Jump to content

"Recommended for you" virus


Jbarriuso

Recommended Posts

Both IE and firefox are having issues with this virus.

Both left and right hand corners of both browers have ads scrolling upwards. Frequency varies depending on the site. Often in the shape of an iPhone. Don't think it is doing any harm but just really annoying.

Also, every so often clicking a link will lead me to become redirected to another site, usually an ad site. Might be related with the afterward mentioned issue since they came about around the same time.

First time poster and a bit of an amatur with computers compared to most of you, i am sure, so bear with me.

Thanks.

Link to post
Share on other sites

Hello Jbarriuso and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Please follow the instructions here and post the log files in your next reply:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Hey Maniac, I have to first thank you for offering your help. Here are DDS and Attach

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2

Run by Barriuso at 16:06:04 on 2012-09-16

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.5939 [GMT -4:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\windows\system32\wininit.exe

C:\windows\system32\lsm.exe

C:\windows\system32\svchost.exe -k DcomLaunch

C:\windows\system32\svchost.exe -k RPCSS

C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\windows\system32\svchost.exe -k netsvcs

C:\windows\system32\svchost.exe -k LocalService

C:\windows\system32\svchost.exe -k NetworkService

C:\windows\System32\spoolsv.exe

C:\windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\jmesoft\Service.exe

C:\windows\system32\Dwm.exe

C:\windows\system32\taskhost.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

C:\windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\jmesoft\hotkey.exe

C:\Windows\OEM03Mon.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\jmesoft\JME_LOAD.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\windows\system32\SearchIndexer.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\windows\System32\svchost.exe -k LocalServicePeerNet

C:\windows\system32\DllHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe

"C:\windows\SysWOW64\svchost.exe" -k LocalServiceDns

C:\windows\system32\DllHost.exe

C:\windows\system32\DllHost.exe

C:\windows\SysWOW64\cmd.exe

C:\windows\system32\conhost.exe

C:\windows\SysWOW64\cscript.exe

C:\windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = https://isearch.avg.com/?cid={E9F22487-A04A-48EE-89A6-04A43444195A}&mid=898f63d7ce5b47d0a49fc131940872c9-4b9aeb43c1ee64cf03a2725ae36b83e145c9ca7b〈=en&ds=qw011&pr=sa&d=2012-07-27 20:08:48&v=12.1.0.21&sap=hp

uSearch Bar = Preserve

mStart Page = hxxp://lenovo.msn.com

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [Microsoft] rundll32.exe "C:\Users\Barriuso\AppData\Local\Mozilla\Microsoft\vrbumvlxt.dll",DllRegisterServerW

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

mRun: [jmekey] C:\windows\jmesoft\hotkey.exe

mRun: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe

mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun: [OEM03Mon.exe] C:\windows\OEM03Mon.exe

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

StartupFolder: C:\Users\Barriuso\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\Dropbox.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~4\OFFICE11\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

LSP: mswsock.dll

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.2.1

TCP: Interfaces\{25686D41-58DF-42D0-87AB-30552F694AFE} : DhcpNameServer = 192.168.2.1

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

BHO-X64: Yontoo Layers - No File

TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\12.2.5.32\AVG Secure Search_toolbar.dll

mRun-x64: [jmekey] C:\windows\jmesoft\hotkey.exe

mRun-x64: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe

mRun-x64: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"

mRun-x64: [OEM03Mon.exe] C:\windows\OEM03Mon.exe

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

mRun-x64: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Hosts: 64.46.36.178 www.google-analytics.com.

Hosts: 64.46.36.178 ad-emea.doubleclick.net.

Hosts: 64.46.36.178 www.statcounter.com.

Hosts: 64.27.10.42 www.google-analytics.com.

Hosts: 64.27.10.42 ad-emea.doubleclick.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/

FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7Bf518e4a4-7a99-4e8d-8667-afd856490856%7D&mid=898f63d7ce5b47d0a49fc131940872c9-4b9aeb43c1ee64cf03a2725ae36b83e145c9ca7b&ds=qw011&v=12.2.5.32〈=en&pr=sa&d=2012-07-27%2020%3A08%3A48&sap=ku&q=

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.6\npsitesafety.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll

FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: general.useragent.extra.brc -

FF - user.js: extentions.y2layers.installId - 3a7be33e-98cf-4e8c-8ae6-ed6a46b76f36

FF - user.js: extentions.y2layers.defaultEnableAppsList - bestvideodownloader

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]

R1 avgtp;avgtp;\??\C:\windows\system32\drivers\avgtpx64.sys --> C:\windows\system32\drivers\avgtpx64.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]

R2 JME Keyboard;JME Keyboard Driver;C:\Windows\jmesoft\Service.exe [2011-6-10 32768]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-9-16 1153368]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-10 2655768]

R2 vToolbarUpdater12.2.6;vToolbarUpdater12.2.6;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe [2012-9-4 722528]

R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]

R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]

R3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.;\??\C:\windows\system32\Drivers\OEM03Afx.sys --> C:\windows\system32\Drivers\OEM03Afx.sys [?]

R3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver;C:\windows\system32\DRIVERS\OEM03Vfx.sys --> C:\windows\system32\DRIVERS\OEM03Vfx.sys [?]

R3 OEM03Vid;Creative Camera OEM003 Driver;C:\windows\system32\DRIVERS\OEM03Vid.sys --> C:\windows\system32\DRIVERS\OEM03Vid.sys [?]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-7 250056]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-7 114144]

S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]

S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]

S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

.

=============== Created Last 30 ================

.

2012-09-16 19:33:21 95208 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-16 17:21:54 -------- d-sh--w- C:\windows\SysWow64\%APPDATA%

2012-09-16 14:17:15 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy

2012-09-16 14:17:15 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy

2012-09-16 06:20:13 9310152 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{738174F9-8CB0-4117-85B3-3581F1E13198}\mpengine.dll

2012-09-15 19:47:42 -------- d-----w- C:\Users\Barriuso\AppData\Local\{B1686BAC-817F-4043-ABBA-E738A0232779}

2012-09-15 00:38:15 9310152 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-12 09:27:04 950128 ----a-w- C:\windows\System32\drivers\ndis.sys

2012-09-12 09:27:04 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys

2012-09-12 09:27:01 574464 ----a-w- C:\windows\System32\d3d10level9.dll

2012-09-12 09:27:01 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll

2012-09-12 09:27:00 376688 ----a-w- C:\windows\System32\drivers\netio.sys

2012-09-12 09:27:00 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS

2012-09-12 09:27:00 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys

2012-09-11 23:41:51 -------- d-----w- C:\desktop

2012-09-11 12:28:19 -------- d-----w- C:\Users\Barriuso\AppData\Roaming\Malwarebytes

2012-09-09 20:15:27 73696 ----a-w- C:\Program Files (x86)\Mozilla Firefox\breakpadinjector.dll

2012-08-18 14:50:58 -------- d-----w- C:\Users\Barriuso\dwhelper

.

==================== Find3M ====================

.

2012-09-16 19:33:18 821736 ----a-w- C:\windows\SysWow64\npDeployJava1.dll

2012-09-16 19:33:18 746984 ----a-w- C:\windows\SysWow64\deployJava1.dll

2012-09-07 21:04:46 25928 ----a-w- C:\windows\System32\drivers\mbam.sys

2012-09-04 04:07:06 31080 ----a-w- C:\windows\System32\drivers\avgtpx64.sys

2012-08-15 03:39:28 70344 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-15 03:39:28 426184 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe

2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys

2012-07-04 22:13:27 59392 ----a-w- C:\windows\System32\browcli.dll

2012-07-04 22:13:27 136704 ----a-w- C:\windows\System32\browser.dll

2012-07-04 21:14:34 41984 ----a-w- C:\windows\SysWow64\browcli.dll

2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll

2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll

2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl

2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe

2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb

2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll

2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll

2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl

2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe

2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb

2012-06-25 20:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll

.

============= FINISH: 16:06:20.55 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 4/6/2012 7:40:06 PM

System Uptime: 9/16/2012 11:07:49 AM (5 hours ago)

.

Motherboard: LENOVO | | To be filled by O.E.M.

Processor: Intel® Core i3-2100 CPU @ 3.10GHz | CPU 1 | 3100/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 906 GiB total, 806.394 GiB free.

D: is CDROM ()

E: is FIXED (FAT32) - 931 GiB total, 740.651 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP25: 9/16/2012 11:48:03 AM - Before Recommend for you

RP26: 9/16/2012 3:32:30 PM - Installed Java 7 Update 7

.

==== Hosts File Hijack ======================

.

Hosts: 64.46.36.178 www.google-analytics.com.

Hosts: 64.46.36.178 ad-emea.doubleclick.net.

Hosts: 64.46.36.178 www.statcounter.com.

Hosts: 64.27.10.42 www.google-analytics.com.

Hosts: 64.27.10.42 ad-emea.doubleclick.net.

Hosts: 64.27.10.42 www.statcounter.com.

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Adobe Shockwave Player 11.6

Anki

Any Video Converter 3.4.0

Apple Application Support

Apple Software Update

AVG Security Toolbar

Best Buy pc app

Compatibility Pack for the 2007 Office system

D3DX10

Dropbox

Intel® Control Center

Intel® Management Engine Components

Intel® Processor Graphics

Java 7 Update 7

Java Auto Updater

JavaFX 2.1.1

Junk Mail filter update

Lenovo Driver and Application Installation

Lenovo Rescue System

Lenovo Tinian Fn PS/2 Keyboard Driver

LVT

Malwarebytes Anti-Malware version 1.65.0.1400

Mesh Runtime

Microsoft Office Access Runtime (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Professional Edition 2003

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mozilla Firefox 15.0.1 (x86 en-US)

Mozilla Maintenance Service

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP3 Parser (KB2721691)

MSXML 4.0 SP3 Parser (KB973685)

QuickTime

Realtek High Definition Audio Driver

Realtek USB 2.0 Card Reader

Revo Uninstaller 1.93

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Spybot - Search & Destroy

swMSM

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

VitalSource Bookshelf

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Mesh

Windows Live Mesh ActiveX Control for Remote Connections

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

.

==== Event Viewer Messages From Past Week ========

.

9/9/2012 8:58:37 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

.

==== End Of File ===========================

Hope i did that right.

Link to post
Share on other sites

Good! :)

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

Please uninstall this application: AVG Security Toolbar

Step 3

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 4

Please download AdwCleaner from here and save it on your Desktop.

  1. Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  2. Now click on the Search tab.
  3. Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.

Step 5

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan

aswMBR2-1.gif

On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR2.png

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • AdwCleaner log
  • aswMBR log

Link to post
Share on other sites

Here you go Maniac,

Malwarebytes Anti-Malware 1.65.0.1400

www.malwarebytes.org

Database version: v2012.09.16.11

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Barriuso :: BARRIUSO-PC [administrator]

9/16/2012 4:44:28 PM

mbam-log-2012-09-16 (16-44-28).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 197179

Time elapsed: 1 minute(s), 12 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 5

C:\$RECYCLE.BIN\S-1-5-18\$9bba633349319e77c75c97b19bacf14e\n (Trojan.0Access) -> Delete on reboot.

C:\$RECYCLE.BIN\S-1-5-21-1492407307-451252259-150901861-1002\$9bba633349319e77c75c97b19bacf14e\n (Trojan.0Access) -> Quarantined and deleted successfully.

C:\Users\Barriuso\AppData\Local\Temp\0.4261389004471374 (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Users\Barriuso\AppData\Local\Temp\0.8290973427203117 (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Users\Barriuso\AppData\Local\Temp\0.9247958595141051 (Exploit.Drop.9) -> Quarantined and deleted successfully.

(end)

# AdwCleaner v2.002 - Logfile created 09/16/2012 at 16:52:43

# Updated 16/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Barriuso - BARRIUSO-PC

# Boot Mode : Normal

# Running from : C:\Users\Barriuso\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Found : C:\Users\Barriuso\AppData\Local\Temp\Uninstall.exe

Folder Found : C:\ProgramData\InstallMate

Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave

Folder Found : C:\ProgramData\Premium

Folder Found : C:\ProgramData\Tarma Installer

Folder Found : C:\Users\Barriuso\AppData\LocalLow\DownloadnSave

Folder Found : C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho

Key Found : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Found : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Found : HKLM\SOFTWARE\Tarma Installer

Key Found : HKU\S-1-5-21-1492407307-451252259-150901861-1002\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={E9F22487-A04A-48EE-89A6-04A43444195A}&mid=898f63d7ce5b47d0a49fc131940872c9-4b9aeb43c1ee64cf03a2725ae36b83e145c9ca7b〈=en&ds=qw011&pr=sa&d=2012-07-27 20:08:48&v=12.1.0.21&sap=hp

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default

File : C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\prefs.js

Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Found : user_pref("extensions.4fd9c54e0dc48.scode", "(function(){var bdomains={\"premiumreports.info\":1,\"d[...]

Found : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7Bf518e4a4-7a99-4e8d-8667-afd856490856[...]

*************************

AdwCleaner[R1].txt - [5529 octets] - [16/09/2012 16:52:43]

########## EOF - C:\AdwCleaner[R1].txt - [5589 octets] ##########

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-09-16 16:54:01

-----------------------------

16:54:01.584 OS Version: Windows x64 6.1.7601 Service Pack 1

16:54:01.584 Number of processors: 4 586 0x2A07

16:54:01.584 ComputerName: BARRIUSO-PC UserName: Barriuso

16:54:06.495 Initialize success

16:54:28.224 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0

16:54:28.224 Disk 0 Vendor: ST31000528AS CC6B Size: 953869MB BusType: 11

16:54:28.234 Disk 0 MBR read successfully

16:54:28.234 Disk 0 MBR scan

16:54:28.244 Disk 0 Windows 7 default MBR code

16:54:28.254 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048

16:54:28.264 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848

16:54:28.294 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312

16:54:28.334 Disk 0 scanning C:\windows\system32\drivers

16:54:34.292 Service scanning

16:54:46.566 Modules scanning

16:54:46.566 Disk 0 trace - called modules:

16:54:46.586 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys

16:54:46.586 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007db7060]

16:54:46.916 3 CLASSPNP.SYS[fffff8800199743f] -> nt!IofCallDriver -> [0xfffffa800776d520]

16:54:46.916 5 ACPI.sys[fffff88000f6d7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80077321f0]

16:54:46.926 Scan finished successfully

16:55:10.045 Disk 0 MBR has been saved successfully to "C:\Users\Barriuso\Desktop\MBR.dat"

16:55:10.045 The log file has been saved successfully to "C:\Users\Barriuso\Desktop\aswMBR.txt"

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

Step 1

  1. Please re-run AdwCleaner
  2. Click on Delete button.
  3. Confirm each time with OK.
  4. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number.

Step 2

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

I think i will go ahead and clean the system. But afterwards will take your advice and reformat.

Not necessarily sure how i can go about doing that, but i am sure the links you provided will be enough to guide me along the process.

# AdwCleaner v2.002 - Logfile created 09/17/2012 at 05:50:33

# Updated 16/09/2012 by Xplode

# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)

# User : Barriuso - BARRIUSO-PC

# Boot Mode : Normal

# Running from : C:\Users\Barriuso\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Deleted : C:\Users\Barriuso\AppData\Local\Temp\Uninstall.exe

Folder Deleted : C:\ProgramData\InstallMate

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave

Folder Deleted : C:\ProgramData\Premium

Folder Deleted : C:\ProgramData\Tarma Installer

Folder Deleted : C:\Users\Barriuso\AppData\LocalLow\DownloadnSave

Folder Deleted : C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\extensions\plugin@yontoo.com

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho

Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Key Deleted : HKLM\SOFTWARE\Tarma Installer

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxps://isearch.avg.com/?cid={E9F22487-A04A-48EE-89A6-04A43444195A}&mid=898f63d7ce5b47d0a49fc131940872c9-4b9aeb43c1ee64cf03a2725ae36b83e145c9ca7b〈=en&ds=qw011&pr=sa&d=2012-07-27 20:08:48&v=12.1.0.21&sap=hp --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default

File : C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\prefs.js

C:\Users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("extensions.4fd9c54e0dc48.scode", "(function(){var bdomains={\"premiumreports.info\":1,\"d[...]

Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7Bf518e4a4-7a99-4e8d-8667-afd856490856[...]

*************************

AdwCleaner[R1].txt - [5640 octets] - [16/09/2012 16:52:43]

AdwCleaner[s1].txt - [6136 octets] - [17/09/2012 05:50:33]

########## EOF - C:\AdwCleaner[s1].txt - [6196 octets] ##########

Link to post
Share on other sites

05:57:20.0602 2168 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48

05:57:22.0926 2168 ============================================================

05:57:22.0926 2168 Current date / time: 2012/09/17 05:57:22.0926

05:57:22.0926 2168 SystemInfo:

05:57:22.0926 2168

05:57:22.0926 2168 OS Version: 6.1.7601 ServicePack: 1.0

05:57:22.0926 2168 Product type: Workstation

05:57:22.0926 2168 ComputerName: BARRIUSO-PC

05:57:22.0926 2168 UserName: Barriuso

05:57:22.0926 2168 Windows directory: C:\windows

05:57:22.0926 2168 System windows directory: C:\windows

05:57:22.0926 2168 Running under WOW64

05:57:22.0926 2168 Processor architecture: Intel x64

05:57:22.0926 2168 Number of processors: 4

05:57:22.0926 2168 Page size: 0x1000

05:57:22.0926 2168 Boot type: Normal boot

05:57:22.0926 2168 ============================================================

05:57:24.0252 2168 BG loaded

05:57:24.0835 2168 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

05:57:24.0835 2168 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x3A72A, SectorsPerTrack: 0x20, TracksPerCylinder: 0xFF, Type 'W'

05:57:24.0835 2168 ============================================================

05:57:24.0835 2168 \Device\Harddisk0\DR0:

05:57:24.0835 2168 MBR partitions:

05:57:24.0835 2168 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

05:57:24.0835 2168 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x714AE800

05:57:24.0835 2168 \Device\Harddisk1\DR1:

05:57:24.0845 2168 MBR partitions:

05:57:24.0845 2168 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x74706D71

05:57:24.0845 2168 ============================================================

05:57:24.0875 2168 C: <-> \Device\Harddisk0\DR0\Partition2

05:57:24.0875 2168 E: <-> \Device\Harddisk1\DR1\Partition1

05:57:24.0875 2168 ============================================================

05:57:24.0875 2168 Initialize success

05:57:24.0875 2168 ============================================================

05:58:34.0382 3696 ============================================================

05:58:34.0382 3696 Scan started

05:58:34.0382 3696 Mode: Manual; SigCheck; TDLFS;

05:58:34.0382 3696 ============================================================

05:58:36.0207 3696 ================ Scan system memory ========================

05:58:36.0207 3696 System memory - ok

05:58:36.0207 3696 ================ Scan services =============================

05:58:36.0317 3696 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

05:58:36.0379 3696 1394ohci - ok

05:58:36.0395 3696 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys

05:58:36.0410 3696 ACPI - ok

05:58:36.0426 3696 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

05:58:36.0457 3696 AcpiPmi - ok

05:58:36.0519 3696 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

05:58:36.0519 3696 AdobeARMservice - ok

05:58:36.0613 3696 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

05:58:36.0629 3696 AdobeFlashPlayerUpdateSvc - ok

05:58:36.0660 3696 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

05:58:36.0675 3696 adp94xx - ok

05:58:36.0691 3696 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys

05:58:36.0707 3696 adpahci - ok

05:58:36.0722 3696 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys

05:58:36.0738 3696 adpu320 - ok

05:58:36.0769 3696 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

05:58:36.0847 3696 AeLookupSvc - ok

05:58:36.0878 3696 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys

05:58:36.0909 3696 AFD - ok

05:58:36.0925 3696 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys

05:58:36.0941 3696 agp440 - ok

05:58:36.0956 3696 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe

05:58:36.0987 3696 ALG - ok

05:58:37.0003 3696 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys

05:58:37.0019 3696 aliide - ok

05:58:37.0019 3696 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys

05:58:37.0034 3696 amdide - ok

05:58:37.0034 3696 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

05:58:37.0050 3696 AmdK8 - ok

05:58:37.0081 3696 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

05:58:37.0097 3696 AmdPPM - ok

05:58:37.0128 3696 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys

05:58:37.0143 3696 amdsata - ok

05:58:37.0159 3696 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys

05:58:37.0175 3696 amdsbs - ok

05:58:37.0190 3696 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys

05:58:37.0206 3696 amdxata - ok

05:58:37.0221 3696 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys

05:58:37.0315 3696 AppID - ok

05:58:37.0346 3696 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll

05:58:37.0393 3696 AppIDSvc - ok

05:58:37.0409 3696 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll

05:58:37.0440 3696 Appinfo - ok

05:58:37.0502 3696 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

05:58:37.0502 3696 Apple Mobile Device - ok

05:58:37.0518 3696 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys

05:58:37.0533 3696 arc - ok

05:58:37.0549 3696 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys

05:58:37.0549 3696 arcsas - ok

05:58:37.0580 3696 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

05:58:37.0627 3696 AsyncMac - ok

05:58:37.0658 3696 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys

05:58:37.0658 3696 atapi - ok

05:58:37.0767 3696 [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag C:\windows\system32\DRIVERS\atikmdag.sys

