Jump to content

Hijack.homepage


Recommended Posts

I've been running Malwarebytes PRO for a while, but somehow this one slipped through.  Malwarebytes warns me it's blocking an attempt to reach an IP, I run the scanner and it finds the same 4 problems, says it quarantines them and I must reboot to fully remove them.  After the reboot, I follow the same process with no success.

 

Here's the MBAM log:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.19.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Jaycen :: OWNER-PC [administrator]

Protection: Enabled

6/19/2013 10:14:20 PM
MBAM-log-2013-06-19 (23-27-35).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 539439
Time elapsed: 1 hour(s), 13 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 1
HKCR\CLSID\{871C5380-42A0-1069-A2EA-08002B30309D}\shell\OpenHomePage\Command| (Hijack.HomePage) -> Bad: (http://securityresponse.symantec.com/avcenter/fix_homepage/) Good: (iexplore.exe) -> No action taken.

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Users\Jaycen\AppData\Roaming\123cook.dat (Stolen.Data) -> No action taken.
C:\Users\Jaycen\AppData\Roaming\a88cook.dat (Stolen.Data) -> No action taken.
C:\Users\Jaycen\AppData\Roaming\lyjcook.dat (Stolen.Data) -> No action taken.

(end)
 

Here's the DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611
Run by Jaycen at 10:42:43 on 2013-07-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3581.2092 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Plantronics\GameCom780\GameCom780.exe
C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Windows\splwow64.exe
C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe
C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
"c:\windows\syswow64\svchost.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uURLSearchHooks: {cce665dd-f6dd-4808-968e-eaec971f70ef} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [sansaDispatch] C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [spwmod] C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mRun: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
StartupFolder: C:\Users\Jaycen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.




TCP: NameServer = 192.168.1.254
TCP: Interfaces\{01E3B9D4-F934-4859-A6D6-A77A8E1ADCAC} : DHCPNameServer = 192.168.1.254
AppInit_DLLs= c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: DataMngr: {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theblaze.com/|http://pjmedia.com/|http://www.video.theblaze.com/schedule/index.jsp|http://gibiru.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\Users\Jaycen\AppData\Local\Roblox\Versions\version-314fd073d6d74dcc\NPRobloxProxy.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-5-1 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-5-1 40064]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-5-1 21616]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-28 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-28 361984]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2013-6-4 3085264]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-13 701512]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-8-17 2024864]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-1 46136]
R3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2010-1-20 87552]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2010-1-20 14592]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-13 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-1 565352]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-1 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
S3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-28 8704]
S3 PlantronicsGC;PLTGC Interface;C:\Windows\System32\drivers\PLTGC.sys [2012-12-25 1327104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-1 1255736]
.
=============== Created Last 30 ================
.
2013-07-04 15:31:02    61440    ----a-w-    C:\Windows\SysWow64\drivers\jacbf.sys
2013-07-04 15:26:45    61440    ----a-w-    C:\Windows\SysWow64\drivers\qvmhay.sys
2013-07-02 16:50:23    9552976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll
2013-06-27 02:46:31    --------    d-----w-    C:\Program Files (x86)\Virtual Villagers - The Secret City
2013-06-27 02:43:52    --------    d-----w-    C:\Program Files (x86)\Virtual Villagers - The Lost Children
2013-06-16 18:31:01    --------    d-----w-    C:\Users\Jaycen\AppData\Roaming\Garmin
2013-06-16 18:30:32    --------    d-----w-    C:\Users\Jaycen\AppData\Local\Garmin
2013-06-16 18:30:13    --------    d-----w-    C:\ProgramData\Garmin
2013-06-16 18:30:12    --------    d-----w-    C:\Program Files (x86)\Garmin
2013-06-15 17:34:14    139776    ----a-w-    C:\Users\Jaycen\AppData\Roaming\browserudp.dll
2013-06-13 16:30:23    163328    ----a-w-    C:\Windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-13 16:30:22    --------    d-----w-    C:\Users\Jaycen\AppData\Roaming\File Scout
2013-06-12 08:03:49    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-06-12 08:03:49    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-06-12 08:03:49    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-12 08:03:48    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-06-12 08:03:48    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-06-12 08:03:48    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-06-12 08:03:48    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-06-12 08:03:47    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-06-12 08:03:47    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-06-12 08:03:47    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-06-12 08:03:47    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 08:03:47    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-06-12 08:03:47    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M  ====================
.
2013-06-14 12:08:38    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 12:08:38    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-08 12:28:46    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-05-27 19:49:45    382261200    ----a-w-    C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe
2013-05-17 01:25:57    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-05-17 00:58:10    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-02 07:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50    3153920    ----a-w-    C:\Windows\System32\win32k.sys
.
============= FINISH: 10:43:32.39 ===============
 

Here's Attach.txt:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/1/2012 11:24:13 AM
System Uptime: 7/4/2013 10:32:43 AM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-A55M-S2V
Processor: AMD A4-3400 APU with Radeon HD Graphics | Socket M2 | 2700/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 238.592 GiB free.
D: is CDROM (CDFS)
E: is Removable
F: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 Sansa Media Converter
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.22beta
abcAVI
Ace of Spades
Adobe Common File Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 2.1
Adobe Photoshop Elements 5.0
Adobe Premiere Elements 3.0.2
Adobe Premiere Elements 3.0.2 Templates
Adobe Reader X (10.1.7)
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
AnswerWorks 5.0 English Runtime
Battlefield Heroes
Best Buy pc app
Big Fish Games: Game Manager
Bing Maps 3D
BitTorrent
Browser Manager
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Civilization III
Company of Heroes
Company of Heroes (New Steam Version)
Company of Heroes: Tales of Valor
Coupon Printer for Windows
Day of Defeat
Defraggler
Elevated Installer
Finale 2012
Free YouTube Downloader 3.5.136
FTP Surfer
Gadwin PrintScreen
Galactic Civilizations II - Dread Lords
Game Cam 2.6.1.0
GameSpy Comrade
Garmin Express
Garmin Express Tray
Garmin Update Service
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Guild Wars 2
Hi-Rez Studios Authenticate and Update Service
High-Definition Video Playback
Impulse
Java Auto Updater
Java 6 Update 31
JNLP
Kerbal Space Program Demo
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Lync - Welcome
Microsoft Lync 2010
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Online Services Sign-in Assistant
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nancy Drew: Ghost Dogs of Moon Lake
Nancy Drew: Tomb of the Lost Queen
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero Express 10
Nero Multimedia Suite 10 Essentials
Nero Recode 10
Nero StartSmart 10
Nero Vision 10
NVIDIA PhysX
ON_OFF Charge B11.1102.1
PackMaster
Paint.NET v3.5.10
Pando Media Booster
Plantronics® GameCom 780 Software for Dolby® Headphone
PowerDVD
PunkBuster Services
Quicken 2010
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
ROBLOX Player for Jaycen
Sansa Updater
Searchqu Toolbar
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sid Meier's Civilization 4 Gold
Spotify
Star Wars Galactic Battlegrounds: Saga
Star Wars Knights of the Old Republic
Star Wars® Knights of the Old Republic® II: The Sith Lords
Starcraft
StarCraft II
Steam
Stronghold
Stronghold 2
Stronghold Crusader Extreme
Stronghold Legends
Team Fortress 2
TSST OEM Content
TweetDeck
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers - A New Home (remove only)
Virtual Villagers - The Lost Children 1.0
Virtual Villagers - The Secret City 1.0
Virtual Villagers: The Tree of Life
.
==== Event Viewer Messages From Past Week ========
.
7/4/2013 10:33:35 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  gapux pvajlz
6/30/2013 1:44:12 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  and APPID  {D3DCB472-7261-43CE-924B-0704BD730D5F}  to the user Owner-PC\Jaycen SID (S-1-5-21-2041292730-2066269132-2849169572-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/30/2013 1:44:12 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  and APPID  {145B4335-FE2A-4927-A040-7C35AD3180EF}  to the user Owner-PC\Jaycen SID (S-1-5-21-2041292730-2066269132-2849169572-1002) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
6/29/2013 3:54:01 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Error Reporting Service service, but this action failed with the following error:  An instance of the service is already running.
6/29/2013 3:52:01 AM, Error: Service Control Manager [7031]  - The Windows Error Reporting Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
6/27/2013 9:27:31 PM, Error: Microsoft-Windows-WMPNSS-Service [14365]  - Proximity detection failed due to unknown error '0x80004004'.  The best proximity time detected was -1 milliseconds.
.
==== End Of File ===========================
 

Thanks guys!

Link to post
Share on other sites

Hello Jaycen and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

Please uninstall the following applications:

BitTorrent

Searchqu Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 3

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4

Your database version of Malwarebytes' Anti-Malware is really old:

Database version: v2013.06.19.07

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

Step 5

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    image000q.png

  • Put a checkmark beside loaded modules.

    2012081514h0118.png

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.

    2012081517h0349.png

  • Click the Start Scan button.

    19695967.jpg

  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    67776163.jpg

  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

    62117367.jpg

    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log
  • TDSSKiller log
  • a new fresh DDS log
Link to post
Share on other sites

Hi, Maniac.

 

I appreciate the help.  I intend to fully follow your instructions as you've posted them in the sequence you've posted them.

 

I've completed Step 1.

 

Here are the results of Step 2:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Jaycen on Thu 07/04/2013 at 12:29:11.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [service] browser manager
Successfully deleted: [service] browser manager



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetup.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\applications\ilividsetupv1.exe
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\ilividsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\ilividsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\ilividsetupv1_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\ilividsetupv1_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\Toolbar.CT3198785
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}



~~~ Files

Successfully deleted: [File] C:\eula.1028.txt
Successfully deleted: [File] C:\eula.1031.txt
Successfully deleted: [File] C:\eula.1033.txt
Successfully deleted: [File] C:\eula.1036.txt
Successfully deleted: [File] C:\eula.1040.txt
Successfully deleted: [File] C:\eula.1041.txt
Successfully deleted: [File] C:\eula.1042.txt
Successfully deleted: [File] C:\eula.2052.txt
Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll
Successfully deleted: [File] "C:\users\default user\start menu\programs\startup\best buy pc app.lnk"
Successfully deleted: [File] "C:\Users\Jaycen\AppData\Local\Temp\searchqutoolbar-manifest.xml"
Successfully deleted: [File] "C:\Windows\couponprinter.ocx"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Folder] "C:\Users\Jaycen\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Jaycen\AppData\Roaming\file scout"
Successfully deleted: [Folder] "C:\Users\Jaycen\appdata\local\best buy pc app"
Successfully deleted: [Folder] "C:\Users\Jaycen\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Jaycen\appdata\local\ilivid player"
Successfully deleted: [Folder] "C:\Users\Jaycen\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Jaycen\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\free youtube downloader"
Successfully deleted: [Empty Folder] C:\Users\Jaycen\appdata\local\{72ECD9AA-179A-44DE-9DB2-44DFDD03B0F5}



~~~ FireFox

Successfully deleted: [File] C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\bprotector_prefs.js
Successfully deleted: [File] "C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi"
Successfully deleted: [Folder] C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\jetpack
Successfully deleted: [Folder] C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\extensions\staged
Successfully deleted the following from C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\prefs.js


Emptied folder: C:\Users\Jaycen\AppData\Roaming\mozilla\firefox\profiles\cjpk6d9q.default\minidumps [14 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 07/04/2013 at 12:31:17.87
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

I am moving on to Step 3 and will continue unless I hear differently from you.  Thanks again for your help.  Best Regards.

Link to post
Share on other sites

Step 3 is complete.  Here are the results:

 

# AdwCleaner v2.304 - Logfile created 07/04/2013 at 12:48:59
# Updated 03/07/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Jaycen - OWNER-PC
# Boot Mode : Normal
# Running from : C:\Users\Jaycen\Desktop\AdwCleaner.exe
# Option [Delete]


***** [services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager
File Deleted : C:\Users\Jaycen\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Folder Deleted : C:\Users\Jaycen\AppData\Local\PackageAware

***** [Registry] *****

Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\527d7dce76dba48
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Wow6432Node\527d7dce76dba48
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.116

File : C:\Users\Jaycen\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[s1].txt - [3347 octets] - [04/07/2013 12:48:59]

########## EOF - C:\AdwCleaner[s1].txt - [3407 octets] ##########
 

Moving on to Step 4.

Link to post
Share on other sites

Maniac,

 

I might have screwed up Step 4.  It presented the log immediately after the scan, but I didn't snag a copy of it.  It wanted to restart, so I did so immediately.  The log file recorded under the Logs tab of Malwarebytes is different from the one that was presented to me after the scan.

 

Here's the log from the tab:

 

2013/07/04 10:33:26 -0500    OWNER-PC    (null)    MESSAGE    Starting protection
2013/07/04 10:33:26 -0500    OWNER-PC    (null)    MESSAGE    Protection started successfully
2013/07/04 10:33:26 -0500    OWNER-PC    (null)    MESSAGE    Starting IP protection
2013/07/04 10:33:31 -0500    OWNER-PC    (null)    MESSAGE    IP Protection started successfully
2013/07/04 10:36:30 -0500    OWNER-PC    Jaycen    IP-BLOCK    117.21.224.131 (Type: outgoing, Port: 49200, Process: svchost.exe)
2013/07/04 12:23:52 -0500    OWNER-PC    Jaycen    MESSAGE    Stopping protection
2013/07/04 12:23:52 -0500    OWNER-PC    Jaycen    MESSAGE    Protection stopped successfully
2013/07/04 12:23:52 -0500    OWNER-PC    Jaycen    MESSAGE    Stopping IP protection
2013/07/04 12:23:52 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection stopped successfully
2013/07/04 12:23:58 -0500    OWNER-PC    Jaycen    MESSAGE    Protection stopped
2013/07/04 12:28:40 -0500    OWNER-PC    Jaycen    MESSAGE    Starting protection
2013/07/04 12:28:40 -0500    OWNER-PC    Jaycen    MESSAGE    Protection started successfully
2013/07/04 12:28:40 -0500    OWNER-PC    Jaycen    MESSAGE    Starting IP protection
2013/07/04 12:28:45 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection started successfully
2013/07/04 12:29:36 -0500    OWNER-PC    Jaycen    MESSAGE    Stopping protection
2013/07/04 12:29:36 -0500    OWNER-PC    Jaycen    MESSAGE    Protection stopped successfully
2013/07/04 12:29:36 -0500    OWNER-PC    Jaycen    MESSAGE    Stopping IP protection
2013/07/04 12:29:36 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection stopped successfully
2013/07/04 12:29:37 -0500    OWNER-PC    Jaycen    MESSAGE    Protection stopped
2013/07/04 12:50:32 -0500    OWNER-PC    Jaycen    MESSAGE    Starting protection
2013/07/04 12:50:32 -0500    OWNER-PC    Jaycen    MESSAGE    Protection started successfully
2013/07/04 12:50:32 -0500    OWNER-PC    Jaycen    MESSAGE    Starting IP protection
2013/07/04 12:50:38 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection started successfully
2013/07/04 12:55:26 -0500    OWNER-PC    Jaycen    MESSAGE    Starting database refresh
2013/07/04 12:55:26 -0500    OWNER-PC    Jaycen    MESSAGE    Stopping IP protection
2013/07/04 12:55:27 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection stopped successfully
2013/07/04 12:55:30 -0500    OWNER-PC    Jaycen    MESSAGE    Database refreshed successfully
2013/07/04 12:55:30 -0500    OWNER-PC    Jaycen    MESSAGE    Starting IP protection
2013/07/04 12:55:34 -0500    OWNER-PC    Jaycen    MESSAGE    IP Protection started successfully
2013/07/04 13:02:30 -0500    OWNER-PC    (null)    MESSAGE    Executing scheduled update:  Daily
2013/07/04 13:02:33 -0500    OWNER-PC    (null)    MESSAGE    Starting protection
2013/07/04 13:02:33 -0500    OWNER-PC    (null)    MESSAGE    Protection started successfully
2013/07/04 13:02:33 -0500    OWNER-PC    (null)    MESSAGE    Starting IP protection
2013/07/04 13:02:38 -0500    OWNER-PC    (null)    MESSAGE    IP Protection started successfully
2013/07/04 13:02:40 -0500    OWNER-PC    (null)    MESSAGE    Database already up-to-date
 

Moving on to Step 5.

Link to post
Share on other sites

Alright, at the completion of Step 5, I have two logs from TDSSKiller:

 

Log 1:

 

13:10:08.0548 1716  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:10:09.0141 1716  ============================================================
13:10:09.0141 1716  Current date / time: 2013/07/04 13:10:09.0141
13:10:09.0141 1716  SystemInfo:
13:10:09.0141 1716  
13:10:09.0141 1716  OS Version: 6.1.7601 ServicePack: 1.0
13:10:09.0141 1716  Product type: Workstation
13:10:09.0141 1716  ComputerName: OWNER-PC
13:10:09.0141 1716  UserName: Jaycen
13:10:09.0141 1716  Windows directory: C:\Windows
13:10:09.0141 1716  System windows directory: C:\Windows
13:10:09.0141 1716  Running under WOW64
13:10:09.0141 1716  Processor architecture: Intel x64
13:10:09.0141 1716  Number of processors: 2
13:10:09.0141 1716  Page size: 0x1000
13:10:09.0141 1716  Boot type: Normal boot
13:10:09.0141 1716  ============================================================
13:10:09.0983 1716  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:10:09.0983 1716  Drive \Device\Harddisk1\DR1 - Size: 0x79E1E0000 (30.47 Gb), SectorSize: 0x200, Cylinders: 0xF89, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:10:09.0999 1716  ============================================================
13:10:09.0999 1716  \Device\Harddisk0\DR0:
13:10:09.0999 1716  MBR partitions:
13:10:09.0999 1716  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:10:09.0999 1716  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
13:10:09.0999 1716  \Device\Harddisk1\DR1:
13:10:09.0999 1716  MBR partitions:
13:10:09.0999 1716  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3CF0EE0
13:10:09.0999 1716  ============================================================
13:10:10.0015 1716  C: <-> \Device\Harddisk0\DR0\Partition2
13:10:10.0015 1716  ============================================================
13:10:10.0015 1716  Initialize success
13:10:10.0015 1716  ============================================================
13:10:30.0825 3524  Deinitialize success

 

Log 2:

 

