Hijack.BitCoinMiner.WMI keeps coming back

mnmlisme · December 6, 2018

Detected this malware in my PC, quarantined it multiple times, but it keeps coming back. I have scan with ADWcleaner too. Restarted. Rescanned with Malwarebytes and it's still there. Please help.

MALWAREBYTES SCAN REPORT

Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/5/18
Scan Time: 7:33 AM
Log File: 08fd9456-f81d-11e8-86e2-4ccc6a6991d9.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.8169
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: serverip\admin

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 262084
Threats Detected: 6
Threats Quarantined: 6
Time Elapsed: 8 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 6
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__FilterToConsumerBinding.Consumer="\\\\.\\root\\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\\\.\\root\\subscription:__EventFilter.Name=\"*****youmm_filter\"", Quarantined, [14210], [591905],1.0.8169
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__EventFilter.Name="*****youmm_filter", Quarantined, [14210], [591905],1.0.8169
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:ActiveScriptEventConsumer.Name="*****youmm_consumer", Quarantined, [14210], [591905],1.0.8169
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__FilterToConsumerBinding.Consumer="\\\\.\\root\\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\\\.\\root\\subscription:__EventFilter.Name=\"*****youmm2_filter\"", Quarantined, [14210], [600617],1.0.8169
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__EventFilter.Name="*****youmm2_filter", Quarantined, [14210], [600617],1.0.8169
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:ActiveScriptEventConsumer.Name="*****youmm2_consumer", Quarantined, [14210], [600617],1.0.8169

(end)

FRST REPORT

Quote

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by admin (administrator) on SERVERIP (05-12-2018 08:36:43)
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Data Dynamics) C:\Program Files (x86)\Common Files\Data Dynamics\ActiveReports Pro\WebCacheService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Smilesoft Studio) C:\SMILESOFT\Smile_Service\Smile_Service.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.116\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-23] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [3523848 2018-07-03] (Paramount Software UK Ltd)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3806016 2018-11-28] (Dropbox, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [Smile_Service] => C:\SMILESOFT\Smile_Service\Smile_Service.exe [483328 2018-01-31] (Smilesoft Studio)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-01-23] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MSI)
HKLM-x32\...\Run: [CheckNDISPort52ac80] => C:\Program Files (x86)\MTN USB MODEM\MTN USB MODEM\CheckNDISPort_df.exe [468736 2015-11-25] ()
HKLM-x32\...\Run: [CancelAutoPlay_df] => C:\Program Files (x86)\MTN USB MODEM\MTN USB MODEM\CancelAutoPlay_df.exe [447744 2015-11-25] ()
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {56520281-f10c-11e8-8284-4ccc6a6991d9} - "D:\Windows\AutoRun.exe"
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {e56ae952-b0a4-11e8-8277-4ccc6a6991d9} - "D:\HiSuiteDownLoader.exe"
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Server_IP_SQL - Shortcut.lnk [2018-03-21]
ShortcutTarget: Server_IP_SQL - Shortcut.lnk -> C:\SMILESOFT\SERVER IP\Server_IP_SQL.exe (Smilesoft Studio)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 118.98.44.100 118.98.44.10
Tcpip\..\Interfaces\{D8B54045-0364-4CD1-94AE-0469B7F95A17}: [DhcpNameServer] 118.98.44.100 118.98.44.10
Tcpip\..\Interfaces\{DA094C28-CF25-44A1-8D81-C8A9C214C43F}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{FBEEDC47-4054-4518-95AF-5E31AB00DEF8}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKU\S-1-5-21-3410419929-280695287-756708859-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/id-id/?ocid=iehp

FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.2.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-24] (NVIDIA Corporation)
FF Plugin-x32: Web Components -> C:\Program Files (x86)\Web Components\npWebVideoPlugin.dll [2015-03-06] ()

Opera:
=======
OPR Extension: (LastPass: Free Password Manager) - C:\Users\admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2018-11-05]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-23] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-23] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-01-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-28] (Dropbox, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-06] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [220840 2015-03-19] (Microsoft Corporation)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4163680 2016-09-09] (MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2206304 2017-01-06] (MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4172896 2016-12-14] (MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2331744 2017-02-15] (MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2076768 2016-12-05] (MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [611936 2017-02-10] (MSI)
R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [42168 2014-08-23] (Microsoft Corporation)
R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62275248 2015-03-19] (Microsoft Corporation)
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [File not signed]
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-02-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519240 2018-02-24] (NVIDIA Corporation)
R2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2195120 2014-08-23] (Microsoft Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [443576 2014-08-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2018-09-28] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-13] (Microsoft Corporation)
R2 WebCacheService; C:\Program Files (x86)\Common Files\Data Dynamics\ActiveReports Pro\WebCacheService.exe [108128 2005-09-21] (Data Dynamics)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-13] (Microsoft Corporation)
R2 MSSQLServerOLAPService; "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\Config"
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201240 2018-11-23] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230344 2018-11-23] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201768 2018-11-23] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346592 2018-11-23] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59496 2018-11-23] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239840 2018-11-27] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46384 2018-11-23] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2018-11-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163208 2018-11-23] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111800 2018-11-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87432 2018-11-23] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028680 2018-11-23] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [469272 2018-11-23] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208472 2018-11-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380464 2018-11-23] (AVAST Software)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2018-10-18] (Malwarebytes)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2018-11-23] (LogMeIn Inc.)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [47008 2016-07-26] ()
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198000 2018-12-04] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [119136 2018-12-05] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [63768 2018-12-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-12-05] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [111152 2018-12-05] (Malwarebytes)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30280 2018-02-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2018-02-24] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57928 2018-02-24] (NVIDIA Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2014-08-23] (Microsoft Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\DRTWlanU.sys [3470040 2014-08-19] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-13] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-13] (Microsoft Corporation)
R1 Win10Pcap; C:\Windows\system32\DRIVERS\Win10Pcap.sys [41584 2015-10-08] (Daiyuu Nobori, University of Tsukuba, Japan)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-05 08:36 - 2018-12-05 08:37 - 000016676 _____ C:\Users\admin\Downloads\FRST.txt
2018-12-05 08:36 - 2018-12-05 08:36 - 000000000 ____D C:\FRST
2018-12-05 08:03 - 2018-12-05 08:03 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-12-05 08:03 - 2018-12-05 08:03 - 000119136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-12-05 08:03 - 2018-12-05 08:03 - 000111152 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-12-05 08:03 - 2018-12-05 08:03 - 000063768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-12-05 07:58 - 2018-12-05 07:58 - 000003104 _____ C:\Windows\System32\Tasks\AdwCleaner_onReboot
2018-12-05 07:56 - 2018-12-05 07:58 - 000000000 ____D C:\AdwCleaner
2018-12-05 07:54 - 2018-12-05 07:55 - 000002320 _____ C:\Users\admin\Desktop\MALWAREBYTES report.txt
2018-12-05 07:54 - 2018-12-05 07:54 - 007321808 _____ (Malwarebytes) C:\Users\admin\Downloads\adwcleaner_7.2.5.0.exe
2018-12-05 07:48 - 2018-12-05 07:48 - 002417152 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2018-12-04 18:35 - 2018-12-04 18:35 - 000000000 ____D C:\Windows\system32\appmgmt
2018-12-04 08:09 - 2018-12-04 08:09 - 000000000 ____D C:\Users\admin\AppData\Local\mbam
2018-12-04 08:07 - 2018-12-04 08:07 - 000198000 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-12-04 08:07 - 2018-12-04 08:07 - 000001889 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-12-04 08:07 - 2018-12-04 08:07 - 000000000 ____D C:\Users\admin\AppData\Local\mbamtray
2018-12-04 08:07 - 2018-12-04 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-12-04 08:07 - 2018-12-04 08:07 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-12-04 08:07 - 2018-12-04 08:07 - 000000000 ____D C:\Program Files\Malwarebytes
2018-12-04 08:07 - 2018-10-18 08:44 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-12-03 17:56 - 2018-12-03 17:57 - 080557120 _____ (Malwarebytes ) C:\Users\admin\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.482-1.0.8025.exe
2018-12-03 14:46 - 2018-12-03 14:46 - 000000000 _____ C:\Windows\system32\TmpFDFC.tmp
2018-12-01 16:32 - 2018-12-05 05:14 - 000000073 _____ C:\Windows\system32\wpd1.xml
2018-12-01 16:32 - 2018-12-05 05:14 - 000000073 _____ C:\Windows\system32\wpd.xml
2018-12-01 12:34 - 2018-12-05 01:15 - 001056768 _____ C:\Windows\system32\secedit.sdb
2018-12-01 12:34 - 2018-12-01 12:34 - 000000000 ____D C:\Windows\java
2018-12-01 12:32 - 2018-12-03 18:20 - 000000000 __SHD C:\Program Files\shengda
2018-12-01 12:32 - 2018-12-01 12:32 - 000000000 __SHD C:\Program Files\mainsoft
2018-12-01 12:32 - 2018-12-01 12:32 - 000000000 __SHD C:\Program Files\kugou2010
2018-12-01 12:32 - 2018-12-01 12:32 - 000000000 __SHD C:\download
2018-12-01 06:08 - 2018-12-01 06:08 - 000241736 _____ C:\Users\admin\Downloads\DUCSetup_v4_1_1.exe
2018-12-01 06:08 - 2018-12-01 06:08 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2018-12-01 06:08 - 2018-12-01 06:08 - 000000000 ____D C:\Users\admin\AppData\Local\Vitalwerks
2018-12-01 06:08 - 2018-12-01 06:08 - 000000000 ____D C:\ProgramData\Vitalwerks
2018-12-01 06:08 - 2018-12-01 06:08 - 000000000 ____D C:\Program Files (x86)\No-IP
2018-11-30 11:14 - 2018-11-30 11:14 - 000002164 _____ C:\Users\Public\Desktop\MTG Arena.lnk
2018-11-30 11:04 - 2018-11-30 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTG Arena
2018-11-30 10:42 - 2018-11-30 10:42 - 000029111 _____ C:\Users\admin\Downloads\TB BARU OKTOBER 2018 51TB.ods
2018-11-30 10:41 - 2018-11-30 10:44 - 000023853 _____ C:\Users\admin\Downloads\TB BARU JULI 2018 50TB.ods
2018-11-30 10:38 - 2018-11-30 10:38 - 000057441 _____ C:\Users\admin\Downloads\DATA TBG TGL PEMBELIAN DIPROGRAM.xlsx
2018-11-29 15:20 - 2018-11-29 15:20 - 000132829 _____ C:\Users\admin\Downloads\Bukti Transfer Fae M Zhang.pdf
2018-11-29 05:24 - 2018-11-29 05:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-28 21:09 - 2018-11-28 21:09 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-28 21:09 - 2018-11-28 21:09 - 000047792 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-28 21:09 - 2018-11-28 21:09 - 000047792 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-28 21:09 - 2018-11-28 21:09 - 000045752 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-11-26 10:30 - 2018-11-26 10:30 - 000000000 ____D C:\Windows\SysWOW64\SupportAppPBMTN USB MODEM
2018-11-26 10:30 - 2018-11-26 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTN USB MODEM
2018-11-26 10:29 - 2018-11-26 10:29 - 000000000 ____D C:\Program Files (x86)\MTN USB MODEM
2018-11-26 09:43 - 2018-11-26 09:47 - 000000000 ____D C:\Users\admin\AppData\Roaming\BootmapperClient
2018-11-26 09:43 - 2018-11-26 09:43 - 000000000 ____D C:\Users\admin\Downloads\BootmapperClient
2018-11-23 11:11 - 2018-11-23 11:11 - 000045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2018-11-23 01:11 - 2018-11-23 01:11 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-11-15 03:21 - 2018-10-07 02:03 - 000356288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-15 03:20 - 2018-10-25 08:54 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2018-11-15 03:20 - 2018-10-25 08:51 - 000121344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2018-11-15 03:20 - 2018-10-25 08:46 - 000205824 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-15 03:20 - 2018-10-25 08:45 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2018-11-15 03:20 - 2018-10-13 04:26 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-11-15 03:20 - 2018-10-13 04:25 - 000189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2018-11-15 03:20 - 2018-10-13 04:17 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-11-15 03:20 - 2018-10-13 04:16 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2018-11-15 03:20 - 2018-10-13 04:16 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2018-11-15 03:20 - 2018-10-13 04:03 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-11-15 03:20 - 2018-10-13 03:38 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-11-15 03:20 - 2018-10-13 03:36 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-11-15 03:20 - 2018-10-12 10:16 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2018-11-15 03:20 - 2018-10-12 10:10 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-15 03:20 - 2018-10-12 10:10 - 000235520 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2018-11-15 03:20 - 2018-10-12 10:01 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-11-15 03:20 - 2018-10-12 09:59 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-15 03:20 - 2018-10-12 09:59 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-11-15 03:20 - 2018-10-12 09:58 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2018-11-15 03:20 - 2018-10-12 09:58 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2018-11-15 03:20 - 2018-10-12 09:06 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-15 03:20 - 2018-10-12 08:55 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-11-15 03:20 - 2018-10-07 02:14 - 000388536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-15 03:20 - 2018-10-07 02:04 - 001308976 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-15 03:20 - 2018-10-06 23:41 - 002465792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2018-11-15 03:20 - 2018-10-06 23:32 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-11-15 03:20 - 2018-09-28 21:38 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-15 03:20 - 2018-09-24 00:45 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2018-11-15 03:20 - 2018-09-24 00:45 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2018-11-15 03:20 - 2018-09-24 00:23 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2018-11-15 03:20 - 2018-09-24 00:00 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2018-11-15 03:20 - 2018-08-26 11:38 - 001200640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-15 03:20 - 2018-08-26 11:21 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2018-11-15 03:20 - 2018-08-26 09:45 - 000513448 _____ C:\Windows\SysWOW64\locale.nls
2018-11-15 03:20 - 2018-08-26 09:45 - 000513448 _____ C:\Windows\system32\locale.nls
2018-11-15 03:20 - 2018-08-21 21:39 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-15 03:20 - 2018-08-21 21:35 - 000358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-11-15 03:19 - 2018-10-18 10:48 - 025737728 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-15 03:19 - 2018-10-16 11:46 - 007371720 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-15 03:19 - 2018-10-16 11:39 - 002171800 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-15 03:19 - 2018-10-16 11:39 - 001662504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-15 03:19 - 2018-10-16 11:39 - 001063368 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-15 03:19 - 2018-10-16 11:18 - 001137472 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-15 03:19 - 2018-10-16 11:02 - 001563584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-11-15 03:19 - 2018-10-16 11:02 - 001214920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-11-15 03:19 - 2018-10-13 04:35 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-11-15 03:19 - 2018-10-13 04:22 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-11-15 03:19 - 2018-10-13 04:00 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-11-15 03:19 - 2018-10-13 03:57 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-11-15 03:19 - 2018-10-13 03:56 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-11-15 03:19 - 2018-10-13 03:51 - 000267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2018-11-15 03:19 - 2018-10-13 03:47 - 001049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-11-15 03:19 - 2018-10-13 03:42 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-11-15 03:19 - 2018-10-12 10:12 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-11-15 03:19 - 2018-10-12 09:35 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-11-15 03:19 - 2018-10-12 09:30 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-11-15 03:19 - 2018-10-12 09:27 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-11-15 03:19 - 2018-10-12 09:27 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-11-15 03:19 - 2018-10-12 09:19 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-11-15 03:19 - 2018-10-12 09:17 - 000809984 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-15 03:19 - 2018-10-12 09:12 - 002882048 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-11-15 03:19 - 2018-10-07 02:14 - 001547192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-15 03:19 - 2018-10-07 00:48 - 004168192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-11-15 03:19 - 2018-10-06 23:34 - 002175488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2018-11-15 03:19 - 2018-09-28 21:34 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msisip.dll
2018-11-15 03:19 - 2018-09-24 00:47 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-15 03:19 - 2018-09-24 00:37 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-15 03:19 - 2018-09-24 00:24 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-15 03:19 - 2018-09-24 00:23 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2018-11-15 03:19 - 2018-09-24 00:20 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2018-11-15 03:19 - 2018-09-24 00:17 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2018-11-15 03:19 - 2018-09-24 00:00 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2018-11-15 03:19 - 2018-09-23 23:58 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-15 03:19 - 2018-09-23 23:56 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-15 03:19 - 2018-09-23 23:53 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2018-11-15 03:19 - 2018-09-23 23:51 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2018-11-15 03:19 - 2018-09-23 23:50 - 000709632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2018-11-15 03:19 - 2018-09-13 02:30 - 000137008 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-11-15 03:19 - 2018-09-11 23:30 - 003718144 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-15 03:19 - 2018-08-26 11:38 - 000323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2018-11-15 03:19 - 2018-08-26 11:21 - 000200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2018-11-15 03:19 - 2018-08-20 00:22 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-11-15 03:19 - 2018-08-19 23:52 - 001436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-15 03:19 - 2018-08-19 23:43 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-11-15 03:18 - 2018-10-18 10:17 - 020281344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-11-15 03:18 - 2018-10-13 03:59 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-11-15 03:18 - 2018-10-12 09:25 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-06 14:12 - 2018-11-06 14:17 - 000000000 ____D C:\Users\admin\Desktop\BACKUP HDD 1TB

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-05 08:14 - 2018-01-30 23:54 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-12-05 08:07 - 2018-07-26 12:43 - 000000000 ____D C:\Users\admin\AppData\Local\CrashDumps
2018-12-05 08:02 - 2018-07-26 11:04 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-05 08:01 - 2018-01-30 23:54 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-05 08:01 - 2013-08-22 22:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-05 07:31 - 2013-08-22 22:44 - 005109536 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-05 07:30 - 2013-08-22 21:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-12-05 07:29 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\System
2018-12-04 18:45 - 2018-01-31 07:22 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410419929-280695287-756708859-1001
2018-12-04 18:35 - 2018-01-30 23:53 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-04 09:04 - 2018-01-30 23:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-11-30 11:37 - 2018-02-01 11:50 - 000000000 ___RD C:\Users\admin\Dropbox
2018-11-30 11:16 - 2018-07-26 12:07 - 000003798 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-07-26 12:06 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-11-30 11:16 - 2018-04-23 09:13 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-11-30 11:16 - 2018-04-06 09:13 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-11-30 11:16 - 2018-01-30 23:58 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-11-30 11:16 - 2018-01-30 23:54 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-11-30 11:16 - 2018-01-30 23:54 - 000003660 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-11-30 11:16 - 2018-01-30 23:49 - 000003836 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1517327387
2018-11-30 11:16 - 2018-01-30 23:32 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{3353FB22-1500-48BC-9ABA-36C6D7256779}
2018-11-30 09:22 - 2013-08-22 21:36 - 000000000 ____D C:\Windows\Inf
2018-11-30 04:58 - 2018-05-30 19:17 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2018-11-30 04:58 - 2018-05-30 19:17 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2018-11-29 05:25 - 2018-01-30 23:54 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-28 08:45 - 2018-01-30 23:49 - 000000000 ____D C:\Program Files (x86)\Opera
2018-11-27 18:46 - 2018-01-30 23:49 - 000001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera Browser.lnk
2018-11-27 09:45 - 2018-04-02 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-27 09:41 - 2018-01-30 23:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2018-11-27 09:41 - 2018-01-30 23:49 - 000000000 ____D C:\Program Files\7-Zip
2018-11-27 06:16 - 2018-01-30 23:58 - 000239840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-11-26 17:13 - 2018-01-30 23:58 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-11-26 14:11 - 2018-02-06 12:16 - 000000000 ____D C:\Users\admin\AppData\Roaming\Skype
2018-11-26 10:46 - 2014-11-21 16:43 - 001018220 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-26 10:33 - 2018-01-31 00:17 - 000000000 ____D C:\Program Files (x86)\Hard Disk Sentinel
2018-11-26 07:56 - 2018-10-18 15:39 - 000000000 ____D C:\Program Files (x86)\GRETECH
2018-11-26 07:55 - 2018-06-02 17:03 - 000000000 ____D C:\Users\admin\AppData\Local\RealVNC
2018-11-24 18:09 - 2018-01-31 07:16 - 000000000 ____D C:\Users\admin
2018-11-24 18:06 - 2018-06-02 09:49 - 000000000 ____D C:\Users\admin\AppData\Local\ElevatedDiagnostics
2018-11-23 01:11 - 2018-10-23 13:32 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 001028680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000469272 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000380464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000208472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000201240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000163208 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000111800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000087432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-11-23 01:11 - 2018-01-30 23:58 - 000046384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-11-23 01:10 - 2018-01-30 23:58 - 000346592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-11-23 01:10 - 2018-01-30 23:58 - 000230344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-11-23 01:10 - 2018-01-30 23:58 - 000201768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-11-23 01:10 - 2018-01-30 23:58 - 000059496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-11-22 10:27 - 2018-01-31 00:06 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2018-11-21 11:16 - 2013-08-22 23:20 - 000000000 ____D C:\Windows\CbsTemp
2018-11-21 10:07 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\rescache
2018-11-20 22:15 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-11-20 22:15 - 2013-08-22 23:36 - 000000000 ____D C:\Windows\system32\Macromed
2018-11-17 05:29 - 2018-08-19 06:30 - 000834960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-11-17 05:29 - 2018-08-19 06:30 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-15 22:25 - 2018-01-30 23:37 - 000000989 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2018-11-15 03:18 - 2018-02-15 14:35 - 000000000 ____D C:\Windows\system32\MRT
2018-11-15 03:06 - 2018-02-15 14:35 - 137810048 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-12 15:16 - 2018-01-31 09:30 - 000000000 ____D C:\Users\admin\Documents\SQL Server Management Studio
2018-11-05 15:20 - 2018-07-26 12:36 - 000000000 ____D C:\Program Files (x86)\Steam

==================== Files in the root of some directories =======

2018-01-31 06:34 - 2018-01-31 06:34 - 000007602 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-03-12 12:14 - 2018-03-12 12:14 - 008108488 _____ () C:\Users\admin\AppData\Local\Temp\converter.exe
2018-07-26 11:05 - 2017-10-28 00:06 - 000874368 _____ (NVIDIA Corporation) C:\Users\admin\AppData\Local\Temp\nvSCPAPI64.dll
2018-07-26 11:59 - 2017-10-28 00:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\admin\AppData\Local\Temp\nvStInst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-11-28 05:20

==================== End of FRST.txt ============================

Addition.txt

FRST.txt

MALWAREBYTES report.txt

kevinf80 · December 6, 2018

Hello mnmlisme and welcome to Malwarebytes,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix"
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Open Malwarebytes Anti-Malware.

On the Settings tab > Protection Scroll to and make sure the following are selected:

Scan for Rootkits
Scan within Archives
Scroll further to Potential Threat Protection make sure the following are set as follows:
Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
Click on the Scan make sure Threat Scan is selected,
A Threat Scan will begin.
When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
If asked to restart your computer to complete the removal, please do so
When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open Malwarebytes once more to retrieve the log.

To get the log from Malwarebytes do the following:

Click on the Reports tab > from main interface.
Double click on the Scan log which shows the Date and time of the scan just performed.
Click Export > From export you have two options:
Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror

Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
Accept the EULA (I accept), then click on Scan
Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

Next,

Download Microsoft's " Malicious Software Removal Tool" and save direct to the desktop

Ensure to get the correct version for your system....

https://www.microsoft.com/en-gb/download/malicious-software-removal-tool-details.aspx

Right click on the Tool, select “Run as Administrator” the tool will expand to the options Window
In the "Scan Type" window, select Quick Scan
Perform a scan and Click Finish when the scan is done.

Retrieve the MSRT log as follows, and post it in your next reply:

1) Select the Windows key and R key together to open the "Run" function
2) Type or Copy/Paste the following command to the "Run Line" and Press Enter:

notepad c:\windows\debug\mrt.log

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

Let me see those logs in your next reply, also let me know if there are any remaining issues or concerns...

Thank you,

Kevin

fixlist.txt

mnmlisme · December 12, 2018

On 12/6/2018 at 6:47 PM, kevinf80 said:

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by admin (10-12-2018 08:42:06) Run:1
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {56520281-f10c-11e8-8284-4ccc6a6991d9} - "D:\Windows\AutoRun.exe"
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {e56ae952-b0a4-11e8-8277-4ccc6a6991d9} - "D:\HiSuiteDownLoader.exe"
2018-03-12 12:14 - 2018-03-12 12:14 - 008108488 _____ () C:\Users\admin\AppData\Local\Temp\converter.exe
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm_filter\": <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm2_filter\": <==== ATTENTION
WMI:subscription\__TimerInstruction->*****youmm2_itimer: <==== ATTENTION
WMI:subscription\__TimerInstruction->*****youmm_itimer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->*****youmm2_itimer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->*****youmm_itimer: <==== ATTENTION
WMI:subscription\__EventFilter->*****youmm_filter: <==== ATTENTION
WMI:subscription\__EventFilter->*****youmm2_filter: <==== ATTENTION
WMI:subscription\ActiveScriptEventConsumer->*****youmm_consumer: <==== ATTENTION
WMI:subscription\ActiveScriptEventConsumer->*****youmm2_consumer: <==== ATTENTION
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
RemoveProxy:
EmptyTemp:
Hosts:
CMD: ipconfig /flushDNS
end

*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{56520281-f10c-11e8-8284-4ccc6a6991d9} => removed successfully
HKLM\Software\Classes\CLSID\{56520281-f10c-11e8-8284-4ccc6a6991d9} => not found
HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e56ae952-b0a4-11e8-8277-4ccc6a6991d9} => removed successfully
HKLM\Software\Classes\CLSID\{e56ae952-b0a4-11e8-8277-4ccc6a6991d9} => not found
C:\Users\admin\AppData\Local\Temp\converter.exe => moved successfully
"\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm_filter\"" => not found
"\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm2_filter\"" => not found
"*****youmm2_itimer" => removed successfully
"*****youmm_itimer" => removed successfully
"*****youmm2_itimer" => not found
"*****youmm_itimer" => not found
"*****youmm_filter" => not found
"*****youmm2_filter" => not found
"*****youmm_consumer" => not found
"*****youmm2_consumer" => not found

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========

Error: Unable to rebuild performance counter setting from system backup store, error code is 2
========= End of CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushDNS =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18179391 B
Java, Flash, Steam htmlcache => 347608963 B
Windows/system/drivers => 1075547246 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 539910235 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 7189 B
systemprofile32 => 0 B
LocalService => 530422 B
NetworkService => 4286 B
admin => 733747196 B

RecycleBin => 0 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 08:46:20 ====

mnmlisme · December 12, 2018

On 12/6/2018 at 6:47 PM, kevinf80 said:

The log will include log details for each time MSRT has run, we only need the most recent log by date and time....

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.67, December 2018 (build 5.67.15525.1)
Started On Wed Dec 12 13:50:30 2018

Engine: 1.1.15400.5
Signatures: 1.281.872.0
MpGear: 1.1.15201.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Wed Dec 12 13:53:29 2018

Return code: 0 (0x0)

mnmlisme · December 12, 2018

Above is two test I've done. It looks like it's gone at this moment, but from my experience, after my scheduled scan on midnight, it will be detected again, so I will post tomorrow's morning MB scan result instead of now.

kevinf80 · December 12, 2018

Thanks for the logs/update mnmlisme, did you also run AdwCleaner..? can I see that log..

mnmlisme · December 13, 2018

Quote

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-12-2018
# Duration: 00:00:16
# OS: Windows 8.1 Pro
# Cleaned: 0
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1445 octets] - [05/12/2018 07:57:42]
AdwCleaner[C00].txt - [1573 octets] - [05/12/2018 07:58:25]
AdwCleaner[S01].txt - [1372 octets] - [05/12/2018 08:09:11]
AdwCleaner[S02].txt - [1433 octets] - [12/12/2018 13:34:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

ADW cleaner log

mnmlisme · December 13, 2018

MALWAREBYTES latest report, this morning. Still there. It's like the malware returns every night past midnight. If I scan my system now, I think it will report nothing, or only 1 trojan (the mirai trojan), but tomorrow morning, the bitcoin would return. Weirdly enough, scanned with antivirus (Avast) and it returns nothing.

Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/12/18
Scan Time: 2:23 AM
Log File: d69226d0-fd71-11e8-a779-4ccc6a6991d9.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.8265
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: System

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Scheduler
Result: Completed
Objects Scanned: 260010
Threats Detected: 8
Threats Quarantined: 8
Time Elapsed: 13 min, 12 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
Trojan.Mirai.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BGCLIENTS, Quarantined, [7056], [427730],1.0.8265

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 4
Trojan.Mirai.Trace, C:\WINDOWS\SYSTEM\MYUSAGO.DVR, Quarantined, [5302], [427728],1.0.8265
Trojan.Mirai.Trace, C:\WINDOWS\SYSTEM\MYUSA.DVR, Quarantined, [5302], [427729],1.0.8265
Trojan.Mirai.E, C:\WINDOWS\SYSTEM32\WBEM\123.BAT, Quarantined, [7056], [427730],1.0.8265
Trojan.Mirai.Trace, C:\WINDOWS\SYSTEM32\PERFSTRINGSE.INI, Quarantined, [5302], [427749],1.0.8265

Physical Sector: 0
(No malicious items detected)

WMI: 3
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__FilterToConsumerBinding.Consumer="\\\\.\\root\\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\\\.\\root\\subscription:__EventFilter.Name=\"*****youmm_filter\"", Quarantined, [14222], [608313],1.0.8265
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__EventFilter.Name="*****youmm_filter", Quarantined, [14222], [608313],1.0.8265
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:ActiveScriptEventConsumer.Name="*****youmm_consumer", Quarantined, [14222], [608313],1.0.8265

(end)

kevinf80 · December 13, 2018

The latest Malwarebytes log shows a registry key was removed and four files were removed, those did not show in your fist log. Also the second log show Rootkits option is disabled, can you run Malwarebytes again, this time enable rootkits option...

Quote

On the Settings tab > Protection Scroll to and make sure the following are selected:

Scan for Rootkits
Scan within Archives

mnmlisme · December 17, 2018

decided to re-do the steps to avoid report confusion.

so first, FRST report

Quote

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by admin (14-12-2018 21:28:41) Run:3
Running from C:\Users\admin\Downloads\FRST
Loaded Profiles: admin (Available Profiles: admin)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {56520281-f10c-11e8-8284-4ccc6a6991d9} - "D:\Windows\AutoRun.exe"
HKU\S-1-5-21-3410419929-280695287-756708859-1001\...\MountPoints2: {e56ae952-b0a4-11e8-8277-4ccc6a6991d9} - "D:\HiSuiteDownLoader.exe"
2018-03-12 12:14 - 2018-03-12 12:14 - 008108488 _____ () C:\Users\admin\AppData\Local\Temp\converter.exe
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm_filter\": <==== ATTENTION
WMI:subscription\__FilterToConsumerBinding->\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm2_filter\": <==== ATTENTION
WMI:subscription\__TimerInstruction->*****youmm2_itimer: <==== ATTENTION
WMI:subscription\__TimerInstruction->*****youmm_itimer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->*****youmm2_itimer: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->*****youmm_itimer: <==== ATTENTION
WMI:subscription\__EventFilter->*****youmm_filter: <==== ATTENTION
WMI:subscription\__EventFilter->*****youmm2_filter: <==== ATTENTION
WMI:subscription\ActiveScriptEventConsumer->*****youmm_consumer: <==== ATTENTION
WMI:subscription\ActiveScriptEventConsumer->*****youmm2_consumer: <==== ATTENTION
CMD: "%WINDIR%\SYSTEM32\lodctr.exe" /R
CMD: "%WINDIR%\SysWOW64\lodctr.exe" /R
RemoveProxy:
EmptyTemp:
Hosts:
CMD: ipconfig /flushDNS
end

*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{56520281-f10c-11e8-8284-4ccc6a6991d9} => not found
HKLM\Software\Classes\CLSID\{56520281-f10c-11e8-8284-4ccc6a6991d9} => not found
HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e56ae952-b0a4-11e8-8277-4ccc6a6991d9} => not found
HKLM\Software\Classes\CLSID\{e56ae952-b0a4-11e8-8277-4ccc6a6991d9} => not found
"C:\Users\admin\AppData\Local\Temp\converter.exe" => not found
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm_filter\" => Error deleting product . Error: -2147352567
\\.\root\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\.\root\subscription:__EventFilter.Name=\"*****youmm2_filter\" => Error deleting product . Error: -2147352567
"*****youmm2_itimer" => removed successfully
"*****youmm_itimer" => removed successfully
"*****youmm2_itimer" => not found
"*****youmm_itimer" => not found
"*****youmm_filter" => removed successfully
"*****youmm2_filter" => removed successfully
"*****youmm_consumer" => removed successfully
"*****youmm2_consumer" => removed successfully

========= "%WINDIR%\SYSTEM32\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= "%WINDIR%\SysWOW64\lodctr.exe" /R =========

Info: Successfully rebuilt performance counter setting from system backup store
========= End of CMD: =========

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3410419929-280695287-756708859-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully

========= End of RemoveProxy: =========

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= ipconfig /flushDNS =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14948339 B
Java, Flash, Steam htmlcache => 131939 B
Windows/system/drivers => 719 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 376532738 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1418665 B
systemprofile32 => 0 B
LocalService => 4596 B
NetworkService => 0 B
admin => 160647 B

RecycleBin => 107990 B
EmptyTemp: => 383.1 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:30:21 ====

then Malwarebytes report

Quote

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/15/18
Scan Time: 8:01 AM
Log File: 956efe2a-fffc-11e8-8e59-4ccc6a6991d9.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.482
Update Package Version: 1.0.8329
License: Trial

-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: serverip\admin

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 260136
Threats Detected: 10
Threats Quarantined: 10
Time Elapsed: 12 min, 34 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 1
Trojan.Mirai.E, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BGCLIENTS, Quarantined, [7057], [427730],1.0.8329

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
Trojan.Mirai.Trace, C:\WINDOWS\SYSTEM\MYUSA.DVR, Quarantined, [5308], [427729],1.0.8329
Trojan.Mirai.E, C:\WINDOWS\SYSTEM32\WBEM\123.BAT, Quarantined, [7057], [427730],1.0.8329
Trojan.Mirai.Trace, C:\WINDOWS\SYSTEM32\PERFSTRINGSE.INI, Quarantined, [5308], [427749],1.0.8329

Physical Sector: 0
(No malicious items detected)

WMI: 6
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__FilterToConsumerBinding.Consumer="\\\\.\\root\\subscription:ActiveScriptEventConsumer.Name=\"*****youmm_consumer\"",Filter="\\\\.\\root\\subscription:__EventFilter.Name=\"*****youmm_filter\"", Quarantined, [14256], [608313],1.0.8329
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__EventFilter.Name="*****youmm_filter", Quarantined, [14256], [608313],1.0.8329
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:ActiveScriptEventConsumer.Name="*****youmm_consumer", Quarantined, [14256], [608313],1.0.8329
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__FilterToConsumerBinding.Consumer="\\\\.\\root\\subscription:ActiveScriptEventConsumer.Name=\"*****youmm2_consumer\"",Filter="\\\\.\\root\\subscription:__EventFilter.Name=\"*****youmm2_filter\"", Quarantined, [14256], [600617],1.0.8329
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:__EventFilter.Name="*****youmm2_filter", Quarantined, [14256], [600617],1.0.8329
Hijack.BitCoinMiner.WMI, \\SERVERIP\ROOT\subscription:ActiveScriptEventConsumer.Name="*****youmm2_consumer", Quarantined, [14256], [600617],1.0.8329

(end)

ADWCLEANER report

Quote

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-17-2018
# Duration: 00:00:13
# OS: Windows 8.1 Pro
# Scanned: 32299
# Detected: 0

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

AdwCleaner[S00].txt - [1445 octets] - [05/12/2018 07:57:42]
AdwCleaner[C00].txt - [1573 octets] - [05/12/2018 07:58:25]
AdwCleaner[S01].txt - [1372 octets] - [05/12/2018 08:09:11]
AdwCleaner[S02].txt - [1433 octets] - [12/12/2018 13:34:46]
AdwCleaner[C02].txt - [1619 octets] - [12/12/2018 13:35:35]
AdwCleaner[S03].txt - [1555 octets] - [14/12/2018 09:19:33]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

and finally, Windows Malware Removal Tool report

Quote

---------------------------------------------------------------------------------------
Microsoft Windows Malicious Software Removal Tool v5.67, December 2018 (build 5.67.15525.1)
Started On Mon Dec 17 13:27:56 2018

Engine: 1.1.15400.5
Signatures: 1.281.872.0
MpGear: 1.1.15201.1
Run Mode: Interactive Graphical Mode

Results Summary:
----------------
No infection found.
Successfully Submitted Heartbeat Report
Microsoft Windows Malicious Software Removal Tool Finished On Mon Dec 17 13:31:59 2018

Return code: 0 (0x0)

kevinf80 · December 17, 2018

I assume you are making the point that the infection still returns after removal, that seems to indicate possible rootkit issues. Run the following and attach the logs to your reply:

Download and save Adiag to your Desktop, https://www.adlice.com/download/diag/

Right click and select "Run as Administrator" on the first window select Scan
Make sure all items are checkmarked, then select Start Scan
Do not use your PC as the scan progresses
If malicious entries are found select Results, if not close our the application.
In the reports window select "Malicious Only" then "Report"
In the new window select "Export" then "Text File" name that file Adiag1 and save to your desktop. Close that window.
You will be back to main interface, select "Display all" then "Report"
In the new window select "Export" then "Text File" name that file Adiag2 and save to your desktop. Close that window, then close out Adiag
Attach Adiag 1 and 2 to your reply.

Next,

Please read carefully and follow these steps.

Download TDSSKiller from here http://support.kaspersky.com/downloads/utils/tdsskiller.exe and save it to your Desktop.
Doubleclick on to run the application.
The "Ready to scan" window will open, Click on "Change parameters"
Ensure all entries are Checkmarked under Additionl Options, Ensure all entries are Checkmarked under Objects to scan When Loaded Modules is checkmarked a re-boot will be offered, allow that to happen...
Continue after reboot select "Change Parameters" make sure entries are checkmarked and then Select "Start Scan"
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please attach that log to your reply.

Thank you,

Kevin

mnmlisme · December 18, 2018

weird, now I can't install any programs, it says Unable to create temporary file. Setup aborted.

I'm trying to install Adiag

kevinf80 · December 18, 2018

Do not use the installed version, use portable version...

kevinf80 · December 26, 2018

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

kevinf80 · January 2, 2019

Have reopened yout thread as requested...

mnmlisme · January 3, 2019

Thank you kevinf80. Happy New Year 2019. Sorry it took me so long to test accordingly.