05:58:37.0892 3696 atikmdag - ok

05:58:37.0923 3696 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

05:58:37.0955 3696 AudioEndpointBuilder - ok

05:58:37.0955 3696 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll

05:58:37.0986 3696 AudioSrv - ok

05:58:38.0017 3696 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll

05:58:38.0095 3696 AxInstSV - ok

05:58:38.0126 3696 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

05:58:38.0157 3696 b06bdrv - ok

05:58:38.0173 3696 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

05:58:38.0204 3696 b57nd60a - ok

05:58:38.0220 3696 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll

05:58:38.0251 3696 BDESVC - ok

05:58:38.0251 3696 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys

05:58:38.0313 3696 Beep - ok

05:58:38.0313 3696 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys

05:58:38.0329 3696 blbdrive - ok

05:58:38.0391 3696 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

05:58:38.0407 3696 Bonjour Service - ok

05:58:38.0423 3696 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys

05:58:38.0454 3696 bowser - ok

05:58:38.0469 3696 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

05:58:38.0485 3696 BrFiltLo - ok

05:58:38.0501 3696 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

05:58:38.0516 3696 BrFiltUp - ok

05:58:38.0532 3696 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll

05:58:38.0547 3696 Browser - ok

05:58:38.0563 3696 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys

05:58:38.0610 3696 Brserid - ok

05:58:38.0625 3696 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

05:58:38.0641 3696 BrSerWdm - ok

05:58:38.0657 3696 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

05:58:38.0672 3696 BrUsbMdm - ok

05:58:38.0688 3696 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

05:58:38.0703 3696 BrUsbSer - ok

05:58:38.0719 3696 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

05:58:38.0735 3696 BTHMODEM - ok

05:58:38.0766 3696 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll

05:58:38.0813 3696 bthserv - ok

05:58:38.0844 3696 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

05:58:38.0859 3696 cdfs - ok

05:58:38.0891 3696 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

05:58:38.0922 3696 cdrom - ok

05:58:38.0937 3696 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll

05:58:38.0984 3696 CertPropSvc - ok

05:58:38.0984 3696 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys

05:58:39.0000 3696 circlass - ok

05:58:39.0015 3696 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys

05:58:39.0031 3696 CLFS - ok

05:58:39.0062 3696 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

05:58:39.0062 3696 clr_optimization_v2.0.50727_32 - ok

05:58:39.0109 3696 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

05:58:39.0109 3696 clr_optimization_v2.0.50727_64 - ok

05:58:39.0171 3696 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

05:58:39.0234 3696 clr_optimization_v4.0.30319_32 - ok

05:58:39.0265 3696 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

05:58:39.0265 3696 clr_optimization_v4.0.30319_64 - ok

05:58:39.0281 3696 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys

05:58:39.0296 3696 CmBatt - ok

05:58:39.0327 3696 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys

05:58:39.0327 3696 cmdide - ok

05:58:39.0359 3696 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys

05:58:39.0374 3696 CNG - ok

05:58:39.0390 3696 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys

05:58:39.0390 3696 Compbatt - ok

05:58:39.0405 3696 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys

05:58:39.0421 3696 CompositeBus - ok

05:58:39.0421 3696 COMSysApp - ok

05:58:39.0437 3696 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

05:58:39.0452 3696 crcdisk - ok

05:58:39.0468 3696 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll

05:58:39.0515 3696 CryptSvc - ok

05:58:39.0530 3696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll

05:58:39.0577 3696 DcomLaunch - ok

05:58:39.0593 3696 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll

05:58:39.0624 3696 defragsvc - ok

05:58:39.0624 3696 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys

05:58:39.0671 3696 DfsC - ok

05:58:39.0686 3696 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll

05:58:39.0717 3696 Dhcp - ok

05:58:39.0717 3696 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys

05:58:39.0764 3696 discache - ok

05:58:39.0780 3696 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys

05:58:39.0795 3696 Disk - ok

05:58:39.0811 3696 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll

05:58:39.0842 3696 Dnscache - ok

05:58:39.0858 3696 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll

05:58:39.0873 3696 dot3svc - ok

05:58:39.0905 3696 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll

05:58:39.0936 3696 DPS - ok

05:58:39.0951 3696 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

05:58:39.0983 3696 drmkaud - ok

05:58:39.0998 3696 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

05:58:40.0014 3696 DXGKrnl - ok

05:58:40.0045 3696 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] e1cexpress C:\windows\system32\DRIVERS\e1c62x64.sys

05:58:40.0061 3696 e1cexpress - ok

05:58:40.0061 3696 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll

05:58:40.0092 3696 EapHost - ok

05:58:40.0154 3696 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys

05:58:40.0232 3696 ebdrv - ok

05:58:40.0248 3696 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe

05:58:40.0279 3696 EFS - ok

05:58:40.0310 3696 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe

05:58:40.0341 3696 ehRecvr - ok

05:58:40.0341 3696 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe

05:58:40.0357 3696 ehSched - ok

05:58:40.0373 3696 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys

05:58:40.0388 3696 elxstor - ok

05:58:40.0404 3696 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys

05:58:40.0419 3696 ErrDev - ok

05:58:40.0435 3696 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll

05:58:40.0466 3696 EventSystem - ok

05:58:40.0482 3696 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys

05:58:40.0513 3696 exfat - ok

05:58:40.0529 3696 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys

05:58:40.0544 3696 fastfat - ok

05:58:40.0575 3696 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe

05:58:40.0607 3696 Fax - ok

05:58:40.0622 3696 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys

05:58:40.0638 3696 fdc - ok

05:58:40.0638 3696 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll

05:58:40.0669 3696 fdPHost - ok

05:58:40.0669 3696 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll

05:58:40.0700 3696 FDResPub - ok

05:58:40.0700 3696 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

05:58:40.0716 3696 FileInfo - ok

05:58:40.0716 3696 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys

05:58:40.0763 3696 Filetrace - ok

05:58:40.0778 3696 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys

05:58:40.0778 3696 flpydisk - ok

05:58:40.0794 3696 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

05:58:40.0809 3696 FltMgr - ok

05:58:40.0825 3696 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll

05:58:40.0872 3696 FontCache - ok

05:58:40.0903 3696 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

05:58:40.0919 3696 FontCache3.0.0.0 - ok

05:58:40.0919 3696 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys

05:58:40.0934 3696 FsDepends - ok

05:58:40.0950 3696 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

05:58:40.0965 3696 Fs_Rec - ok

05:58:40.0981 3696 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

05:58:40.0997 3696 fvevol - ok

05:58:41.0012 3696 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

05:58:41.0012 3696 gagp30kx - ok

05:58:41.0043 3696 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys

05:58:41.0043 3696 GEARAspiWDM - ok

05:58:41.0059 3696 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll

05:58:41.0090 3696 gpsvc - ok

05:58:41.0106 3696 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

05:58:41.0137 3696 hcw85cir - ok

05:58:41.0153 3696 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

05:58:41.0168 3696 HdAudAddService - ok

05:58:41.0199 3696 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys

05:58:41.0215 3696 HDAudBus - ok

05:58:41.0231 3696 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys

05:58:41.0246 3696 HidBatt - ok

05:58:41.0262 3696 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys

05:58:41.0277 3696 HidBth - ok

05:58:41.0277 3696 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys

05:58:41.0293 3696 HidIr - ok

05:58:41.0309 3696 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll

05:58:41.0340 3696 hidserv - ok

05:58:41.0371 3696 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

05:58:41.0371 3696 HidUsb - ok

05:58:41.0387 3696 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll

05:58:41.0449 3696 hkmsvc - ok

05:58:41.0465 3696 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

05:58:41.0480 3696 HomeGroupListener - ok

05:58:41.0496 3696 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

05:58:41.0511 3696 HomeGroupProvider - ok

05:58:41.0527 3696 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

05:58:41.0527 3696 HpSAMD - ok

05:58:41.0558 3696 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys

05:58:41.0589 3696 HTTP - ok

05:58:41.0605 3696 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

05:58:41.0621 3696 hwpolicy - ok

05:58:41.0636 3696 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys

05:58:41.0636 3696 i8042prt - ok

05:58:41.0667 3696 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

05:58:41.0683 3696 iaStorV - ok

05:58:41.0714 3696 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

05:58:41.0730 3696 idsvc - ok

05:58:41.0917 3696 [ 5A3D48DE22390A270FE8786ECA07D7FF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

05:58:42.0042 3696 igfx - ok

05:58:42.0057 3696 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys

05:58:42.0073 3696 iirsp - ok

05:58:42.0104 3696 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

05:58:42.0151 3696 IKEEXT - ok

05:58:42.0229 3696 [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

05:58:42.0260 3696 IntcAzAudAddService - ok

05:58:42.0291 3696 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

05:58:42.0307 3696 IntcDAud - ok

05:58:42.0323 3696 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys

05:58:42.0323 3696 intelide - ok

05:58:42.0354 3696 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

05:58:42.0369 3696 intelppm - ok

05:58:42.0385 3696 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll

05:58:42.0416 3696 IPBusEnum - ok

05:58:42.0432 3696 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

05:58:42.0447 3696 IpFilterDriver - ok

05:58:42.0447 3696 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

05:58:42.0463 3696 IPMIDRV - ok

05:58:42.0479 3696 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys

05:58:42.0510 3696 IPNAT - ok

05:58:42.0557 3696 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

05:58:42.0572 3696 iPod Service - ok

05:58:42.0588 3696 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys

05:58:42.0603 3696 IRENUM - ok

05:58:42.0619 3696 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys

05:58:42.0619 3696 isapnp - ok

05:58:42.0635 3696 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

05:58:42.0650 3696 iScsiPrt - ok

05:58:42.0697 3696 [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] JME Keyboard C:\Windows\jmesoft\Service.exe

05:58:42.0697 3696 JME Keyboard ( UnsignedFile.Multi.Generic ) - warning

05:58:42.0697 3696 JME Keyboard - detected UnsignedFile.Multi.Generic (1)

05:58:42.0713 3696 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

05:58:42.0728 3696 kbdclass - ok

05:58:42.0744 3696 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

05:58:42.0744 3696 kbdhid - ok

05:58:42.0759 3696 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe

05:58:42.0775 3696 KeyIso - ok

05:58:42.0806 3696 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

05:58:42.0806 3696 KSecDD - ok

05:58:42.0822 3696 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

05:58:42.0822 3696 KSecPkg - ok

05:58:42.0837 3696 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

05:58:42.0869 3696 ksthunk - ok

05:58:42.0915 3696 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll

05:58:42.0947 3696 KtmRm - ok

05:58:42.0978 3696 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll

05:58:43.0009 3696 LanmanServer - ok

05:58:43.0040 3696 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

05:58:43.0103 3696 LanmanWorkstation - ok

05:58:43.0118 3696 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

05:58:43.0149 3696 lltdio - ok

05:58:43.0165 3696 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll

05:58:43.0196 3696 lltdsvc - ok

05:58:43.0212 3696 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll

05:58:43.0227 3696 lmhosts - ok

05:58:43.0290 3696 [ 926EBA26A8B49D1597751CED06B50862 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

05:58:43.0305 3696 LMS - ok

05:58:43.0321 3696 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

05:58:43.0337 3696 LSI_FC - ok

05:58:43.0352 3696 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

05:58:43.0352 3696 LSI_SAS - ok

05:58:43.0368 3696 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

05:58:43.0368 3696 LSI_SAS2 - ok

05:58:43.0383 3696 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

05:58:43.0399 3696 LSI_SCSI - ok

05:58:43.0415 3696 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys

05:58:43.0461 3696 luafv - ok

05:58:43.0477 3696 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

05:58:43.0477 3696 Mcx2Svc - ok

05:58:43.0493 3696 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys

05:58:43.0508 3696 megasas - ok

05:58:43.0508 3696 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

05:58:43.0524 3696 MegaSR - ok

05:58:43.0539 3696 [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

05:58:43.0539 3696 MEIx64 - ok

05:58:43.0555 3696 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll

05:58:43.0586 3696 MMCSS - ok

05:58:43.0586 3696 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys

05:58:43.0617 3696 Modem - ok

05:58:43.0649 3696 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys

05:58:43.0664 3696 monitor - ok

05:58:43.0664 3696 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

05:58:43.0680 3696 mouclass - ok

05:58:43.0695 3696 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

05:58:43.0711 3696 mouhid - ok

05:58:43.0742 3696 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys

05:58:43.0742 3696 mountmgr - ok

05:58:43.0789 3696 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

05:58:43.0805 3696 MozillaMaintenance - ok

05:58:43.0836 3696 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys

05:58:43.0851 3696 MpFilter - ok

05:58:43.0867 3696 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys

05:58:43.0883 3696 mpio - ok

05:58:43.0883 3696 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

05:58:43.0898 3696 mpsdrv - ok

05:58:43.0914 3696 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

05:58:43.0929 3696 MRxDAV - ok

05:58:43.0961 3696 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

05:58:43.0992 3696 mrxsmb - ok

05:58:44.0007 3696 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

05:58:44.0023 3696 mrxsmb10 - ok

05:58:44.0039 3696 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

05:58:44.0039 3696 mrxsmb20 - ok

05:58:44.0039 3696 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys

05:58:44.0054 3696 msahci - ok

05:58:44.0070 3696 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys

05:58:44.0070 3696 msdsm - ok

05:58:44.0101 3696 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe

05:58:44.0117 3696 MSDTC - ok

05:58:44.0132 3696 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys

05:58:44.0163 3696 Msfs - ok

05:58:44.0163 3696 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

05:58:44.0195 3696 mshidkmdf - ok

05:58:44.0195 3696 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys

05:58:44.0195 3696 msisadrv - ok

05:58:44.0226 3696 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll

05:58:44.0273 3696 MSiSCSI - ok

05:58:44.0273 3696 msiserver - ok

05:58:44.0288 3696 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

05:58:44.0335 3696 MSKSSRV - ok

05:58:44.0351 3696 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

05:58:44.0382 3696 MSPCLOCK - ok

05:58:44.0397 3696 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

05:58:44.0429 3696 MSPQM - ok

05:58:44.0444 3696 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys

05:58:44.0460 3696 MsRPC - ok

05:58:44.0460 3696 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys

05:58:44.0475 3696 mssmbios - ok

05:58:44.0491 3696 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

05:58:44.0538 3696 MSTEE - ok

05:58:44.0538 3696 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys

05:58:44.0553 3696 MTConfig - ok

05:58:44.0553 3696 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys

05:58:44.0569 3696 Mup - ok

05:58:44.0585 3696 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll

05:58:44.0616 3696 napagent - ok

05:58:44.0631 3696 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

05:58:44.0647 3696 NativeWifiP - ok

05:58:44.0709 3696 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys

05:58:44.0741 3696 NDIS - ok

05:58:44.0756 3696 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

05:58:44.0787 3696 NdisCap - ok

05:58:44.0803 3696 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

05:58:44.0819 3696 NdisTapi - ok

05:58:44.0834 3696 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

05:58:44.0850 3696 Ndisuio - ok

05:58:44.0865 3696 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

05:58:44.0897 3696 NdisWan - ok

05:58:44.0912 3696 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

05:58:44.0928 3696 NDProxy - ok

05:58:44.0943 3696 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

05:58:44.0975 3696 NetBIOS - ok

05:58:44.0990 3696 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

05:58:45.0021 3696 NetBT - ok

05:58:45.0021 3696 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe

05:58:45.0021 3696 Netlogon - ok

05:58:45.0037 3696 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll

05:58:45.0084 3696 Netman - ok

05:58:45.0084 3696 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll

05:58:45.0131 3696 netprofm - ok

05:58:45.0146 3696 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

05:58:45.0162 3696 NetTcpPortSharing - ok

05:58:45.0177 3696 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

05:58:45.0177 3696 nfrd960 - ok

05:58:45.0193 3696 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys

05:58:45.0209 3696 NisDrv - ok

05:58:45.0240 3696 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe

05:58:45.0271 3696 NisSrv - ok

05:58:45.0287 3696 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll

05:58:45.0318 3696 NlaSvc - ok

05:58:45.0333 3696 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys

05:58:45.0349 3696 Npfs - ok

05:58:45.0365 3696 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll

05:58:45.0396 3696 nsi - ok

05:58:45.0411 3696 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

05:58:45.0427 3696 nsiproxy - ok

05:58:45.0489 3696 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

05:58:45.0552 3696 Ntfs - ok

05:58:45.0567 3696 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys

05:58:45.0599 3696 Null - ok

05:58:45.0630 3696 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys

05:58:45.0630 3696 nvraid - ok

05:58:45.0645 3696 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys

05:58:45.0661 3696 nvstor - ok

05:58:45.0677 3696 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

05:58:45.0692 3696 nv_agp - ok

05:58:45.0723 3696 [ E52479B03A57DC3D4BABD9C5536C94D6 ] OEM03Afx C:\windows\system32\Drivers\OEM03Afx.sys

05:58:45.0739 3696 OEM03Afx - ok

05:58:45.0755 3696 [ 766F689564BC30E5A91F8621CE65AD68 ] OEM03Vfx C:\windows\system32\DRIVERS\OEM03Vfx.sys

05:58:45.0770 3696 OEM03Vfx - ok

05:58:45.0817 3696 [ 629E3B4EFEE35FCCE8C6B78DD3FB9044 ] OEM03Vid C:\windows\system32\DRIVERS\OEM03Vid.sys