13:30:24.0352 1148  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:30:25.0023 1148  ============================================================
13:30:25.0023 1148  Current date / time: 2013/07/04 13:30:25.0023
13:30:25.0023 1148  SystemInfo:
13:30:25.0023 1148  
13:30:25.0023 1148  OS Version: 6.1.7601 ServicePack: 1.0
13:30:25.0023 1148  Product type: Workstation
13:30:25.0023 1148  ComputerName: OWNER-PC
13:30:25.0023 1148  UserName: Jaycen
13:30:25.0023 1148  Windows directory: C:\Windows
13:30:25.0023 1148  System windows directory: C:\Windows
13:30:25.0023 1148  Running under WOW64
13:30:25.0023 1148  Processor architecture: Intel x64
13:30:25.0023 1148  Number of processors: 2
13:30:25.0023 1148  Page size: 0x1000
13:30:25.0023 1148  Boot type: Normal boot
13:30:25.0023 1148  ============================================================
13:30:25.0086 1148  BG loaded
13:30:25.0850 1148  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:30:25.0866 1148  Drive \Device\Harddisk1\DR1 - Size: 0x79E1E0000 (30.47 Gb), SectorSize: 0x200, Cylinders: 0xF89, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:30:25.0866 1148  ============================================================
13:30:25.0866 1148  \Device\Harddisk0\DR0:
13:30:25.0866 1148  MBR partitions:
13:30:25.0866 1148  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:30:25.0866 1148  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
13:30:25.0866 1148  \Device\Harddisk1\DR1:
13:30:25.0866 1148  MBR partitions:
13:30:25.0866 1148  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3CF0EE0
13:30:25.0866 1148  ============================================================
13:30:25.0881 1148  C: <-> \Device\Harddisk0\DR0\Partition2
13:30:25.0881 1148  ============================================================
13:30:25.0881 1148  Initialize success
13:30:25.0881 1148  ============================================================
13:30:56.0442 3776  ============================================================
13:30:56.0442 3776  Scan started
13:30:56.0442 3776  Mode: Manual; SigCheck; TDLFS;
13:30:56.0442 3776  ============================================================
13:30:56.0582 3776  ================ Scan system memory ========================
13:30:56.0582 3776  System memory - ok
13:30:56.0582 3776  ================ Scan services =============================
13:30:56.0722 3776  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:30:56.0832 3776  1394ohci - ok
13:30:56.0847 3776  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:30:56.0863 3776  ACPI - ok
13:30:56.0878 3776  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:30:56.0910 3776  AcpiPmi - ok
13:30:57.0034 3776  [ 63AB43534CBF5D7F3EB81DFDC8161490 ] AdobeActiveFileMonitor5.0 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
13:30:57.0034 3776  AdobeActiveFileMonitor5.0 - ok
13:30:57.0112 3776  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:30:57.0112 3776  AdobeARMservice - ok
13:30:57.0206 3776  [ 249A44DCFA2500EB1C020E33A3E9F25B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:30:57.0237 3776  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - warning
13:30:57.0237 3776  AdobeFlashPlayerUpdateSvc - detected UnsignedFile.Multi.Generic (1)
13:30:57.0268 3776  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:30:57.0284 3776  adp94xx - ok
13:30:57.0315 3776  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:30:57.0331 3776  adpahci - ok
13:30:57.0346 3776  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:30:57.0346 3776  adpu320 - ok
13:30:57.0393 3776  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:30:57.0424 3776  AeLookupSvc - ok
13:30:57.0471 3776  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:30:57.0487 3776  AFD - ok
13:30:57.0502 3776  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:30:57.0518 3776  agp440 - ok
13:30:57.0534 3776  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:30:57.0565 3776  ALG - ok
13:30:57.0565 3776  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:30:57.0580 3776  aliide - ok
13:30:57.0612 3776  [ A2F5BEA5B45A8E7C4776F39C25E8699D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:30:57.0658 3776  AMD External Events Utility - ok
13:30:57.0705 3776  AMD FUEL Service - ok
13:30:57.0721 3776  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:30:57.0736 3776  amdide - ok
13:30:57.0752 3776  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
13:30:57.0768 3776  amdiox64 - ok
13:30:57.0799 3776  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:30:57.0814 3776  AmdK8 - ok
13:30:57.0986 3776  [ 5B03217859B014B090CB5060C1D96875 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:30:58.0111 3776  amdkmdag - ok
13:30:58.0126 3776  [ 35D2184A99AD4CD5D17284D6C9F382C9 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:30:58.0158 3776  amdkmdap - ok
13:30:58.0173 3776  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:30:58.0173 3776  AmdPPM - ok
13:30:58.0204 3776  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:30:58.0220 3776  amdsata - ok
13:30:58.0236 3776  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:30:58.0251 3776  amdsbs - ok
13:30:58.0251 3776  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:30:58.0267 3776  amdxata - ok
13:30:58.0282 3776  [ F9D46B6B322708BD5AFCC8767EBDC901 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
13:30:58.0298 3776  amd_sata - ok
13:30:58.0298 3776  [ 329CC9C7E20DEEBCD4CD10816193EF14 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
13:30:58.0314 3776  amd_xata - ok
13:30:58.0345 3776  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:30:58.0392 3776  AppID - ok
13:30:58.0423 3776  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:30:58.0454 3776  AppIDSvc - ok
13:30:58.0485 3776  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
13:30:58.0501 3776  Appinfo - ok
13:30:58.0532 3776  [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
13:30:58.0548 3776  AppleCharger - ok
13:30:58.0563 3776  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
13:30:58.0563 3776  AppleChargerSrv - ok
13:30:58.0579 3776  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:30:58.0594 3776  arc - ok
13:30:58.0594 3776  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:30:58.0610 3776  arcsas - ok
13:30:58.0719 3776  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:30:58.0719 3776  aspnet_state - ok
13:30:58.0735 3776  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:30:58.0782 3776  AsyncMac - ok
13:30:58.0813 3776  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:30:58.0813 3776  atapi - ok
13:30:58.0860 3776  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:30:58.0906 3776  AudioEndpointBuilder - ok
13:30:58.0906 3776  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:30:58.0938 3776  AudioSrv - ok
13:30:58.0953 3776  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:30:58.0984 3776  AxInstSV - ok
13:30:59.0016 3776  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:30:59.0031 3776  b06bdrv - ok
13:30:59.0047 3776  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:30:59.0094 3776  b57nd60a - ok
13:30:59.0109 3776  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:30:59.0140 3776  BDESVC - ok
13:30:59.0156 3776  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:30:59.0187 3776  Beep - ok
13:30:59.0218 3776  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:30:59.0265 3776  BFE - ok
13:30:59.0296 3776  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:30:59.0343 3776  BITS - ok
13:30:59.0359 3776  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:30:59.0374 3776  blbdrive - ok
13:30:59.0390 3776  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:30:59.0390 3776  bowser - ok
13:30:59.0406 3776  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:30:59.0421 3776  BrFiltLo - ok
13:30:59.0437 3776  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:30:59.0452 3776  BrFiltUp - ok
13:30:59.0468 3776  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:30:59.0499 3776  Browser - ok
13:30:59.0546 3776  [ 6DF544E72FF139E8FBBBA6D0E569BEA5 ] BrSerIb         C:\Windows\system32\DRIVERS\BrSerIb.sys
13:30:59.0562 3776  BrSerIb - ok
13:30:59.0577 3776  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:30:59.0624 3776  Brserid - ok
13:30:59.0640 3776  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:30:59.0655 3776  BrSerWdm - ok
13:30:59.0671 3776  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:30:59.0686 3776  BrUsbMdm - ok
13:30:59.0686 3776  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:30:59.0702 3776  BrUsbSer - ok
13:30:59.0718 3776  [ 80082AD46578F0D3270D2E56D6433082 ] BrUsbSIb        C:\Windows\system32\DRIVERS\BrUsbSIb.sys
13:30:59.0749 3776  BrUsbSIb - ok
13:30:59.0764 3776  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:30:59.0780 3776  BTHMODEM - ok
13:30:59.0811 3776  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:30:59.0842 3776  bthserv - ok
13:30:59.0874 3776  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:30:59.0889 3776  cdfs - ok
13:30:59.0920 3776  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:30:59.0936 3776  cdrom - ok
13:30:59.0967 3776  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:30:59.0983 3776  CertPropSvc - ok
13:30:59.0998 3776  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:31:00.0014 3776  circlass - ok
13:31:00.0045 3776  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:31:00.0061 3776  CLFS - ok
13:31:00.0108 3776  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:31:00.0108 3776  clr_optimization_v2.0.50727_32 - ok
13:31:00.0139 3776  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:31:00.0139 3776  clr_optimization_v2.0.50727_64 - ok
13:31:00.0186 3776  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:31:00.0217 3776  clr_optimization_v4.0.30319_32 - ok
13:31:00.0232 3776  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:31:00.0248 3776  clr_optimization_v4.0.30319_64 - ok
13:31:00.0264 3776  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:31:00.0295 3776  CmBatt - ok
13:31:00.0310 3776  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:31:00.0310 3776  cmdide - ok
13:31:00.0357 3776  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:31:00.0388 3776  CNG - ok
13:31:00.0404 3776  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:31:00.0404 3776  Compbatt - ok
13:31:00.0420 3776  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:31:00.0435 3776  CompositeBus - ok
13:31:00.0451 3776  COMSysApp - ok
13:31:00.0451 3776  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:31:00.0466 3776  crcdisk - ok
13:31:00.0513 3776  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:31:00.0544 3776  CryptSvc - ok
13:31:00.0576 3776  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:31:00.0607 3776  DcomLaunch - ok
13:31:00.0638 3776  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:31:00.0669 3776  defragsvc - ok
13:31:00.0685 3776  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:31:00.0716 3776  DfsC - ok
13:31:00.0747 3776  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:31:00.0794 3776  Dhcp - ok
13:31:00.0810 3776  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:31:00.0841 3776  discache - ok
13:31:00.0856 3776  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:31:00.0856 3776  Disk - ok
13:31:00.0888 3776  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:31:00.0903 3776  Dnscache - ok
13:31:00.0919 3776  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:31:00.0950 3776  dot3svc - ok
13:31:00.0966 3776  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:31:00.0997 3776  DPS - ok
13:31:01.0028 3776  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:31:01.0044 3776  drmkaud - ok
13:31:01.0090 3776  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:31:01.0122 3776  DXGKrnl - ok
13:31:01.0137 3776  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:31:01.0168 3776  EapHost - ok
13:31:01.0215 3776  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:31:01.0278 3776  ebdrv - ok
13:31:01.0293 3776  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:31:01.0324 3776  EFS - ok
13:31:01.0371 3776  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:31:01.0402 3776  ehRecvr - ok
13:31:01.0434 3776  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:31:01.0434 3776  ehSched - ok
13:31:01.0449 3776  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:31:01.0465 3776  elxstor - ok
13:31:01.0480 3776  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:31:01.0496 3776  ErrDev - ok
13:31:01.0543 3776  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:31:01.0590 3776  EventSystem - ok
13:31:01.0621 3776  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:31:01.0652 3776  exfat - ok
13:31:01.0668 3776  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:31:01.0699 3776  fastfat - ok
13:31:01.0714 3776  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:31:01.0746 3776  Fax - ok
13:31:01.0761 3776  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:31:01.0777 3776  fdc - ok
13:31:01.0792 3776  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:31:01.0824 3776  fdPHost - ok
13:31:01.0824 3776  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:31:01.0870 3776  FDResPub - ok
13:31:01.0886 3776  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:31:01.0886 3776  FileInfo - ok
13:31:01.0902 3776  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:31:01.0948 3776  Filetrace - ok
13:31:01.0964 3776  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:31:01.0964 3776  flpydisk - ok
13:31:01.0995 3776  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:31:01.0995 3776  FltMgr - ok
13:31:02.0058 3776  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:31:02.0073 3776  FontCache - ok
13:31:02.0120 3776  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:31:02.0136 3776  FontCache3.0.0.0 - ok
13:31:02.0136 3776  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:31:02.0151 3776  FsDepends - ok
13:31:02.0167 3776  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:31:02.0182 3776  Fs_Rec - ok
13:31:02.0198 3776  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:31:02.0214 3776  fvevol - ok
13:31:02.0229 3776  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:31:02.0245 3776  gagp30kx - ok
13:31:02.0276 3776  gapux - ok
13:31:02.0338 3776  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
13:31:02.0354 3776  Garmin Core Update Service - ok
13:31:02.0370 3776  gdrv - ok
13:31:02.0401 3776  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:31:02.0432 3776  gpsvc - ok
13:31:02.0526 3776  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:31:02.0541 3776  gupdate - ok
13:31:02.0541 3776  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:31:02.0557 3776  gupdatem - ok
13:31:02.0588 3776  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:31:02.0604 3776  gusvc - ok
13:31:02.0619 3776  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:31:02.0650 3776  hcw85cir - ok
13:31:02.0666 3776  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:31:02.0697 3776  HdAudAddService - ok
13:31:02.0713 3776  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:31:02.0728 3776  HDAudBus - ok
13:31:02.0744 3776  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:31:02.0760 3776  HidBatt - ok
13:31:02.0775 3776  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:31:02.0791 3776  HidBth - ok
13:31:02.0806 3776  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:31:02.0822 3776  HidIr - ok
13:31:02.0838 3776  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:31:02.0869 3776  hidserv - ok
13:31:02.0884 3776  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:31:02.0900 3776  HidUsb - ok
13:31:02.0978 3776  [ 1256F6834307B38594CEB034BAF52568 ] HiPatchService  C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
13:31:02.0994 3776  HiPatchService ( UnsignedFile.Multi.Generic ) - warning
13:31:02.0994 3776  HiPatchService - detected UnsignedFile.Multi.Generic (1)
13:31:03.0009 3776  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:31:03.0040 3776  hkmsvc - ok
13:31:03.0056 3776  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:31:03.0072 3776  HomeGroupListener - ok
13:31:03.0087 3776  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:31:03.0103 3776  HomeGroupProvider - ok
13:31:03.0118 3776  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:31:03.0118 3776  HpSAMD - ok
13:31:03.0150 3776  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:31:03.0196 3776  HTTP - ok
13:31:03.0212 3776  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:31:03.0228 3776  hwpolicy - ok
13:31:03.0243 3776  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:31:03.0243 3776  i8042prt - ok
13:31:03.0274 3776  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:31:03.0290 3776  iaStorV - ok
13:31:03.0321 3776  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:31:03.0352 3776  idsvc - ok
13:31:03.0368 3776  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:31:03.0368 3776  iirsp - ok
13:31:03.0399 3776  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:31:03.0446 3776  IKEEXT - ok
13:31:03.0524 3776  [ F2744FD54BE1580BE05916D1C755C92A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:31:03.0555 3776  IntcAzAudAddService - ok
13:31:03.0571 3776  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:31:03.0586 3776  intelide - ok
13:31:03.0602 3776  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
13:31:03.0618 3776  intelppm - ok
13:31:03.0633 3776  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:31:03.0680 3776  IPBusEnum - ok
13:31:03.0680 3776  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:31:03.0711 3776  IpFilterDriver - ok
13:31:03.0727 3776  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:31:03.0774 3776  iphlpsvc - ok
13:31:03.0789 3776  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:31:03.0805 3776  IPMIDRV - ok
13:31:03.0820 3776  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:31:03.0852 3776  IPNAT - ok
13:31:03.0867 3776  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:31:03.0883 3776  IRENUM - ok
13:31:03.0898 3776  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:31:03.0914 3776  isapnp - ok
13:31:03.0914 3776  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:31:03.0930 3776  iScsiPrt - ok
13:31:03.0961 3776  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:31:03.0961 3776  kbdclass - ok
13:31:03.0976 3776  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:31:03.0992 3776  kbdhid - ok
13:31:04.0008 3776  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:31:04.0023 3776  KeyIso - ok
13:31:04.0054 3776  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:31:04.0070 3776  KSecDD - ok
13:31:04.0086 3776  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:31:04.0086 3776  KSecPkg - ok
13:31:04.0101 3776  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:31:04.0148 3776  ksthunk - ok
13:31:04.0195 3776  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:31:04.0242 3776  KtmRm - ok
13:31:04.0304 3776  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:31:04.0335 3776  LanmanServer - ok
13:31:04.0382 3776  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:31:04.0413 3776  LanmanWorkstation - ok
13:31:04.0460 3776  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:31:04.0491 3776  lltdio - ok
13:31:04.0522 3776  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:31:04.0569 3776  lltdsvc - ok
13:31:04.0569 3776  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:31:04.0600 3776  lmhosts - ok
13:31:04.0632 3776  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:31:04.0632 3776  LSI_FC - ok
13:31:04.0647 3776  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:31:04.0663 3776  LSI_SAS - ok
13:31:04.0678 3776  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:31:04.0678 3776  LSI_SAS2 - ok
13:31:04.0694 3776  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:31:04.0694 3776  LSI_SCSI - ok
13:31:04.0710 3776  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:31:04.0741 3776  luafv - ok
13:31:04.0803 3776  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:31:04.0803 3776  MBAMProtector - ok
13:31:04.0881 3776  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:31:04.0897 3776  MBAMScheduler - ok
13:31:04.0928 3776  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:31:04.0959 3776  MBAMService - ok
13:31:04.0975 3776  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:31:04.0975 3776  Mcx2Svc - ok
13:31:04.0990 3776  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:31:05.0006 3776  megasas - ok
13:31:05.0022 3776  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:31:05.0037 3776  MegaSR - ok
13:31:05.0068 3776  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:31:05.0100 3776  MMCSS - ok
13:31:05.0115 3776  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:31:05.0146 3776  Modem - ok
13:31:05.0193 3776  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:31:05.0209 3776  monitor - ok
13:31:05.0240 3776  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:31:05.0240 3776  mouclass - ok
13:31:05.0256 3776  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:31:05.0287 3776  mouhid - ok
13:31:05.0287 3776  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:31:05.0302 3776  mountmgr - ok
13:31:05.0349 3776  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:31:05.0365 3776  MozillaMaintenance - ok
13:31:05.0365 3776  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:31:05.0380 3776  mpio - ok
13:31:05.0396 3776  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:31:05.0427 3776  mpsdrv - ok
13:31:05.0458 3776  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:31:05.0505 3776  MpsSvc - ok
13:31:05.0521 3776  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:31:05.0536 3776  MRxDAV - ok
13:31:05.0552 3776  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:31:05.0568 3776  mrxsmb - ok
13:31:05.0583 3776  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:31:05.0599 3776  mrxsmb10 - ok
13:31:05.0614 3776  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:31:05.0614 3776  mrxsmb20 - ok
13:31:05.0630 3776  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:31:05.0646 3776  msahci - ok
13:31:05.0646 3776  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:31:05.0661 3776  msdsm - ok
13:31:05.0677 3776  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:31:05.0692 3776  MSDTC - ok
13:31:05.0708 3776  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:31:05.0739 3776  Msfs - ok
13:31:05.0755 3776  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:31:05.0786 3776  mshidkmdf - ok
13:31:05.0802 3776  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:31:05.0817 3776  msisadrv - ok
13:31:05.0848 3776  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:31:05.0880 3776  MSiSCSI - ok
13:31:05.0880 3776  msiserver - ok
13:31:05.0895 3776  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:31:05.0926 3776  MSKSSRV - ok
13:31:06.0004 3776  [ B0F062A952DA37DA2ED5DFE40F57E9E8 ] msoidsvc        C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
13:31:06.0036 3776  msoidsvc - ok
13:31:06.0051 3776  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:31:06.0082 3776  MSPCLOCK - ok
13:31:06.0098 3776  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:31:06.0129 3776  MSPQM - ok
13:31:06.0160 3776  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:31:06.0176 3776  MsRPC - ok
13:31:06.0192 3776  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:31:06.0192 3776  mssmbios - ok
13:31:06.0192 3776  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:31:06.0238 3776  MSTEE - ok
13:31:06.0238 3776  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:31:06.0254 3776  MTConfig - ok
13:31:06.0270 3776  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:31:06.0285 3776  Mup - ok
13:31:06.0301 3776  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:31:06.0332 3776  napagent - ok
13:31:06.0363 3776  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:31:06.0394 3776  NativeWifiP - ok
13:31:06.0410 3776  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:31:06.0426 3776  NDIS - ok
13:31:06.0441 3776  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:31:06.0472 3776  NdisCap - ok
13:31:06.0488 3776  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:31:06.0519 3776  NdisTapi - ok
13:31:06.0550 3776  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:31:06.0582 3776  Ndisuio - ok
13:31:06.0597 3776  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:31:06.0644 3776  NdisWan - ok
13:31:06.0644 3776  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:31:06.0675 3776  NDProxy - ok
13:31:06.0691 3776  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:31:06.0738 3776  NetBIOS - ok
13:31:06.0738 3776  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:31:06.0769 3776  NetBT - ok
13:31:06.0784 3776  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:31:06.0784 3776  Netlogon - ok
13:31:06.0831 3776  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:31:06.0878 3776  Netman - ok
13:31:06.0909 3776  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:06.0909 3776  NetMsmqActivator - ok
13:31:06.0925 3776  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:06.0925 3776  NetPipeActivator - ok
13:31:06.0956 3776  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:31:06.0987 3776  netprofm - ok
13:31:07.0003 3776  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:07.0018 3776  NetTcpActivator - ok
13:31:07.0018 3776  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:31:07.0034 3776  NetTcpPortSharing - ok
13:31:07.0034 3776  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:31:07.0050 3776  nfrd960 - ok
13:31:07.0065 3776  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:31:07.0112 3776  NlaSvc - ok
13:31:07.0112 3776  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:31:07.0143 3776  Npfs - ok
13:31:07.0159 3776  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:31:07.0206 3776  nsi - ok
13:31:07.0206 3776  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:31:07.0237 3776  nsiproxy - ok
13:31:07.0299 3776  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:31:07.0330 3776  Ntfs - ok
13:31:07.0346 3776  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:31:07.0377 3776  Null - ok
13:31:07.0408 3776  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:31:07.0424 3776  nvraid - ok
13:31:07.0424 3776  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:31:07.0440 3776  nvstor - ok
13:31:07.0455 3776  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:31:07.0471 3776  nv_agp - ok
13:31:07.0533 3776  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:31:07.0549 3776  odserv - ok
13:31:07.0564 3776  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:31:07.0580 3776  ohci1394 - ok
13:31:07.0627 3776  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:31:07.0642 3776  ose - ok
13:31:07.0674 3776  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:31:07.0689 3776  p2pimsvc - ok
13:31:07.0720 3776  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:31:07.0736 3776  p2psvc - ok
13:31:07.0752 3776  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
13:31:07.0752 3776  Parport - ok
13:31:07.0783 3776  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:31:07.0783 3776  partmgr - ok
13:31:07.0798 3776  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:31:07.0830 3776  PcaSvc - ok
13:31:07.0845 3776  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:31:07.0861 3776  pci - ok
13:31:07.0876 3776  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:31:07.0876 3776  pciide - ok
13:31:07.0892 3776  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:31:07.0908 3776  pcmcia - ok
13:31:07.0923 3776  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:31:07.0923 3776  pcw - ok
13:31:07.0954 3776  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:31:07.0986 3776  PEAUTH - ok
13:31:08.0064 3776  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:31:08.0079 3776  PerfHost - ok
13:31:08.0110 3776  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:31:08.0157 3776  pla - ok
13:31:08.0235 3776  [ AB168D5CF1CD69F9FA6F09C828FEA660 ] PlantronicsGC   C:\Windows\system32\drivers\PLTGC.sys
13:31:08.0282 3776  PlantronicsGC - ok
13:31:08.0298 3776  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:31:08.0329 3776  PlugPlay - ok
13:31:08.0344 3776  PnkBstrA - ok
13:31:08.0360 3776  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:31:08.0376 3776  PNRPAutoReg - ok
13:31:08.0391 3776  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:31:08.0407 3776  PNRPsvc - ok
13:31:08.0422 3776  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:31:08.0454 3776  PolicyAgent - ok
13:31:08.0485 3776  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:31:08.0516 3776  Power - ok
13:31:08.0547 3776  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:31:08.0594 3776  PptpMiniport - ok
13:31:08.0610 3776  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:31:08.0625 3776  Processor - ok
13:31:08.0656 3776  [ 5C78838B4D166D1A27DB3A8A820C799A ] ProfSvc         C:\Windows\system32\profsvc.dll
13:31:08.0688 3776  ProfSvc - ok
13:31:08.0703 3776  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:31:08.0719 3776  ProtectedStorage - ok
13:31:08.0719 3776  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:31:08.0750 3776  Psched - ok
13:31:08.0750 3776  pvajlz - ok
13:31:08.0797 3776  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:31:08.0828 3776  ql2300 - ok
13:31:08.0844 3776  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:31:08.0859 3776  ql40xx - ok
13:31:08.0859 3776  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:31:08.0875 3776  QWAVE - ok
13:31:08.0890 3776  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:31:08.0906 3776  QWAVEdrv - ok
13:31:08.0922 3776  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:31:08.0953 3776  RasAcd - ok
13:31:08.0968 3776  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:31:09.0000 3776  RasAgileVpn - ok
13:31:09.0015 3776  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:31:09.0046 3776  RasAuto - ok
13:31:09.0062 3776  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:31:09.0093 3776  Rasl2tp - ok
13:31:09.0124 3776  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:31:09.0156 3776  RasMan - ok
13:31:09.0171 3776  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:31:09.0218 3776  RasPppoe - ok
13:31:09.0234 3776  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:31:09.0280 3776  RasSstp - ok
13:31:09.0312 3776  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:31:09.0343 3776  rdbss - ok
13:31:09.0358 3776  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:31:09.0390 3776  rdpbus - ok
13:31:09.0390 3776  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:31:09.0436 3776  RDPCDD - ok
13:31:09.0452 3776  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:31:09.0483 3776  RDPENCDD - ok
13:31:09.0499 3776  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:31:09.0530 3776  RDPREFMP - ok
13:31:09.0561 3776  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:31:09.0592 3776  RDPWD - ok
13:31:09.0608 3776  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:31:09.0608 3776  rdyboost - ok
13:31:09.0639 3776  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:31:09.0670 3776  RemoteAccess - ok
13:31:09.0686 3776  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:31:09.0717 3776  RemoteRegistry - ok
13:31:09.0764 3776  [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
13:31:09.0764 3776  RichVideo - ok
13:31:09.0780 3776  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:31:09.0826 3776  RpcEptMapper - ok
13:31:09.0842 3776  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:31:09.0858 3776  RpcLocator - ok
13:31:09.0873 3776  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:31:09.0904 3776  RpcSs - ok
13:31:09.0920 3776  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:31:09.0951 3776  rspndr - ok
13:31:09.0998 3776  [ 9140DB0911DE035FED0A9A77A2D156EA ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:31:10.0014 3776  RTL8167 - ok
13:31:10.0029 3776  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:31:10.0045 3776  SamSs - ok
13:31:10.0045 3776  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:31:10.0060 3776  sbp2port - ok
13:31:10.0076 3776  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:31:10.0107 3776  SCardSvr - ok
13:31:10.0123 3776  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:31:10.0154 3776  scfilter - ok
13:31:10.0185 3776  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:31:10.0248 3776  Schedule - ok
13:31:10.0263 3776  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:31:10.0294 3776  SCPolicySvc - ok
13:31:10.0310 3776  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:31:10.0326 3776  SDRSVC - ok
13:31:10.0357 3776  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:31:10.0388 3776  secdrv - ok
13:31:10.0404 3776  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:31:10.0435 3776  seclogon - ok
13:31:10.0450 3776  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:31:10.0482 3776  SENS - ok
13:31:10.0497 3776  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:31:10.0513 3776  SensrSvc - ok
13:31:10.0528 3776  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:31:10.0544 3776  Serenum - ok
13:31:10.0560 3776  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:31:10.0591 3776  Serial - ok
13:31:10.0606 3776  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:31:10.0622 3776  sermouse - ok
13:31:10.0638 3776  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:31:10.0684 3776  SessionEnv - ok
13:31:10.0684 3776  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:31:10.0700 3776  sffdisk - ok
13:31:10.0716 3776  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:31:10.0731 3776  sffp_mmc - ok
13:31:10.0747 3776  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:31:10.0762 3776  sffp_sd - ok
13:31:10.0778 3776  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:31:10.0778 3776  sfloppy - ok
13:31:10.0809 3776  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:31:10.0840 3776  SharedAccess - ok
13:31:10.0872 3776  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:31:10.0903 3776  ShellHWDetection - ok
13:31:10.0918 3776  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:31:10.0918 3776  SiSRaid2 - ok
13:31:10.0934 3776  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:31:10.0934 3776  SiSRaid4 - ok
13:31:10.0965 3776  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:31:10.0996 3776  Smb - ok
13:31:11.0028 3776  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:31:11.0043 3776  SNMPTRAP - ok
13:31:11.0059 3776  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:31:11.0074 3776  spldr - ok
13:31:11.0090 3776  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
13:31:11.0121 3776  Spooler - ok
13:31:11.0168 3776  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:31:11.0230 3776  sppsvc - ok
13:31:11.0246 3776  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:31:11.0277 3776  sppuinotify - ok
13:31:11.0293 3776  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:31:11.0324 3776  srv - ok
13:31:11.0340 3776  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:31:11.0355 3776  srv2 - ok
13:31:11.0386 3776  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:31:11.0386 3776  srvnet - ok
13:31:11.0418 3776  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:31:11.0464 3776  SSDPSRV - ok
13:31:11.0480 3776  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:31:11.0511 3776  SstpSvc - ok
13:31:11.0527 3776  Steam Client Service - ok
13:31:11.0558 3776  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:31:11.0574 3776  stexstor - ok
13:31:11.0620 3776  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:31:11.0636 3776  stisvc - ok
13:31:11.0636 3776  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:31:11.0652 3776  swenum - ok
13:31:11.0667 3776  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:31:11.0714 3776  swprv - ok
13:31:11.0745 3776  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:31:11.0792 3776  SysMain - ok
13:31:11.0808 3776  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:31:11.0823 3776  TabletInputService - ok
13:31:11.0839 3776  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:31:11.0886 3776  TapiSrv - ok
13:31:11.0901 3776  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:31:11.0932 3776  TBS - ok
13:31:11.0979 3776  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:31:12.0026 3776  Tcpip - ok
13:31:12.0057 3776  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:31:12.0088 3776  TCPIP6 - ok
13:31:12.0104 3776  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:31:12.0135 3776  tcpipreg - ok
13:31:12.0151 3776  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:31:12.0166 3776  TDPIPE - ok
13:31:12.0198 3776  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:31:12.0213 3776  TDTCP - ok
13:31:12.0229 3776  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:31:12.0244 3776  tdx - ok
13:31:12.0260 3776  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:31:12.0260 3776  TermDD - ok
13:31:12.0291 3776  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:31:12.0338 3776  TermService - ok
13:31:12.0354 3776  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:31:12.0369 3776  Themes - ok
13:31:12.0385 3776  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:31:12.0416 3776  THREADORDER - ok
13:31:12.0432 3776  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:31:12.0478 3776  TrkWks - ok
13:31:12.0510 3776  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:31:12.0541 3776  TrustedInstaller - ok
13:31:12.0572 3776  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:31:12.0619 3776  tssecsrv - ok
13:31:12.0634 3776  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:31:12.0650 3776  TsUsbFlt - ok
13:31:12.0666 3776  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:31:12.0666 3776  TsUsbGD - ok
13:31:12.0697 3776  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:31:12.0728 3776  tunnel - ok
13:31:12.0744 3776  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:31:12.0759 3776  uagp35 - ok
13:31:12.0775 3776  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:31:12.0822 3776  udfs - ok
13:31:12.0822 3776  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:31:12.0837 3776  UI0Detect - ok
13:31:12.0853 3776  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:31:12.0868 3776  uliagpkx - ok
13:31:12.0884 3776  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:31:12.0900 3776  umbus - ok
13:31:12.0915 3776  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:31:12.0931 3776  UmPass - ok
13:31:12.0946 3776  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:31:12.0993 3776  upnphost - ok
13:31:13.0040 3776  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:31:13.0056 3776  usbccgp - ok
13:31:13.0087 3776  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:31:13.0102 3776  usbcir - ok
13:31:13.0102 3776  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:31:13.0118 3776  usbehci - ok
13:31:13.0149 3776  [ 573D192E268F0C5B486B7E96F661E538 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
13:31:13.0149 3776  usbfilter - ok
13:31:13.0180 3776  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:31:13.0196 3776  usbhub - ok
13:31:13.0212 3776  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:31:13.0227 3776  usbohci - ok
13:31:13.0258 3776  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:31:13.0274 3776  usbprint - ok
13:31:13.0305 3776  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:31:13.0321 3776  usbscan - ok
13:31:13.0336 3776  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:31:13.0383 3776  USBSTOR - ok
13:31:13.0399 3776  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:31:13.0414 3776  usbuhci - ok
13:31:13.0430 3776  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:31:13.0461 3776  UxSms - ok
13:31:13.0477 3776  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:31:13.0492 3776  VaultSvc - ok
13:31:13.0508 3776  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:31:13.0524 3776  vdrvroot - ok
13:31:13.0539 3776  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:31:13.0570 3776  vds - ok
13:31:13.0586 3776  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:31:13.0602 3776  vga - ok
13:31:13.0617 3776  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:31:13.0633 3776  VgaSave - ok
13:31:13.0664 3776  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:31:13.0664 3776  vhdmp - ok
13:31:13.0680 3776  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:31:13.0695 3776  viaide - ok
13:31:13.0711 3776  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:31:13.0711 3776  volmgr - ok
13:31:13.0726 3776  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:31:13.0742 3776  volmgrx - ok
13:31:13.0758 3776  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:31:13.0773 3776  volsnap - ok
13:31:13.0789 3776  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:31:13.0804 3776  vsmraid - ok
13:31:13.0836 3776  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:31:13.0898 3776  VSS - ok
13:31:13.0914 3776  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:31:13.0929 3776  vwifibus - ok
13:31:13.0945 3776  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:31:13.0976 3776  W32Time - ok
13:31:14.0007 3776  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:31:14.0007 3776  WacomPen - ok
13:31:14.0038 3776  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:31:14.0070 3776  WANARP - ok
13:31:14.0085 3776  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:31:14.0116 3776  Wanarpv6 - ok
13:31:14.0163 3776  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:31:14.0194 3776  WatAdminSvc - ok
13:31:14.0226 3776  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:31:14.0288 3776  wbengine - ok
13:31:14.0304 3776  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:31:14.0319 3776  WbioSrvc - ok
13:31:14.0335 3776  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:31:14.0366 3776  wcncsvc - ok
13:31:14.0382 3776  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:31:14.0397 3776  WcsPlugInService - ok
13:31:14.0413 3776  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:31:14.0428 3776  Wd - ok
13:31:14.0444 3776  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:31:14.0460 3776  Wdf01000 - ok
13:31:14.0475 3776  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:31:14.0538 3776  WdiServiceHost - ok
13:31:14.0538 3776  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:31:14.0553 3776  WdiSystemHost - ok
13:31:14.0569 3776  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:31:14.0600 3776  WebClient - ok
13:31:14.0616 3776  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:31:14.0647 3776  Wecsvc - ok
13:31:14.0662 3776  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:31:14.0694 3776  wercplsupport - ok
13:31:14.0709 3776  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:31:14.0756 3776  WerSvc - ok
13:31:14.0772 3776  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:31:14.0803 3776  WfpLwf - ok
13:31:14.0818 3776  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:31:14.0818 3776  WIMMount - ok
13:31:14.0834 3776  WinDefend - ok
13:31:14.0850 3776  WinHttpAutoProxySvc - ok
13:31:14.0896 3776  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:31:14.0928 3776  Winmgmt - ok
13:31:14.0974 3776  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:31:15.0037 3776  WinRM - ok
13:31:15.0099 3776  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:31:15.0115 3776  WinUsb - ok
13:31:15.0146 3776  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:31:15.0177 3776  Wlansvc - ok
13:31:15.0193 3776  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:31:15.0208 3776  WmiAcpi - ok
13:31:15.0224 3776  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:31:15.0255 3776  wmiApSrv - ok
13:31:15.0271 3776  WMPNetworkSvc - ok
13:31:15.0286 3776  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:31:15.0302 3776  WPCSvc - ok
13:31:15.0318 3776  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:31:15.0333 3776  WPDBusEnum - ok
13:31:15.0364 3776  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:31:15.0380 3776  ws2ifsl - ok
13:31:15.0396 3776  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:31:15.0427 3776  wscsvc - ok
13:31:15.0427 3776  WSearch - ok
13:31:15.0489 3776  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:31:15.0536 3776  wuauserv - ok
13:31:15.0552 3776  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:31:15.0598 3776  WudfPf - ok
13:31:15.0614 3776  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:31:15.0645 3776  WUDFRd - ok
13:31:15.0661 3776  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:31:15.0676 3776  wudfsvc - ok
13:31:15.0692 3776  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:31:15.0723 3776  WwanSvc - ok
13:31:15.0739 3776  ================ Scan global ===============================
13:31:15.0770 3776  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:31:15.0786 3776  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:31:15.0786 3776  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:31:15.0817 3776  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:31:15.0832 3776  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:31:15.0832 3776  [Global] - ok
13:31:15.0848 3776  ================ Scan MBR ==================================
13:31:15.0848 3776  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:31:16.0098 3776  \Device\Harddisk0\DR0 - ok
13:31:16.0113 3776  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:31:18.0297 3776  \Device\Harddisk1\DR1 - ok
13:31:18.0297 3776  ================ Scan VBR ==================================
13:31:18.0297 3776  [ 4D9104FDD75520D371B72FC94BEE08A6 ] \Device\Harddisk0\DR0\Partition1
13:31:18.0297 3776  \Device\Harddisk0\DR0\Partition1 - ok
13:31:18.0313 3776  [ DE9ECD6A19CEE7F21E7B960A552212F9 ] \Device\Harddisk0\DR0\Partition2
13:31:18.0313 3776  \Device\Harddisk0\DR0\Partition2 - ok
13:31:18.0313 3776  [ 9B232F066AD7D7853819340B96D5C6E7 ] \Device\Harddisk1\DR1\Partition1
13:31:18.0313 3776  \Device\Harddisk1\DR1\Partition1 - ok
13:31:18.0313 3776  ================ Scan active images ========================
13:31:18.0313 3776  [ F9D46B6B322708BD5AFCC8767EBDC901 ] C:\Windows\System32\drivers\amd_sata.sys
13:31:18.0313 3776  C:\Windows\System32\drivers\amd_sata.sys - ok
13:31:18.0328 3776  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
13:31:18.0328 3776  C:\Windows\System32\drivers\crashdmp.sys - ok
13:31:18.0328 3776  [ 9BBD8B5855BC6578957F82341F9CDE5A ] C:\Windows\System32\drivers\Diskdump.sys
13:31:18.0328 3776  C:\Windows\System32\drivers\Diskdump.sys - ok
13:31:18.0328 3776  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
13:31:18.0328 3776  C:\Windows\System32\drivers\dumpfve.sys - ok
13:31:18.0344 3776  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
13:31:18.0344 3776  C:\Windows\System32\drivers\cdrom.sys - ok
13:31:18.0344 3776  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
13:31:18.0344 3776  C:\Windows\System32\drivers\null.sys - ok
13:31:18.0344 3776  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
13:31:18.0344 3776  C:\Windows\System32\drivers\beep.sys - ok
13:31:18.0360 3776  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
13:31:18.0360 3776  C:\Windows\System32\drivers\RDPCDD.sys - ok
13:31:18.0360 3776  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
13:31:18.0360 3776  C:\Windows\System32\drivers\vga.sys - ok
13:31:18.0360 3776  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
13:31:18.0360 3776  C:\Windows\System32\drivers\videoprt.sys - ok
13:31:18.0375 3776  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
13:31:18.0375 3776  C:\Windows\System32\drivers\watchdog.sys - ok
13:31:18.0375 3776  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
13:31:18.0375 3776  C:\Windows\System32\drivers\msfs.sys - ok
13:31:18.0375 3776  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
13:31:18.0375 3776  C:\Windows\System32\drivers\npfs.sys - ok
13:31:18.0391 3776  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
13:31:18.0391 3776  C:\Windows\System32\drivers\RDPENCDD.sys - ok
13:31:18.0391 3776  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
13:31:18.0391 3776  C:\Windows\System32\drivers\RDPREFMP.sys - ok
13:31:18.0391 3776  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
13:31:18.0391 3776  C:\Windows\System32\drivers\tdi.sys - ok
13:31:18.0406 3776  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
13:31:18.0406 3776  C:\Windows\System32\drivers\tdx.sys - ok
13:31:18.0406 3776  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
13:31:18.0406 3776  C:\Windows\System32\drivers\afd.sys - ok
13:31:18.0406 3776  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
13:31:18.0406 3776  C:\Windows\System32\drivers\netbt.sys - ok
13:31:18.0422 3776  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
13:31:18.0422 3776  C:\Windows\System32\drivers\netbios.sys - ok
13:31:18.0422 3776  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
13:31:18.0422 3776  C:\Windows\System32\drivers\pacer.sys - ok
13:31:18.0422 3776  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
13:31:18.0422 3776  C:\Windows\System32\drivers\serial.sys - ok
13:31:18.0438 3776  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
13:31:18.0438 3776  C:\Windows\System32\drivers\wfplwf.sys - ok
13:31:18.0438 3776  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
13:31:18.0438 3776  C:\Windows\System32\drivers\termdd.sys - ok
13:31:18.0438 3776  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
13:31:18.0438 3776  C:\Windows\System32\drivers\wanarp.sys - ok
13:31:18.0453 3776  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
13:31:18.0453 3776  C:\Windows\System32\drivers\nsiproxy.sys - ok
13:31:18.0453 3776  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
13:31:18.0453 3776  C:\Windows\System32\drivers\rdbss.sys - ok
13:31:18.0453 3776  [ BA957E7ACD2B44FA3B01FAA64F6A9060 ] C:\Windows\System32\drivers\AppleCharger.sys
13:31:18.0453 3776  C:\Windows\System32\drivers\AppleCharger.sys - ok
13:31:18.0453 3776  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
13:31:18.0453 3776  C:\Windows\System32\drivers\blbdrive.sys - ok
13:31:18.0469 3776  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
13:31:18.0469 3776  C:\Windows\System32\drivers\dfsc.sys - ok
13:31:18.0469 3776  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
13:31:18.0469 3776  C:\Windows\System32\drivers\discache.sys - ok
13:31:18.0469 3776  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
13:31:18.0469 3776  C:\Windows\System32\drivers\mssmbios.sys - ok
13:31:18.0484 3776  [ 1E56388B3FE0D031C44144EB8C4D6217 ] C:\Windows\System32\drivers\amdppm.sys
13:31:18.0484 3776  C:\Windows\System32\drivers\amdppm.sys - ok
13:31:18.0484 3776  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
13:31:18.0484 3776  C:\Windows\System32\drivers\tunnel.sys - ok
13:31:18.0484 3776  [ 35D2184A99AD4CD5D17284D6C9F382C9 ] C:\Windows\System32\drivers\atikmpag.sys
13:31:18.0484 3776  C:\Windows\System32\drivers\atikmpag.sys - ok
13:31:18.0500 3776  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
13:31:18.0500 3776  C:\Windows\System32\autochk.exe - ok
13:31:18.0500 3776  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
13:31:18.0500 3776  C:\Windows\System32\ntdll.dll - ok
13:31:18.0500 3776  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
13:31:18.0500 3776  C:\Windows\System32\smss.exe - ok
13:31:18.0516 3776  [ 5B03217859B014B090CB5060C1D96875 ] C:\Windows\System32\drivers\atikmdag.sys
13:31:18.0516 3776  C:\Windows\System32\drivers\atikmdag.sys - ok
13:31:18.0516 3776  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll

Link to post
Share on other sites

13:31:18.0516 3776  C:\Windows\System32\gdi32.dll - ok
13:31:18.0516 3776  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
13:31:18.0516 3776  C:\Windows\System32\msvcrt.dll - ok
13:31:18.0531 3776  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
13:31:18.0531 3776  C:\Windows\System32\nsi.dll - ok
13:31:18.0531 3776  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
13:31:18.0531 3776  C:\Windows\System32\usp10.dll - ok
13:31:18.0531 3776  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
13:31:18.0531 3776  C:\Windows\System32\ws2_32.dll - ok
13:31:18.0547 3776  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
13:31:18.0547 3776  C:\Windows\System32\msctf.dll - ok
13:31:18.0547 3776  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
13:31:18.0547 3776  C:\Windows\System32\Wldap32.dll - ok
13:31:18.0547 3776  [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
13:31:18.0547 3776  C:\Windows\System32\drivers\dxgkrnl.sys - ok
13:31:18.0547 3776  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
13:31:18.0547 3776  C:\Windows\System32\drivers\dxgmms1.sys - ok
13:31:18.0562 3776  [ 9140DB0911DE035FED0A9A77A2D156EA ] C:\Windows\System32\drivers\Rt64win7.sys
13:31:18.0562 3776  C:\Windows\System32\drivers\Rt64win7.sys - ok
13:31:18.0562 3776  [ 1BDF694C5BA91A1576DA907DA3077EF8 ] C:\Windows\System32\iertutil.dll
13:31:18.0562 3776  C:\Windows\System32\iertutil.dll - ok
13:31:18.0562 3776  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
13:31:18.0562 3776  C:\Windows\System32\drivers\usbport.sys - ok
13:31:18.0578 3776  [ 573D192E268F0C5B486B7E96F661E538 ] C:\Windows\System32\drivers\usbfilter.sys
13:31:18.0578 3776  C:\Windows\System32\drivers\usbfilter.sys - ok
13:31:18.0578 3776  [ 9840FC418B4CBD632D3D0A667A725C31 ] C:\Windows\System32\drivers\usbohci.sys
13:31:18.0578 3776  C:\Windows\System32\drivers\usbohci.sys - ok
13:31:18.0578 3776  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
13:31:18.0578 3776  C:\Windows\System32\drivers\hdaudbus.sys - ok
13:31:18.0594 3776  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
13:31:18.0594 3776  C:\Windows\System32\drivers\usbehci.sys - ok
13:31:18.0594 3776  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
13:31:18.0594 3776  C:\Windows\System32\drivers\agilevpn.sys - ok
13:31:18.0594 3776  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
13:31:18.0594 3776  C:\Windows\System32\drivers\CompositeBus.sys - ok
13:31:18.0609 3776  [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
13:31:18.0609 3776  C:\Windows\System32\drivers\serenum.sys - ok
13:31:18.0609 3776  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
13:31:18.0609 3776  C:\Windows\System32\sechost.dll - ok
13:31:18.0609 3776  [ C9152A497D0CA33CE9D729F1179DDB01 ] C:\Windows\System32\urlmon.dll
13:31:18.0609 3776  C:\Windows\System32\urlmon.dll - ok
13:31:18.0625 3776  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
13:31:18.0625 3776  C:\Windows\System32\imagehlp.dll - ok
13:31:18.0625 3776  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
13:31:18.0625 3776  C:\Windows\System32\psapi.dll - ok
13:31:18.0625 3776  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
13:31:18.0625 3776  C:\Windows\System32\drivers\ndistapi.sys - ok
13:31:18.0640 3776  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
13:31:18.0640 3776  C:\Windows\System32\drivers\ndiswan.sys - ok
13:31:18.0640 3776  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
13:31:18.0640 3776  C:\Windows\System32\drivers\rasl2tp.sys - ok
13:31:18.0640 3776  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
13:31:18.0640 3776  C:\Windows\System32\drivers\raspppoe.sys - ok
13:31:18.0656 3776  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
13:31:18.0656 3776  C:\Windows\System32\drivers\kbdclass.sys - ok
13:31:18.0656 3776  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
13:31:18.0656 3776  C:\Windows\System32\drivers\ks.sys - ok
13:31:18.0656 3776  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
13:31:18.0656 3776  C:\Windows\System32\drivers\mouclass.sys - ok
13:31:18.0672 3776  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
13:31:18.0672 3776  C:\Windows\System32\drivers\raspptp.sys - ok
13:31:18.0672 3776  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
13:31:18.0672 3776  C:\Windows\System32\drivers\rassstp.sys - ok
13:31:18.0672 3776  [ 6A2EEB0C4133B20773BB3DD0B7B377B4 ] C:\Windows\System32\drivers\amdiox64.sys
13:31:18.0672 3776  C:\Windows\System32\drivers\amdiox64.sys - ok
13:31:18.0687 3776  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
13:31:18.0687 3776  C:\Windows\System32\drivers\swenum.sys - ok
13:31:18.0687 3776  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
13:31:18.0687 3776  C:\Windows\System32\drivers\umbus.sys - ok
13:31:18.0687 3776  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
13:31:18.0687 3776  C:\Windows\System32\imm32.dll - ok
13:31:18.0703 3776  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
13:31:18.0703 3776  C:\Windows\System32\difxapi.dll - ok
13:31:18.0703 3776  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
13:31:18.0703 3776  C:\Windows\System32\drivers\usbhub.sys - ok
13:31:18.0703 3776  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
13:31:18.0703 3776  C:\Windows\System32\clbcatq.dll - ok
13:31:18.0718 3776  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
13:31:18.0718 3776  C:\Windows\System32\user32.dll - ok
13:31:18.0718 3776  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
13:31:18.0718 3776  C:\Windows\System32\drivers\ndproxy.sys - ok
13:31:18.0718 3776  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
13:31:18.0718 3776  C:\Windows\System32\shell32.dll - ok
13:31:18.0734 3776  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
13:31:18.0734 3776  C:\Windows\System32\drivers\drmk.sys - ok
13:31:18.0734 3776  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
13:31:18.0734 3776  C:\Windows\System32\drivers\ksthunk.sys - ok
13:31:18.0734 3776  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
13:31:18.0734 3776  C:\Windows\System32\drivers\portcls.sys - ok
13:31:18.0734 3776  [ F2744FD54BE1580BE05916D1C755C92A ] C:\Windows\System32\drivers\RTKVHD64.sys
13:31:18.0734 3776  C:\Windows\System32\drivers\RTKVHD64.sys - ok
13:31:18.0750 3776  [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
13:31:18.0750 3776  C:\Windows\System32\kernel32.dll - ok
13:31:18.0750 3776  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
13:31:18.0750 3776  C:\Windows\System32\normaliz.dll - ok
13:31:18.0750 3776  [ B8BD2BB284668C84865658C77574381A ] C:\Windows\System32\drivers\cdfs.sys
13:31:18.0750 3776  C:\Windows\System32\drivers\cdfs.sys - ok
13:31:18.0765 3776  [ 12716D987D475B051F35895659159705 ] C:\Windows\System32\wininet.dll
13:31:18.0765 3776  C:\Windows\System32\wininet.dll - ok
13:31:18.0765 3776  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
13:31:18.0765 3776  C:\Windows\System32\shlwapi.dll - ok
13:31:18.0765 3776  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
13:31:18.0765 3776  C:\Windows\System32\ole32.dll - ok
13:31:18.0781 3776  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
13:31:18.0781 3776  C:\Windows\System32\rpcrt4.dll - ok
13:31:18.0781 3776  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
13:31:18.0781 3776  C:\Windows\System32\advapi32.dll - ok
13:31:18.0781 3776  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
13:31:18.0781 3776  C:\Windows\System32\comdlg32.dll - ok
13:31:18.0796 3776  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
13:31:18.0796 3776  C:\Windows\System32\setupapi.dll - ok
13:31:18.0796 3776  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
13:31:18.0796 3776  C:\Windows\System32\comctl32.dll - ok
13:31:18.0796 3776  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
13:31:18.0796 3776  C:\Windows\System32\lpk.dll - ok
13:31:18.0812 3776  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
13:31:18.0812 3776  C:\Windows\System32\oleaut32.dll - ok
13:31:18.0812 3776  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
13:31:18.0812 3776  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
13:31:18.0812 3776  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
13:31:18.0812 3776  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
13:31:18.0828 3776  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
13:31:18.0828 3776  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
13:31:18.0828 3776  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
13:31:18.0828 3776  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
13:31:18.0828 3776  [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
13:31:18.0828 3776  C:\Windows\System32\KernelBase.dll - ok
13:31:18.0843 3776  [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
13:31:18.0843 3776  C:\Windows\System32\crypt32.dll - ok
13:31:18.0843 3776  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
13:31:18.0843 3776  C:\Windows\System32\wintrust.dll - ok
13:31:18.0843 3776  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
13:31:18.0843 3776  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
13:31:18.0859 3776  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
13:31:18.0859 3776  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
13:31:18.0859 3776  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
13:31:18.0859 3776  C:\Windows\System32\cfgmgr32.dll - ok
13:31:18.0859 3776  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
13:31:18.0859 3776  C:\Windows\System32\devobj.dll - ok
13:31:18.0859 3776  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
13:31:18.0859 3776  C:\Windows\System32\msasn1.dll - ok
13:31:18.0874 3776  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
13:31:18.0874 3776  C:\Windows\SysWOW64\normaliz.dll - ok
13:31:18.0874 3776  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
13:31:18.0874 3776  C:\Windows\System32\drivers\dxapi.sys - ok
13:31:18.0874 3776  [ A11523523B31086DD760C0189C763359 ] C:\Windows\System32\win32k.sys
13:31:18.0874 3776  C:\Windows\System32\win32k.sys - ok
13:31:18.0890 3776  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
13:31:18.0890 3776  C:\Windows\System32\csrsrv.dll - ok
13:31:18.0890 3776  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
13:31:18.0890 3776  C:\Windows\System32\csrss.exe - ok
13:31:18.0890 3776  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
13:31:18.0890 3776  C:\Windows\System32\basesrv.dll - ok
13:31:18.0906 3776  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
13:31:18.0906 3776  C:\Windows\System32\winsrv.dll - ok
13:31:18.0906 3776  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
13:31:18.0906 3776  C:\Windows\System32\drivers\usbd.sys - ok
13:31:18.0906 3776  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
13:31:18.0906 3776  C:\Windows\System32\drivers\usbccgp.sys - ok
13:31:18.0921 3776  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
13:31:18.0921 3776  C:\Windows\System32\drivers\USBSTOR.SYS - ok
13:31:18.0921 3776  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
13:31:18.0921 3776  C:\Windows\System32\drivers\hidparse.sys - ok
13:31:18.0921 3776  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
13:31:18.0921 3776  C:\Windows\System32\drivers\hidclass.sys - ok
13:31:18.0937 3776  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
13:31:18.0937 3776  C:\Windows\System32\drivers\hidusb.sys - ok
13:31:18.0937 3776  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
13:31:18.0937 3776  C:\Windows\System32\drivers\kbdhid.sys - ok
13:31:18.0937 3776  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
13:31:18.0937 3776  C:\Windows\System32\drivers\mouhid.sys - ok
13:31:18.0952 3776  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
13:31:18.0952 3776  C:\Windows\System32\drivers\monitor.sys - ok
13:31:18.0952 3776  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
13:31:18.0952 3776  C:\Windows\System32\tsddd.dll - ok
13:31:18.0952 3776  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
13:31:18.0952 3776  C:\Windows\System32\sxssrv.dll - ok
13:31:18.0968 3776  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
13:31:18.0968 3776  C:\Windows\System32\wininit.exe - ok
13:31:18.0968 3776  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
13:31:18.0968 3776  C:\Windows\System32\KBDUS.DLL - ok
13:31:18.0968 3776  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
13:31:18.0968 3776  C:\Windows\System32\profapi.dll - ok
13:31:18.0984 3776  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
13:31:18.0984 3776  C:\Windows\System32\RpcRtRemote.dll - ok
13:31:18.0984 3776  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
13:31:18.0984 3776  C:\Windows\System32\cdd.dll - ok
13:31:18.0984 3776  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
13:31:18.0984 3776  C:\Windows\System32\WlS0WndH.dll - ok
13:31:18.0999 3776  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
13:31:18.0999 3776  C:\Windows\System32\winlogon.exe - ok
13:31:18.0999 3776  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
13:31:18.0999 3776  C:\Windows\System32\sxs.dll - ok
13:31:18.0999 3776  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
13:31:18.0999 3776  C:\Windows\System32\winsta.dll - ok
13:31:18.0999 3776  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
13:31:18.0999 3776  C:\Windows\System32\cryptbase.dll - ok
13:31:19.0015 3776  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
13:31:19.0015 3776  C:\Windows\System32\apphelp.dll - ok
13:31:19.0015 3776  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
13:31:19.0015 3776  C:\Windows\System32\lsass.exe - ok
13:31:19.0015 3776  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
13:31:19.0015 3776  C:\Windows\System32\services.exe - ok
13:31:19.0030 3776  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
13:31:19.0030 3776  C:\Windows\System32\lsm.exe - ok
13:31:19.0030 3776  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
13:31:19.0030 3776  C:\Windows\System32\sspicli.dll - ok
13:31:19.0030 3776  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
13:31:19.0030 3776  C:\Windows\System32\sspisrv.dll - ok
13:31:19.0046 3776  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
13:31:19.0046 3776  C:\Windows\System32\lsasrv.dll - ok
13:31:19.0046 3776  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
13:31:19.0046 3776  C:\Windows\System32\sysntfy.dll - ok
13:31:19.0046 3776  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
13:31:19.0046 3776  C:\Windows\System32\wmsgapi.dll - ok
13:31:19.0062 3776  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
13:31:19.0062 3776  C:\Windows\System32\scesrv.dll - ok
13:31:19.0062 3776  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
13:31:19.0062 3776  C:\Windows\System32\scext.dll - ok
13:31:19.0062 3776  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
13:31:19.0062 3776  C:\Windows\System32\secur32.dll - ok
13:31:19.0077 3776  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
13:31:19.0077 3776  C:\Windows\System32\srvcli.dll - ok
13:31:19.0077 3776  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
13:31:19.0077 3776  C:\Windows\System32\samsrv.dll - ok
13:31:19.0077 3776  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
13:31:19.0077 3776  C:\Windows\System32\cryptdll.dll - ok
13:31:19.0077 3776  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
13:31:19.0077 3776  C:\Windows\System32\wevtapi.dll - ok
13:31:19.0093 3776  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
13:31:19.0093 3776  C:\Windows\System32\cngaudit.dll - ok
13:31:19.0093 3776  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
13:31:19.0093 3776  C:\Windows\System32\authz.dll - ok
13:31:19.0093 3776  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
13:31:19.0093 3776  C:\Windows\System32\ncrypt.dll - ok
13:31:19.0108 3776  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
13:31:19.0108 3776  C:\Windows\System32\bcrypt.dll - ok
13:31:19.0108 3776  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
13:31:19.0108 3776  C:\Windows\System32\msprivs.dll - ok
13:31:19.0108 3776  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
13:31:19.0108 3776  C:\Windows\System32\netjoin.dll - ok
13:31:19.0124 3776  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
13:31:19.0124 3776  C:\Windows\System32\negoexts.dll - ok
13:31:19.0124 3776  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
13:31:19.0124 3776  C:\Windows\System32\kerberos.dll - ok
13:31:19.0124 3776  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
13:31:19.0124 3776  C:\Windows\System32\cryptsp.dll - ok
13:31:19.0140 3776  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
13:31:19.0140 3776  C:\Windows\System32\mswsock.dll - ok
13:31:19.0140 3776  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
13:31:19.0140 3776  C:\Windows\System32\wship6.dll - ok
13:31:19.0140 3776  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
13:31:19.0140 3776  C:\Windows\System32\msv1_0.dll - ok
13:31:19.0155 3776  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
13:31:19.0155 3776  C:\Windows\System32\netlogon.dll - ok
13:31:19.0155 3776  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
13:31:19.0155 3776  C:\Windows\System32\dnsapi.dll - ok
13:31:19.0155 3776  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
13:31:19.0155 3776  C:\Windows\System32\logoncli.dll - ok
13:31:19.0171 3776  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
13:31:19.0171 3776  C:\Windows\System32\schannel.dll - ok
13:31:19.0171 3776  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
13:31:19.0171 3776  C:\Windows\System32\wdigest.dll - ok
13:31:19.0171 3776  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
13:31:19.0171 3776  C:\Windows\System32\rsaenh.dll - ok
13:31:19.0186 3776  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
13:31:19.0186 3776  C:\Windows\System32\pku2u.dll - ok
13:31:19.0186 3776  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
13:31:19.0186 3776  C:\Windows\System32\TSpkg.dll - ok
13:31:19.0186 3776  [ 98A3831AD419590CE85F07406B265EEE ] C:\Windows\System32\MSOIDSSP.DLL
13:31:19.0186 3776  C:\Windows\System32\MSOIDSSP.DLL - ok
13:31:19.0202 3776  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
13:31:19.0202 3776  C:\Windows\System32\bcryptprimitives.dll - ok
13:31:19.0202 3776  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
13:31:19.0202 3776  C:\Windows\System32\credssp.dll - ok
13:31:19.0202 3776  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
13:31:19.0202 3776  C:\Windows\System32\efslsaext.dll - ok
13:31:19.0202 3776  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
13:31:19.0202 3776  C:\Windows\System32\scecli.dll - ok
13:31:19.0218 3776  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
13:31:19.0218 3776  C:\Windows\System32\ubpm.dll - ok
13:31:19.0218 3776  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
13:31:19.0218 3776  C:\Windows\System32\svchost.exe - ok
13:31:19.0218 3776  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
13:31:19.0218 3776  C:\Windows\System32\umpnpmgr.dll - ok
13:31:19.0233 3776  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
13:31:19.0233 3776  C:\Windows\System32\devrtl.dll - ok
13:31:19.0233 3776  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
13:31:19.0233 3776  C:\Windows\System32\SPInf.dll - ok
13:31:19.0233 3776  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
13:31:19.0233 3776  C:\Windows\System32\gpapi.dll - ok
13:31:19.0249 3776  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
13:31:19.0249 3776  C:\Windows\System32\userenv.dll - ok
13:31:19.0249 3776  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
13:31:19.0249 3776  C:\Windows\System32\umpo.dll - ok
13:31:19.0249 3776  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
13:31:19.0249 3776  C:\Windows\System32\pcwum.dll - ok
13:31:19.0264 3776  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
13:31:19.0264 3776  C:\Windows\System32\powrprof.dll - ok
13:31:19.0264 3776  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
13:31:19.0264 3776  C:\Windows\System32\drivers\luafv.sys - ok
13:31:19.0264 3776  [ 0BB97D43299910CBFBA59C461B99B910 ] C:\Windows\System32\drivers\mbam.sys
13:31:19.0264 3776  C:\Windows\System32\drivers\mbam.sys - ok
13:31:19.0280 3776  [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
13:31:19.0280 3776  C:\Windows\System32\drivers\WUDFPf.sys - ok
13:31:19.0280 3776  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
13:31:19.0280 3776  C:\Windows\System32\rpcss.dll - ok
13:31:19.0280 3776  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
13:31:19.0280 3776  C:\Windows\System32\RpcEpMap.dll - ok
13:31:19.0296 3776  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
13:31:19.0296 3776  C:\Windows\System32\wshqos.dll - ok
13:31:19.0296 3776  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
13:31:19.0296 3776  C:\Windows\System32\WSHTCPIP.DLL - ok
13:31:19.0296 3776  [ A2F5BEA5B45A8E7C4776F39C25E8699D ] C:\Windows\System32\atiesrxx.exe
13:31:19.0296 3776  C:\Windows\System32\atiesrxx.exe - ok
13:31:19.0296 3776  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
13:31:19.0296 3776  C:\Windows\System32\FirewallAPI.dll - ok
13:31:19.0311 3776  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
13:31:19.0311 3776  C:\Windows\System32\wtsapi32.dll - ok
13:31:19.0311 3776  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
13:31:19.0311 3776  C:\Windows\System32\version.dll - ok
13:31:19.0311 3776  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
13:31:19.0311 3776  C:\Windows\System32\LogonUI.exe - ok
13:31:19.0327 3776  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
13:31:19.0327 3776  C:\Windows\System32\authui.dll - ok
13:31:19.0327 3776  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
13:31:19.0327 3776  C:\Windows\System32\wevtsvc.dll - ok
13:31:19.0327 3776  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
13:31:19.0327 3776  C:\Windows\System32\cryptui.dll - ok
13:31:19.0342 3776  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
13:31:19.0342 3776  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
13:31:19.0342 3776  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
13:31:19.0342 3776  C:\Windows\System32\audiosrv.dll - ok
13:31:19.0342 3776  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
13:31:19.0342 3776  C:\Windows\System32\avrt.dll - ok
13:31:19.0358 3776  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
13:31:19.0358 3776  C:\Windows\System32\mmcss.dll - ok
13:31:19.0358 3776  [ 5C78838B4D166D1A27DB3A8A820C799A ] C:\Windows\System32\profsvc.dll
13:31:19.0358 3776  C:\Windows\System32\profsvc.dll - ok
13:31:19.0358 3776  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
13:31:19.0358 3776  C:\Windows\System32\FntCache.dll - ok
13:31:19.0374 3776  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
13:31:19.0374 3776  C:\Windows\System32\adtschema.dll - ok
13:31:19.0374 3776  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
13:31:19.0374 3776  C:\Windows\System32\MMDevAPI.dll - ok
13:31:19.0374 3776  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
13:31:19.0374 3776  C:\Windows\System32\samlib.dll - ok
13:31:19.0389 3776  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
13:31:19.0389 3776  C:\Windows\System32\shacct.dll - ok
13:31:19.0389 3776  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
13:31:19.0389 3776  C:\Windows\System32\propsys.dll - ok
13:31:19.0389 3776  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
13:31:19.0389 3776  C:\Windows\System32\uxtheme.dll - ok
13:31:19.0405 3776  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
13:31:19.0405 3776  C:\Windows\System32\netprofm.dll - ok
13:31:19.0405 3776  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
13:31:19.0405 3776  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
13:31:19.0405 3776  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
13:31:19.0405 3776  C:\Windows\System32\audiodg.exe - ok
13:31:19.0420 3776  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
13:31:19.0420 3776  C:\Windows\System32\dui70.dll - ok
13:31:19.0420 3776  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
13:31:19.0420 3776  C:\Windows\System32\gpsvc.dll - ok
13:31:19.0420 3776  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
13:31:19.0420 3776  C:\Windows\System32\duser.dll - ok
13:31:19.0436 3776  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
13:31:19.0436 3776  C:\Windows\System32\ntmarta.dll - ok
13:31:19.0436 3776  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
13:31:19.0436 3776  C:\Windows\System32\SndVolSSO.dll - ok
13:31:19.0436 3776  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
13:31:19.0436 3776  C:\Windows\System32\hid.dll - ok
13:31:19.0436 3776  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
13:31:19.0436 3776  C:\Windows\System32\dwmapi.dll - ok
13:31:19.0452 3776  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
13:31:19.0452 3776  C:\Windows\System32\nlaapi.dll - ok
13:31:19.0452 3776  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
13:31:19.0452 3776  C:\Windows\System32\atl.dll - ok
13:31:19.0452 3776  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
13:31:19.0452 3776  C:\Windows\System32\dsrole.dll - ok
13:31:19.0467 3776  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
13:31:19.0467 3776  C:\Windows\System32\themeservice.dll - ok
13:31:19.0467 3776  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
13:31:19.0467 3776  C:\Windows\System32\slc.dll - ok
13:31:19.0467 3776  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
13:31:19.0467 3776  C:\Windows\System32\xmllite.dll - ok
13:31:19.0483 3776  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
13:31:19.0483 3776  C:\Windows\System32\es.dll - ok
13:31:19.0483 3776  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
13:31:19.0483 3776  C:\Windows\System32\winmm.dll - ok
13:31:19.0483 3776  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
13:31:19.0483 3776  C:\Windows\System32\ksuser.dll - ok
13:31:19.0498 3776  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
13:31:19.0498 3776  C:\Windows\System32\wdmaud.drv - ok
13:31:19.0498 3776  [ BDDF242A49E7B7DC5CCEC291BCE53ACB ] C:\Windows\System32\WindowsCodecs.dll
13:31:19.0498 3776  C:\Windows\System32\WindowsCodecs.dll - ok
13:31:19.0498 3776  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
13:31:19.0498 3776  C:\Windows\System32\AudioSes.dll - ok
13:31:19.0514 3776  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
13:31:19.0514 3776  C:\Windows\System32\msacm32.drv - ok
13:31:19.0514 3776  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
13:31:19.0514 3776  C:\Windows\System32\midimap.dll - ok
13:31:19.0514 3776  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
13:31:19.0514 3776  C:\Windows\System32\msacm32.dll - ok
13:31:19.0530 3776  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
13:31:19.0530 3776  C:\Windows\System32\winbrand.dll - ok
13:31:19.0530 3776  [ 5FB997B6DFFB8AA7919527885B88E212 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL
13:31:19.0530 3776  C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL - ok
13:31:19.0530 3776  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
13:31:19.0530 3776  C:\Windows\System32\credui.dll - ok
13:31:19.0545 3776  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
13:31:19.0545 3776  C:\Windows\System32\VaultCredProvider.dll - ok
13:31:19.0545 3776  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
13:31:19.0545 3776  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
13:31:19.0545 3776  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
13:31:19.0545 3776  C:\Windows\System32\BioCredProv.dll - ok
13:31:19.0545 3776  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
13:31:19.0545 3776  C:\Windows\System32\winbio.dll - ok
13:31:19.0561 3776  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
13:31:19.0561 3776  C:\Windows\System32\vaultcli.dll - ok
13:31:19.0561 3776  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
13:31:19.0561 3776  C:\Windows\System32\netapi32.dll - ok
13:31:19.0561 3776  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
13:31:19.0561 3776  C:\Windows\System32\netutils.dll - ok
13:31:19.0576 3776  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
13:31:19.0576 3776  C:\Windows\System32\samcli.dll - ok
13:31:19.0576 3776  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
13:31:19.0576 3776  C:\Windows\System32\wkscli.dll - ok
13:31:19.0576 3776  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
13:31:19.0576 3776  C:\Windows\System32\certCredProvider.dll - ok
13:31:19.0592 3776  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
13:31:19.0592 3776  C:\Windows\System32\rasplap.dll - ok
13:31:19.0592 3776  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
13:31:19.0592 3776  C:\Windows\System32\rasapi32.dll - ok
13:31:19.0592 3776  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
13:31:19.0592 3776  C:\Windows\System32\rasman.dll - ok
13:31:19.0608 3776  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
13:31:19.0608 3776  C:\Windows\System32\rtutils.dll - ok
13:31:19.0608 3776  [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
13:31:19.0608 3776  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
13:31:19.0608 3776  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
13:31:19.0608 3776  C:\Windows\System32\Sens.dll - ok
13:31:19.0623 3776  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
13:31:19.0623 3776  C:\Windows\System32\UXInit.dll - ok
13:31:19.0623 3776  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
13:31:19.0623 3776  C:\Windows\System32\uxsms.dll - ok
13:31:19.0623 3776  [ 16B8421D9ADCE43A78F77842953C379D ] C:\Windows\System32\atieclxx.exe
13:31:19.0623 3776  C:\Windows\System32\atieclxx.exe - ok
13:31:19.0639 3776  [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
13:31:19.0639 3776  C:\Windows\System32\WUDFSvc.dll - ok
13:31:19.0639 3776  [ B300781479DDB45D260E69188D4F6E87 ] C:\Windows\System32\atiadlxx.dll
13:31:19.0639 3776  C:\Windows\System32\atiadlxx.dll - ok
13:31:19.0639 3776  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
13:31:19.0639 3776  C:\Windows\System32\comres.dll - ok
13:31:19.0654 3776  [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
13:31:19.0654 3776  C:\Windows\System32\WUDFPlatform.dll - ok
13:31:19.0654 3776  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
13:31:19.0654 3776  C:\Windows\System32\MPSSVC.dll - ok
13:31:19.0654 3776  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
13:31:19.0654 3776  C:\Windows\System32\drivers\lltdio.sys - ok
13:31:19.0670 3776  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
13:31:19.0670 3776  C:\Windows\System32\drivers\rspndr.sys - ok
13:31:19.0670 3776  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
13:31:19.0670 3776  C:\Windows\System32\lmhsvc.dll - ok
13:31:19.0670 3776  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
13:31:19.0670 3776  C:\Windows\System32\IPHLPAPI.DLL - ok
13:31:19.0686 3776  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
13:31:19.0686 3776  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
13:31:19.0686 3776  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
13:31:19.0686 3776  C:\Windows\System32\nrpsrv.dll - ok
13:31:19.0686 3776  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
13:31:19.0686 3776  C:\Windows\System32\winnsi.dll - ok
13:31:19.0686 3776  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
13:31:19.0686 3776  C:\Windows\System32\nsisvc.dll - ok
13:31:19.0701 3776  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
13:31:19.0701 3776  C:\Windows\System32\dhcpcore.dll - ok
13:31:19.0701 3776  [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
13:31:19.0701 3776  C:\Windows\System32\dhcpcore6.dll - ok
13:31:19.0701 3776  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
13:31:19.0701 3776  C:\Windows\System32\dnsrslvr.dll - ok
13:31:19.0717 3776  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
13:31:19.0717 3776  C:\Windows\System32\dnsext.dll - ok
13:31:19.0717 3776  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
13:31:19.0717 3776  C:\Windows\System32\FWPUCLNT.DLL - ok
13:31:19.0717 3776  [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
13:31:19.0717 3776  C:\Windows\System32\dhcpcsvc6.dll - ok
13:31:19.0732 3776  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
13:31:19.0732 3776  C:\Windows\System32\dhcpcsvc.dll - ok
13:31:19.0732 3776  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
13:31:19.0732 3776  C:\Windows\System32\shsvcs.dll - ok
13:31:19.0732 3776  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
13:31:19.0732 3776  C:\Windows\System32\schedsvc.dll - ok
13:31:19.0748 3776  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
13:31:19.0748 3776  C:\Windows\System32\ktmw32.dll - ok
13:31:19.0748 3776  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
13:31:19.0748 3776  C:\Windows\System32\taskcomp.dll - ok
13:31:19.0748 3776  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
13:31:19.0748 3776  C:\Windows\System32\imageres.dll - ok
13:31:19.0764 3776  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
13:31:19.0764 3776  C:\Windows\System32\taskeng.exe - ok
13:31:19.0764 3776  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
13:31:19.0764 3776  C:\Windows\System32\drivers\http.sys - ok
13:31:19.0764 3776  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
13:31:19.0764 3776  C:\Windows\System32\fveapi.dll - ok
13:31:19.0779 3776  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
13:31:19.0779 3776  C:\Windows\System32\fvecerts.dll - ok
13:31:19.0779 3776  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
13:31:19.0779 3776  C:\Windows\System32\tbs.dll - ok
13:31:19.0779 3776  [ B96C17B5DC1424D56EEA3A99E97428CD ] C:\Windows\System32\spoolsv.exe
13:31:19.0779 3776  C:\Windows\System32\spoolsv.exe - ok
13:31:19.0795 3776  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
13:31:19.0795 3776  C:\Windows\System32\drivers\fastfat.sys - ok
13:31:19.0795 3776  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
13:31:19.0795 3776  C:\Windows\System32\BFE.DLL - ok
13:31:19.0795 3776  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
13:31:19.0795 3776  C:\Windows\System32\TSChannel.dll - ok
13:31:19.0795 3776  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
13:31:19.0795 3776  C:\Windows\System32\drivers\bowser.sys - ok
13:31:19.0810 3776  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
13:31:19.0810 3776  C:\Windows\System32\drivers\mpsdrv.sys - ok
13:31:19.0810 3776  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
13:31:19.0810 3776  C:\Windows\System32\drivers\mrxsmb.sys - ok
13:31:19.0810 3776  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
13:31:19.0810 3776  C:\Windows\System32\drivers\mrxsmb10.sys - ok
13:31:19.0826 3776  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
13:31:19.0826 3776  C:\Windows\System32\wfapigp.dll - ok
13:31:19.0826 3776  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
13:31:19.0826 3776  C:\Windows\System32\drivers\mrxsmb20.sys - ok
13:31:19.0826 3776  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
13:31:19.0826 3776  C:\Windows\System32\wkssvc.dll - ok
13:31:19.0842 3776  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
13:31:19.0842 3776  C:\Windows\System32\mscms.dll - ok
13:31:19.0842 3776  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
13:31:19.0842 3776  C:\Windows\System32\pcasvc.dll - ok
13:31:19.0842 3776  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
13:31:19.0842 3776  C:\Windows\System32\snmptrap.exe - ok
13:31:19.0857 3776  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
13:31:19.0857 3776  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
13:31:19.0857 3776  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
13:31:19.0857 3776  C:\Windows\System32\sstpsvc.dll - ok
13:31:19.0857 3776  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
13:31:19.0857 3776  C:\Windows\System32\provsvc.dll - ok
13:31:19.0873 3776  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
13:31:19.0873 3776  C:\Windows\System32\drivers\fltMgr.sys - ok
13:31:19.0873 3776  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
13:31:19.0873 3776  C:\Windows\System32\PSHED.DLL - ok
13:31:19.0873 3776  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
13:31:19.0873 3776  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
13:31:19.0888 3776  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:31:19.0888 3776  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
13:31:19.0888 3776  [ 249A44DCFA2500EB1C020E33A3E9F25B ] C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
13:31:19.0888 3776  C:\Windows\SysWOW64\FlashPlayerUpdateService.exe - ok
13:31:19.0888 3776  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
13:31:19.0888 3776  C:\Windows\SysWOW64\ntdll.dll - ok
13:31:19.0904 3776  [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
13:31:19.0904 3776  C:\Windows\System32\wow64.dll - ok
13:31:19.0904 3776  [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
13:31:19.0904 3776  C:\Windows\System32\wow64win.dll - ok
13:31:19.0904 3776  [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
13:31:19.0904 3776  C:\Windows\System32\wow64cpu.dll - ok
13:31:19.0920 3776  [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
13:31:19.0920 3776  C:\Windows\SysWOW64\kernel32.dll - ok
13:31:19.0920 3776  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
13:31:19.0920 3776  C:\Windows\SysWOW64\gdi32.dll - ok
13:31:19.0920 3776  [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
13:31:19.0920 3776  C:\Windows\SysWOW64\KernelBase.dll - ok
13:31:19.0935 3776  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
13:31:19.0935 3776  C:\Windows\SysWOW64\lpk.dll - ok
13:31:19.0935 3776  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
13:31:19.0935 3776  C:\Windows\SysWOW64\shell32.dll - ok
13:31:19.0935 3776  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
13:31:19.0935 3776  C:\Windows\SysWOW64\user32.dll - ok
13:31:19.0935 3776  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
13:31:19.0935 3776  C:\Windows\SysWOW64\usp10.dll - ok
13:31:19.0951 3776  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
13:31:19.0951 3776  C:\Windows\SysWOW64\advapi32.dll - ok
13:31:19.0951 3776  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
13:31:19.0951 3776  C:\Windows\SysWOW64\msvcrt.dll - ok
13:31:19.0951 3776  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
13:31:19.0951 3776  C:\Windows\SysWOW64\rpcrt4.dll - ok
13:31:19.0966 3776  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
13:31:19.0966 3776  C:\Windows\SysWOW64\sechost.dll - ok
13:31:19.0966 3776  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
13:31:19.0966 3776  C:\Windows\SysWOW64\cryptbase.dll - ok
13:31:19.0966 3776  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
13:31:19.0966 3776  C:\Windows\SysWOW64\sspicli.dll - ok
13:31:19.0982 3776  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
13:31:19.0982 3776  C:\Windows\System32\wiarpc.dll - ok
13:31:19.0982 3776  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
13:31:19.0982 3776  C:\Windows\SysWOW64\ole32.dll - ok
13:31:19.0982 3776  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
13:31:19.0982 3776  C:\Windows\SysWOW64\shlwapi.dll - ok
13:31:19.0998 3776  [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
13:31:19.0998 3776  C:\Windows\SysWOW64\crypt32.dll - ok
13:31:19.0998 3776  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
13:31:19.0998 3776  C:\Windows\SysWOW64\oleaut32.dll - ok
13:31:19.0998 3776  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
13:31:19.0998 3776  C:\Windows\SysWOW64\winhttp.dll - ok
13:31:20.0013 3776  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
13:31:20.0013 3776  C:\Windows\SysWOW64\webio.dll - ok
13:31:20.0013 3776  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
13:31:20.0013 3776  C:\Windows\SysWOW64\userenv.dll - ok
13:31:20.0013 3776  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
13:31:20.0013 3776  C:\Windows\SysWOW64\wtsapi32.dll - ok
13:31:20.0029 3776  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
13:31:20.0029 3776  C:\Windows\SysWOW64\imm32.dll - ok
13:31:20.0029 3776  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
13:31:20.0029 3776  C:\Windows\SysWOW64\msasn1.dll - ok
13:31:20.0029 3776  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
13:31:20.0029 3776  C:\Windows\SysWOW64\msctf.dll - ok
13:31:20.0044 3776  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
13:31:20.0044 3776  C:\Windows\SysWOW64\profapi.dll - ok
13:31:20.0044 3776  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
13:31:20.0044 3776  C:\Windows\SysWOW64\wintrust.dll - ok
13:31:20.0044 3776  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
13:31:20.0044 3776  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
13:31:20.0060 3776  [ 249A44DCFA2500EB1C020E33A3E9F25B ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:31:20.0060 3776  C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
13:31:20.0060 3776  [ A1DA470E72BB7817E1724AD144AE5EC8 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
13:31:20.0060 3776  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
13:31:20.0060 3776  [ 37D44BFEA9B50D75764660ADC35C83AC ] C:\Windows\System32\msvcp100.dll
13:31:20.0060 3776  C:\Windows\System32\msvcp100.dll - ok
13:31:20.0060 3776  [ B88DA7FD10BDBB3754D98AFD39677C29 ] C:\Windows\System32\msvcr100.dll
13:31:20.0060 3776  C:\Windows\System32\msvcr100.dll - ok
13:31:20.0076 3776  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
13:31:20.0076 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
13:31:20.0076 3776  [ A4CBB8C7FE5F69F4FD25ED6723EF1187 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
13:31:20.0076 3776  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
13:31:20.0076 3776  [ 2B0430178E59A0C52B1826E4EAF61B56 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
13:31:20.0076 3776  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
13:31:20.0091 3776  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
13:31:20.0091 3776  C:\Windows\System32\cryptsvc.dll - ok
13:31:20.0091 3776  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
13:31:20.0091 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
13:31:20.0091 3776  [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
13:31:20.0091 3776  C:\Windows\System32\cryptnet.dll - ok