Anyway, below is the Kaspersky result

Quote

07:03:40.0162 7576 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
07:03:40.0162 7576 UEFI system
07:03:42.0177 7576 ============================================================
07:03:42.0177 7576 Current date / time: 2019/01/03 07:03:42.0177
07:03:42.0177 7576 SystemInfo:
07:03:42.0177 7576
07:03:42.0177 7576 OS Version: 6.2.9200 ServicePack: 0.0
07:03:42.0177 7576 Product type: Workstation
07:03:42.0177 7576 ComputerName: SERVERIP
07:03:42.0177 7576 UserName: admin
07:03:42.0177 7576 Windows directory: C:\WINDOWS
07:03:42.0177 7576 System windows directory: C:\WINDOWS
07:03:42.0177 7576 Running under WOW64
07:03:42.0177 7576 Processor architecture: Intel x64
07:03:42.0177 7576 Number of processors: 4
07:03:42.0177 7576 Page size: 0x1000
07:03:42.0177 7576 Boot type: Normal boot
07:03:42.0177 7576 ============================================================
07:03:42.0224 7576 BG loaded
07:03:42.0490 7576 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:03:42.0490 7576 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:03:42.0505 7576 ============================================================
07:03:42.0505 7576 \Device\Harddisk0\DR0:
07:03:42.0505 7576 GPT partitions:
07:03:42.0505 7576 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {90C6861A-9AC9-43CF-874F-AD79CB3F2E52}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xF9800
07:03:42.0505 7576 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3C6A8257-2A4F-4EAE-AD23-C8111D8894C7}, Name: EFI system partition, StartLBA 0xFA000, BlocksNum 0x32000
07:03:42.0505 7576 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0F6A78D3-54CC-4AD7-BFF1-40FC8971988F}, Name: Microsoft reserved partition, StartLBA 0x12C000, BlocksNum 0x8000
07:03:42.0505 7576 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6FFEB2BD-3ED7-49C6-8B00-C89FB6B24C4C}, Name: Basic data partition, StartLBA 0x134000, BlocksNum 0xDE60800
07:03:42.0505 7576 MBR partitions:
07:03:42.0505 7576 \Device\Harddisk1\DR1:
07:03:42.0505 7576 MBR partitions:
07:03:42.0505 7576 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
07:03:42.0505 7576 ============================================================
07:03:42.0521 7576 😄 <-> \Device\Harddisk0\DR0\Partition4
07:03:42.0537 7576 😧 <-> \Device\Harddisk1\DR1\Partition1
07:03:42.0537 7576 ============================================================
07:03:42.0537 7576 Initialize success
07:03:42.0537 7576 ============================================================
07:06:39.0440 2956 ============================================================
07:06:39.0440 2956 Scan started
07:06:39.0440 2956 Mode: Manual; SigCheck; TDLFS;
07:06:39.0440 2956 ============================================================
07:06:40.0382 2956 ================ Scan system memory ========================
07:06:40.0382 2956 System memory - ok
07:06:40.0385 2956 ================ Scan services =============================
07:06:40.0448 2956 1394ohci - ok
07:06:40.0454 2956 3ware - ok
07:06:40.0458 2956 Suspicious service (Hidden): 90599366
07:06:40.0460 2956 90599366 ( HiddenService.Multi.Generic ) - warning
07:06:40.0460 2956 90599366 - detected HiddenService.Multi.Generic (1)
07:06:40.0465 2956 ACPI - ok
07:06:40.0471 2956 AcpiDev - ok
07:06:40.0477 2956 acpiex - ok
07:06:40.0481 2956 acpipagr - ok
07:06:40.0488 2956 AcpiPmi - ok
07:06:40.0494 2956 acpitime - ok
07:06:40.0504 2956 ADP80XX - ok
07:06:40.0510 2956 AFD - ok
07:06:40.0514 2956 afunix - ok
07:06:40.0521 2956 ahcache - ok
07:06:40.0527 2956 AJRouter - ok
07:06:40.0532 2956 ALG - ok
07:06:40.0539 2956 AmdK8 - ok
07:06:40.0544 2956 AmdPPM - ok
07:06:40.0550 2956 amdsata - ok
07:06:40.0557 2956 amdsbs - ok
07:06:40.0560 2956 amdxata - ok
07:06:40.0565 2956 AppID - ok
07:06:40.0571 2956 AppIDSvc - ok
07:06:40.0576 2956 Appinfo - ok
07:06:40.0581 2956 applockerfltr - ok
07:06:40.0588 2956 AppMgmt - ok
07:06:40.0595 2956 AppReadiness - ok
07:06:40.0601 2956 AppVClient - ok
07:06:40.0605 2956 AppvStrm - ok
07:06:40.0609 2956 AppvVemgr - ok
07:06:40.0614 2956 AppvVfs - ok
07:06:40.0621 2956 AppXSvc - ok
07:06:40.0629 2956 arcsas - ok
07:06:40.0634 2956 AssignedAccessManagerSvc - ok
07:06:40.0640 2956 [ 700D6A0331BEFD4ED9CFBB3234B335E7 ] aswArPot C:\WINDOWS\system32\drivers\aswArPot.sys
07:06:40.0699 2956 aswArPot - ok
07:06:40.0768 2956 [ 9C9388AEB9AF802D79A3F6C466600FEB ] aswbIDSAgent C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
07:06:40.0963 2956 aswbIDSAgent - ok
07:06:40.0977 2956 [ 90DB9B40AADC14DC02CBBABAE97070E2 ] aswbidsdriver C:\WINDOWS\system32\drivers\aswbidsdrivera.sys
07:06:40.0995 2956 aswbidsdriver - ok
07:06:41.0003 2956 [ D2B5EFADAF330AD3AF6A72EA38A687F6 ] aswbidsh C:\WINDOWS\system32\drivers\aswbidsha.sys
07:06:41.0025 2956 aswbidsh - ok
07:06:41.0032 2956 [ 1DB5A3ED24EE4451E890FE51327AE4AC ] aswblog C:\WINDOWS\system32\drivers\aswbloga.sys
07:06:41.0051 2956 aswblog - ok
07:06:41.0055 2956 [ 9624F800AE8ABE702175E1FBB44546F4 ] aswbuniv C:\WINDOWS\system32\drivers\aswbuniva.sys
07:06:41.0069 2956 aswbuniv - ok
07:06:41.0075 2956 [ 150708D6A0A29109DC16B3B2A38BC92E ] aswElam C:\WINDOWS\system32\drivers\aswElam.sys
07:06:41.0089 2956 aswElam - ok
07:06:41.0095 2956 [ 71548492830E902A94EF21CE6D22C2E6 ] aswHdsKe C:\WINDOWS\system32\drivers\aswHdsKe.sys
07:06:41.0110 2956 aswHdsKe - ok
07:06:41.0114 2956 [ 0146EF33D5BB6C18788D8D633A96910A ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
07:06:41.0133 2956 aswHwid - ok
07:06:41.0140 2956 [ ED3F404331EC3532CB96E84B97C4EB30 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
07:06:41.0159 2956 aswKbd - ok
07:06:41.0164 2956 [ 229A6923553A1B7C3576F360B22F20CD ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
07:06:41.0189 2956 aswMonFlt - ok
07:06:41.0196 2956 [ D0BC9CD2673FB112880889845F10C44D ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
07:06:41.0217 2956 aswRdr - ok
07:06:41.0224 2956 [ EBE3CEA153B2BE9C454B3D59C7033BF6 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
07:06:41.0244 2956 aswRvrt - ok
07:06:41.0256 2956 [ 074A4CEEB893D54CCD4A17DD16CD6B12 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
07:06:41.0306 2956 aswSnx - ok
07:06:41.0314 2956 [ 3F572A16A66941666F53CC5049AFCF8F ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
07:06:41.0349 2956 aswSP - ok
07:06:41.0354 2956 [ 74C76F239F473CB6E12FA06ADBA05661 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
07:06:41.0366 2956 aswStm - ok
07:06:41.0376 2956 [ DB45EC9EB38510E940F7FE1AF1B3F0CF ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
07:06:41.0408 2956 aswVmm - ok
07:06:41.0412 2956 AsyncMac - ok
07:06:41.0416 2956 atapi - ok
07:06:41.0424 2956 AudioEndpointBuilder - ok
07:06:41.0428 2956 Audiosrv - ok
07:06:41.0435 2956 [ CD8EC552551810716A60F52B265137D9 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:06:41.0452 2956 avast! Antivirus - ok
07:06:41.0457 2956 [ 68656EE3F92E1ADC436DE7BFB22094CC ] AvastWscReporter C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
07:06:41.0467 2956 AvastWscReporter - ok
07:06:41.0474 2956 AxInstSV - ok
07:06:41.0480 2956 b06bdrv - ok
07:06:41.0485 2956 bam - ok
07:06:41.0503 2956 BasicDisplay - ok
07:06:41.0509 2956 BasicRender - ok
07:06:41.0515 2956 BcastDVRUserService - ok
07:06:41.0521 2956 bcmfn2 - ok
07:06:41.0526 2956 BDESVC - ok
07:06:41.0532 2956 Beep - ok
07:06:41.0535 2956 BFE - ok
07:06:41.0544 2956 bindflt - ok
07:06:41.0547 2956 BITS - ok
07:06:41.0552 2956 BluetoothUserService - ok
07:06:41.0560 2956 bowser - ok
07:06:41.0564 2956 BrokerInfrastructure - ok
07:06:41.0569 2956 BTAGService - ok
07:06:41.0576 2956 BthAvctpSvc - ok
07:06:41.0581 2956 BthEnum - ok
07:06:41.0586 2956 BthHFEnum - ok
07:06:41.0605 2956 BthLEEnum - ok
07:06:41.0609 2956 BthMini - ok
07:06:41.0613 2956 BTHMODEM - ok
07:06:41.0621 2956 BTHPORT - ok
07:06:41.0627 2956 bthserv - ok
07:06:41.0632 2956 BTHUSB - ok
07:06:41.0638 2956 bttflt - ok
07:06:41.0645 2956 buttonconverter - ok
07:06:41.0649 2956 CAD - ok
07:06:41.0655 2956 camsvc - ok
07:06:41.0662 2956 CapImg - ok
07:06:41.0667 2956 CaptureService - ok
07:06:41.0672 2956 cbdhsvc - ok
07:06:41.0678 2956 cdfs - ok
07:06:41.0682 2956 CDPSvc - ok
07:06:41.0689 2956 CDPUserSvc - ok
07:06:41.0695 2956 cdrom - ok
07:06:41.0699 2956 CertPropSvc - ok
07:06:41.0706 2956 cht4iscsi - ok
07:06:41.0712 2956 cht4vbd - ok
07:06:41.0716 2956 circlass - ok
07:06:41.0722 2956 CldFlt - ok
07:06:41.0729 2956 CLFS - ok
07:06:41.0733 2956 ClipSVC - ok
07:06:41.0749 2956 CmBatt - ok
07:06:41.0755 2956 CNG - ok
07:06:41.0761 2956 cnghwassist - ok
07:06:41.0765 2956 CompositeBus - ok
07:06:41.0773 2956 COMSysApp - ok
07:06:41.0779 2956 condrv - ok
07:06:41.0783 2956 ConsentUxUserSvc - ok
07:06:41.0789 2956 CoreMessagingRegistrar - ok
07:06:41.0819 2956 [ 75C568E62A2BD89A869C34119A66D19B ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
07:06:41.0887 2956 cphs - ok
07:06:41.0897 2956 CryptSvc - ok
07:06:41.0904 2956 CSC - ok
07:06:41.0910 2956 CscService - ok
07:06:41.0916 2956 dam - ok
07:06:41.0923 2956 [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
07:06:41.0937 2956 dbupdate - ok
07:06:41.0943 2956 [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
07:06:41.0955 2956 dbupdatem - ok
07:06:41.0961 2956 [ 8BCE5437B62FD6061C9D5E738561B0DF ] DbxSvc C:\Windows\System32\DbxSvc.exe
07:06:42.0003 2956 DbxSvc - ok
07:06:42.0008 2956 DcomLaunch - ok
07:06:42.0012 2956 defragsvc - ok
07:06:42.0015 2956 DeviceAssociationService - ok
07:06:42.0019 2956 DeviceInstall - ok
07:06:42.0025 2956 DevicePickerUserSvc - ok
07:06:42.0032 2956 DevicesFlowUserSvc - ok
07:06:42.0037 2956 DevQueryBroker - ok
07:06:42.0043 2956 Dfsc - ok
07:06:42.0049 2956 Dhcp - ok
07:06:42.0054 2956 diagnosticshub.standardcollector.service - ok
07:06:42.0061 2956 diagsvc - ok
07:06:42.0065 2956 DiagTrack - ok
07:06:42.0070 2956 Disk - ok
07:06:42.0077 2956 DisplayEnhancementService - ok
07:06:42.0082 2956 DmEnrollmentSvc - ok
07:06:42.0086 2956 dmvsc - ok
07:06:42.0093 2956 dmwappushservice - ok
07:06:42.0099 2956 Dnscache - ok
07:06:42.0106 2956 dot3svc - ok
07:06:42.0112 2956 DPS - ok
07:06:42.0117 2956 drmkaud - ok
07:06:42.0123 2956 DsmSvc - ok
07:06:42.0129 2956 DsSvc - ok
07:06:42.0135 2956 DusmSvc - ok
07:06:42.0141 2956 DXGKrnl - ok
07:06:42.0147 2956 Eaphost - ok
07:06:42.0151 2956 ebdrv - ok
07:06:42.0157 2956 EFS - ok
07:06:42.0164 2956 EhStorClass - ok
07:06:42.0168 2956 EhStorTcgDrv - ok
07:06:42.0175 2956 embeddedmode - ok
07:06:42.0181 2956 EntAppSvc - ok
07:06:42.0186 2956 ErrDev - ok
07:06:42.0195 2956 EventLog - ok
07:06:42.0203 2956 EventSystem - ok
07:06:42.0209 2956 exfat - ok
07:06:42.0215 2956 fastfat - ok
07:06:42.0221 2956 Fax - ok
07:06:42.0232 2956 fdc - ok
07:06:42.0238 2956 fdPHost - ok
07:06:42.0244 2956 FDResPub - ok
07:06:42.0249 2956 fhsvc - ok
07:06:42.0254 2956 FileCrypt - ok
07:06:42.0261 2956 FileInfo - ok
07:06:42.0266 2956 Filetrace - ok
07:06:42.0270 2956 flpydisk - ok
07:06:42.0277 2956 FltMgr - ok
07:06:42.0282 2956 FontCache - ok
07:06:42.0287 2956 FontCache3.0.0.0 - ok
07:06:42.0294 2956 FrameServer - ok
07:06:42.0300 2956 FsDepends - ok
07:06:42.0304 2956 Fs_Rec - ok
07:06:42.0311 2956 fvevol - ok
07:06:42.0317 2956 gencounter - ok
07:06:42.0321 2956 genericusbfn - ok
07:06:42.0364 2956 [ 8210F7234832CBD6A0E819572FBFFA35 ] GlassWire C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
07:06:42.0471 2956 GlassWire - ok
07:06:42.0477 2956 GPIOClx0101 - ok
07:06:42.0480 2956 gpsvc - ok
07:06:42.0484 2956 GpuEnergyDrv - ok
07:06:42.0491 2956 GraphicsPerfSvc - ok
07:06:42.0500 2956 [ 77621A3DF170D246DC744CD0767BFAB3 ] gwdrv C:\WINDOWS\system32\DRIVERS\gwdrv.sys
07:06:42.0511 2956 gwdrv - ok
07:06:42.0516 2956 HDAudBus - ok
07:06:42.0520 2956 HidBatt - ok
07:06:42.0526 2956 HidBth - ok
07:06:42.0532 2956 hidi2c - ok
07:06:42.0536 2956 hidinterrupt - ok
07:06:42.0542 2956 HidIr - ok
07:06:42.0548 2956 hidserv - ok
07:06:42.0552 2956 hidspi - ok
07:06:42.0559 2956 HidUsb - ok
07:06:42.0568 2956 HpSAMD - ok
07:06:42.0573 2956 HTTP - ok
07:06:42.0580 2956 hvcrash - ok
07:06:42.0584 2956 HvHost - ok
07:06:42.0589 2956 hvservice - ok
07:06:42.0596 2956 HwNClx0101 - ok
07:06:42.0600 2956 hwpolicy - ok
07:06:42.0605 2956 hyperkbd - ok
07:06:42.0612 2956 HyperVideo - ok
07:06:42.0616 2956 i8042prt - ok
07:06:42.0622 2956 iagpio - ok
07:06:42.0628 2956 iai2c - ok
07:06:42.0633 2956 iaLPSS2i_GPIO2 - ok
07:06:42.0638 2956 iaLPSS2i_GPIO2_BXT_P - ok
07:06:42.0645 2956 iaLPSS2i_GPIO2_CNL - ok
07:06:42.0650 2956 iaLPSS2i_GPIO2_GLK - ok
07:06:42.0655 2956 iaLPSS2i_I2C - ok
07:06:42.0662 2956 iaLPSS2i_I2C_BXT_P - ok
07:06:42.0668 2956 iaLPSS2i_I2C_CNL - ok
07:06:42.0673 2956 iaLPSS2i_I2C_GLK - ok
07:06:42.0679 2956 iaLPSSi_GPIO - ok
07:06:42.0684 2956 iaLPSSi_I2C - ok
07:06:42.0689 2956 iaStorAVC - ok
07:06:42.0695 2956 iaStorV - ok
07:06:42.0700 2956 ibbus - ok
07:06:42.0707 2956 icssvc - ok
07:06:42.0773 2956 [ 658287D76E8D77C08AE98989F99B8948 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
07:06:42.0963 2956 igfx - ok
07:06:42.0973 2956 [ A105AD05696D55E6E4F078ED850F6305 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
07:06:43.0025 2956 igfxCUIService2.0.0.0 - ok
07:06:43.0030 2956 IKEEXT - ok
07:06:43.0035 2956 IndirectKmd - ok
07:06:43.0043 2956 InstallService - ok
07:06:43.0094 2956 [ A663CE8A3771A3D36398DC3DB12455E6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
07:06:43.0237 2956 IntcAzAudAddService - ok
07:06:43.0246 2956 [ E300D1E37B737ED14F7A08CD5604E5D9 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
07:06:43.0268 2956 IntcDAud - ok
07:06:43.0273 2956 intelide - ok
07:06:43.0279 2956 intelpep - ok
07:06:43.0285 2956 intelppm - ok
07:06:43.0289 2956 iorate - ok
07:06:43.0295 2956 IpFilterDriver - ok
07:06:43.0302 2956 iphlpsvc - ok
07:06:43.0306 2956 IPMIDRV - ok
07:06:43.0314 2956 IPNAT - ok
07:06:43.0319 2956 IPT - ok
07:06:43.0325 2956 IpxlatCfgSvc - ok
07:06:43.0331 2956 irda - ok
07:06:43.0336 2956 IRENUM - ok
07:06:43.0341 2956 irmon - ok
07:06:43.0347 2956 isapnp - ok
07:06:43.0353 2956 iScsiPrt - ok
07:06:43.0358 2956 [ 1ECC1A421B0AEBF9A6934451FBFD7848 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
07:06:43.0377 2956 ISCT - ok
07:06:43.0383 2956 ItSas35i - ok
07:06:43.0387 2956 kbdclass - ok
07:06:43.0391 2956 kbdhid - ok
07:06:43.0397 2956 kdnic - ok
07:06:43.0402 2956 KeyIso - ok
07:06:43.0406 2956 KSecDD - ok
07:06:43.0412 2956 KSecPkg - ok
07:06:43.0418 2956 ksthunk - ok
07:06:43.0422 2956 KtmRm - ok
07:06:43.0428 2956 LanmanServer - ok
07:06:43.0435 2956 LanmanWorkstation - ok
07:06:43.0442 2956 lfsvc - ok
07:06:43.0450 2956 LicenseManager - ok
07:06:43.0454 2956 lltdio - ok
07:06:43.0461 2956 lltdsvc - ok
07:06:43.0468 2956 lmhosts - ok
07:06:43.0474 2956 LSI_SAS - ok
07:06:43.0480 2956 LSI_SAS2i - ok
07:06:43.0485 2956 LSI_SAS3i - ok
07:06:43.0490 2956 LSI_SSS - ok
07:06:43.0496 2956 LSM - ok
07:06:43.0502 2956 luafv - ok
07:06:43.0506 2956 LxpSvc - ok
07:06:43.0512 2956 MapsBroker - ok
07:06:43.0518 2956 mausbhost - ok
07:06:43.0522 2956 mausbip - ok
07:06:43.0578 2956 [ ECB760B2391608BA4E0A7987ADA70CCF ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
07:06:43.0721 2956 MBAMService - ok
07:06:43.0728 2956 MbbCx - ok
07:06:43.0736 2956 megasas - ok
07:06:43.0739 2956 megasas2i - ok
07:06:43.0746 2956 megasas35i - ok
07:06:43.0753 2956 megasr - ok
07:06:43.0759 2956 [ F1E754DEEB3369BCCE2228D5C10DE101 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
07:06:43.0793 2956 MEIx64 - ok
07:06:43.0799 2956 MessagingService - ok
07:06:43.0804 2956 Microsoft_Bluetooth_AvrcpTransport - ok
07:06:43.0810 2956 mlx4_bus - ok
07:06:43.0818 2956 MMCSS - ok
07:06:43.0822 2956 Modem - ok
07:06:43.0826 2956 monitor - ok
07:06:43.0833 2956 mouclass - ok
07:06:43.0838 2956 mouhid - ok
07:06:43.0844 2956 mountmgr - ok
07:06:43.0851 2956 mpsdrv - ok
07:06:43.0855 2956 mpssvc - ok
07:06:43.0862 2956 MRxDAV - ok
07:06:43.0869 2956 mrxsmb - ok
07:06:43.0873 2956 mrxsmb20 - ok
07:06:43.0879 2956 MsBridge - ok
07:06:43.0885 2956 MSDTC - ok
07:06:43.0895 2956 [ 7F8BDC3C037CB1E5F50E63CCDFD8246E ] MsDtsServer100 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
07:06:43.0913 2956 MsDtsServer100 - ok
07:06:43.0918 2956 Msfs - ok
07:06:43.0922 2956 msgpiowin32 - ok
07:06:43.0927 2956 mshidkmdf - ok
07:06:43.0934 2956 mshidumdf - ok
07:06:43.0939 2956 msisadrv - ok
07:06:43.0945 2956 MSiSCSI - ok
07:06:43.0951 2956 msiserver - ok
07:06:43.0958 2956 MSKSSRV - ok
07:06:43.0964 2956 MsLldp - ok
07:06:43.0970 2956 MSPCLOCK - ok
07:06:43.0975 2956 MSPQM - ok
07:06:43.0982 2956 MsRPC - ok
07:06:43.0993 2956 MsSecFlt - ok
07:06:44.0000 2956 mssmbios - ok
07:06:44.0008 2956 [ 04B4C6CFDEFC0A1C5D1AB212AFF1A9DC ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
07:06:44.0019 2956 MSSQLFDLauncher - ok
07:06:44.0021 2956 MSSQLSERVER - ok
07:06:44.0026 2956 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
07:06:44.0037 2956 MSSQLServerADHelper100 - ok
07:06:44.0041 2956 MSSQLServerOLAPService - ok
07:06:44.0047 2956 MSTEE - ok
07:06:44.0053 2956 MTConfig - ok
07:06:44.0057 2956 Mup - ok
07:06:44.0062 2956 mvumis - ok
07:06:44.0081 2956 NativeWifiP - ok
07:06:44.0087 2956 NaturalAuthentication - ok
07:06:44.0091 2956 NcaSvc - ok
07:06:44.0098 2956 NcbService - ok
07:06:44.0105 2956 NcdAutoSetup - ok
07:06:44.0109 2956 ndfltr - ok
07:06:44.0115 2956 NDIS - ok
07:06:44.0121 2956 NdisCap - ok
07:06:44.0126 2956 NdisImPlatform - ok
07:06:44.0132 2956 NdisTapi - ok
07:06:44.0137 2956 Ndisuio - ok
07:06:44.0142 2956 NdisVirtualBus - ok
07:06:44.0147 2956 NdisWan - ok
07:06:44.0153 2956 ndiswanlegacy - ok
07:06:44.0158 2956 ndproxy - ok
07:06:44.0164 2956 Ndu - ok
07:06:44.0170 2956 NetAdapterCx - ok
07:06:44.0174 2956 NetBIOS - ok
07:06:44.0182 2956 NetBT - ok
07:06:44.0186 2956 Netlogon - ok
07:06:44.0190 2956 Netman - ok
07:06:44.0195 2956 netprofm - ok
07:06:44.0201 2956 NetSetupSvc - ok
07:06:44.0208 2956 NetTcpPortSharing - ok
07:06:44.0215 2956 netvsc - ok
07:06:44.0222 2956 NgcCtnrSvc - ok
07:06:44.0227 2956 NgcSvc - ok
07:06:44.0234 2956 NlaSvc - ok
07:06:44.0240 2956 [ 5A38F3BAD50558F0E09D696ACF612D9E ] NoIPDUCService4 C:\Program Files (x86)\No-IP\ducservice.exe
07:06:44.0246 2956 NoIPDUCService4 ( UnsignedFile.Multi.Generic ) - warning
07:06:44.0246 2956 NoIPDUCService4 - detected UnsignedFile.Multi.Generic (1)
07:06:44.0249 2956 Npfs - ok
07:06:44.0254 2956 npsvctrig - ok
07:06:44.0258 2956 nsi - ok
07:06:44.0264 2956 nsiproxy - ok
07:06:44.0272 2956 Ntfs - ok
07:06:44.0277 2956 Null - ok
07:06:44.0283 2956 nvdimm - ok
07:06:44.0289 2956 nvraid - ok
07:06:44.0294 2956 nvstor - ok
07:06:44.0303 2956 [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:06:44.0323 2956 odserv - ok
07:06:44.0330 2956 [ 43C9CCAA6BE7AED7E2957A7FCFB4AC54 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
07:06:44.0352 2956 OneSyncSvc - ok
07:06:44.0371 2956 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:06:44.0385 2956 ose - ok
07:06:44.0390 2956 p2pimsvc - ok
07:06:44.0397 2956 p2psvc - ok
07:06:44.0401 2956 Parport - ok
07:06:44.0406 2956 partmgr - ok
07:06:44.0412 2956 PcaSvc - ok
07:06:44.0418 2956 pci - ok
07:06:44.0424 2956 pciide - ok
07:06:44.0430 2956 pcmcia - ok
07:06:44.0436 2956 pcw - ok
07:06:44.0441 2956 pdc - ok
07:06:44.0446 2956 PEAUTH - ok
07:06:44.0453 2956 PeerDistSvc - ok
07:06:44.0458 2956 perceptionsimulation - ok
07:06:44.0465 2956 percsas2i - ok
07:06:44.0471 2956 percsas3i - ok
07:06:44.0494 2956 PerfHost - ok
07:06:44.0506 2956 PhoneSvc - ok
07:06:44.0511 2956 PimIndexMaintenanceSvc - ok
07:06:44.0517 2956 PktMon - ok
07:06:44.0522 2956 pla - ok
07:06:44.0527 2956 PlugPlay - ok
07:06:44.0532 2956 pmem - ok
07:06:44.0538 2956 PNPMEM - ok
07:06:44.0543 2956 PNRPAutoReg - ok
07:06:44.0548 2956 PNRPsvc - ok
07:06:44.0554 2956 PolicyAgent - ok
07:06:44.0561 2956 Power - ok
07:06:44.0567 2956 PptpMiniport - ok
07:06:44.0601 2956 [ 66A0B1A55F21A275B7D5DECD295BD92A ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
07:06:44.0687 2956 PrintNotify - ok
07:06:44.0693 2956 PrintWorkflowUserSvc - ok
07:06:44.0700 2956 Processor - ok
07:06:44.0706 2956 ProfSvc - ok
07:06:44.0711 2956 Psched - ok
07:06:44.0717 2956 PushToInstall - ok
07:06:44.0723 2956 QWAVE - ok
07:06:44.0728 2956 QWAVEdrv - ok
07:06:44.0735 2956 Ramdisk - ok
07:06:44.0741 2956 RasAcd - ok
07:06:44.0746 2956 RasAgileVpn - ok
07:06:44.0752 2956 RasAuto - ok
07:06:44.0757 2956 Rasl2tp - ok
07:06:44.0764 2956 RasMan - ok
07:06:44.0769 2956 RasPppoe - ok
07:06:44.0773 2956 RasSstp - ok
07:06:44.0777 2956 rdbss - ok
07:06:44.0786 2956 rdpbus - ok
07:06:44.0791 2956 RDPDR - ok
07:06:44.0803 2956 RdpVideoMiniport - ok
07:06:44.0808 2956 rdyboost - ok
07:06:44.0813 2956 ReFS - ok
07:06:44.0819 2956 ReFSv1 - ok
07:06:44.0825 2956 RemoteAccess - ok
07:06:44.0829 2956 RemoteRegistry - ok
07:06:44.0852 2956 [ C649D0BF27083B0E483C9F6C0AC8FB88 ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
07:06:44.0912 2956 ReportServer - ok
07:06:44.0917 2956 RetailDemo - ok
07:06:44.0920 2956 RFCOMM - ok
07:06:44.0925 2956 rhproxy - ok
07:06:44.0930 2956 RmSvc - ok
07:06:44.0938 2956 RpcEptMapper - ok
07:06:44.0943 2956 RpcLocator - ok
07:06:44.0949 2956 RpcSs - ok
07:06:44.0958 2956 [ 22DA6D12C5C7071CF4226316A7EB1BF2 ] RsFx0153 C:\WINDOWS\system32\DRIVERS\RsFx0153.sys
07:06:44.0989 2956 RsFx0153 - ok
07:06:44.0993 2956 rspndr - ok
07:06:44.0999 2956 rt640x64 - ok
07:06:45.0008 2956 s3cap - ok
07:06:45.0014 2956 SamSs - ok
07:06:45.0029 2956 sbp2port - ok
07:06:45.0037 2956 SCardSvr - ok
07:06:45.0042 2956 ScDeviceEnum - ok