05:58:45.0833 3696 OEM03Vid - ok

05:58:45.0848 3696 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

05:58:45.0864 3696 ohci1394 - ok

05:58:45.0926 3696 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

05:58:45.0942 3696 ose - ok

05:58:45.0973 3696 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll

05:58:45.0989 3696 p2pimsvc - ok

05:58:46.0004 3696 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll

05:58:46.0020 3696 p2psvc - ok

05:58:46.0035 3696 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys

05:58:46.0051 3696 Parport - ok

05:58:46.0082 3696 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys

05:58:46.0082 3696 partmgr - ok

05:58:46.0098 3696 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll

05:58:46.0113 3696 PcaSvc - ok

05:58:46.0129 3696 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys

05:58:46.0129 3696 pci - ok

05:58:46.0145 3696 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys

05:58:46.0145 3696 pciide - ok

05:58:46.0160 3696 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys

05:58:46.0176 3696 pcmcia - ok

05:58:46.0191 3696 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys

05:58:46.0191 3696 pcw - ok

05:58:46.0207 3696 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys

05:58:46.0254 3696 PEAUTH - ok

05:58:46.0301 3696 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe

05:58:46.0332 3696 PerfHost - ok

05:58:46.0379 3696 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll

05:58:46.0425 3696 pla - ok

05:58:46.0457 3696 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll

05:58:46.0488 3696 PlugPlay - ok

05:58:46.0503 3696 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

05:58:46.0519 3696 PNRPAutoReg - ok

05:58:46.0535 3696 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll

05:58:46.0550 3696 PNRPsvc - ok

05:58:46.0566 3696 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

05:58:46.0613 3696 PolicyAgent - ok

05:58:46.0628 3696 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll

05:58:46.0659 3696 Power - ok

05:58:46.0691 3696 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

05:58:46.0737 3696 PptpMiniport - ok

05:58:46.0753 3696 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys

05:58:46.0753 3696 Processor - ok

05:58:46.0784 3696 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll

05:58:46.0784 3696 ProfSvc - ok

05:58:46.0800 3696 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

05:58:46.0815 3696 ProtectedStorage - ok

05:58:46.0831 3696 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys

05:58:46.0878 3696 Psched - ok

05:58:46.0909 3696 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys

05:58:46.0971 3696 ql2300 - ok

05:58:46.0987 3696 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys

05:58:46.0987 3696 ql40xx - ok

05:58:47.0003 3696 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll

05:58:47.0018 3696 QWAVE - ok

05:58:47.0034 3696 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

05:58:47.0034 3696 QWAVEdrv - ok

05:58:47.0049 3696 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

05:58:47.0081 3696 RasAcd - ok

05:58:47.0096 3696 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

05:58:47.0112 3696 RasAgileVpn - ok

05:58:47.0127 3696 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll

05:58:47.0143 3696 RasAuto - ok

05:58:47.0159 3696 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

05:58:47.0190 3696 Rasl2tp - ok

05:58:47.0205 3696 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll

05:58:47.0221 3696 RasMan - ok

05:58:47.0237 3696 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

05:58:47.0268 3696 RasPppoe - ok

05:58:47.0268 3696 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

05:58:47.0299 3696 RasSstp - ok

05:58:47.0299 3696 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

05:58:47.0330 3696 rdbss - ok

05:58:47.0346 3696 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys

05:58:47.0346 3696 rdpbus - ok

05:58:47.0361 3696 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

05:58:47.0393 3696 RDPCDD - ok

05:58:47.0408 3696 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

05:58:47.0439 3696 RDPENCDD - ok

05:58:47.0455 3696 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

05:58:47.0471 3696 RDPREFMP - ok

05:58:47.0502 3696 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

05:58:47.0533 3696 RDPWD - ok

05:58:47.0533 3696 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

05:58:47.0549 3696 rdyboost - ok

05:58:47.0580 3696 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll

05:58:47.0611 3696 RemoteAccess - ok

05:58:47.0611 3696 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll

05:58:47.0627 3696 RemoteRegistry - ok

05:58:47.0658 3696 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

05:58:47.0673 3696 RpcEptMapper - ok

05:58:47.0705 3696 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe

05:58:47.0705 3696 RpcLocator - ok

05:58:47.0720 3696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll

05:58:47.0751 3696 RpcSs - ok

05:58:47.0767 3696 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

05:58:47.0783 3696 rspndr - ok

05:58:47.0814 3696 [ 9BEB5F18A418FF70659CE2E356829568 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys

05:58:47.0814 3696 RSUSBSTOR - ok

05:58:47.0829 3696 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe

05:58:47.0829 3696 SamSs - ok

05:58:47.0845 3696 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys

05:58:47.0861 3696 sbp2port - ok

05:58:47.0939 3696 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

05:58:47.0985 3696 SBSDWSCService - ok

05:58:47.0985 3696 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll

05:58:48.0017 3696 SCardSvr - ok

05:58:48.0017 3696 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

05:58:48.0048 3696 scfilter - ok

05:58:48.0079 3696 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll

05:58:48.0110 3696 Schedule - ok

05:58:48.0141 3696 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll

05:58:48.0157 3696 SCPolicySvc - ok

05:58:48.0173 3696 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll

05:58:48.0188 3696 SDRSVC - ok

05:58:48.0188 3696 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

05:58:48.0219 3696 secdrv - ok

05:58:48.0235 3696 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll

05:58:48.0266 3696 seclogon - ok

05:58:48.0266 3696 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll

05:58:48.0297 3696 SENS - ok

05:58:48.0313 3696 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll

05:58:48.0313 3696 SensrSvc - ok

05:58:48.0329 3696 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys

05:58:48.0344 3696 Serenum - ok

05:58:48.0375 3696 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys

05:58:48.0375 3696 Serial - ok

05:58:48.0407 3696 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys

05:58:48.0422 3696 sermouse - ok

05:58:48.0422 3696 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll

05:58:48.0453 3696 SessionEnv - ok

05:58:48.0469 3696 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys

05:58:48.0485 3696 sffdisk - ok

05:58:48.0485 3696 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

05:58:48.0485 3696 sffp_mmc - ok

05:58:48.0500 3696 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

05:58:48.0516 3696 sffp_sd - ok

05:58:48.0516 3696 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

05:58:48.0531 3696 sfloppy - ok

05:58:48.0547 3696 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

05:58:48.0578 3696 ShellHWDetection - ok

05:58:48.0578 3696 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

05:58:48.0594 3696 SiSRaid2 - ok

05:58:48.0594 3696 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

05:58:48.0609 3696 SiSRaid4 - ok

05:58:48.0625 3696 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys

05:58:48.0641 3696 Smb - ok

05:58:48.0656 3696 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe

05:58:48.0672 3696 SNMPTRAP - ok

05:58:48.0672 3696 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys

05:58:48.0687 3696 spldr - ok

05:58:48.0703 3696 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe

05:58:48.0719 3696 Spooler - ok

05:58:48.0781 3696 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe

05:58:48.0875 3696 sppsvc - ok

05:58:48.0890 3696 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll

05:58:48.0921 3696 sppuinotify - ok

05:58:48.0937 3696 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys

05:58:48.0953 3696 srv - ok

05:58:48.0968 3696 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

05:58:48.0984 3696 srv2 - ok

05:58:48.0999 3696 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

05:58:49.0015 3696 srvnet - ok

05:58:49.0015 3696 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

05:58:49.0046 3696 SSDPSRV - ok

05:58:49.0046 3696 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll

05:58:49.0077 3696 SstpSvc - ok

05:58:49.0093 3696 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys

05:58:49.0093 3696 stexstor - ok

05:58:49.0124 3696 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll

05:58:49.0140 3696 stisvc - ok

05:58:49.0155 3696 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\DRIVERS\swenum.sys

05:58:49.0155 3696 swenum - ok

05:58:49.0187 3696 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll

05:58:49.0233 3696 swprv - ok

05:58:49.0280 3696 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll

05:58:49.0311 3696 SysMain - ok

05:58:49.0327 3696 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

05:58:49.0327 3696 TabletInputService - ok

05:58:49.0343 3696 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll

05:58:49.0374 3696 TapiSrv - ok

05:58:49.0389 3696 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll

05:58:49.0421 3696 TBS - ok

05:58:49.0483 3696 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\windows\system32\drivers\tcpip.sys

05:58:49.0545 3696 Tcpip - ok

05:58:49.0577 3696 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

05:58:49.0608 3696 TCPIP6 - ok

05:58:49.0623 3696 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

05:58:49.0655 3696 tcpipreg - ok

05:58:49.0670 3696 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

05:58:49.0686 3696 TDPIPE - ok

05:58:49.0701 3696 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

05:58:49.0717 3696 TDTCP - ok

05:58:49.0733 3696 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys

05:58:49.0748 3696 tdx - ok

05:58:49.0764 3696 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\DRIVERS\termdd.sys

05:58:49.0764 3696 TermDD - ok

05:58:49.0779 3696 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll

05:58:49.0826 3696 TermService - ok

05:58:49.0826 3696 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll

05:58:49.0842 3696 Themes - ok

05:58:49.0857 3696 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll

05:58:49.0873 3696 THREADORDER - ok

05:58:49.0873 3696 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll

05:58:49.0904 3696 TrkWks - ok

05:58:49.0951 3696 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

05:58:49.0998 3696 TrustedInstaller - ok

05:58:50.0013 3696 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

05:58:50.0045 3696 tssecsrv - ok

05:58:50.0045 3696 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

05:58:50.0060 3696 TsUsbFlt - ok

05:58:50.0060 3696 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

05:58:50.0076 3696 TsUsbGD - ok

05:58:50.0107 3696 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

05:58:50.0154 3696 tunnel - ok

05:58:50.0169 3696 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys

05:58:50.0169 3696 uagp35 - ok

05:58:50.0185 3696 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys

05:58:50.0216 3696 udfs - ok

05:58:50.0232 3696 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe

05:58:50.0247 3696 UI0Detect - ok

05:58:50.0263 3696 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

05:58:50.0279 3696 uliagpkx - ok

05:58:50.0294 3696 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys

05:58:50.0310 3696 umbus - ok

05:58:50.0325 3696 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys

05:58:50.0341 3696 UmPass - ok

05:58:50.0419 3696 [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

Link to post
Share on other sites

05:58:50.0497 3696 UNS - ok

05:58:50.0513 3696 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll

05:58:50.0544 3696 upnphost - ok

05:58:50.0591 3696 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys

05:58:50.0622 3696 USBAAPL64 - ok

05:58:50.0637 3696 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys

05:58:50.0653 3696 usbaudio - ok

05:58:50.0684 3696 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

05:58:50.0700 3696 usbccgp - ok

05:58:50.0715 3696 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys

05:58:50.0731 3696 usbcir - ok

05:58:50.0747 3696 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys

05:58:50.0762 3696 usbehci - ok

05:58:50.0778 3696 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys

05:58:50.0809 3696 usbhub - ok

05:58:50.0840 3696 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys

05:58:50.0856 3696 usbohci - ok

05:58:50.0871 3696 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

05:58:50.0903 3696 usbprint - ok

05:58:50.0918 3696 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

05:58:50.0934 3696 usbscan - ok

05:58:50.0965 3696 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

05:58:50.0996 3696 USBSTOR - ok

05:58:50.0996 3696 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys

05:58:51.0027 3696 usbuhci - ok

05:58:51.0027 3696 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys

05:58:51.0059 3696 usbvideo - ok

05:58:51.0074 3696 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll

05:58:51.0105 3696 UxSms - ok

05:58:51.0137 3696 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe

05:58:51.0137 3696 VaultSvc - ok

05:58:51.0137 3696 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

05:58:51.0152 3696 vdrvroot - ok

05:58:51.0168 3696 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe

05:58:51.0215 3696 vds - ok

05:58:51.0215 3696 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys

05:58:51.0230 3696 vga - ok

05:58:51.0246 3696 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys

05:58:51.0261 3696 VgaSave - ok

05:58:51.0277 3696 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys

05:58:51.0293 3696 vhdmp - ok

05:58:51.0293 3696 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys

05:58:51.0308 3696 viaide - ok

05:58:51.0308 3696 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys

05:58:51.0324 3696 volmgr - ok

05:58:51.0324 3696 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys

05:58:51.0339 3696 volmgrx - ok

05:58:51.0355 3696 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys

05:58:51.0355 3696 volsnap - ok

05:58:51.0386 3696 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

05:58:51.0386 3696 vsmraid - ok

05:58:51.0417 3696 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe

05:58:51.0480 3696 VSS - ok

05:58:51.0495 3696 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\System32\drivers\vwifibus.sys

05:58:51.0511 3696 vwifibus - ok

05:58:51.0527 3696 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll

05:58:51.0558 3696 W32Time - ok

05:58:51.0558 3696 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys

05:58:51.0573 3696 WacomPen - ok

05:58:51.0589 3696 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

05:58:51.0620 3696 WANARP - ok

05:58:51.0636 3696 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

05:58:51.0651 3696 Wanarpv6 - ok

05:58:51.0745 3696 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

05:58:51.0792 3696 WatAdminSvc - ok

05:58:51.0839 3696 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe

05:58:51.0917 3696 wbengine - ok

05:58:51.0963 3696 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

05:58:51.0979 3696 WbioSrvc - ok

05:58:51.0995 3696 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll

05:58:52.0026 3696 wcncsvc - ok

05:58:52.0041 3696 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

05:58:52.0041 3696 WcsPlugInService - ok

05:58:52.0057 3696 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys

05:58:52.0073 3696 Wd - ok

05:58:52.0088 3696 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

05:58:52.0104 3696 Wdf01000 - ok

05:58:52.0104 3696 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll

05:58:52.0182 3696 WdiServiceHost - ok

05:58:52.0182 3696 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll

05:58:52.0197 3696 WdiSystemHost - ok

05:58:52.0213 3696 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll

05:58:52.0229 3696 WebClient - ok

05:58:52.0244 3696 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll

05:58:52.0275 3696 Wecsvc - ok

05:58:52.0291 3696 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll

05:58:52.0322 3696 wercplsupport - ok

05:58:52.0338 3696 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll

05:58:52.0369 3696 WerSvc - ok

05:58:52.0369 3696 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

05:58:52.0400 3696 WfpLwf - ok

05:58:52.0416 3696 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys

05:58:52.0416 3696 WIMMount - ok

05:58:52.0416 3696 WinHttpAutoProxySvc - ok

05:58:52.0463 3696 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

05:58:52.0494 3696 Winmgmt - ok

05:58:52.0525 3696 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll

05:58:52.0587 3696 WinRM - ok

05:58:52.0634 3696 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

05:58:52.0650 3696 WinUsb - ok

05:58:52.0681 3696 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll

05:58:52.0712 3696 Wlansvc - ok

05:58:52.0759 3696 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

05:58:52.0775 3696 wlcrasvc - ok

05:58:52.0837 3696 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

05:58:52.0868 3696 wlidsvc - ok

05:58:52.0884 3696 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys

05:58:52.0884 3696 WmiAcpi - ok

05:58:52.0899 3696 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

05:58:52.0931 3696 wmiApSrv - ok

05:58:52.0946 3696 WMPNetworkSvc - ok

05:58:52.0962 3696 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll

05:58:52.0977 3696 WPCSvc - ok

05:58:52.0993 3696 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

05:58:53.0009 3696 WPDBusEnum - ok

05:58:53.0024 3696 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

05:58:53.0055 3696 ws2ifsl - ok

05:58:53.0055 3696 WSearch - ok

05:58:53.0087 3696 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys

05:58:53.0087 3696 wsvd - ok

05:58:53.0102 3696 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys

05:58:53.0133 3696 WudfPf - ok

05:58:53.0149 3696 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

05:58:53.0196 3696 WUDFRd - ok

05:58:53.0211 3696 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll

05:58:53.0243 3696 wudfsvc - ok

05:58:53.0243 3696 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll

05:58:53.0274 3696 WwanSvc - ok

05:58:53.0305 3696 [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7 C:\windows\system32\DRIVERS\yk62x64.sys

05:58:53.0321 3696 yukonw7 - ok

05:58:53.0321 3696 ================ Scan global ===============================

05:58:53.0352 3696 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

05:58:53.0367 3696 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll

05:58:53.0367 3696 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll

05:58:53.0399 3696 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

05:58:53.0414 3696 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

05:58:53.0414 3696 [Global] - ok

05:58:53.0414 3696 ================ Scan MBR ==================================

05:58:53.0430 3696 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

05:58:53.0617 3696 \Device\Harddisk0\DR0 - ok

05:58:53.0617 3696 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1

05:58:53.0726 3696 \Device\Harddisk1\DR1 - ok

05:58:53.0726 3696 ================ Scan VBR ==================================

05:58:53.0742 3696 [ 8F1CFA2E6C1D247615D99499AC33CAE9 ] \Device\Harddisk0\DR0\Partition1

05:58:53.0742 3696 \Device\Harddisk0\DR0\Partition1 - ok

05:58:53.0742 3696 [ 9DFB208681B2669EBC81E51873D7BDA8 ] \Device\Harddisk0\DR0\Partition2

05:58:53.0742 3696 \Device\Harddisk0\DR0\Partition2 - ok

05:58:53.0757 3696 [ C0D7274DDCD8831D4C982881DE761EFE ] \Device\Harddisk1\DR1\Partition1

05:58:53.0757 3696 \Device\Harddisk1\DR1\Partition1 - ok

05:58:53.0757 3696 ================ Scan active images ========================

05:58:53.0757 3696 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys

05:58:53.0757 3696 C:\Windows\System32\drivers\crashdmp.sys - ok

05:58:53.0757 3696 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys

05:58:53.0757 3696 C:\Windows\System32\drivers\Dumpata.sys - ok

05:58:53.0757 3696 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys

05:58:53.0757 3696 C:\Windows\System32\drivers\dumpfve.sys - ok

05:58:53.0773 3696 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] C:\Windows\System32\drivers\msahci.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\msahci.sys - ok

05:58:53.0773 3696 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\beep.sys - ok

05:58:53.0773 3696 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\cdrom.sys - ok

05:58:53.0773 3696 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\null.sys - ok

05:58:53.0773 3696 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\RDPCDD.sys - ok

05:58:53.0773 3696 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys

05:58:53.0773 3696 C:\Windows\System32\drivers\vga.sys - ok

05:58:53.0789 3696 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\videoprt.sys - ok

05:58:53.0789 3696 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\watchdog.sys - ok

05:58:53.0789 3696 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\afd.sys - ok

05:58:53.0789 3696 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\msfs.sys - ok

05:58:53.0789 3696 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\netbt.sys - ok

05:58:53.0789 3696 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\npfs.sys - ok

05:58:53.0789 3696 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys

05:58:53.0789 3696 C:\Windows\System32\drivers\RDPENCDD.sys - ok

05:58:53.0804 3696 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\RDPREFMP.sys - ok

05:58:53.0804 3696 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\tdi.sys - ok

05:58:53.0804 3696 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\tdx.sys - ok

05:58:53.0804 3696 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\mssmbios.sys - ok

05:58:53.0804 3696 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\netbios.sys - ok

05:58:53.0804 3696 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys

05:58:53.0804 3696 C:\Windows\System32\drivers\nsiproxy.sys - ok

05:58:53.0820 3696 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\pacer.sys - ok

05:58:53.0820 3696 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\rdbss.sys - ok

05:58:53.0820 3696 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\termdd.sys - ok

05:58:53.0820 3696 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\wanarp.sys - ok

05:58:53.0820 3696 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\wfplwf.sys - ok

05:58:53.0820 3696 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys

05:58:53.0820 3696 C:\Windows\System32\drivers\blbdrive.sys - ok

05:58:53.0820 3696 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys

05:58:53.0835 3696 C:\Windows\System32\drivers\dfsc.sys - ok

05:58:53.0835 3696 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys

05:58:53.0835 3696 C:\Windows\System32\drivers\discache.sys - ok

05:58:53.0835 3696 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys

05:58:53.0835 3696 C:\Windows\System32\drivers\tunnel.sys - ok

05:58:53.0835 3696 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe

05:58:53.0835 3696 C:\Windows\System32\smss.exe - ok

05:58:53.0835 3696 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll

05:58:53.0835 3696 C:\Windows\System32\ntdll.dll - ok

05:58:53.0835 3696 [ 5A3D48DE22390A270FE8786ECA07D7FF ] C:\Windows\System32\drivers\igdkmd64.sys

05:58:53.0835 3696 C:\Windows\System32\drivers\igdkmd64.sys - ok

05:58:53.0835 3696 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe

05:58:53.0835 3696 C:\Windows\System32\autochk.exe - ok

05:58:53.0851 3696 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll

05:58:53.0851 3696 C:\Windows\System32\advapi32.dll - ok

05:58:53.0851 3696 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll

05:58:53.0851 3696 C:\Windows\System32\ws2_32.dll - ok

05:58:53.0851 3696 [ 8EA68FD3780DDDD5072F8CB830B3CB3D ] C:\Windows\System32\wininet.dll

05:58:53.0851 3696 C:\Windows\System32\wininet.dll - ok

05:58:53.0851 3696 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll

05:58:53.0851 3696 C:\Windows\System32\oleaut32.dll - ok

05:58:53.0851 3696 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll

05:58:53.0851 3696 C:\Windows\System32\rpcrt4.dll - ok

05:58:53.0851 3696 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys

05:58:53.0851 3696 C:\Windows\System32\drivers\dxgkrnl.sys - ok

05:58:53.0851 3696 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys

05:58:53.0851 3696 C:\Windows\System32\drivers\dxgmms1.sys - ok

05:58:53.0867 3696 [ 6BAFD9819D9FEC2EDBAEBC8493C711A4 ] C:\Windows\System32\drivers\e1c62x64.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\e1c62x64.sys - ok