13:31:20.0107 3776  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
13:31:20.0107 3776  C:\Windows\System32\vssapi.dll - ok
13:31:20.0107 3776  [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
13:31:20.0107 3776  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
13:31:20.0107 3776  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
13:31:20.0107 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
13:31:20.0122 3776  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
13:31:20.0122 3776  C:\Windows\SysWOW64\version.dll - ok
13:31:20.0122 3776  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
13:31:20.0122 3776  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
13:31:20.0122 3776  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
13:31:20.0122 3776  C:\Windows\SysWOW64\nsi.dll - ok
13:31:20.0138 3776  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
13:31:20.0138 3776  C:\Windows\System32\vsstrace.dll - ok
13:31:20.0138 3776  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
13:31:20.0138 3776  C:\Windows\SysWOW64\winnsi.dll - ok
13:31:20.0138 3776  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
13:31:20.0138 3776  C:\Windows\SysWOW64\ws2_32.dll - ok
13:31:20.0154 3776  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:31:20.0154 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
13:31:20.0154 3776  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
13:31:20.0154 3776  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
13:31:20.0154 3776  [ 6EA3D4B2BFC403641A7FF169820D8528 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
13:31:20.0154 3776  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
13:31:20.0169 3776  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
13:31:20.0169 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
13:31:20.0169 3776  [ D7630C6EFCA32726DD74D4F9FD8E5DC1 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
13:31:20.0169 3776  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
13:31:20.0169 3776  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
13:31:20.0169 3776  C:\Windows\System32\wlanapi.dll - ok
13:31:20.0185 3776  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
13:31:20.0185 3776  C:\Windows\System32\wlanutil.dll - ok
13:31:20.0185 3776  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
13:31:20.0185 3776  C:\Windows\SysWOW64\mpr.dll - ok
13:31:20.0185 3776  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
13:31:20.0185 3776  C:\Windows\SysWOW64\psapi.dll - ok
13:31:20.0200 3776  [ B0F062A952DA37DA2ED5DFE40F57E9E8 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
13:31:20.0200 3776  C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE - ok
13:31:20.0200 3776  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
13:31:20.0200 3776  C:\Windows\System32\SensApi.dll - ok
13:31:20.0200 3776  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL
13:31:20.0200 3776  C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL - ok
13:31:20.0216 3776  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
13:31:20.0216 3776  C:\Windows\System32\winhttp.dll - ok
13:31:20.0216 3776  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
13:31:20.0216 3776  C:\Windows\System32\webio.dll - ok
13:31:20.0216 3776  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
13:31:20.0216 3776  C:\Windows\System32\ntdsapi.dll - ok
13:31:20.0232 3776  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
13:31:20.0232 3776  C:\Windows\System32\WinSCard.dll - ok
13:31:20.0232 3776  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
13:31:20.0232 3776  C:\Windows\System32\aepic.dll - ok
13:31:20.0232 3776  [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
13:31:20.0232 3776  C:\Windows\System32\ncsi.dll - ok
13:31:20.0247 3776  [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
13:31:20.0247 3776  C:\Windows\System32\nlasvc.dll - ok
13:31:20.0247 3776  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
13:31:20.0247 3776  C:\Windows\System32\drivers\PEAuth.sys - ok
13:31:20.0247 3776  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
13:31:20.0247 3776  C:\Windows\System32\sfc.dll - ok
13:31:20.0263 3776  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
13:31:20.0263 3776  C:\Windows\System32\sfc_os.dll - ok
13:31:20.0263 3776  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
13:31:20.0263 3776  C:\Windows\System32\ssdpapi.dll - ok
13:31:20.0263 3776  [ 06A49B7BDC36CFBF97DD90804F833369 ] C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
13:31:20.0263 3776  C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe - ok
13:31:20.0278 3776  [ 70199DB5CEA816179D2A3AA1659547E8 ] C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll
13:31:20.0278 3776  C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll - ok
13:31:20.0278 3776  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
13:31:20.0278 3776  C:\Windows\SysWOW64\winmm.dll - ok
13:31:20.0278 3776  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
13:31:20.0278 3776  C:\Windows\System32\drivers\secdrv.sys - ok
13:31:20.0294 3776  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
13:31:20.0294 3776  C:\Windows\SysWOW64\clbcatq.dll - ok
13:31:20.0294 3776  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
13:31:20.0294 3776  C:\Windows\System32\drivers\srvnet.sys - ok
13:31:20.0294 3776  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
13:31:20.0294 3776  C:\Windows\System32\drivers\tcpipreg.sys - ok
13:31:20.0310 3776  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
13:31:20.0310 3776  C:\Windows\System32\wiaservc.dll - ok
13:31:20.0310 3776  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
13:31:20.0310 3776  C:\Windows\System32\drivers\srv2.sys - ok
13:31:20.0310 3776  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
13:31:20.0310 3776  C:\Windows\System32\sysmain.dll - ok
13:31:20.0310 3776  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
13:31:20.0325 3776  C:\Windows\System32\wbem\WMIsvc.dll - ok
13:31:20.0325 3776  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
13:31:20.0325 3776  C:\Windows\System32\wbemcomn.dll - ok
13:31:20.0325 3776  [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
13:31:20.0325 3776  C:\Windows\System32\iphlpsvc.dll - ok
13:31:20.0325 3776  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
13:31:20.0325 3776  C:\Windows\System32\drivers\srv.sys - ok
13:31:20.0341 3776  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
13:31:20.0341 3776  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
13:31:20.0341 3776  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
13:31:20.0341 3776  C:\Windows\System32\wbem\fastprox.dll - ok
13:31:20.0341 3776  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
13:31:20.0341 3776  C:\Windows\System32\wbem\wbemprox.dll - ok
13:31:20.0356 3776  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
13:31:20.0356 3776  C:\Windows\System32\dps.dll - ok
13:31:20.0356 3776  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
13:31:20.0356 3776  C:\Windows\System32\wiatrace.dll - ok
13:31:20.0356 3776  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
13:31:20.0356 3776  C:\Windows\System32\sqmapi.dll - ok
13:31:20.0372 3776  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
13:31:20.0372 3776  C:\Windows\System32\trkwks.dll - ok
13:31:20.0372 3776  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
13:31:20.0372 3776  C:\Windows\System32\taskschd.dll - ok
13:31:20.0372 3776  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
13:31:20.0372 3776  C:\Windows\System32\wdscore.dll - ok
13:31:20.0388 3776  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
13:31:20.0388 3776  C:\Windows\System32\srvsvc.dll - ok
13:31:20.0388 3776  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
13:31:20.0388 3776  C:\Windows\System32\browser.dll - ok
13:31:20.0388 3776  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
13:31:20.0388 3776  C:\Windows\System32\netmsg.dll - ok
13:31:20.0403 3776  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
13:31:20.0403 3776  C:\Windows\System32\wbem\WinMgmtR.dll - ok
13:31:20.0403 3776  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
13:31:20.0403 3776  C:\Windows\System32\aeevts.dll - ok
13:31:20.0403 3776  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
13:31:20.0403 3776  C:\Windows\System32\netcfgx.dll - ok
13:31:20.0419 3776  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
13:31:20.0419 3776  C:\Windows\System32\sscore.dll - ok
13:31:20.0419 3776  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
13:31:20.0419 3776  C:\Windows\System32\clusapi.dll - ok
13:31:20.0419 3776  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
13:31:20.0419 3776  C:\Windows\System32\hnetcfg.dll - ok
13:31:20.0434 3776  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
13:31:20.0434 3776  C:\Windows\System32\resutils.dll - ok
13:31:20.0434 3776  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
13:31:20.0434 3776  C:\Windows\System32\wbem\wbemcore.dll - ok
13:31:20.0434 3776  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
13:31:20.0434 3776  C:\Windows\System32\wbem\esscli.dll - ok
13:31:20.0450 3776  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
13:31:20.0450 3776  C:\Windows\System32\wbem\wbemsvc.dll - ok
13:31:20.0450 3776  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
13:31:20.0450 3776  C:\Windows\System32\wbem\wmiutils.dll - ok
13:31:20.0450 3776  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
13:31:20.0450 3776  C:\Windows\System32\wbem\repdrvfs.dll - ok
13:31:20.0466 3776  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
13:31:20.0466 3776  C:\Windows\System32\nci.dll - ok
13:31:20.0466 3776  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
13:31:20.0466 3776  C:\Windows\System32\winspool.drv - ok
13:31:20.0466 3776  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
13:31:20.0466 3776  C:\Windows\System32\msxml3.dll - ok
13:31:20.0481 3776  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
13:31:20.0481 3776  C:\Windows\SysWOW64\cryptsp.dll - ok
13:31:20.0481 3776  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
13:31:20.0481 3776  C:\Windows\SysWOW64\rsaenh.dll - ok
13:31:20.0481 3776  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
13:31:20.0481 3776  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
13:31:20.0497 3776  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
13:31:20.0497 3776  C:\Windows\SysWOW64\ntmarta.dll - ok
13:31:20.0497 3776  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
13:31:20.0497 3776  C:\Windows\SysWOW64\Wldap32.dll - ok
13:31:20.0497 3776  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
13:31:20.0497 3776  C:\Windows\SysWOW64\winsta.dll - ok
13:31:20.0497 3776  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
13:31:20.0497 3776  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
13:31:20.0512 3776  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
13:31:20.0512 3776  C:\Windows\System32\ncobjapi.dll - ok
13:31:20.0512 3776  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
13:31:20.0512 3776  C:\Windows\System32\wbem\wbemess.dll - ok
13:31:20.0512 3776  [ 50235F34194CFDBEFCE2239B82E44E4A ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
13:31:20.0512 3776  C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE - ok
13:31:20.0528 3776  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
13:31:20.0528 3776  C:\Windows\System32\dllhost.exe - ok
13:31:20.0528 3776  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
13:31:20.0528 3776  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
13:31:20.0528 3776  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
13:31:20.0528 3776  C:\Windows\System32\IDStore.dll - ok
13:31:20.0544 3776  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
13:31:20.0544 3776  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
13:31:20.0544 3776  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
13:31:20.0544 3776  C:\Windows\System32\taskhost.exe - ok
13:31:20.0544 3776  [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
13:31:20.0544 3776  C:\Windows\SysWOW64\KBDUS.DLL - ok
13:31:20.0559 3776  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
13:31:20.0559 3776  C:\Windows\SysWOW64\sxs.dll - ok
13:31:20.0559 3776  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
13:31:20.0559 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
13:31:20.0559 3776  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
13:31:20.0559 3776  C:\Windows\SysWOW64\apphelp.dll - ok
13:31:20.0575 3776  [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\SysWOW64\AtBroker.exe
13:31:20.0575 3776  C:\Windows\SysWOW64\AtBroker.exe - ok
13:31:20.0575 3776  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
13:31:20.0575 3776  C:\Windows\System32\AtBroker.exe - ok
13:31:20.0575 3776  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
13:31:20.0575 3776  C:\Windows\SysWOW64\slc.dll - ok
13:31:20.0590 3776  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
13:31:20.0590 3776  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
13:31:20.0590 3776  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
13:31:20.0590 3776  C:\Windows\System32\mpr.dll - ok
13:31:20.0590 3776  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
13:31:20.0590 3776  C:\Windows\SysWOW64\uxtheme.dll - ok
13:31:20.0606 3776  [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
13:31:20.0606 3776  C:\Windows\SysWOW64\dllhost.exe - ok
13:31:20.0606 3776  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
13:31:20.0606 3776  C:\Windows\SysWOW64\dwmapi.dll - ok
13:31:20.0606 3776  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
13:31:20.0606 3776  C:\Windows\System32\userinit.exe - ok
13:31:20.0622 3776  [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\SysWOW64\userinit.exe
13:31:20.0622 3776  C:\Windows\SysWOW64\userinit.exe - ok
13:31:20.0622 3776  [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\SysWOW64\PlaySndSrv.dll
13:31:20.0622 3776  C:\Windows\SysWOW64\PlaySndSrv.dll - ok
13:31:20.0622 3776  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
13:31:20.0622 3776  C:\Windows\System32\PlaySndSrv.dll - ok
13:31:20.0622 3776  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
13:31:20.0622 3776  C:\Windows\System32\HotStartUserAgent.dll - ok
13:31:20.0637 3776  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
13:31:20.0637 3776  C:\Windows\System32\dwm.exe - ok
13:31:20.0637 3776  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
13:31:20.0637 3776  C:\Windows\System32\dwmredir.dll - ok
13:31:20.0637 3776  [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\SysWOW64\dwmcore.dll
13:31:20.0637 3776  C:\Windows\SysWOW64\dwmcore.dll - ok
13:31:20.0653 3776  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
13:31:20.0653 3776  C:\Windows\System32\dwmcore.dll - ok
13:31:20.0653 3776  [ 3BCECD87AB4E6743BFB45B352AD1A529 ] C:\Windows\SysWOW64\WindowsCodecs.dll
13:31:20.0653 3776  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
13:31:20.0653 3776  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
13:31:20.0653 3776  C:\Windows\explorer.exe - ok
13:31:20.0668 3776  [ 3C1936A12C62254F914A01BBC6A8DC69 ] C:\Windows\SysWOW64\d3d10_1.dll
13:31:20.0668 3776  C:\Windows\SysWOW64\d3d10_1.dll - ok
13:31:20.0668 3776  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
13:31:20.0668 3776  C:\Windows\System32\d3d10_1.dll - ok
13:31:20.0668 3776  [ 2473CA6595A2659D7039A4A89FECA269 ] C:\Windows\SysWOW64\wininet.dll
13:31:20.0668 3776  C:\Windows\SysWOW64\wininet.dll - ok
13:31:20.0684 3776  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
13:31:20.0684 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
13:31:20.0684 3776  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
13:31:20.0684 3776  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
13:31:20.0684 3776  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
13:31:20.0684 3776  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
13:31:20.0700 3776  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
13:31:20.0700 3776  C:\Windows\System32\ExplorerFrame.dll - ok
13:31:20.0700 3776  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
13:31:20.0700 3776  C:\Windows\SysWOW64\mswsock.dll - ok
13:31:20.0700 3776  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
13:31:20.0700 3776  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
13:31:20.0715 3776  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
13:31:20.0715 3776  C:\Windows\SysWOW64\wship6.dll - ok
13:31:20.0715 3776  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
13:31:20.0715 3776  C:\Windows\SysWOW64\rasadhlp.dll - ok
13:31:20.0715 3776  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
13:31:20.0715 3776  C:\Windows\System32\rasadhlp.dll - ok
13:31:20.0731 3776  [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
13:31:20.0731 3776  C:\Windows\SysWOW64\shacct.dll - ok
13:31:20.0731 3776  [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
13:31:20.0731 3776  C:\Windows\SysWOW64\IDStore.dll - ok
13:31:20.0731 3776  [ D4212AB475A3B25EC4DF574536C3EDC5 ] C:\Windows\SysWOW64\d3d10_1core.dll
13:31:20.0731 3776  C:\Windows\SysWOW64\d3d10_1core.dll - ok
13:31:20.0746 3776  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
13:31:20.0746 3776  C:\Windows\SysWOW64\duser.dll - ok
13:31:20.0746 3776  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
13:31:20.0746 3776  C:\Windows\SysWOW64\dui70.dll - ok
13:31:20.0746 3776  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
13:31:20.0746 3776  C:\Windows\System32\d3d10_1core.dll - ok
13:31:20.0762 3776  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
13:31:20.0762 3776  C:\Windows\SysWOW64\dxgi.dll - ok
13:31:20.0762 3776  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
13:31:20.0762 3776  C:\Windows\System32\dxgi.dll - ok
13:31:20.0762 3776  [ 7ACDFB4CC67F4993DF0E0731576309B2 ] C:\Windows\SysWOW64\d3d11.dll
13:31:20.0762 3776  C:\Windows\SysWOW64\d3d11.dll - ok
13:31:20.0762 3776  [ 448B02AD260EC3E1E892FCE6DFDDEEBD ] C:\Windows\System32\d3d11.dll
13:31:20.0762 3776  C:\Windows\System32\d3d11.dll - ok
13:31:20.0778 3776  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
13:31:20.0778 3776  C:\Windows\SysWOW64\powrprof.dll - ok
13:31:20.0778 3776  [ DA77C9B3245253BCFFDEF9D7C50CF77C ] C:\Windows\System32\aticfx64.dll
13:31:20.0778 3776  C:\Windows\System32\aticfx64.dll - ok
13:31:20.0778 3776  [ 042485590EBD94726BC42FE8BA0BDD08 ] C:\Windows\System32\atidxx64.dll
13:31:20.0778 3776  C:\Windows\System32\atidxx64.dll - ok
13:31:20.0793 3776  [ F59CA6ADF163BF952A49950CE001EC6C ] C:\Windows\System32\atiuxp64.dll
13:31:20.0793 3776  C:\Windows\System32\atiuxp64.dll - ok
13:31:20.0793 3776  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
13:31:20.0793 3776  C:\Windows\System32\uDWM.dll - ok
13:31:20.0793 3776  [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
13:31:20.0793 3776  C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
13:31:20.0809 3776  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
13:31:20.0809 3776  C:\Windows\System32\MsCtfMonitor.dll - ok
13:31:20.0809 3776  [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
13:31:20.0809 3776  C:\Windows\SysWOW64\msutb.dll - ok
13:31:20.0809 3776  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
13:31:20.0809 3776  C:\Windows\System32\msutb.dll - ok
13:31:20.0824 3776  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
13:31:20.0824 3776  C:\Windows\SysWOW64\secur32.dll - ok
13:31:20.0824 3776  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
13:31:20.0824 3776  C:\Windows\SysWOW64\propsys.dll - ok
13:31:20.0824 3776  [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
13:31:20.0824 3776  C:\Windows\SysWOW64\esent.dll - ok
13:31:20.0840 3776  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
13:31:20.0840 3776  C:\Windows\System32\esent.dll - ok
13:31:20.0840 3776  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
13:31:20.0840 3776  C:\Windows\SysWOW64\EhStorShell.dll - ok
13:31:20.0840 3776  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
13:31:20.0840 3776  C:\Windows\System32\EhStorShell.dll - ok
13:31:20.0856 3776  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
13:31:20.0856 3776  C:\Windows\SysWOW64\ntshrui.dll - ok
13:31:20.0856 3776  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
13:31:20.0856 3776  C:\Windows\System32\ntshrui.dll - ok
13:31:20.0856 3776  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
13:31:20.0856 3776  C:\Windows\SysWOW64\srvcli.dll - ok
13:31:20.0856 3776  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
13:31:20.0856 3776  C:\Windows\SysWOW64\cscapi.dll - ok
13:31:20.0871 3776  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
13:31:20.0871 3776  C:\Windows\System32\cscapi.dll - ok
13:31:20.0871 3776  [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
13:31:20.0871 3776  C:\Windows\SysWOW64\IconCodecService.dll - ok
13:31:20.0871 3776  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
13:31:20.0871 3776  C:\Windows\System32\IconCodecService.dll - ok
13:31:20.0887 3776  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
13:31:20.0887 3776  C:\Windows\System32\umb.dll - ok
13:31:20.0887 3776  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
13:31:20.0887 3776  C:\Windows\SysWOW64\atl.dll - ok
13:31:20.0887 3776  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
13:31:20.0887 3776  C:\Windows\System32\localspl.dll - ok
13:31:20.0902 3776  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
13:31:20.0902 3776  C:\Windows\System32\spoolss.dll - ok
13:31:20.0902 3776  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
13:31:20.0902 3776  C:\Windows\SysWOW64\winspool.drv - ok
13:31:20.0902 3776  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
13:31:20.0902 3776  C:\Windows\System32\FXSMON.dll - ok
13:31:20.0918 3776  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
13:31:20.0918 3776  C:\Windows\System32\PrintIsolationProxy.dll - ok
13:31:20.0918 3776  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
13:31:20.0918 3776  C:\Windows\System32\tcpmon.dll - ok
13:31:20.0918 3776  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
13:31:20.0918 3776  C:\Windows\SysWOW64\snmpapi.dll - ok
13:31:20.0934 3776  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
13:31:20.0934 3776  C:\Windows\System32\snmpapi.dll - ok
13:31:20.0934 3776  [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\SysWOW64\wsnmp32.dll
13:31:20.0934 3776  C:\Windows\SysWOW64\wsnmp32.dll - ok
13:31:20.0934 3776  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
13:31:20.0934 3776  C:\Windows\System32\wsnmp32.dll - ok
13:31:20.0949 3776  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
13:31:20.0949 3776  C:\Windows\SysWOW64\msxml6.dll - ok
13:31:20.0949 3776  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
13:31:20.0949 3776  C:\Windows\System32\msxml6.dll - ok
13:31:20.0949 3776  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
13:31:20.0949 3776  C:\Windows\System32\usbmon.dll - ok
13:31:20.0949 3776  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
13:31:20.0949 3776  C:\Windows\System32\WSDMon.dll - ok
13:31:20.0965 3776  [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\SysWOW64\WlS0WndH.dll
13:31:20.0965 3776  C:\Windows\SysWOW64\WlS0WndH.dll - ok
13:31:20.0965 3776  [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\SysWOW64\WSDApi.dll
13:31:20.0965 3776  C:\Windows\SysWOW64\WSDApi.dll - ok
13:31:20.0965 3776  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
13:31:20.0965 3776  C:\Windows\System32\WSDApi.dll - ok
13:31:20.0980 3776  [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
13:31:20.0980 3776  C:\Windows\SysWOW64\webservices.dll - ok
13:31:20.0980 3776  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
13:31:20.0980 3776  C:\Windows\System32\webservices.dll - ok
13:31:20.0980 3776  [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
13:31:20.0980 3776  C:\Windows\SysWOW64\FirewallAPI.dll - ok
13:31:20.0996 3776  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
13:31:20.0996 3776  C:\Windows\System32\fundisc.dll - ok
13:31:20.0996 3776  [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\SysWOW64\fundisc.dll
13:31:20.0996 3776  C:\Windows\SysWOW64\fundisc.dll - ok
13:31:20.0996 3776  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
13:31:20.0996 3776  C:\Windows\System32\fdPnp.dll - ok
13:31:21.0012 3776  [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\SysWOW64\fdPnp.dll
13:31:21.0012 3776  C:\Windows\SysWOW64\fdPnp.dll - ok
13:31:21.0012 3776  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
13:31:21.0012 3776  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
13:31:21.0012 3776  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
13:31:21.0012 3776  C:\Windows\SysWOW64\gpapi.dll - ok
13:31:21.0027 3776  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
13:31:21.0027 3776  C:\Windows\SysWOW64\dsrole.dll - ok
13:31:21.0027 3776  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
13:31:21.0027 3776  C:\Windows\System32\win32spl.dll - ok
13:31:21.0027 3776  [ FC415B303B1ECF80B5F130A1F7203D02 ] C:\Windows\SysWOW64\win32spl.dll
13:31:21.0027 3776  C:\Windows\SysWOW64\win32spl.dll - ok
13:31:21.0043 3776  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
13:31:21.0043 3776  C:\Windows\SysWOW64\devrtl.dll - ok
13:31:21.0043 3776  [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
13:31:21.0043 3776  C:\Windows\SysWOW64\SPInf.dll - ok
13:31:21.0043 3776  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
13:31:21.0043 3776  C:\Windows\System32\inetpp.dll - ok
13:31:21.0058 3776  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
13:31:21.0058 3776  C:\Windows\System32\wdi.dll - ok
13:31:21.0058 3776  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
13:31:21.0058 3776  C:\Windows\SysWOW64\wdi.dll - ok
13:31:21.0058 3776  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
13:31:21.0058 3776  C:\Windows\System32\appinfo.dll - ok
13:31:21.0074 3776  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
13:31:21.0074 3776  C:\Windows\SysWOW64\hidserv.dll - ok
13:31:21.0074 3776  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
13:31:21.0074 3776  C:\Windows\System32\perftrack.dll - ok
13:31:21.0074 3776  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
13:31:21.0074 3776  C:\Windows\System32\diagperf.dll - ok
13:31:21.0090 3776  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
13:31:21.0090 3776  C:\Windows\System32\hidserv.dll - ok
13:31:21.0090 3776  [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
13:31:21.0090 3776  C:\Windows\SysWOW64\hid.dll - ok
13:31:21.0090 3776  [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
13:31:21.0090 3776  C:\Windows\SysWOW64\wer.dll - ok
13:31:21.0090 3776  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
13:31:21.0090 3776  C:\Windows\System32\pnpts.dll - ok
13:31:21.0105 3776  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
13:31:21.0105 3776  C:\Windows\System32\wer.dll - ok
13:31:21.0105 3776  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
13:31:21.0105 3776  C:\Windows\System32\wpdbusenum.dll - ok
13:31:21.0105 3776  [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\SysWOW64\Apphlpdm.dll
13:31:21.0105 3776  C:\Windows\SysWOW64\Apphlpdm.dll - ok
13:31:21.0121 3776  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
13:31:21.0121 3776  C:\Windows\System32\Apphlpdm.dll - ok
13:31:21.0121 3776  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
13:31:21.0121 3776  C:\Windows\System32\wdiasqmmodule.dll - ok
13:31:21.0121 3776  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
13:31:21.0121 3776  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
13:31:21.0136 3776  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
13:31:21.0136 3776  C:\Windows\System32\PortableDeviceApi.dll - ok
13:31:21.0136 3776  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
13:31:21.0136 3776  C:\Windows\SysWOW64\sfc.dll - ok
13:31:21.0136 3776  [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
13:31:21.0136 3776  C:\Windows\SysWOW64\radardt.dll - ok
13:31:21.0152 3776  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
13:31:21.0152 3776  C:\Windows\SysWOW64\sfc_os.dll - ok
13:31:21.0152 3776  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
13:31:21.0152 3776  C:\Windows\System32\radardt.dll - ok
13:31:21.0152 3776  [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
13:31:21.0152 3776  C:\Windows\SysWOW64\PortableDeviceConnectApi.dll - ok
13:31:21.0168 3776  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
13:31:21.0168 3776  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
13:31:21.0168 3776  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
13:31:21.0168 3776  C:\Windows\SysWOW64\netprofm.dll - ok
13:31:21.0168 3776  [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
13:31:21.0168 3776  C:\Windows\System32\drivers\WUDFRd.sys - ok
13:31:21.0183 3776  [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
13:31:21.0183 3776  C:\Windows\SysWOW64\nlaapi.dll - ok
13:31:21.0183 3776  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
13:31:21.0183 3776  C:\Windows\SysWOW64\npmproxy.dll - ok
13:31:21.0183 3776  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
13:31:21.0183 3776  C:\Windows\System32\npmproxy.dll - ok
13:31:21.0199 3776  [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
13:31:21.0199 3776  C:\Windows\System32\WUDFHost.exe - ok
13:31:21.0199 3776  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
13:31:21.0199 3776  C:\Windows\SysWOW64\wevtapi.dll - ok
13:31:21.0199 3776  [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
13:31:21.0199 3776  C:\Windows\System32\WUDFx.dll - ok
13:31:21.0199 3776  [ 91D6F0AB79AA36FFB932157865206F35 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
13:31:21.0199 3776  C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
13:31:21.0214 3776  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
13:31:21.0214 3776  C:\Windows\SysWOW64\runonce.exe - ok
13:31:21.0214 3776  [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
13:31:21.0214 3776  C:\Windows\SysWOW64\WMVCORE.DLL - ok
13:31:21.0214 3776  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
13:31:21.0214 3776  C:\Windows\System32\runonce.exe - ok
13:31:21.0230 3776  [ 9864D52F15AD32094A636C6B5281D9E7 ] C:\Windows\System32\WMVCORE.DLL
13:31:21.0230 3776  C:\Windows\System32\WMVCORE.DLL - ok
13:31:21.0230 3776  [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
13:31:21.0230 3776  C:\Windows\SysWOW64\WMASF.DLL - ok
13:31:21.0230 3776  [ AACC48FE239F0DF126DA2F28930A5B83 ] C:\Windows\System32\WMASF.DLL
13:31:21.0230 3776  C:\Windows\System32\WMASF.DLL - ok
13:31:21.0246 3776  [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
13:31:21.0246 3776  C:\Windows\SysWOW64\PortableDeviceClassExtension.dll - ok
13:31:21.0246 3776  [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
13:31:21.0246 3776  C:\Windows\System32\PortableDeviceClassExtension.dll - ok
13:31:21.0246 3776  [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
13:31:21.0246 3776  C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
13:31:21.0261 3776  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
13:31:21.0261 3776  C:\Windows\System32\PortableDeviceTypes.dll - ok
13:31:21.0261 3776  [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
13:31:21.0261 3776  C:\Windows\SysWOW64\svchost.exe - ok
13:31:21.0261 3776  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
13:31:21.0261 3776  C:\Windows\System32\IPSECSVC.DLL - ok
13:31:21.0277 3776  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
13:31:21.0277 3776  C:\Windows\SysWOW64\setupapi.dll - ok
13:31:21.0277 3776  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
13:31:21.0277 3776  C:\Windows\SysWOW64\authz.dll - ok
13:31:21.0277 3776  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
13:31:21.0277 3776  C:\Windows\SysWOW64\cfgmgr32.dll - ok
13:31:21.0292 3776  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
13:31:21.0292 3776  C:\Windows\SysWOW64\devobj.dll - ok
13:31:21.0292 3776  [ DB603D3FD090C66F9709EF6493C26BA3 ] C:\Windows\SysWOW64\FwRemoteSvr.dll
13:31:21.0292 3776  C:\Windows\SysWOW64\FwRemoteSvr.dll - ok
13:31:21.0292 3776  [ B3DC4D1658093C1E486CA9F22180BECF ] C:\Windows\SysWOW64\urlmon.dll
13:31:21.0292 3776  C:\Windows\SysWOW64\urlmon.dll - ok
13:31:21.0308 3776  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
13:31:21.0308 3776  C:\Windows\System32\FwRemoteSvr.dll - ok
13:31:21.0308 3776  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
13:31:21.0308 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
13:31:21.0308 3776  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
13:31:21.0308 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
13:31:21.0324 3776  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
13:31:21.0324 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
13:31:21.0324 3776  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
13:31:21.0324 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
13:31:21.0324 3776  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
13:31:21.0324 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
13:31:21.0339 3776  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
13:31:21.0339 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
13:31:21.0339 3776  [ F383B1AD5D7FDC1ACB0D900B50572F8D ] C:\Windows\SysWOW64\iertutil.dll
13:31:21.0339 3776  C:\Windows\SysWOW64\iertutil.dll - ok
13:31:21.0339 3776  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
13:31:21.0339 3776  C:\Windows\SysWOW64\bcrypt.dll - ok
13:31:21.0355 3776  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
13:31:21.0355 3776  C:\Windows\SysWOW64\cmd.exe - ok
13:31:21.0355 3776  [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
13:31:21.0355 3776  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
13:31:21.0355 3776  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
13:31:21.0355 3776  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
13:31:21.0370 3776  [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
13:31:21.0370 3776  C:\Windows\System32\conhost.exe - ok
13:31:21.0370 3776  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
13:31:21.0370 3776  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
13:31:21.0370 3776  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:31:21.0370 3776  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
13:31:21.0386 3776  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll

Link to post
Share on other sites

13:31:21.0386 3776  C:\Windows\SysWOW64\wbemcomn.dll - ok
13:31:21.0386 3776  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
13:31:21.0386 3776  C:\Windows\SysWOW64\credssp.dll - ok
13:31:21.0386 3776  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
13:31:21.0386 3776  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
13:31:21.0386 3776  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
13:31:21.0386 3776  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
13:31:21.0402 3776  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
13:31:21.0402 3776  C:\Windows\SysWOW64\winbrand.dll - ok
13:31:21.0402 3776  [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
13:31:21.0402 3776  C:\Windows\SysWOW64\dssenh.dll - ok
13:31:21.0402 3776  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll
13:31:21.0402 3776  C:\Program Files (x86)\Google\Update\1.3.21.145\goopdate.dll - ok
13:31:21.0417 3776  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
13:31:21.0417 3776  C:\Windows\System32\dssenh.dll - ok
13:31:21.0417 3776  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
13:31:21.0417 3776  C:\Windows\System32\dimsjob.dll - ok
13:31:21.0417 3776  [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
13:31:21.0417 3776  C:\Windows\SysWOW64\dimsjob.dll - ok
13:31:21.0433 3776  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
13:31:21.0433 3776  C:\Windows\SysWOW64\netapi32.dll - ok
13:31:21.0433 3776  [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
13:31:21.0433 3776  C:\Windows\SysWOW64\taskschd.dll - ok
13:31:21.0433 3776  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
13:31:21.0433 3776  C:\Windows\SysWOW64\netutils.dll - ok
13:31:21.0448 3776  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
13:31:21.0448 3776  C:\Windows\SysWOW64\wkscli.dll - ok
13:31:21.0448 3776  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
13:31:21.0448 3776  C:\Windows\SysWOW64\dnsapi.dll - ok
13:31:21.0448 3776  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
13:31:21.0448 3776  C:\Windows\SysWOW64\imagehlp.dll - ok
13:31:21.0464 3776  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
13:31:21.0464 3776  C:\Windows\SysWOW64\NapiNSP.dll - ok
13:31:21.0464 3776  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
13:31:21.0464 3776  C:\Windows\System32\NapiNSP.dll - ok
13:31:21.0464 3776  [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\SysWOW64\pautoenr.dll
13:31:21.0464 3776  C:\Windows\SysWOW64\pautoenr.dll - ok
13:31:21.0480 3776  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
13:31:21.0480 3776  C:\Windows\System32\pautoenr.dll - ok
13:31:21.0480 3776  [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
13:31:21.0480 3776  C:\Windows\SysWOW64\certcli.dll - ok
13:31:21.0480 3776  [ FCA0837B2739C044EEC00AF0DDD73FFC ] C:\Windows\SysWOW64\ieframe.dll
13:31:21.0480 3776  C:\Windows\SysWOW64\ieframe.dll - ok
13:31:21.0495 3776  [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\SysWOW64\msi.dll
13:31:21.0495 3776  C:\Windows\SysWOW64\msi.dll - ok
13:31:21.0495 3776  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
13:31:21.0495 3776  C:\Windows\System32\certcli.dll - ok
13:31:21.0495 3776  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
13:31:21.0495 3776  C:\Windows\SysWOW64\pnrpnsp.dll - ok
13:31:21.0495 3776  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
13:31:21.0511 3776  C:\Windows\System32\pnrpnsp.dll - ok
13:31:21.0511 3776  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
13:31:21.0511 3776  C:\Windows\SysWOW64\winrnr.dll - ok
13:31:21.0511 3776  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
13:31:21.0511 3776  C:\Windows\System32\winrnr.dll - ok
13:31:21.0511 3776  [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\SysWOW64\CertEnroll.dll
13:31:21.0511 3776  C:\Windows\SysWOW64\CertEnroll.dll - ok
13:31:21.0526 3776  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
13:31:21.0526 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
13:31:21.0526 3776  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
13:31:21.0526 3776  C:\Windows\SysWOW64\dbghelp.dll - ok
13:31:21.0526 3776  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
13:31:21.0526 3776  C:\Windows\System32\CertEnroll.dll - ok
13:31:21.0542 3776  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
13:31:21.0542 3776  C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
13:31:21.0542 3776  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
13:31:21.0542 3776  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
13:31:21.0558 3776  [ 4E252E85E5DC31BD645E809222AFAF27 ] C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
13:31:21.0558 3776  C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe - ok
13:31:21.0558 3776  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
13:31:21.0558 3776  C:\Windows\System32\aelupsvc.dll - ok
13:31:21.0558 3776  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
13:31:21.0558 3776  C:\Windows\SysWOW64\shdocvw.dll - ok
13:31:21.0558 3776  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
13:31:21.0558 3776  C:\Windows\SysWOW64\mstask.dll - ok
13:31:21.0573 3776  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
13:31:21.0573 3776  C:\Windows\System32\dbghelp.dll - ok
13:31:21.0573 3776  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\Jaycen\AppData\Local\Temp\63831E0C-F60A-4472-980F-7744A6899333.exe
13:31:21.0573 3776  C:\Users\Jaycen\AppData\Local\Temp\63831E0C-F60A-4472-980F-7744A6899333.exe - ok
13:31:21.0573 3776  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
13:31:21.0573 3776  C:\Windows\SysWOW64\ncrypt.dll - ok
13:31:21.0589 3776  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
13:31:21.0589 3776  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
13:31:21.0589 3776  [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
13:31:21.0589 3776  C:\Windows\SysWOW64\cryptnet.dll - ok
13:31:21.0589 3776  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
13:31:21.0589 3776  C:\Windows\SysWOW64\SensApi.dll - ok
13:31:21.0604 3776  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
13:31:21.0604 3776  C:\Windows\SysWOW64\imageres.dll - ok
13:31:21.0604 3776  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
13:31:21.0604 3776  C:\Windows\SysWOW64\schannel.dll - ok
13:31:21.0604 3776  [ 4EBBC2B0AD7F9075AE9D6835D2A62B6E ] C:\Windows\System32\sc.exe
13:31:21.0604 3776  C:\Windows\System32\sc.exe - ok
13:31:21.0620 3776  [ D2F7A0ADC2EE0F65AB1F19D2E00C16B8 ] C:\Windows\SysWOW64\sc.exe
13:31:21.0620 3776  C:\Windows\SysWOW64\sc.exe - ok
13:31:21.0620 3776  [ 2003E9B15E1C502B146DAD2E383AC1E3 ] C:\Windows\SysWOW64\schtasks.exe
13:31:21.0620 3776  C:\Windows\SysWOW64\schtasks.exe - ok
13:31:21.0620 3776  [ 97E0EC3D6D99E8CC2B17EF2D3760E8FC ] C:\Windows\System32\schtasks.exe
13:31:21.0620 3776  C:\Windows\System32\schtasks.exe - ok
13:31:21.0636 3776  [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
13:31:21.0636 3776  C:\Windows\SysWOW64\ktmw32.dll - ok
13:31:21.0636 3776  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
13:31:21.0636 3776  C:\Windows\SysWOW64\xmllite.dll - ok
13:31:21.0636 3776  [ 11AFB3767663997E0CE911CD015599C9 ] C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll
13:31:21.0636 3776  C:\Program Files (x86)\Google\Update\1.3.21.145\goopdateres_en.dll - ok
13:31:21.0651 3776  [ 4D5CC66E982273CF1029933FD5251697 ] C:\Program Files (x86)\Google\Update\1.3.21.145\psmachine.dll
13:31:21.0651 3776  C:\Program Files (x86)\Google\Update\1.3.21.145\psmachine.dll - ok
13:31:21.0651 3776  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
13:31:21.0651 3776  C:\Windows\SysWOW64\msxml3.dll - ok
13:31:21.0651 3776  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
13:31:21.0651 3776  C:\Windows\System32\wbem\NCProv.dll - ok
13:31:21.0651 3776  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
13:31:21.0651 3776  C:\Windows\System32\FDResPub.dll - ok
13:31:21.0667 3776  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
13:31:21.0667 3776  C:\Windows\System32\ssdpsrv.dll - ok
13:31:21.0667 3776  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
13:31:21.0667 3776  C:\Windows\System32\p2psvc.dll - ok
13:31:21.0667 3776  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:31:21.0667 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
13:31:21.0682 3776  [ 7F21DA4760CE9B4B1B12CBC58C2A642A ] C:\Windows\SysWOW64\apisetschema.dll
13:31:21.0682 3776  C:\Windows\SysWOW64\apisetschema.dll - ok
13:31:21.0682 3776  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
13:31:21.0682 3776  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
13:31:21.0682 3776  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
13:31:21.0682 3776  C:\Windows\SysWOW64\mscoree.dll - ok
13:31:21.0698 3776  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:31:21.0698 3776  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
13:31:21.0698 3776  [ E97295DE2A9FDE547FEAB4FE41DF16CA ] C:\Windows\SysWOW64\mspaint.exe
13:31:21.0698 3776  C:\Windows\SysWOW64\mspaint.exe - ok
13:31:21.0698 3776  [ CD5A94572650CB80E05D52F9617A0D1B ] C:\Windows\SysWOW64\en-US\wdmaud.drv.mui
13:31:21.0698 3776  C:\Windows\SysWOW64\en-US\wdmaud.drv.mui - ok
13:31:21.0714 3776  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
13:31:21.0714 3776  C:\Windows\System32\msvcr100_clr0400.dll - ok
13:31:21.0714 3776  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
13:31:21.0714 3776  C:\Windows\System32\mscoree.dll - ok
13:31:21.0714 3776  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
13:31:21.0714 3776  C:\Windows\System32\sppsvc.exe - ok
13:31:21.0729 3776  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
13:31:21.0729 3776  C:\Windows\System32\drivers\spsys.sys - ok
13:31:21.0729 3776  [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
13:31:21.0729 3776  C:\Windows\System32\sppwinob.dll - ok
13:31:21.0729 3776  [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
13:31:21.0729 3776  C:\Program Files\Windows Defender\MpSvc.dll - ok
13:31:21.0745 3776  [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
13:31:21.0745 3776  C:\Program Files\Windows Defender\MpClient.dll - ok
13:31:21.0745 3776  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
13:31:21.0745 3776  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
13:31:21.0745 3776  [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\SysWOW64\wmdrmdev.dll
13:31:21.0745 3776  C:\Windows\SysWOW64\wmdrmdev.dll - ok
13:31:21.0760 3776  [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\SysWOW64\blackbox.dll
13:31:21.0760 3776  C:\Windows\SysWOW64\blackbox.dll - ok
13:31:21.0760 3776  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
13:31:21.0760 3776  C:\Windows\SysWOW64\wsock32.dll - ok
13:31:21.0760 3776  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
13:31:21.0760 3776  C:\Windows\System32\sppobjs.dll - ok
13:31:21.0776 3776  [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\SysWOW64\drmv2clt.dll
13:31:21.0776 3776  C:\Windows\SysWOW64\drmv2clt.dll - ok
13:31:21.0776 3776  [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
13:31:21.0776 3776  C:\Windows\SysWOW64\mfplat.dll - ok
13:31:21.0776 3776  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
13:31:21.0776 3776  C:\Windows\SysWOW64\avrt.dll - ok
13:31:21.0792 3776  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
13:31:21.0792 3776  C:\Windows\SysWOW64\davclnt.dll - ok
13:31:21.0792 3776  [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
13:31:21.0792 3776  C:\Windows\System32\drivers\asyncmac.sys - ok
13:31:21.0792 3776  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
13:31:21.0792 3776  C:\Windows\System32\wsock32.dll - ok
13:31:21.0807 3776  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
13:31:21.0807 3776  C:\Windows\System32\wmdrmdev.dll - ok
13:31:21.0807 3776  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
13:31:21.0807 3776  C:\Windows\System32\drmv2clt.dll - ok
13:31:21.0807 3776  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
13:31:21.0807 3776  C:\Windows\System32\mfplat.dll - ok
13:31:21.0823 3776  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
13:31:21.0823 3776  C:\Windows\System32\wscsvc.dll - ok
13:31:21.0823 3776  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
13:31:21.0823 3776  C:\Windows\SysWOW64\browcli.dll - ok
13:31:21.0823 3776  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
13:31:21.0823 3776  C:\Windows\System32\browcli.dll - ok
13:31:21.0838 3776  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
13:31:21.0838 3776  C:\Windows\System32\blackbox.dll - ok
13:31:21.0838 3776  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
13:31:21.0838 3776  C:\Windows\SysWOW64\ntdsapi.dll - ok
13:31:21.0838 3776  [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
13:31:21.0838 3776  C:\Windows\SysWOW64\SearchIndexer.exe - ok
13:31:21.0854 3776  [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
13:31:21.0854 3776  C:\Windows\SysWOW64\wuapi.dll - ok
13:31:21.0854 3776  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
13:31:21.0854 3776  C:\Windows\System32\SearchIndexer.exe - ok
13:31:21.0854 3776  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
13:31:21.0854 3776  C:\Windows\System32\wuapi.dll - ok
13:31:21.0854 3776  [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
13:31:21.0854 3776  C:\Windows\SysWOW64\upnp.dll - ok
13:31:21.0870 3776  [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
13:31:21.0870 3776  C:\Windows\SysWOW64\tquery.dll - ok
13:31:21.0870 3776  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
13:31:21.0870 3776  C:\Windows\System32\upnp.dll - ok
13:31:21.0870 3776  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
13:31:21.0870 3776  C:\Windows\SysWOW64\cabinet.dll - ok
13:31:21.0885 3776  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
13:31:21.0885 3776  C:\Windows\System32\cabinet.dll - ok
13:31:21.0885 3776  [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
13:31:21.0885 3776  C:\Windows\SysWOW64\ssdpapi.dll - ok
13:31:21.0885 3776  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
13:31:21.0885 3776  C:\Windows\System32\tquery.dll - ok
13:31:21.0901 3776  [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
13:31:21.0901 3776  C:\Windows\SysWOW64\wups.dll - ok
13:31:21.0901 3776  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
13:31:21.0901 3776  C:\Windows\System32\wups.dll - ok
13:31:21.0901 3776  [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
13:31:21.0901 3776  C:\Windows\SysWOW64\mssrch.dll - ok
13:31:21.0916 3776  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
13:31:21.0916 3776  C:\Windows\System32\mssrch.dll - ok
13:31:21.0916 3776  [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
13:31:21.0916 3776  C:\Windows\SysWOW64\msidle.dll - ok
13:31:21.0916 3776  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
13:31:21.0916 3776  C:\Windows\System32\msidle.dll - ok
13:31:21.0916 3776  [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\SysWOW64\udhisapi.dll
13:31:21.0916 3776  C:\Windows\SysWOW64\udhisapi.dll - ok
13:31:21.0932 3776  [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
13:31:21.0932 3776  C:\Windows\SysWOW64\httpapi.dll - ok
13:31:21.0932 3776  [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
13:31:21.0932 3776  C:\Windows\SysWOW64\pcwum.dll - ok
13:31:21.0932 3776  [ 0CAED8C2A5A594AFC49EDB74D241EC9F ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
13:31:21.0932 3776  C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
13:31:21.0948 3776  [ C2A9093E56551AACD417926F14F848E8 ] C:\Windows\SysWOW64\msxml6r.dll
13:31:21.0948 3776  C:\Windows\SysWOW64\msxml6r.dll - ok
13:31:21.0948 3776  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
13:31:21.0948 3776  C:\Windows\SysWOW64\wshqos.dll - ok
13:31:21.0948 3776  [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
13:31:21.0948 3776  C:\Windows\SysWOW64\upnphost.dll - ok
13:31:21.0963 3776  [ A45CB10FC8C4DCA23F96FE4D334F64FE ] C:\Windows\SysWOW64\msxml3r.dll
13:31:21.0963 3776  C:\Windows\SysWOW64\msxml3r.dll - ok
13:31:21.0963 3776  [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
13:31:21.0963 3776  C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
13:31:21.0963 3776  [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
13:31:21.0963 3776  C:\Program Files\Windows Defender\MpRTP.dll - ok
13:31:21.0979 3776  [ 8D47D01378347889A662D54037A988CC ] C:\Windows\SysWOW64\tdh.dll
13:31:21.0979 3776  C:\Windows\SysWOW64\tdh.dll - ok
13:31:21.0979 3776  [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
13:31:21.0979 3776  C:\Windows\System32\tdh.dll - ok
13:31:21.0979 3776  [ 4CFE49FB53D452688EFDFC99CB4C7473 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
13:31:21.0979 3776  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - ok
13:31:21.0994 3776  [ BA9976AF1946D955E46E44AFF26D856F ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll
13:31:21.0994 3776  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll - ok
13:31:21.0994 3776  [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
13:31:21.0994 3776  C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
13:31:21.0994 3776  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
13:31:21.0994 3776  C:\Windows\System32\en-US\tquery.dll.mui - ok
13:31:22.0010 3776  [ 26535C8F7105D7C2767C93FDFC49CF57 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpasbase.vdm
13:31:22.0010 3776  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpasbase.vdm - ok
13:31:22.0010 3776  [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
13:31:22.0010 3776  C:\Windows\SysWOW64\wmp.dll - ok
13:31:22.0010 3776  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
13:31:22.0010 3776  C:\Windows\System32\wmp.dll - ok
13:31:22.0026 3776  [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
13:31:22.0026 3776  C:\Windows\SysWOW64\wmploc.DLL - ok
13:31:22.0026 3776  [ 00CD6B4B84EBBF13D4535021E8A787F2 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpasdlta.vdm
13:31:22.0026 3776  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpasdlta.vdm - ok
13:31:22.0026 3776  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
13:31:22.0026 3776  C:\Windows\System32\wmploc.DLL - ok
13:31:22.0041 3776  [ A5BE518E515EF80EFD10B6727F31E366 ] C:\Program Files\Internet Explorer\ieproxy.dll
13:31:22.0041 3776  C:\Program Files\Internet Explorer\ieproxy.dll - ok
13:31:22.0041 3776  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
13:31:22.0041 3776  C:\Windows\SysWOW64\provsvc.dll - ok
13:31:22.0041 3776  [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\SysWOW64\wmpps.dll
13:31:22.0041 3776  C:\Windows\SysWOW64\wmpps.dll - ok
13:31:22.0057 3776  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
13:31:22.0057 3776  C:\Windows\System32\wmpps.dll - ok
13:31:22.0057 3776  [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\SysWOW64\wmpmde.dll
13:31:22.0057 3776  C:\Windows\SysWOW64\wmpmde.dll - ok
13:31:22.0057 3776  [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
13:31:22.0057 3776  C:\Windows\System32\wmpmde.dll - ok
13:31:22.0072 3776  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
13:31:22.0072 3776  C:\Windows\System32\httpapi.dll - ok
13:31:22.0072 3776  [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
13:31:22.0072 3776  C:\Windows\SysWOW64\WinSATAPI.dll - ok
13:31:22.0072 3776  [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
13:31:22.0072 3776  C:\Windows\System32\WinSATAPI.dll - ok
13:31:22.0088 3776  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
13:31:22.0088 3776  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
13:31:22.0088 3776  [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\SysWOW64\MSMPEG2ENC.DLL
13:31:22.0088 3776  C:\Windows\SysWOW64\MSMPEG2ENC.DLL - ok
13:31:22.0088 3776  [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
13:31:22.0088 3776  C:\Windows\System32\MSMPEG2ENC.DLL - ok
13:31:22.0104 3776  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
13:31:22.0104 3776  C:\Windows\SysWOW64\devenum.dll - ok
13:31:22.0104 3776  [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
13:31:22.0104 3776  C:\Windows\System32\devenum.dll - ok
13:31:22.0104 3776  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
13:31:22.0104 3776  C:\Windows\SysWOW64\msdmo.dll - ok
13:31:22.0104 3776  [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
13:31:22.0104 3776  C:\Windows\System32\msdmo.dll - ok
13:31:22.0119 3776  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
13:31:22.0119 3776  C:\Windows\System32\upnphost.dll - ok
13:31:22.0119 3776  [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
13:31:22.0119 3776  C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
13:31:22.0119 3776  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
13:31:22.0119 3776  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
13:31:22.0135 3776  [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
13:31:22.0135 3776  C:\Windows\SysWOW64\ncobjapi.dll - ok
13:31:22.0135 3776  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
13:31:22.0135 3776  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
13:31:22.0135 3776  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
13:31:22.0135 3776  C:\Windows\System32\wbem\cimwin32.dll - ok
13:31:22.0150 3776  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] C:\Windows\System32\drivers\acpi.sys
13:31:22.0150 3776  C:\Windows\System32\drivers\acpi.sys - ok
13:31:22.0150 3776  [ 79B47FD40D9A817E932F9D26FAC0A81C ] C:\Windows\System32\drivers\ndis.sys
13:31:22.0150 3776  C:\Windows\System32\drivers\ndis.sys - ok
13:31:22.0150 3776  [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
13:31:22.0150 3776  C:\Windows\System32\wbem\wmiprov.dll - ok
13:31:22.0166 3776  [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
13:31:22.0166 3776  C:\Windows\System32\udhisapi.dll - ok
13:31:22.0166 3776  [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
13:31:22.0166 3776  C:\Program Files\Windows Defender\MsMpLics.dll - ok
13:31:22.0166 3776  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
13:31:22.0166 3776  C:\Windows\SysWOW64\wscapi.dll - ok
13:31:22.0182 3776  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
13:31:22.0182 3776  C:\Windows\System32\wscapi.dll - ok
13:31:22.0182 3776  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
13:31:22.0182 3776  C:\Windows\SysWOW64\wscisvif.dll - ok
13:31:22.0182 3776  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
13:31:22.0182 3776  C:\Windows\System32\wscisvif.dll - ok
13:31:22.0197 3776  [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
13:31:22.0197 3776  C:\Windows\System32\wscproxystub.dll - ok
13:31:22.0197 3776  [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
13:31:22.0197 3776  C:\Windows\SysWOW64\wscproxystub.dll - ok
13:31:22.0197 3776  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
13:31:22.0197 3776  C:\Windows\SysWOW64\vssapi.dll - ok
13:31:22.0213 3776  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
13:31:22.0213 3776  C:\Windows\SysWOW64\vsstrace.dll - ok
13:31:22.0213 3776  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
13:31:22.0213 3776  C:\Windows\SysWOW64\samcli.dll - ok
13:31:22.0213 3776  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
13:31:22.0213 3776  C:\Windows\SysWOW64\samlib.dll - ok
13:31:22.0213 3776  [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
13:31:22.0213 3776  C:\Windows\SysWOW64\es.dll - ok
13:31:22.0228 3776  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
13:31:22.0228 3776  C:\Windows\System32\wuaueng.dll - ok
13:31:22.0228 3776  [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
13:31:22.0228 3776  C:\Windows\SysWOW64\mspatcha.dll - ok
13:31:22.0228 3776  [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
13:31:22.0228 3776  C:\Windows\System32\mspatcha.dll - ok
13:31:22.0244 3776  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
13:31:22.0244 3776  C:\Windows\SysWOW64\linkinfo.dll - ok
13:31:22.0244 3776  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
13:31:22.0244 3776  C:\Windows\System32\linkinfo.dll - ok
13:31:22.0244 3776  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
13:31:22.0244 3776  C:\Windows\SysWOW64\networkexplorer.dll - ok
13:31:22.0260 3776  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
13:31:22.0260 3776  C:\Windows\System32\networkexplorer.dll - ok
13:31:22.0260 3776  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
13:31:22.0260 3776  C:\Windows\SysWOW64\drprov.dll - ok
13:31:22.0260 3776  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
13:31:22.0260 3776  C:\Windows\System32\drprov.dll - ok
13:31:22.0275 3776  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
13:31:22.0275 3776  C:\Windows\SysWOW64\ntlanman.dll - ok
13:31:22.0275 3776  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
13:31:22.0275 3776  C:\Windows\System32\davclnt.dll - ok
13:31:22.0275 3776  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
13:31:22.0275 3776  C:\Windows\System32\ntlanman.dll - ok
13:31:22.0291 3776  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
13:31:22.0291 3776  C:\Windows\SysWOW64\davhlpr.dll - ok
13:31:22.0291 3776  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
13:31:22.0291 3776  C:\Windows\System32\davhlpr.dll - ok
13:31:22.0291 3776  [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
13:31:22.0291 3776  C:\Windows\SysWOW64\wmsgapi.dll - ok
13:31:22.0306 3776  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
13:31:22.0306 3776  C:\Windows\System32\wups2.dll - ok
13:31:22.0306 3776  [ 347AAE83C7C7B787CED89544532AA47D ] C:\Windows\SysWOW64\PhotoMetadataHandler.dll
13:31:22.0306 3776  C:\Windows\SysWOW64\PhotoMetadataHandler.dll - ok
13:31:22.0306 3776  [ FC3001B4B9DF50B61F3CCA615759EFE7 ] C:\Windows\System32\PhotoMetadataHandler.dll
13:31:22.0306 3776  C:\Windows\System32\PhotoMetadataHandler.dll - ok
13:31:22.0322 3776  [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
13:31:22.0322 3776  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
13:31:22.0322 3776  [ F1C19F0AA151B90A7416FA1D50DDB582 ] C:\Windows\System32\WindowsCodecsExt.dll
13:31:22.0322 3776  C:\Windows\System32\WindowsCodecsExt.dll - ok
13:31:22.0322 3776  [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
13:31:22.0322 3776  C:\Windows\SysWOW64\framedynos.dll - ok
13:31:22.0338 3776  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
13:31:22.0338 3776  C:\Windows\System32\framedynos.dll - ok
13:31:22.0338 3776  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
13:31:22.0338 3776  C:\Windows\SysWOW64\security.dll - ok
13:31:22.0338 3776  [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
13:31:22.0338 3776  C:\Windows\System32\security.dll - ok
13:31:22.0353 3776  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
13:31:22.0353 3776  C:\Windows\SysWOW64\logoncli.dll - ok
13:31:22.0353 3776  [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
13:31:22.0353 3776  C:\Windows\SysWOW64\schedcli.dll - ok
13:31:22.0353 3776  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
13:31:22.0353 3776  C:\Windows\System32\schedcli.dll - ok
13:31:22.0353 3776  [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
13:31:22.0353 3776  C:\Windows\System32\wbem\wmipcima.dll - ok
13:31:22.0369 3776  [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
13:31:22.0369 3776  C:\Windows\SysWOW64\wmi.dll - ok
13:31:22.0369 3776  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
13:31:22.0369 3776  C:\Windows\System32\wmi.dll - ok
13:31:22.0369 3776  [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\SysWOW64\slwga.dll
13:31:22.0369 3776  C:\Windows\SysWOW64\slwga.dll - ok
13:31:22.0384 3776  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
13:31:22.0384 3776  C:\Windows\System32\slwga.dll - ok
13:31:22.0384 3776  [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\SysWOW64\sppc.dll
13:31:22.0384 3776  C:\Windows\SysWOW64\sppc.dll - ok
13:31:22.0384 3776  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
13:31:22.0384 3776  C:\Windows\System32\sppc.dll - ok
13:31:22.0400 3776  [ 6A16BCE3C09496650BE881C467611653 ] C:\Windows\System32\msi.dll
13:31:22.0400 3776  C:\Windows\System32\msi.dll - ok
13:31:22.0400 3776  [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
13:31:22.0400 3776  C:\Windows\SysWOW64\advpack.dll - ok
13:31:22.0400 3776  [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
13:31:22.0400 3776  C:\Windows\System32\advpack.dll - ok
13:31:22.0416 3776  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
13:31:22.0416 3776  C:\Windows\servicing\TrustedInstaller.exe - ok
13:31:22.0416 3776  [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\SysWOW64\sxsstore.dll
13:31:22.0416 3776  C:\Windows\SysWOW64\sxsstore.dll - ok
13:31:22.0416 3776  [ AA376FE53D239EC404AD28AA14F33564 ] C:\Windows\SysWOW64\srclient.dll
13:31:22.0416 3776  C:\Windows\SysWOW64\srclient.dll - ok
13:31:22.0431 3776  [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
13:31:22.0431 3776  C:\Windows\SysWOW64\wdscore.dll - ok
13:31:22.0431 3776  [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
13:31:22.0431 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
13:31:22.0431 3776  [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
13:31:22.0431 3776  C:\Windows\servicing\CbsMsg.dll - ok
13:31:22.0447 3776  [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\SysWOW64\dpx.dll
13:31:22.0447 3776  C:\Windows\SysWOW64\dpx.dll - ok
13:31:22.0447 3776  [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
13:31:22.0447 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
13:31:22.0447 3776  [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\DrUpdate.dll
13:31:22.0447 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17514_none_678566b7ddea04a5\DrUpdate.dll - ok
13:31:22.0462 3776  [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
13:31:22.0462 3776  C:\Windows\SysWOW64\spp.dll - ok
13:31:22.0462 3776  [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
13:31:22.0462 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
13:31:22.0462 3776  [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
13:31:22.0462 3776  C:\Windows\SysWOW64\sqmapi.dll - ok
13:31:22.0478 3776  [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
13:31:22.0478 3776  C:\Windows\servicing\CbsApi.dll - ok
13:31:22.0478 3776  [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
13:31:22.0478 3776  C:\Windows\System32\dpx.dll - ok
13:31:22.0478 3776  [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
13:31:22.0478 3776  C:\Windows\System32\spp.dll - ok
13:31:22.0478 3776  [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
13:31:22.0478 3776  C:\Windows\System32\srclient.dll - ok
13:31:22.0494 3776  [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
13:31:22.0494 3776  C:\Windows\System32\sxsstore.dll - ok
13:31:22.0494 3776  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
13:31:22.0494 3776  C:\Windows\SysWOW64\rasapi32.dll - ok
13:31:22.0494 3776  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
13:31:22.0494 3776  C:\Windows\SysWOW64\rasman.dll - ok
13:31:22.0509 3776  [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\SysWOW64\wbem\WMIADAP.exe
13:31:22.0509 3776  C:\Windows\SysWOW64\wbem\WMIADAP.exe - ok
13:31:22.0509 3776  [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
13:31:22.0509 3776  C:\Windows\System32\wbem\WMIADAP.exe - ok
13:31:22.0509 3776  [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\SysWOW64\loadperf.dll
13:31:22.0509 3776  C:\Windows\SysWOW64\loadperf.dll - ok
13:31:22.0525 3776  [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
13:31:22.0525 3776  C:\Windows\System32\loadperf.dll - ok
13:31:22.0525 3776  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
13:31:22.0525 3776  C:\Windows\System32\DXP.dll - ok
13:31:22.0525 3776  [ A943D670747778C7597987A4B5B9A679 ] C:\Windows\System32\WFS.exe
13:31:22.0525 3776  C:\Windows\System32\WFS.exe - ok
13:31:22.0540 3776  [ F1E9A22C1D4F5D3AC7BA555D4E95329C ] C:\Windows\SysWOW64\sud.dll
13:31:22.0540 3776  C:\Windows\SysWOW64\sud.dll - ok
13:31:22.0540 3776  [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\SysWOW64\wdc.dll
13:31:22.0540 3776  C:\Windows\SysWOW64\wdc.dll - ok
13:31:22.0540 3776  [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\SysWOW64\tbs.dll
13:31:22.0540 3776  C:\Windows\SysWOW64\tbs.dll - ok
13:31:22.0556 3776  [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\SysWOW64\clb.dll
13:31:22.0556 3776  C:\Windows\SysWOW64\clb.dll - ok
13:31:22.0556 3776  [ 737AFC772243C75E6AD17A7A8E8E23F9 ] C:\Windows\SysWOW64\fms.dll
13:31:22.0556 3776  C:\Windows\SysWOW64\fms.dll - ok
13:31:22.0556 3776  [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
13:31:22.0556 3776  C:\Windows\SysWOW64\nci.dll - ok
13:31:22.0572 3776  [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\SysWOW64\Sens.dll
13:31:22.0572 3776  C:\Windows\SysWOW64\Sens.dll - ok
13:31:22.0572 3776  [ F93C84B307573327779AE0DA41115957 ] C:\Windows\SysWOW64\ulib.dll
13:31:22.0572 3776  C:\Windows\SysWOW64\ulib.dll - ok
13:31:22.0572 3776  [ 079D12BFED9E3E03D02A44BAF8FFA3A9 ] C:\Windows\SysWOW64\desk.cpl
13:31:22.0572 3776  C:\Windows\SysWOW64\desk.cpl - ok
13:31:22.0587 3776  [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\SysWOW64\apds.dll
13:31:22.0587 3776  C:\Windows\SysWOW64\apds.dll - ok
13:31:22.0587 3776  [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\Windows\System32\WFSR.dll
13:31:22.0587 3776  C:\Windows\System32\WFSR.dll - ok
13:31:22.0587 3776  [ 75EA62927355189876081EF863064982 ] C:\Windows\SysWOW64\ncsi.dll
13:31:22.0587 3776  C:\Windows\SysWOW64\ncsi.dll - ok
13:31:22.0603 3776  [ E8C2C855AADAEEA8CBB879246BFA7B9E ] C:\Windows\System32\batt.dll
13:31:22.0603 3776  C:\Windows\System32\batt.dll - ok
13:31:22.0603 3776  [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll
13:31:22.0603 3776  C:\Windows\SysWOW64\onex.dll - ok
13:31:22.0603 3776  [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\SysWOW64\main.cpl
13:31:22.0603 3776  C:\Windows\SysWOW64\main.cpl - ok
13:31:22.0603 3776  [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\SysWOW64\apss.dll
13:31:22.0603 3776  C:\Windows\SysWOW64\apss.dll - ok
13:31:22.0618 3776  [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\SysWOW64\ubpm.dll
13:31:22.0618 3776  C:\Windows\SysWOW64\ubpm.dll - ok
13:31:22.0618 3776  [ 3AB2A38F7EA9E62D176A78FB58761E24 ] C:\Windows\SysWOW64\mshta.exe
13:31:22.0618 3776  C:\Windows\SysWOW64\mshta.exe - ok
13:31:22.0618 3776  [ 31DF8B79EF2B1985FFBB113D7A03B0AA ] C:\Windows\System32\bthci.dll
13:31:22.0618 3776  C:\Windows\System32\bthci.dll - ok
13:31:22.0634 3776  [ 53E054880ADBB856ECE6EB10EDBB8A32 ] C:\Windows\SysWOW64\mmsys.cpl
13:31:22.0634 3776  C:\Windows\SysWOW64\mmsys.cpl - ok
13:31:22.0634 3776  [ 1F4C97B6D0BD2515BCDF8B15DC65F2E3 ] C:\Windows\System32\sccls.dll
13:31:22.0634 3776  C:\Windows\System32\sccls.dll - ok
13:31:22.0634 3776  [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\SysWOW64\TSpkg.dll
13:31:22.0634 3776  C:\Windows\SysWOW64\TSpkg.dll - ok
13:31:22.0650 3776  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
13:31:22.0650 3776  C:\Windows\SysWOW64\mlang.dll - ok
13:31:22.0650 3776  [ 63B282FB2550893724647A359BA2323F ] C:\Windows\SysWOW64\Query.dll
13:31:22.0650 3776  C:\Windows\SysWOW64\Query.dll - ok
13:31:22.0650 3776  [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
13:31:22.0650 3776  C:\Windows\SysWOW64\wwapi.dll - ok
13:31:22.0665 3776  [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
13:31:22.0665 3776  C:\Windows\SysWOW64\mssph.dll - ok
13:31:22.0665 3776  [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
13:31:22.0665 3776  C:\Windows\SysWOW64\hgcpl.dll - ok
13:31:22.0665 3776  [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\SysWOW64\wscui.cpl
13:31:22.0665 3776  C:\Windows\SysWOW64\wscui.cpl - ok
13:31:22.0681 3776  [ B39B8CC163C41B12FE83E777199F3378 ] C:\Windows\SysWOW64\tzres.dll
13:31:22.0681 3776  C:\Windows\SysWOW64\tzres.dll - ok
13:31:22.0681 3776  [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\SysWOW64\pku2u.dll
13:31:22.0681 3776  C:\Windows\SysWOW64\pku2u.dll - ok
13:31:22.0681 3776  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
13:31:22.0681 3776  C:\Windows\System32\FXSST.dll - ok
13:31:22.0696 3776  [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\SysWOW64\aclui.dll
13:31:22.0696 3776  C:\Windows\SysWOW64\aclui.dll - ok
13:31:22.0696 3776  [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0 ] C:\Windows\SysWOW64\twext.dll
13:31:22.0696 3776  C:\Windows\SysWOW64\twext.dll - ok
13:31:22.0696 3776  [ 8504944851DF6175CC489A8F3328459E ] C:\Windows\SysWOW64\d3d10.dll
13:31:22.0696 3776  C:\Windows\SysWOW64\d3d10.dll - ok
13:31:22.0712 3776  [ 25ECEE9FE6D1E638E3980F71E77DB32C ] C:\Windows\SysWOW64\wuapp.exe
13:31:22.0712 3776  C:\Windows\SysWOW64\wuapp.exe - ok
13:31:22.0712 3776  [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
13:31:22.0712 3776  C:\Windows\System32\sdcpl.dll - ok
13:31:22.0712 3776  [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
13:31:22.0712 3776  C:\Windows\SysWOW64\QUTIL.DLL - ok
13:31:22.0712 3776  [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll
13:31:22.0712 3776  C:\Windows\SysWOW64\mssvp.dll - ok
13:31:22.0728 3776  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
13:31:22.0728 3776  C:\Windows\System32\KMSVC.DLL - ok
13:31:22.0728 3776  [ EB7B4563D6D20FC663F15FE8581D0BF2 ] C:\Windows\SysWOW64\dmocx.dll
13:31:22.0728 3776  C:\Windows\SysWOW64\dmocx.dll - ok
13:31:22.0728 3776  [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
13:31:22.0728 3776  C:\Windows\SysWOW64\msisip.dll - ok
13:31:22.0743 3776  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
13:31:22.0743 3776  C:\Windows\System32\eapsvc.dll - ok
13:31:22.0743 3776  [ 2A6BFDEDF2C57923E78F970BB15D7E7D ] C:\Windows\SysWOW64\tsgqec.dll
13:31:22.0743 3776  C:\Windows\SysWOW64\tsgqec.dll - ok
13:31:22.0743 3776  [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll
13:31:22.0743 3776  C:\Windows\SysWOW64\elslad.dll - ok
13:31:22.0759 3776  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
13:31:22.0759 3776  C:\Windows\System32\IKEEXT.DLL - ok
13:31:22.0759 3776  [ 7AA994D0757EF3FDB4F3F7656E1E4D60 ] C:\Windows\SysWOW64\dfscli.dll
13:31:22.0759 3776  C:\Windows\SysWOW64\dfscli.dll - ok
13:31:22.0759 3776  [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
13:31:22.0759 3776  C:\Windows\SysWOW64\msls31.dll - ok
13:31:22.0759 3776  [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
13:31:22.0759 3776  C:\Windows\SysWOW64\shsvcs.dll - ok
13:31:22.0774 3776  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
13:31:22.0774 3776  C:\Windows\SysWOW64\msimtf.dll - ok
13:31:22.0774 3776  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
13:31:22.0774 3776  C:\Windows\SysWOW64\oleacc.dll - ok
13:31:22.0774 3776  [ BF6BF2F25C73CB4A5204DCC1924A8A14 ] C:\Windows\System32\sti_ci.dll
13:31:22.0774 3776  C:\Windows\System32\sti_ci.dll - ok
13:31:22.0790 3776  [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
13:31:22.0790 3776  C:\Windows\SysWOW64\credui.dll - ok
13:31:22.0790 3776  [ E904178851A6A44BFA97E064EF779E9D ] C:\Windows\SysWOW64\authui.dll
13:31:22.0790 3776  C:\Windows\SysWOW64\authui.dll - ok
13:31:22.0790 3776  [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
13:31:22.0790 3776  C:\Windows\SysWOW64\wshext.dll - ok
13:31:22.0806 3776  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
13:31:22.0806 3776  C:\Windows\SysWOW64\ksuser.dll - ok
13:31:22.0806 3776  [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\SysWOW64\keyiso.dll
13:31:22.0806 3776  C:\Windows\SysWOW64\keyiso.dll - ok
13:31:22.0806 3776  [ 01073F2BA36792C9BFD1BD622A6247B3 ] C:\Windows\System32\wpccpl.dll
13:31:22.0806 3776  C:\Windows\System32\wpccpl.dll - ok
13:31:22.0821 3776  [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
13:31:22.0821 3776  C:\Windows\SysWOW64\pnidui.dll - ok
13:31:22.0821 3776  [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
13:31:22.0821 3776  C:\Windows\SysWOW64\FXSAPI.dll - ok
13:31:22.0821 3776  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
13:31:22.0821 3776  C:\Windows\SysWOW64\odbc32.dll - ok
13:31:22.0837 3776  [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll
13:31:22.0837 3776  C:\Windows\SysWOW64\sscore.dll - ok
13:31:22.0837 3776  [ F5F9CB23EDBF2C77AAE5A2A2FC4FC333 ] C:\Windows\SysWOW64\devmgr.dll
13:31:22.0837 3776  C:\Windows\SysWOW64\devmgr.dll - ok
13:31:22.0837 3776  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
13:31:22.0837 3776  C:\Windows\SysWOW64\msv1_0.dll - ok
13:31:22.0852 3776  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
13:31:22.0852 3776  C:\Windows\System32\FXSSVC.exe - ok
13:31:22.0852 3776  [ F41831D2A3D6E2152525EA3F75316ACD ] C:\Windows\System32\wpd_ci.dll
13:31:22.0852 3776  C:\Windows\System32\wpd_ci.dll - ok
13:31:22.0852 3776  [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
13:31:22.0852 3776  C:\Windows\SysWOW64\winbio.dll - ok
13:31:22.0868 3776  [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
13:31:22.0868 3776  C:\Windows\SysWOW64\scrrun.dll - ok
13:31:22.0868 3776  [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
13:31:22.0868 3776  C:\Windows\SysWOW64\mf.dll - ok
13:31:22.0868 3776  [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
13:31:22.0868 3776  C:\Windows\SysWOW64\newdev.dll - ok
13:31:22.0868 3776  [ 894611A2264EE383F14C67660CE1D0F2 ] C:\Windows\System32\dispci.dll
13:31:22.0884 3776  C:\Windows\System32\dispci.dll - ok
13:31:22.0884 3776  [ 2607A85B6466C0110EA8ABB9D8CC83FC ] C:\Windows\SysWOW64\regapi.dll
13:31:22.0884 3776  C:\Windows\SysWOW64\regapi.dll - ok
13:31:22.0884 3776  [ C9905EA4C326DAB778B9297BA5BD1889 ] C:\Windows\SysWOW64\wermgr.exe
13:31:22.0884 3776  C:\Windows\SysWOW64\wermgr.exe - ok
13:31:22.0884 3776  [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\SysWOW64\comres.dll
13:31:22.0884 3776  C:\Windows\SysWOW64\comres.dll - ok
13:31:22.0899 3776  [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
13:31:22.0899 3776  C:\Windows\SysWOW64\wdmaud.drv - ok
13:31:22.0899 3776  [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
13:31:22.0899 3776  C:\Windows\SysWOW64\mfc42u.dll - ok
13:31:22.0899 3776  [ 250AA41DE690561AF1282D598914564C ] C:\Windows\SysWOW64\scesrv.dll
13:31:22.0899 3776  C:\Windows\SysWOW64\scesrv.dll - ok
13:31:22.0915 3776  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
13:31:22.0915 3776  C:\Windows\System32\netman.dll - ok
13:31:22.0915 3776  [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
13:31:22.0915 3776  C:\Windows\SysWOW64\AltTab.dll - ok
13:31:22.0915 3776  [ CFD8B8537036CF35F6254192997A4D8E ] C:\Windows\SysWOW64\shgina.dll
13:31:22.0915 3776  C:\Windows\SysWOW64\shgina.dll - ok
13:31:22.0930 3776  [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\SysWOW64\EAPQEC.DLL
13:31:22.0930 3776  C:\Windows\SysWOW64\EAPQEC.DLL - ok
13:31:22.0930 3776  [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\SysWOW64\UXInit.dll
13:31:22.0930 3776  C:\Windows\SysWOW64\UXInit.dll - ok
13:31:22.0930 3776  [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\Windows\System32\icaapi.dll
13:31:22.0930 3776  C:\Windows\System32\icaapi.dll - ok
13:31:22.0946 3776  [ 05920BD009621D06722A1CD339DA6481 ] C:\Windows\SysWOW64\mshtml.dll
13:31:22.0946 3776  C:\Windows\SysWOW64\mshtml.dll - ok
13:31:22.0946 3776  [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\SysWOW64\drt.dll
13:31:22.0946 3776  C:\Windows\SysWOW64\drt.dll - ok
13:31:22.0946 3776  [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
13:31:22.0946 3776  C:\Windows\SysWOW64\imapi2.dll - ok
13:31:22.0962 3776  [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
13:31:22.0962 3776  C:\Windows\SysWOW64\Wpc.dll - ok
13:31:22.0962 3776  [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
13:31:22.0962 3776  C:\Windows\SysWOW64\mprapi.dll - ok
13:31:22.0962 3776  [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
13:31:22.0962 3776  C:\Windows\SysWOW64\QAGENT.DLL - ok
13:31:22.0977 3776  [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\SysWOW64\cscdll.dll
13:31:22.0977 3776  C:\Windows\SysWOW64\cscdll.dll - ok
13:31:22.0977 3776  [ 0795AAF84172C2E3B605CCB3A6E91D4A ] C:\Windows\SysWOW64\dtsh.dll
13:31:22.0977 3776  C:\Windows\SysWOW64\dtsh.dll - ok
13:31:22.0977 3776  [ 20A20A911CD79A6F6839167149A05668 ] C:\Windows\SysWOW64\syncui.dll
13:31:22.0977 3776  C:\Windows\SysWOW64\syncui.dll - ok
13:31:22.0977 3776  [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\SysWOW64\scecli.dll
13:31:22.0977 3776  C:\Windows\SysWOW64\scecli.dll - ok
13:31:22.0993 3776  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
13:31:22.0993 3776  C:\Windows\SysWOW64\mapi32.dll - ok
13:31:22.0993 3776  [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
13:31:22.0993 3776  C:\Windows\SysWOW64\FXSRESM.dll - ok
13:31:22.0993 3776  [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\SysWOW64\netjoin.dll
13:31:22.0993 3776  C:\Windows\SysWOW64\netjoin.dll - ok
13:31:23.0008 3776  [ 091C7153A1292F19BE34FAC07FFF12EC ] C:\Windows\SysWOW64\jscript.dll
13:31:23.0008 3776  C:\Windows\SysWOW64\jscript.dll - ok
13:31:23.0008 3776  [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\SysWOW64\wininit.exe
13:31:23.0008 3776  C:\Windows\SysWOW64\wininit.exe - ok
13:31:23.0008 3776  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
13:31:23.0008 3776  C:\Windows\SysWOW64\mssprxy.dll - ok
13:31:23.0024 3776  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
13:31:23.0024 3776  C:\Windows\SysWOW64\cryptui.dll - ok
13:31:23.0024 3776  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
13:31:23.0024 3776  C:\Windows\SysWOW64\odbcint.dll - ok
13:31:23.0024 3776  [ 00D7AB9A8E5C9A84CFCA19AD9E583E6F ] C:\Windows\SysWOW64\mmcbase.dll
13:31:23.0024 3776  C:\Windows\SysWOW64\mmcbase.dll - ok
13:31:23.0040 3776  [ 81C4D657D37C3A5418B54BFECE821B84 ] C:\Windows\SysWOW64\pngfilt.dll
13:31:23.0040 3776  C:\Windows\SysWOW64\pngfilt.dll - ok
13:31:23.0040 3776  [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
13:31:23.0040 3776  C:\Windows\SysWOW64\WWanAPI.dll - ok
13:31:23.0040 3776  [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
13:31:23.0040 3776  C:\Windows\SysWOW64\midimap.dll - ok
13:31:23.0055 3776  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
13:31:23.0055 3776  C:\Windows\SysWOW64\mscms.dll - ok
13:31:23.0055 3776  [ 14558D849EC14160AC3DACD8AC36E10A ] C:\Windows\SysWOW64\Display.dll
13:31:23.0055 3776  C:\Windows\SysWOW64\Display.dll - ok
13:31:23.0055 3776  [ E948D1D42DC68923ABD75EEB5BCCD1D3 ] C:\Windows\System32\consent.exe
13:31:23.0055 3776  C:\Windows\System32\consent.exe - ok
13:31:23.0055 3776  [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
13:31:23.0055 3776  C:\Windows\System32\termsrv.dll - ok
13:31:23.0071 3776  [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
13:31:23.0071 3776  C:\Windows\SysWOW64\clusapi.dll - ok
13:31:23.0071 3776  [ A205B7A5D8E4AE6E8DE7B313C7FC3FA4 ] C:\Windows\SysWOW64\mdminst.dll
13:31:23.0071 3776  C:\Windows\SysWOW64\mdminst.dll - ok
13:31:23.0071 3776  [ 82A9C6ADDCC4D392293AF15C09192DEC ] C:\Windows\SysWOW64\ifsutil.dll
13:31:23.0071 3776  C:\Windows\SysWOW64\ifsutil.dll - ok
13:31:23.0086 3776  [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
13:31:23.0086 3776  C:\Windows\SysWOW64\Syncreg.dll - ok
13:31:23.0086 3776  [ D23E615E0969AECC1134E372B0B295D1 ] C:\Windows\SysWOW64\synceng.dll
13:31:23.0086 3776  C:\Windows\SysWOW64\synceng.dll - ok
13:31:23.0086 3776  [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
13:31:23.0086 3776  C:\Windows\SysWOW64\icm32.dll - ok
13:31:23.0102 3776  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
13:31:23.0102 3776  C:\Windows\SysWOW64\d3d8thk.dll - ok
13:31:23.0102 3776  [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\SysWOW64\fdWSD.dll
13:31:23.0102 3776  C:\Windows\SysWOW64\fdWSD.dll - ok
13:31:23.0102 3776  [ B96C13B5C85AC4240FE95DE115945D59 ] C:\Windows\SysWOW64\imgutil.dll
13:31:23.0102 3776  C:\Windows\SysWOW64\imgutil.dll - ok
13:31:23.0118 3776  [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll
13:31:23.0118 3776  C:\Windows\SysWOW64\wdigest.dll - ok
13:31:23.0118 3776  [ 909B0DC6134C1AF9E1E242F87008B5E1 ] C:\Windows\System32\McxDriv.dll
13:31:23.0118 3776  C:\Windows\System32\McxDriv.dll - ok
13:31:23.0118 3776  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
13:31:23.0118 3776  C:\Windows\SysWOW64\msimg32.dll - ok
13:31:23.0133 3776  [ 69C81451DCE63069A036FBF646A86996 ] C:\Windows\SysWOW64\fontext.dll
13:31:23.0133 3776  C:\Windows\SysWOW64\fontext.dll - ok
13:31:23.0133 3776  [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\SysWOW64\DHCPQEC.DLL
13:31:23.0133 3776  C:\Windows\SysWOW64\DHCPQEC.DLL - ok
13:31:23.0133 3776  [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
13:31:23.0133 3776  C:\Windows\SysWOW64\prnfldr.dll - ok
13:31:23.0149 3776  [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
13:31:23.0149 3776  C:\Windows\SysWOW64\eappcfg.dll - ok
13:31:23.0149 3776  [ 909C11946AC04EA54A98C97792DC3C18 ] C:\Windows\SysWOW64\puiobj.dll
13:31:23.0149 3776  C:\Windows\SysWOW64\puiobj.dll - ok
13:31:23.0149 3776  [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
13:31:23.0149 3776  C:\Windows\System32\w32time.dll - ok
13:31:23.0164 3776  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
13:31:23.0164 3776  C:\Windows\SysWOW64\dsound.dll - ok
13:31:23.0164 3776  [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\SysWOW64\SessEnv.dll
13:31:23.0164 3776  C:\Windows\SysWOW64\SessEnv.dll - ok
13:31:23.0164 3776  [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
13:31:23.0164 3776  C:\Windows\SysWOW64\msacm32.drv - ok
13:31:23.0180 3776  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
13:31:23.0180 3776  C:\Windows\SysWOW64\msacm32.dll - ok
13:31:23.0180 3776  [ 8E8C92DD50F6B34907813AFDC0C8F7DD ] C:\Windows\SysWOW64\dbgeng.dll
13:31:23.0180 3776  C:\Windows\SysWOW64\dbgeng.dll - ok
13:31:23.0180 3776  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
13:31:23.0180 3776  C:\Windows\SysWOW64\rtutils.dll - ok
13:31:23.0196 3776  [ 19DFABF1712CA77C34EBD92A893E9B2E ] C:\Windows\SysWOW64\dplayx.dll
13:31:23.0196 3776  C:\Windows\SysWOW64\dplayx.dll - ok
13:31:23.0196 3776  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
13:31:23.0196 3776  C:\Windows\SysWOW64\oledlg.dll - ok
13:31:23.0196 3776  [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\SysWOW64\fdProxy.dll
13:31:23.0196 3776  C:\Windows\SysWOW64\fdProxy.dll - ok
13:31:23.0196 3776  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
13:31:23.0196 3776  C:\Windows\System32\bitsigd.dll - ok
13:31:23.0211 3776  [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll
13:31:23.0211 3776  C:\Windows\SysWOW64\ELSCore.dll - ok
13:31:23.0211 3776  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
13:31:23.0211 3776  C:\Windows\System32\fdPHost.dll - ok
13:31:23.0211 3776  [ 7E6CA0FBCFDD2B6E2D99EDD8B673A192 ] C:\Windows\System32\MBWrp64.dll
13:31:23.0211 3776  C:\Windows\System32\MBWrp64.dll - ok
13:31:23.0227 3776  [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\SysWOW64\themeui.dll
13:31:23.0227 3776  C:\Windows\SysWOW64\themeui.dll - ok
13:31:23.0227 3776  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
13:31:23.0227 3776  C:\Windows\SysWOW64\wlanapi.dll - ok
13:31:23.0227 3776  [ DC50B0FE1C3F654AC25B5484BF3A458C ] C:\Windows\System32\DiagCpl.dll
13:31:23.0227 3776  C:\Windows\System32\DiagCpl.dll - ok
13:31:23.0242 3776  [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
13:31:23.0242 3776  C:\Windows\System32\MdSched.exe - ok
13:31:23.0242 3776  [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\SysWOW64\rasplap.dll
13:31:23.0242 3776  C:\Windows\SysWOW64\rasplap.dll - ok
13:31:23.0242 3776  [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
13:31:23.0242 3776  C:\Windows\SysWOW64\dot3api.dll - ok
13:31:23.0258 3776  [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
13:31:23.0258 3776  C:\Windows\SysWOW64\ddrawex.dll - ok
13:31:23.0258 3776  [ 83EDF12A090F0B66CDC9F7390A701521 ] C:\Windows\SysWOW64\fontsub.dll
13:31:23.0258 3776  C:\Windows\SysWOW64\fontsub.dll - ok
13:31:23.0258 3776  [ 9D9AC6CE9A9D951AC40DE91CD6F0A620 ] C:\Windows\SysWOW64\inetcpl.cpl
13:31:23.0258 3776  C:\Windows\SysWOW64\inetcpl.cpl - ok
13:31:23.0274 3776  [ DEFB55D4FF094673DF31FA89A8A8A2F0 ] C:\Windows\SysWOW64\dxtrans.dll
13:31:23.0274 3776  C:\Windows\SysWOW64\dxtrans.dll - ok
13:31:23.0274 3776  [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
13:31:23.0274 3776  C:\Windows\SysWOW64\netcfgx.dll - ok
13:31:23.0274 3776  [ 87E71F2A83681F41B796CA685818EF2D ] C:\Windows\SysWOW64\msrating.dll
13:31:23.0274 3776  C:\Windows\SysWOW64\msrating.dll - ok
13:31:23.0289 3776  [ 088CF5B6380FB9002F2A4246F812225D ] C:\Windows\SysWOW64\asycfilt.dll
13:31:23.0289 3776  C:\Windows\SysWOW64\asycfilt.dll - ok
13:31:23.0289 3776  [ 451E47CF063A37D105A1D2111FD4C4E5 ] C:\Windows\SysWOW64\mciavi32.dll
13:31:23.0289 3776  C:\Windows\SysWOW64\mciavi32.dll - ok
13:31:23.0289 3776  [ 4A3DA4015EFF80B348E7793E0BBEF0A8 ] C:\Windows\SysWOW64\dpmodemx.dll
13:31:23.0289 3776  C:\Windows\SysWOW64\dpmodemx.dll - ok
13:31:23.0305 3776  [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
13:31:23.0305 3776  C:\Windows\SysWOW64\hnetcfg.dll - ok
13:31:23.0305 3776  [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\SysWOW64\l3codeca.acm
13:31:23.0305 3776  C:\Windows\SysWOW64\l3codeca.acm - ok
13:31:23.0305 3776  [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
13:31:23.0305 3776  C:\Windows\SysWOW64\wpdshext.dll - ok
13:31:23.0320 3776  [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
13:31:23.0320 3776  C:\Windows\SysWOW64\wlanhlp.dll - ok
13:31:23.0320 3776  [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
13:31:23.0320 3776  C:\Windows\SysWOW64\timedate.cpl - ok
13:31:23.0320 3776  [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
13:31:23.0320 3776  C:\Windows\SysWOW64\regsvr32.exe - ok
13:31:23.0336 3776  [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
13:31:23.0336 3776  C:\Windows\SysWOW64\kerberos.dll - ok
13:31:23.0336 3776  [ DCEABBA22E12CC44C2E7785C0EB9C6E3 ] C:\Windows\SysWOW64\avifil32.dll
13:31:23.0336 3776  C:\Windows\SysWOW64\avifil32.dll - ok
13:31:23.0336 3776  [ 1533BB0B2E46BAEA2A1870C1A32D1499 ] C:\Windows\System32\RtkAPO64.dll
13:31:23.0336 3776  C:\Windows\System32\RtkAPO64.dll - ok
13:31:23.0336 3776  [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
13:31:23.0336 3776  C:\Windows\SysWOW64\adsldpc.dll - ok
13:31:23.0352 3776  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
13:31:23.0352 3776  C:\Windows\System32\certprop.dll - ok
13:31:23.0352 3776  [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
13:31:23.0352 3776  C:\Windows\SysWOW64\batmeter.dll - ok
13:31:23.0352 3776  [ A3E23DD82AA7963D9F7D184BEEEE5448 ] C:\Windows\SysWOW64\filemgmt.dll
13:31:23.0352 3776  C:\Windows\SysWOW64\filemgmt.dll - ok
13:31:23.0367 3776  [ 90FB1802D488FFA9029854A77D4F3F27 ] C:\Windows\SysWOW64\oleaccrc.dll
13:31:23.0367 3776  C:\Windows\SysWOW64\oleaccrc.dll - ok
13:31:23.0367 3776  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
13:31:23.0367 3776  C:\Windows\SysWOW64\comdlg32.dll - ok
13:31:23.0367 3776  [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\SysWOW64\negoexts.dll
13:31:23.0367 3776  C:\Windows\SysWOW64\negoexts.dll - ok
13:31:23.0383 3776  [ 8C3D32A4A46326031309A43C52539D7F ] C:\Windows\SysWOW64\ieapfltr.dat
13:31:23.0383 3776  C:\Windows\SysWOW64\ieapfltr.dat - ok
13:31:23.0383 3776  [ 184A08A345BF2632A4DAEAD649B1CBD7 ] C:\Windows\System32\BrUsi09c.dll
13:31:23.0383 3776  C:\Windows\System32\BrUsi09c.dll - ok
13:31:23.0383 3776  [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
13:31:23.0383 3776  C:\Windows\SysWOW64\stobject.dll - ok
13:31:23.0398 3776  [ 9E376BD460915510B9A7E12849CAE85E ] C:\Windows\SysWOW64\dpwsockx.dll
13:31:23.0398 3776  C:\Windows\SysWOW64\dpwsockx.dll - ok
13:31:23.0398 3776  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
13:31:23.0398 3776  C:\Windows\SysWOW64\shfolder.dll - ok
13:31:23.0398 3776  [ 3C108456F96D8654317AF36BFFDBEF67 ] C:\Windows\System32\atiumd6a.dll
13:31:23.0398 3776  C:\Windows\System32\atiumd6a.dll - ok
13:31:23.0414 3776  [ EE7E1AF966CE43B076FF0F1F6FB88B46 ] C:\Windows\System32\atiumd64.dll
13:31:23.0414 3776  C:\Windows\System32\atiumd64.dll - ok
13:31:23.0414 3776  [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
13:31:23.0414 3776  C:\Windows\AppPatch\AcGenral.dll - ok
13:31:23.0414 3776  [ A173AFC689DCDA7EAEB63F4ADD6FFFE0 ] C:\Windows\System32\atiu9p64.dll
13:31:23.0414 3776  C:\Windows\System32\atiu9p64.dll - ok
13:31:23.0430 3776  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
13:31:23.0430 3776  C:\Windows\SysWOW64\riched20.dll - ok
13:31:23.0430 3776  [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\SysWOW64\dhcpcore.dll
13:31:23.0430 3776  C:\Windows\SysWOW64\dhcpcore.dll - ok
13:31:23.0430 3776  [ C2870C2E6C551CA1D419B515E596E839 ] C:\Windows\SysWOW64\aticfx32.dll
13:31:23.0430 3776  C:\Windows\SysWOW64\aticfx32.dll - ok
13:31:23.0445 3776  [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
13:31:23.0445 3776  C:\Windows\SysWOW64\bthprops.cpl - ok
13:31:23.0445 3776  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
13:31:23.0445 3776  C:\Windows\SysWOW64\MMDevAPI.dll - ok
13:31:23.0445 3776  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
13:31:23.0445 3776  C:\Windows\SysWOW64\msftedit.dll - ok
13:31:23.0461 3776  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
13:31:23.0461 3776  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
13:31:23.0461 3776  [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
13:31:23.0461 3776  C:\Windows\SysWOW64\rundll32.exe - ok
13:31:23.0461 3776  [ 404FAD93ABFBD86D1AAAB47D5DFA6505 ] C:\Windows\SysWOW64\iedkcs32.dll
13:31:23.0461 3776  C:\Windows\SysWOW64\iedkcs32.dll - ok
13:31:23.0476 3776  [ 6435B29D2018CFAD173BD50AE8F8D5DD ] C:\Windows\SysWOW64\iscsicpl.exe
13:31:23.0476 3776  C:\Windows\SysWOW64\iscsicpl.exe - ok
13:31:23.0476 3776  [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
13:31:23.0476 3776  C:\Windows\SysWOW64\WerFault.exe - ok
13:31:23.0476 3776  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
13:31:23.0476 3776  C:\Windows\SysWOW64\wlanutil.dll - ok
13:31:23.0492 3776  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
13:31:23.0492 3776  C:\Windows\System32\QAGENTRT.DLL - ok
13:31:23.0492 3776  [ 9DF7A7C74D8632CB5EBD37E3A374825E ] C:\Windows\SysWOW64\webcheck.dll
13:31:23.0492 3776  C:\Windows\SysWOW64\webcheck.dll - ok
13:31:23.0492 3776  [ B45934FDAEB1710CEC3D8F797FD481CA ] C:\Windows\SysWOW64\sdiageng.dll
13:31:23.0492 3776  C:\Windows\SysWOW64\sdiageng.dll - ok
13:31:23.0508 3776  [ A29E036A5A3B37C7530F3EA1CF385129 ] C:\Windows\SysWOW64\lsmproxy.dll
13:31:23.0508 3776  C:\Windows\SysWOW64\lsmproxy.dll - ok
13:31:23.0508 3776  [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\SysWOW64\netlogon.dll
13:31:23.0508 3776  C:\Windows\SysWOW64\netlogon.dll - ok
13:31:23.0508 3776  [ 3897DFF247D9ED0006190349DE264E14 ] C:\Windows\SysWOW64\cryptsvc.dll
13:31:23.0508 3776  C:\Windows\SysWOW64\cryptsvc.dll - ok
13:31:23.0508 3776  [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
13:31:23.0508 3776  C:\Windows\SysWOW64\feclient.dll - ok
13:31:23.0523 3776  [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
13:31:23.0523 3776  C:\Windows\SysWOW64\WinSCard.dll - ok
13:31:23.0523 3776  [ 50AF423CC8915B0010F0A96BF78672E9 ] C:\Windows\SysWOW64\prncache.dll
13:31:23.0523 3776  C:\Windows\SysWOW64\prncache.dll - ok
13:31:23.0523 3776  [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
13:31:23.0523 3776  C:\Windows\System32\RtkCfg64.dll - ok
13:31:23.0539 3776  [ DE207E9FE7AD62B7C9FEF50C6186563D ] C:\Windows\SysWOW64\atiumdva.dll
13:31:23.0539 3776  C:\Windows\SysWOW64\atiumdva.dll - ok
13:31:23.0539 3776  [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
13:31:23.0539 3776  C:\Windows\SysWOW64\AudioEng.dll - ok
13:31:23.0539 3776  [ 7B3FD36359DE5D2EE49D213CCAD13427 ] C:\Windows\SysWOW64\elsTrans.dll
13:31:23.0539 3776  C:\Windows\SysWOW64\elsTrans.dll - ok
13:31:23.0554 3776  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
13:31:23.0554 3776  C:\Windows\SysWOW64\AudioSes.dll - ok
13:31:23.0554 3776  [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\SysWOW64\cngaudit.dll
13:31:23.0554 3776  C:\Windows\SysWOW64\cngaudit.dll - ok
13:31:23.0554 3776  [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
13:31:23.0554 3776  C:\Windows\SysWOW64\SndVolSSO.dll - ok
13:31:23.0570 3776  [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\SysWOW64\EhStorAPI.dll