07:06:45.0048 2956 scfilter - ok
07:06:45.0054 2956 Schedule - ok
07:06:45.0060 2956 scmbus - ok
07:06:45.0067 2956 SCPolicySvc - ok
07:06:45.0074 2956 sdbus - ok
07:06:45.0078 2956 SDFRd - ok
07:06:45.0085 2956 SDRSVC - ok
07:06:45.0091 2956 sdstor - ok
07:06:45.0096 2956 seclogon - ok
07:06:45.0102 2956 SecurityHealthService - ok
07:06:45.0110 2956 SEMgrSvc - ok
07:06:45.0115 2956 SENS - ok
07:06:45.0121 2956 Sense - ok
07:06:45.0127 2956 SensorDataService - ok
07:06:45.0135 2956 SensorService - ok
07:06:45.0140 2956 SensrSvc - ok
07:06:45.0145 2956 SerCx - ok
07:06:45.0151 2956 SerCx2 - ok
07:06:45.0157 2956 Serenum - ok
07:06:45.0162 2956 Serial - ok
07:06:45.0169 2956 sermouse - ok
07:06:45.0184 2956 SessionEnv - ok
07:06:45.0190 2956 sfloppy - ok
07:06:45.0195 2956 SgrmAgent - ok
07:06:45.0202 2956 SgrmBroker - ok
07:06:45.0208 2956 SharedAccess - ok
07:06:45.0214 2956 SharedRealitySvc - ok
07:06:45.0222 2956 ShellHWDetection - ok
07:06:45.0228 2956 shpamsvc - ok
07:06:45.0234 2956 SiSRaid2 - ok
07:06:45.0240 2956 SiSRaid4 - ok
07:06:45.0248 2956 SmartSAMD - ok
07:06:45.0255 2956 smbdirect - ok
07:06:45.0261 2956 smphost - ok
07:06:45.0267 2956 SmsRouter - ok
07:06:45.0279 2956 SNMPTRAP - ok
07:06:45.0288 2956 spaceport - ok
07:06:45.0301 2956 SpatialGraphFilter - ok
07:06:45.0307 2956 SpbCx - ok
07:06:45.0312 2956 spectrum - ok
07:06:45.0320 2956 Spooler - ok
07:06:45.0324 2956 sppsvc - ok
07:06:45.0332 2956 [ 8CCEB846D14085492E15EAB9AEBEA57A ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
07:06:45.0349 2956 SQLBrowser - ok
07:06:45.0360 2956 [ 472F7C2D64996748588AFDF96BC6FFE0 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
07:06:45.0382 2956 SQLSERVERAGENT - ok
07:06:45.0389 2956 [ 1BCAB96462F3048D6F4F5EF91C192A24 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:06:45.0402 2956 SQLWriter - ok
07:06:45.0407 2956 srv2 - ok
07:06:45.0411 2956 srvnet - ok
07:06:45.0419 2956 SSDPSRV - ok
07:06:45.0429 2956 [ 9FFECD197D09FF33B00D5E5B78A48146 ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
07:06:45.0452 2956 ssh-agent - ok
07:06:45.0457 2956 SstpSvc - ok
07:06:45.0462 2956 StateRepository - ok
07:06:45.0467 2956 stexstor - ok
07:06:45.0474 2956 stisvc - ok
07:06:45.0479 2956 storahci - ok
07:06:45.0485 2956 storflt - ok
07:06:45.0492 2956 stornvme - ok
07:06:45.0497 2956 storqosflt - ok
07:06:45.0503 2956 StorSvc - ok
07:06:45.0509 2956 storufs - ok
07:06:45.0514 2956 storvsc - ok
07:06:45.0520 2956 svsvc - ok
07:06:45.0536 2956 swenum - ok
07:06:45.0541 2956 swprv - ok
07:06:45.0546 2956 Synth3dVsc - ok
07:06:45.0552 2956 SysMain - ok
07:06:45.0559 2956 SystemEventsBroker - ok
07:06:45.0563 2956 TabletInputService - ok
07:06:45.0570 2956 TapiSrv - ok
07:06:45.0576 2956 Tcpip - ok
07:06:45.0581 2956 Tcpip6 - ok
07:06:45.0589 2956 tcpipreg - ok
07:06:45.0597 2956 tdx - ok
07:06:45.0691 2956 [ 5F91EAB16B9BCFFECD58202FBD48F518 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
07:06:45.0933 2956 TeamViewer - ok
07:06:45.0944 2956 terminpt - ok
07:06:45.0953 2956 TermService - ok
07:06:45.0959 2956 Themes - ok
07:06:45.0964 2956 TieringEngineService - ok
07:06:45.0971 2956 TimeBrokerSvc - ok
07:06:45.0981 2956 TokenBroker - ok
07:06:45.0988 2956 TPM - ok
07:06:45.0993 2956 TrkWks - ok
07:06:45.0997 2956 TrustedInstaller - ok
07:06:46.0009 2956 TsUsbFlt - ok
07:06:46.0019 2956 TsUsbGD - ok
07:06:46.0025 2956 tsusbhub - ok
07:06:46.0033 2956 tunnel - ok
07:06:46.0042 2956 tzautoupdate - ok
07:06:46.0051 2956 UASPStor - ok
07:06:46.0057 2956 UcmCx0101 - ok
07:06:46.0062 2956 UcmTcpciCx0101 - ok
07:06:46.0068 2956 UcmUcsi - ok
07:06:46.0075 2956 UcmUcsiAcpiClient - ok
07:06:46.0084 2956 UcmUcsiCx0101 - ok
07:06:46.0090 2956 Ucx01000 - ok
07:06:46.0095 2956 UdeCx - ok
07:06:46.0100 2956 udfs - ok
07:06:46.0106 2956 UEFI - ok
07:06:46.0112 2956 UevAgentDriver - ok
07:06:46.0117 2956 UevAgentService - ok
07:06:46.0123 2956 Ufx01000 - ok
07:06:46.0129 2956 UfxChipidea - ok
07:06:46.0134 2956 ufxsynopsys - ok
07:06:46.0145 2956 umbus - ok
07:06:46.0150 2956 UmPass - ok
07:06:46.0157 2956 UmRdpService - ok
07:06:46.0163 2956 UnistoreSvc - ok
07:06:46.0169 2956 upnphost - ok
07:06:46.0176 2956 UrsChipidea - ok
07:06:46.0180 2956 UrsCx01000 - ok
07:06:46.0187 2956 UrsSynopsys - ok
07:06:46.0193 2956 usbccgp - ok
07:06:46.0198 2956 usbcir - ok
07:06:46.0204 2956 usbehci - ok
07:06:46.0210 2956 usbhub - ok
07:06:46.0214 2956 USBHUB3 - ok
07:06:46.0221 2956 usbohci - ok
07:06:46.0227 2956 usbprint - ok
07:06:46.0231 2956 usbser - ok
07:06:46.0237 2956 USBSTOR - ok
07:06:46.0244 2956 usbuhci - ok
07:06:46.0248 2956 USBXHCI - ok
07:06:46.0255 2956 UserDataSvc - ok
07:06:46.0260 2956 UserManager - ok
07:06:46.0265 2956 UsoSvc - ok
07:06:46.0271 2956 VacSvc - ok
07:06:46.0277 2956 VaultSvc - ok
07:06:46.0282 2956 vdrvroot - ok
07:06:46.0288 2956 vds - ok
07:06:46.0295 2956 VerifierExt - ok
07:06:46.0300 2956 vhdmp - ok
07:06:46.0309 2956 vhf - ok
07:06:46.0315 2956 Vid - ok
07:06:46.0321 2956 vmbus - ok
07:06:46.0327 2956 VMBusHID - ok
07:06:46.0332 2956 vmgid - ok
07:06:46.0338 2956 vmicguestinterface - ok
07:06:46.0344 2956 vmicheartbeat - ok
07:06:46.0349 2956 vmickvpexchange - ok
07:06:46.0354 2956 vmicrdv - ok
07:06:46.0361 2956 vmicshutdown - ok
07:06:46.0365 2956 vmictimesync - ok
07:06:46.0371 2956 vmicvmsession - ok
07:06:46.0377 2956 vmicvss - ok
07:06:46.0382 2956 volmgr - ok
07:06:46.0388 2956 volmgrx - ok
07:06:46.0394 2956 volsnap - ok
07:06:46.0399 2956 volume - ok
07:06:46.0404 2956 vpci - ok
07:06:46.0410 2956 vsmraid - ok
07:06:46.0415 2956 VSS - ok
07:06:46.0421 2956 VSTXRAID - ok
07:06:46.0428 2956 vwifibus - ok
07:06:46.0432 2956 vwififlt - ok
07:06:46.0439 2956 W32Time - ok
07:06:46.0445 2956 WaaSMedicSvc - ok
07:06:46.0449 2956 WacomPen - ok
07:06:46.0456 2956 WalletService - ok
07:06:46.0462 2956 wanarp - ok
07:06:46.0467 2956 wanarpv6 - ok
07:06:46.0474 2956 WarpJITSvc - ok
07:06:46.0480 2956 wbengine - ok
07:06:46.0486 2956 WbioSrvc - ok
07:06:46.0493 2956 wcifs - ok
07:06:46.0498 2956 Wcmsvc - ok
07:06:46.0504 2956 wcncsvc - ok
07:06:46.0511 2956 wcnfs - ok
07:06:46.0515 2956 WdBoot - ok
07:06:46.0521 2956 Wdf01000 - ok
07:06:46.0528 2956 WdFilter - ok
07:06:46.0532 2956 WdiServiceHost - ok
07:06:46.0538 2956 WdiSystemHost - ok
07:06:46.0544 2956 wdiwifi - ok
07:06:46.0549 2956 WdmCompanionFilter - ok
07:06:46.0555 2956 WdNisDrv - ok
07:06:46.0560 2956 WdNisSvc - ok
07:06:46.0566 2956 [ 1D811E1FEEC39C306B1A9972E20CE742 ] WebCacheService C:\PROGRA~2\COMMON~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE
07:06:46.0577 2956 WebCacheService - ok
07:06:46.0582 2956 WebClient - ok
07:06:46.0588 2956 Wecsvc - ok
07:06:46.0595 2956 WEPHOSTSVC - ok
07:06:46.0600 2956 wercplsupport - ok
07:06:46.0607 2956 WerSvc - ok
07:06:46.0613 2956 WFDSConMgrSvc - ok
07:06:46.0619 2956 WFPLWFS - ok
07:06:46.0626 2956 WiaRpc - ok
07:06:46.0632 2956 WIMMount - ok
07:06:46.0636 2956 WinDefend - ok
07:06:46.0649 2956 WindowsTrustedRT - ok
07:06:46.0656 2956 WindowsTrustedRTProxy - ok
07:06:46.0662 2956 WinHttpAutoProxySvc - ok
07:06:46.0668 2956 WinMad - ok
07:06:46.0677 2956 Winmgmt - ok
07:06:46.0682 2956 WinNat - ok
07:06:46.0688 2956 WinQuic - ok
07:06:46.0698 2956 WinRM - ok
07:06:46.0710 2956 WINUSB - ok
07:06:46.0715 2956 WinVerbs - ok
07:06:46.0722 2956 wisvc - ok
07:06:46.0729 2956 WlanSvc - ok
07:06:46.0734 2956 wlidsvc - ok
07:06:46.0740 2956 wlpasvc - ok
07:06:46.0748 2956 WManSvc - ok
07:06:46.0753 2956 WmiAcpi - ok
07:06:46.0763 2956 wmiApSrv - ok
07:06:46.0767 2956 WMPNetworkSvc - ok
07:06:46.0777 2956 [ 7BDD8CD05D67CDC66E00D061F0F5F010 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
07:06:46.0806 2956 Wof - ok
07:06:46.0814 2956 workfolderssvc - ok
07:06:46.0819 2956 WpcMonSvc - ok
07:06:46.0826 2956 WPDBusEnum - ok
07:06:46.0832 2956 WpdUpFltr - ok
07:06:46.0838 2956 WpnService - ok
07:06:46.0844 2956 WpnUserService - ok
07:06:46.0849 2956 ws2ifsl - ok
07:06:46.0856 2956 wscsvc - ok
07:06:46.0863 2956 WSearch - ok
07:06:46.0873 2956 wuauserv - ok
07:06:46.0880 2956 WudfPf - ok
07:06:46.0885 2956 WUDFRd - ok
07:06:46.0891 2956 WwanSvc - ok
07:06:46.0897 2956 XblAuthManager - ok
07:06:46.0903 2956 XblGameSave - ok
07:06:46.0921 2956 xboxgip - ok
07:06:46.0927 2956 XboxGipSvc - ok
07:06:46.0932 2956 XboxNetApiSvc - ok
07:06:46.0937 2956 xinputhid - ok
07:06:46.0947 2956 [ DCF1C283860C3CAB0BF0A71528A0136C ] XtuAcpiDriver C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
07:06:46.0966 2956 XtuAcpiDriver - ok
07:06:46.0972 2956 ================ Scan global ===============================
07:06:46.0990 2956 [Global] - ok
07:06:46.0993 2956 ================ Scan MBR ==================================
07:06:46.0995 2956 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
07:06:47.0017 2956 \Device\Harddisk0\DR0 - ok
07:06:47.0061 2956 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:06:47.0136 2956 \Device\Harddisk1\DR1 - ok
07:06:47.0137 2956 ================ Scan VBR ==================================
07:06:47.0143 2956 [ 6F5B3D4D2A2015F310DFD50B14B8B5B8 ] \Device\Harddisk0\DR0\Partition1
07:06:47.0145 2956 \Device\Harddisk0\DR0\Partition1 - ok
07:06:47.0153 2956 [ FD53515A9800411E0E5114FB35AAFB21 ] \Device\Harddisk0\DR0\Partition2
07:06:47.0154 2956 \Device\Harddisk0\DR0\Partition2 - ok
07:06:47.0164 2956 [ 7E30E29D40DA543DFCF0558C5B4920A9 ] \Device\Harddisk0\DR0\Partition3
07:06:47.0165 2956 \Device\Harddisk0\DR0\Partition3 - ok
07:06:47.0170 2956 [ 0996CC70611CFAEC548269D72F23AF1E ] \Device\Harddisk0\DR0\Partition4
07:06:47.0171 2956 \Device\Harddisk0\DR0\Partition4 - ok
07:06:47.0177 2956 [ E984D2752F3B8CB26A80303750726B7F ] \Device\Harddisk1\DR1\Partition1
07:06:47.0179 2956 \Device\Harddisk1\DR1\Partition1 - ok
07:06:47.0181 2956 ================ Scan active images ========================
07:06:47.0183 2956 [ 3BA076BB4839EF21100BE56F7109CACC ] C:\Windows\System32\drivers\crashdmp.sys
07:06:47.0183 2956 C:\Windows\System32\drivers\crashdmp.sys - ok
07:06:47.0188 2956 [ 0D27911CA375F7F522F019CE0497653A ] C:\Windows\System32\drivers\Diskdump.sys
07:06:47.0188 2956 C:\Windows\System32\drivers\Diskdump.sys - ok
07:06:47.0196 2956 [ 9DA9203768E6961AB5DB302DAF9D3347 ] C:\Windows\System32\drivers\storahci.sys
07:06:47.0196 2956 C:\Windows\System32\drivers\storahci.sys - ok
07:06:47.0199 2956 [ 0EB206A82C0CD88C8C53CA8891B491C2 ] C:\Windows\System32\drivers\dumpfve.sys
07:06:47.0199 2956 C:\Windows\System32\drivers\dumpfve.sys - ok
07:06:47.0202 2956 [ 3F572A16A66941666F53CC5049AFCF8F ] C:\Windows\System32\drivers\aswSP.sys
07:06:47.0202 2956 C:\Windows\System32\drivers\aswSP.sys - ok
07:06:47.0208 2956 [ D7FAEE38C867DFDAA626B886A7AEA89A ] C:\Windows\System32\drivers\cdrom.sys
07:06:47.0208 2956 C:\Windows\System32\drivers\cdrom.sys - ok
07:06:47.0213 2956 [ 074A4CEEB893D54CCD4A17DD16CD6B12 ] C:\Windows\System32\drivers\aswSnx.sys
07:06:47.0214 2956 C:\Windows\System32\drivers\aswSnx.sys - ok
07:06:47.0217 2956 [ 41E3E18177FBEADE3A4EDE153C4F8160 ] C:\Windows\System32\drivers\ks.sys
07:06:47.0217 2956 C:\Windows\System32\drivers\ks.sys - ok
07:06:47.0220 2956 [ D64F99DD8480935CDA61ADC66C81FE87 ] C:\Windows\System32\drivers\filecrypt.sys
07:06:47.0220 2956 C:\Windows\System32\drivers\filecrypt.sys - ok
07:06:47.0226 2956 [ 218B208F753FC7411787D33C0E4D76BD ] C:\Windows\System32\drivers\tbs.sys
07:06:47.0226 2956 C:\Windows\System32\drivers\tbs.sys - ok
07:06:47.0229 2956 [ ED3F404331EC3532CB96E84B97C4EB30 ] C:\Windows\System32\drivers\aswKbd.sys
07:06:47.0229 2956 C:\Windows\System32\drivers\aswKbd.sys - ok
07:06:47.0232 2956 [ B02C098721C7A12C959E16850641F783 ] C:\Windows\System32\drivers\beep.sys
07:06:47.0232 2956 C:\Windows\System32\drivers\beep.sys - ok
07:06:47.0236 2956 [ ECCCCEC473E9BB8778E6BD0DC5EDA2B8 ] C:\Windows\System32\drivers\null.sys
07:06:47.0236 2956 C:\Windows\System32\drivers\null.sys - ok
07:06:47.0241 2956 [ DC3EEF7AC28A107FABC987A198433D30 ] C:\Windows\System32\drivers\watchdog.sys
07:06:47.0241 2956 C:\Windows\System32\drivers\watchdog.sys - ok
07:06:47.0247 2956 [ E09D70A934EB943ACCD278D904054592 ] C:\Windows\System32\drivers\dxgkrnl.sys
07:06:47.0247 2956 C:\Windows\System32\drivers\dxgkrnl.sys - ok
07:06:47.0250 2956 [ 5D97E67BAA0EE0AA78EDDE8BE78344B6 ] C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys
07:06:47.0250 2956 C:\Windows\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys - ok
07:06:47.0254 2956 [ 5DA606023922A06B1C4160761EDF5AF3 ] C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys
07:06:47.0255 2956 C:\Windows\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys - ok
07:06:47.0260 2956 [ CAA1D0E95B7F11811141E17EC7D1E45F ] C:\Windows\System32\drivers\npfs.sys
07:06:47.0260 2956 C:\Windows\System32\drivers\npfs.sys - ok
07:06:47.0265 2956 [ 5E10BB1772C8E21C9B2ECD99BF3BF997 ] C:\Windows\System32\drivers\msfs.sys
07:06:47.0265 2956 C:\Windows\System32\drivers\msfs.sys - ok
07:06:47.0268 2956 [ 10E10E26125C35FEE359B463B3AD30B6 ] C:\Windows\System32\drivers\tdi.sys
07:06:47.0268 2956 C:\Windows\System32\drivers\tdi.sys - ok
07:06:47.0272 2956 [ E5CE3388A455ED80480EAE3A8ADD53A9 ] C:\Windows\System32\drivers\tdx.sys
07:06:47.0272 2956 C:\Windows\System32\drivers\tdx.sys - ok
07:06:47.0279 2956 [ 5194BF2FEDA9F6BE6F7691EDA1F910DE ] C:\Windows\System32\drivers\afunix.sys
07:06:47.0279 2956 C:\Windows\System32\drivers\afunix.sys - ok
07:06:47.0282 2956 [ D0BC9CD2673FB112880889845F10C44D ] C:\Windows\System32\drivers\aswRdr2.sys
07:06:47.0282 2956 C:\Windows\System32\drivers\aswRdr2.sys - ok
07:06:47.0285 2956 [ 717FC248242BDCBB3B8159B8098BD34F ] C:\Windows\System32\drivers\netbt.sys
07:06:47.0285 2956 C:\Windows\System32\drivers\netbt.sys - ok
07:06:47.0290 2956 [ 5AFE650194C07BE81CB5A01B72549A1B ] C:\Windows\System32\drivers\afd.sys
07:06:47.0290 2956 C:\Windows\System32\drivers\afd.sys - ok
07:06:47.0296 2956 [ 77621A3DF170D246DC744CD0767BFAB3 ] C:\Windows\System32\drivers\gwdrv.sys
07:06:47.0296 2956 C:\Windows\System32\drivers\gwdrv.sys - ok
07:06:47.0300 2956 [ 510865271FDA73ACE622A4E74CEDC32E ] C:\Windows\System32\drivers\vwififlt.sys
07:06:47.0300 2956 C:\Windows\System32\drivers\vwififlt.sys - ok
07:06:47.0304 2956 [ 1680BBF697C0F93857131292C134A99F ] C:\Windows\System32\drivers\netbios.sys
07:06:47.0304 2956 C:\Windows\System32\drivers\netbios.sys - ok
07:06:47.0310 2956 [ 14D167238A8C42EA8E951A5A956DEF42 ] C:\Windows\System32\drivers\pacer.sys
07:06:47.0310 2956 C:\Windows\System32\drivers\pacer.sys - ok
07:06:47.0315 2956 [ 59D0951107DFC90B37FEFD24ACFB631C ] C:\Windows\System32\drivers\rdbss.sys
07:06:47.0315 2956 C:\Windows\System32\drivers\rdbss.sys - ok
07:06:47.0318 2956 [ 92AF73FAE4F0D3E95ADE69C45CAF5022 ] C:\Windows\System32\drivers\csc.sys
07:06:47.0318 2956 C:\Windows\System32\drivers\csc.sys - ok
07:06:47.0322 2956 [ 7782D0BEEF87BFF841B5684E3FBCAC1B ] C:\Windows\System32\drivers\nsiproxy.sys
07:06:47.0322 2956 C:\Windows\System32\drivers\nsiproxy.sys - ok
07:06:47.0328 2956 [ C7E85EEDBC05491FF1CDD3ACA98FA1DE ] C:\Windows\System32\drivers\dfsc.sys
07:06:47.0328 2956 C:\Windows\System32\drivers\dfsc.sys - ok
07:06:47.0333 2956 [ FB0B8778A55ED71728D28E9B3889A11E ] C:\Windows\System32\drivers\gpuenergydrv.sys
07:06:47.0333 2956 C:\Windows\System32\drivers\gpuenergydrv.sys - ok
07:06:47.0336 2956 [ 6EE73A7918BC1EC7EFAC4A32DCFC8B13 ] C:\Windows\System32\drivers\mssmbios.sys
07:06:47.0336 2956 C:\Windows\System32\drivers\mssmbios.sys - ok
07:06:47.0342 2956 [ 720633286CA7E9E1FD1456338317AD8A ] C:\Windows\System32\drivers\npsvctrig.sys
07:06:47.0342 2956 C:\Windows\System32\drivers\npsvctrig.sys - ok
07:06:47.0348 2956 [ 567EBEC0D1127D2E48A68273DF9049B2 ] C:\Windows\System32\drivers\dam.sys
07:06:47.0348 2956 C:\Windows\System32\drivers\dam.sys - ok
07:06:47.0351 2956 [ 59096A8B907475C5375BEF948F96D8F9 ] C:\Windows\System32\drivers\fastfat.sys
07:06:47.0351 2956 C:\Windows\System32\drivers\fastfat.sys - ok
07:06:47.0355 2956 [ 90DB9B40AADC14DC02CBBABAE97070E2 ] C:\Windows\System32\drivers\aswbidsdrivera.sys
07:06:47.0355 2956 C:\Windows\System32\drivers\aswbidsdrivera.sys - ok
07:06:47.0361 2956 [ 71548492830E902A94EF21CE6D22C2E6 ] C:\Windows\System32\drivers\aswHdsKe.sys
07:06:47.0361 2956 C:\Windows\System32\drivers\aswHdsKe.sys - ok
07:06:47.0365 2956 [ E42AF3C735EFBAB61D00B5101190ACE8 ] C:\Windows\System32\drivers\bam.sys
07:06:47.0365 2956 C:\Windows\System32\drivers\bam.sys - ok
07:06:47.0371 2956 [ AE0B2FAC90C4DF325F24A7BE70CE5609 ] C:\Windows\System32\drivers\ahcache.sys
07:06:47.0371 2956 C:\Windows\System32\drivers\ahcache.sys - ok
07:06:47.0378 2956 [ 700D6A0331BEFD4ED9CFBB3234B335E7 ] C:\Windows\System32\drivers\aswArPot.sys
07:06:47.0378 2956 C:\Windows\System32\drivers\aswArPot.sys - ok
07:06:47.0383 2956 [ 7841121E05EE3D540266092A6E86AE77 ] C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys
07:06:47.0383 2956 C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_e4d35af746093dc3\CompositeBus.sys - ok
07:06:47.0387 2956 [ 92DBC56CF0C981AAAAADDEAA6A563E39 ] C:\Windows\System32\drivers\kdnic.sys
07:06:47.0387 2956 C:\Windows\System32\drivers\kdnic.sys - ok
07:06:47.0391 2956 [ EFF6A344D0633A443C677E6CFD4CAE39 ] C:\Windows\System32\drivers\Vid.sys
07:06:47.0391 2956 C:\Windows\System32\drivers\Vid.sys - ok
07:06:47.0398 2956 [ D6A5065C892CC1A72826EEA5C322A2D6 ] C:\Windows\System32\drivers\winhvr.sys
07:06:47.0398 2956 C:\Windows\System32\drivers\winhvr.sys - ok
07:06:47.0401 2956 [ 07B0CD801BBF164F36DA3EE9F25C721D ] C:\Windows\System32\drivers\umbus.sys
07:06:47.0401 2956 C:\Windows\System32\drivers\umbus.sys - ok
07:06:47.0406 2956 [ 658287D76E8D77C08AE98989F99B8948 ] C:\Windows\System32\drivers\igdkmd64.sys
07:06:47.0406 2956 C:\Windows\System32\drivers\igdkmd64.sys - ok
07:06:47.0412 2956 [ BC779BE4E60B7D8DE754804DB622F6F8 ] C:\Windows\System32\drivers\drmk.sys
07:06:47.0412 2956 C:\Windows\System32\drivers\drmk.sys - ok
07:06:47.0416 2956 [ 855678C1760AE7DCE0CF2BAFD989176E ] C:\Windows\System32\drivers\hdaudbus.sys
07:06:47.0416 2956 C:\Windows\System32\drivers\hdaudbus.sys - ok
07:06:47.0420 2956 [ 0FBBB090A5CA64A32BB05D58CB872F36 ] C:\Windows\System32\drivers\portcls.sys
07:06:47.0420 2956 C:\Windows\System32\drivers\portcls.sys - ok
07:06:47.0427 2956 [ 8BC17A0C2D93B66CDA5C5A9DC6854406 ] C:\Windows\System32\drivers\Ucx01000.sys
07:06:47.0427 2956 C:\Windows\System32\drivers\Ucx01000.sys - ok
07:06:47.0431 2956 [ 10165ECCC7A1DF3C1B6AA53C8EB2A87F ] C:\Windows\System32\drivers\USBXHCI.SYS
07:06:47.0431 2956 C:\Windows\System32\drivers\USBXHCI.SYS - ok
07:06:47.0435 2956 [ F1E754DEEB3369BCCE2228D5C10DE101 ] C:\Windows\System32\drivers\TeeDriverW8x64.sys
07:06:47.0435 2956 C:\Windows\System32\drivers\TeeDriverW8x64.sys - ok
07:06:47.0439 2956 [ 8075806A5A0C495CE6BA57C60A88A72D ] C:\Windows\System32\drivers\usbport.sys
07:06:47.0439 2956 C:\Windows\System32\drivers\usbport.sys - ok
07:06:47.0445 2956 [ 7E29520C0B9E3E4039C8D2946557CF3D ] C:\Windows\System32\drivers\rt640x64.sys
07:06:47.0445 2956 C:\Windows\System32\drivers\rt640x64.sys - ok
07:06:47.0449 2956 [ 4CABA64DF4B1F3E772E70FD4FAE6CA0C ] C:\Windows\System32\drivers\usbehci.sys
07:06:47.0449 2956 C:\Windows\System32\drivers\usbehci.sys - ok
07:06:47.0452 2956 [ 84BD903F361891CB3C3CEB1DA5198130 ] C:\Windows\System32\drivers\intelppm.sys
07:06:47.0452 2956 C:\Windows\System32\drivers\intelppm.sys - ok
07:06:47.0457 2956 [ 51B9B16E99B1EF7D2107629DB8C4B578 ] C:\Windows\System32\drivers\serenum.sys
07:06:47.0457 2956 C:\Windows\System32\drivers\serenum.sys - ok
07:06:47.0463 2956 [ 6D581AD1593B35711075886F153A8BAE ] C:\Windows\System32\drivers\serial.sys
07:06:47.0463 2956 C:\Windows\System32\drivers\serial.sys - ok
07:06:47.0467 2956 [ 8943C52909164A64195645C618C276BE ] C:\Windows\System32\drivers\wmiacpi.sys
07:06:47.0467 2956 C:\Windows\System32\drivers\wmiacpi.sys - ok
07:06:47.0470 2956 [ 1ECC1A421B0AEBF9A6934451FBFD7848 ] C:\Windows\System32\drivers\ISCTD64.sys
07:06:47.0470 2956 C:\Windows\System32\drivers\ISCTD64.sys - ok
07:06:47.0476 2956 [ 69E1E41C47B2B11C53A6193E49ADEF11 ] C:\Windows\System32\drivers\NdisVirtualBus.sys
07:06:47.0476 2956 C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
07:06:47.0481 2956 [ E1D26FA75626B66D0020E07E30CDEC8C ] C:\Windows\System32\drivers\uefi.sys
07:06:47.0481 2956 C:\Windows\System32\drivers\uefi.sys - ok
07:06:47.0484 2956 [ DCF1C283860C3CAB0BF0A71528A0136C ] C:\Windows\System32\drivers\XtuAcpiDriver.sys
07:06:47.0484 2956 C:\Windows\System32\drivers\XtuAcpiDriver.sys - ok
07:06:47.0488 2956 [ B8ACABC8939CB50047C2BF0272B5156C ] C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys
07:06:47.0488 2956 C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_31f554b660026323\swenum.sys - ok
07:06:47.0497 2956 [ 76C18F3B4EB5BC611FA7F249CF676911 ] C:\Windows\System32\drivers\rdpbus.sys
07:06:47.0497 2956 C:\Windows\System32\drivers\rdpbus.sys - ok
07:06:47.0501 2956 [ 9A03DD73B5539B788AD243AF07E7305B ] C:\Windows\System32\ntdll.dll
07:06:47.0501 2956 C:\Windows\System32\ntdll.dll - ok
07:06:47.0505 2956 [ 03CE2BA7D96391AEA2BFD935D243260F ] C:\Windows\System32\smss.exe
07:06:47.0505 2956 C:\Windows\System32\smss.exe - ok
07:06:47.0511 2956 [ 6F432A26C3998A0BE71916955F0F29B8 ] C:\Windows\System32\coml2.dll
07:06:47.0511 2956 C:\Windows\System32\coml2.dll - ok
07:06:47.0517 2956 [ BF0F47FB6368A2275816F8823E16E414 ] C:\Windows\System32\drivers\usbd.sys
07:06:47.0517 2956 C:\Windows\System32\drivers\usbd.sys - ok
07:06:47.0520 2956 [ 04A34578BC8A70B5698D1D950C4F22FB ] C:\Windows\System32\drivers\usbhub.sys
07:06:47.0520 2956 C:\Windows\System32\drivers\usbhub.sys - ok