05:58:53.0867 3696 [ 1C6E73FC46B509EFF9D0086AA37132DF ] C:\Windows\System32\drivers\HECIx64.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\HECIx64.sys - ok

05:58:53.0867 3696 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\usbport.sys - ok

05:58:53.0867 3696 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\hdaudbus.sys - ok

05:58:53.0867 3696 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\usbehci.sys - ok

05:58:53.0867 3696 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys

05:58:53.0867 3696 C:\Windows\System32\drivers\agilevpn.sys - ok

05:58:53.0882 3696 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\CompositeBus.sys - ok

05:58:53.0882 3696 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

05:58:53.0882 3696 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\intelppm.sys - ok

05:58:53.0882 3696 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\ndistapi.sys - ok

05:58:53.0882 3696 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\ndiswan.sys - ok

05:58:53.0882 3696 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys

05:58:53.0882 3696 C:\Windows\System32\drivers\rasl2tp.sys - ok

05:58:53.0898 3696 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\raspppoe.sys - ok

05:58:53.0898 3696 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\raspptp.sys - ok

05:58:53.0898 3696 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\kbdclass.sys - ok

05:58:53.0898 3696 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\ks.sys - ok

05:58:53.0898 3696 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\mouclass.sys - ok

05:58:53.0898 3696 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\rassstp.sys - ok

05:58:53.0898 3696 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys

05:58:53.0898 3696 C:\Windows\System32\drivers\swenum.sys - ok

05:58:53.0913 3696 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\umbus.sys - ok

05:58:53.0913 3696 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\usbhub.sys - ok

05:58:53.0913 3696 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\ndproxy.sys - ok

05:58:53.0913 3696 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\drmk.sys - ok

05:58:53.0913 3696 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\portcls.sys - ok

05:58:53.0913 3696 [ 62C93ABEC0F8A9A235BF7A86B9FC3A0C ] C:\Windows\System32\drivers\RTKVHD64.sys

05:58:53.0913 3696 C:\Windows\System32\drivers\RTKVHD64.sys - ok

05:58:53.0929 3696 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys

05:58:53.0929 3696 C:\Windows\System32\drivers\IntcDAud.sys - ok

05:58:53.0929 3696 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys

05:58:53.0929 3696 C:\Windows\System32\drivers\ksthunk.sys - ok

05:58:53.0929 3696 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll

05:58:53.0929 3696 C:\Windows\System32\user32.dll - ok

05:58:53.0929 3696 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll

05:58:53.0929 3696 C:\Windows\System32\psapi.dll - ok

05:58:53.0929 3696 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll

05:58:53.0929 3696 C:\Windows\System32\shlwapi.dll - ok

05:58:53.0929 3696 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll

05:58:53.0929 3696 C:\Windows\System32\comdlg32.dll - ok

05:58:53.0929 3696 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll

05:58:53.0929 3696 C:\Windows\System32\nsi.dll - ok

05:58:53.0945 3696 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

05:58:53.0945 3696 C:\Windows\System32\gdi32.dll - ok

05:58:53.0945 3696 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll

05:58:53.0945 3696 C:\Windows\System32\kernel32.dll - ok

05:58:53.0945 3696 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll

05:58:53.0945 3696 C:\Windows\System32\sechost.dll - ok

05:58:53.0945 3696 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll

05:58:53.0945 3696 C:\Windows\System32\imagehlp.dll - ok

05:58:53.0945 3696 [ 7F7FE11DF2D67B36DFE5013881619A94 ] C:\Windows\System32\urlmon.dll

05:58:53.0945 3696 C:\Windows\System32\urlmon.dll - ok

05:58:53.0945 3696 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll

05:58:53.0945 3696 C:\Windows\System32\setupapi.dll - ok

05:58:53.0960 3696 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll

05:58:53.0960 3696 C:\Windows\System32\msctf.dll - ok

05:58:53.0960 3696 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll

05:58:53.0960 3696 C:\Windows\System32\normaliz.dll - ok

05:58:53.0960 3696 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll

05:58:53.0960 3696 C:\Windows\System32\shell32.dll - ok

05:58:53.0960 3696 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll

05:58:53.0960 3696 C:\Windows\System32\msvcrt.dll - ok

05:58:53.0960 3696 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll

05:58:53.0960 3696 C:\Windows\System32\imm32.dll - ok

05:58:53.0960 3696 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll

05:58:53.0960 3696 C:\Windows\System32\clbcatq.dll - ok

05:58:53.0960 3696 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll

05:58:53.0960 3696 C:\Windows\System32\usp10.dll - ok

05:58:53.0976 3696 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll

05:58:53.0976 3696 C:\Windows\System32\Wldap32.dll - ok

05:58:53.0976 3696 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll

05:58:53.0976 3696 C:\Windows\System32\ole32.dll - ok

05:58:53.0976 3696 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll

05:58:53.0976 3696 C:\Windows\System32\difxapi.dll - ok

05:58:53.0976 3696 [ E10A0704318A6F7E52787D09717D7C2C ] C:\Windows\System32\iertutil.dll

05:58:53.0976 3696 C:\Windows\System32\iertutil.dll - ok

05:58:53.0976 3696 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll

05:58:53.0976 3696 C:\Windows\System32\lpk.dll - ok

05:58:53.0976 3696 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll

05:58:53.0976 3696 C:\Windows\System32\comctl32.dll - ok

05:58:53.0976 3696 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll

05:58:53.0976 3696 C:\Windows\System32\cfgmgr32.dll - ok

05:58:53.0991 3696 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll

05:58:53.0991 3696 C:\Windows\System32\devobj.dll - ok

05:58:53.0991 3696 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll

05:58:53.0991 3696 C:\Windows\System32\wintrust.dll - ok

05:58:53.0991 3696 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll

05:58:53.0991 3696 C:\Windows\System32\crypt32.dll - ok

05:58:53.0991 3696 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll

05:58:53.0991 3696 C:\Windows\System32\KernelBase.dll - ok

05:58:53.0991 3696 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll

05:58:53.0991 3696 C:\Windows\System32\msasn1.dll - ok

05:58:53.0991 3696 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll

05:58:53.0991 3696 C:\Windows\SysWOW64\normaliz.dll - ok

05:58:54.0007 3696 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys

05:58:54.0007 3696 C:\Windows\System32\drivers\dxapi.sys - ok

05:58:54.0007 3696 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys

05:58:54.0007 3696 C:\Windows\System32\win32k.sys - ok

05:58:54.0007 3696 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll

05:58:54.0007 3696 C:\Windows\System32\csrsrv.dll - ok

05:58:54.0007 3696 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe

05:58:54.0007 3696 C:\Windows\System32\csrss.exe - ok

05:58:54.0007 3696 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll

05:58:54.0007 3696 C:\Windows\System32\basesrv.dll - ok

05:58:54.0007 3696 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll

05:58:54.0007 3696 C:\Windows\System32\winsrv.dll - ok

05:58:54.0007 3696 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys

05:58:54.0007 3696 C:\Windows\System32\drivers\usbd.sys - ok

05:58:54.0023 3696 [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS

05:58:54.0023 3696 C:\Windows\System32\drivers\USBSTOR.SYS - ok

05:58:54.0023 3696 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\fastfat.sys - ok

05:58:54.0023 3696 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\hidclass.sys - ok

05:58:54.0023 3696 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\hidparse.sys - ok

05:58:54.0023 3696 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\hidusb.sys - ok

05:58:54.0023 3696 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\monitor.sys - ok

05:58:54.0023 3696 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys

05:58:54.0023 3696 C:\Windows\System32\drivers\mouhid.sys - ok

05:58:54.0038 3696 [ 9BEB5F18A418FF70659CE2E356829568 ] C:\Windows\System32\drivers\RtsUStor.sys

05:58:54.0038 3696 C:\Windows\System32\drivers\RtsUStor.sys - ok

05:58:54.0038 3696 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys

05:58:54.0038 3696 C:\Windows\System32\drivers\usbccgp.sys - ok

05:58:54.0038 3696 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys

05:58:54.0038 3696 C:\Windows\System32\drivers\kbdhid.sys - ok

05:58:54.0038 3696 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll

05:58:54.0038 3696 C:\Windows\System32\tsddd.dll - ok

05:58:54.0038 3696 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll

05:58:54.0038 3696 C:\Windows\System32\sxssrv.dll - ok

05:58:54.0038 3696 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe

05:58:54.0038 3696 C:\Windows\System32\wininit.exe - ok

05:58:54.0054 3696 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll

05:58:54.0054 3696 C:\Windows\System32\cdd.dll - ok

05:58:54.0054 3696 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL

05:58:54.0054 3696 C:\Windows\System32\KBDUS.DLL - ok

05:58:54.0054 3696 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll

05:58:54.0054 3696 C:\Windows\System32\profapi.dll - ok

05:58:54.0054 3696 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll

05:58:54.0054 3696 C:\Windows\System32\RpcRtRemote.dll - ok

05:58:54.0054 3696 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll

05:58:54.0054 3696 C:\Windows\System32\sxs.dll - ok

05:58:54.0054 3696 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll

05:58:54.0054 3696 C:\Windows\System32\WlS0WndH.dll - ok

05:58:54.0054 3696 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll

05:58:54.0054 3696 C:\Windows\System32\cryptbase.dll - ok

05:58:54.0069 3696 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll

05:58:54.0069 3696 C:\Windows\System32\apphelp.dll - ok

05:58:54.0069 3696 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll

05:58:54.0069 3696 C:\Windows\System32\lsasrv.dll - ok

05:58:54.0069 3696 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe

05:58:54.0069 3696 C:\Windows\System32\lsass.exe - ok

05:58:54.0069 3696 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe

05:58:54.0069 3696 C:\Windows\System32\lsm.exe - ok

05:58:54.0069 3696 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe

05:58:54.0069 3696 C:\Windows\System32\services.exe - ok

05:58:54.0069 3696 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll

05:58:54.0069 3696 C:\Windows\System32\sspisrv.dll - ok

05:58:54.0085 3696 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll

05:58:54.0085 3696 C:\Windows\System32\scesrv.dll - ok

05:58:54.0085 3696 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll

05:58:54.0085 3696 C:\Windows\System32\scext.dll - ok

05:58:54.0085 3696 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll

05:58:54.0085 3696 C:\Windows\System32\secur32.dll - ok

05:58:54.0085 3696 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll

05:58:54.0085 3696 C:\Windows\System32\sspicli.dll - ok

05:58:54.0085 3696 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll

05:58:54.0085 3696 C:\Windows\System32\sysntfy.dll - ok

05:58:54.0085 3696 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll

05:58:54.0085 3696 C:\Windows\System32\wmsgapi.dll - ok

05:58:54.0085 3696 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll

05:58:54.0085 3696 C:\Windows\System32\samsrv.dll - ok

05:58:54.0101 3696 [ 629E3B4EFEE35FCCE8C6B78DD3FB9044 ] C:\Windows\System32\drivers\OEM03Vid.sys

05:58:54.0101 3696 C:\Windows\System32\drivers\OEM03Vid.sys - ok

05:58:54.0101 3696 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll

05:58:54.0101 3696 C:\Windows\System32\srvcli.dll - ok

05:58:54.0101 3696 [ E52479B03A57DC3D4BABD9C5536C94D6 ] C:\Windows\System32\drivers\OEM03Afx.sys

05:58:54.0101 3696 C:\Windows\System32\drivers\OEM03Afx.sys - ok

05:58:54.0101 3696 [ 766F689564BC30E5A91F8621CE65AD68 ] C:\Windows\System32\drivers\OEM03Vfx.sys

