5a37711a-8222-fa94-7525-6ebecfc90b5e}\U --> REMOVED
[ZeroAccess][FOLDER] ROOT : C:\Windows\Installer\{5a37711a-8222-fa94-7525-6ebecfc90b5e}\L --> REMOVED
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : ZeroAccess ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
Finished : << RKreport[2]_D_12042012_02d1951.txt >>
RKreport[1]_S_12042012_02d1950.txt ; RKreport[2]_D_12042012_02d1951.txt
-
Hi Gringo,
Thanks, so much, for your help with this. I had already started trying to run some programs I'd found in other posts on this website. After running those, and then adding the couple you mentioned, I think I have the system cleaned up. Everything seems to be in working order, and I cannot find any reference to services.exe any longer. Is it possible it's still hidden somewhere, deep in my system, and is still subjecting our data? Should I provide you a specific scan report that would enable you to know this answer?
Your timely response and help is greatly appreciated.
-
We have contracted a Trojan backdoor virus on our computer (services.exe). It is quite deeply rooted (I think). I seriously need some help removing this. I've searched and tried everything I can find, and although I'm good with computers, I'm not a tech geek for sure. I have attached a Combofix log should it be helpful. Please help!
Services.exe Backdoor Trojan Virus
in Resolved Malware Removal Logs
Posted
Sorry for the delay in response. Unable to work on the computer due to the holidays. I've run the last set of scans you advised and performed the operations as instructed.
The threats found on the ESET scan are as follows:
C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application
C:\TDSSKiller_Quarantine\01.12.2012_21.38.28\mbr0000\tdlfs0000\tsk0000.dta Win64/Olmarik.AK trojan
C:\Users\NunnBetter\Downloads\FixRegCleaner_Setup.exe a variant of Win32/Adware.RegistryEasy application
C:\Users\NunnBetter\Downloads\openfreely.exe Win32/InstallIQ application
Thanks.