07:06:47.0526 2956 [ 180FAF69B9AD13BA08E20BE87544D606 ] C:\Windows\System32\shell32.dll
07:06:47.0526 2956 C:\Windows\System32\shell32.dll - ok
07:06:47.0531 2956 [ A5398A699E617D6F6440E3EEF9060507 ] C:\Windows\System32\Wldap32.dll
07:06:47.0531 2956 C:\Windows\System32\Wldap32.dll - ok
07:06:47.0535 2956 [ 6C5563F34424790A8F23985D837D18C0 ] C:\Windows\System32\drivers\USBHUB3.SYS
07:06:47.0535 2956 C:\Windows\System32\drivers\USBHUB3.SYS - ok
07:06:47.0538 2956 [ CC6C389834B7835AC734C05AAB8411C4 ] C:\Windows\System32\msctf.dll
07:06:47.0538 2956 C:\Windows\System32\msctf.dll - ok
07:06:47.0545 2956 [ A7777BE61702923E539E5EAA58A44240 ] C:\Windows\System32\rpcrt4.dll
07:06:47.0545 2956 C:\Windows\System32\rpcrt4.dll - ok
07:06:47.0550 2956 [ 14E4FCFCE2465FC30B2B58A072568400 ] C:\Windows\System32\wow64.dll
07:06:47.0550 2956 C:\Windows\System32\wow64.dll - ok
07:06:47.0553 2956 [ 9B2B0E1D4965C3C6C9E699A9F6738FFB ] C:\Windows\System32\msvcrt.dll
07:06:47.0553 2956 C:\Windows\System32\msvcrt.dll - ok
07:06:47.0559 2956 [ CABC32218756D2FE73DA9D343D676729 ] C:\Windows\System32\SHCore.dll
07:06:47.0559 2956 C:\Windows\System32\SHCore.dll - ok
07:06:47.0565 2956 [ 00B22901A8C6D1C67DD7B0E2D63763AB ] C:\Windows\System32\gdi32.dll
07:06:47.0565 2956 C:\Windows\System32\gdi32.dll - ok
07:06:47.0569 2956 [ F9068469C512AB3B8EE0306A1B40CB56 ] C:\Windows\System32\user32.dll
07:06:47.0569 2956 C:\Windows\System32\user32.dll - ok
07:06:47.0574 2956 [ A5CF51E5938BC3B36F035678EADFFAD3 ] C:\Windows\System32\imm32.dll
07:06:47.0574 2956 C:\Windows\System32\imm32.dll - ok
07:06:47.0579 2956 [ 65DF7E29BE633FFE01AE506F5C730B21 ] C:\Windows\System32\setupapi.dll
07:06:47.0579 2956 C:\Windows\System32\setupapi.dll - ok
07:06:47.0583 2956 [ 34DCFB57777F1FA6FFDA6E266A3D6D93 ] C:\Windows\System32\comdlg32.dll
07:06:47.0584 2956 C:\Windows\System32\comdlg32.dll - ok
07:06:47.0588 2956 [ 453866E559F1E327981D2404A107225C ] C:\Windows\System32\difxapi.dll
07:06:47.0588 2956 C:\Windows\System32\difxapi.dll - ok
07:06:47.0593 2956 [ A663CE8A3771A3D36398DC3DB12455E6 ] C:\Windows\System32\drivers\RTKVHD64.sys
07:06:47.0593 2956 C:\Windows\System32\drivers\RTKVHD64.sys - ok
07:06:47.0599 2956 [ C606984BA4C7201B6DA39F17B548DB79 ] C:\Windows\System32\normaliz.dll
07:06:47.0599 2956 C:\Windows\System32\normaliz.dll - ok
07:06:47.0602 2956 [ CEDD2C232AA5F18C7917497361E76F61 ] C:\Windows\System32\sechost.dll
07:06:47.0602 2956 C:\Windows\System32\sechost.dll - ok
07:06:47.0606 2956 [ ECA7D40680C32FD41FB7A1B30AA5E114 ] C:\Windows\System32\shlwapi.dll
07:06:47.0606 2956 C:\Windows\System32\shlwapi.dll - ok
07:06:47.0611 2956 [ F4F4B38D0ECB0EA465DFA1244BE8D7CD ] C:\Windows\System32\wow64cpu.dll
07:06:47.0611 2956 C:\Windows\System32\wow64cpu.dll - ok
07:06:47.0617 2956 [ 1BB728819E20BA1B951682EE4ABF5034 ] C:\Windows\System32\combase.dll
07:06:47.0618 2956 C:\Windows\System32\combase.dll - ok
07:06:47.0621 2956 [ 07A2782251672AC335122A8BD0F498F1 ] C:\Windows\System32\psapi.dll
07:06:47.0621 2956 C:\Windows\System32\psapi.dll - ok
07:06:47.0626 2956 [ E300D1E37B737ED14F7A08CD5604E5D9 ] C:\Windows\System32\drivers\IntcDAud.sys
07:06:47.0626 2956 C:\Windows\System32\drivers\IntcDAud.sys - ok
07:06:47.0632 2956 [ 7E3BEDEF17FFC3DA9E2E306138C5250F ] C:\Windows\System32\drivers\ksthunk.sys
07:06:47.0632 2956 C:\Windows\System32\drivers\ksthunk.sys - ok
07:06:47.0635 2956 [ 68ABA37C3B6EB6E27BCE6493AD690396 ] C:\Windows\System32\imagehlp.dll
07:06:47.0635 2956 C:\Windows\System32\imagehlp.dll - ok
07:06:47.0641 2956 [ 076BE40E22F302758A4E37E8C2F2CD57 ] C:\Windows\System32\oleaut32.dll
07:06:47.0641 2956 C:\Windows\System32\oleaut32.dll - ok
07:06:47.0648 2956 [ D385B6882BFE47BEDF2A2B9547C91A16 ] C:\Windows\System32\kernel32.dll
07:06:47.0648 2956 C:\Windows\System32\kernel32.dll - ok
07:06:47.0652 2956 [ D77AFFFFADCE023AA3B8E9AAD2759A99 ] C:\Windows\System32\ole32.dll
07:06:47.0652 2956 C:\Windows\System32\ole32.dll - ok
07:06:47.0655 2956 [ 1B0A56B28A0DBAAE729F51C50511A614 ] C:\Windows\System32\GdiPlus.dll
07:06:47.0655 2956 C:\Windows\System32\GdiPlus.dll - ok
07:06:47.0661 2956 [ 12112113BDFAF0CC03517604440217D5 ] C:\Windows\System32\clbcatq.dll
07:06:47.0661 2956 C:\Windows\System32\clbcatq.dll - ok
07:06:47.0666 2956 [ 4E68997189FD4655EE566A1C5DD74419 ] C:\Windows\System32\nsi.dll
07:06:47.0666 2956 C:\Windows\System32\nsi.dll - ok
07:06:47.0669 2956 [ 7443BB4055522A25CC73B7AC18F826FC ] C:\Windows\System32\ws2_32.dll
07:06:47.0669 2956 C:\Windows\System32\ws2_32.dll - ok
07:06:47.0674 2956 [ 14FBF8BA6DF05FCDB75F5E981C2B031A ] C:\Windows\System32\advapi32.dll
07:06:47.0674 2956 C:\Windows\System32\advapi32.dll - ok
07:06:47.0680 2956 [ B485EB4CB562840A434112D7F89D9106 ] C:\Windows\System32\wintrust.dll
07:06:47.0680 2956 C:\Windows\System32\wintrust.dll - ok
07:06:47.0684 2956 [ 137720CDB7208AA880CD5C749C2D4B11 ] C:\Windows\System32\wow64win.dll
07:06:47.0684 2956 C:\Windows\System32\wow64win.dll - ok
07:06:47.0688 2956 [ E9BCF3B07E211C4548F4382735EF4DA7 ] C:\Windows\System32\comctl32.dll
07:06:47.0688 2956 C:\Windows\System32\comctl32.dll - ok
07:06:47.0693 2956 [ B3DDDAD6989A581853CAA3D380198EDD ] C:\Windows\System32\msvcp_win.dll
07:06:47.0693 2956 C:\Windows\System32\msvcp_win.dll - ok
07:06:47.0699 2956 [ 02411B2016D3A537759143033C2D3AA6 ] C:\Windows\System32\cfgmgr32.dll
07:06:47.0699 2956 C:\Windows\System32\cfgmgr32.dll - ok
07:06:47.0704 2956 [ 50D683EA444698985E5E88A304658A86 ] C:\Windows\System32\KernelBase.dll
07:06:47.0704 2956 C:\Windows\System32\KernelBase.dll - ok
07:06:47.0709 2956 [ 60AF5455C0A180E95DAD7E851D7407DB ] C:\Windows\System32\bcrypt.dll
07:06:47.0710 2956 C:\Windows\System32\bcrypt.dll - ok
07:06:47.0715 2956 [ F90316FE094F4AB2FEF98CA624A04654 ] C:\Windows\System32\cryptsp.dll
07:06:47.0715 2956 C:\Windows\System32\cryptsp.dll - ok
07:06:47.0718 2956 [ 1496601A77E4F569733C33F5F27DDD53 ] C:\Windows\System32\ucrtbase.dll
07:06:47.0718 2956 C:\Windows\System32\ucrtbase.dll - ok
07:06:47.0722 2956 [ 96DA7F379B07DC2496D48D55CF3C0DD8 ] C:\Windows\System32\bcryptprimitives.dll
07:06:47.0722 2956 C:\Windows\System32\bcryptprimitives.dll - ok
07:06:47.0729 2956 [ 1EF329663D4102B61849CDF42E6A2370 ] C:\Windows\System32\windows.storage.dll
07:06:47.0729 2956 C:\Windows\System32\windows.storage.dll - ok
07:06:47.0732 2956 [ F48F301256CCAE86210FD3CD5EF4220A ] C:\Windows\System32\gdi32full.dll
07:06:47.0732 2956 C:\Windows\System32\gdi32full.dll - ok
07:06:47.0737 2956 [ C478E26761EEF315C298F4986E58C818 ] C:\Windows\System32\crypt32.dll
07:06:47.0737 2956 C:\Windows\System32\crypt32.dll - ok
07:06:47.0741 2956 [ B116EC25D7AD2EDD602A6EDEA8D7681C ] C:\Windows\System32\drivers\usbccgp.sys
07:06:47.0742 2956 C:\Windows\System32\drivers\usbccgp.sys - ok
07:06:47.0748 2956 [ 17619390692C442BD0EC85374E702A18 ] C:\Windows\System32\drivers\hidclass.sys
07:06:47.0749 2956 C:\Windows\System32\drivers\hidclass.sys - ok
07:06:47.0752 2956 [ 188E1969285094EDF3506948F1DE001E ] C:\Windows\System32\drivers\hidparse.sys
07:06:47.0752 2956 C:\Windows\System32\drivers\hidparse.sys - ok
07:06:47.0755 2956 [ 69EDC8900C69E2BBB13D2FD24B3A085C ] C:\Windows\System32\drivers\hidusb.sys
07:06:47.0755 2956 C:\Windows\System32\drivers\hidusb.sys - ok
07:06:47.0762 2956 [ 68E256F56C74B31867E23B8143B509C3 ] C:\Windows\System32\profapi.dll
07:06:47.0762 2956 C:\Windows\System32\profapi.dll - ok
07:06:47.0767 2956 [ 65D63D5F9A9D6988C9E3DB4862D8C1E0 ] C:\Windows\System32\win32u.dll
07:06:47.0767 2956 C:\Windows\System32\win32u.dll - ok
07:06:47.0770 2956 [ 46708375D885CDD367CB6027A515D0E0 ] C:\Windows\System32\drivers\mouclass.sys
07:06:47.0770 2956 C:\Windows\System32\drivers\mouclass.sys - ok
07:06:47.0775 2956 [ 165AE5452B9155025814BAE5535E3019 ] C:\Windows\System32\drivers\mouhid.sys
07:06:47.0775 2956 C:\Windows\System32\drivers\mouhid.sys - ok
07:06:47.0781 2956 [ 56753185D301D7718470A4ADF780395B ] C:\Windows\System32\kernel.appcore.dll
07:06:47.0781 2956 C:\Windows\System32\kernel.appcore.dll - ok
07:06:47.0784 2956 [ 6C2EE08E0066A9DCBC77612CACF76EED ] C:\Windows\System32\msasn1.dll
07:06:47.0784 2956 C:\Windows\System32\msasn1.dll - ok
07:06:47.0788 2956 [ 082136DC077FAD6C3D1ED64BF46888A6 ] C:\Windows\System32\powrprof.dll
07:06:47.0788 2956 C:\Windows\System32\powrprof.dll - ok
07:06:47.0792 2956 [ 990D01F2A6D10A33C382191A24BBAAAF ] C:\Windows\System32\autochk.exe
07:06:47.0792 2956 C:\Windows\System32\autochk.exe - ok
07:06:47.0798 2956 [ 795E4FBF6EC770F064550270C5BEBC75 ] C:\Windows\System32\win32kbase.sys
07:06:47.0798 2956 C:\Windows\System32\win32kbase.sys - ok
07:06:47.0802 2956 [ D2A46F11D77A2C59636F3DF3CFE79005 ] C:\Windows\System32\win32kfull.sys
07:06:47.0802 2956 C:\Windows\System32\win32kfull.sys - ok
07:06:47.0805 2956 [ FF142BF1AC7F5BAE34ECF919B57BC148 ] C:\Windows\System32\win32k.sys
07:06:47.0805 2956 C:\Windows\System32\win32k.sys - ok
07:06:47.0811 2956 [ D5AE22FDFB0549BCA4676F171D1972F1 ] C:\Windows\System32\csrsrv.dll
07:06:47.0811 2956 C:\Windows\System32\csrsrv.dll - ok
07:06:47.0816 2956 [ 7D64128BC1EECE41196858897596EBC8 ] C:\Windows\System32\csrss.exe
07:06:47.0816 2956 C:\Windows\System32\csrss.exe - ok
07:06:47.0819 2956 [ DBB2180297DAE7D0FC57EECACB2029F4 ] C:\Windows\System32\basesrv.dll
07:06:47.0819 2956 C:\Windows\System32\basesrv.dll - ok
07:06:47.0824 2956 [ BD37FD9CEA66D6649333997383DBB829 ] C:\Windows\System32\winsrv.dll
07:06:47.0824 2956 C:\Windows\System32\winsrv.dll - ok
07:06:47.0831 2956 [ 553E9A2C23BB661BCF61B9FC926B1376 ] C:\Windows\System32\winsrvext.dll
07:06:47.0831 2956 C:\Windows\System32\winsrvext.dll - ok
07:06:47.0835 2956 [ D52A0AAD2FD855A92A8854FC48C996D1 ] C:\Windows\System32\drivers\dxgmms2.sys
07:06:47.0835 2956 C:\Windows\System32\drivers\dxgmms2.sys - ok
07:06:47.0838 2956 [ 753917AE790F884EE62D5E1F8EBFCC44 ] C:\Windows\System32\drivers\monitor.sys
07:06:47.0838 2956 C:\Windows\System32\drivers\monitor.sys - ok
07:06:47.0844 2956 [ 4BA612035DDA63F8F12CA6DD485FEE35 ] C:\Windows\System32\sxssrv.dll
07:06:47.0844 2956 C:\Windows\System32\sxssrv.dll - ok
07:06:47.0850 2956 [ 4E20895E641F2C3E68AB3DB91A1A16F1 ] C:\Windows\System32\wininit.exe
07:06:47.0850 2956 C:\Windows\System32\wininit.exe - ok
07:06:47.0853 2956 [ EB0AE6E31D3F7C12A13D7FA98185B734 ] C:\Windows\System32\KBDUS.DLL
07:06:47.0853 2956 C:\Windows\System32\KBDUS.DLL - ok
07:06:47.0859 2956 [ 3561F3AFBF527F27620FB432B7E59699 ] C:\Windows\System32\sspicli.dll
07:06:47.0859 2956 C:\Windows\System32\sspicli.dll - ok
07:06:47.0866 2956 [ FF62E35039CCDDB9F5E1283AE1741363 ] C:\Windows\System32\userenv.dll
07:06:47.0866 2956 C:\Windows\System32\userenv.dll - ok
07:06:47.0870 2956 [ 8280B281BB5C869C57D3C1064F064AB4 ] C:\Windows\System32\wininitext.dll
07:06:47.0870 2956 C:\Windows\System32\wininitext.dll - ok
07:06:47.0875 2956 [ 92813D01CD2D19003BDB4B978DFFF2A7 ] C:\Windows\System32\sxs.dll
07:06:47.0875 2956 C:\Windows\System32\sxs.dll - ok
07:06:47.0881 2956 [ 41A13529436ADA43E9B805CBE36A2B3E ] C:\Windows\System32\cdd.dll
07:06:47.0881 2956 C:\Windows\System32\cdd.dll - ok
07:06:47.0885 2956 [ 568C5CBF9877F6B9E39D1E7CA0FF0A36 ] C:\Windows\System32\lsass.exe
07:06:47.0886 2956 C:\Windows\System32\lsass.exe - ok
07:06:47.0890 2956 [ 7A20DA1F1406492A70E9C8243634467B ] C:\Windows\System32\services.exe
07:06:47.0890 2956 C:\Windows\System32\services.exe - ok
07:06:47.0896 2956 [ 81D45C45F9F8E5D8700311EAB24738C6 ] C:\Windows\System32\devobj.dll
07:06:47.0896 2956 C:\Windows\System32\devobj.dll - ok
07:06:47.0901 2956 [ 7AB5E2C554495DB5309BB74B6EAABF85 ] C:\Windows\System32\EventAggregation.dll
07:06:47.0901 2956 C:\Windows\System32\EventAggregation.dll - ok
07:06:47.0904 2956 [ 38DB36BD867B3D24FDA2AF64D083F27E ] C:\Windows\System32\lsasrv.dll
07:06:47.0904 2956 C:\Windows\System32\lsasrv.dll - ok
07:06:47.0908 2956 [ 54AE7DA8C6138FBFC37570EEE6E65D4C ] C:\Windows\System32\samsrv.dll
07:06:47.0908 2956 C:\Windows\System32\samsrv.dll - ok
07:06:47.0913 2956 [ 92419F3B74C6C3D7304B7665DA984552 ] C:\Windows\System32\winlogon.exe
07:06:47.0913 2956 C:\Windows\System32\winlogon.exe - ok
07:06:47.0918 2956 [ 5E2B0EE7F62779521BBECF6EF4B7B3AC ] C:\Windows\System32\ncrypt.dll
07:06:47.0918 2956 C:\Windows\System32\ncrypt.dll - ok
07:06:47.0922 2956 [ 1AA3971C69A554471DFAE297DBAC1CD4 ] C:\Windows\System32\ntasn1.dll
07:06:47.0922 2956 C:\Windows\System32\ntasn1.dll - ok
07:06:47.0927 2956 [ 63817869F82F4F08B7929C8E14560549 ] C:\Windows\System32\wldp.dll
07:06:47.0927 2956 C:\Windows\System32\wldp.dll - ok
07:06:47.0933 2956 [ 7CC01D973BE85B6E1C8F74E7B316E016 ] C:\Windows\System32\joinutil.dll
07:06:47.0933 2956 C:\Windows\System32\joinutil.dll - ok
07:06:47.0937 2956 [ D811B1BB95E0F41B11ECB0B90ADBC29E ] C:\Windows\System32\msprivs.dll
07:06:47.0937 2956 C:\Windows\System32\msprivs.dll - ok
07:06:47.0941 2956 [ 8916FD91A6D9569444B6380B6721BEFF ] C:\Windows\System32\netprovfw.dll
07:06:47.0941 2956 C:\Windows\System32\netprovfw.dll - ok
07:06:47.0948 2956 [ D4271E4F7CD572DEAE58DEC8301D42F7 ] C:\Windows\System32\winsta.dll
07:06:47.0948 2956 C:\Windows\System32\winsta.dll - ok
07:06:47.0952 2956 [ 40349C0CC1A2D08E9E5FFF65296E29DF ] C:\Windows\System32\cryptbase.dll
07:06:47.0952 2956 C:\Windows\System32\cryptbase.dll - ok
07:06:47.0955 2956 [ 1FAB81F8395BFF5D1BDD12FF1D36B43D ] C:\Windows\System32\kerberos.dll
07:06:47.0955 2956 C:\Windows\System32\kerberos.dll - ok
07:06:47.0959 2956 [ E09D65A9FC5D9BFC2324DD58FA4DF152 ] C:\Windows\System32\negoexts.dll
07:06:47.0959 2956 C:\Windows\System32\negoexts.dll - ok
07:06:47.0965 2956 [ 38D351DEC41BDF90A22C50F5A5E33F4C ] C:\Windows\System32\cryptdll.dll
07:06:47.0965 2956 C:\Windows\System32\cryptdll.dll - ok
07:06:47.0969 2956 [ DD706196DC651EE6A0D07487354062B4 ] C:\Windows\System32\KerbClientShared.dll
07:06:47.0969 2956 C:\Windows\System32\KerbClientShared.dll - ok
07:06:47.0973 2956 [ DA5868EABB74AEC4354647D45F97C0AF ] C:\Windows\System32\mswsock.dll
07:06:47.0973 2956 C:\Windows\System32\mswsock.dll - ok
07:06:47.0978 2956 [ 5DD456F7EE32C2BBE6780575D826C139 ] C:\Windows\System32\msv1_0.dll
07:06:47.0978 2956 C:\Windows\System32\msv1_0.dll - ok
07:06:47.0985 2956 [ 3BA9E57811BBB9C92880D7D5EF2E0685 ] C:\Windows\System32\netlogon.dll
07:06:47.0985 2956 C:\Windows\System32\netlogon.dll - ok
07:06:47.0989 2956 [ A325A3E768FAA14AEDBBA0709E8105F4 ] C:\Windows\System32\NtlmShared.dll
07:06:47.0989 2956 C:\Windows\System32\NtlmShared.dll - ok
07:06:47.0995 2956 [ 018D6E7BA23E28ECA0CB7F071A9FF291 ] C:\Windows\System32\dnsapi.dll
07:06:47.0995 2956 C:\Windows\System32\dnsapi.dll - ok
07:06:48.0001 2956 [ 41BED58F73ABB36B3BB506D3D0767D31 ] C:\Windows\System32\gmsaclient.dll
07:06:48.0001 2956 C:\Windows\System32\gmsaclient.dll - ok
07:06:48.0005 2956 [ 190053992A600E1E07D82B3AFD59A855 ] C:\Windows\System32\IPHLPAPI.DLL
07:06:48.0005 2956 C:\Windows\System32\IPHLPAPI.DLL - ok
07:06:48.0008 2956 [ 6BD99B341B0749CD702EF46B372AB2AA ] C:\Windows\System32\netutils.dll
07:06:48.0009 2956 C:\Windows\System32\netutils.dll - ok
07:06:48.0015 2956 [ 19AE8C07F407A943ACA507C5BD46A190 ] C:\Windows\System32\cloudAP.dll
07:06:48.0015 2956 C:\Windows\System32\cloudAP.dll - ok
07:06:48.0019 2956 [ 67763B8E509EC2E746DE293B3D5F6EAF ] C:\Windows\System32\pku2u.dll
07:06:48.0019 2956 C:\Windows\System32\pku2u.dll - ok
07:06:48.0023 2956 [ 8AE65590322D36848C66C8BD75037E1E ] C:\Windows\System32\TSpkg.dll
07:06:48.0023 2956 C:\Windows\System32\TSpkg.dll - ok
07:06:48.0028 2956 [ CF864B08CEA15894A4E6E676A7FE89A3 ] C:\Windows\System32\dpapi.dll
07:06:48.0028 2956 C:\Windows\System32\dpapi.dll - ok
07:06:48.0033 2956 [ D4353522D93393167D3436B61291C2E8 ] C:\Windows\System32\MicrosoftAccountCloudAP.dll
07:06:48.0033 2956 C:\Windows\System32\MicrosoftAccountCloudAP.dll - ok
07:06:48.0037 2956 [ D7092CBCC43E59C6C73E632CE64A7845 ] C:\Windows\System32\rsaenh.dll
07:06:48.0037 2956 C:\Windows\System32\rsaenh.dll - ok
07:06:48.0040 2956 [ 079BBD9CB1CD27926A86152AE2C94F9F ] C:\Windows\System32\efslsaext.dll
07:06:48.0040 2956 C:\Windows\System32\efslsaext.dll - ok
07:06:48.0046 2956 [ 165148243DCE0BCEEB56F275DCEB9C77 ] C:\Windows\System32\schannel.dll
07:06:48.0046 2956 C:\Windows\System32\schannel.dll - ok
07:06:48.0052 2956 [ 5845DDD030E1FD55ADCA725ACDD34055 ] C:\Windows\System32\wdigest.dll
07:06:48.0052 2956 C:\Windows\System32\wdigest.dll - ok
07:06:48.0055 2956 [ D4B374080CC47C584B03828A2B09E9EC ] C:\Windows\System32\credssp.dll
07:06:48.0056 2956 C:\Windows\System32\credssp.dll - ok
07:06:48.0060 2956 [ E77B3A6D8C385EAF39804939E5F396CA ] C:\Windows\System32\dpapisrv.dll
07:06:48.0060 2956 C:\Windows\System32\dpapisrv.dll - ok
07:06:48.0066 2956 [ C0B268E0CB698F85A8DC5C4559349D3B ] C:\Windows\System32\scesrv.dll
07:06:48.0066 2956 C:\Windows\System32\scesrv.dll - ok
07:06:48.0069 2956 [ A7501147E54FE1A001E8362B644AF45F ] C:\Windows\System32\sspisrv.dll
07:06:48.0069 2956 C:\Windows\System32\sspisrv.dll - ok
07:06:48.0074 2956 [ 87C0BB3C6463B58C6B82E1C49157AC39 ] C:\Windows\System32\kdcpw.dll
07:06:48.0074 2956 C:\Windows\System32\kdcpw.dll - ok
07:06:48.0080 2956 [ D9EC03945EF428E6EEB040F9024A6EC6 ] C:\Windows\System32\ntmarta.dll
07:06:48.0080 2956 C:\Windows\System32\ntmarta.dll - ok
07:06:48.0085 2956 [ D6CE62F271345D40472A002E0AAE1C07 ] C:\Windows\System32\scecli.dll
07:06:48.0085 2956 C:\Windows\System32\scecli.dll - ok
07:06:48.0088 2956 [ 0B1583B6323083B1D2D769D991DC3489 ] C:\Windows\System32\authz.dll
07:06:48.0088 2956 C:\Windows\System32\authz.dll - ok
07:06:48.0093 2956 [ F27598A99128A2B97B7E195AD625EDA8 ] C:\Windows\System32\FirewallAPI.dll
07:06:48.0093 2956 C:\Windows\System32\FirewallAPI.dll - ok
07:06:48.0104 2956 [ EF9C968E92F0E58D40BCA40B18FB5F49 ] C:\Windows\System32\profext.dll
07:06:48.0104 2956 C:\Windows\System32\profext.dll - ok
07:06:48.0108 2956 [ 4BA3C60F01AEA85C29942931F1933DB4 ] C:\Windows\System32\WUDFPlatform.dll
07:06:48.0108 2956 C:\Windows\System32\WUDFPlatform.dll - ok
07:06:48.0123 2956 [ 5708BFDDB5E37B98E65D71E404138937 ] C:\Windows\System32\fontdrvhost.exe
07:06:48.0123 2956 C:\Windows\System32\fontdrvhost.exe - ok
07:06:48.0129 2956 [ 91EC32FE33962A61258ED1E4BC50CDD1 ] C:\Windows\System32\fwbase.dll
07:06:48.0129 2956 C:\Windows\System32\fwbase.dll - ok
07:06:48.0134 2956 [ 8A0A29438052FAED8A2532DA50455756 ] C:\Windows\System32\svchost.exe
07:06:48.0134 2956 C:\Windows\System32\svchost.exe - ok
07:06:48.0138 2956 [ 03BA8BB294CE2B52D9E8F64E94B4B402 ] C:\Windows\System32\umpnpmgr.dll
07:06:48.0138 2956 C:\Windows\System32\umpnpmgr.dll - ok
07:06:48.0143 2956 [ C1ADDE298CF5146E367CDE9C3FB0E940 ] C:\Windows\System32\umpo.dll
07:06:48.0143 2956 C:\Windows\System32\umpo.dll - ok
07:06:48.0149 2956 [ FE386753853BC8A910726E938AAC3B99 ] C:\Windows\System32\dxgi.dll
07:06:48.0149 2956 C:\Windows\System32\dxgi.dll - ok
07:06:48.0153 2956 [ 73ECFC63D23D8A07A982DDA099209605 ] C:\Windows\System32\slc.dll
07:06:48.0153 2956 C:\Windows\System32\slc.dll - ok
07:06:48.0156 2956 [ E675ECAA0F8E8F4282259227CA126671 ] C:\Windows\System32\sppc.dll
07:06:48.0156 2956 C:\Windows\System32\sppc.dll - ok
07:06:48.0161 2956 [ C59DB40B2C26AD60EE521328B2DB4C4E ] C:\Windows\System32\tdh.dll
07:06:48.0161 2956 C:\Windows\System32\tdh.dll - ok
07:06:48.0166 2956 [ 03A28DF93ECF146A5A9280EEB923AB52 ] C:\Windows\System32\umpoext.dll
07:06:48.0166 2956 C:\Windows\System32\umpoext.dll - ok
07:06:48.0170 2956 [ 748B31AA6C41115B38614B672950672F ] C:\Windows\System32\mintdh.dll
07:06:48.0170 2956 C:\Windows\System32\mintdh.dll - ok
07:06:48.0175 2956 [ 926524690062BE42A2C8E84519A0614C ] C:\Windows\System32\umpo-overrides.dll
07:06:48.0175 2956 C:\Windows\System32\umpo-overrides.dll - ok
07:06:48.0181 2956 [ E74AF2023B1F35D5C24739BBC69AFD07 ] C:\Windows\System32\gpapi.dll
07:06:48.0181 2956 C:\Windows\System32\gpapi.dll - ok
07:06:48.0186 2956 [ 2ED59EDA2D134C143ADFF53B5B09AE0C ] C:\Windows\System32\hid.dll
07:06:48.0186 2956 C:\Windows\System32\hid.dll - ok
07:06:48.0189 2956 [ 5EA4EC00F765C3208AA08116FF6CC6C6 ] C:\Windows\System32\rpcss.dll
07:06:48.0189 2956 C:\Windows\System32\rpcss.dll - ok
07:06:48.0193 2956 [ F5645D54232AFA55E57927C9E0D24267 ] C:\Windows\System32\RpcEpMap.dll
07:06:48.0193 2956 C:\Windows\System32\RpcEpMap.dll - ok
07:06:48.0199 2956 [ E8CF9A94340334B36540E269A249EB96 ] C:\Windows\System32\RpcRtRemote.dll
07:06:48.0200 2956 C:\Windows\System32\RpcRtRemote.dll - ok
07:06:48.0204 2956 [ 0C8BF24048358ED09FBD4A99ADD88934 ] C:\Windows\System32\psmsrv.dll
07:06:48.0204 2956 C:\Windows\System32\psmsrv.dll - ok
07:06:48.0207 2956 [ 5222670AE76A3D413B0BEE2BD459DA86 ] C:\Windows\System32\bisrv.dll
07:06:48.0207 2956 C:\Windows\System32\bisrv.dll - ok
07:06:48.0212 2956 [ C9E9A7EC257A3C7F9C76502F78D38360 ] C:\Windows\System32\lsm.dll
07:06:48.0212 2956 C:\Windows\System32\lsm.dll - ok
07:06:48.0218 2956 [ 62EC30E7F30B048A6AD4F49CEE882CA9 ] C:\Windows\System32\ResourcePolicyClient.dll
07:06:48.0218 2956 C:\Windows\System32\ResourcePolicyClient.dll - ok
07:06:48.0221 2956 [ A0CE190F2CA2E64CA4F14DD570B24203 ] C:\Windows\System32\dwmapi.dll
07:06:48.0221 2956 C:\Windows\System32\dwmapi.dll - ok
07:06:48.0226 2956 [ A5437C626D9CC0C30CDA466C12520E07 ] C:\Windows\System32\rmclient.dll
07:06:48.0226 2956 C:\Windows\System32\rmclient.dll - ok
07:06:48.0230 2956 [ 985B3DF5A1157080309D3F80D8308531 ] C:\Windows\System32\sysntfy.dll
07:06:48.0230 2956 C:\Windows\System32\sysntfy.dll - ok
07:06:48.0234 2956 [ EF1CB652721FB0C816F5B987134B1B8E ] C:\Windows\System32\twinapi.appcore.dll
07:06:48.0235 2956 C:\Windows\System32\twinapi.appcore.dll - ok
07:06:48.0238 2956 [ B2AADB32967C713E8DA3B4A9CE2638DF ] C:\Windows\System32\embeddedmodesvcapi.dll
07:06:48.0238 2956 C:\Windows\System32\embeddedmodesvcapi.dll - ok