05:58:54.0101 3696 C:\Windows\System32\drivers\OEM03Vfx.sys - ok

05:58:54.0101 3696 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys

05:58:54.0101 3696 C:\Windows\System32\drivers\USBAUDIO.sys - ok

05:58:54.0101 3696 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll

05:58:54.0101 3696 C:\Windows\System32\cryptdll.dll - ok

05:58:54.0116 3696 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll

05:58:54.0116 3696 C:\Windows\System32\wevtapi.dll - ok

05:58:54.0116 3696 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll

05:58:54.0116 3696 C:\Windows\System32\authz.dll - ok

05:58:54.0116 3696 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll

05:58:54.0116 3696 C:\Windows\System32\cngaudit.dll - ok

05:58:54.0116 3696 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll

05:58:54.0116 3696 C:\Windows\System32\ncrypt.dll - ok

05:58:54.0116 3696 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll

05:58:54.0116 3696 C:\Windows\System32\bcrypt.dll - ok

05:58:54.0116 3696 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll

05:58:54.0116 3696 C:\Windows\System32\msprivs.dll - ok

05:58:54.0116 3696 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll

05:58:54.0116 3696 C:\Windows\System32\netjoin.dll - ok

05:58:54.0132 3696 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe

05:58:54.0132 3696 C:\Windows\System32\winlogon.exe - ok

05:58:54.0132 3696 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll

05:58:54.0132 3696 C:\Windows\System32\winsta.dll - ok

05:58:54.0132 3696 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll

05:58:54.0132 3696 C:\Windows\System32\atmfd.dll - ok

05:58:54.0132 3696 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll

05:58:54.0132 3696 C:\Windows\System32\kerberos.dll - ok

05:58:54.0132 3696 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll

05:58:54.0132 3696 C:\Windows\System32\negoexts.dll - ok

05:58:54.0132 3696 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll

05:58:54.0132 3696 C:\Windows\System32\cryptsp.dll - ok

05:58:54.0147 3696 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll

05:58:54.0147 3696 C:\Windows\System32\msv1_0.dll - ok

05:58:54.0147 3696 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll

05:58:54.0147 3696 C:\Windows\System32\mswsock.dll - ok

05:58:54.0147 3696 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll

05:58:54.0147 3696 C:\Windows\System32\wship6.dll - ok

05:58:54.0147 3696 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll

05:58:54.0147 3696 C:\Windows\System32\netlogon.dll - ok

05:58:54.0147 3696 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll

05:58:54.0147 3696 C:\Windows\System32\dnsapi.dll - ok

05:58:54.0147 3696 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll

05:58:54.0147 3696 C:\Windows\System32\logoncli.dll - ok

05:58:54.0147 3696 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll

05:58:54.0147 3696 C:\Windows\System32\schannel.dll - ok

05:58:54.0163 3696 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll

05:58:54.0163 3696 C:\Windows\System32\wdigest.dll - ok

05:58:54.0163 3696 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll

05:58:54.0163 3696 C:\Windows\System32\rsaenh.dll - ok

05:58:54.0163 3696 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll

05:58:54.0163 3696 C:\Windows\System32\bcryptprimitives.dll - ok

05:58:54.0163 3696 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll

05:58:54.0163 3696 C:\Windows\System32\credssp.dll - ok

05:58:54.0163 3696 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll

05:58:54.0163 3696 C:\Windows\System32\efslsaext.dll - ok

05:58:54.0163 3696 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll

05:58:54.0163 3696 C:\Windows\System32\scecli.dll - ok

05:58:54.0163 3696 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll

05:58:54.0163 3696 C:\Windows\System32\ubpm.dll - ok

05:58:54.0179 3696 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe

05:58:54.0179 3696 C:\Windows\System32\svchost.exe - ok

05:58:54.0179 3696 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll

05:58:54.0179 3696 C:\Windows\System32\umpnpmgr.dll - ok

05:58:54.0179 3696 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll

05:58:54.0179 3696 C:\Windows\System32\devrtl.dll - ok

05:58:54.0179 3696 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll

05:58:54.0179 3696 C:\Windows\System32\SPInf.dll - ok

05:58:54.0179 3696 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll

05:58:54.0179 3696 C:\Windows\System32\gpapi.dll - ok

05:58:54.0179 3696 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll

05:58:54.0179 3696 C:\Windows\System32\userenv.dll - ok

05:58:54.0194 3696 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll

05:58:54.0194 3696 C:\Windows\System32\pcwum.dll - ok

05:58:54.0194 3696 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll

05:58:54.0194 3696 C:\Windows\System32\umpo.dll - ok

05:58:54.0194 3696 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll

05:58:54.0194 3696 C:\Windows\System32\powrprof.dll - ok

05:58:54.0194 3696 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys

05:58:54.0194 3696 C:\Windows\System32\drivers\luafv.sys - ok

05:58:54.0194 3696 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys

05:58:54.0194 3696 C:\Windows\System32\drivers\WUDFPf.sys - ok

05:58:54.0194 3696 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll

05:58:54.0194 3696 C:\Windows\System32\rpcss.dll - ok

05:58:54.0194 3696 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll

05:58:54.0194 3696 C:\Windows\System32\RpcEpMap.dll - ok

05:58:54.0210 3696 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL

05:58:54.0210 3696 C:\Windows\System32\WSHTCPIP.DLL - ok

05:58:54.0210 3696 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll

05:58:54.0210 3696 C:\Windows\System32\wshqos.dll - ok

05:58:54.0210 3696 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll

05:58:54.0210 3696 C:\Windows\System32\FirewallAPI.dll - ok

05:58:54.0210 3696 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll

05:58:54.0210 3696 C:\Windows\System32\version.dll - ok

05:58:54.0210 3696 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe

05:58:54.0210 3696 C:\Windows\System32\LogonUI.exe - ok

05:58:54.0210 3696 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll

05:58:54.0210 3696 C:\Windows\System32\authui.dll - ok

05:58:54.0210 3696 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll

05:58:54.0225 3696 C:\Windows\System32\wevtsvc.dll - ok

05:58:54.0225 3696 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll

05:58:54.0225 3696 C:\Windows\System32\cryptui.dll - ok

05:58:54.0225 3696 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

05:58:54.0225 3696 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

05:58:54.0225 3696 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll

05:58:54.0225 3696 C:\Windows\System32\audiosrv.dll - ok

05:58:54.0241 3696 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll

05:58:54.0241 3696 C:\Windows\System32\mmcss.dll - ok

05:58:54.0241 3696 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll

05:58:54.0241 3696 C:\Windows\System32\avrt.dll - ok

05:58:54.0241 3696 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll

05:58:54.0241 3696 C:\Windows\System32\MMDevAPI.dll - ok

05:58:54.0241 3696 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll

05:58:54.0241 3696 C:\Windows\System32\propsys.dll - ok

05:58:54.0257 3696 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll

05:58:54.0257 3696 C:\Windows\System32\samlib.dll - ok

05:58:54.0257 3696 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll

05:58:54.0257 3696 C:\Windows\System32\shacct.dll - ok

05:58:54.0257 3696 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll

05:58:54.0257 3696 C:\Windows\System32\uxtheme.dll - ok

05:58:54.0257 3696 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll

05:58:54.0257 3696 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok

05:58:54.0272 3696 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe

05:58:54.0272 3696 C:\Windows\System32\audiodg.exe - ok

05:58:54.0272 3696 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll

05:58:54.0272 3696 C:\Windows\System32\dui70.dll - ok

05:58:54.0272 3696 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll

05:58:54.0272 3696 C:\Windows\System32\ntmarta.dll - ok

05:58:54.0272 3696 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll

05:58:54.0272 3696 C:\Windows\System32\duser.dll - ok

05:58:54.0288 3696 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll

05:58:54.0288 3696 C:\Windows\System32\SndVolSSO.dll - ok

05:58:54.0288 3696 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll

05:58:54.0288 3696 C:\Windows\System32\hid.dll - ok

05:58:54.0288 3696 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll

05:58:54.0288 3696 C:\Windows\System32\dwmapi.dll - ok

05:58:54.0288 3696 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll

05:58:54.0288 3696 C:\Windows\System32\xmllite.dll - ok

05:58:54.0303 3696 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll

05:58:54.0303 3696 C:\Windows\System32\gpsvc.dll - ok

05:58:54.0303 3696 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll

05:58:54.0303 3696 C:\Windows\System32\nlaapi.dll - ok

05:58:54.0303 3696 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll

05:58:54.0303 3696 C:\Windows\System32\atl.dll - ok

05:58:54.0303 3696 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll

05:58:54.0303 3696 C:\Windows\System32\profsvc.dll - ok

05:58:54.0319 3696 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll

05:58:54.0319 3696 C:\Windows\System32\themeservice.dll - ok

05:58:54.0319 3696 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll

05:58:54.0319 3696 C:\Windows\System32\es.dll - ok

05:58:54.0319 3696 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll

05:58:54.0319 3696 C:\Windows\System32\dsrole.dll - ok

05:58:54.0319 3696 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll

05:58:54.0319 3696 C:\Windows\System32\Sens.dll - ok

05:58:54.0335 3696 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll

05:58:54.0335 3696 C:\Windows\System32\slc.dll - ok

05:58:54.0335 3696 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll

05:58:54.0335 3696 C:\Windows\System32\uxsms.dll - ok

05:58:54.0335 3696 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll

05:58:54.0335 3696 C:\Windows\System32\wtsapi32.dll - ok

05:58:54.0335 3696 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll

05:58:54.0335 3696 C:\Windows\System32\WUDFSvc.dll - ok

05:58:54.0350 3696 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll

05:58:54.0350 3696 C:\Windows\System32\WUDFPlatform.dll - ok

05:58:54.0350 3696 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys

05:58:54.0350 3696 C:\Windows\System32\drivers\lltdio.sys - ok

05:58:54.0350 3696 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys

05:58:54.0350 3696 C:\Windows\System32\drivers\rspndr.sys - ok

05:58:54.0350 3696 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll

05:58:54.0350 3696 C:\Windows\System32\lmhsvc.dll - ok

05:58:54.0366 3696 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll

05:58:54.0366 3696 C:\Windows\System32\nsisvc.dll - ok

05:58:54.0366 3696 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll

05:58:54.0366 3696 C:\Windows\System32\dnsrslvr.dll - ok

05:58:54.0366 3696 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll

05:58:54.0366 3696 C:\Windows\System32\winnsi.dll - ok

05:58:54.0366 3696 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll

05:58:54.0366 3696 C:\Windows\System32\dhcpcore.dll - ok

05:58:54.0381 3696 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL

05:58:54.0381 3696 C:\Windows\System32\IPHLPAPI.DLL - ok

05:58:54.0381 3696 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll

05:58:54.0381 3696 C:\Windows\System32\nrpsrv.dll - ok

05:58:54.0381 3696 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll

05:58:54.0381 3696 C:\Windows\System32\dhcpcore6.dll - ok

05:58:54.0381 3696 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL

05:58:54.0381 3696 C:\Windows\System32\FWPUCLNT.DLL - ok

05:58:54.0381 3696 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll

05:58:54.0381 3696 C:\Windows\System32\dnsext.dll - ok

05:58:54.0381 3696 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll

05:58:54.0381 3696 C:\Windows\System32\shsvcs.dll - ok

05:58:54.0397 3696 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll

05:58:54.0397 3696 C:\Windows\System32\dhcpcsvc6.dll - ok

05:58:54.0397 3696 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll

05:58:54.0397 3696 C:\Windows\System32\adtschema.dll - ok

05:58:54.0397 3696 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll

05:58:54.0397 3696 C:\Windows\System32\schedsvc.dll - ok

05:58:54.0397 3696 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

05:58:54.0397 3696 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

05:58:54.0397 3696 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll

05:58:54.0397 3696 C:\Windows\System32\comres.dll - ok

05:58:54.0413 3696 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys

05:58:54.0413 3696 C:\Windows\System32\drivers\fltMgr.sys - ok

05:58:54.0413 3696 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll

05:58:54.0413 3696 C:\Windows\System32\netprofm.dll - ok

05:58:54.0413 3696 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL

05:58:54.0413 3696 C:\Windows\System32\PSHED.DLL - ok

05:58:54.0413 3696 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

05:58:54.0413 3696 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

05:58:54.0413 3696 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll

05:58:54.0413 3696 C:\Windows\System32\netapi32.dll - ok

05:58:54.0428 3696 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll

05:58:54.0428 3696 C:\Windows\System32\netutils.dll - ok

05:58:54.0428 3696 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll

05:58:54.0428 3696 C:\Windows\System32\wkscli.dll - ok

05:58:54.0428 3696 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll

05:58:54.0428 3696 C:\Windows\System32\WindowsCodecs.dll - ok

05:58:54.0428 3696 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll

05:58:54.0428 3696 C:\Windows\System32\dhcpcsvc.dll - ok

05:58:54.0444 3696 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll

05:58:54.0444 3696 C:\Windows\System32\winbrand.dll - ok

05:58:54.0444 3696 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll

05:58:54.0444 3696 C:\Windows\System32\ktmw32.dll - ok

05:58:54.0444 3696 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll

05:58:54.0444 3696 C:\Windows\System32\BioCredProv.dll - ok

05:58:54.0444 3696 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll

05:58:54.0444 3696 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

05:58:54.0444 3696 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll

05:58:54.0444 3696 C:\Windows\System32\VaultCredProvider.dll - ok

05:58:54.0444 3696 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll

05:58:54.0444 3696 C:\Windows\System32\winbio.dll - ok

05:58:54.0459 3696 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll

05:58:54.0459 3696 C:\Windows\System32\credui.dll - ok

05:58:54.0459 3696 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll

05:58:54.0459 3696 C:\Windows\System32\certCredProvider.dll - ok

05:58:54.0459 3696 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll

05:58:54.0459 3696 C:\Windows\System32\samcli.dll - ok

05:58:54.0459 3696 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll

05:58:54.0459 3696 C:\Windows\System32\vaultcli.dll - ok

05:58:54.0459 3696 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll

05:58:54.0459 3696 C:\Windows\System32\taskcomp.dll - ok

05:58:54.0475 3696 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys

05:58:54.0475 3696 C:\Windows\System32\drivers\http.sys - ok

05:58:54.0475 3696 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe

05:58:54.0475 3696 C:\Windows\System32\spoolsv.exe - ok

05:58:54.0475 3696 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

05:58:54.0475 3696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

05:58:54.0491 3696 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll

05:58:54.0491 3696 C:\Windows\System32\rasapi32.dll - ok

05:58:54.0491 3696 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll

05:58:54.0491 3696 C:\Windows\System32\rasplap.dll - ok

05:58:54.0491 3696 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll

05:58:54.0491 3696 C:\Windows\System32\rasman.dll - ok

05:58:54.0491 3696 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll

05:58:54.0491 3696 C:\Windows\System32\rtutils.dll - ok

05:58:54.0491 3696 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll

05:58:54.0491 3696 C:\Windows\System32\UXInit.dll - ok

05:58:54.0506 3696 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll

05:58:54.0506 3696 C:\Windows\System32\imageres.dll - ok

05:58:54.0506 3696 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe

05:58:54.0506 3696 C:\Windows\System32\dllhost.exe - ok

05:58:54.0506 3696 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys

05:58:54.0506 3696 C:\Windows\System32\drivers\bowser.sys - ok

05:58:54.0522 3696 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys

05:58:54.0522 3696 C:\Windows\System32\drivers\mrxsmb.sys - ok

05:58:54.0522 3696 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys

05:58:54.0522 3696 C:\Windows\System32\drivers\mrxsmb10.sys - ok

05:58:54.0522 3696 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys

05:58:54.0522 3696 C:\Windows\System32\drivers\mrxsmb20.sys - ok

05:58:54.0522 3696 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys

05:58:54.0522 3696 C:\Windows\System32\drivers\srvnet.sys - ok

05:58:54.0537 3696 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll

05:58:54.0537 3696 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok

05:58:54.0537 3696 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll

05:58:54.0537 3696 C:\Windows\System32\IDStore.dll - ok

05:58:54.0537 3696 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

05:58:54.0537 3696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

05:58:54.0537 3696 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll

05:58:54.0537 3696 C:\Windows\System32\mpr.dll - ok

05:58:54.0553 3696 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe

05:58:54.0553 3696 C:\Windows\System32\userinit.exe - ok

05:58:54.0553 3696 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe

05:58:54.0553 3696 C:\Windows\System32\dwm.exe - ok

05:58:54.0553 3696 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll

05:58:54.0553 3696 C:\Program Files\Bonjour\mdnsNSP.dll - ok

05:58:54.0553 3696 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys

05:58:54.0553 3696 C:\Windows\System32\drivers\srv2.sys - ok

05:58:54.0569 3696 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll

05:58:54.0569 3696 C:\Windows\System32\wkssvc.dll - ok

05:58:54.0569 3696 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys

05:58:54.0569 3696 C:\Windows\System32\drivers\srv.sys - ok

05:58:54.0569 3696 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll

05:58:54.0569 3696 C:\Windows\System32\srvsvc.dll - ok

05:58:54.0569 3696 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll

05:58:54.0569 3696 C:\Windows\System32\browser.dll - ok

05:58:54.0584 3696 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll

05:58:54.0584 3696 C:\Windows\System32\netmsg.dll - ok

05:58:54.0584 3696 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll

05:58:54.0584 3696 C:\Windows\System32\rasadhlp.dll - ok

05:58:54.0584 3696 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe

05:58:54.0584 3696 C:\Windows\System32\taskhost.exe - ok

05:58:54.0584 3696 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll

05:58:54.0584 3696 C:\Windows\System32\umb.dll - ok

05:58:54.0584 3696 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll

05:58:54.0584 3696 C:\Windows\System32\dwmcore.dll - ok

05:58:54.0584 3696 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll

05:58:54.0584 3696 C:\Windows\System32\dwmredir.dll - ok

05:58:54.0600 3696 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll

05:58:54.0600 3696 C:\Windows\System32\HotStartUserAgent.dll - ok

05:58:54.0600 3696 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll

05:58:54.0600 3696 C:\Windows\System32\PlaySndSrv.dll - ok

05:58:54.0600 3696 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll

05:58:54.0600 3696 C:\Windows\System32\d3d10_1.dll - ok

05:58:54.0600 3696 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll

05:58:54.0600 3696 C:\Windows\System32\MsCtfMonitor.dll - ok

05:58:54.0600 3696 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll

05:58:54.0600 3696 C:\Windows\System32\msutb.dll - ok

05:58:54.0600 3696 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll

05:58:54.0600 3696 C:\Windows\System32\d3d10_1core.dll - ok

05:58:54.0600 3696 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe

05:58:54.0600 3696 C:\Windows\explorer.exe - ok

05:58:54.0615 3696 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll

05:58:54.0615 3696 C:\Windows\System32\ExplorerFrame.dll - ok

05:58:54.0615 3696 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll

05:58:54.0615 3696 C:\Windows\System32\winmm.dll - ok

05:58:54.0615 3696 [ 1EEF6ACBBE1D5DCD2EE545895DA87454 ] C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

05:58:54.0615 3696 C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll - ok

05:58:54.0615 3696 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll

05:58:54.0615 3696 C:\Windows\System32\dbghelp.dll - ok

05:58:54.0615 3696 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll

05:58:54.0615 3696 C:\Windows\System32\dxgi.dll - ok

05:58:54.0615 3696 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll

05:58:54.0615 3696 C:\Windows\System32\localspl.dll - ok

05:58:54.0631 3696 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll

Link to post
Share on other sites

05:58:54.0631 3696 C:\Windows\System32\sscore.dll - ok

05:58:54.0631 3696 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll

05:58:54.0631 3696 C:\Windows\System32\clusapi.dll - ok

05:58:54.0631 3696 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll

05:58:54.0631 3696 C:\Windows\System32\resutils.dll - ok

05:58:54.0631 3696 [ 7F59519CAF9AA22E6EE52EBE4C38D712 ] C:\Windows\System32\igd10umd64.dll

05:58:54.0631 3696 C:\Windows\System32\igd10umd64.dll - ok

05:58:54.0631 3696 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll

05:58:54.0631 3696 C:\Windows\System32\msvcp60.dll - ok

05:58:54.0631 3696 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll

05:58:54.0631 3696 C:\Windows\System32\EhStorShell.dll - ok

05:58:54.0631 3696 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll

05:58:54.0631 3696 C:\Windows\System32\uDWM.dll - ok

05:58:54.0647 3696 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll

05:58:54.0647 3696 C:\Windows\System32\spoolss.dll - ok

05:58:54.0647 3696 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv

05:58:54.0647 3696 C:\Windows\System32\winspool.drv - ok

05:58:54.0647 3696 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll

05:58:54.0647 3696 C:\Windows\System32\FXSMON.dll - ok

05:58:54.0647 3696 [ 4977CBC52959FDBD6B2E40BAA1B631C5 ] C:\Windows\System32\hpzllw71.dll

05:58:54.0647 3696 C:\Windows\System32\hpzllw71.dll - ok

05:58:54.0647 3696 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll

05:58:54.0647 3696 C:\Windows\System32\PrintIsolationProxy.dll - ok

05:58:54.0647 3696 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll

05:58:54.0647 3696 C:\Windows\System32\tcpmon.dll - ok

05:58:54.0662 3696 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll

05:58:54.0662 3696 C:\Windows\System32\msxml6.dll - ok

05:58:54.0662 3696 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll

05:58:54.0662 3696 C:\Windows\System32\snmpapi.dll - ok

05:58:54.0662 3696 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll

05:58:54.0662 3696 C:\Windows\System32\wsnmp32.dll - ok

05:58:54.0662 3696 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll

05:58:54.0662 3696 C:\Windows\System32\usbmon.dll - ok

05:58:54.0662 3696 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll

05:58:54.0662 3696 C:\Windows\System32\WSDApi.dll - ok

05:58:54.0662 3696 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll

05:58:54.0662 3696 C:\Windows\System32\WSDMon.dll - ok

05:58:54.0662 3696 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll

05:58:54.0662 3696 C:\Windows\System32\webservices.dll - ok

05:58:54.0678 3696 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll

05:58:54.0678 3696 C:\Windows\System32\fundisc.dll - ok

05:58:54.0678 3696 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll

05:58:54.0678 3696 C:\Windows\System32\fdPnp.dll - ok

05:58:54.0678 3696 [ 6FB9BE56891EA4E85B4C9BDD4E9AFA69 ] C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll

05:58:54.0678 3696 C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll - ok

05:58:54.0678 3696 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll

05:58:54.0678 3696 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok

05:58:54.0678 3696 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll

05:58:54.0678 3696 C:\Windows\System32\win32spl.dll - ok

05:58:54.0678 3696 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll

05:58:54.0678 3696 C:\Windows\System32\inetpp.dll - ok

05:58:54.0693 3696 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll

05:58:54.0693 3696 C:\Windows\System32\cscapi.dll - ok

05:58:54.0693 3696 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll

05:58:54.0693 3696 C:\Windows\System32\IconCodecService.dll - ok

05:58:54.0693 3696 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll

05:58:54.0693 3696 C:\Windows\System32\ntshrui.dll - ok

05:58:54.0693 3696 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll

05:58:54.0693 3696 C:\Windows\System32\ntprint.dll - ok

05:58:54.0693 3696 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll

05:58:54.0693 3696 C:\Windows\System32\fveapi.dll - ok

05:58:54.0693 3696 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll

05:58:54.0693 3696 C:\Windows\System32\fvecerts.dll - ok

05:58:54.0693 3696 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll

05:58:54.0693 3696 C:\Windows\System32\tbs.dll - ok

05:58:54.0709 3696 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

05:58:54.0709 3696 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

05:58:54.0709 3696 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll

05:58:54.0709 3696 C:\Windows\System32\wiarpc.dll - ok

05:58:54.0709 3696 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll

05:58:54.0709 3696 C:\Windows\SysWOW64\ntdll.dll - ok

05:58:54.0709 3696 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll

05:58:54.0709 3696 C:\Windows\System32\actxprxy.dll - ok

05:58:54.0709 3696 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll

05:58:54.0709 3696 C:\Windows\System32\wow64.dll - ok

05:58:54.0709 3696 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll

05:58:54.0709 3696 C:\Windows\System32\wow64win.dll - ok

05:58:54.0725 3696 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll

05:58:54.0725 3696 C:\Windows\System32\wow64cpu.dll - ok

05:58:54.0725 3696 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\kernel32.dll - ok

05:58:54.0725 3696 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\KernelBase.dll - ok

05:58:54.0725 3696 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\user32.dll - ok

05:58:54.0725 3696 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\gdi32.dll - ok

05:58:54.0725 3696 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\lpk.dll - ok

05:58:54.0725 3696 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll

05:58:54.0725 3696 C:\Windows\SysWOW64\usp10.dll - ok

05:58:54.0740 3696 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\msvcrt.dll - ok

05:58:54.0740 3696 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\advapi32.dll - ok

05:58:54.0740 3696 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\cryptbase.dll - ok

05:58:54.0740 3696 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\rpcrt4.dll - ok

05:58:54.0740 3696 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\sechost.dll - ok

05:58:54.0740 3696 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\shell32.dll - ok

05:58:54.0740 3696 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll

05:58:54.0740 3696 C:\Windows\SysWOW64\sspicli.dll - ok

05:58:54.0756 3696 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\ole32.dll - ok

05:58:54.0756 3696 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\shlwapi.dll - ok

05:58:54.0756 3696 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\crypt32.dll - ok

05:58:54.0756 3696 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\oleaut32.dll - ok

05:58:54.0756 3696 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\msasn1.dll - ok

05:58:54.0756 3696 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll

05:58:54.0756 3696 C:\Windows\SysWOW64\wintrust.dll - ok

05:58:54.0771 3696 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

05:58:54.0771 3696 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

05:58:54.0771 3696 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll

05:58:54.0771 3696 C:\Windows\SysWOW64\imm32.dll - ok

05:58:54.0771 3696 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll

05:58:54.0771 3696 C:\Windows\SysWOW64\msctf.dll - ok

05:58:54.0771 3696 [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

05:58:54.0771 3696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

05:58:54.0771 3696 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

05:58:54.0771 3696 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

05:58:54.0771 3696 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

05:58:54.0771 3696 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

05:58:54.0787 3696 [ 8C22C6088057A00EAE7D963600F26EEB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

05:58:54.0787 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

05:58:54.0787 3696 [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll

05:58:54.0787 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

05:58:54.0787 3696 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll

05:58:54.0787 3696 C:\Windows\SysWOW64\version.dll - ok

05:58:54.0787 3696 [ 67B539D844F804EBAC7A1E3828FDE709 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

05:58:54.0787 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

05:58:54.0787 3696 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

05:58:54.0787 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

05:58:54.0787 3696 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll

05:58:54.0787 3696 C:\Windows\SysWOW64\nsi.dll - ok

05:58:54.0803 3696 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll

05:58:54.0803 3696 C:\Windows\SysWOW64\ws2_32.dll - ok

05:58:54.0803 3696 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

05:58:54.0803 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

05:58:54.0803 3696 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

05:58:54.0803 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok

05:58:54.0803 3696 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll

05:58:54.0803 3696 C:\Windows\SysWOW64\wsock32.dll - ok

05:58:54.0803 3696 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

05:58:54.0803 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok

05:58:54.0803 3696 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll

05:58:54.0803 3696 C:\Windows\SysWOW64\winmm.dll - ok

05:58:54.0803 3696 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

05:58:54.0803 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

05:58:54.0818 3696 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll

05:58:54.0818 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok

05:58:54.0818 3696 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

05:58:54.0818 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok

05:58:54.0818 3696 [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

05:58:54.0818 3696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

05:58:54.0818 3696 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll

05:58:54.0818 3696 C:\Windows\SysWOW64\profapi.dll - ok

05:58:54.0818 3696 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll

05:58:54.0818 3696 C:\Windows\SysWOW64\setupapi.dll - ok

05:58:54.0818 3696 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll

05:58:54.0818 3696 C:\Windows\SysWOW64\cfgmgr32.dll - ok

05:58:54.0834 3696 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\devobj.dll - ok

05:58:54.0834 3696 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\userenv.dll - ok

05:58:54.0834 3696 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\wtsapi32.dll - ok

05:58:54.0834 3696 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\dnssd.dll - ok

05:58:54.0834 3696 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\ntmarta.dll - ok