Link to post
Share on other sites

13:31:23.0570 3776  C:\Windows\SysWOW64\EhStorAPI.dll - ok
13:31:23.0570 3776  [ 96E0F0BED5D9EBABB899D8CA83C36A7E ] C:\Windows\SysWOW64\vbscript.dll
13:31:23.0570 3776  C:\Windows\SysWOW64\vbscript.dll - ok
13:31:23.0570 3776  [ 77F595DEE5FFACEA72B135B1FCE1312E ] C:\Windows\SysWOW64\xinput1_3.dll
13:31:23.0570 3776  C:\Windows\SysWOW64\xinput1_3.dll - ok
13:31:23.0586 3776  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
13:31:23.0586 3776  C:\Windows\SysWOW64\cryptdll.dll - ok
13:31:23.0586 3776  [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
13:31:23.0586 3776  C:\Windows\System32\msconfig.exe - ok
13:31:23.0586 3776  [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
13:31:23.0586 3776  C:\Windows\SysWOW64\thumbcache.dll - ok
13:31:23.0601 3776  [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\SysWOW64\eapphost.dll
13:31:23.0601 3776  C:\Windows\SysWOW64\eapphost.dll - ok
13:31:23.0601 3776  [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\SysWOW64\wscinterop.dll
13:31:23.0601 3776  C:\Windows\SysWOW64\wscinterop.dll - ok
13:31:23.0601 3776  [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
13:31:23.0601 3776  C:\Windows\SysWOW64\msiltcfg.dll - ok
13:31:23.0617 3776  [ 6F45174675278B189EC749D17DE21EF7 ] C:\Windows\System32\sdautoplay.dll
13:31:23.0617 3776  C:\Windows\System32\sdautoplay.dll - ok
13:31:23.0617 3776  [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\SysWOW64\hcproviders.dll
13:31:23.0617 3776  C:\Windows\SysWOW64\hcproviders.dll - ok
13:31:23.0617 3776  [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
13:31:23.0617 3776  C:\Windows\SysWOW64\UIAnimation.dll - ok
13:31:23.0632 3776  [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
13:31:23.0632 3776  C:\Windows\SysWOW64\AUDIOKSE.dll - ok
13:31:23.0632 3776  [ BFEBB6F76A0988A38260870C61A6D1B7 ] C:\Windows\SysWOW64\mfreadwrite.dll
13:31:23.0632 3776  C:\Windows\SysWOW64\mfreadwrite.dll - ok
13:31:23.0632 3776  [ 97A81BBF8E013A72CDEF4CA8D8FF93CB ] C:\Windows\SysWOW64\RESAMPLEDMO.DLL
13:31:23.0632 3776  C:\Windows\SysWOW64\RESAMPLEDMO.DLL - ok
13:31:23.0648 3776  [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
13:31:23.0648 3776  C:\Windows\SysWOW64\ActionCenter.dll - ok
13:31:23.0648 3776  [ 6A1B51F414E2F83ECC2B9AFA0121FEF6 ] C:\Windows\System32\sysclass.dll
13:31:23.0648 3776  C:\Windows\System32\sysclass.dll - ok
13:31:23.0648 3776  [ F945ADCEF203E6104AEC8EC9C337CFD0 ] C:\Windows\SysWOW64\iscsicpl.dll
13:31:23.0648 3776  C:\Windows\SysWOW64\iscsicpl.dll - ok
13:31:23.0664 3776  [ 97D965A341C76FCB35B4344BFA2CBC06 ] C:\Program Files (x86)\Steam\Steam.exe
13:31:23.0664 3776  C:\Program Files (x86)\Steam\Steam.exe - ok
13:31:23.0664 3776  [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
13:31:23.0664 3776  C:\Windows\SysWOW64\resutils.dll - ok
13:31:23.0664 3776  [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
13:31:23.0664 3776  C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
13:31:23.0679 3776  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
13:31:23.0679 3776  C:\Windows\SysWOW64\actxprxy.dll - ok
13:31:23.0679 3776  [ 7AD593A3BF85A6CCB279374C16C83054 ] C:\Windows\SysWOW64\NlsLexicons001d.dll
13:31:23.0679 3776  C:\Windows\SysWOW64\NlsLexicons001d.dll - ok
13:31:23.0679 3776  [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\SysWOW64\UIAutomationCore.dll
13:31:23.0679 3776  C:\Windows\SysWOW64\UIAutomationCore.dll - ok
13:31:23.0679 3776  [ 0BBDB0F5A25A2FE0502F44CA7D04AB61 ] C:\Windows\SysWOW64\mycomput.dll
13:31:23.0679 3776  C:\Windows\SysWOW64\mycomput.dll - ok
13:31:23.0695 3776  [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
13:31:23.0695 3776  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
13:31:23.0695 3776  [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\SysWOW64\vaultcli.dll
13:31:23.0695 3776  C:\Windows\SysWOW64\vaultcli.dll - ok
13:31:23.0695 3776  [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\SysWOW64\eappprxy.dll
13:31:23.0695 3776  C:\Windows\SysWOW64\eappprxy.dll - ok
13:31:23.0710 3776  [ C19F74D59B294488E0A2D8A824C4E89B ] C:\Program Files (x86)\Steam\SteamUI.dll
13:31:23.0710 3776  C:\Program Files (x86)\Steam\SteamUI.dll - ok
13:31:23.0710 3776  [ 59B7280D73906B43B13B273A1F9CC3DD ] C:\Windows\SysWOW64\xpsrchvw.exe
13:31:23.0710 3776  C:\Windows\SysWOW64\xpsrchvw.exe - ok
13:31:23.0710 3776  [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\SysWOW64\bitsperf.dll
13:31:23.0710 3776  C:\Windows\SysWOW64\bitsperf.dll - ok
13:31:23.0726 3776  [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
13:31:23.0726 3776  C:\Windows\SysWOW64\SearchFilterHost.exe - ok
13:31:23.0726 3776  [ 81241E7723D5675AF6E27A7F0E7F3324 ] C:\Windows\SysWOW64\AuthFWGP.dll
13:31:23.0726 3776  C:\Windows\SysWOW64\AuthFWGP.dll - ok
13:31:23.0726 3776  [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
13:31:23.0726 3776  C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
13:31:23.0742 3776  [ 145642B84939D50AFDA2D6163406CCED ] C:\Windows\SysWOW64\networkitemfactory.dll
13:31:23.0742 3776  C:\Windows\SysWOW64\networkitemfactory.dll - ok
13:31:23.0742 3776  [ 76B5A48D429D29F69485BD314B9866A6 ] C:\Windows\SysWOW64\odbcad32.exe
13:31:23.0742 3776  C:\Windows\SysWOW64\odbcad32.exe - ok
13:31:23.0742 3776  [ 548CB85DE1EAD453292A7EA02C4CFCA9 ] C:\Program Files (x86)\Steam\vstdlib_s.dll
13:31:23.0742 3776  C:\Program Files (x86)\Steam\vstdlib_s.dll - ok
13:31:23.0757 3776  [ 9DA621EE05B8F692ABC52B5D8076C3C7 ] C:\Program Files (x86)\Steam\bin\libcef.dll
13:31:23.0757 3776  C:\Program Files (x86)\Steam\bin\libcef.dll - ok
13:31:23.0757 3776  [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
13:31:23.0757 3776  C:\Windows\SysWOW64\netshell.dll - ok
13:31:23.0757 3776  [ AB11CEFE591909A85E98E27A230807C7 ] C:\Program Files\Windows Sidebar\sbdrop.dll
13:31:23.0757 3776  C:\Program Files\Windows Sidebar\sbdrop.dll - ok
13:31:23.0773 3776  [ 5A4A633B3A84086CAB6AD61BA54C8D0C ] C:\Program Files\Windows Defender\MpOAV.dll
13:31:23.0773 3776  C:\Program Files\Windows Defender\MpOAV.dll - ok
13:31:23.0773 3776  [ 3925944734DFC5D2253F3DC5923F797D ] C:\Windows\SysWOW64\powercpl.dll
13:31:23.0773 3776  C:\Windows\SysWOW64\powercpl.dll - ok
13:31:23.0773 3776  [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
13:31:23.0773 3776  C:\Windows\SysWOW64\msshooks.dll - ok
13:31:23.0788 3776  [ BB7B759E9ED35321C934A620DC4BD9B0 ] C:\Program Files (x86)\Steam\crashhandler.dll
13:31:23.0788 3776  C:\Program Files (x86)\Steam\crashhandler.dll - ok
13:31:23.0788 3776  [ CA75367CE419922291A11227E32FBA0C ] C:\Windows\SysWOW64\wsecedit.dll
13:31:23.0788 3776  C:\Windows\SysWOW64\wsecedit.dll - ok
13:31:23.0788 3776  [ BF0BC4244D43B661AAC00BF1E5E2BA9B ] C:\Program Files (x86)\Steam\bin\friendsui.dll
13:31:23.0788 3776  C:\Program Files (x86)\Steam\bin\friendsui.dll - ok
13:31:23.0804 3776  [ D0EF0B07155F0E25F97EE57834FCFB66 ] C:\Program Files\Internet Explorer\IEShims.dll
13:31:23.0804 3776  C:\Program Files\Internet Explorer\IEShims.dll - ok
13:31:23.0804 3776  [ FB3F036EF6A467F7AF46C821FF5D198D ] C:\Windows\SysWOW64\d3d10core.dll
13:31:23.0804 3776  C:\Windows\SysWOW64\d3d10core.dll - ok
13:31:23.0804 3776  [ FDEB61F4752EE933AF6E663256B0C1C6 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
13:31:23.0804 3776  C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
13:31:23.0804 3776  [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\SysWOW64\dhcpcore6.dll
13:31:23.0804 3776  C:\Windows\SysWOW64\dhcpcore6.dll - ok
13:31:23.0820 3776  [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
13:31:23.0820 3776  C:\Windows\System32\werconcpl.dll - ok
13:31:23.0820 3776  [ F0112F2DDAC14DFD4B3A69BB0164D005 ] C:\Windows\System32\taskbarcpl.dll
13:31:23.0820 3776  C:\Windows\System32\taskbarcpl.dll - ok
13:31:23.0820 3776  [ 44F5C1CF70AC8F7239F3B3667E58697A ] C:\Windows\SysWOW64\CertPolEng.dll
13:31:23.0820 3776  C:\Windows\SysWOW64\CertPolEng.dll - ok
13:31:23.0835 3776  [ E8CB091A918C1C687B087389D9A66B39 ] C:\Windows\SysWOW64\SensorsCpl.dll
13:31:23.0835 3776  C:\Windows\SysWOW64\SensorsCpl.dll - ok
13:31:23.0835 3776  [ 5B236296E233CAA6BF86BE0C6501A224 ] C:\Windows\System32\rdpcorekmts.dll
13:31:23.0835 3776  C:\Windows\System32\rdpcorekmts.dll - ok
13:31:23.0835 3776  [ 4FF3EC04CD47DD62181894B71B004E40 ] C:\Windows\SysWOW64\d3d10level9.dll
13:31:23.0835 3776  C:\Windows\SysWOW64\d3d10level9.dll - ok
13:31:23.0851 3776  [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\SysWOW64\BioCredProv.dll
13:31:23.0851 3776  C:\Windows\SysWOW64\BioCredProv.dll - ok
13:31:23.0851 3776  [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\SysWOW64\DeviceCenter.dll
13:31:23.0851 3776  C:\Windows\SysWOW64\DeviceCenter.dll - ok
13:31:23.0851 3776  [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
13:31:23.0851 3776  C:\Windows\SysWOW64\SearchFolder.dll - ok
13:31:23.0866 3776  [ B72F77DA5A69F5626696182E17B503BA ] C:\Windows\SysWOW64\miguiresource.dll
13:31:23.0866 3776  C:\Windows\SysWOW64\miguiresource.dll - ok
13:31:23.0866 3776  [ 6F6759407B843B99E0367036632EC798 ] C:\Windows\SysWOW64\HelpPaneProxy.dll
13:31:23.0866 3776  C:\Windows\SysWOW64\HelpPaneProxy.dll - ok
13:31:23.0866 3776  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
13:31:23.0866 3776  C:\Windows\System32\wercplsupport.dll - ok
13:31:23.0882 3776  [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
13:31:23.0882 3776  C:\Windows\SysWOW64\StructuredQuery.dll - ok
13:31:23.0882 3776  [ 54DEFF61C4E6AF1581DA2F236154BA4C ] C:\Windows\SysWOW64\ActionCenterCPL.dll
13:31:23.0882 3776  C:\Windows\SysWOW64\ActionCenterCPL.dll - ok
13:31:23.0882 3776  [ 45C0DF404182850C21749AF7763C095F ] C:\Windows\SysWOW64\accessibilitycpl.dll
13:31:23.0882 3776  C:\Windows\SysWOW64\accessibilitycpl.dll - ok
13:31:23.0898 3776  [ EDC77CF787FA015205936C9A3228486E ] C:\Program Files\Internet Explorer\iexplore.exe
13:31:23.0898 3776  C:\Program Files\Internet Explorer\iexplore.exe - ok
13:31:23.0898 3776  [ C822C8B2C4927CBBABF45D5084903A54 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
13:31:23.0898 3776  C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
13:31:23.0898 3776  [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\SysWOW64\certCredProvider.dll
13:31:23.0898 3776  C:\Windows\SysWOW64\certCredProvider.dll - ok
13:31:23.0913 3776  [ C43D50453404EF1C6801EFFC2492A202 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:31:23.0913 3776  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
13:31:23.0913 3776  [ 84897874906481E0B3F4045DAD90D69F ] C:\Windows\SysWOW64\FirewallControlPanel.dll
13:31:23.0913 3776  C:\Windows\SysWOW64\FirewallControlPanel.dll - ok
13:31:23.0913 3776  [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
13:31:23.0913 3776  C:\Windows\SysWOW64\SmartcardCredentialProvider.dll - ok
13:31:23.0929 3776  [ 5051BB40FFB2BA4870C0A059CA03294F ] C:\Windows\System32\MsSpellCheckingFacility.exe
13:31:23.0929 3776  C:\Windows\System32\MsSpellCheckingFacility.exe - ok
13:31:23.0929 3776  [ E5199554C3168A27419087F532AD5EDB ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
13:31:23.0929 3776  C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
13:31:23.0929 3776  [ 350E87B7881905BE049874C22D667239 ] C:\Windows\System32\AuxiliaryDisplayClassInstaller.dll
13:31:23.0929 3776  C:\Windows\System32\AuxiliaryDisplayClassInstaller.dll - ok
13:31:23.0944 3776  [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
13:31:23.0944 3776  C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll - ok
13:31:23.0944 3776  [ 92F44E405DB16AC55D97E3BFE3B132FA ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
13:31:23.0944 3776  C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - ok
13:31:23.0944 3776  [ A0156882419E3493AD3F3DFD43F60C14 ] C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe
13:31:23.0944 3776  C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe - ok
13:31:23.0960 3776  [ DF3934B7B9AA03F62DDA2485452CC28E ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
13:31:23.0960 3776  C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
13:31:23.0960 3776  [ 9EBB690A63755C79D312F80F14126B8C ] C:\Program Files (x86)\Steam\bin\serverbrowser.dll
13:31:23.0960 3776  C:\Program Files (x86)\Steam\bin\serverbrowser.dll - ok
13:31:23.0960 3776  [ B16A869BE7BA5657D70074F418E4BF1C ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
13:31:23.0960 3776  C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
13:31:23.0976 3776  [ BAAE5464178246514352A852B6AD88A7 ] C:\Program Files (x86)\Steam\bin\gameoverlayui.dll
13:31:23.0976 3776  C:\Program Files (x86)\Steam\bin\gameoverlayui.dll - ok
13:31:23.0976 3776  [ ADEB9670F2CB891A5E621C963A2EFD3E ] C:\Windows\System32\spool\drivers\x64\3\briu10b.dll
13:31:23.0976 3776  C:\Windows\System32\spool\drivers\x64\3\briu10b.dll - ok
13:31:23.0976 3776  [ 8BC51E8C935D5730E452B975FCE94C78 ] C:\Program Files\Windows Photo Viewer\PhotoBase.dll
13:31:23.0976 3776  C:\Program Files\Windows Photo Viewer\PhotoBase.dll - ok
13:31:23.0991 3776  [ 3ACB3C6B41892484311BD83A9A97DF07 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
13:31:23.0991 3776  C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
13:31:23.0991 3776  [ D68CEA48AC722C336342A430EDC1976D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
13:31:23.0991 3776  C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
13:31:23.0991 3776  [ E71A355960FC6C574607C8FEFF75CE69 ] C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll
13:31:23.0991 3776  C:\Program Files\Plantronics\GameCom780\VMixPLGC.dll - ok
13:31:24.0007 3776  [ 92BF0AE91462E51BB11A3D99AA7E4B7D ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
13:31:24.0007 3776  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
13:31:24.0007 3776  [ 27B9E163740A226B65E4B9E186117911 ] C:\Program Files\Windows Portable Devices\sqmapi.dll
13:31:24.0007 3776  C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
13:31:24.0007 3776  [ D5E1C86C58D6850B8CC45D845A3A5686 ] C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll
13:31:24.0007 3776  C:\Program Files (x86)\Steam\bin\filesystem_stdio.dll - ok
13:31:24.0022 3776  [ B52BCF2BF55FF248601277B7D7C8D13D ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\net.dll
13:31:24.0022 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\net.dll - ok
13:31:24.0022 3776  [ 07DFD28E57879554D054464EE4A5662D ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
13:31:24.0022 3776  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
13:31:24.0022 3776  [ 6C078C9F52D38604AF22A025FD2394AC ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\nio.dll
13:31:24.0022 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\nio.dll - ok
13:31:24.0038 3776  [ 34E3709244736B8976820F730E5A8815 ] C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
13:31:24.0038 3776  C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll - ok
13:31:24.0038 3776  [ 6F12CD3E58FE17A35AAEE8EC205A51CD ] C:\Program Files\Plantronics\GameCom780\GameCom780.exe
13:31:24.0038 3776  C:\Program Files\Plantronics\GameCom780\GameCom780.exe - ok
13:31:24.0038 3776  [ D5F824B36D43465808639B082553CF59 ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\java.dll
13:31:24.0038 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\java.dll - ok
13:31:24.0054 3776  [ 04AD4B80880B32C94BE8D0886482C774 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\7z.dll
13:31:24.0054 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\7z.dll - ok
13:31:24.0054 3776  [ B777C9CE5731407502B76AF1C0077233 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll
13:31:24.0054 3776  C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll - ok
13:31:24.0054 3776  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\msvcr71.dll
13:31:24.0054 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\msvcr71.dll - ok
13:31:24.0069 3776  [ 18A67CD5082F436D28DD8007CC4A46B6 ] C:\Program Files (x86)\Microsoft Office\Office12\WWLIB.DLL
13:31:24.0069 3776  C:\Program Files (x86)\Microsoft Office\Office12\WWLIB.DLL - ok
13:31:24.0069 3776  [ 3D76B5C0E02ECC19C1F5756E8FD97F72 ] C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
13:31:24.0069 3776  C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - ok
13:31:24.0069 3776  [ 78DF0192939C425CE2AA0920CADAAE6F ] C:\Windows\System32\Macromed\Flash\Flash64_11_7_700_224.ocx
13:31:24.0069 3776  C:\Windows\System32\Macromed\Flash\Flash64_11_7_700_224.ocx - ok
13:31:24.0085 3776  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
13:31:24.0085 3776  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
13:31:24.0085 3776  [ 1696EBB4F889D9494182590714D58998 ] C:\Program Files (x86)\Whisper Technology\FTP Surfer\wtftpshx.dll
13:31:24.0085 3776  C:\Program Files (x86)\Whisper Technology\FTP Surfer\wtftpshx.dll - ok
13:31:24.0085 3776  [ 65D09D8BC91D74C8800725EB33D1EE1B ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
13:31:24.0085 3776  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
13:31:24.0100 3776  [ 295AAF9F25EE8B9E194581F6519C19D0 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\OcHelperResource.dll
13:31:24.0100 3776  C:\Program Files (x86)\Microsoft Lync\MUI\0409\OcHelperResource.dll - ok
13:31:24.0100 3776  [ 75EB974222F293159427F9A77A5F3C6A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
13:31:24.0100 3776  C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll - ok
13:31:24.0100 3776  [ A98C51239F27C4E43BE9401C4A11E306 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe
13:31:24.0100 3776  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe - ok
13:31:24.0116 3776  [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe
13:31:24.0116 3776  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\xlicons.exe - ok
13:31:24.0116 3776  [ 47186D72E120A1F18C3DBE729502A9C4 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
13:31:24.0116 3776  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll - ok
13:31:24.0116 3776  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe
13:31:24.0116 3776  C:\Windows\Installer\{91120000-00CA-0000-0000-0000000FF1CE}\wordicon.exe - ok
13:31:24.0132 3776  [ A2516EF339EF990111A35B17D34C8587 ] C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
13:31:24.0132 3776  C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll - ok
13:31:24.0132 3776  [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
13:31:24.0132 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
13:31:24.0132 3776  [ C41AE9FF028B94F1DF7834AA8D417294 ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsEditor.exe
13:31:24.0132 3776  C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsEditor.exe - ok
13:31:24.0147 3776  [ 7F7DB35D3F3EF1A860BB100A694912F8 ] C:\Users\Jaycen\AppData\Local\Roblox\Versions\version-314fd073d6d74dcc\NPRobloxProxy.dll
13:31:24.0147 3776  C:\Users\Jaycen\AppData\Local\Roblox\Versions\version-314fd073d6d74dcc\NPRobloxProxy.dll - ok
13:31:24.0147 3776  [ D01628AF9F7FB3F415B357D446FBE6D9 ] C:\Windows\splwow64.exe
13:31:24.0147 3776  C:\Windows\splwow64.exe - ok
13:31:24.0147 3776  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
13:31:24.0147 3776  C:\Windows\ehome\ehSSO.dll - ok
13:31:24.0163 3776  [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
13:31:24.0163 3776  C:\Windows\SysWOW64\d2d1.dll - ok
13:31:24.0163 3776  [ 5E2D9C88284AA3BECF15BEA0920A1903 ] C:\Windows\SysWOW64\ieui.dll
13:31:24.0163 3776  C:\Windows\SysWOW64\ieui.dll - ok
13:31:24.0163 3776  [ BB3C7E48088D37417EB37F1A9E3D2449 ] C:\Windows\SysWOW64\werui.dll
13:31:24.0163 3776  C:\Windows\SysWOW64\werui.dll - ok
13:31:24.0178 3776  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
13:31:24.0178 3776  C:\Windows\SysWOW64\ddraw.dll - ok
13:31:24.0178 3776  [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
13:31:24.0178 3776  C:\Windows\SysWOW64\dxva2.dll - ok
13:31:24.0178 3776  [ 27F3D44B29E14658EDE13D7D044E7420 ] C:\Windows\SysWOW64\RASMM.dll
13:31:24.0178 3776  C:\Windows\SysWOW64\RASMM.dll - ok
13:31:24.0194 3776  [ 9EEEAB29FAD8EF06DE605748F5895252 ] C:\Windows\SysWOW64\fdWNet.dll
13:31:24.0194 3776  C:\Windows\SysWOW64\fdWNet.dll - ok
13:31:24.0194 3776  [ C7D5B4171C77DD0B26C5571E7777C355 ] C:\Windows\SysWOW64\WcnApi.dll
13:31:24.0194 3776  C:\Windows\SysWOW64\WcnApi.dll - ok
13:31:24.0194 3776  [ 4277F5164DE9B7C665BB928B9145BEE0 ] C:\Windows\SysWOW64\DWrite.dll
13:31:24.0194 3776  C:\Windows\SysWOW64\DWrite.dll - ok
13:31:24.0194 3776  [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
13:31:24.0194 3776  C:\Windows\SysWOW64\tapi32.dll - ok
13:31:24.0210 3776  [ 4B8441782918424827F2937CFB669136 ] C:\Windows\SysWOW64\WlanMM.dll
13:31:24.0210 3776  C:\Windows\SysWOW64\WlanMM.dll - ok
13:31:24.0210 3776  [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\SysWOW64\fdSSDP.dll
13:31:24.0210 3776  C:\Windows\SysWOW64\fdSSDP.dll - ok
13:31:24.0210 3776  [ 5D68F68E12B8BCD35ADE5A7B4FE5F456 ] C:\Windows\System32\wwanmm.dll
13:31:24.0210 3776  C:\Windows\System32\wwanmm.dll - ok
13:31:24.0225 3776  [ C9F4E45DB0D9D2896CC68FDA08C98E25 ] C:\Windows\SysWOW64\MP3DMOD.DLL
13:31:24.0225 3776  C:\Windows\SysWOW64\MP3DMOD.DLL - ok
13:31:24.0225 3776  [ C68FBBF01E86CB6CF0B797748FBD6C1A ] C:\Windows\SysWOW64\dxtmsft.dll
13:31:24.0225 3776  C:\Windows\SysWOW64\dxtmsft.dll - ok
13:31:24.0225 3776  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
13:31:24.0225 3776  C:\Windows\System32\pnrpsvc.dll - ok
13:31:24.0241 3776  [ 89F4D0DD6606A2FE15931E6888DBBC8D ] C:\Windows\SysWOW64\stdole2.tlb
13:31:24.0241 3776  C:\Windows\SysWOW64\stdole2.tlb - ok
13:31:24.0241 3776  [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\SysWOW64\notepad.exe
13:31:24.0241 3776  C:\Windows\SysWOW64\notepad.exe - ok
13:31:24.0241 3776  [ 69C85737F4CA5634E7A19B818579D176 ] C:\Windows\SysWOW64\dxdiagn.dll
13:31:24.0241 3776  C:\Windows\SysWOW64\dxdiagn.dll - ok
13:31:24.0256 3776  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
13:31:24.0256 3776  C:\Windows\System32\hgprint.dll - ok
13:31:24.0256 3776  [ B57053CD59114D36952461EE638D3784 ] C:\Windows\SysWOW64\acppage.dll
13:31:24.0256 3776  C:\Windows\SysWOW64\acppage.dll - ok
13:31:24.0256 3776  [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
13:31:24.0256 3776  C:\Windows\SysWOW64\msvfw32.dll - ok
13:31:24.0272 3776  [ A60801C2A6FF5777399D82072FE97F62 ] C:\Windows\SysWOW64\ir50_32.dll
13:31:24.0272 3776  C:\Windows\SysWOW64\ir50_32.dll - ok
13:31:24.0272 3776  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
13:31:24.0272 3776  C:\Windows\System32\ListSvc.dll - ok
13:31:24.0272 3776  [ 97FA62873FF759574B20DF39FF22CC27 ] C:\Windows\SysWOW64\jscript9.dll
13:31:24.0272 3776  C:\Windows\SysWOW64\jscript9.dll - ok
13:31:24.0288 3776  [ DB2F9648E224B814D1C90D8B87729000 ] C:\Windows\SysWOW64\atiumdag.dll
13:31:24.0288 3776  C:\Windows\SysWOW64\atiumdag.dll - ok
13:31:24.0288 3776  [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
13:31:24.0288 3776  C:\Windows\AppPatch\AcLayers.dll - ok
13:31:24.0288 3776  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
13:31:24.0288 3776  C:\Windows\SysWOW64\olepro32.dll - ok
13:31:24.0303 3776  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
13:31:24.0303 3776  C:\Windows\SysWOW64\dciman32.dll - ok
13:31:24.0303 3776  [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
13:31:24.0303 3776  C:\Windows\SysWOW64\Faultrep.dll - ok
13:31:24.0303 3776  [ 11C405A2DCF38E098316FD904A4FB662 ] C:\Windows\System32\sdengin2.dll
13:31:24.0303 3776  C:\Windows\System32\sdengin2.dll - ok
13:31:24.0303 3776  [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
13:31:24.0303 3776  C:\Windows\SysWOW64\opengl32.dll - ok
13:31:24.0319 3776  [ 238357300CD2D75E5E7ABF5594E0943E ] C:\Windows\SysWOW64\atiadlxy.dll
13:31:24.0319 3776  C:\Windows\SysWOW64\atiadlxy.dll - ok
13:31:24.0319 3776  [ 1B7858C0A918187D6E5ED91C7C16D5EF ] C:\Windows\SysWOW64\atiuxpag.dll
13:31:24.0319 3776  C:\Windows\SysWOW64\atiuxpag.dll - ok
13:31:24.0319 3776  [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
13:31:24.0319 3776  C:\Windows\SysWOW64\p2pcollab.dll - ok
13:31:24.0334 3776  [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
13:31:24.0334 3776  C:\Windows\SysWOW64\srchadmin.dll - ok
13:31:24.0334 3776  [ C5EE52EE9E1FAAA57A928620C7AE8755 ] C:\Windows\System32\sdiagschd.dll
13:31:24.0334 3776  C:\Windows\System32\sdiagschd.dll - ok
13:31:24.0334 3776  [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
13:31:24.0334 3776  C:\Windows\SysWOW64\SyncCenter.dll - ok
13:31:24.0350 3776  [ D0E2272A41640708F630258101E96E15 ] C:\Windows\SysWOW64\NlsData001d.dll
13:31:24.0350 3776  C:\Windows\SysWOW64\NlsData001d.dll - ok
13:31:24.0350 3776  [ C28A634CF127DA67D566B5E14D0A0170 ] C:\Windows\SysWOW64\mshtmlmedia.dll
13:31:24.0350 3776  C:\Windows\SysWOW64\mshtmlmedia.dll - ok
13:31:24.0350 3776  [ B06633C5840EFBE99242F7B90D70C135 ] C:\Program Files (x86)\Steam\SDL2.dll
13:31:24.0350 3776  C:\Program Files (x86)\Steam\SDL2.dll - ok
13:31:24.0366 3776  [ 548AAB0656CA8F5A31D256ED5D488907 ] C:\Program Files (x86)\Steam\Steam.dll
13:31:24.0366 3776  C:\Program Files (x86)\Steam\Steam.dll - ok
13:31:24.0366 3776  [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll
13:31:24.0366 3776  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
13:31:24.0366 3776  [ 529EFD4CD976A5418B88DFCDE40EC239 ] C:\Program Files (x86)\Steam\tier0_s.dll
13:31:24.0366 3776  C:\Program Files (x86)\Steam\tier0_s.dll - ok
13:31:24.0381 3776  [ 373FB81B6A551DD74767B7E08630EF48 ] C:\Program Files (x86)\Guild Wars 2\Gw2.exe
13:31:24.0381 3776  C:\Program Files (x86)\Guild Wars 2\Gw2.exe - ok
13:31:24.0381 3776  [ 4A0FCFEFD79635E46968B786194B5F55 ] C:\Program Files (x86)\Steam\steamclient.dll
13:31:24.0381 3776  C:\Program Files (x86)\Steam\steamclient.dll - ok
13:31:24.0381 3776  [ 3E130FA0D5289C8812021FF57F3851F5 ] C:\Program Files\Internet Explorer\sqmapi.dll
13:31:24.0381 3776  C:\Program Files\Internet Explorer\sqmapi.dll - ok
13:31:24.0397 3776  [ C5C8C2BB002BCD580CDF3AA61D9AB6BF ] C:\Program Files (x86)\Steam\bin\chromehtml.dll
13:31:24.0397 3776  C:\Program Files (x86)\Steam\bin\chromehtml.dll - ok
13:31:24.0397 3776  [ BBA1FE328CEA501FCCE1E5DF16276439 ] C:\Program Files (x86)\Steam\bin\avcodec-53.dll
13:31:24.0397 3776  C:\Program Files (x86)\Steam\bin\avcodec-53.dll - ok
13:31:24.0397 3776  [ CA607D7930C7ECD6B8443DC99E1F6185 ] C:\Program Files\Defraggler\DefragglerShell64.dll
13:31:24.0397 3776  C:\Program Files\Defraggler\DefragglerShell64.dll - ok
13:31:24.0412 3776  [ FAACDEBF241027F2469FA0C1769DF13B ] C:\Program Files (x86)\Steam\bin\steamservice.dll
13:31:24.0412 3776  C:\Program Files (x86)\Steam\bin\steamservice.dll - ok
13:31:24.0412 3776  [ C8D28F8B498CADBB9445AC4545BD41B7 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
13:31:24.0412 3776  C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
13:31:24.0412 3776  [ 8456E8EA41C3EF45DE237F39BDB2BDD9 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
13:31:24.0412 3776  C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
13:31:24.0428 3776  [ 1AAB99A981D1986F40C94AC00418568E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
13:31:24.0428 3776  C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
13:31:24.0428 3776  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
13:31:24.0428 3776  C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
13:31:24.0428 3776  [ C9BF2773B874DC4184326C8A333D7DFA ] C:\Program Files (x86)\Steam\GameOverlayRenderer.dll
13:31:24.0428 3776  C:\Program Files (x86)\Steam\GameOverlayRenderer.dll - ok
13:31:24.0444 3776  [ FC9A7DEEF369C5AF86A7352079ECEC27 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
13:31:24.0444 3776  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
13:31:24.0444 3776  [ 8F9397974D713971656DA2681E787B4A ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\zip.dll
13:31:24.0444 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\zip.dll - ok
13:31:24.0444 3776  [ 80E43D642D589BCFB0667C84FE15A986 ] C:\Program Files (x86)\Microsoft Lync\communicator.exe
13:31:24.0444 3776  C:\Program Files (x86)\Microsoft Lync\communicator.exe - ok
13:31:24.0459 3776  [ 2C6E01C2269CD4306AD2BC070A2A68F8 ] C:\Program Files (x86)\Microsoft Office\Office12\OART.DLL
13:31:24.0459 3776  C:\Program Files (x86)\Microsoft Office\Office12\OART.DLL - ok
13:31:24.0459 3776  [ F833DD5D8F959819F44BC98F47B1B6BB ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
13:31:24.0459 3776  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
13:31:24.0459 3776  [ 1EDC9B85FBFDFE569BDB4A013F8D1242 ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
13:31:24.0459 3776  C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe - ok
13:31:24.0475 3776  [ 471F849E8D4BD511A852F5FC7847C745 ] C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
13:31:24.0475 3776  C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll - ok
13:31:24.0475 3776  [ A5C14075B571AF1C9592595BE724D9D2 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
13:31:24.0475 3776  C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll - ok
13:31:24.0475 3776  [ 7043D485AEAE435312659FF1461F1491 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL
13:31:24.0475 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSO.DLL - ok
13:31:24.0490 3776  [ 4A4EC36A22F15403F81270FFAEE30474 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.dll
13:31:24.0490 3776  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.dll - ok
13:31:24.0490 3776  [ 3CDC4CB373FE0EB874313FEF68C9DEEE ] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe
13:31:24.0490 3776  C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.exe - ok
13:31:24.0490 3776  [ B0507B3A8B810DF1FDCF7F5FC926DEAC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
13:31:24.0490 3776  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
13:31:24.0506 3776  [ D34E343BB5237FC28CAE6EC1EFB5A0CB ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll
13:31:24.0506 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok
13:31:24.0506 3776  [ 36FBE76F4F51396B0F70FC95CD7481D2 ] C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
13:31:24.0506 3776  C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll - ok
13:31:24.0506 3776  [ C8D870413E884879C98C3D126DD31DE5 ] C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\language_x1.dll
13:31:24.0506 3776  C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\language_x1.dll - ok
13:31:24.0522 3776  [ 6FC2FCDF1586DB6667E996C88E610C64 ] C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\battlegrounds_x1.exe
13:31:24.0522 3776  C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\battlegrounds_x1.exe - ok
13:31:24.0522 3776  [ 981794879E8FD26CDD6ABCFF3F3F65EF ] C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
13:31:24.0522 3776  C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe - ok
13:31:24.0537 3776  [ 5FCF929DA223B7A220DF9B866FED6C26 ] C:\Program Files (x86)\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City.exe
13:31:24.0537 3776  C:\Program Files (x86)\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City.exe - ok
13:31:24.0537 3776  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
13:31:24.0537 3776  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
13:31:24.0537 3776  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
13:31:24.0537 3776  C:\Windows\SysWOW64\pdh.dll - ok
13:31:24.0553 3776  [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\SysWOW64\P2P.dll
13:31:24.0553 3776  C:\Windows\SysWOW64\P2P.dll - ok
13:31:24.0553 3776  [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
13:31:24.0553 3776  C:\Windows\SysWOW64\evr.dll - ok
13:31:24.0553 3776  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
13:31:24.0553 3776  C:\Windows\SysWOW64\d3d9.dll - ok
13:31:24.0568 3776  [ 241A1900C52DCBA38B20A4F3671444E0 ] C:\Windows\SysWOW64\d3d8.dll
13:31:24.0568 3776  C:\Windows\SysWOW64\d3d8.dll - ok
13:31:24.0568 3776  [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\SysWOW64\calc.exe
13:31:24.0568 3776  C:\Windows\SysWOW64\calc.exe - ok
13:31:24.0568 3776  [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
13:31:24.0568 3776  C:\Windows\SysWOW64\glu32.dll - ok
13:31:24.0568 3776  [ 84E7F08F490C39E90F46B31D0CB7A260 ] C:\Users\Jaycen\Converter.exe
13:31:24.0568 3776  C:\Users\Jaycen\Converter.exe - ok
13:31:24.0584 3776  [ 516BEB000047F7647F265BC8A71D8C19 ] C:\Windows\SysWOW64\fdWCN.dll
13:31:24.0584 3776  C:\Windows\SysWOW64\fdWCN.dll - ok
13:31:24.0584 3776  [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
13:31:24.0584 3776  C:\Windows\SysWOW64\gameux.dll - ok
13:31:24.0584 3776  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
13:31:24.0584 3776  C:\Windows\System32\wersvc.dll - ok
13:31:24.0600 3776  [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
13:31:24.0600 3776  C:\Windows\SysWOW64\rasdlg.dll - ok
13:31:24.0600 3776  [ 47BB23927747B934C6690F86C33E3C16 ] C:\Windows\SysWOW64\fthsvc.dll
13:31:24.0600 3776  C:\Windows\SysWOW64\fthsvc.dll - ok
13:31:24.0600 3776  [ A64CF039011318B86CEEB20AD9195CC0 ] C:\Users\Jaycen\colorpicker.exe
13:31:24.0600 3776  C:\Users\Jaycen\colorpicker.exe - ok
13:31:24.0615 3776  [ 34EEE0DFAADB4F691D6D5308A51315DC ] C:\Windows\SysWOW64\wcncsvc.dll
13:31:24.0615 3776  C:\Windows\SysWOW64\wcncsvc.dll - ok
13:31:24.0615 3776  [ A2F0B6A45EF5B68173AAA2A39690904E ] C:\Windows\SysWOW64\zipfldr.dll
13:31:24.0615 3776  C:\Windows\SysWOW64\zipfldr.dll - ok
13:31:24.0615 3776  [ 5343A19C618BC515CEB1695586C6C137 ] C:\Windows\SysWOW64\msvbvm60.dll
13:31:24.0615 3776  C:\Windows\SysWOW64\msvbvm60.dll - ok
13:31:24.0631 3776  [ A0CF76137D2F23C76C860CAD2C605780 ] C:\Windows\AppPatch\AcSpecfc.dll
13:31:24.0631 3776  C:\Windows\AppPatch\AcSpecfc.dll - ok
13:31:24.0631 3776  [ C6A44FC3CF2F5801561804272217B14D ] C:\Windows\SysWOW64\D3DX9_42.dll
13:31:24.0631 3776  C:\Windows\SysWOW64\D3DX9_42.dll - ok
13:31:24.0631 3776  [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\SysWOW64\P2PGraph.dll
13:31:24.0631 3776  C:\Windows\SysWOW64\P2PGraph.dll - ok
13:31:24.0646 3776  [ F42B046813B8B9A8292EFEE10815FE9D ] C:\Windows\SysWOW64\atidxx32.dll
13:31:24.0646 3776  C:\Windows\SysWOW64\atidxx32.dll - ok
13:31:24.0646 3776  [ 53122070884A334A51339AB082400FB7 ] C:\Windows\SysWOW64\dpnathlp.dll
13:31:24.0646 3776  C:\Windows\SysWOW64\dpnathlp.dll - ok
13:31:24.0646 3776  [ CD268E10622BF6825974ABEE52D75836 ] C:\Windows\SysWOW64\atiu9pag.dll
13:31:24.0646 3776  C:\Windows\SysWOW64\atiu9pag.dll - ok
13:31:24.0662 3776  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
13:31:24.0662 3776  C:\Windows\System32\IdListen.dll - ok
13:31:24.0662 3776  [ B3170CCC779B682C3341873EA60CF084 ] C:\Windows\SysWOW64\d3d10warp.dll
13:31:24.0662 3776  C:\Windows\SysWOW64\d3d10warp.dll - ok
13:31:24.0662 3776  [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll
13:31:24.0662 3776  C:\Windows\SysWOW64\NlsData0009.dll - ok
13:31:24.0662 3776  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
13:31:24.0662 3776  C:\Windows\System32\WMALFXGFXDSP.dll - ok
13:31:24.0678 3776  [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\SysWOW64\drttransport.dll
13:31:24.0678 3776  C:\Windows\SysWOW64\drttransport.dll - ok
13:31:24.0678 3776  [ 244C6722289F4869068992FD7D8A8832 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
13:31:24.0678 3776  C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
13:31:24.0678 3776  [ A7532E66EA2F168A0970E829D8986423 ] C:\Program Files (x86)\Steam\dbghelp.dll
13:31:24.0678 3776  C:\Program Files (x86)\Steam\dbghelp.dll - ok
13:31:24.0693 3776  [ 39DF98FB00F930D0E7B2FF6936666CD8 ] C:\Windows\SysWOW64\en-US\kernel32.dll.mui
13:31:24.0693 3776  C:\Windows\SysWOW64\en-US\kernel32.dll.mui - ok
13:31:24.0693 3776  [ E4093B24A9530D13191660C2AD78EE64 ] C:\Program Files (x86)\Steam\bin\vgui2_s.dll
13:31:24.0693 3776  C:\Program Files (x86)\Steam\bin\vgui2_s.dll - ok
13:31:24.0693 3776  [ 2A8B8A15A58EDF3B443083EC29894E54 ] C:\Program Files (x86)\Steam\bin\avutil-51.dll
13:31:24.0693 3776  C:\Program Files (x86)\Steam\bin\avutil-51.dll - ok
13:31:24.0709 3776  [ 759194CDE3BB7622FF2F80FC7FE11B5C ] C:\Program Files (x86)\Microsoft Lync\UccApi.dll
13:31:24.0709 3776  C:\Program Files (x86)\Microsoft Lync\UccApi.dll - ok
13:31:24.0709 3776  [ C5CCB86CD745746B9908031A54315F90 ] C:\Program Files (x86)\Steam\bin\avformat-53.dll
13:31:24.0709 3776  C:\Program Files (x86)\Steam\bin\avformat-53.dll - ok
13:31:24.0709 3776  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
13:31:24.0709 3776  C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll - ok
13:31:24.0724 3776  [ F9FDA1D853CB1A2C10817F73BCFD687A ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
13:31:24.0724 3776  C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