07:06:48.0243 2956 [ 95DB0187C4D5A82F96611FF52B8B2BF5 ] C:\Windows\System32\UXInit.dll
07:06:48.0243 2956 C:\Windows\System32\UXInit.dll - ok
07:06:48.0249 2956 [ 94469D6381946484A4CD6603BC8FBE1F ] C:\Windows\System32\PsmServiceExtHost.dll
07:06:48.0249 2956 C:\Windows\System32\PsmServiceExtHost.dll - ok
07:06:48.0253 2956 [ 9473F2B5794F0A81C7C7FB602D7B34ED ] C:\Windows\System32\uxtheme.dll
07:06:48.0253 2956 C:\Windows\System32\uxtheme.dll - ok
07:06:48.0256 2956 [ 5F710D1E260D584F66DDE427916E64E6 ] C:\Windows\System32\wer.dll
07:06:48.0256 2956 C:\Windows\System32\wer.dll - ok
07:06:48.0263 2956 [ AAC12CE0F53541B393049247122025D1 ] C:\Windows\System32\audioresourceregistrar.dll
07:06:48.0263 2956 C:\Windows\System32\audioresourceregistrar.dll - ok
07:06:48.0269 2956 [ 527B862E746E47990DE7AB053E7345E0 ] C:\Windows\System32\dwminit.dll
07:06:48.0269 2956 C:\Windows\System32\dwminit.dll - ok
07:06:48.0272 2956 [ C20C1085C11B4F06E613B4D41FC36C8A ] C:\Windows\System32\xmllite.dll
07:06:48.0272 2956 C:\Windows\System32\xmllite.dll - ok
07:06:48.0277 2956 [ 3641EF0EE7984EB13018EBEE3F49F2DA ] C:\Windows\System32\apphelp.dll
07:06:48.0277 2956 C:\Windows\System32\apphelp.dll - ok
07:06:48.0283 2956 [ 33F89DD9629CB0422A2C17268376232D ] C:\Windows\System32\LogonUI.exe
07:06:48.0283 2956 C:\Windows\System32\LogonUI.exe - ok
07:06:48.0286 2956 [ 7B4AC70A42393A3C25A890F7CBC1DD4F ] C:\Windows\System32\ResourcePolicyServer.dll
07:06:48.0286 2956 C:\Windows\System32\ResourcePolicyServer.dll - ok
07:06:48.0290 2956 [ 45C13611EBC323820E44E7B03DA14ADD ] C:\Windows\System32\BrokerLib.dll
07:06:48.0290 2956 C:\Windows\System32\BrokerLib.dll - ok
07:06:48.0296 2956 [ 38833EC9E139654135BD183DFBABC36B ] C:\Windows\System32\dwm.exe
07:06:48.0296 2956 C:\Windows\System32\dwm.exe - ok
07:06:48.0302 2956 [ 1C257A647B2CFF58548FB29EE98D1D29 ] C:\Windows\System32\dwmredir.dll
07:06:48.0302 2956 C:\Windows\System32\dwmredir.dll - ok
07:06:48.0305 2956 [ 5E60483A58EC3B6EB6F8BEE67FA25B6D ] C:\Windows\System32\LogonController.dll
07:06:48.0305 2956 C:\Windows\System32\LogonController.dll - ok
07:06:48.0310 2956 [ B415E405015D1EEBD188475A2E975595 ] C:\Windows\System32\SystemEventsBrokerServer.dll
07:06:48.0311 2956 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
07:06:48.0316 2956 [ 2FD6702212DDFF9DF7BE76FBD25A4781 ] C:\Windows\System32\uDWM.dll
07:06:48.0316 2956 C:\Windows\System32\uDWM.dll - ok
07:06:48.0320 2956 [ 3435760A3FF620CD420CBD1F7CF4C9FE ] C:\Windows\System32\winmm.dll
07:06:48.0320 2956 C:\Windows\System32\winmm.dll - ok
07:06:48.0323 2956 [ 2AE691E3E25CA8E5B6D0D89DD4F5C4E1 ] C:\Windows\System32\CoreMessaging.dll
07:06:48.0323 2956 C:\Windows\System32\CoreMessaging.dll - ok
07:06:48.0330 2956 [ 5D5A39FB5842499F59BF0E25C7757310 ] C:\Windows\System32\dab.dll
07:06:48.0330 2956 C:\Windows\System32\dab.dll - ok
07:06:48.0335 2956 [ D29258C88EB950DC8EA64B3C8DEED7F4 ] C:\Windows\System32\dsreg.dll
07:06:48.0335 2956 C:\Windows\System32\dsreg.dll - ok
07:06:48.0339 2956 [ F4E56DC5BE93F94319CB2F3F2BAE5C2E ] C:\Windows\System32\dwmcore.dll
07:06:48.0339 2956 C:\Windows\System32\dwmcore.dll - ok
07:06:48.0343 2956 [ DFF77B2AE66E97E264D1C640C8717B5E ] C:\Windows\System32\winmmbase.dll
07:06:48.0343 2956 C:\Windows\System32\winmmbase.dll - ok
07:06:48.0350 2956 [ 92DCE2A95A6B6A0C275B7951ED4BC1C9 ] C:\Windows\System32\dabapi.dll
07:06:48.0350 2956 C:\Windows\System32\dabapi.dll - ok
07:06:48.0354 2956 [ AC0B2F6759DD8D3EF8A643620901E535 ] C:\Windows\System32\dcomp.dll
07:06:48.0354 2956 C:\Windows\System32\dcomp.dll - ok
07:06:48.0357 2956 [ 38347B004B8802BA77B1D357EEBDB936 ] C:\Windows\System32\msvcp110_win.dll
07:06:48.0358 2956 C:\Windows\System32\msvcp110_win.dll - ok
07:06:48.0365 2956 [ 8DB0D25C79E2B17885878F4AE3E1AB83 ] C:\Windows\System32\d2d1.dll
07:06:48.0365 2956 C:\Windows\System32\d2d1.dll - ok
07:06:48.0370 2956 [ 38EA19A3B635B35B282857317234FD48 ] C:\Windows\System32\d3d11.dll
07:06:48.0370 2956 C:\Windows\System32\d3d11.dll - ok
07:06:48.0373 2956 [ 81DC4B6282E7464297E88C20A6901E21 ] C:\Windows\System32\D3DCompiler_47.dll
07:06:48.0373 2956 C:\Windows\System32\D3DCompiler_47.dll - ok
07:06:48.0379 2956 [ 48840D0BC95A0E375C08EA30720D489C ] C:\Windows\System32\samlib.dll
07:06:48.0379 2956 C:\Windows\System32\samlib.dll - ok
07:06:48.0385 2956 [ 67A2CB5FDBF7A4C244185DDDA11A3ACF ] C:\Windows\System32\shacct.dll
07:06:48.0385 2956 C:\Windows\System32\shacct.dll - ok
07:06:48.0388 2956 [ A42E28138937660A2575217CE1C7D807 ] C:\Windows\System32\wtsapi32.dll
07:06:48.0388 2956 C:\Windows\System32\wtsapi32.dll - ok
07:06:48.0394 2956 [ F8A0579BCFCBA29E3EB77B444473F7C9 ] C:\Windows\System32\propsys.dll
07:06:48.0394 2956 C:\Windows\System32\propsys.dll - ok
07:06:48.0400 2956 [ 4B67BFC2FC5CEBEFF5F7F04BCF085F94 ] C:\Windows\System32\dwmghost.dll
07:06:48.0400 2956 C:\Windows\System32\dwmghost.dll - ok
07:06:48.0404 2956 [ DB0D6123F4561125AF4CC1D24A36B9C1 ] C:\Windows\System32\gpsvc.dll
07:06:48.0404 2956 C:\Windows\System32\gpsvc.dll - ok
07:06:48.0408 2956 [ 7FC7B6767D7AE919B26FB1F393F2F11B ] C:\Windows\System32\nlaapi.dll
07:06:48.0408 2956 C:\Windows\System32\nlaapi.dll - ok
07:06:48.0413 2956 [ 912B0E47A24DA1C1CEB786F0A3BF094B ] C:\Windows\System32\dsrole.dll
07:06:48.0414 2956 C:\Windows\System32\dsrole.dll - ok
07:06:48.0418 2956 [ 9A0C13D674AB2D72193653EF38D8FB8E ] C:\Windows\System32\taskschd.dll
07:06:48.0418 2956 C:\Windows\System32\taskschd.dll - ok
07:06:48.0422 2956 [ 3B55CC03BF82C34F0C1F1AC2AAFC793E ] C:\Windows\System32\usermgrcli.dll
07:06:48.0422 2956 C:\Windows\System32\usermgrcli.dll - ok
07:06:48.0425 2956 [ F14F0B66D520B59C967B6731EF2030FB ] C:\Windows\System32\avrt.dll
07:06:48.0425 2956 C:\Windows\System32\avrt.dll - ok
07:06:48.0431 2956 [ ECCE5D2A2B84B65F1A04E978C51DBDD1 ] C:\Windows\System32\ISM.dll
07:06:48.0431 2956 C:\Windows\System32\ISM.dll - ok
07:06:48.0435 2956 [ 0E7C317DD9F8E46E0C90B88A3C536BA6 ] C:\Windows\System32\ncbservice.dll
07:06:48.0435 2956 C:\Windows\System32\ncbservice.dll - ok
07:06:48.0439 2956 [ 53EF8EDA28F68671B5011DBF39B93A86 ] C:\Windows\System32\SystemEventsBrokerClient.dll
07:06:48.0439 2956 C:\Windows\System32\SystemEventsBrokerClient.dll - ok
07:06:48.0443 2956 [ 6B50241793122402D063A17FFEC04C01 ] C:\Windows\System32\TimeBrokerServer.dll
07:06:48.0443 2956 C:\Windows\System32\TimeBrokerServer.dll - ok
07:06:48.0449 2956 [ 888F4306C26EA59C3BB09F045CA659C3 ] C:\Windows\System32\Windows.Devices.Radios.dll
07:06:48.0449 2956 C:\Windows\System32\Windows.Devices.Radios.dll - ok
07:06:48.0454 2956 [ AB50CB570A483C6FF9D10BC3454E8ADA ] C:\Windows\System32\BluetoothApis.dll
07:06:48.0454 2956 C:\Windows\System32\BluetoothApis.dll - ok
07:06:48.0457 2956 [ 61D5D4DC825D61179937CB2D7C6DEE86 ] C:\Windows\System32\BthRadioMedia.dll
07:06:48.0457 2956 C:\Windows\System32\BthRadioMedia.dll - ok
07:06:48.0463 2956 [ C7664DCF42C8A07AD3C99DC7868ECF13 ] C:\Windows\System32\CoreUIComponents.dll
07:06:48.0463 2956 C:\Windows\System32\CoreUIComponents.dll - ok
07:06:48.0467 2956 [ 884858FFD2D469B96FD6B3AF6CEEE93D ] C:\Windows\System32\mstask.dll
07:06:48.0467 2956 C:\Windows\System32\mstask.dll - ok
07:06:48.0472 2956 [ 9C9C952B6596BEF756BB39452F971C93 ] C:\Windows\System32\ninput.dll
07:06:48.0472 2956 C:\Windows\System32\ninput.dll - ok
07:06:48.0476 2956 [ 1B16FF627B77542662EED7129C06C63E ] C:\Windows\System32\schedsvc.dll
07:06:48.0476 2956 C:\Windows\System32\schedsvc.dll - ok
07:06:48.0481 2956 [ 50251275995BD9A037D7A33F0907E9FC ] C:\Windows\System32\bi.dll
07:06:48.0482 2956 C:\Windows\System32\bi.dll - ok
07:06:48.0485 2956 [ 6C5A19781655964BEE21CFDFFF99369D ] C:\Windows\System32\httpprxc.dll
07:06:48.0485 2956 C:\Windows\System32\httpprxc.dll - ok
07:06:48.0489 2956 [ 4BC7EF3AB403AAB1771911E3EB3B7CD7 ] C:\Windows\System32\ubpm.dll
07:06:48.0489 2956 C:\Windows\System32\ubpm.dll - ok
07:06:48.0494 2956 [ 22D054056DBA9DB0752409A7FD5A8929 ] C:\Windows\System32\WinTypes.dll
07:06:48.0494 2956 C:\Windows\System32\WinTypes.dll - ok
07:06:48.0500 2956 [ 786159CC1143E56BDAB09FE275D0152D ] C:\Windows\System32\wmiclnt.dll
07:06:48.0500 2956 C:\Windows\System32\wmiclnt.dll - ok
07:06:48.0504 2956 [ D6482F9D1E4739E0EFAFD036288CA114 ] C:\Windows\System32\netprofm.dll
07:06:48.0504 2956 C:\Windows\System32\netprofm.dll - ok
07:06:48.0510 2956 [ A3AD9741C70ADDA664F704A38B5D7C38 ] C:\Windows\System32\profsvc.dll
07:06:48.0510 2956 C:\Windows\System32\profsvc.dll - ok
07:06:48.0516 2956 [ B79E2A4394F5459582C928916EE9A1AF ] C:\Windows\System32\taskcomp.dll
07:06:48.0516 2956 C:\Windows\System32\taskcomp.dll - ok
07:06:48.0520 2956 [ CE2476875C701A6EE2525663761481BB ] C:\Windows\System32\WindowsCodecs.dll
07:06:48.0520 2956 C:\Windows\System32\WindowsCodecs.dll - ok
07:06:48.0524 2956 [ 6C32704C67F34B2E5FDC7760DA868020 ] C:\Windows\System32\CSystemEventsBrokerClient.dll
07:06:48.0524 2956 C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
07:06:48.0529 2956 [ 2AB4FF71BC330FC5583F8987FA8EFDF0 ] C:\Windows\System32\logoncli.dll
07:06:48.0529 2956 C:\Windows\System32\logoncli.dll - ok
07:06:48.0535 2956 [ C2AB514FAB220BB63A3755C44E20A56A ] C:\Windows\System32\profsvcext.dll
07:06:48.0535 2956 C:\Windows\System32\profsvcext.dll - ok
07:06:48.0538 2956 [ B9EC5BC3FAFF207324CCFC803851AB93 ] C:\Windows\System32\Windows.Gaming.Input.dll
07:06:48.0538 2956 C:\Windows\System32\Windows.Gaming.Input.dll - ok
07:06:48.0542 2956 [ 1C48440F540AB6870E7810E0ED59B47A ] C:\Windows\System32\wkscli.dll
07:06:48.0542 2956 C:\Windows\System32\wkscli.dll - ok
07:06:48.0548 2956 [ C8EF808C787D82789F713BF5C80F48B4 ] C:\Windows\System32\UIAnimation.dll
07:06:48.0548 2956 C:\Windows\System32\UIAnimation.dll - ok
07:06:48.0553 2956 [ 03D9EDE1E96D1D158BD984D88B1095CC ] C:\Windows\System32\drivers\luafv.sys
07:06:48.0553 2956 C:\Windows\System32\drivers\luafv.sys - ok
07:06:48.0556 2956 [ 3550AFAB149B34A7FD023E2E1ABE26A8 ] C:\Windows\System32\OneCoreUAPCommonProxyStub.dll
07:06:48.0556 2956 C:\Windows\System32\OneCoreUAPCommonProxyStub.dll - ok
07:06:48.0561 2956 [ 2D19D3F2091DA9DC6D422C80BC4208DC ] C:\Windows\System32\TimeBrokerClient.dll
07:06:48.0561 2956 C:\Windows\System32\TimeBrokerClient.dll - ok
07:06:48.0568 2956 [ AC3DA8AAC02C94DC65ECDF9548E6372D ] C:\Windows\System32\upfc.exe
07:06:48.0568 2956 C:\Windows\System32\upfc.exe - ok
07:06:48.0571 2956 [ E0DCAD4EF7CDD32F200CB16D7A9BBAAE ] C:\Windows\System32\WPTaskScheduler.dll
07:06:48.0571 2956 C:\Windows\System32\WPTaskScheduler.dll - ok
07:06:48.0575 2956 [ 95C4DB08A740015BB3FB5659F16EF321 ] C:\Windows\System32\drivers\wcifs.sys
07:06:48.0575 2956 C:\Windows\System32\drivers\wcifs.sys - ok
07:06:48.0582 2956 [ A9C18F7D907645183D6194E1A85AB7DE ] C:\Windows\System32\wevtsvc.dll
07:06:48.0582 2956 C:\Windows\System32\wevtsvc.dll - ok
07:06:48.0588 2956 [ C17D74D282D5DD848C39696CBCE0B80C ] C:\Windows\System32\PortableDeviceApi.dll
07:06:48.0588 2956 C:\Windows\System32\PortableDeviceApi.dll - ok
07:06:48.0593 2956 [ 9E78FF24C05874B3EA4C8029879C28AC ] C:\Windows\System32\usermgr.dll
07:06:48.0593 2956 C:\Windows\System32\usermgr.dll - ok
07:06:48.0599 2956 [ B4F8ED117D5120009972A470AF4FA323 ] C:\Windows\System32\wpdbusenum.dll
07:06:48.0599 2956 C:\Windows\System32\wpdbusenum.dll - ok
07:06:48.0603 2956 [ CDEFD75D8A313646B7073C0BCDA5855C ] C:\Windows\System32\lfsvc.dll
07:06:48.0604 2956 C:\Windows\System32\lfsvc.dll - ok
07:06:48.0608 2956 [ 568F310DB68DF45EF79DE2B65F57F16E ] C:\Windows\System32\LocationFramework.dll
07:06:48.0608 2956 C:\Windows\System32\LocationFramework.dll - ok
07:06:48.0613 2956 [ 296AAEE6AB4C73A46E820D416BC29184 ] C:\Windows\System32\PortableDeviceConnectApi.dll
07:06:48.0613 2956 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
07:06:48.0619 2956 [ 769ACDF8CE8BBA378B9D32C123CCE647 ] C:\Windows\System32\drivers\cldflt.sys
07:06:48.0619 2956 C:\Windows\System32\drivers\cldflt.sys - ok
07:06:48.0623 2956 [ 4FD22BD0605166B6686011EF92F4217C ] C:\Windows\System32\igd10iumd64.dll
07:06:48.0623 2956 C:\Windows\System32\igd10iumd64.dll - ok
07:06:48.0627 2956 [ 229A6923553A1B7C3576F360B22F20CD ] C:\Windows\System32\drivers\aswMonFlt.sys
07:06:48.0627 2956 C:\Windows\System32\drivers\aswMonFlt.sys - ok
07:06:48.0633 2956 [ D5FFAA526C05066EE342801EA404465A ] C:\Windows\System32\drivers\storqosflt.sys
07:06:48.0633 2956 C:\Windows\System32\drivers\storqosflt.sys - ok
07:06:48.0637 2956 [ 2FFB9EFAD1D42077D34DF04DDE22D474 ] C:\Windows\System32\netjoin.dll
07:06:48.0637 2956 C:\Windows\System32\netjoin.dll - ok
07:06:48.0641 2956 [ 4C89C2FDFC9FA730CC1CA5B79D45D36E ] C:\Windows\System32\samcli.dll
07:06:48.0641 2956 C:\Windows\System32\samcli.dll - ok
07:06:48.0646 2956 [ 61A61ED80D52421DAE4F6E32137508B4 ] C:\Windows\System32\winhttp.dll
07:06:48.0647 2956 C:\Windows\System32\winhttp.dll - ok
07:06:48.0652 2956 [ 67A8B47F5BCCB6BB63D7242F80B0F548 ] C:\Windows\System32\wmi.dll
07:06:48.0652 2956 C:\Windows\System32\wmi.dll - ok
07:06:48.0655 2956 [ 1B3AE44FBDD6BE65C64B97F21475C4E1 ] C:\Windows\System32\AppXDeploymentClient.dll
07:06:48.0655 2956 C:\Windows\System32\AppXDeploymentClient.dll - ok
07:06:48.0658 2956 [ 45DAD5B77AA25CC41DE606CB23D56492 ] C:\Windows\System32\policymanager.dll
07:06:48.0658 2956 C:\Windows\System32\policymanager.dll - ok
07:06:48.0664 2956 [ 90A8FBC526772EEF031A95BFD236DD4E ] C:\Windows\System32\StateRepository.Core.dll
07:06:48.0664 2956 C:\Windows\System32\StateRepository.Core.dll - ok
07:06:48.0670 2956 [ 5FC3A698DE6BA51AB9709E1403F1A8DB ] C:\Windows\System32\nsisvc.dll
07:06:48.0670 2956 C:\Windows\System32\nsisvc.dll - ok
07:06:48.0674 2956 [ 8B90714713B88C65AB9580031E23A3EA ] C:\Windows\System32\sysmain.dll
07:06:48.0674 2956 C:\Windows\System32\sysmain.dll - ok
07:06:48.0678 2956 [ F225F37717C8D714B56CF21C7C1E9C34 ] C:\Windows\System32\taskhostw.exe
07:06:48.0678 2956 C:\Windows\System32\taskhostw.exe - ok
07:06:48.0685 2956 [ F22ECAE2E79EEB94C51A16AB42D3525F ] C:\Windows\System32\UserMgrProxy.dll
07:06:48.0685 2956 C:\Windows\System32\UserMgrProxy.dll - ok
07:06:48.0689 2956 [ A90774D7D465E1085A95326FAD89B25C ] C:\Windows\System32\themeservice.dll
07:06:48.0689 2956 C:\Windows\System32\themeservice.dll - ok
07:06:48.0692 2956 [ 25222B73D463284A85D32A56F002BD62 ] C:\Windows\System32\es.dll
07:06:48.0692 2956 C:\Windows\System32\es.dll - ok
07:06:48.0698 2956 [ 8865656D48EC8C24F027016507576011 ] C:\Windows\System32\igd10idpp64.dll
07:06:48.0698 2956 C:\Windows\System32\igd10idpp64.dll - ok
07:06:48.0703 2956 [ 77873C864B4CD7D0E2B92E0404A3BA31 ] C:\Windows\System32\igdusc64.dll
07:06:48.0703 2956 C:\Windows\System32\igdusc64.dll - ok
07:06:48.0706 2956 [ 7A5388F4E7CB37108543070D41235E5C ] C:\Windows\System32\dhcpcore.dll
07:06:48.0706 2956 C:\Windows\System32\dhcpcore.dll - ok
07:06:48.0710 2956 [ ECE9EDC1A9118C0D2C8BF33EB8EE6C6D ] C:\Windows\System32\wevtapi.dll
07:06:48.0710 2956 C:\Windows\System32\wevtapi.dll - ok
07:06:48.0718 2956 [ 20AF2F885AE06DDBB31BF586D0333047 ] C:\Windows\System32\CapabilityAccessManager.dll
07:06:48.0718 2956 C:\Windows\System32\CapabilityAccessManager.dll - ok
07:06:48.0723 2956 [ A637ED8FEA76712ABF09C32B5D1C3249 ] C:\Windows\System32\CapabilityAccessManagerClient.dll
07:06:48.0723 2956 C:\Windows\System32\CapabilityAccessManagerClient.dll - ok
07:06:48.0727 2956 [ 6779F33803DBD88EC4DEE0E06E41A927 ] C:\Windows\System32\dhcpcore6.dll
07:06:48.0727 2956 C:\Windows\System32\dhcpcore6.dll - ok
07:06:48.0747 2956 [ 975C463A3A84EC295D8B8E5EC08D14EE ] C:\Windows\System32\CapabilityAccessHandlers.dll
07:06:48.0748 2956 C:\Windows\System32\CapabilityAccessHandlers.dll - ok
07:06:48.0752 2956 [ EE711439FD0F1293B43F0FE195E5C073 ] C:\Windows\System32\Sens.dll
07:06:48.0752 2956 C:\Windows\System32\Sens.dll - ok
07:06:48.0755 2956 [ 9061E02072E5AA9862BAAB295227470E ] C:\Windows\System32\winnsi.dll
07:06:48.0755 2956 C:\Windows\System32\winnsi.dll - ok
07:06:48.0758 2956 [ 0A1F736D28F209F23D5319626A52225A ] C:\Windows\System32\cabinet.dll
07:06:48.0758 2956 C:\Windows\System32\cabinet.dll - ok
07:06:48.0763 2956 [ A105AD05696D55E6E4F078ED850F6305 ] C:\Windows\System32\igfxCUIService.exe
07:06:48.0763 2956 C:\Windows\System32\igfxCUIService.exe - ok
07:06:48.0769 2956 [ DDAFEE7A99146D7F5F888F78D700F225 ] C:\Windows\System32\dhcpcsvc.dll
07:06:48.0769 2956 C:\Windows\System32\dhcpcsvc.dll - ok
07:06:48.0773 2956 [ D409D569DB6F48778A44D259F354497B ] C:\Windows\System32\LocationWinPalMisc.dll
07:06:48.0773 2956 C:\Windows\System32\LocationWinPalMisc.dll - ok
07:06:48.0778 2956 [ ECF241DFFBAA6860EBBBFC1560D1F9D3 ] C:\Windows\System32\nlasvc.dll
07:06:48.0778 2956 C:\Windows\System32\nlasvc.dll - ok
07:06:48.0784 2956 [ 1EEEADB6C51B2486DDD711D2A2B13A34 ] C:\Windows\System32\MdmCommon.dll
07:06:48.0784 2956 C:\Windows\System32\MdmCommon.dll - ok
07:06:48.0788 2956 [ CD6321735DAF22CE2C57604EFBBFB254 ] C:\Windows\System32\ncsi.dll
07:06:48.0788 2956 C:\Windows\System32\ncsi.dll - ok
07:06:48.0791 2956 [ 4DEAB471FDFB7B45FC9E0FB1710A3FAF ] C:\Windows\System32\ssdpapi.dll
07:06:48.0791 2956 C:\Windows\System32\ssdpapi.dll - ok
07:06:48.0796 2956 [ 6A19231D8FD2D70091330401DAE88017 ] C:\Windows\System32\AudioEndpointBuilder.dll
07:06:48.0796 2956 C:\Windows\System32\AudioEndpointBuilder.dll - ok
07:06:48.0802 2956 [ CEA17E28EFF3B2EED6B49B5DDCC7327F ] C:\Windows\System32\dxgiadaptercache.exe
07:06:48.0802 2956 C:\Windows\System32\dxgiadaptercache.exe - ok
07:06:48.0806 2956 [ F1C993E0CECA8F8E7DD3872D6B2CAC7B ] C:\Windows\System32\FntCache.dll
07:06:48.0806 2956 C:\Windows\System32\FntCache.dll - ok
07:06:48.0809 2956 [ 5947BA35AD1EC19CB97B3E18CA0A3D03 ] C:\Windows\System32\MMDevAPI.dll
07:06:48.0809 2956 C:\Windows\System32\MMDevAPI.dll - ok
07:06:48.0814 2956 [ 01446D49B82AD357F2786D90D02C83AA ] C:\Windows\System32\dhcpcsvc6.dll
07:06:48.0814 2956 C:\Windows\System32\dhcpcsvc6.dll - ok
07:06:48.0820 2956 [ 377A9B900A742D89A1C31135619304CE ] C:\Windows\System32\FontProvider.dll
07:06:48.0820 2956 C:\Windows\System32\FontProvider.dll - ok
07:06:48.0823 2956 [ FFE2D9D08A057C0864615FDD3DD2E0C6 ] C:\Windows\System32\D3D12.dll
07:06:48.0823 2956 C:\Windows\System32\D3D12.dll - ok
07:06:48.0826 2956 [ 98F3983F878B337B5EF9AA983873A76A ] C:\Windows\System32\wbem\wbemprox.dll
07:06:48.0826 2956 C:\Windows\System32\wbem\wbemprox.dll - ok
07:06:48.0833 2956 [ E51EA7E9C514F915327E2499D98065F2 ] C:\Windows\System32\wlanapi.dll
07:06:48.0833 2956 C:\Windows\System32\wlanapi.dll - ok
07:06:48.0837 2956 [ 6280948D414C59397D9AA7127611743C ] C:\Windows\System32\wbemcomn.dll
07:06:48.0837 2956 C:\Windows\System32\wbemcomn.dll - ok
07:06:48.0840 2956 [ 6479443BB89DBAC3BBCE9C2517EFAD0D ] C:\Windows\System32\drivers\mslldp.sys
07:06:48.0840 2956 C:\Windows\System32\drivers\mslldp.sys - ok
07:06:48.0845 2956 [ BDFC8877195C6A4D4BD9118286CC7B49 ] C:\Windows\System32\netprofmsvc.dll
07:06:48.0845 2956 C:\Windows\System32\netprofmsvc.dll - ok
07:06:48.0852 2956 [ DB10A49052B94A7D55B5A60E7F18CC36 ] C:\Windows\System32\SEMgrSvc.dll
07:06:48.0852 2956 C:\Windows\System32\SEMgrSvc.dll - ok
07:06:48.0856 2956 [ ABA4B3C8252BE9D3A6F1E9A1D9756213 ] C:\Windows\System32\wbem\WMIsvc.dll
07:06:48.0856 2956 C:\Windows\System32\wbem\WMIsvc.dll - ok
07:06:48.0861 2956 [ 7DEDAFD826DEE03C941604E98A9B4BE3 ] C:\Windows\System32\ClipRenew.exe
07:06:48.0861 2956 C:\Windows\System32\ClipRenew.exe - ok
07:06:48.0867 2956 [ 5D09EC87CC3CFA05A3E12D95E7127DD9 ] C:\Windows\System32\npmproxy.dll
07:06:48.0867 2956 C:\Windows\System32\npmproxy.dll - ok
07:06:48.0872 2956 [ 190014BE660BF0C53226607D156C9A54 ] C:\Windows\System32\vssapi.dll
07:06:48.0872 2956 C:\Windows\System32\vssapi.dll - ok
07:06:48.0875 2956 [ D7A0CD5805B04748FA4103B323B5F3F3 ] C:\Windows\System32\AudioSes.dll
07:06:48.0875 2956 C:\Windows\System32\AudioSes.dll - ok
07:06:48.0880 2956 [ 51FCC511892DAB3E310A28DDB4915F0D ] C:\Windows\System32\cryptngc.dll
07:06:48.0880 2956 C:\Windows\System32\cryptngc.dll - ok
07:06:48.0886 2956 [ 7013DAD755E697568837AA842DAECBF0 ] C:\Windows\System32\SEMgrSvcPAL.dll
07:06:48.0886 2956 C:\Windows\System32\SEMgrSvcPAL.dll - ok
07:06:48.0890 2956 [ FE2F20BDEE067AC8B8B1EF8B204FE072 ] C:\Windows\System32\vsstrace.dll
07:06:48.0890 2956 C:\Windows\System32\vsstrace.dll - ok
07:06:48.0894 2956 [ E3092741F0416C03C4F8E8BD78036D9D ] C:\Windows\System32\capauthz.dll
07:06:48.0894 2956 C:\Windows\System32\capauthz.dll - ok
07:06:48.0900 2956 [ B98BCA88C5EF300EDAB8D01422421B33 ] C:\Windows\System32\PCPKsp.dll
07:06:48.0900 2956 C:\Windows\System32\PCPKsp.dll - ok
07:06:48.0904 2956 [ 8D256A720AFDB1099CB9A6A46809BCF4 ] C:\Windows\System32\wbem\wbemcore.dll
07:06:48.0904 2956 C:\Windows\System32\wbem\wbemcore.dll - ok
07:06:48.0907 2956 [ 1601AFABB9E3B8FD7203D365B448365C ] C:\Windows\System32\tbs.dll
07:06:48.0908 2956 C:\Windows\System32\tbs.dll - ok
07:06:48.0912 2956 [ 1DC07F184D09BCB4D87DDA2FE182EFD5 ] C:\Windows\System32\wbem\esscli.dll
07:06:48.0912 2956 C:\Windows\System32\wbem\esscli.dll - ok
07:06:48.0919 2956 [ 12ABB40F3E15A6826DFBBDC0D9967A8C ] C:\Windows\System32\wbem\fastprox.dll
07:06:48.0919 2956 C:\Windows\System32\wbem\fastprox.dll - ok
07:06:48.0923 2956 [ 98B9C96E43D23843A912878C345E7A56 ] C:\Windows\System32\wbem\wbemsvc.dll
07:06:48.0923 2956 C:\Windows\System32\wbem\wbemsvc.dll - ok
07:06:48.0928 2956 [ A081AAD3A296EB414CB6839B744C67C9 ] C:\Windows\System32\wbem\wmiutils.dll
07:06:48.0928 2956 C:\Windows\System32\wbem\wmiutils.dll - ok
07:06:48.0934 2956 [ F2613D5060BAFCD5394A6780A4286D34 ] C:\Windows\System32\wbem\repdrvfs.dll
07:06:48.0934 2956 C:\Windows\System32\wbem\repdrvfs.dll - ok