05:58:54.0834 3696 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll

05:58:54.0834 3696 C:\Windows\SysWOW64\Wldap32.dll - ok

05:58:54.0849 3696 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe

05:58:54.0849 3696 C:\Program Files\Bonjour\mDNSResponder.exe - ok

05:58:54.0849 3696 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll

05:58:54.0849 3696 C:\Windows\SysWOW64\mswsock.dll - ok

05:58:54.0849 3696 [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll

05:58:54.0849 3696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok

05:58:54.0849 3696 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll

05:58:54.0849 3696 C:\Windows\System32\cryptsvc.dll - ok

05:58:54.0849 3696 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL

05:58:54.0849 3696 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok

05:58:54.0849 3696 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll

05:58:54.0849 3696 C:\Windows\System32\cryptnet.dll - ok

05:58:54.0849 3696 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll

05:58:54.0849 3696 C:\Windows\System32\dps.dll - ok

05:58:54.0865 3696 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll

05:58:54.0865 3696 C:\Windows\System32\efscore.dll - ok

05:58:54.0865 3696 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll

05:58:54.0865 3696 C:\Windows\System32\efssvc.dll - ok

05:58:54.0865 3696 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll

05:58:54.0865 3696 C:\Windows\System32\FDResPub.dll - ok

05:58:54.0865 3696 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll

05:58:54.0865 3696 C:\Windows\System32\vssapi.dll - ok

05:58:54.0865 3696 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\SysWOW64\wininet.dll

05:58:54.0865 3696 C:\Windows\SysWOW64\wininet.dll - ok

05:58:54.0865 3696 [ 1DED0D0AA513E2A5862B20A520D3A1E1 ] C:\Windows\jmesoft\Service.exe

05:58:54.0865 3696 C:\Windows\jmesoft\Service.exe - ok

05:58:54.0865 3696 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll

05:58:54.0865 3696 C:\Windows\System32\taskschd.dll - ok

05:58:54.0881 3696 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll

05:58:54.0881 3696 C:\Windows\System32\efsutil.dll - ok

05:58:54.0881 3696 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\SysWOW64\iertutil.dll

05:58:54.0881 3696 C:\Windows\SysWOW64\iertutil.dll - ok

05:58:54.0881 3696 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll

05:58:54.0881 3696 C:\Windows\System32\aepic.dll - ok

05:58:54.0881 3696 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys

05:58:54.0881 3696 C:\Windows\System32\drivers\PEAuth.sys - ok

05:58:54.0881 3696 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll

05:58:54.0881 3696 C:\Windows\System32\nlasvc.dll - ok

05:58:54.0881 3696 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll

05:58:54.0881 3696 C:\Windows\System32\pcasvc.dll - ok

05:58:54.0896 3696 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll

05:58:54.0896 3696 C:\Windows\System32\sfc.dll - ok

05:58:54.0896 3696 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll

05:58:54.0896 3696 C:\Windows\System32\sfc_os.dll - ok

05:58:54.0896 3696 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll

05:58:54.0896 3696 C:\Windows\System32\vsstrace.dll - ok

05:58:54.0896 3696 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys

05:58:54.0896 3696 C:\Windows\System32\drivers\secdrv.sys - ok

05:58:54.0896 3696 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys

05:58:54.0896 3696 C:\Windows\System32\drivers\tcpipreg.sys - ok

05:58:54.0896 3696 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll

05:58:54.0896 3696 C:\Windows\System32\ncsi.dll - ok

05:58:54.0896 3696 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll

05:58:54.0896 3696 C:\Windows\System32\sysmain.dll - ok

05:58:54.0912 3696 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll

05:58:54.0912 3696 C:\Windows\System32\wiaservc.dll - ok

05:58:54.0912 3696 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll

05:58:54.0912 3696 C:\Windows\System32\winhttp.dll - ok

05:58:54.0912 3696 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\SysWOW64\urlmon.dll

05:58:54.0912 3696 C:\Windows\SysWOW64\urlmon.dll - ok

05:58:54.0912 3696 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll

05:58:54.0912 3696 C:\Windows\System32\webio.dll - ok

05:58:54.0912 3696 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll

05:58:54.0912 3696 C:\Windows\System32\wiatrace.dll - ok

05:58:54.0912 3696 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

05:58:54.0912 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok

05:58:54.0927 3696 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll

05:58:54.0927 3696 C:\Windows\System32\ssdpapi.dll - ok

05:58:54.0927 3696 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll

05:58:54.0927 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

05:58:54.0927 3696 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

05:58:54.0927 3696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok

05:58:54.0927 3696 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll

05:58:54.0927 3696 C:\Windows\System32\trkwks.dll - ok

05:58:54.0927 3696 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll

05:58:54.0927 3696 C:\Windows\System32\wbem\WMIsvc.dll - ok

05:58:54.0927 3696 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll

05:58:54.0927 3696 C:\Windows\System32\wbemcomn.dll - ok

05:58:54.0943 3696 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL

05:58:54.0943 3696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok

05:58:54.0943 3696 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll

05:58:54.0943 3696 C:\Windows\System32\SensApi.dll - ok

05:58:54.0943 3696 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll

05:58:54.0943 3696 C:\Windows\System32\wbem\fastprox.dll - ok

05:58:54.0943 3696 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll

05:58:54.0943 3696 C:\Windows\System32\wbem\WinMgmtR.dll - ok

05:58:54.0943 3696 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll

05:58:54.0943 3696 C:\Windows\System32\wbem\WmiDcPrv.dll - ok

05:58:54.0943 3696 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll

05:58:54.0943 3696 C:\Windows\System32\wer.dll - ok

05:58:54.0943 3696 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll

05:58:54.0943 3696 C:\Windows\System32\ntdsapi.dll - ok

05:58:54.0959 3696 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll

05:58:54.0959 3696 C:\Windows\System32\wbem\wbemprox.dll - ok

05:58:54.0959 3696 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll

05:58:54.0959 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

05:58:54.0959 3696 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll

05:58:54.0959 3696 C:\Windows\System32\wbem\wbemcore.dll - ok

05:58:54.0959 3696 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

05:58:54.0959 3696 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

05:58:54.0959 3696 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll

05:58:54.0959 3696 C:\Windows\SysWOW64\winnsi.dll - ok

05:58:54.0959 3696 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll

05:58:54.0959 3696 C:\Windows\System32\WinSCard.dll - ok

05:58:54.0974 3696 [ C3C8D359D1FCB72941F75F8A302BFBDE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

05:58:54.0974 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok

05:58:54.0974 3696 [ 2D62FF2B999A0A38E6438691C246481F ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll

05:58:54.0974 3696 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok

05:58:54.0974 3696 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll

05:58:54.0974 3696 C:\Windows\System32\msxml3.dll - ok

05:58:54.0974 3696 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll

05:58:54.0974 3696 C:\Windows\System32\wbem\esscli.dll - ok

05:58:54.0974 3696 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll

05:58:54.0974 3696 C:\Windows\System32\wbem\wbemsvc.dll - ok

05:58:54.0974 3696 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll

05:58:54.0974 3696 C:\Windows\System32\wbem\wmiutils.dll - ok

05:58:54.0974 3696 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

05:58:54.0990 3696 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok

05:58:54.0990 3696 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll

05:58:54.0990 3696 C:\Windows\System32\wbem\repdrvfs.dll - ok

05:58:54.0990 3696 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll

05:58:54.0990 3696 C:\Windows\System32\dssenh.dll - ok

05:58:54.0990 3696 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll

05:58:54.0990 3696 C:\Windows\System32\wbem\WmiPrvSD.dll - ok

05:58:54.0990 3696 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll

05:58:54.0990 3696 C:\Windows\System32\ncobjapi.dll - ok

05:58:54.0990 3696 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll

05:58:54.0990 3696 C:\Windows\System32\wbem\wbemess.dll - ok

05:58:54.0990 3696 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll

05:58:54.0990 3696 C:\Windows\System32\aeevts.dll - ok

05:58:55.0005 3696 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll

05:58:55.0005 3696 C:\Windows\System32\wdi.dll - ok

05:58:55.0005 3696 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll

05:58:55.0005 3696 C:\Windows\System32\appinfo.dll - ok

05:58:55.0005 3696 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll

05:58:55.0005 3696 C:\Windows\System32\hidserv.dll - ok

05:58:55.0005 3696 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll

05:58:55.0005 3696 C:\Windows\System32\wpdbusenum.dll - ok

05:58:55.0005 3696 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll

05:58:55.0005 3696 C:\Windows\System32\NapiNSP.dll - ok

05:58:55.0005 3696 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll

05:58:55.0005 3696 C:\Windows\System32\PortableDeviceApi.dll - ok

05:58:55.0005 3696 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll

05:58:55.0005 3696 C:\Windows\System32\pnrpnsp.dll - ok

05:58:55.0021 3696 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll

05:58:55.0021 3696 C:\Windows\System32\winrnr.dll - ok

05:58:55.0021 3696 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll

05:58:55.0021 3696 C:\Windows\System32\diagperf.dll - ok

05:58:55.0021 3696 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll

05:58:55.0021 3696 C:\Windows\System32\perftrack.dll - ok

05:58:55.0021 3696 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll

05:58:55.0021 3696 C:\Windows\System32\PortableDeviceConnectApi.dll - ok

05:58:55.0021 3696 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll

05:58:55.0021 3696 C:\Windows\System32\Apphlpdm.dll - ok

05:58:55.0021 3696 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll

05:58:55.0021 3696 C:\Windows\System32\pnpts.dll - ok

05:58:55.0037 3696 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll

05:58:55.0037 3696 C:\Windows\System32\radardt.dll - ok

05:58:55.0037 3696 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll

05:58:55.0037 3696 C:\Windows\System32\wdiasqmmodule.dll - ok

05:58:55.0037 3696 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe

05:58:55.0037 3696 C:\Windows\System32\runonce.exe - ok

05:58:55.0037 3696 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe

05:58:55.0037 3696 C:\Windows\SysWOW64\runonce.exe - ok

05:58:55.0037 3696 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

05:58:55.0037 3696 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

05:58:55.0037 3696 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll

05:58:55.0037 3696 C:\Windows\SysWOW64\uxtheme.dll - ok

05:58:55.0052 3696 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll

05:58:55.0052 3696 C:\Windows\SysWOW64\clbcatq.dll - ok

05:58:55.0052 3696 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll

05:58:55.0052 3696 C:\Windows\SysWOW64\propsys.dll - ok

05:58:55.0052 3696 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll

05:58:55.0052 3696 C:\Windows\SysWOW64\secur32.dll - ok

05:58:55.0052 3696 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll

05:58:55.0052 3696 C:\Windows\SysWOW64\apphelp.dll - ok

05:58:55.0052 3696 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe

05:58:55.0052 3696 C:\Windows\SysWOW64\cmd.exe - ok

05:58:55.0052 3696 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe

05:58:55.0052 3696 C:\Windows\System32\conhost.exe - ok

05:58:55.0052 3696 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll

05:58:55.0052 3696 C:\Windows\SysWOW64\winbrand.dll - ok

05:58:55.0068 3696 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\SysWOW64\ieframe.dll

05:58:55.0068 3696 C:\Windows\SysWOW64\ieframe.dll - ok

05:58:55.0068 3696 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll

05:58:55.0068 3696 C:\Windows\SysWOW64\oleacc.dll - ok

05:58:55.0068 3696 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll

05:58:55.0068 3696 C:\Windows\SysWOW64\psapi.dll - ok

05:58:55.0068 3696 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll

05:58:55.0068 3696 C:\Windows\SysWOW64\shdocvw.dll - ok

05:58:55.0068 3696 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll

05:58:55.0068 3696 C:\Windows\System32\aelupsvc.dll - ok

05:58:55.0068 3696 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll

05:58:55.0068 3696 C:\Windows\System32\dimsjob.dll - ok

05:58:55.0068 3696 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll

05:58:55.0068 3696 C:\Windows\System32\npmproxy.dll - ok

05:58:55.0083 3696 [ 7EC8CE5141780FF3D36F326779B7CCA3 ] C:\Users\Barriuso\AppData\Local\Temp\9B67C1FB-F7F5-48B1-B8AF-916249175B0F.exe

05:58:55.0083 3696 C:\Users\Barriuso\AppData\Local\Temp\9B67C1FB-F7F5-48B1-B8AF-916249175B0F.exe - ok

05:58:55.0083 3696 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll

05:58:55.0083 3696 C:\Windows\SysWOW64\cryptsp.dll - ok

05:58:55.0083 3696 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll

05:58:55.0083 3696 C:\Windows\SysWOW64\rsaenh.dll - ok

05:58:55.0083 3696 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll

05:58:55.0083 3696 C:\Windows\SysWOW64\imagehlp.dll - ok

05:58:55.0083 3696 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll

05:58:55.0083 3696 C:\Windows\SysWOW64\ncrypt.dll - ok

05:58:55.0083 3696 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll

05:58:55.0083 3696 C:\Windows\SysWOW64\bcrypt.dll - ok

05:58:55.0099 3696 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\bcryptprimitives.dll - ok

05:58:55.0099 3696 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\gpapi.dll - ok

05:58:55.0099 3696 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\cryptnet.dll - ok

05:58:55.0099 3696 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\SensApi.dll - ok

05:58:55.0099 3696 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\winhttp.dll - ok

05:58:55.0099 3696 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\webio.dll - ok

05:58:55.0099 3696 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll

05:58:55.0099 3696 C:\Windows\SysWOW64\credssp.dll - ok

05:58:55.0115 3696 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll

05:58:55.0115 3696 C:\Windows\SysWOW64\wship6.dll - ok

05:58:55.0115 3696 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll

05:58:55.0115 3696 C:\Windows\SysWOW64\dhcpcsvc.dll - ok

05:58:55.0115 3696 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll

05:58:55.0115 3696 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok

05:58:55.0115 3696 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL

05:58:55.0115 3696 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok

05:58:55.0115 3696 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll

05:58:55.0115 3696 C:\Windows\SysWOW64\dnsapi.dll - ok

05:58:55.0115 3696 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll

05:58:55.0115 3696 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok

05:58:55.0130 3696 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\rasadhlp.dll - ok

05:58:55.0130 3696 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL

05:58:55.0130 3696 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok

05:58:55.0130 3696 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\dwmapi.dll - ok

05:58:55.0130 3696 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\WindowsCodecs.dll - ok

05:58:55.0130 3696 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\EhStorShell.dll - ok

05:58:55.0130 3696 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\ntshrui.dll - ok

05:58:55.0130 3696 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll

05:58:55.0130 3696 C:\Windows\SysWOW64\srvcli.dll - ok

05:58:55.0146 3696 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\cscapi.dll - ok

05:58:55.0146 3696 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\imageres.dll - ok

05:58:55.0146 3696 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\slc.dll - ok

05:58:55.0146 3696 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\sfc.dll - ok

05:58:55.0146 3696 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\sfc_os.dll - ok

05:58:55.0146 3696 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll

05:58:55.0146 3696 C:\Windows\SysWOW64\devrtl.dll - ok

05:58:55.0161 3696 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll

05:58:55.0161 3696 C:\Windows\SysWOW64\mpr.dll - ok

05:58:55.0161 3696 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll

05:58:55.0161 3696 C:\Windows\SysWOW64\netutils.dll - ok

05:58:55.0161 3696 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe

05:58:55.0161 3696 C:\Windows\System32\ie4uinit.exe - ok

05:58:55.0161 3696 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll

05:58:55.0161 3696 C:\Windows\System32\iedkcs32.dll - ok

05:58:55.0161 3696 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl

05:58:55.0161 3696 C:\Windows\System32\timedate.cpl - ok

05:58:55.0161 3696 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll

05:58:55.0161 3696 C:\Windows\System32\shdocvw.dll - ok

05:58:55.0161 3696 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll

05:58:55.0161 3696 C:\Windows\System32\linkinfo.dll - ok

05:58:55.0177 3696 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll

05:58:55.0177 3696 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok

05:58:55.0177 3696 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll

05:58:55.0177 3696 C:\Windows\System32\gameux.dll - ok

05:58:55.0177 3696 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll

05:58:55.0177 3696 C:\Windows\System32\msftedit.dll - ok

05:58:55.0177 3696 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll

05:58:55.0177 3696 C:\Windows\System32\msls31.dll - ok

05:58:55.0177 3696 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll

05:58:55.0177 3696 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok

05:58:55.0177 3696 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll

05:58:55.0177 3696 C:\Windows\System32\DeviceCenter.dll - ok

05:58:55.0193 3696 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll

05:58:55.0193 3696 C:\Windows\System32\msi.dll - ok

05:58:55.0193 3696 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll

05:58:55.0193 3696 C:\Windows\System32\msiltcfg.dll - ok

05:58:55.0193 3696 [ 15F19DFA19C4566CEC8764400BCECF8B ] C:\Windows\System32\hkcmd.exe

05:58:55.0193 3696 C:\Windows\System32\hkcmd.exe - ok

05:58:55.0193 3696 [ F1889BC6C4E257FB84AF11A38F6E3175 ] C:\Windows\System32\igfxtray.exe

05:58:55.0193 3696 C:\Windows\System32\igfxtray.exe - ok

05:58:55.0193 3696 [ 8207DAD22DC87DB646106C1533D633BD ] C:\Windows\System32\hccutils.dll

05:58:55.0193 3696 C:\Windows\System32\hccutils.dll - ok

05:58:55.0193 3696 [ FE3F457382FEF4C0AA09FEB92567CA1F ] C:\Windows\System32\igfxpers.exe

05:58:55.0193 3696 C:\Windows\System32\igfxpers.exe - ok

05:58:55.0193 3696 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll

05:58:55.0193 3696 C:\Windows\System32\thumbcache.dll - ok

05:58:55.0208 3696 [ 6E6DCBA22C1C4244714975B3BF4A84B1 ] C:\Windows\System32\igfxsrvc.exe

05:58:55.0208 3696 C:\Windows\System32\igfxsrvc.exe - ok

05:58:55.0208 3696 [ 45E702A7E81E81EB87F6E7A4B9643E42 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

05:58:55.0208 3696 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok

05:58:55.0208 3696 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll

05:58:55.0208 3696 C:\Windows\System32\networkexplorer.dll - ok

05:58:55.0208 3696 [ 3FF91352B70C1DD93859168A9D5D088D ] C:\Windows\System32\igfxdev.dll

05:58:55.0208 3696 C:\Windows\System32\igfxdev.dll - ok

05:58:55.0208 3696 [ 40EF27D43C3C583EDC12CB1A07CAA7D3 ] C:\Windows\System32\igfxsrvc.dll

05:58:55.0208 3696 C:\Windows\System32\igfxsrvc.dll - ok

05:58:55.0208 3696 [ A041461C314AC881E466DFE0DEBA7E0C ] C:\Windows\System32\igfxrenu.lrc

05:58:55.0208 3696 C:\Windows\System32\igfxrenu.lrc - ok

05:58:55.0224 3696 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll

05:58:55.0224 3696 C:\Windows\System32\IccLibDll_x64.dll - ok

05:58:55.0224 3696 [ 9C6F3CC6A3BB310D70026AF1B4561F65 ] C:\Windows\System32\ieframe.dll

05:58:55.0224 3696 C:\Windows\System32\ieframe.dll - ok

05:58:55.0224 3696 [ 00490C2A421579311EFF460ADDAB7AD0 ] C:\Program Files\Microsoft Security Client\msseces.exe

05:58:55.0224 3696 C:\Program Files\Microsoft Security Client\msseces.exe - ok

05:58:55.0224 3696 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe

05:58:55.0224 3696 C:\Windows\System32\rundll32.exe - ok

05:58:55.0224 3696 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe

05:58:55.0224 3696 C:\Windows\SysWOW64\rundll32.exe - ok

05:58:55.0224 3696 [ 132D33F24D91165A5E6D93814CCEDB38 ] C:\Windows\System32\igfxress.dll

05:58:55.0224 3696 C:\Windows\System32\igfxress.dll - ok

05:58:55.0224 3696 [ 51464B6C373CD07E7D4A6CC9294ED67C ] C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\Dropbox.exe