13:31:24.0724 3776  [ 43A0AC7DBB7EE9BAF1A03472E3684275 ] C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
13:31:24.0724 3776  C:\Program Files (x86)\Microsoft Lync\OCHelper.dll - ok
13:31:24.0724 3776  [ CF557645F3606C6D6A1FB4482D798E65 ] C:\Program Files\Windows Media Player\WMPNSSUI.dll
13:31:24.0724 3776  C:\Program Files\Windows Media Player\WMPNSSUI.dll - ok
13:31:24.0740 3776  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
13:31:24.0740 3776  C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
13:31:24.0740 3776  [ 6D705FAC228FCB26C8A9616E6C678821 ] C:\Windows\System32\spool\drivers\x64\3\brio10b.dll
13:31:24.0740 3776  C:\Windows\System32\spool\drivers\x64\3\brio10b.dll - ok
13:31:24.0740 3776  [ 349EB3F63E9455CFE23A776857C2981D ] C:\Windows\System32\spool\drivers\x64\3\bril10b.dll
13:31:24.0740 3776  C:\Windows\System32\spool\drivers\x64\3\bril10b.dll - ok
13:31:24.0756 3776  [ 95776F0B1AB144B12AF9AE2C583CC534 ] C:\Program Files\Plantronics\GameCom780\GameCom780.dll
13:31:24.0756 3776  C:\Program Files\Plantronics\GameCom780\GameCom780.dll - ok
13:31:24.0756 3776  [ 6A81E49F879C3EBF4C089E26221FD22B ] C:\Program Files\Plantronics\GameCom780\SoundPlayer.exe
13:31:24.0756 3776  C:\Program Files\Plantronics\GameCom780\SoundPlayer.exe - ok
13:31:24.0756 3776  [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
13:31:24.0756 3776  C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
13:31:24.0771 3776  [ 534A3CB0847BA114F0D8A5F2BB2EF6D0 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
13:31:24.0771 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe - ok
13:31:24.0771 3776  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
13:31:24.0771 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
13:31:24.0771 3776  [ 8DB479E065F2B546BFBD7323E5EE5B02 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_224.ocx
13:31:24.0771 3776  C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_7_700_224.ocx - ok
13:31:24.0787 3776  [ E9349A03FD81B4806714A16796B5E20A ] C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
13:31:24.0787 3776  C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe - ok
13:31:24.0787 3776  [ 36FDB8C775B1F7D2069B8C8D0CD09084 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
13:31:24.0787 3776  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
13:31:24.0787 3776  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
13:31:24.0787 3776  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
13:31:24.0802 3776  [ 0B1C3C977F5C7261E6C569C3CF40D6D1 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
13:31:24.0802 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
13:31:24.0802 3776  [ 91EA28804EC3A71126841554199E28BC ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll
13:31:24.0802 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\ssubtmr6.dll - ok
13:31:24.0818 3776  [ BAA4DE42156350754976DD563D02CDE4 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx
13:31:24.0818 3776  C:\Program Files (x86)\Malwarebytes' Anti-Malware\vbalsgrid6.ocx - ok
13:31:24.0818 3776  [ 60B241EFB669D286C9BF636A0334B3BA ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
13:31:24.0818 3776  C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe - ok
13:31:24.0818 3776  [ C13B42E5692C98A2660135E4BEB26A1A ] C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
13:31:24.0818 3776  C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe - ok
13:31:24.0834 3776  [ EB819EC79D3D913E30FF5558CF04A8B9 ] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
13:31:24.0834 3776  C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe - ok
13:31:24.0834 3776  [ 066A45353BD148036E3CF13CF5BC6448 ] C:\Users\Jaycen\AppData\Local\Temp\gw2cache-{A30B7E6D-7DB0-1601-6E7E-0BA3B07D0116}\icudt.dll
13:31:24.0834 3776  C:\Users\Jaycen\AppData\Local\Temp\gw2cache-{A30B7E6D-7DB0-1601-6E7E-0BA3B07D0116}\icudt.dll - ok
13:31:24.0834 3776  [ 4CD54B5CBA86E468593BB23BD3A99673 ] C:\Program Files (x86)\Virtual Villagers - The Lost Children\Virtual Villagers - The Lost Children.exe
13:31:24.0834 3776  C:\Program Files (x86)\Virtual Villagers - The Lost Children\Virtual Villagers - The Lost Children.exe - ok
13:31:24.0834 3776  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
13:31:24.0834 3776  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
13:31:24.0849 3776  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
13:31:24.0849 3776  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
13:31:24.0849 3776  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
13:31:24.0849 3776  C:\Windows\System32\qmgr.dll - ok
13:31:24.0849 3776  [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
13:31:24.0849 3776  C:\Windows\SysWOW64\perfdisk.dll - ok
13:31:24.0865 3776  [ 0F44172A5B34E8F208CD0F209EDD4A73 ] C:\Windows\SysWOW64\ieapfltr.dll
13:31:24.0865 3776  C:\Windows\SysWOW64\ieapfltr.dll - ok
13:31:24.0865 3776  [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\SysWOW64\NlsData0000.dll
13:31:24.0865 3776  C:\Windows\SysWOW64\NlsData0000.dll - ok
13:31:24.0865 3776  [ 090CA0740FBDED908A360D2CAEEE68AD ] C:\Program Files (x86)\Microsoft Lync\Uc.dll
13:31:24.0865 3776  C:\Program Files (x86)\Microsoft Lync\Uc.dll - ok
13:31:24.0880 3776  [ 8E6C86726B67D3FAA3144849B9AAC06C ] C:\Program Files (x86)\Java\jre6\bin\ssv.dll
13:31:24.0880 3776  C:\Program Files (x86)\Java\jre6\bin\ssv.dll - ok
13:31:24.0880 3776  [ F9A39F86233AD624B540C9F01CC6B3A8 ] C:\Program Files (x86)\Microsoft Lync\CURes.dll
13:31:24.0880 3776  C:\Program Files (x86)\Microsoft Lync\CURes.dll - ok
13:31:24.0880 3776  [ A9770771B622A871643EA2A4A3983E95 ] C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
13:31:24.0880 3776  C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll - ok
13:31:24.0896 3776  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
13:31:24.0896 3776  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
13:31:24.0896 3776  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
13:31:24.0896 3776  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
13:31:24.0896 3776  [ 2CC797D0A19D57A076D88F90AE89A802 ] C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll
13:31:24.0896 3776  C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll - ok
13:31:24.0912 3776  [ 254EEFA92A3438879E2A80BD76B0378F ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
13:31:24.0912 3776  C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
13:31:24.0912 3776  [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
13:31:24.0912 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
13:31:24.0912 3776  [ 65D09D8BC91D74C8800725EB33D1EE1B ] C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
13:31:24.0912 3776  C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll - ok
13:31:24.0927 3776  [ B90116192908CEA3940217554579FDF3 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll
13:31:24.0927 3776  C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll - ok
13:31:24.0927 3776  [ CC6771BAD1DF35B683E80F5E10ADE010 ] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.dll
13:31:24.0927 3776  C:\Windows\System32\Macromed\Flash\FlashUtil64_11_7_700_224_ActiveX.dll - ok
13:31:24.0927 3776  [ 94A8C6679BFB9366CDE42C4F96A9BF8A ] C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\language.dll
13:31:24.0927 3776  C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Game\language.dll - ok
13:31:24.0943 3776  [ 501F5BB8DA9104CC6A2C8195C2E0230F ] C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\msoidcli.dll
13:31:24.0943 3776  C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\msoidcli.dll - ok
13:31:24.0943 3776  [ D7999068E94589045BB8C5380AC79937 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
13:31:24.0943 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll - ok
13:31:24.0943 3776  [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
13:31:24.0943 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
13:31:24.0958 3776  [ 85A2F736D68412184C41AFCC185F0584 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
13:31:24.0958 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll - ok
13:31:24.0958 3776  [ 370349F79315D4DB86CD992CACEFEE61 ] C:\Windows\SysWOW64\VAN.dll
13:31:24.0958 3776  C:\Windows\SysWOW64\VAN.dll - ok
13:31:24.0974 3776  [ 828B4A41BE891A7AEC07E693422B4A3A ] C:\Windows\SysWOW64\iepeers.dll
13:31:24.0974 3776  C:\Windows\SysWOW64\iepeers.dll - ok
13:31:24.0974 3776  [ 617FFBBB59D5FEB3B1F8552C2E7C1AAE ] C:\Windows\SysWOW64\prnntfy.dll
13:31:24.0974 3776  C:\Windows\SysWOW64\prnntfy.dll - ok
13:31:24.0974 3776  [ 198366199A9F342EF87978D79308B49F ] C:\Windows\SysWOW64\RacEngn.dll
13:31:24.0974 3776  C:\Windows\SysWOW64\RacEngn.dll - ok
13:31:24.0974 3776  [ 726DFDB9E283B0CB78D87DDD7469BAF3 ] C:\Windows\SysWOW64\sendmail.dll
13:31:24.0974 3776  C:\Windows\SysWOW64\sendmail.dll - ok
13:31:24.0990 3776  [ F977BE7B8C5462087374364EAFB3C15B ] C:\Windows\SysWOW64\browseui.dll
13:31:24.0990 3776  C:\Windows\SysWOW64\browseui.dll - ok
13:31:24.0990 3776  [ 60236C8C3B8C2D8B9A59326890533EB8 ] C:\Windows\SysWOW64\sqlceqp30.dll
13:31:24.0990 3776  C:\Windows\SysWOW64\sqlceqp30.dll - ok
13:31:24.0990 3776  [ 13CDD3FF0961A2EC6D9829A1640DD6DC ] C:\Windows\SysWOW64\sqlcese30.dll
13:31:24.0990 3776  C:\Windows\SysWOW64\sqlcese30.dll - ok
13:31:25.0005 3776  [ A79FFFBA93697FB09584F11BD09AB636 ] C:\Windows\SysWOW64\NlsData0018.dll
13:31:25.0005 3776  C:\Windows\SysWOW64\NlsData0018.dll - ok
13:31:25.0005 3776  [ BBC1A5667E102C138133E09E360B391F ] C:\Users\Jaycen\Desktop\Minutor.exe
13:31:25.0005 3776  C:\Users\Jaycen\Desktop\Minutor.exe - ok
13:31:25.0005 3776  [ B6C756FA661C5EB7B3547E60647F87A7 ] C:\Windows\SysWOW64\sqlceoledb30.dll
13:31:25.0005 3776  C:\Windows\SysWOW64\sqlceoledb30.dll - ok
13:31:25.0021 3776  [ A4308D8E2B90C3365B124AD2448ED1A2 ] C:\Windows\SysWOW64\NlsLexicons0018.dll
13:31:25.0021 3776  C:\Windows\SysWOW64\NlsLexicons0018.dll - ok
13:31:25.0021 3776  [ 5A8D771D47C92CFEC4E1656E4FAC2D94 ] C:\Windows\SysWOW64\en-US\crypt32.dll.mui
13:31:25.0021 3776  C:\Windows\SysWOW64\en-US\crypt32.dll.mui - ok
13:31:25.0021 3776  [ 44C1CB979C80E44425AB832B522A463F ] C:\Program Files\Paint.NET\PaintDotNet.exe
13:31:25.0021 3776  C:\Program Files\Paint.NET\PaintDotNet.exe - ok
13:31:25.0036 3776  [ 1C018F218814B7A743A4036C309C6BD3 ] C:\Users\Jaycen\Desktop\BarCodeGenerator1.70.exe
13:31:25.0036 3776  C:\Users\Jaycen\Desktop\BarCodeGenerator1.70.exe - ok
13:31:25.0036 3776  [ 79E485E1361DA3CBE01FF760867F1D26 ] C:\Program Files (x86)\Windows Defender\MpOAV.dll
13:31:25.0036 3776  C:\Program Files (x86)\Windows Defender\MpOAV.dll - ok
13:31:25.0036 3776  [ 5CB17097A5752337977A9A7FED3A06E5 ] C:\Users\Jaycen\AppData\Roaming\Spotify\spotify.exe
13:31:25.0036 3776  C:\Users\Jaycen\AppData\Roaming\Spotify\spotify.exe - ok
13:31:25.0052 3776  [ EE7EB150F681742CACB420E6D4522B0F ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
13:31:25.0052 3776  C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
13:31:25.0052 3776  [ 5397E32E882C0148CEC13D9EACFB7157 ] C:\Program Files (x86)\Internet Explorer\ielowutil.exe
13:31:25.0052 3776  C:\Program Files (x86)\Internet Explorer\ielowutil.exe - ok
13:31:25.0052 3776  [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
13:31:25.0052 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
13:31:25.0068 3776  [ 5BACFD51D926774C8DD8028BEC9B4374 ] C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe
13:31:25.0068 3776  C:\Program Files\Microsoft Games\Solitaire\Solitaire.exe - ok
13:31:25.0068 3776  [ BE92A8B17EC519DC3275EA2F20F978D4 ] C:\Program Files (x86)\StarCraft II\Support\SC2Switcher.exe
13:31:25.0068 3776  C:\Program Files (x86)\StarCraft II\Support\SC2Switcher.exe - ok
13:31:25.0068 3776  [ E5BC8D93CDCB957146D971647849A154 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
13:31:25.0068 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
13:31:25.0083 3776  [ A8C05DD686FD7521914AAE742DECB0DA ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
13:31:25.0083 3776  C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
13:31:25.0083 3776  [ 5C0A02A7121D006F3333B15163785FE5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
13:31:25.0083 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
13:31:25.0083 3776  [ B87550CEE787769723D1C38959896E9D ] C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
13:31:25.0083 3776  C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - ok
13:31:25.0099 3776  [ A05B711DD9740A58108D880419C2B29B ] C:\Program Files (x86)\Virtual Villagers - A New Home\VirtualVillagers.exe
13:31:25.0099 3776  C:\Program Files (x86)\Virtual Villagers - A New Home\VirtualVillagers.exe - ok
13:31:25.0099 3776  [ 9383D302F0D95DB0802308CF250727F3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
13:31:25.0099 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
13:31:25.0099 3776  [ BE7E39CF6724F6D3624E712BBD548942 ] C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.CoreLibrary.dll
13:31:25.0099 3776  C:\Program Files (x86)\Garmin\Express Tray\Garmin.Cartography.MapUpdate.CoreLibrary.dll - ok
13:31:25.0114 3776  [ 7E4CC6A1664CEF7B079CBC57A97E18CE ] C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Clone Campaigns\CloneCampaigns.exe
13:31:25.0114 3776  C:\Program Files (x86)\LucasArts\Star Wars Galactic Battlegrounds Saga\Clone Campaigns\CloneCampaigns.exe - ok
13:31:25.0114 3776  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
13:31:25.0114 3776  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
13:31:25.0114 3776  [ 5CA2A1DBE29AEA7F0B5D2848A8D03F58 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
13:31:25.0114 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll - ok
13:31:25.0130 3776  [ 26AB758A436043CD057BB46E68C7A1D6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll
13:31:25.0130 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll - ok
13:31:25.0130 3776  [ F2AAF9B8A2BC70B3CA84E73771D7BD5D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
13:31:25.0130 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll - ok
13:31:25.0130 3776  [ FFEAB093FDFF1D8FCDE89A812ED2CEE8 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
13:31:25.0130 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll - ok
13:31:25.0146 3776  [ B45F3D98A83B6E17599FD8E70ED5D9AE ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
13:31:25.0146 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll - ok
13:31:25.0146 3776  [ 7882BA2B3492FFFA6FA5526C672C6F99 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll
13:31:25.0146 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll - ok
13:31:25.0161 3776  [ 3E36A1D5E18A6938104F356B49216FBF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll
13:31:25.0161 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll - ok
13:31:25.0161 3776  [ F7A7FC8BBE03E2F0F2D6B1A5AF67217B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll
13:31:25.0161 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll - ok
13:31:25.0161 3776  [ A8E62772CF2B709282F416EE016C97C6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll
13:31:25.0161 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll - ok
13:31:25.0177 3776  [ B287571294AF787898BA8AE0D50DE359 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll
13:31:25.0177 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll - ok
13:31:25.0177 3776  [ A4AE86BF5ACE55ED7C8A72CE1A6C020A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll
13:31:25.0177 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll - ok
13:31:25.0177 3776  [ 4BF5F6A133D6BE74C489BC9F53FD115D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dll
13:31:25.0177 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\98e8641e2ca570f03352a91836b0b97a\System.ServiceModel.Routing.ni.dll - ok
13:31:25.0192 3776  [ 7B0A5601AE4B785BBCCDC521AC5CB28C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
13:31:25.0192 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll - ok
13:31:25.0192 3776  [ 77A9FB26C52E3601FDF53A149566C0D4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll
13:31:25.0192 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll - ok
13:31:25.0192 3776  [ 50BB4FBC720D23497EEB5C9DAC497405 ] C:\Windows\SysWOW64\mydocs.dll
13:31:25.0192 3776  C:\Windows\SysWOW64\mydocs.dll - ok
13:31:25.0208 3776  [ 8A45166CD9874463AB76B552C9C2D3AD ] C:\Windows\SysWOW64\IEAdvpack.dll
13:31:25.0208 3776  C:\Windows\SysWOW64\IEAdvpack.dll - ok
13:31:25.0208 3776  [ 4B040C0D9981E9285A55DD373211B76B ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdboot.dll
13:31:25.0208 3776  C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdboot.dll - ok
13:31:25.0208 3776  [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
13:31:25.0208 3776  C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
13:31:25.0224 3776  [ 2B88728D15315DED15598F87A018294B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
13:31:25.0224 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll - ok
13:31:25.0224 3776  [ F3B40E8216522857BDFAC50E78586551 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
13:31:25.0224 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll - ok
13:31:25.0224 3776  [ F13977BE12A0B6E6E24950CB742517AA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll
13:31:25.0224 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll - ok
13:31:25.0239 3776  [ 9A2271587F93006972374C4402049839 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dll
13:31:25.0239 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\0e5d2997438866de453e8b1401d84398\System.ServiceModel.Discovery.ni.dll - ok
13:31:25.0239 3776  [ F67B1B348CBBCB60DAEC276712582E8C ] C:\Windows\SysWOW64\mshtml.tlb
13:31:25.0239 3776  C:\Windows\SysWOW64\mshtml.tlb - ok
13:31:25.0239 3776  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
13:31:25.0239 3776  C:\Windows\SysWOW64\perfos.dll - ok
13:31:25.0255 3776  [ F3FB146CDBDD26FCD0CF7941C547BEE4 ] C:\Windows\SysWOW64\kmddsp.tsp
13:31:25.0255 3776  C:\Windows\SysWOW64\kmddsp.tsp - ok
13:31:25.0255 3776  [ 377F0C1DDBFA6A43CB7E7568BC0ECED0 ] C:\Windows\SysWOW64\unimdm.tsp
13:31:25.0255 3776  C:\Windows\SysWOW64\unimdm.tsp - ok
13:31:25.0255 3776  [ E675DE8CF57D8814218733B3DAE896D7 ] C:\Windows\SysWOW64\uniplat.dll
13:31:25.0255 3776  C:\Windows\SysWOW64\uniplat.dll - ok
13:31:25.0270 3776  [ 0FC7E6C8DFB1052F121638485A675761 ] C:\Windows\SysWOW64\prntvpt.dll
13:31:25.0270 3776  C:\Windows\SysWOW64\prntvpt.dll - ok
13:31:25.0270 3776  [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
13:31:25.0270 3776  C:\Windows\SysWOW64\tapisrv.dll - ok
13:31:25.0270 3776  [ 6A7B5A3EFCCDB53DA41CF6838056990F ] C:\Windows\SysWOW64\XpsPrint.dll
13:31:25.0270 3776  C:\Windows\SysWOW64\XpsPrint.dll - ok
13:31:25.0286 3776  [ E2F6CC0D191361EE94FEA3957653F531 ] C:\Windows\SysWOW64\hidphone.tsp
13:31:25.0286 3776  C:\Windows\SysWOW64\hidphone.tsp - ok
13:31:25.0286 3776  [ EBB39C5DDDA4D7C080FA580768867195 ] C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
13:31:25.0286 3776  C:\Program Files (x86)\Internet Explorer\jsdbgui.dll - ok
13:31:25.0286 3776  [ 811D39FA9970E893FA53B20964C08FAD ] C:\Program Files (x86)\Internet Explorer\iedvtool.dll
13:31:25.0286 3776  C:\Program Files (x86)\Internet Explorer\iedvtool.dll - ok
13:31:25.0302 3776  [ E8FC0E6A8C99C63603253AF60D2A8695 ] C:\Windows\SysWOW64\esrb.rs
13:31:25.0302 3776  C:\Windows\SysWOW64\esrb.rs - ok
13:31:25.0302 3776  [ AA11A26692E0DB2996CAEFE9EC61F61F ] C:\Windows\SysWOW64\ndptsp.tsp
13:31:25.0302 3776  C:\Windows\SysWOW64\ndptsp.tsp - ok
13:31:25.0302 3776  [ 04304C8E3F8F47FBC05D789871427A71 ] C:\Windows\SysWOW64\MSOIDSSP.DLL
13:31:25.0302 3776  C:\Windows\SysWOW64\MSOIDSSP.DLL - ok
13:31:25.0317 3776  [ 50B7051CDF0A0669CB344705D9049231 ] C:\Windows\SysWOW64\en-US\WerFault.exe.mui
13:31:25.0317 3776  C:\Windows\SysWOW64\en-US\WerFault.exe.mui - ok
13:31:25.0317 3776  [ 142BBD9373F7F278C5D9ECA6756BA8A8 ] C:\Users\Jaycen\AppData\Roaming\Spotify\Data\libcef.dll
13:31:25.0317 3776  C:\Users\Jaycen\AppData\Roaming\Spotify\Data\libcef.dll - ok
13:31:25.0317 3776  [ 2973B4EB7BE10A0D491B2037DCAAE88F ] C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
13:31:25.0317 3776  C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe - ok
13:31:25.0333 3776  [ 2305BFF2966D73694972FD7531BC5BAA ] C:\Windows\SysWOW64\SndVol.exe
13:31:25.0333 3776  C:\Windows\SysWOW64\SndVol.exe - ok
13:31:25.0333 3776  [ 9DF9B31EAC1669F244C02B61F10D123A ] C:\Windows\SysWOW64\printui.dll
13:31:25.0333 3776  C:\Windows\SysWOW64\printui.dll - ok
13:31:25.0333 3776  [ E6E271C5BCEADA7DE47B83B08B765A17 ] C:\Windows\Branding\Basebrd\basebrd.dll
13:31:25.0333 3776  C:\Windows\Branding\Basebrd\basebrd.dll - ok
13:31:25.0348 3776  [ 045D0F4F41CA53D4CB22BDC814A22B64 ] C:\Program Files (x86)\Steam\bin\icudt.dll
13:31:25.0348 3776  C:\Program Files (x86)\Steam\bin\icudt.dll - ok
13:31:25.0348 3776  [ 2C965B3B61FCEB9AD24B7CF754F0A7E5 ] C:\Windows\SysWOW64\en-US\jscript9.dll.mui
13:31:25.0348 3776  C:\Windows\SysWOW64\en-US\jscript9.dll.mui - ok
13:31:25.0348 3776  [ 173C217E677C4B0C4F8A6D54BA13BF9B ] C:\Program Files (x86)\Steam\CSERHelper.dll
13:31:25.0348 3776  C:\Program Files (x86)\Steam\CSERHelper.dll - ok
13:31:25.0364 3776  [ B3977C2C7FE7FD9C7D1BD2D6F366C240 ] C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll
13:31:25.0364 3776  C:\Program Files (x86)\Java\jre6\bin\wsdetect.dll - ok
13:31:25.0364 3776  [ 7E28AF47DD4E878271ABCAE01071FA07 ] C:\Program Files (x86)\Microsoft Office\Office12\MSOHEV.DLL
13:31:25.0364 3776  C:\Program Files (x86)\Microsoft Office\Office12\MSOHEV.DLL - ok
13:31:25.0364 3776  [ 6C8C001EF62CEFA7E333AF8D0AAED564 ] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
13:31:25.0364 3776  C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE - ok
13:31:25.0364 3776  [ E8749EF457F685B8919BB8398BC0EF91 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\UcAddinRes.dll
13:31:25.0364 3776  C:\Program Files (x86)\Microsoft Lync\MUI\0409\UcAddinRes.dll - ok
13:31:25.0380 3776  [ 3A9FBA6005BC10EF8D1E61B9FE589505 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSDATA0009.DLL
13:31:25.0380 3776  C:\Program Files (x86)\Microsoft Office\Office12\NLSDATA0009.DLL - ok
13:31:25.0380 3776  [ BEF1EAD605CF791FDBB48ADD71075509 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\WWINTL.DLL
13:31:25.0380 3776  C:\Program Files (x86)\Microsoft Office\Office12\1033\WWINTL.DLL - ok
13:31:25.0380 3776  [ 707F023159B541EAD5DD6ADB2E605443 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSMODELS0009.dll
13:31:25.0380 3776  C:\Program Files (x86)\Microsoft Office\Office12\NLSMODELS0009.dll - ok
13:31:25.0395 3776  [ 1A514CA70E5FAF1CEC2F51CDAB1367A7 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll
13:31:25.0395 3776  C:\Program Files (x86)\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll - ok
13:31:25.0395 3776  [ 8FA9A16022A664F536B616130B2EA866 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
13:31:25.0395 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL - ok
13:31:25.0395 3776  [ 1A8B4857F2CAAED89E16B1ED1F24930D ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\RICHED20.DLL
13:31:25.0395 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\RICHED20.DLL - ok
13:31:25.0411 3776  [ C2B290CE6B81520B96377E890F4C021C ] C:\Program Files (x86)\Common Files\microsoft shared\PROOF\1033\MSGR3EN.DLL
13:31:25.0411 3776  C:\Program Files (x86)\Common Files\microsoft shared\PROOF\1033\MSGR3EN.DLL - ok
13:31:25.0411 3776  [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL
13:31:25.0411 3776  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok
13:31:25.0411 3776  [ 41DF7355A5A907E2C1D7804EC028965D ] C:\Windows\System32\wermgr.exe
13:31:25.0411 3776  C:\Windows\System32\wermgr.exe - ok
13:31:25.0426 3776  [ C3C34087258D99DBC2160BFB089A5025 ] C:\Windows\SysWOW64\en-US\werui.dll.mui
13:31:25.0426 3776  C:\Windows\SysWOW64\en-US\werui.dll.mui - ok
13:31:25.0426 3776  [ AC61CBEF0376F080588968476D063D45 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll
13:31:25.0426 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smipi.dll - ok
13:31:25.0426 3776  [ C5D0AEC12FED8323E1AE2E40C129F2D6 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll
13:31:25.0426 3776  C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\smiengine.dll - ok
13:31:25.0442 3776  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
13:31:25.0442 3776  C:\Windows\System32\timedate.cpl - ok
13:31:25.0442 3776  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
13:31:25.0442 3776  C:\Windows\System32\actxprxy.dll - ok
13:31:25.0442 3776  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
13:31:25.0442 3776  C:\Windows\System32\shdocvw.dll - ok
13:31:25.0458 3776  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
13:31:25.0458 3776  C:\Windows\System32\gameux.dll - ok
13:31:25.0458 3776  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
13:31:25.0458 3776  C:\Windows\System32\msftedit.dll - ok
13:31:25.0458 3776  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
13:31:25.0458 3776  C:\Windows\System32\msls31.dll - ok
13:31:25.0473 3776  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
13:31:25.0473 3776  C:\Windows\System32\thumbcache.dll - ok
13:31:25.0473 3776  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
13:31:25.0473 3776  C:\Windows\System32\msiltcfg.dll - ok
13:31:25.0473 3776  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\31858509.sys
13:31:25.0473 3776  C:\Windows\System32\drivers\31858509.sys - ok
13:31:25.0489 3776  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
13:31:25.0489 3776  C:\Windows\System32\DeviceCenter.dll - ok
13:31:25.0489 3776  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
13:31:25.0489 3776  C:\Windows\System32\dsound.dll - ok
13:31:25.0489 3776  [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
13:31:25.0489 3776  C:\Windows\System32\opengl32.dll - ok
13:31:25.0504 3776  [ 00000000000000000000000000000000 ] C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe
13:31:25.0504 3776  C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe - ok
13:31:25.0504 3776  [ 254E0CCB24D8E48479A8A387C77CA356 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
13:31:25.0504 3776  C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe - ok
13:31:25.0504 3776  [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
13:31:25.0504 3776  C:\Windows\System32\glu32.dll - ok
13:31:25.0520 3776  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
13:31:25.0520 3776  C:\Windows\System32\ddraw.dll - ok
13:31:25.0520 3776  [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
13:31:25.0520 3776  C:\Windows\System32\dciman32.dll - ok
13:31:25.0520 3776  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
13:31:25.0520 3776  C:\Windows\System32\UIAnimation.dll - ok
13:31:25.0536 3776  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
13:31:25.0536 3776  C:\Windows\System32\msimg32.dll - ok
13:31:25.0536 3776  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
13:31:25.0536 3776  C:\Windows\System32\oledlg.dll - ok
13:31:25.0536 3776  [ 299634B6ACAA2795E2AB4A3F935B026E ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll
13:31:25.0536 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\jetvm\jvm.dll - ok
13:31:25.0551 3776  [ 72292AE254AD01236143E750D8952D03 ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
13:31:25.0551 3776  C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe - ok
13:31:25.0551 3776  [ C17CF1E7ED495ADE9E2BBB07AA592D92 ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\hpi.dll
13:31:25.0551 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\bin\hpi.dll - ok
13:31:25.0551 3776  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:31:25.0551 3776  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
13:31:25.0567 3776  [ 0DB1D42E30AA8DA79E2E29664FEB64D1 ] C:\Users\Jaycen\AppData\Local\Autobahn\rt\jetrt\baseline720.dll
13:31:25.0567 3776  C:\Users\Jaycen\AppData\Local\Autobahn\rt\jetrt\baseline720.dll - ok
13:31:25.0567 3776  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
13:31:25.0567 3776  C:\Windows\System32\AudioEng.dll - ok
13:31:25.0567 3776  [ B20AE6BF86871EDAD0AB2342E0C98F11 ] C:\Program Files (x86)\Microsoft Lync\psom.dll
13:31:25.0567 3776  C:\Program Files (x86)\Microsoft Lync\psom.dll - ok
13:31:25.0582 3776  [ 85218271191D2B11D3E6B40C8D9257B3 ] C:\Program Files (x86)\Microsoft Lync\ocimport.dll
13:31:25.0582 3776  C:\Program Files (x86)\Microsoft Lync\ocimport.dll - ok
13:31:25.0582 3776  [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
13:31:25.0582 3776  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
13:31:25.0582 3776  [ 20ECAC7791DCBA69121631CB627E5A96 ] C:\Windows\System32\mf.dll
13:31:25.0582 3776  C:\Windows\System32\mf.dll - ok
13:31:25.0598 3776  [ 44E27C2346456B3618600BDD05207031 ] C:\Windows\SysWOW64\MP4SDECD.DLL
13:31:25.0598 3776  C:\Windows\SysWOW64\MP4SDECD.DLL - ok
13:31:25.0598 3776  [ 5A43235C607BA2AD3BC4394ACC22D26E ] C:\Windows\System32\MP4SDECD.DLL
13:31:25.0598 3776  C:\Windows\System32\MP4SDECD.DLL - ok
13:31:25.0598 3776  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
13:31:25.0598 3776  C:\Windows\System32\stobject.dll - ok
13:31:25.0614 3776  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
13:31:25.0614 3776  C:\Windows\System32\batmeter.dll - ok
13:31:25.0614 3776  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
13:31:25.0614 3776  C:\Windows\System32\prnfldr.dll - ok
13:31:25.0614 3776  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
13:31:25.0614 3776  C:\Windows\System32\fdProxy.dll - ok
13:31:25.0629 3776  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
13:31:25.0629 3776  C:\Windows\System32\Syncreg.dll - ok
13:31:25.0629 3776  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
13:31:25.0629 3776  C:\Windows\System32\netshell.dll - ok
13:31:25.0629 3776  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
13:31:25.0629 3776  C:\Windows\System32\AltTab.dll - ok
13:31:25.0629 3776  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
13:31:25.0629 3776  C:\Windows\System32\WPDShServiceObj.dll - ok
13:31:25.0645 3776  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
13:31:25.0645 3776  C:\Windows\System32\mssprxy.dll - ok
13:31:25.0645 3776  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
13:31:25.0645 3776  C:\Windows\System32\pnidui.dll - ok
13:31:25.0645 3776  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
13:31:25.0645 3776  C:\Windows\System32\QUTIL.DLL - ok
13:31:25.0660 3776  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
13:31:25.0660 3776  C:\Windows\System32\srchadmin.dll - ok
13:31:25.0660 3776  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
13:31:25.0660 3776  C:\Windows\System32\rasdlg.dll - ok
13:31:25.0660 3776  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
13:31:25.0660 3776  C:\Windows\System32\mprapi.dll - ok
13:31:25.0676 3776  [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
13:31:25.0676 3776  C:\Windows\System32\webcheck.dll - ok
13:31:25.0676 3776  [ AB2F2F56064E8AA8634C790956860A3D ] C:\Windows\System32\ieframe.dll
13:31:25.0676 3776  C:\Windows\System32\ieframe.dll - ok
13:31:25.0676 3776  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
13:31:25.0676 3776  C:\Windows\System32\dot3api.dll - ok
13:31:25.0692 3776  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
13:31:25.0692 3776  C:\Windows\System32\eappcfg.dll - ok
13:31:25.0692 3776  [ 4201B963DB8A56DF7CEDFC9182E1CA29 ] C:\Windows\SysWOW64\wbem\wbemdisp.tlb
13:31:25.0692 3776  C:\Windows\SysWOW64\wbem\wbemdisp.tlb - ok
13:31:25.0692 3776  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
13:31:25.0692 3776  C:\Windows\System32\wlanhlp.dll - ok
13:31:25.0707 3776  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
13:31:25.0707 3776  C:\Windows\System32\onex.dll - ok
13:31:25.0707 3776  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
13:31:25.0707 3776  C:\Windows\System32\eappprxy.dll - ok
13:31:25.0707 3776  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
13:31:25.0707 3776  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
13:31:25.0723 3776  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
13:31:25.0723 3776  C:\Windows\System32\mlang.dll - ok
13:31:25.0723 3776  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
13:31:25.0723 3776  C:\Windows\System32\SyncCenter.dll - ok
13:31:25.0723 3776  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
13:31:25.0723 3776  C:\Windows\System32\ActionCenter.dll - ok
13:31:25.0738 3776  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
13:31:25.0738 3776  C:\Windows\System32\WWanAPI.dll - ok
13:31:25.0738 3776  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
13:31:25.0738 3776  C:\Windows\System32\wwapi.dll - ok
13:31:25.0738 3776  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
13:31:25.0738 3776  C:\Windows\System32\QAGENT.DLL - ok
13:31:25.0754 3776  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
13:31:25.0754 3776  C:\Windows\System32\imapi2.dll - ok
13:31:25.0754 3776  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
13:31:25.0754 3776  C:\Windows\System32\bthprops.cpl - ok
13:31:25.0754 3776  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
13:31:25.0754 3776  C:\Windows\System32\hgcpl.dll - ok
13:31:25.0770 3776  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
13:31:25.0770 3776  C:\Windows\System32\fdWSD.dll - ok
13:31:25.0770 3776  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
13:31:25.0770 3776  C:\Windows\System32\fdSSDP.dll - ok
13:31:25.0770 3776  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
13:31:25.0770 3776  C:\Windows\System32\P2P.dll - ok
13:31:25.0770 3776  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
13:31:25.0770 3776  C:\Windows\System32\p2pcollab.dll - ok
13:31:25.0785 3776  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
13:31:25.0785 3776  C:\Windows\System32\fveui.dll - ok
13:31:25.0785 3776  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
13:31:25.0785 3776  C:\Windows\System32\P2PGraph.dll - ok
13:31:25.0785 3776  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
13:31:25.0785 3776  C:\Windows\System32\FXSAPI.dll - ok
13:31:25.0801 3776  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
13:31:25.0801 3776  C:\Windows\System32\FXSRESM.dll - ok
13:31:25.0801 3776  [ 7D1D836D9DE6007FF2E6873312EF6D74 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\46c1da3f2c4c666140a414394e1cb20b\System.WorkflowServices.ni.dll
13:31:25.0801 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\46c1da3f2c4c666140a414394e1cb20b\System.WorkflowServices.ni.dll - ok
13:31:25.0801 3776  [ 5B7498E3C2742EEB2453D3B85E4C851E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\66cd1f52f3d80e02efa25c0fd795a278\System.ServiceModel.Web.ni.dll
13:31:25.0801 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\66cd1f52f3d80e02efa25c0fd795a278\System.ServiceModel.Web.ni.dll - ok
13:31:25.0816 3776  [ CA83CCA59BCC9789636C63FD346A42A7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dll
13:31:25.0816 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\4dbbfceeddfc9180d5f621f0fc586e2c\System.ServiceModel.Activities.ni.dll - ok
13:31:25.0816 3776  [ 902A72263F43B880AE8283A14E253A7F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dll
13:31:25.0816 3776  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\3a75004c8363a598f4997686c16ae55e\System.ServiceModel.Channels.ni.dll - ok
13:31:25.0816 3776  [ FD435DF8C9CA7A49CCBF7CD2F7627739 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
13:31:25.0816 3776  C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
13:31:25.0832 3776  [ 41962D5E18E9874390BC1F074571A6BB ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
13:31:25.0832 3776  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
13:31:25.0832 3776  [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
13:31:25.0832 3776  C:\Windows\System32\drttransport.dll - ok
13:31:25.0832 3776  [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
13:31:25.0832 3776  C:\Windows\System32\drt.dll - ok
13:31:25.0848 3776  ============================================================
13:31:25.0848 3776  Scan finished
13:31:25.0848 3776  ============================================================
13:31:25.0848 3764  Detected object count: 2
13:31:25.0848 3764  Actual detected object count: 2
13:32:20.0089 3764  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:20.0089 3764  AdobeFlashPlayerUpdateSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:32:20.0089 3764  HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
13:32:20.0089 3764  HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:33:13.0862 1572  Deinitialize success
 