07:06:48.0938 2956 [ 7B27C4F1C201F510B4D115059E11355C ] C:\Windows\System32\MitigationConfiguration.dll
07:06:48.0938 2956 C:\Windows\System32\MitigationConfiguration.dll - ok
07:06:48.0941 2956 [ E70F61018BE3052491DF2E1879C5B7FE ] C:\Windows\System32\BCP47Langs.dll
07:06:48.0942 2956 C:\Windows\System32\BCP47Langs.dll - ok
07:06:48.0947 2956 [ 0413CF6BEE547090698997075EDF4694 ] C:\Windows\System32\ncobjapi.dll
07:06:48.0947 2956 C:\Windows\System32\ncobjapi.dll - ok
07:06:48.0953 2956 [ 85CB3019514B7903359A7C1F068B4F93 ] C:\Windows\System32\urlmon.dll
07:06:48.0953 2956 C:\Windows\System32\urlmon.dll - ok
07:06:48.0956 2956 [ E41EA5075F60BDF088A76112BB34A8DC ] C:\Windows\System32\wbem\WmiPrvSD.dll
07:06:48.0956 2956 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
07:06:48.0959 2956 [ 93944174D4F71B32201AC1C7A829FF28 ] C:\Windows\System32\Winlangdb.dll
07:06:48.0959 2956 C:\Windows\System32\Winlangdb.dll - ok
07:06:48.0965 2956 [ FBE2041F621D0BEB985D27791E64E5B4 ] C:\Windows\System32\globinputhost.dll
07:06:48.0965 2956 C:\Windows\System32\globinputhost.dll - ok
07:06:48.0970 2956 [ E6710A8A9EFB4B12D941353922E06C10 ] C:\Windows\System32\iertutil.dll
07:06:48.0970 2956 C:\Windows\System32\iertutil.dll - ok
07:06:48.0975 2956 [ 12391938757D942289D793B30E4935DB ] C:\Windows\System32\spinf.dll
07:06:48.0975 2956 C:\Windows\System32\spinf.dll - ok
07:06:48.0980 2956 [ F62DB6C153A6B66ADD1D17C13AAEAF7B ] C:\Windows\System32\wbem\wbemess.dll
07:06:48.0980 2956 C:\Windows\System32\wbem\wbemess.dll - ok
07:06:48.0986 2956 [ 6C7D2659605761D1B2898A6E09583902 ] C:\Windows\System32\Windows.UI.Logon.dll
07:06:48.0986 2956 C:\Windows\System32\Windows.UI.Logon.dll - ok
07:06:48.0990 2956 [ C7DC8A97E4D79109B6A57116A48B3D3D ] C:\Windows\System32\MrmCoreR.dll
07:06:48.0990 2956 C:\Windows\System32\MrmCoreR.dll - ok
07:06:48.0994 2956 [ 708DD306B5BEEE0D45E0EAE553257D2E ] C:\Windows\System32\wincorlib.dll
07:06:48.0994 2956 C:\Windows\System32\wincorlib.dll - ok
07:06:49.0000 2956 [ 6486011E637E07934F3E51482DC747C5 ] C:\Windows\System32\Windows.UI.XamlHost.dll
07:06:49.0000 2956 C:\Windows\System32\Windows.UI.XamlHost.dll - ok
07:06:49.0003 2956 [ F8689F2DEF90B10DC1924546054A2E33 ] C:\Windows\System32\wbem\NCProv.dll
07:06:49.0003 2956 C:\Windows\System32\wbem\NCProv.dll - ok
07:06:49.0006 2956 [ 4E2DBBE6338CFF92A07E157AD43DAB35 ] C:\Windows\System32\Windows.UI.dll
07:06:49.0007 2956 C:\Windows\System32\Windows.UI.dll - ok
07:06:49.0010 2956 [ 437B8732902A8DF6E14101AA963A5D4F ] C:\Windows\System32\InputHost.dll
07:06:49.0010 2956 C:\Windows\System32\InputHost.dll - ok
07:06:49.0016 2956 [ 5A2D67889BE4F31082E25EF6C64C2D8C ] C:\Windows\System32\LanguageOverlayUtil.dll
07:06:49.0016 2956 C:\Windows\System32\LanguageOverlayUtil.dll - ok
07:06:49.0021 2956 [ 8DE1F41261511E7EE98DDBA047EAAD32 ] C:\Windows\System32\TextInputFramework.dll
07:06:49.0021 2956 C:\Windows\System32\TextInputFramework.dll - ok
07:06:49.0024 2956 [ E579BF4029FE699FBF565BB7BB73CCEF ] C:\Windows\System32\wbem\KrnlProv.dll
07:06:49.0024 2956 C:\Windows\System32\wbem\KrnlProv.dll - ok
07:06:49.0028 2956 [ 15CD90AEB634FB53991035812AA4713F ] C:\Windows\System32\audiosrv.dll
07:06:49.0028 2956 C:\Windows\System32\audiosrv.dll - ok
07:06:49.0034 2956 [ E253F28F332087AD1E5811D6273545AB ] C:\Windows\System32\BCP47mrm.dll
07:06:49.0034 2956 C:\Windows\System32\BCP47mrm.dll - ok
07:06:49.0038 2956 [ 37634E945C23CC12DD2364652F5CC007 ] C:\Windows\System32\AudioSrvPolicyManager.dll
07:06:49.0038 2956 C:\Windows\System32\AudioSrvPolicyManager.dll - ok
07:06:49.0041 2956 [ A0761C57B99EA4819241B0837EDB0C54 ] C:\Windows\System32\Windows.UI.Xaml.dll
07:06:49.0042 2956 C:\Windows\System32\Windows.UI.Xaml.dll - ok
07:06:49.0058 2956 [ 88C05FEA4377D827269EC592BB25DCF3 ] C:\Windows\System32\coreaudiopolicymanagerext.dll
07:06:49.0058 2956 C:\Windows\System32\coreaudiopolicymanagerext.dll - ok
07:06:49.0065 2956 [ 74C76F239F473CB6E12FA06ADBA05661 ] C:\Windows\System32\drivers\aswStm.sys
07:06:49.0065 2956 C:\Windows\System32\drivers\aswStm.sys - ok
07:06:49.0072 2956 [ 91563B08A4FF7013420A14A1446264AE ] C:\Windows\System32\drivers\lltdio.sys
07:06:49.0072 2956 C:\Windows\System32\drivers\lltdio.sys - ok
07:06:49.0078 2956 [ 7936E95FFEA1758638715C6465B2A739 ] C:\Windows\System32\drivers\rspndr.sys
07:06:49.0079 2956 C:\Windows\System32\drivers\rspndr.sys - ok
07:06:49.0084 2956 [ FF91879639B18FEBC6F509401686FCDD ] C:\Windows\System32\drivers\wanarp.sys
07:06:49.0084 2956 C:\Windows\System32\drivers\wanarp.sys - ok
07:06:49.0089 2956 [ BF3A1962EDDB3C139133D0B0928B3761 ] C:\Windows\System32\wcmsvc.dll
07:06:49.0089 2956 C:\Windows\System32\wcmsvc.dll - ok
07:06:49.0093 2956 [ 2D06B7F6F72790BF0E58CAB865428AE7 ] C:\Windows\System32\dnsrslvr.dll
07:06:49.0093 2956 C:\Windows\System32\dnsrslvr.dll - ok
07:06:49.0098 2956 [ 186FA38A6DA726A52BE481B92C0E6912 ] C:\Windows\System32\dusmsvc.dll
07:06:49.0098 2956 C:\Windows\System32\dusmsvc.dll - ok
07:06:49.0104 2956 [ F8159853823DE11456AAB35F6F2FC055 ] C:\Windows\System32\mobilenetworking.dll
07:06:49.0104 2956 C:\Windows\System32\mobilenetworking.dll - ok
07:06:49.0108 2956 [ 306E880F2A2BAC0717C89EB5D85359BA ] C:\Windows\System32\FWPUCLNT.DLL
07:06:49.0108 2956 C:\Windows\System32\FWPUCLNT.DLL - ok
07:06:49.0112 2956 [ CD8EC552551810716A60F52B265137D9 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
07:06:49.0112 2956 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
07:06:49.0119 2956 [ E95FD05979C7A6E62273C7F0ED473F3E ] C:\Windows\System32\OnDemandConnRouteHelper.dll
07:06:49.0119 2956 C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
07:06:49.0123 2956 [ 7BB985D3D68A423CE05E007B14E225AB ] C:\Windows\System32\shsvcs.dll
07:06:49.0123 2956 C:\Windows\System32\shsvcs.dll - ok
07:06:49.0126 2956 [ CD8CCD2C6BD2F3CD3118DC57FCE4373B ] C:\Windows\System32\Windows.UI.Immersive.dll
07:06:49.0126 2956 C:\Windows\System32\Windows.UI.Immersive.dll - ok
07:06:49.0130 2956 [ C6CD2B6C8888942EF23D087E101F18BB ] C:\Windows\System32\fveapi.dll
07:06:49.0130 2956 C:\Windows\System32\fveapi.dll - ok
07:06:49.0136 2956 [ EDD39C19EFA8F01CBBCCFFADE4674C21 ] C:\Windows\SysWOW64\ntdll.dll
07:06:49.0136 2956 C:\Windows\SysWOW64\ntdll.dll - ok
07:06:49.0140 2956 [ 2211BB5549B98D3E1846FB8AF44C8BF7 ] C:\Windows\System32\DWrite.dll
07:06:49.0140 2956 C:\Windows\System32\DWrite.dll - ok
07:06:49.0143 2956 [ A2DE12A3A8ABC9E63AB553318083D3DD ] C:\Windows\SysWOW64\kernel32.dll
07:06:49.0143 2956 C:\Windows\SysWOW64\kernel32.dll - ok
07:06:49.0149 2956 [ 0C097317DFDAA4EE20167884368F74AD ] C:\Windows\SysWOW64\KernelBase.dll
07:06:49.0149 2956 C:\Windows\SysWOW64\KernelBase.dll - ok
07:06:49.0154 2956 [ C4A4CCDD5EE11DA9398ADC321D200A71 ] C:\Windows\System32\ProximityService.dll
07:06:49.0154 2956 C:\Windows\System32\ProximityService.dll - ok
07:06:49.0157 2956 [ 42CC1E04E5B97022215A9724018A58E9 ] C:\Windows\System32\ProximityCommon.dll
07:06:49.0157 2956 C:\Windows\System32\ProximityCommon.dll - ok
07:06:49.0162 2956 [ 444E04F1E4DC85DC20CF4DE1B9B77041 ] C:\Windows\SysWOW64\apphelp.dll
07:06:49.0162 2956 C:\Windows\SysWOW64\apphelp.dll - ok
07:06:49.0168 2956 [ 610EA9176B42FF8650CDE5DCF3213989 ] C:\Windows\System32\cmintegrator.dll
07:06:49.0169 2956 C:\Windows\System32\cmintegrator.dll - ok
07:06:49.0173 2956 [ 22965E609D8D0EC76E56737F4980F8B9 ] C:\Windows\System32\ProximityCommonPal.dll
07:06:49.0173 2956 C:\Windows\System32\ProximityCommonPal.dll - ok
07:06:49.0176 2956 [ B725F73C165A07163F3359E1A6B6E870 ] C:\Windows\System32\ProximityServicePal.dll
07:06:49.0176 2956 C:\Windows\System32\ProximityServicePal.dll - ok
07:06:49.0181 2956 [ 79E2068FB1E925B013EE28ACA7D1BEEE ] C:\Windows\System32\rasadhlp.dll
07:06:49.0181 2956 C:\Windows\System32\rasadhlp.dll - ok
07:06:49.0187 2956 [ C69E9512640F990F8350303235A16474 ] C:\Windows\System32\wcmcsp.dll
07:06:49.0187 2956 C:\Windows\System32\wcmcsp.dll - ok
07:06:49.0191 2956 [ 4AE9D6EDAE84ED6E0D6876023DCD232B ] C:\Windows\System32\Windows.UI.Xaml.Controls.dll
07:06:49.0191 2956 C:\Windows\System32\Windows.UI.Xaml.Controls.dll - ok
07:06:49.0195 2956 [ 08F9D3445210C2746575D0E1EBE73D64 ] C:\Windows\SysWOW64\AcGenral.dll
07:06:49.0195 2956 C:\Windows\SysWOW64\AcGenral.dll - ok
07:06:49.0202 2956 [ F88677EE53EBADE947945C5F894EC740 ] C:\Windows\SysWOW64\msvcrt.dll
07:06:49.0202 2956 C:\Windows\SysWOW64\msvcrt.dll - ok
07:06:49.0206 2956 [ 1004EAD5D7DF56ADA24CB5015DAF48D2 ] C:\Windows\System32\Windows.ApplicationModel.dll
07:06:49.0206 2956 C:\Windows\System32\Windows.ApplicationModel.dll - ok
07:06:49.0209 2956 [ 2E3069BE1E0918C2DDBC4F85CB7CFA43 ] C:\Windows\SysWOW64\rpcrt4.dll
07:06:49.0209 2956 C:\Windows\SysWOW64\rpcrt4.dll - ok
07:06:49.0218 2956 [ 4C57428054987E043D00A485EFCE90D2 ] C:\Windows\SysWOW64\sechost.dll
07:06:49.0218 2956 C:\Windows\SysWOW64\sechost.dll - ok
07:06:49.0223 2956 [ 615785B5CC653B2E926FD350F4AACFAF ] C:\Windows\SysWOW64\sspicli.dll
07:06:49.0223 2956 C:\Windows\SysWOW64\sspicli.dll - ok
07:06:49.0227 2956 [ 3EEFFDCCD84B20BD045756B1BD5F0071 ] C:\Windows\System32\Windows.Globalization.dll
07:06:49.0227 2956 C:\Windows\System32\Windows.Globalization.dll - ok
07:06:49.0233 2956 [ ED04B3391D18A6B3B5D0EA78BB84A36C ] C:\Windows\SysWOW64\bcryptprimitives.dll
07:06:49.0233 2956 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
07:06:49.0238 2956 [ 525A1F7BE5A73D4006619F1B0712E8B7 ] C:\Windows\SysWOW64\combase.dll
07:06:49.0239 2956 C:\Windows\SysWOW64\combase.dll - ok
07:06:49.0242 2956 [ 81ED6D8A9B50F7F143DD50AC59BD8546 ] C:\Windows\SysWOW64\cryptbase.dll
07:06:49.0242 2956 C:\Windows\SysWOW64\cryptbase.dll - ok
07:06:49.0249 2956 [ 9542C4EA92C3ACB7EDCE251499B97519 ] C:\Windows\SysWOW64\shlwapi.dll
07:06:49.0249 2956 C:\Windows\SysWOW64\shlwapi.dll - ok
07:06:49.0254 2956 [ 97481B8BE5AACE26A3CEBE8AB92C002D ] C:\Windows\System32\directmanipulation.dll
07:06:49.0254 2956 C:\Windows\System32\directmanipulation.dll - ok
07:06:49.0258 2956 [ A9C6F300AA2E8259CB5E9D92FFE25F49 ] C:\Windows\SysWOW64\ucrtbase.dll
07:06:49.0258 2956 C:\Windows\SysWOW64\ucrtbase.dll - ok
07:06:49.0262 2956 [ 9ED90819195699D64BC5E05D74D246FF ] C:\Windows\SysWOW64\gdi32.dll
07:06:49.0262 2956 C:\Windows\SysWOW64\gdi32.dll - ok
07:06:49.0268 2956 [ 544D43BE0496904174022368E7ADDC5D ] C:\Windows\SysWOW64\gdi32full.dll
07:06:49.0268 2956 C:\Windows\SysWOW64\gdi32full.dll - ok
07:06:49.0272 2956 [ 76B2F08DCABA8508AF1491E7B36CEF6C ] C:\Windows\SysWOW64\msvcp_win.dll
07:06:49.0272 2956 C:\Windows\SysWOW64\msvcp_win.dll - ok
07:06:49.0276 2956 [ 120FEF415AE56EDB4AB485B66015261A ] C:\Windows\SysWOW64\ole32.dll
07:06:49.0276 2956 C:\Windows\SysWOW64\ole32.dll - ok
07:06:49.0283 2956 [ F0D05651268F96C4CC4CE5D813159DC5 ] C:\Windows\SysWOW64\user32.dll
07:06:49.0283 2956 C:\Windows\SysWOW64\user32.dll - ok
07:06:49.0288 2956 [ 5B2896BBECB512FDA881E8CB450643C3 ] C:\Windows\SysWOW64\win32u.dll
07:06:49.0289 2956 C:\Windows\SysWOW64\win32u.dll - ok
07:06:49.0292 2956 [ EE9D3A1ECC57C0044C4911E47E5E087A ] C:\Windows\System32\FontGlyphAnimator.dll
07:06:49.0292 2956 C:\Windows\System32\FontGlyphAnimator.dll - ok
07:06:49.0296 2956 [ F5F38C2FDD1A4632A4E5042C109B88E5 ] C:\Windows\SysWOW64\advapi32.dll
07:06:49.0297 2956 C:\Windows\SysWOW64\advapi32.dll - ok
07:06:49.0303 2956 [ 1D9EEA34B352E494866CD6529F2EC66F ] C:\Windows\SysWOW64\oleaut32.dll
07:06:49.0303 2956 C:\Windows\SysWOW64\oleaut32.dll - ok
07:06:49.0306 2956 [ 8A8C771ACBDB1D4D25C62846AE5ECFAD ] C:\Windows\System32\AuthExt.dll
07:06:49.0306 2956 C:\Windows\System32\AuthExt.dll - ok
07:06:49.0310 2956 [ 1B273E4EBC3B7EC9DF300CBF4AE5AB15 ] C:\Windows\SysWOW64\shell32.dll
07:06:49.0310 2956 C:\Windows\SysWOW64\shell32.dll - ok
07:06:49.0316 2956 [ 295C7DA4999478F882F75C00F3BBAAD5 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599\comctl32.dll
07:06:49.0317 2956 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_05b436ac07203599\comctl32.dll - ok
07:06:49.0321 2956 [ D1484F8A54B3E8E19A76B7C80B0D238C ] C:\Windows\System32\NetworkStatus.dll
07:06:49.0321 2956 C:\Windows\System32\NetworkStatus.dll - ok
07:06:49.0324 2956 [ 0E9C81D55E8C0640C4A0F88B55B077A7 ] C:\Windows\SysWOW64\cfgmgr32.dll
07:06:49.0325 2956 C:\Windows\SysWOW64\cfgmgr32.dll - ok
07:06:49.0328 2956 [ AC18B38A8371584DE427EF6831DDC447 ] C:\Windows\SysWOW64\SHCore.dll
07:06:49.0328 2956 C:\Windows\SysWOW64\SHCore.dll - ok
07:06:49.0334 2956 [ 1FBBB23C02306AB1FE1D38C66007F9AC ] C:\Windows\System32\InputSwitch.dll
07:06:49.0334 2956 C:\Windows\System32\InputSwitch.dll - ok
07:06:49.0342 2956 [ C571A3FC4DFB061BC717CAAA82F891E7 ] C:\Windows\System32\wininet.dll
07:06:49.0342 2956 C:\Windows\System32\wininet.dll - ok
07:06:49.0346 2956 [ 472DCFDE05EC04510C9957D89CAC82BA ] C:\Windows\SysWOW64\windows.storage.dll
07:06:49.0346 2956 C:\Windows\SysWOW64\windows.storage.dll - ok
07:06:49.0352 2956 [ B2F1E917FE98D84BE43CF333830EADD6 ] C:\Windows\SysWOW64\cryptsp.dll
07:06:49.0352 2956 C:\Windows\SysWOW64\cryptsp.dll - ok
07:06:49.0357 2956 [ E81112B7B68B175C729330429FC51663 ] C:\Windows\SysWOW64\kernel.appcore.dll
07:06:49.0357 2956 C:\Windows\SysWOW64\kernel.appcore.dll - ok
07:06:49.0360 2956 [ E2D1485287284F4F5ABA3664656073BD ] C:\Windows\SysWOW64\powrprof.dll
07:06:49.0360 2956 C:\Windows\SysWOW64\powrprof.dll - ok
07:06:49.0365 2956 [ 491197DCF15ED46F9D5594C376613C3B ] C:\Windows\SysWOW64\profapi.dll
07:06:49.0366 2956 C:\Windows\SysWOW64\profapi.dll - ok
07:06:49.0372 2956 [ 12EB70FD51361171DB16869803BCA8A1 ] C:\Windows\System32\CredProvDataModel.dll
07:06:49.0372 2956 C:\Windows\System32\CredProvDataModel.dll - ok
07:06:49.0375 2956 [ 51CB50D02CA7C2F73DC09C6471844C7A ] C:\Windows\System32\threadpoolwinrt.dll
07:06:49.0375 2956 C:\Windows\System32\threadpoolwinrt.dll - ok
07:06:49.0380 2956 [ 5155E0D6FCFD6AE0B07C2923C19D29D3 ] C:\Windows\SysWOW64\msacm32.dll
07:06:49.0380 2956 C:\Windows\SysWOW64\msacm32.dll - ok
07:06:49.0386 2956 [ C4A71312D4E9F6A30206FF5DED174810 ] C:\Windows\SysWOW64\samcli.dll
07:06:49.0386 2956 C:\Windows\SysWOW64\samcli.dll - ok
07:06:49.0390 2956 [ E22F6470D0B31ABE10C777FF8551C0FD ] C:\Windows\SysWOW64\uxtheme.dll
07:06:49.0390 2956 C:\Windows\SysWOW64\uxtheme.dll - ok
07:06:49.0393 2956 [ 33F846041820FC098D5FFA08941A05B3 ] C:\Windows\SysWOW64\winmm.dll
07:06:49.0393 2956 C:\Windows\SysWOW64\winmm.dll - ok
07:06:49.0398 2956 [ 5A56585C356F0ABE6192B361F6E5228B ] C:\Windows\System32\credprovhost.dll
07:06:49.0398 2956 C:\Windows\System32\credprovhost.dll - ok
07:06:49.0404 2956 [ 107095F501EFDE7A3082F03CA9F7AA44 ] C:\Windows\System32\credprovs.dll
07:06:49.0404 2956 C:\Windows\System32\credprovs.dll - ok
07:06:49.0408 2956 [ 5E156BEDCE089689C204055DD9918D24 ] C:\Windows\System32\credprovslegacy.dll
07:06:49.0408 2956 C:\Windows\System32\credprovslegacy.dll - ok
07:06:49.0411 2956 [ 02B7D98CB2229EC74E416679F5108585 ] C:\Windows\SysWOW64\crypt32.dll
07:06:49.0411 2956 C:\Windows\SysWOW64\crypt32.dll - ok
07:06:49.0417 2956 [ E328808139E9D0C68AF088E79B8DDC5E ] C:\Windows\SysWOW64\dwmapi.dll
07:06:49.0417 2956 C:\Windows\SysWOW64\dwmapi.dll - ok
07:06:49.0422 2956 [ 82452E32EA660F327814683BDEA66DA4 ] C:\Windows\SysWOW64\userenv.dll
07:06:49.0422 2956 C:\Windows\SysWOW64\userenv.dll - ok
07:06:49.0425 2956 [ C5ED50A4404864F135F08D2BE9638194 ] C:\Windows\SysWOW64\version.dll
07:06:49.0425 2956 C:\Windows\SysWOW64\version.dll - ok
07:06:49.0429 2956 [ DA6FA2215B694FD1D3D8B076A48C8BC5 ] C:\Windows\System32\facecredentialprovider.dll
07:06:49.0429 2956 C:\Windows\System32\facecredentialprovider.dll - ok
07:06:49.0436 2956 [ 0423DC0B8058F0BA7E2714A1A05D0F83 ] C:\Windows\System32\PhotoMetadataHandler.dll
07:06:49.0436 2956 C:\Windows\System32\PhotoMetadataHandler.dll - ok
07:06:49.0440 2956 [ F26BBD782A1CDAE50E9D0752EBC85CD7 ] C:\Windows\SysWOW64\msasn1.dll
07:06:49.0440 2956 C:\Windows\SysWOW64\msasn1.dll - ok
07:06:49.0443 2956 [ 9D88A3254E21A049504E726B9BF989B1 ] C:\Windows\SysWOW64\urlmon.dll
07:06:49.0443 2956 C:\Windows\SysWOW64\urlmon.dll - ok
07:06:49.0447 2956 [ 5F2F0A5FD46A7E2F5862ECFE764F4654 ] C:\Windows\System32\Windows.Devices.Enumeration.dll
07:06:49.0448 2956 C:\Windows\System32\Windows.Devices.Enumeration.dll - ok
07:06:49.0454 2956 [ 9E0EA6EE403AC17AA7929B58ED02A795 ] C:\Windows\SysWOW64\winspool.drv
07:06:49.0454 2956 C:\Windows\SysWOW64\winspool.drv - ok
07:06:49.0457 2956 [ 3E98082656F68B4B16555C308B09E118 ] C:\Windows\System32\deviceassociation.dll
07:06:49.0457 2956 C:\Windows\System32\deviceassociation.dll - ok
07:06:49.0461 2956 [ 9DC0E579A781FEBBFF18E1858BE9CA5D ] C:\Windows\System32\SmartcardCredentialProvider.dll
07:06:49.0461 2956 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
07:06:49.0465 2956 [ 9BC6ED820DF8335A1BBAEB4F7B26AAD5 ] C:\Windows\SysWOW64\bcrypt.dll
07:06:49.0465 2956 C:\Windows\SysWOW64\bcrypt.dll - ok
07:06:49.0472 2956 [ EFB7E4B51D8D617424BC2E8D46AA7ECE ] C:\Windows\SysWOW64\mpr.dll
07:06:49.0472 2956 C:\Windows\SysWOW64\mpr.dll - ok
07:06:49.0475 2956 [ 2C8AEB65A99D1CB12A22254F36B51973 ] C:\Windows\SysWOW64\winmmbase.dll
07:06:49.0475 2956 C:\Windows\SysWOW64\winmmbase.dll - ok
07:06:49.0478 2956 [ E036F11292C502143683E1473FC08AE1 ] C:\Windows\System32\BioCredProv.dll
07:06:49.0479 2956 C:\Windows\System32\BioCredProv.dll - ok
07:06:49.0485 2956 [ 4D89DB62F5F850ACDFB07DE8DBA41278 ] C:\Windows\System32\StructuredQuery.dll
07:06:49.0486 2956 C:\Windows\System32\StructuredQuery.dll - ok
07:06:49.0490 2956 [ 1D4BA86D41C7C0F8241745DAF4DBC074 ] C:\Windows\SysWOW64\iertutil.dll
07:06:49.0490 2956 C:\Windows\SysWOW64\iertutil.dll - ok
07:06:49.0495 2956 [ B90BD7049D6BC7FE388D6F61D3148A10 ] C:\Windows\System32\MSWB7.dll
07:06:49.0495 2956 C:\Windows\System32\MSWB7.dll - ok
07:06:49.0501 2956 [ 1878F086570487BA1BA211A763BA50E6 ] C:\Windows\System32\ngckeyenum.dll
07:06:49.0502 2956 C:\Windows\System32\ngckeyenum.dll - ok
07:06:49.0505 2956 [ 2954F9AB7689F458EC2B9BF743AA3C55 ] C:\Windows\SysWOW64\propsys.dll
07:06:49.0505 2956 C:\Windows\SysWOW64\propsys.dll - ok
07:06:49.0509 2956 [ 7C20F5246E716A44326140A3B8D7EDB4 ] C:\Windows\System32\cxcredprov.dll
07:06:49.0509 2956 C:\Windows\System32\cxcredprov.dll - ok
07:06:49.0513 2956 [ A2AEDAB3C67AD899DEA49D3D92E47E93 ] C:\Windows\System32\ngccredprov.dll
07:06:49.0513 2956 C:\Windows\System32\ngccredprov.dll - ok
07:06:49.0520 2956 [ 3AD75B231FF0FAD82E278023A3407A24 ] C:\Windows\System32\wlidcredprov.dll
07:06:49.0520 2956 C:\Windows\System32\wlidcredprov.dll - ok
07:06:49.0524 2956 [ D6C7B2A83B1BE2F033E7BB781CF98904 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
07:06:49.0524 2956 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
07:06:49.0528 2956 [ 1C6699A9ACF74533B7989B54F9E2D920 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
07:06:49.0528 2956 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
07:06:49.0534 2956 [ 02AB13B3CE03CE9B28946B46E48C5B38 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
07:06:49.0535 2956 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
07:06:49.0540 2956 [ 9F7EC8ACEBF336B6431AD3FD4E423658 ] C:\Windows\System32\DevDispItemProvider.dll
07:06:49.0540 2956 C:\Windows\System32\DevDispItemProvider.dll - ok
07:06:49.0543 2956 [ 8379C13050D22856136825E80B637CBB ] C:\Windows\System32\rasplap.dll
07:06:49.0543 2956 C:\Windows\System32\rasplap.dll - ok
07:06:49.0547 2956 [ 3A531D7F1EB99031DDCAB68B4869FAFE ] C:\Windows\System32\rtutils.dll
07:06:49.0548 2956 C:\Windows\System32\rtutils.dll - ok
07:06:49.0554 2956 [ A8902F0BAE538AAE47EC4EDD7796B4B0 ] C:\Windows\SysWOW64\psapi.dll
07:06:49.0554 2956 C:\Windows\SysWOW64\psapi.dll - ok
07:06:49.0558 2956 [ 2D223410D597C2EAABA71C0809D346C5 ] C:\Windows\SysWOW64\ws2_32.dll
07:06:49.0558 2956 C:\Windows\SysWOW64\ws2_32.dll - ok
07:06:49.0561 2956 [ 109F0F02FD37C84BFC7508D4227D7ED5 ] C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\msvcp140.dll
07:06:49.0561 2956 C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\msvcp140.dll - ok
07:06:49.0568 2956 [ 7587BF9CB4147022CD5681B015183046 ] C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\vcruntime140.dll
07:06:49.0568 2956 C:\Windows\WinSxS\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_a01bd4182e9569cc\vcruntime140.dll - ok
07:06:49.0571 2956 [ EF4122DDB3D33DDB93C0942269F6CB61 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
07:06:49.0572 2956 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
07:06:49.0577 2956 [ E80C40465B4286871B0D6AF193548C3C ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
07:06:49.0577 2956 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
07:06:49.0581 2956 [ 136FC2194A90B508B69ED6E64AA2BAED ] C:\Windows\System32\CredProv2faHelper.dll
07:06:49.0581 2956 C:\Windows\System32\CredProv2faHelper.dll - ok
07:06:49.0588 2956 [ CC3074A26B40D9847A59AF6B18CB4B3F ] C:\Windows\System32\CredProvHelper.dll
07:06:49.0588 2956 C:\Windows\System32\CredProvHelper.dll - ok
07:06:49.0591 2956 [ B21C78DD62190CDD351399276879C7C0 ] C:\Windows\SysWOW64\setupapi.dll
07:06:49.0591 2956 C:\Windows\SysWOW64\setupapi.dll - ok
07:06:49.0595 2956 [ 8CAC6DE99F1D24E04EA5243E04427F41 ] C:\Windows\SysWOW64\wintrust.dll
07:06:49.0595 2956 C:\Windows\SysWOW64\wintrust.dll - ok
07:06:49.0600 2956 [ 0C9F5F2EC8BFB8127DCABBBB5A5394AF ] C:\Windows\SysWOW64\wsock32.dll
07:06:49.0600 2956 C:\Windows\SysWOW64\wsock32.dll - ok
07:06:49.0606 2956 [ 73FFA87ED79A59AD6E93428CFFEEC0AB ] C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll
07:06:49.0606 2956 C:\Program Files\AVAST Software\Avast\libcrypto-1_1.dll - ok
07:06:49.0609 2956 [ C7C45610F644906E6F7D664EF2E45B08 ] C:\Windows\System32\IDStore.dll
07:06:49.0610 2956 C:\Windows\System32\IDStore.dll - ok