05:58:55.0224 3696 C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok

05:58:55.0239 3696 [ 27CE807EE1E61A30D136D2C59D4B1627 ] C:\Program Files\Microsoft Security Client\MpClient.dll

05:58:55.0239 3696 C:\Program Files\Microsoft Security Client\MpClient.dll - ok

05:58:55.0239 3696 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll

05:58:55.0239 3696 C:\Windows\AppPatch\AcLayers.dll - ok

05:58:55.0239 3696 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll

05:58:55.0239 3696 C:\Windows\SysWOW64\riched20.dll - ok

05:58:55.0239 3696 [ 7CF072E03D4F943B1FE20339B973EDBB ] C:\Windows\jmesoft\hotkey.exe

05:58:55.0239 3696 C:\Windows\jmesoft\hotkey.exe - ok

05:58:55.0239 3696 [ 69920C35DF3B358232927CC9748A8BCA ] C:\Windows\jmesoft\ServiceLoader.exe

05:58:55.0239 3696 C:\Windows\jmesoft\ServiceLoader.exe - ok

05:58:55.0239 3696 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll

05:58:55.0239 3696 C:\Windows\SysWOW64\mfc42.dll - ok

05:58:55.0255 3696 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv

05:58:55.0255 3696 C:\Windows\SysWOW64\winspool.drv - ok

05:58:55.0255 3696 [ 3FB4E7E2069F0FD9E15ABC18D605E427 ] C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe

05:58:55.0255 3696 C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe - ok

05:58:55.0255 3696 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\msvcr71.dll

05:58:55.0255 3696 C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\msvcr71.dll - ok

05:58:55.0255 3696 [ E73D0AC3EDE0E0D1E259DCC102B52DE3 ] C:\Windows\OEM03Mon.exe

05:58:55.0255 3696 C:\Windows\OEM03Mon.exe - ok

05:58:55.0255 3696 [ 948BF310B8AE0DA1821175FF027B3391 ] C:\Program Files\Microsoft Security Client\EppManifest.dll

05:58:55.0255 3696 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok

05:58:55.0255 3696 [ C1ADCC7D56B02592509C61D23EF86910 ] C:\Users\Barriuso\AppData\Local\Mozilla\Microsoft\vrbumvlxt.dll

05:58:55.0255 3696 C:\Users\Barriuso\AppData\Local\Mozilla\Microsoft\vrbumvlxt.dll - ok

05:58:55.0271 3696 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll

05:58:55.0271 3696 C:\Windows\AppPatch\acwow64.dll - ok

05:58:55.0271 3696 [ 6055F2812C4E4658D772074AEF132098 ] C:\Program Files\Microsoft Security Client\MsMpRes.dll

05:58:55.0271 3696 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok

05:58:55.0271 3696 [ B45F2C4076ACFD9714037B7C69D90167 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

05:58:55.0271 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok

05:58:55.0271 3696 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax

05:58:55.0271 3696 C:\Windows\SysWOW64\ksproxy.ax - ok

05:58:55.0271 3696 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll

05:58:55.0271 3696 C:\Windows\SysWOW64\d3d9.dll - ok

05:58:55.0271 3696 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll

05:58:55.0271 3696 C:\Windows\SysWOW64\ksuser.dll - ok

05:58:55.0271 3696 [ E0CD5872CA4552056C4C705361A6BB5A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll

05:58:55.0271 3696 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok

05:58:55.0286 3696 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll

05:58:55.0286 3696 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok

05:58:55.0286 3696 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

05:58:55.0286 3696 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok

05:58:55.0286 3696 [ 34086F1DBB4065047EA3671CB70505CC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

05:58:55.0286 3696 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok

05:58:55.0286 3696 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe

05:58:55.0286 3696 C:\Program Files (x86)\QuickTime\QTTask.exe - ok

05:58:55.0286 3696 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll

05:58:55.0286 3696 C:\Windows\SysWOW64\odbc32.dll - ok

05:58:55.0286 3696 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll

05:58:55.0286 3696 C:\Windows\SysWOW64\netapi32.dll - ok

05:58:55.0302 3696 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\wkscli.dll - ok

05:58:55.0302 3696 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\logoncli.dll - ok

05:58:55.0302 3696 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\ntdsapi.dll - ok

05:58:55.0302 3696 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\security.dll - ok

05:58:55.0302 3696 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\msi.dll - ok

05:58:55.0302 3696 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll

05:58:55.0302 3696 C:\Windows\SysWOW64\d3d8thk.dll - ok

05:58:55.0317 3696 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll

05:58:55.0317 3696 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok

05:58:55.0317 3696 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll

05:58:55.0317 3696 C:\Windows\SysWOW64\comdlg32.dll - ok

05:58:55.0317 3696 [ 9E100706E0DAF8C1966C91BE8BA8A5BE ] C:\Windows\jmesoft\JME_LOAD.exe

05:58:55.0317 3696 C:\Windows\jmesoft\JME_LOAD.exe - ok

05:58:55.0317 3696 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll

05:58:55.0317 3696 C:\Windows\SysWOW64\msimg32.dll - ok

05:58:55.0317 3696 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll

05:58:55.0317 3696 C:\Windows\SysWOW64\odbcint.dll - ok

05:58:55.0317 3696 [ B1CA4AA760FF0DDFA1C38E95D19CFEFB ] C:\Program Files (x86)\iTunes\iTunesHelper.dll

05:58:55.0317 3696 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok

05:58:55.0317 3696 [ 0654195051D1024C005E7BE135A6FEE7 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll

05:58:55.0317 3696 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

05:58:55.0333 3696 [ E7FE89F69C3CC65CAD3D1ADC5D6A9F41 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

05:58:55.0333 3696 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

05:58:55.0333 3696 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll

05:58:55.0333 3696 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

05:58:55.0333 3696 [ 197FCFBB07F3AB33E3FDE1DF04298078 ] C:\Windows\jmesoft\KeyHook.dll

05:58:55.0333 3696 C:\Windows\jmesoft\KeyHook.dll - ok

05:58:55.0333 3696 [ 0303C433E5B37C98C3E787A1F15A12FA ] C:\Windows\jmesoft\VistaVolume.dll

05:58:55.0333 3696 C:\Windows\jmesoft\VistaVolume.dll - ok

05:58:55.0333 3696 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll

05:58:55.0333 3696 C:\Windows\SysWOW64\MMDevAPI.dll - ok

05:58:55.0333 3696 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll

05:58:55.0333 3696 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok

05:58:55.0349 3696 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv

05:58:55.0349 3696 C:\Windows\SysWOW64\wdmaud.drv - ok

05:58:55.0349 3696 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll

05:58:55.0349 3696 C:\Windows\SysWOW64\AudioSes.dll - ok

05:58:55.0349 3696 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll

05:58:55.0349 3696 C:\Windows\SysWOW64\avrt.dll - ok

05:58:55.0349 3696 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll

05:58:55.0349 3696 C:\Windows\SysWOW64\midimap.dll - ok

05:58:55.0349 3696 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll

05:58:55.0349 3696 C:\Windows\SysWOW64\msacm32.dll - ok

05:58:55.0349 3696 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv

05:58:55.0349 3696 C:\Windows\SysWOW64\msacm32.drv - ok

05:58:55.0349 3696 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\msvcp71.dll

05:58:55.0349 3696 C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\msvcp71.dll - ok

05:58:55.0364 3696 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

05:58:55.0364 3696 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok

05:58:55.0364 3696 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll

05:58:55.0364 3696 C:\Windows\System32\dsound.dll - ok

05:58:55.0364 3696 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

05:58:55.0364 3696 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok

05:58:55.0364 3696 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll

05:58:55.0364 3696 C:\Windows\System32\opengl32.dll - ok

05:58:55.0364 3696 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll

05:58:55.0364 3696 C:\Windows\System32\glu32.dll - ok

05:58:55.0364 3696 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe

05:58:55.0364 3696 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok

05:58:55.0380 3696 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll

05:58:55.0380 3696 C:\Windows\System32\ddraw.dll - ok

05:58:55.0380 3696 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll

05:58:55.0380 3696 C:\Windows\System32\oleacc.dll - ok

05:58:55.0380 3696 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll

05:58:55.0380 3696 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok

05:58:55.0380 3696 [ 3BD9914CD4884432EF25867CBAF4E7FE ] C:\Windows\System32\GfxUI.exe

05:58:55.0380 3696 C:\Windows\System32\GfxUI.exe - ok

05:58:55.0380 3696 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll

05:58:55.0380 3696 C:\Windows\System32\dciman32.dll - ok

05:58:55.0380 3696 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll

05:58:55.0380 3696 C:\Windows\System32\msimg32.dll - ok

05:58:55.0395 3696 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll

05:58:55.0395 3696 C:\Windows\System32\oledlg.dll - ok

05:58:55.0395 3696 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv

05:58:55.0395 3696 C:\Windows\System32\wdmaud.drv - ok

05:58:55.0395 3696 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll

05:58:55.0395 3696 C:\Windows\System32\ksuser.dll - ok

05:58:55.0395 3696 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll

05:58:55.0395 3696 C:\Windows\System32\AudioSes.dll - ok

05:58:55.0395 3696 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll

05:58:55.0395 3696 C:\Windows\System32\mscoree.dll - ok

05:58:55.0395 3696 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll

05:58:55.0395 3696 C:\Windows\System32\msacm32.dll - ok

05:58:55.0395 3696 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv

05:58:55.0395 3696 C:\Windows\System32\msacm32.drv - ok

05:58:55.0411 3696 [ B166B02EF941522763B069D50A682D60 ] C:\Windows\System32\RtkCfg64.dll

05:58:55.0411 3696 C:\Windows\System32\RtkCfg64.dll - ok

05:58:55.0411 3696 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll

05:58:55.0411 3696 C:\Windows\System32\AudioEng.dll - ok

05:58:55.0411 3696 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll

05:58:55.0411 3696 C:\Windows\System32\midimap.dll - ok

05:58:55.0411 3696 [ F350BD645F9092C0719DE1D58D35F7C5 ] C:\Windows\System32\RtkAPO64.dll

05:58:55.0411 3696 C:\Windows\System32\RtkAPO64.dll - ok

05:58:55.0411 3696 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll

05:58:55.0411 3696 C:\Windows\SysWOW64\FirewallAPI.dll - ok

05:58:55.0411 3696 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll

05:58:55.0411 3696 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok

05:58:55.0427 3696 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll

05:58:55.0427 3696 C:\Windows\System32\AUDIOKSE.dll - ok

05:58:55.0427 3696 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll

05:58:55.0427 3696 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok

05:58:55.0427 3696 [ D5369247B6C11EAE2C0650D8303E23B4 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

05:58:55.0427 3696 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

05:58:55.0427 3696 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\09135976.sys

05:58:55.0427 3696 C:\Windows\System32\drivers\09135976.sys - ok

05:58:55.0427 3696 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll

05:58:55.0427 3696 C:\Windows\SysWOW64\winsta.dll - ok

05:58:55.0427 3696 [ A9AB99EE7D39725EAFEC82732D2B3271 ] C:\Program Files\iPod\bin\iPodService.exe

05:58:55.0427 3696 C:\Program Files\iPod\bin\iPodService.exe - ok

05:58:55.0427 3696 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll

05:58:55.0427 3696 C:\Windows\System32\WMALFXGFXDSP.dll - ok

05:58:55.0442 3696 [ 5CB4174FB02E0BD4639B6EBDE31EC8E1 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll

05:58:55.0442 3696 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok

05:58:55.0442 3696 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll

05:58:55.0442 3696 C:\Windows\SysWOW64\NapiNSP.dll - ok

05:58:55.0442 3696 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll

05:58:55.0442 3696 C:\Windows\SysWOW64\pnrpnsp.dll - ok

05:58:55.0442 3696 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll

05:58:55.0442 3696 C:\Windows\SysWOW64\winrnr.dll - ok

05:58:55.0442 3696 [ BFC43967D25EA76082B9369B619AE5A7 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll

05:58:55.0442 3696 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok

05:58:55.0442 3696 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll

05:58:55.0442 3696 C:\Windows\SysWOW64\sxs.dll - ok

05:58:55.0458 3696 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll

05:58:55.0458 3696 C:\Windows\System32\mfplat.dll - ok

05:58:55.0458 3696 [ 5746BD7E255DD6A8AFA06F7C42C1BA41 ] C:\Windows\System32\cmd.exe

05:58:55.0458 3696 C:\Windows\System32\cmd.exe - ok

05:58:55.0458 3696 [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll

05:58:55.0458 3696 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok

05:58:55.0458 3696 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll

05:58:55.0458 3696 C:\Windows\SysWOW64\ExplorerFrame.dll - ok

05:58:55.0458 3696 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll

05:58:55.0458 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok

05:58:55.0458 3696 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll

05:58:55.0458 3696 C:\Windows\SysWOW64\duser.dll - ok

05:58:55.0473 3696 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll

05:58:55.0473 3696 C:\Windows\SysWOW64\dui70.dll - ok

05:58:55.0473 3696 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll

05:58:55.0473 3696 C:\Windows\System32\UIAnimation.dll - ok

05:58:55.0473 3696 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll

05:58:55.0473 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok

05:58:55.0473 3696 [ 92CBA4EBF1EAC5329662A967C079F660 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll

05:58:55.0473 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\4bcc5a6e9e9d25e068fc304bd7eda6af\WindowsBase.ni.dll - ok

05:58:55.0473 3696 [ 383661D710295D2DA3FDFBA0C3ED4BCF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll

05:58:55.0473 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\3a9d13514a8c4c710fa5ce8e9b5393fe\PresentationCore.ni.dll - ok

05:58:55.0473 3696 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll

05:58:55.0473 3696 C:\Windows\System32\stobject.dll - ok

05:58:55.0473 3696 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll

05:58:55.0473 3696 C:\Windows\System32\batmeter.dll - ok

05:58:55.0489 3696 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll

05:58:55.0489 3696 C:\Windows\System32\prnfldr.dll - ok

05:58:55.0489 3696 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll

05:58:55.0489 3696 C:\Windows\System32\DXP.dll - ok

05:58:55.0489 3696 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll

05:58:55.0489 3696 C:\Windows\System32\Syncreg.dll - ok

05:58:55.0489 3696 [ 77D23D333BF27515EA51A23E96A63D6C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll

05:58:55.0489 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\47054c4d5b7e522c21a9d57797410302\PresentationFramework.ni.dll - ok

05:58:55.0489 3696 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll

05:58:55.0489 3696 C:\Windows\ehome\ehSSO.dll - ok

05:58:55.0489 3696 [ 6D74290856347CF8682277A54B433D4B ] C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

05:58:55.0489 3696 C:\Users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll - ok

05:58:55.0505 3696 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll

05:58:55.0505 3696 C:\Windows\System32\netshell.dll - ok

05:58:55.0505 3696 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll

05:58:55.0505 3696 C:\Windows\System32\AltTab.dll - ok

05:58:55.0505 3696 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll

05:58:55.0505 3696 C:\Windows\System32\WPDShServiceObj.dll - ok

05:58:55.0505 3696 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll

05:58:55.0505 3696 C:\Windows\System32\PortableDeviceTypes.dll - ok

05:58:55.0505 3696 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe

05:58:55.0505 3696 C:\Windows\System32\SearchIndexer.exe - ok

05:58:55.0505 3696 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll

05:58:55.0505 3696 C:\Windows\System32\pnidui.dll - ok

05:58:55.0520 3696 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll

05:58:55.0520 3696 C:\Windows\System32\tquery.dll - ok

05:58:55.0520 3696 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL

05:58:55.0520 3696 C:\Windows\System32\QUTIL.DLL - ok

05:58:55.0520 3696 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll

05:58:55.0520 3696 C:\Windows\System32\srchadmin.dll - ok

05:58:55.0520 3696 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll

05:58:55.0520 3696 C:\Windows\System32\mssrch.dll - ok

05:58:55.0520 3696 [ C264145F107437CBD3B30303733AEE4F ] C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll

05:58:55.0520 3696 C:\Windows\assembly\GAC_64\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok

05:58:55.0520 3696 [ 9C376F42BDE37F18D0A39AF7415D9BE6 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe

05:58:55.0520 3696 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok

05:58:55.0520 3696 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll

05:58:55.0520 3696 C:\Windows\System32\esent.dll - ok

05:58:55.0536 3696 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll

05:58:55.0536 3696 C:\Windows\System32\msidle.dll - ok

05:58:55.0536 3696 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll

05:58:55.0536 3696 C:\Windows\System32\netman.dll - ok

05:58:55.0536 3696 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll

05:58:55.0536 3696 C:\Windows\System32\mssprxy.dll - ok

05:58:55.0536 3696 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll

05:58:55.0536 3696 C:\Windows\System32\rasdlg.dll - ok

05:58:55.0536 3696 [ C8541AECCCA9260DE93C85F214110FA8 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll

05:58:55.0536 3696 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok

05:58:55.0536 3696 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui

05:58:55.0536 3696 C:\Windows\System32\en-US\tquery.dll.mui - ok

05:58:55.0551 3696 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll

05:58:55.0551 3696 C:\Windows\System32\mprapi.dll - ok

05:58:55.0551 3696 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll

05:58:55.0551 3696 C:\Windows\System32\netcfgx.dll - ok

05:58:55.0551 3696 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll

05:58:55.0551 3696 C:\Windows\System32\dot3api.dll - ok

05:58:55.0551 3696 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll

05:58:55.0551 3696 C:\Windows\System32\eappcfg.dll - ok

05:58:55.0551 3696 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll

05:58:55.0551 3696 C:\Windows\System32\onex.dll - ok

05:58:55.0551 3696 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll

05:58:55.0551 3696 C:\Windows\System32\wlanapi.dll - ok

05:58:55.0551 3696 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll

05:58:55.0551 3696 C:\Windows\System32\wlanhlp.dll - ok

05:58:55.0567 3696 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll

05:58:55.0567 3696 C:\Windows\System32\wlanutil.dll - ok

05:58:55.0567 3696 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll

05:58:55.0567 3696 C:\Windows\System32\eappprxy.dll - ok

05:58:55.0567 3696 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll

05:58:55.0567 3696 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok

05:58:55.0567 3696 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll

05:58:55.0567 3696 C:\Windows\System32\hnetcfg.dll - ok

05:58:55.0567 3696 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe

05:58:55.0567 3696 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok

05:58:55.0567 3696 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll

05:58:55.0567 3696 C:\Windows\System32\WWanAPI.dll - ok

05:58:55.0583 3696 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll

05:58:55.0583 3696 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok

05:58:55.0583 3696 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL

05:58:55.0583 3696 C:\Windows\System32\QAGENT.DLL - ok

05:58:55.0583 3696 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll

05:58:55.0583 3696 C:\Windows\System32\wwapi.dll - ok

05:58:55.0583 3696 [ E94404A007037C5899941F285CA5444D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll

05:58:55.0583 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\f4d304fcbfda323997083a1f88b83719\WindowsFormsIntegration.ni.dll - ok

05:58:55.0583 3696 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl

05:58:55.0583 3696 C:\Windows\System32\bthprops.cpl - ok

05:58:55.0583 3696 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll

05:58:55.0583 3696 C:\Program Files\Windows Media Player\wmpnssci.dll - ok

05:58:55.0598 3696 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll

05:58:55.0598 3696 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok

05:58:55.0598 3696 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe

05:58:55.0598 3696 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok

05:58:55.0598 3696 [ ACBABB8E45BEBFE6B03761ECA0126E55 ] C:\Windows\System32\gfxSrvc.dll

05:58:55.0598 3696 C:\Windows\System32\gfxSrvc.dll - ok

05:58:55.0598 3696 [ 346242C94BA09626AE7F3591264900C9 ] C:\Windows\System32\IGFXDEVLib.dll