There was no option to Cure, so I closed the program.

Link to post
Share on other sites

Hopefully I've followed your instructions faithfully, so far.  If not, please let me know and I'll happily correct the error.

 

Here's the fresh DDS logs:

 

DDS.TXT:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16611
Run by Jaycen at 13:38:28 on 2013-07-04
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3581.2149 [GMT -5:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\schtasks.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Plantronics\GameCom780\GameCom780.exe
C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe
C:\Windows\splwow64.exe
"c:\windows\syswow64\svchost.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"c:\windows\syswow64\svchost.exe"
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uURLSearchHooks: {cce665dd-f6dd-4808-968e-eaec971f70ef} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [sansaDispatch] C:\Users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [spwmod] C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
StartupFolder: C:\Users\Jaycen\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\NEXDEF~1.LNK - C:\Users\Jaycen\AppData\Local\Autobahn\nexdef.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.




TCP: NameServer = 192.168.1.254
TCP: Interfaces\{01E3B9D4-F934-4859-A6D6-A77A8E1ADCAC} : DHCPNameServer = 192.168.1.254
AppInit_DLLs= c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GamecomSound] C:\Program Files\Plantronics\GameCom780\GameCom780.exe
.
INFO: x64-HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1    www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theblaze.com/|http://pjmedia.com/|http://www.video.theblaze.com/schedule/index.jsp|http://gibiru.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Virtual Earth 3D\npVE3D.dll
FF - plugin: C:\Users\Jaycen\AppData\Local\Roblox\Versions\version-314fd073d6d74dcc\NPRobloxProxy.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
FF - ExtSQL: 2013-05-08 23:22; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-06-20 23:08; tinyurl.addon@fast-chat.co.uk; C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi
FF - ExtSQL: 2013-06-29 03:48; firefox@ghostery.com; C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-07-03 22:22; {ada4b710-8346-4b82-8199-5de2b400a6ae}; C:\Users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2012-5-1 79488]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2012-5-1 40064]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2012-5-1 21616]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-7-28 204288]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-7-28 361984]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-13 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-11-13 701512]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-8-17 2024864]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2012-5-1 46136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2012-11-13 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-5-1 565352]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2012-5-1 47232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2010-1-20 87552]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2010-1-20 14592]
S3 Garmin Core Update Service;Garmin Core Update Service;C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [2013-3-27 185688]
S3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-6-28 8704]
S3 PlantronicsGC;PLTGC Interface;C:\Windows\System32\drivers\PLTGC.sys [2012-12-25 1327104]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-5-1 1255736]
.
=============== Created Last 30 ================
.
2013-07-04 17:49:05    98    ----a-w-    C:\Windows\DeleteOnReboot.bat
2013-07-04 17:24:16    --------    d-----w-    C:\Windows\ERUNT
2013-07-04 17:24:12    --------    d-----w-    C:\JRT
2013-07-04 15:31:02    61440    ----a-w-    C:\Windows\SysWow64\drivers\jacbf.sys
2013-07-04 15:26:45    61440    ----a-w-    C:\Windows\SysWow64\drivers\qvmhay.sys
2013-07-02 16:50:23    9552976    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll
2013-06-27 02:46:31    --------    d-----w-    C:\Program Files (x86)\Virtual Villagers - The Secret City
2013-06-27 02:43:52    --------    d-----w-    C:\Program Files (x86)\Virtual Villagers - The Lost Children
2013-06-16 18:31:01    --------    d-----w-    C:\Users\Jaycen\AppData\Roaming\Garmin
2013-06-16 18:30:32    --------    d-----w-    C:\Users\Jaycen\AppData\Local\Garmin
2013-06-16 18:30:13    --------    d-----w-    C:\ProgramData\Garmin
2013-06-16 18:30:12    --------    d-----w-    C:\Program Files (x86)\Garmin
2013-06-15 17:34:14    139776    ----a-w-    C:\Users\Jaycen\AppData\Roaming\browserudp.dll
2013-06-13 16:30:23    163328    ----a-w-    C:\Windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-12 08:03:49    751104    ----a-w-    C:\Windows\System32\win32spl.dll
2013-06-12 08:03:49    492544    ----a-w-    C:\Windows\SysWow64\win32spl.dll
2013-06-12 08:03:49    1910632    ----a-w-    C:\Windows\System32\drivers\tcpip.sys
2013-06-12 08:03:48    903168    ----a-w-    C:\Windows\SysWow64\certutil.exe
2013-06-12 08:03:48    1464320    ----a-w-    C:\Windows\System32\crypt32.dll
2013-06-12 08:03:48    1192448    ----a-w-    C:\Windows\System32\certutil.exe
2013-06-12 08:03:48    1160192    ----a-w-    C:\Windows\SysWow64\crypt32.dll
2013-06-12 08:03:47    52224    ----a-w-    C:\Windows\System32\certenc.dll
2013-06-12 08:03:47    43008    ----a-w-    C:\Windows\SysWow64\certenc.dll
2013-06-12 08:03:47    184320    ----a-w-    C:\Windows\System32\cryptsvc.dll
2013-06-12 08:03:47    140288    ----a-w-    C:\Windows\SysWow64\cryptsvc.dll
2013-06-12 08:03:47    139776    ----a-w-    C:\Windows\System32\cryptnet.dll
2013-06-12 08:03:47    103936    ----a-w-    C:\Windows\SysWow64\cryptnet.dll
.
==================== Find3M  ====================
.
2013-06-14 12:08:38    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 12:08:38    692104    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-08 12:28:46    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2013-06-08 11:13:19    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2013-05-27 19:49:45    382261200    ----a-w-    C:\Users\Jaycen\AppData\Roaming\gwvkozrp.exe
2013-05-17 01:25:57    1767936    ----a-w-    C:\Windows\SysWow64\wininet.dll
2013-05-17 01:25:27    2877440    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2013-05-17 01:25:26    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2013-05-17 01:25:26    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2013-05-17 00:59:03    2241024    ----a-w-    C:\Windows\System32\wininet.dll
2013-05-17 00:58:10    3958784    ----a-w-    C:\Windows\System32\jscript9.dll
2013-05-17 00:58:08    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2013-05-17 00:58:08    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2013-05-14 12:23:25    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-14 08:40:13    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-05-02 07:06:08    278800    ------w-    C:\Windows\System32\MpSigStub.exe
2013-04-12 14:45:08    1656680    ----a-w-    C:\Windows\System32\drivers\ntfs.sys
2013-04-10 06:01:54    265064    ----a-w-    C:\Windows\System32\drivers\dxgmms1.sys
2013-04-10 06:01:53    983400    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-10 03:30:50    3153920    ----a-w-    C:\Windows\System32\win32k.sys
.
============= FINISH: 13:38:58.64 ===============
 

Attach.txt:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 5/1/2012 11:24:13 AM
System Uptime: 7/4/2013 1:11:08 PM (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. |  | GA-A55M-S2V
Processor: AMD A4-3400 APU with Radeon HD Graphics | Socket M2 | 2700/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 238.682 GiB free.
D: is CDROM (CDFS)
E: is Removable
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 Sansa Media Converter
 Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.22beta
abcAVI
Ace of Spades
Adobe Common File Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 2.1
Adobe Photoshop Elements 5.0
Adobe Premiere Elements 3.0.2
Adobe Premiere Elements 3.0.2 Templates
Adobe Reader X (10.1.7)
AMD APP SDK Runtime
AMD Catalyst Install Manager
AMD Fuel
AMD VISION Engine Control Center
AnswerWorks 5.0 English Runtime
Battlefield Heroes
Best Buy pc app
Big Fish Games: Game Manager
Bing Maps 3D
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Civilization III
Company of Heroes
Company of Heroes (New Steam Version)
Company of Heroes: Tales of Valor
Coupon Printer for Windows
Day of Defeat
Defraggler
Elevated Installer
Finale 2012
Free YouTube Downloader 3.5.136
FTP Surfer
Gadwin PrintScreen
Galactic Civilizations II - Dread Lords
Game Cam 2.6.1.0
GameSpy Comrade
Garmin Express
Garmin Express Tray
Garmin Update Service
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Guild Wars 2
Hi-Rez Studios Authenticate and Update Service
High-Definition Video Playback
Impulse
Java Auto Updater
Java 6 Update 31
JNLP
Kerbal Space Program Demo
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Lync - Welcome
Microsoft Lync 2010
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Word MUI (English) 2007
Microsoft Online Services Sign-in Assistant
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nancy Drew: Ghost Dogs of Moon Lake
Nancy Drew: Tomb of the Lost Queen
Nero 10 Menu TemplatePack Basic
Nero 10 Movie ThemePack Basic
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero CoverDesigner 10
Nero Express 10
Nero Multimedia Suite 10 Essentials
Nero Recode 10
Nero StartSmart 10
Nero Vision 10
NVIDIA PhysX
ON_OFF Charge B11.1102.1
PackMaster
Paint.NET v3.5.10
Pando Media Booster
Plantronics® GameCom 780 Software for Dolby® Headphone
PowerDVD
PunkBuster Services
Quicken 2010
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
ROBLOX Player for Jaycen
Sansa Updater
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Sid Meier's Civilization 4 Gold
Spotify
Star Wars Galactic Battlegrounds: Saga
Star Wars Knights of the Old Republic
Star Wars® Knights of the Old Republic® II: The Sith Lords
Starcraft
StarCraft II
Steam
Stronghold
Stronghold 2
Stronghold Crusader Extreme
Stronghold Legends
Team Fortress 2
TSST OEM Content
TweetDeck
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Virtual Villagers - A New Home (remove only)
Virtual Villagers - The Lost Children 1.0
Virtual Villagers - The Secret City 1.0
Virtual Villagers: The Tree of Life
.
==== Event Viewer Messages From Past Week ========
.
7/4/2013 1:11:41 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  gapux pvajlz
.
==== End Of File ===========================
 

Link to post
Share on other sites

Thanks!

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please post the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

Link to post
Share on other sites

Here's the Combofix log:

 

ComboFix 13-07-04.01 - Jaycen 07/04/2013  19:19:16.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3581.1910 [GMT -5:00]
Running from: c:\users\Jaycen\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
c:\programdata\Amazon.ico
c:\users\Jaycen\AppData\Local\assembly\tmp
c:\users\Jaycen\AppData\Roaming\browserudp.dll
c:\users\Jaycen\AppData\Roaming\gwvkozrp.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-06-05 to 2013-07-05  )))))))))))))))))))))))))))))))
.
.
2013-07-05 00:30 . 2013-07-05 00:30    --------    d-----w-    c:\users\Stacey\AppData\Local\temp
2013-07-05 00:30 . 2013-07-05 00:30    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-07-04 17:49 . 2013-07-04 17:49    98    ----a-w-    c:\windows\DeleteOnReboot.bat
2013-07-04 17:24 . 2013-07-04 17:24    --------    d-----w-    c:\windows\ERUNT
2013-07-04 17:24 . 2013-07-04 17:24    --------    d-----w-    C:\JRT
2013-07-04 15:31 . 2013-07-04 15:31    61440    ----a-w-    c:\windows\SysWow64\drivers\jacbf.sys
2013-07-04 15:26 . 2013-07-04 15:26    61440    ----a-w-    c:\windows\SysWow64\drivers\qvmhay.sys
2013-07-02 16:50 . 2013-06-12 03:08    9552976    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll
2013-06-27 02:46 . 2013-06-27 02:46    --------    d-----w-    c:\program files (x86)\Virtual Villagers - The Secret City
2013-06-27 02:43 . 2013-06-27 02:43    --------    d-----w-    c:\program files (x86)\Virtual Villagers - The Lost Children
2013-06-16 18:31 . 2013-06-16 18:31    --------    d-----w-    c:\users\Jaycen\AppData\Roaming\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\users\Jaycen\AppData\Local\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\programdata\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\program files (x86)\Garmin
2013-06-13 16:30 . 2013-05-28 13:05    163328    ----a-w-    c:\windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-12 08:03 . 2013-05-08 06:39    1910632    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-06-12 08:03 . 2013-04-26 05:51    751104    ----a-w-    c:\windows\system32\win32spl.dll
2013-06-12 08:03 . 2013-04-26 04:55    492544    ----a-w-    c:\windows\SysWow64\win32spl.dll
2013-06-12 08:03 . 2013-05-13 05:51    1464320    ----a-w-    c:\windows\system32\crypt32.dll
2013-06-12 08:03 . 2013-05-13 04:45    1160192    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-06-12 08:03 . 2013-05-13 03:43    1192448    ----a-w-    c:\windows\system32\certutil.exe
2013-06-12 08:03 . 2013-05-13 03:08    903168    ----a-w-    c:\windows\SysWow64\certutil.exe
2013-06-12 08:03 . 2013-05-13 05:51    184320    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-06-12 08:03 . 2013-05-13 05:51    139776    ----a-w-    c:\windows\system32\cryptnet.dll
2013-06-12 08:03 . 2013-05-13 05:50    52224    ----a-w-    c:\windows\system32\certenc.dll
2013-06-12 08:03 . 2013-05-13 04:45    140288    ----a-w-    c:\windows\SysWow64\cryptsvc.dll
2013-06-12 08:03 . 2013-05-13 04:45    103936    ----a-w-    c:\windows\SysWow64\cryptnet.dll
2013-06-12 08:03 . 2013-05-13 03:08    43008    ----a-w-    c:\windows\SysWow64\certenc.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 12:08 . 2012-05-01 18:22    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 12:08 . 2012-05-01 18:22    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 08:01 . 2012-05-01 17:32    75825640    ----a-w-    c:\windows\system32\MRT.exe
2013-05-11 07:02 . 2010-07-20 10:09    18656    ----a-w-    c:\programdata\Microsoft\MSOIdentityCRL\production\msoidconfig.dll
2013-05-02 07:06 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-24 08:35    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 12:30    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 12:30    983400    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 12:30    3153920    ----a-w-    c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"="c:\users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-04-20 613888]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2012-05-30 1842384]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-03-27 1098072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2013-04-11 12107432]
.
c:\users\Jaycen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NexDef Plug-in.lnk - c:\users\Jaycen\AppData\Local\Autobahn\nexdef.exe [2011-8-11 15490560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp
.
R0 gapux;gapux;c:\windows\system32\drivers\qvmhay.sys;c:\windows\SYSNATIVE\drivers\qvmhay.sys [x]
R0 pvajlz;pvajlz;c:\windows\system32\drivers\jacbf.sys;c:\windows\SYSNATIVE\drivers\jacbf.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 PlantronicsGC;PLTGC Interface;c:\windows\system32\drivers\PLTGC.sys;c:\windows\SYSNATIVE\drivers\PLTGC.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 04990031
*NewlyCreated* - 06943774
*Deregistered* - 04990031
*Deregistered* - 06943774
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 23:13    1165776    ----a-w-    c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 13:05]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22 19:39]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22 19:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"GamecomSound"="c:\program files\Plantronics\GameCom780\GameCom780.exe" [2011-12-01 777448]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theblaze.com/|http://pjmedia.com/|http://www.video.theblaze.com/schedule/index.jsp|http://gibiru.com/
FF - ExtSQL: 2013-05-08 23:22; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-06-20 23:08; tinyurl.addon@fast-chat.co.uk; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi
FF - ExtSQL: 2013-06-29 03:48; firefox@ghostery.com; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-07-03 22:22; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-spwmod - c:\users\Jaycen\AppData\Roaming\gwvkozrp.exe
SafeBoot-06943774.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Coupon Printer for Windows5.0.0.2 - c:\program files (x86)\Coupons\uninstall.exe
AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 - c:\program files (x86)\Free YouTube Downloader\unins000.exe
AddRemove-e55b814e55744b76 - c:\programdata\Best Buy pc app\ClickOnceUninstaller.exe
AddRemove-JNLP - c:\windows\system32\javaws.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-07-04  19:40:21
ComboFix-quarantined-files.txt  2013-07-05 00:40
.
Pre-Run: 256,510,398,464 bytes free
Post-Run: 257,513,824,256 bytes free
.
- - End Of File - - 1195F5FBD94E977F9D0B3D450B73335B
A36C5E4F47E84449FF07ED3517B43A31
 

Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Driver::

gapux

jacbf

qvmhay

pvajlz

File::

c:\windows\SysWow64\drivers\jacbf.sys

c:\windows\SysWow64\drivers\qvmhay.sys

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Link to post
Share on other sites

Here's the log:

 

ComboFix 13-07-04.01 - Jaycen 07/05/2013  10:59:37.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3581.1919 [GMT -5:00]
Running from: c:\users\Jaycen\Desktop\ComboFix.exe
Command switches used :: c:\users\Jaycen\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
FILE ::
"c:\windows\SysWow64\drivers\jacbf.sys"
"c:\windows\SysWow64\drivers\qvmhay.sys"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\drivers\jacbf.sys
c:\windows\SysWow64\drivers\qvmhay.sys
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_gapux
-------\Service_pvajlz
.
.
(((((((((((((((((((((((((   Files Created from 2013-06-05 to 2013-07-05  )))))))))))))))))))))))))))))))
.
.
2013-07-05 16:05 . 2013-07-05 16:05    --------    d-----w-    c:\users\Stacey\AppData\Local\temp
2013-07-04 17:49 . 2013-07-04 17:49    98    ----a-w-    c:\windows\DeleteOnReboot.bat
2013-07-04 17:24 . 2013-07-04 17:24    --------    d-----w-    c:\windows\ERUNT
2013-07-04 17:24 . 2013-07-04 17:24    --------    d-----w-    C:\JRT
2013-07-02 16:50 . 2013-06-12 03:08    9552976    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{34350A85-3148-422C-9EDA-DE269CF7E4FA}\mpengine.dll
2013-06-27 02:46 . 2013-06-27 02:46    --------    d-----w-    c:\program files (x86)\Virtual Villagers - The Secret City
2013-06-27 02:43 . 2013-06-27 02:43    --------    d-----w-    c:\program files (x86)\Virtual Villagers - The Lost Children
2013-06-16 18:31 . 2013-06-16 18:31    --------    d-----w-    c:\users\Jaycen\AppData\Roaming\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\users\Jaycen\AppData\Local\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\programdata\Garmin
2013-06-16 18:30 . 2013-06-16 18:30    --------    d-----w-    c:\program files (x86)\Garmin
2013-06-13 16:30 . 2013-05-28 13:05    163328    ----a-w-    c:\windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-12 08:03 . 2013-05-08 06:39    1910632    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-06-12 08:03 . 2013-04-26 05:51    751104    ----a-w-    c:\windows\system32\win32spl.dll
2013-06-12 08:03 . 2013-04-26 04:55    492544    ----a-w-    c:\windows\SysWow64\win32spl.dll
2013-06-12 08:03 . 2013-05-13 05:51    1464320    ----a-w-    c:\windows\system32\crypt32.dll
2013-06-12 08:03 . 2013-05-13 04:45    1160192    ----a-w-    c:\windows\SysWow64\crypt32.dll
2013-06-12 08:03 . 2013-05-13 03:43    1192448    ----a-w-    c:\windows\system32\certutil.exe
2013-06-12 08:03 . 2013-05-13 03:08    903168    ----a-w-    c:\windows\SysWow64\certutil.exe
2013-06-12 08:03 . 2013-05-13 05:51    184320    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-06-12 08:03 . 2013-05-13 05:51    139776    ----a-w-    c:\windows\system32\cryptnet.dll
2013-06-12 08:03 . 2013-05-13 05:50    52224    ----a-w-    c:\windows\system32\certenc.dll
2013-06-12 08:03 . 2013-05-13 04:45    140288    ----a-w-    c:\windows\SysWow64\cryptsvc.dll
2013-06-12 08:03 . 2013-05-13 04:45    103936    ----a-w-    c:\windows\SysWow64\cryptnet.dll
2013-06-12 08:03 . 2013-05-13 03:08    43008    ----a-w-    c:\windows\SysWow64\certenc.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-14 12:08 . 2012-05-01 18:22    71048    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-14 12:08 . 2012-05-01 18:22    692104    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 08:01 . 2012-05-01 17:32    75825640    ----a-w-    c:\windows\system32\MRT.exe
2013-05-11 07:02 . 2010-07-20 10:09    18656    ----a-w-    c:\programdata\Microsoft\MSOIdentityCRL\production\msoidconfig.dll
2013-05-02 07:06 . 2010-11-21 03:27    278800    ------w-    c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-24 08:35    1656680    ----a-w-    c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 12:30    265064    ----a-w-    c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 12:30    983400    ----a-w-    c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 12:30    3153920    ----a-w-    c:\windows\system32\win32k.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"="c:\users\Jaycen\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2013-04-20 613888]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2012-05-30 1842384]
"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-03-27 1098072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2013-04-11 12107432]
.
c:\users\Jaycen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
NexDef Plug-in.lnk - c:\users\Jaycen\AppData\Local\Autobahn\nexdef.exe [2011-8-11 15490560]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages    REG_MULTI_SZ       kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]
R3 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 PlantronicsGC;PLTGC Interface;c:\windows\system32\drivers\PLTGC.sys;c:\windows\SYSNATIVE\drivers\PLTGC.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-19 23:13    1165776    ----a-w-    c:\program files (x86)\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-01 13:05]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22 19:39]
.
2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-22 19:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"GamecomSound"="c:\program files\Plantronics\GameCom780\GameCom780.exe" [2011-12-01 777448]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.theblaze.com/|http://pjmedia.com/|http://www.video.theblaze.com/schedule/index.jsp|http://gibiru.com/
FF - ExtSQL: 2013-05-08 23:22; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-06-20 23:08; tinyurl.addon@fast-chat.co.uk; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi
FF - ExtSQL: 2013-06-29 03:48; firefox@ghostery.com; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\firefox@ghostery.com
FF - ExtSQL: 2013-07-03 22:22; {ada4b710-8346-4b82-8199-5de2b400a6ae}; c:\users\Jaycen\AppData\Roaming\Mozilla\Firefox\Profiles\cjpk6d9q.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-Coupon Printer for Windows5.0.0.2 - c:\program files (x86)\Coupons\uninstall.exe
AddRemove-{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1 - c:\program files (x86)\Free YouTube Downloader\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\CyberLink\Shared Files\RichVideo.exe
c:\windows\SysWOW64\schtasks.exe
.
**************************************************************************
.
Completion time: 2013-07-05  11:14:44 - machine was rebooted
ComboFix-quarantined-files.txt  2013-07-05 16:14
ComboFix2.txt  2013-07-05 00:40
.
Pre-Run: 257,589,268,480 bytes free
Post-Run: 257,301,094,400 bytes free
.
- - End Of File - - D1A0D0E837DF10AC04B5626E389DAD14
A36C5E4F47E84449FF07ED3517B43A31
 

Link to post
Share on other sites

Please scan your machine with ESET OnlineScan

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.

    ESET OnlineScan

  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.

      Save it to your Desktop.

    • Double click on the esetsmartinstaller_enu.png to download the ESET Smart Installer. icon on your Desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under Scan Settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Link to post
Share on other sites

C:\Users\All Users\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe    a variant of Win32/bProtector.A application    
C:\Users\All Users\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe    a variant of Win32/bProtector.A application    
C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe    a variant of Win32/bProtector.A application    cleaned by deleting - quarantined
C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\uninstall.exe    a variant of Win32/bProtector.A application    cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Jaycen\AppData\Roaming\gwvkozrp.exe.vir    a variant of Win32/TrojanDownloader.VB.QEM trojan    cleaned by deleting - quarantined
C:\Users\Jaycen\AppData\Local\Shield\sp.exe    Win32/Adware.SocialPrivacy.A application    cleaned by deleting - quarantined
C:\Users\Jaycen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\305ed24a-21f1e52e    multiple threats    cleaned by deleting - quarantined
C:\Users\Jaycen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\4b87730a-64c0cdfa    a variant of Java/JShrink.A application    cleaned by deleting - quarantined
C:\Users\Jaycen\Downloads\FreeWebMPlayer_Setup.exe    a variant of Win32/Adware.iBryte.G application    cleaned by deleting - quarantined
C:\Users\Jaycen\Downloads\FreeYouTubeDownloaderInstaller.exe    a variant of Win32/Somoto.A application    cleaned by deleting - quarantined
 

Link to post
Share on other sites

It was already done:

cleaned by deleting - quarantined

javaicon.gif Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older versions of Java components and upgrade the application.

Upgrading Java :

Please download JavaRa to your desktop and unzip it to its own folder

  • Run JavaRa.exe, then click Remove JRE.
  • Run the built-in uninstallers for all copies of java listed
  • Click the Next button
  • Click the Next button again
  • Click the Java Manual Download link
  • A browser window will open with the Java download page
  • Click the Windows Offline (32-bit) or Windows Offline (64-bit) link to download Java (based on your browser type)
  • Run the installer
  • Close JavaRa
Link to post
Share on other sites

Malwarebytes is no longer complaining about a naughty program attempting to access the net, but Internet Explorer isn't working anymore.  I use IE and Firefox.  IE will fire up, but if I type an addy in the bar and hit enter, it just sits there and does nothing.

Link to post
Share on other sites

Glad I could help! :)

Step 1

  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
Step 2
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Uninstall
  • Confirm with Yes
Step 3

Please uninstall ESET Online Scanner and manually delete JavaRa .

Step 4

Some malware prevention tips:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing! :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.