05:58:55.0598 3696 C:\Windows\System32\IGFXDEVLib.dll - ok

05:58:55.0598 3696 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll

05:58:55.0598 3696 C:\Windows\System32\wsock32.dll - ok

05:58:55.0598 3696 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll

05:58:55.0598 3696 C:\Windows\System32\wmdrmdev.dll - ok

05:58:55.0598 3696 [ 730D87DF83F82967DA6EA893263E0D16 ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll

05:58:55.0598 3696 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok

05:58:55.0614 3696 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll

05:58:55.0614 3696 C:\Windows\System32\drmv2clt.dll - ok

05:58:55.0614 3696 [ 5C94FF7FABE1A23C9EF651D89C1FBDED ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll

05:58:55.0614 3696 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok

05:58:55.0614 3696 [ 32510F1FA8D3327BE3B29DBC4B01B3CB ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll

05:58:55.0614 3696 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok

05:58:55.0614 3696 [ 21FA8728B0E6D2D00063987BBC7C33E9 ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll

05:58:55.0614 3696 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok

05:58:55.0614 3696 [ 4EE96E9788C2C74353315DB612253D03 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll

05:58:55.0614 3696 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok

05:58:55.0614 3696 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll

05:58:55.0614 3696 C:\Windows\System32\d3d9.dll - ok

05:58:55.0629 3696 [ E013596DCCEC82B05B166523B91265AD ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll

05:58:55.0629 3696 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok

05:58:55.0629 3696 [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll

05:58:55.0629 3696 C:\Windows\System32\blackbox.dll - ok

05:58:55.0629 3696 [ 8B0FAFC68CB2674CFAF7B9E70464FDBB ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll

05:58:55.0629 3696 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok

05:58:55.0629 3696 [ 84EAABD444291C9E6A845AF2A1CE1523 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll

05:58:55.0629 3696 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok

05:58:55.0629 3696 [ 49AD92A2247654C4A2A95081ACE07B93 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll

05:58:55.0629 3696 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok

05:58:55.0629 3696 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll

05:58:55.0629 3696 C:\Windows\System32\upnp.dll - ok

05:58:55.0629 3696 [ A586CAB4FB1DE3872C2D6E153E961D3B ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll

05:58:55.0629 3696 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok

05:58:55.0645 3696 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll

05:58:55.0645 3696 C:\Windows\System32\ssdpsrv.dll - ok

05:58:55.0645 3696 [ D5E323543C0A1A9FEBC324519EFE2EC8 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll

05:58:55.0645 3696 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok

05:58:55.0645 3696 [ 4B70B15F477972E0189BE25F4573DB80 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

05:58:55.0645 3696 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok

05:58:55.0645 3696 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll

05:58:55.0645 3696 C:\Windows\System32\d3d8thk.dll - ok

05:58:55.0645 3696 [ D46104DB0B8CF8F5792FF2E622937E6F ] C:\Windows\System32\igdumd64.dll

05:58:55.0645 3696 C:\Windows\System32\igdumd64.dll - ok

05:58:55.0645 3696 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll

05:58:55.0645 3696 C:\Windows\System32\FXSST.dll - ok

05:58:55.0661 3696 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll

05:58:55.0661 3696 C:\Windows\System32\wmp.dll - ok

05:58:55.0661 3696 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll

05:58:55.0661 3696 C:\Windows\System32\FXSAPI.dll - ok

05:58:55.0661 3696 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll

05:58:55.0661 3696 C:\Windows\System32\FXSRESM.dll - ok

05:58:55.0661 3696 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll

05:58:55.0661 3696 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok

05:58:55.0661 3696 [ F18042C3223D6AAAF30346506463516E ] C:\Program Files (x86)\Mozilla Firefox\xul.dll

05:58:55.0661 3696 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok

05:58:55.0661 3696 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe

05:58:55.0661 3696 C:\Windows\System32\FXSSVC.exe - ok

05:58:55.0661 3696 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll

05:58:55.0661 3696 C:\Windows\System32\webcheck.dll - ok

05:58:55.0676 3696 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe

05:58:55.0676 3696 C:\Windows\System32\SearchProtocolHost.exe - ok

05:58:55.0676 3696 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL

05:58:55.0676 3696 C:\Windows\System32\wmploc.DLL - ok

05:58:55.0676 3696 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll

05:58:55.0676 3696 C:\Windows\System32\mlang.dll - ok

05:58:55.0676 3696 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll

05:58:55.0676 3696 C:\Windows\System32\msshooks.dll - ok

05:58:55.0676 3696 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe

05:58:55.0676 3696 C:\Windows\System32\SearchFilterHost.exe - ok

05:58:55.0676 3696 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll

05:58:55.0676 3696 C:\Windows\System32\mssph.dll - ok

05:58:55.0692 3696 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll

05:58:55.0692 3696 C:\Windows\System32\SyncCenter.dll - ok

05:58:55.0692 3696 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll

05:58:55.0692 3696 C:\Windows\System32\mapi32.dll - ok

05:58:55.0692 3696 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll

05:58:55.0692 3696 C:\Windows\System32\NaturalLanguage6.dll - ok

05:58:55.0692 3696 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll

05:58:55.0692 3696 C:\Windows\System32\hgcpl.dll - ok

05:58:55.0692 3696 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll

05:58:55.0692 3696 C:\Windows\System32\provsvc.dll - ok

05:58:55.0692 3696 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll

05:58:55.0692 3696 C:\Windows\System32\fdPHost.dll - ok

05:58:55.0692 3696 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll

05:58:55.0692 3696 C:\Windows\System32\fdWSD.dll - ok

05:58:55.0707 3696 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll

05:58:55.0707 3696 C:\Windows\System32\fdSSDP.dll - ok

05:58:55.0707 3696 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll

05:58:55.0707 3696 C:\Windows\System32\NlsData0009.dll - ok

05:58:55.0707 3696 [ 270CBAA170C7905CBA1EA6E94788D44B ] C:\Program Files\Internet Explorer\ieproxy.dll

05:58:55.0707 3696 C:\Program Files\Internet Explorer\ieproxy.dll - ok

05:58:55.0707 3696 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll

05:58:55.0707 3696 C:\Windows\System32\wmpps.dll - ok

05:58:55.0707 3696 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll

05:58:55.0707 3696 C:\Windows\System32\wmpmde.dll - ok

05:58:55.0707 3696 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll

05:58:55.0707 3696 C:\Windows\System32\NlsLexicons0009.dll - ok

05:58:55.0707 3696 [ 4AB72BB5D7FE5163D3AF85050351EDCB ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll

05:58:55.0707 3696 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok

05:58:55.0723 3696 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll

05:58:55.0723 3696 C:\Windows\System32\httpapi.dll - ok

05:58:55.0723 3696 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll

05:58:55.0723 3696 C:\Windows\System32\WinSATAPI.dll - ok

05:58:55.0723 3696 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL

05:58:55.0723 3696 C:\Windows\System32\MSMPEG2ENC.DLL - ok

05:58:55.0723 3696 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll

05:58:55.0723 3696 C:\Windows\System32\devenum.dll - ok

05:58:55.0723 3696 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll

05:58:55.0723 3696 C:\Windows\System32\msdmo.dll - ok

05:58:55.0723 3696 [ CD4B4E5652377E441688377D300E62A8 ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll

05:58:55.0723 3696 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok

05:58:55.0739 3696 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll

05:58:55.0739 3696 C:\Windows\System32\upnphost.dll - ok

05:58:55.0739 3696 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll

05:58:55.0739 3696 C:\Windows\SysWOW64\DWrite.dll - ok

05:58:55.0739 3696 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe

05:58:55.0739 3696 C:\Windows\System32\wbem\WmiPrvSE.exe - ok

05:58:55.0739 3696 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll

05:58:55.0739 3696 C:\Windows\System32\wbem\wmiprov.dll - ok

05:58:55.0739 3696 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll

05:58:55.0739 3696 C:\Windows\System32\FntCache.dll - ok

05:58:55.0739 3696 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll

05:58:55.0739 3696 C:\Windows\SysWOW64\dbghelp.dll - ok

05:58:55.0739 3696 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll

05:58:55.0739 3696 C:\Windows\System32\mscms.dll - ok

05:58:55.0754 3696 [ FCFCADA2B35D0599DC485F06DED21788 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll

05:58:55.0754 3696 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok

05:58:55.0754 3696 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll

05:58:55.0754 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok

05:58:55.0754 3696 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll

05:58:55.0754 3696 C:\Windows\SysWOW64\wshqos.dll - ok

05:58:55.0754 3696 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll

05:58:55.0754 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok

05:58:55.0754 3696 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll

05:58:55.0754 3696 C:\Windows\System32\udhisapi.dll - ok

05:58:55.0754 3696 [ 80C834BA6B844C4B717F2465C4E8EC0F ] C:\Windows\System32\WindowsCodecsExt.dll

05:58:55.0754 3696 C:\Windows\System32\WindowsCodecsExt.dll - ok

05:58:55.0770 3696 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll

05:58:55.0770 3696 C:\Windows\System32\icm32.dll - ok

05:58:55.0770 3696 [ BE63879E3ED6893F84309DF1EBECF26D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll

05:58:55.0770 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\4f3567165e2a444fc9a62980c4d0ea82\PresentationFramework.Aero.ni.dll - ok

05:58:55.0770 3696 [ E42CA66B4DE928973055BCC7243556A8 ] C:\Windows\SysWOW64\igd10umd32.dll

05:58:55.0770 3696 C:\Windows\SysWOW64\igd10umd32.dll - ok

05:58:55.0770 3696 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll

05:58:55.0770 3696 C:\Windows\SysWOW64\d3d10_1.dll - ok

05:58:55.0770 3696 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll

05:58:55.0770 3696 C:\Windows\SysWOW64\d3d10_1core.dll - ok

05:58:55.0770 3696 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll

05:58:55.0770 3696 C:\Windows\SysWOW64\dxgi.dll - ok

05:58:55.0785 3696 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll

05:58:55.0785 3696 C:\Windows\SysWOW64\d2d1.dll - ok

05:58:55.0785 3696 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll

05:58:55.0785 3696 C:\Windows\SysWOW64\d3d10.dll - ok

05:58:55.0785 3696 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll

05:58:55.0785 3696 C:\Windows\SysWOW64\d3d10core.dll - ok

05:58:55.0785 3696 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll

05:58:55.0785 3696 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok

05:58:55.0785 3696 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll

05:58:55.0785 3696 C:\Windows\SysWOW64\mscms.dll - ok

05:58:55.0785 3696 [ DD31BE71EBBF9BB9342AA8811956C2F0 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll

05:58:55.0785 3696 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok

05:58:55.0801 3696 [ AF68099C841EE4BE1C19458D41664A77 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll

05:58:55.0801 3696 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok

05:58:55.0801 3696 [ 6B77AC593EEFE2D7E855CA691F4A5C84 ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll

05:58:55.0801 3696 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok

05:58:55.0801 3696 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll

05:58:55.0801 3696 C:\Windows\System32\drprov.dll - ok

05:58:55.0801 3696 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll

05:58:55.0801 3696 C:\Windows\System32\ntlanman.dll - ok

05:58:55.0801 3696 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll

05:58:55.0801 3696 C:\Windows\System32\davclnt.dll - ok

05:58:55.0801 3696 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll

05:58:55.0801 3696 C:\Windows\System32\davhlpr.dll - ok

05:58:55.0801 3696 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll

05:58:55.0801 3696 C:\Windows\SysWOW64\feclient.dll - ok

05:58:55.0817 3696 [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll

05:58:55.0817 3696 C:\Windows\System32\mf.dll - ok

05:58:55.0817 3696 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll

05:58:55.0817 3696 C:\Windows\System32\wbem\NCProv.dll - ok

05:58:55.0817 3696 ============================================================

05:58:55.0817 3696 Scan finished

05:58:55.0817 3696 ============================================================

05:58:55.0817 3688 Detected object count: 1

05:58:55.0817 3688 Actual detected object count: 1

06:00:20.0696 3688 JME Keyboard ( UnsignedFile.Multi.Generic ) - skipped by user

06:00:20.0696 3688 JME Keyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Note: Please do not run this tool without special supervision and instruction of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

After running ComboFix, my internet did not restore. I had to restore the computer using the restore date that combofix made. Not sure if that undid everything or not.

Also MSE doesn't start. Went to disable it before the combofix procedure but it was already disabled. Tried turning it on and a message appeared mentioning "specified service does not exist as an installed service"

Anyway, here is the ComboFix log if it matters at this point:

ComboFix 12-09-18.02 - Barriuso 09/18/2012 7:35.1.4 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.6855 [GMT -4:00]

Running from: c:\users\Barriuso\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Barriuso\AppData\Local\Mozilla\Microsoft\vrbumvlxt.dll

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

.

.

((((((((((((((((((((((((( Files Created from 2012-08-18 to 2012-09-18 )))))))))))))))))))))))))))))))

.

.

2012-09-16 19:33 . 2012-09-16 19:33 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-09-16 19:33 . 2012-09-16 19:33 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2012-09-16 17:21 . 2012-09-16 17:21 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-09-16 14:17 . 2012-09-16 14:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy

2012-09-16 14:17 . 2012-09-16 14:17 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy

2012-09-16 06:20 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{738174F9-8CB0-4117-85B3-3581F1E13198}\mpengine.dll

2012-09-15 00:38 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-09-12 09:27 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys

2012-09-12 09:27 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 09:27 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll

2012-09-12 09:27 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll

2012-09-12 09:27 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys

2012-09-12 09:27 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys

2012-09-12 09:27 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-11 23:41 . 2012-09-11 23:41 -------- d-----w- C:\desktop

2012-09-11 12:28 . 2012-09-11 12:28 -------- d-----w- c:\users\Barriuso\AppData\Roaming\Malwarebytes

2012-09-09 20:15 . 2012-09-09 20:15 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-09-16 19:33 . 2012-07-05 12:44 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-09-16 19:33 . 2012-04-07 00:17 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-09-13 07:00 . 2012-04-07 23:28 64462936 ----a-w- c:\windows\system32\MRT.exe

2012-09-07 21:04 . 2012-04-07 00:19 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-31 16:21 . 2012-06-11 12:56 4278384 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2012-08-31 16:20 . 2012-06-11 12:56 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2012-08-15 03:39 . 2012-08-07 13:26 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-08-15 03:39 . 2012-07-07 12:42 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-18 18:15 . 2012-08-15 02:54 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-07-04 22:16 . 2012-08-15 02:54 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-07-04 22:13 . 2012-08-15 02:54 59392 ----a-w- c:\windows\system32\browcli.dll

2012-07-04 22:13 . 2012-08-15 02:54 136704 ----a-w- c:\windows\system32\browser.dll

2012-07-04 21:14 . 2012-08-15 02:54 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-07-04 16:54 . 2012-07-04 16:54 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll

2012-07-04 16:54 . 2012-07-04 16:54 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2012-07-04 16:54 . 2012-07-04 16:54 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2012-07-04 16:54 . 2012-07-04 16:54 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2012-06-29 04:55 . 2012-08-15 07:01 17809920 ----a-w- c:\windows\system32\mshtml.dll

2012-06-29 04:09 . 2012-08-15 07:01 10925568 ----a-w- c:\windows\system32\ieframe.dll

2012-06-29 03:56 . 2012-08-15 07:01 2312704 ----a-w- c:\windows\system32\jscript9.dll

2012-06-29 03:49 . 2012-08-15 07:01 1346048 ----a-w- c:\windows\system32\urlmon.dll

2012-06-29 03:49 . 2012-08-15 07:01 1392128 ----a-w- c:\windows\system32\wininet.dll

2012-06-29 03:48 . 2012-08-15 07:01 1494528 ----a-w- c:\windows\system32\inetcpl.cpl

2012-06-29 03:47 . 2012-08-15 07:01 237056 ----a-w- c:\windows\system32\url.dll

2012-06-29 03:45 . 2012-08-15 07:01 85504 ----a-w- c:\windows\system32\jsproxy.dll

2012-06-29 03:44 . 2012-08-15 07:01 816640 ----a-w- c:\windows\system32\jscript.dll

2012-06-29 03:43 . 2012-08-15 07:01 173056 ----a-w- c:\windows\system32\ieUnatt.exe

2012-06-29 03:42 . 2012-08-15 07:01 2144768 ----a-w- c:\windows\system32\iertutil.dll

2012-06-29 03:40 . 2012-08-15 07:01 96768 ----a-w- c:\windows\system32\mshtmled.dll

2012-06-29 03:39 . 2012-08-15 07:01 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2012-06-29 03:35 . 2012-08-15 07:01 248320 ----a-w- c:\windows\system32\ieui.dll

2012-06-29 00:16 . 2012-08-15 07:01 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll

2012-06-29 00:09 . 2012-08-15 07:01 1129472 ----a-w- c:\windows\SysWow64\wininet.dll

2012-06-29 00:08 . 2012-08-15 07:01 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl

2012-06-29 00:04 . 2012-08-15 07:01 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe

2012-06-29 00:00 . 2012-08-15 07:01 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb

2012-06-25 20:04 . 2012-06-25 20:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"jmekey"="c:\windows\jmesoft\hotkey.exe" [2011-03-21 118784]

"jmesoft"="c:\windows\jmesoft\ServiceLoader.exe" [2011-03-16 28672]

"UpdatePRCShortCut"="c:\program files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" [2009-05-13 222504]

"OEM03Mon.exe"="c:\windows\OEM03Mon.exe" [2007-05-19 36864]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-06-07 421776]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]

.

c:\users\Barriuso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Barriuso\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-09 114144]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-07 1255736]

R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 121840]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 JME Keyboard;JME Keyboard Driver;c:\windows\jmesoft\Service.exe [2011-03-16 32768]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]

S3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\DRIVERS\e1c62x64.sys [2010-09-21 313520]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-09-21 56344]

S3 OEM03Afx;Provides a software interface to control audio effects of OEM003 camera.;c:\windows\system32\Drivers\OEM03Afx.sys [2007-06-08 212864]

S3 OEM03Vfx;Creative Camera OEM003 Video VFX Driver;c:\windows\system32\DRIVERS\OEM03Vfx.sys [2007-03-05 12288]

S3 OEM03Vid;Creative Camera OEM003 Driver;c:\windows\system32\DRIVERS\OEM03Vid.sys [2007-04-25 266944]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2010-07-20 247400]

S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-07 03:39]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 97792 ----a-w- c:\users\Barriuso\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-11-18 167960]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-11-18 391704]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-11-18 417304]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-26 11543656]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.google.com

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://lenovo.msn.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Barriuso\AppData\Roaming\Mozilla\Firefox\Profiles\yda08b31.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe

SafeBoot-13957178.sys

SafeBoot-MsMpSvc

Toolbar-Locked - (no file)

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-Best Buy pc app - c:\programdata\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe

AddRemove-{FBBC4667-2521-4E78-B1BD-8706F774549B} - c:\programdata\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

.

**************************************************************************

.

Completion time: 2012-09-18 07:43:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-09-18 11:43

.

Pre-Run: 863,806,341,120 bytes free

Post-Run: 863,487,582,208 bytes free

.

- - End Of File - - 82F341B9FF19BDBE4491868EB8020DC4

Link to post
Share on other sites

Thanks! :)

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files\ESET\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Link to post
Share on other sites

At the top of the Firefox window, click the Firefox button, go over to the Help sub-menu

(on Windows XP, click the Help menu at the top of the Firefox window) and select Troubleshooting Information.

Click the Reset Firefox button in the upper-right corner of the Troubleshooting Information page.

click Reset Firefox in the confirmation window that opens. Firefox will close and be reset. When it's done. Click Finish and Firefox will open. Reboot your system and let me know.

Link to post
Share on other sites

Sorry for taking so long to respond,

Results of screen317's Security Check version 0.99.51

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Microsoft Security Essentials

(On Access scanning disabled!)

Error obtaining update status for antivirus!

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

Malwarebytes Anti-Malware version 1.65.0.1400

JavaFX 2.1.1

Java 7 Update 7

Adobe Flash Player 11.4.402.278

Adobe Reader X (10.1.4)

Mozilla Firefox (15.0.1)

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials msseces.exe

Spybot Teatimer.exe is disabled!

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 0%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.