07:06:49.0614 2956 [ 90D1DB5895699D79A5F9E2B5BDF13D66 ] C:\Program Files\AVAST Software\Avast\aswIP.dll
07:06:49.0614 2956 C:\Program Files\AVAST Software\Avast\aswIP.dll - ok
07:06:49.0621 2956 [ F1EDE7067D0C88A3B017EDAA9C50C043 ] C:\Program Files\AVAST Software\Avast\CommChannel.dll
07:06:49.0621 2956 C:\Program Files\AVAST Software\Avast\CommChannel.dll - ok
07:06:49.0624 2956 [ D2CB07DBE7773048C7EAA47420BBEBA4 ] C:\Program Files\AVAST Software\Avast\libssl-1_1.dll
07:06:49.0624 2956 C:\Program Files\AVAST Software\Avast\libssl-1_1.dll - ok
07:06:49.0628 2956 [ C309A0B32177191D46CE2DC9AC11A944 ] C:\Windows\System32\Windows.Media.dll
07:06:49.0628 2956 C:\Windows\System32\Windows.Media.dll - ok
07:06:49.0634 2956 [ 7BFDDFF87037B181A76DD1C15A82D21F ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
07:06:49.0634 2956 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
07:06:49.0639 2956 [ 74A80402692C7C6FA8151162F692EF66 ] C:\Windows\SysWOW64\wininet.dll
07:06:49.0639 2956 C:\Windows\SysWOW64\wininet.dll - ok
07:06:49.0643 2956 [ 6212FDA01CA582A4C513C4F30A004D5A ] C:\Program Files\AVAST Software\Avast\module_lifetime.dll
07:06:49.0643 2956 C:\Program Files\AVAST Software\Avast\module_lifetime.dll - ok
07:06:49.0647 2956 [ 052495BF199C5369F9C86BF9B26F2A3A ] C:\Windows\SysWOW64\dnsapi.dll
07:06:49.0647 2956 C:\Windows\SysWOW64\dnsapi.dll - ok
07:06:49.0653 2956 [ ABFB7822253696878452643A7B213DF7 ] C:\Windows\SysWOW64\winhttp.dll
07:06:49.0653 2956 C:\Windows\SysWOW64\winhttp.dll - ok
07:06:49.0657 2956 [ C64C3F9DC6EE1BA373020AA08371FD75 ] C:\Windows\System32\RTWorkQ.dll
07:06:49.0657 2956 C:\Windows\System32\RTWorkQ.dll - ok
07:06:49.0660 2956 [ D84223729B588252D9F8BD8C996D32A1 ] C:\Windows\SysWOW64\nsi.dll
07:06:49.0660 2956 C:\Windows\SysWOW64\nsi.dll - ok
07:06:49.0665 2956 [ 71BDD3255FEF64E493548056115E62FB ] C:\Windows\System32\winbio.dll
07:06:49.0665 2956 C:\Windows\System32\winbio.dll - ok
07:06:49.0671 2956 [ 14FA0452F2BC9146A4CACF6B4D4B0502 ] C:\Program Files\AVAST Software\Avast\dll_loader.dll
07:06:49.0671 2956 C:\Program Files\AVAST Software\Avast\dll_loader.dll - ok
07:06:49.0674 2956 [ EFA316802C6384D9036C3072F1425D33 ] C:\Program Files\AVAST Software\Avast\log.dll
07:06:49.0675 2956 C:\Program Files\AVAST Software\Avast\log.dll - ok
07:06:49.0678 2956 [ BB96E5E1ECCD7FD0FE7D7F04445381DE ] C:\Windows\System32\DeviceCredential.dll
07:06:49.0678 2956 C:\Windows\System32\DeviceCredential.dll - ok
07:06:49.0684 2956 [ 47E98D4E4CE12FD350A7592D7AC937B9 ] C:\Windows\SysWOW64\dbghelp.dll
07:06:49.0684 2956 C:\Windows\SysWOW64\dbghelp.dll - ok
07:06:49.0689 2956 [ 80290952846AD8BB11F2D580B4E32504 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
07:06:49.0689 2956 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
07:06:49.0692 2956 [ 53BBDF58A4F75F38BEC1BF4FCB0C946C ] C:\Windows\SysWOW64\dbgcore.dll
07:06:49.0692 2956 C:\Windows\SysWOW64\dbgcore.dll - ok
07:06:49.0698 2956 [ DCF1B40EC318A038106D4B5A77234A97 ] C:\Windows\SysWOW64\rsaenh.dll
07:06:49.0698 2956 C:\Windows\SysWOW64\rsaenh.dll - ok
07:06:49.0707 2956 [ 6024380A12429AC03BF5766B1827960E ] C:\Program Files\AVAST Software\Avast\tasks_core.dll
07:06:49.0707 2956 C:\Program Files\AVAST Software\Avast\tasks_core.dll - ok
07:06:49.0711 2956 [ EEA2B1A523CBBC3579BE6280026C513D ] C:\Windows\System32\Windows.CloudStore.dll
07:06:49.0711 2956 C:\Windows\System32\Windows.CloudStore.dll - ok
07:06:49.0717 2956 [ 70B7F03A4BA29DE32300554B43006F80 ] C:\Windows\System32\CredentialMigrationHandler.dll
07:06:49.0717 2956 C:\Windows\System32\CredentialMigrationHandler.dll - ok
07:06:49.0723 2956 [ D2AB39EA2C0FCD172751F84BDA723A97 ] C:\Windows\System32\dllhost.exe
07:06:49.0723 2956 C:\Windows\System32\dllhost.exe - ok
07:06:49.0727 2956 [ 47138C3655020E0F6F08271114907FAE ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
07:06:49.0727 2956 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
07:06:49.0731 2956 [ 58BB5432848A659D26C8D7BB92C17F22 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
07:06:49.0731 2956 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
07:06:49.0737 2956 [ 33FB24F528B7B48AC594B95557922D6A ] C:\Windows\System32\drivers\winquic.sys
07:06:49.0738 2956 C:\Windows\System32\drivers\winquic.sys - ok
07:06:49.0741 2956 [ FC166471116FF52B9EB17F3CDF962787 ] C:\Windows\System32\SettingSync.dll
07:06:49.0741 2956 C:\Windows\System32\SettingSync.dll - ok
07:06:49.0746 2956 [ E3E53B226DCC3D0F8A714929C45F068B ] C:\Windows\System32\drivers\http.sys
07:06:49.0746 2956 C:\Windows\System32\drivers\http.sys - ok
07:06:49.0751 2956 [ 766D3C67CDDD1649455E2A3BB0DA2F3A ] C:\Windows\System32\shacctprofile.dll
07:06:49.0751 2956 C:\Windows\System32\shacctprofile.dll - ok
07:06:49.0756 2956 [ FFE8B72C98A4508AB8C719CA939D816D ] C:\Windows\System32\AppxAllUserStore.dll
07:06:49.0756 2956 C:\Windows\System32\AppxAllUserStore.dll - ok
07:06:49.0759 2956 [ 5D4DC25AB059400E009D888240CF3B6C ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
07:06:49.0759 2956 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
07:06:49.0763 2956 [ 420453DA9599759D8F37834B7D61619E ] C:\Program Files\AVAST Software\Avast\anen.dll
07:06:49.0763 2956 C:\Program Files\AVAST Software\Avast\anen.dll - ok
07:06:49.0769 2956 [ 83813232898F851072D64F930BBD6055 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
07:06:49.0769 2956 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
07:06:49.0774 2956 [ 018F629BF74CC507BFD7E3E6B592D963 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
07:06:49.0774 2956 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
07:06:49.0777 2956 [ B54A80B1A307CE44C843EDD080FEA03E ] C:\Windows\System32\spoolsv.exe
07:06:49.0777 2956 C:\Windows\System32\spoolsv.exe - ok
07:06:49.0783 2956 [ 51B5563BEF5E549B7FA097B082251C01 ] C:\Windows\SysWOW64\wtsapi32.dll
07:06:49.0783 2956 C:\Windows\SysWOW64\wtsapi32.dll - ok
07:06:49.0789 2956 [ D9B248EED346FDBA701249E7D20151E9 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
07:06:49.0789 2956 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
07:06:49.0793 2956 [ ECEDCAF80F0FC14C59D24A4FF5081823 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
07:06:49.0793 2956 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
07:06:49.0796 2956 [ FDBFBEF0C8BDDAD200D242E83BF7D8C2 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
07:06:49.0796 2956 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
07:06:49.0802 2956 [ F6309394BF32E0AC49B45D5B05DE386A ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
07:06:49.0802 2956 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
07:06:49.0808 2956 [ 402759423F725A4030B6DD73F873D275 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
07:06:49.0808 2956 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
07:06:49.0811 2956 [ F888EDDF88D44CA678436ED81C571899 ] C:\Program Files\AVAST Software\Avast\streamback.dll
07:06:49.0811 2956 C:\Program Files\AVAST Software\Avast\streamback.dll - ok
07:06:49.0815 2956 [ CE3C36C029B3FC7EA45762991CDB3DF7 ] C:\Windows\SysWOW64\netapi32.dll
07:06:49.0815 2956 C:\Windows\SysWOW64\netapi32.dll - ok
07:06:49.0822 2956 [ 41ACC60FF3EF6D8D5D29D79D0481B0F1 ] C:\Windows\SysWOW64\srvcli.dll
07:06:49.0822 2956 C:\Windows\SysWOW64\srvcli.dll - ok
07:06:49.0826 2956 [ DAFF6F23D321DF8106CEC03BC0E9E964 ] C:\Windows\System32\drivers\bowser.sys
07:06:49.0826 2956 C:\Windows\System32\drivers\bowser.sys - ok
07:06:49.0831 2956 [ 5085527E8EF1C245782509DF5259A635 ] C:\Windows\SysWOW64\netutils.dll
07:06:49.0831 2956 C:\Windows\SysWOW64\netutils.dll - ok
07:06:49.0837 2956 [ 8B6722980E0C5A06312E00BD0565B692 ] C:\Windows\System32\sihost.exe
07:06:49.0837 2956 C:\Windows\System32\sihost.exe - ok
07:06:49.0843 2956 [ 1BC5A7FC08C5456354F2C4B238769783 ] C:\Windows\System32\mpr.dll
07:06:49.0843 2956 C:\Windows\System32\mpr.dll - ok
07:06:49.0848 2956 [ AB7C450FA26544AB6D9344A81597B30B ] C:\Windows\System32\drivers\mpsdrv.sys
07:06:49.0848 2956 C:\Windows\System32\drivers\mpsdrv.sys - ok
07:06:49.0856 2956 [ 4805FE481F8BA0E9EE23D568CDF0511F ] C:\Windows\System32\drivers\mrxsmb.sys
07:06:49.0856 2956 C:\Windows\System32\drivers\mrxsmb.sys - ok
07:06:49.0861 2956 [ D12F8DF3F9CBB945AF07C5E966264D2D ] C:\Windows\System32\drivers\mrxsmb20.sys
07:06:49.0861 2956 C:\Windows\System32\drivers\mrxsmb20.sys - ok
07:06:49.0867 2956 [ F67E36D2478F37C8D5D202755CA8988F ] C:\Program Files\AVAST Software\Avast\event_routing.dll
07:06:49.0867 2956 C:\Program Files\AVAST Software\Avast\event_routing.dll - ok
07:06:49.0874 2956 [ 74518EB383D389BE739482B61D6A60FA ] C:\Windows\System32\DesktopShellExt.dll
07:06:49.0874 2956 C:\Windows\System32\DesktopShellExt.dll - ok
07:06:49.0878 2956 [ 5EF8B333C40A3D177DB17B4590BC885C ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
07:06:49.0878 2956 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
07:06:49.0883 2956 [ 3C5E2B48021E9D45CCB35B8987F3A399 ] C:\Windows\System32\BFE.DLL
07:06:49.0883 2956 C:\Windows\System32\BFE.DLL - ok
07:06:49.0889 2956 [ EDC442731FB45E870F9F14D7A6FF8931 ] C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
07:06:49.0889 2956 C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll - ok
07:06:49.0894 2956 [ CCFAEF5BA0718F07FAC1B6282C40B5D8 ] C:\Windows\System32\cdp.dll
07:06:49.0894 2956 C:\Windows\System32\cdp.dll - ok
07:06:49.0899 2956 [ 8D3849E1837FCC289B744EC29D41FDC5 ] C:\Windows\System32\cdpusersvc.dll
07:06:49.0899 2956 C:\Windows\System32\cdpusersvc.dll - ok
07:06:49.0906 2956 [ E2B73F1C900896050EC7B1DD3E6276F7 ] C:\Windows\System32\dsparse.dll
07:06:49.0906 2956 C:\Windows\System32\dsparse.dll - ok
07:06:49.0909 2956 [ A54E980E453ED712A6ECF639CA70F4DB ] C:\Windows\System32\mscoree.dll
07:06:49.0909 2956 C:\Windows\System32\mscoree.dll - ok
07:06:49.0913 2956 [ 6728B2B1867B0607DFA28C13E625E355 ] C:\Windows\System32\wkssvc.dll
07:06:49.0913 2956 C:\Windows\System32\wkssvc.dll - ok
07:06:49.0919 2956 [ 7C6442B5B1DAA70A71DF7CBE5F65B8F9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
07:06:49.0919 2956 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
07:06:49.0924 2956 [ 4D8EF05AE2BFBD2747DEA08535B1887C ] C:\Windows\System32\ClipboardServer.dll
07:06:49.0924 2956 C:\Windows\System32\ClipboardServer.dll - ok
07:06:49.0928 2956 [ 5719B3ABD0FC28E1284F2515AE17613A ] C:\Windows\System32\version.dll
07:06:49.0928 2956 C:\Windows\System32\version.dll - ok
07:06:49.0933 2956 [ 60D1006B56C48A9A16F0D6E6FEEC2E6D ] C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
07:06:49.0933 2956 C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll - ok
07:06:49.0939 2956 [ C36B616BEA47B48C5A0ED35096EFFB63 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
07:06:49.0939 2956 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
07:06:49.0943 2956 [ 11AA47D31724CEE8BF60DBE6A90B87BE ] C:\Windows\System32\ActivationManager.dll
07:06:49.0943 2956 C:\Windows\System32\ActivationManager.dll - ok
07:06:49.0947 2956 [ 5F956C336A969FB4E07A124A3FD3F778 ] C:\Windows\System32\AppointmentActivation.dll
07:06:49.0947 2956 C:\Windows\System32\AppointmentActivation.dll - ok
07:06:49.0954 2956 [ 71D9036AB934E325721E24AC5AA79060 ] C:\Windows\SysWOW64\winsta.dll
07:06:49.0954 2956 C:\Windows\SysWOW64\winsta.dll - ok
07:06:49.0958 2956 [ E3A3FCC8758F8636EEE525E2C7BAD5D9 ] C:\Program Files\AVAST Software\Avast\process_monitor.dll
07:06:49.0958 2956 C:\Program Files\AVAST Software\Avast\process_monitor.dll - ok
07:06:49.0962 2956 [ 48FB3FFACCD2194CDD6B04CE84361C29 ] C:\Windows\System32\WpnUserService.dll
07:06:49.0962 2956 C:\Windows\System32\WpnUserService.dll - ok
07:06:49.0968 2956 [ 8227D1B3B4C4D17631F841010DFCE654 ] C:\Program Files\AVAST Software\Avast\event_manager.dll
07:06:49.0968 2956 C:\Program Files\AVAST Software\Avast\event_manager.dll - ok
07:06:49.0980 2956 [ CD96663D2549BB939B9B442D43B7DEFE ] C:\Windows\System32\modernexecserver.dll
07:06:49.0980 2956 C:\Windows\System32\modernexecserver.dll - ok
07:06:49.0986 2956 [ 6C9E7ECC89094405DE74086A11791703 ] C:\Program Files\AVAST Software\Avast\event_manager_burger.dll
07:06:49.0986 2956 C:\Program Files\AVAST Software\Avast\event_manager_burger.dll - ok
07:06:49.0990 2956 [ 722D541E4BA00F081204F08543C07308 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcr80.dll
07:06:49.0990 2956 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcr80.dll - ok
07:06:49.0994 2956 [ 73767B27742C208B6F9B81071C0DBE39 ] C:\Windows\System32\wpncore.dll
07:06:49.0994 2956 C:\Windows\System32\wpncore.dll - ok
07:06:49.0999 2956 [ 44569F58F79854FC93EEBF542FE64431 ] C:\Program Files\AVAST Software\Avast\burger_client.dll
07:06:49.0999 2956 C:\Program Files\AVAST Software\Avast\burger_client.dll - ok
07:06:50.0005 2956 [ A1F58FFF448E4099297D6EE0641D4D0E ] C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
07:06:50.0005 2956 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe - ok
07:06:50.0008 2956 [ 6D7E1E1481989B47D81671DDBB824257 ] C:\Program Files\AVAST Software\Avast\event_manager_ga.dll
07:06:50.0008 2956 C:\Program Files\AVAST Software\Avast\event_manager_ga.dll - ok
07:06:50.0012 2956 [ 8C1C9E02A14A5E1CB1D1671119455023 ] C:\Windows\System32\winsqlite3.dll
07:06:50.0012 2956 C:\Windows\System32\winsqlite3.dll - ok
07:06:50.0017 2956 [ 93FDAAFA89AEAF8C63B09FC3B86B1933 ] C:\Windows\SysWOW64\SensApi.dll
07:06:50.0017 2956 C:\Windows\SysWOW64\SensApi.dll - ok
07:06:50.0022 2956 [ F5B8CDE2C9C1B536DE572759BEF208F9 ] C:\Program Files\AVAST Software\Avast\network_notifications.dll
07:06:50.0022 2956 C:\Program Files\AVAST Software\Avast\network_notifications.dll - ok
07:06:50.0026 2956 [ 8C6342BD5D02735D95366645DFF8DCC4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fa5969e201f256d8a6d13440adfeb238\mscorlib.ni.dll
07:06:50.0026 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fa5969e201f256d8a6d13440adfeb238\mscorlib.ni.dll - ok
07:06:50.0030 2956 [ B5634C8C6AB3A0C33D2EE72644105022 ] C:\Windows\System32\NotificationController.dll
07:06:50.0030 2956 C:\Windows\System32\NotificationController.dll - ok
07:06:50.0036 2956 [ B9CF6B79AA85CCA68C19A81E795CD315 ] C:\Program Files (x86)\Dropbox\Update\1.3.141.1\goopdate.dll
07:06:50.0036 2956 C:\Program Files (x86)\Dropbox\Update\1.3.141.1\goopdate.dll - ok
07:06:50.0041 2956 [ 1F5AE36A9ED0769FF35F128A184E3AC4 ] C:\Program Files\AVAST Software\Avast\event_manager_er.dll
07:06:50.0041 2956 C:\Program Files\AVAST Software\Avast\event_manager_er.dll - ok
07:06:50.0044 2956 [ 665BF8D8ADB897ECA267842BFEE36CD2 ] C:\Windows\SysWOW64\winnsi.dll
07:06:50.0044 2956 C:\Windows\SysWOW64\winnsi.dll - ok
07:06:50.0049 2956 [ D782080B70936DAFC171947379E36D95 ] C:\Program Files\AVAST Software\Avast\lim.dll
07:06:50.0049 2956 C:\Program Files\AVAST Software\Avast\lim.dll - ok
07:06:50.0056 2956 [ 6FD17D434122FA21BDC334AE5920DE81 ] C:\Windows\System32\ExecModelClient.dll
07:06:50.0056 2956 C:\Windows\System32\ExecModelClient.dll - ok
07:06:50.0060 2956 [ 4CBC8D95DA14F280645B94C1F192FD2E ] C:\Windows\System32\PlaySndSrv.dll
07:06:50.0060 2956 C:\Windows\System32\PlaySndSrv.dll - ok
07:06:50.0063 2956 [ F2D18248B5772A008C78A0430145BF73 ] C:\Windows\System32\pnpui.dll
07:06:50.0063 2956 C:\Windows\System32\pnpui.dll - ok
07:06:50.0069 2956 [ F9B3EEC0677A727CD6D30F1915269BBB ] C:\Windows\System32\MsCtfMonitor.dll
07:06:50.0069 2956 C:\Windows\System32\MsCtfMonitor.dll - ok
07:06:50.0074 2956 [ 7F4C4B7967B4BA61CBD5531442105B01 ] C:\Windows\System32\TokenBroker.dll
07:06:50.0074 2956 C:\Windows\System32\TokenBroker.dll - ok
07:06:50.0077 2956 [ 6E146DC2BB21D37E1AD6CC1D256FE14A ] C:\Windows\System32\WindowManagement.dll
07:06:50.0077 2956 C:\Windows\System32\WindowManagement.dll - ok
07:06:50.0081 2956 [ 44017D29603B61CAACFE78161070403F ] C:\Windows\System32\dui70.dll
07:06:50.0081 2956 C:\Windows\System32\dui70.dll - ok
07:06:50.0087 2956 [ E880590195709592ED739B5A1B7A3883 ] C:\Windows\System32\msutb.dll
07:06:50.0087 2956 C:\Windows\System32\msutb.dll - ok
07:06:50.0093 2956 [ BABA279E10F36C6EDA28806A13167FFE ] C:\Windows\System32\tokenbinding.dll
07:06:50.0093 2956 C:\Windows\System32\tokenbinding.dll - ok
07:06:50.0098 2956 [ 70D23659307F729B78D9AF1313981F14 ] C:\Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
07:06:50.0098 2956 C:\Windows\System32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll - ok
07:06:50.0104 2956 [ 0496AEF0912D5E4DA978FD0F6D7CC33F ] C:\Windows\System32\ACPBackgroundManagerPolicy.dll
07:06:50.0104 2956 C:\Windows\System32\ACPBackgroundManagerPolicy.dll - ok
07:06:50.0109 2956 [ 0732F46BACBC745C192BFEF934DCD41D ] C:\Windows\System32\AppContracts.dll
07:06:50.0109 2956 C:\Windows\System32\AppContracts.dll - ok
07:06:50.0112 2956 [ 06C1C523059A8C2873851E9A84AF2B9B ] C:\Windows\System32\BackgroundMediaPolicy.dll
07:06:50.0112 2956 C:\Windows\System32\BackgroundMediaPolicy.dll - ok
07:06:50.0116 2956 [ 8D1CA4AF379687E2D7B45779AF3CB487 ] C:\Windows\System32\notificationplatformcomponent.dll
07:06:50.0117 2956 C:\Windows\System32\notificationplatformcomponent.dll - ok
07:06:50.0123 2956 [ A125D91625C9E2241D33B768FDFDD9A7 ] C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
07:06:50.0123 2956 C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe - ok
07:06:50.0127 2956 [ D1885BB83D385265EBD45BDC9BF42667 ] C:\Windows\System32\MDMAgent.exe
07:06:50.0127 2956 C:\Windows\System32\MDMAgent.exe - ok
07:06:50.0131 2956 [ 02DB9159042346C9AAD5A585745578F5 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f\comctl32.dll
07:06:50.0131 2956 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17763.195_none_4d616d831b9c5e9f\comctl32.dll - ok
07:06:50.0137 2956 [ 77146B21F39956858AEFF33FBD813D79 ] C:\Windows\System32\SebBackgroundManagerPolicy.dll
07:06:50.0137 2956 C:\Windows\System32\SebBackgroundManagerPolicy.dll - ok
07:06:50.0142 2956 [ 1F2B35BAAD10EDE6999B5657379AD8CF ] C:\Windows\System32\SmartCardBackgroundPolicy.dll
07:06:50.0142 2956 C:\Windows\System32\SmartCardBackgroundPolicy.dll - ok
07:06:50.0145 2956 [ AA472F222ABB4A6558BA0C0AB06FB14F ] C:\Windows\System32\QuietHours.dll
07:06:50.0145 2956 C:\Windows\System32\QuietHours.dll - ok
07:06:50.0150 2956 [ 5629E055C199162850C3F037B64FE501 ] C:\Windows\System32\ShareHost.dll
07:06:50.0150 2956 C:\Windows\System32\ShareHost.dll - ok
07:06:50.0157 2956 [ E5D5C3552383F087C6F6C97356B1C5AF ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswEngin.dll
07:06:50.0157 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswEngin.dll - ok
07:06:50.0160 2956 [ FA354DD1E56A73D2728FCE9D27836333 ] C:\Windows\System32\OneCoreCommonProxyStub.dll
07:06:50.0160 2956 C:\Windows\System32\OneCoreCommonProxyStub.dll - ok
07:06:50.0163 2956 [ 626A1593186D839054720C0D116C682E ] C:\Windows\System32\TabSvc.dll
07:06:50.0164 2956 C:\Windows\System32\TabSvc.dll - ok
07:06:50.0170 2956 [ 0EF812C7B135C8155A3619171AC4BD19 ] C:\Windows\System32\Windows.System.Launcher.dll
07:06:50.0170 2956 C:\Windows\System32\Windows.System.Launcher.dll - ok
07:06:50.0174 2956 [ 04A976FD214DF2638CEE9EF1A440555B ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnIS.dll
07:06:50.0175 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnIS.dll - ok
07:06:50.0178 2956 [ 5B7271C9363073B6E60A222885C7AFC8 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnOS.dll
07:06:50.0178 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnOS.dll - ok
07:06:50.0184 2956 [ 4E2306EE0D512E4F6E261883A3E1A809 ] C:\Windows\System32\execmodelproxy.dll
07:06:50.0184 2956 C:\Windows\System32\execmodelproxy.dll - ok
07:06:50.0190 2956 [ 68937E92D32C58DF54168807045E0CBC ] C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll
07:06:50.0190 2956 C:\Windows\System32\Windows.Security.Authentication.Web.Core.dll - ok
07:06:50.0193 2956 [ E1CC2A5F9D781778DFEDD171A4EF0AF9 ] C:\Windows\SysWOW64\msi.dll
07:06:50.0193 2956 C:\Windows\SysWOW64\msi.dll - ok
07:06:50.0197 2956 [ FE1DFF95000BCB7790AAE76BA776DED0 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnBS.dll
07:06:50.0197 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswCmnBS.dll - ok
07:06:50.0204 2956 [ BDE20B076C13C9470D578E62438647B6 ] C:\Windows\System32\NotificationControllerPS.dll
07:06:50.0204 2956 C:\Windows\System32\NotificationControllerPS.dll - ok
07:06:50.0209 2956 [ 05B56AECD414080CDCD39AD110D75323 ] C:\Windows\System32\twinui.appcore.dll
07:06:50.0209 2956 C:\Windows\System32\twinui.appcore.dll - ok
07:06:50.0212 2956 [ 63BB3590A148570BE2EA24DC1E251352 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswScan.dll
07:06:50.0212 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswScan.dll - ok
07:06:50.0218 2956 [ EB1B9A09B2693FC80FE78C3BB21B9B17 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\eb6b0e4f6563e047c10290d7751bd149\System.ni.dll
07:06:50.0218 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\eb6b0e4f6563e047c10290d7751bd149\System.ni.dll - ok
07:06:50.0224 2956 [ 10D6A83AA5128254F557FCA0331CF4C7 ] C:\Windows\System32\UiaManager.dll
07:06:50.0224 2956 C:\Windows\System32\UiaManager.dll - ok
07:06:50.0229 2956 [ E7B49769778D4311DFD82F4B4CADCDEF ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswFiDb.dll
07:06:50.0229 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswFiDb.dll - ok
07:06:50.0234 2956 [ ABE028BEC49BB0DF5F72B8E999412555 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswRep.dll
07:06:50.0234 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswRep.dll - ok
07:06:50.0239 2956 [ AFE653CCC2592633C22DD5DA4124AB59 ] C:\Windows\System32\ctfmon.exe
07:06:50.0240 2956 C:\Windows\System32\ctfmon.exe - ok
07:06:50.0243 2956 [ D41B7D3152E4ED1A32FA8939A828BAF7 ] C:\Windows\System32\Windows.StateRepository.dll
07:06:50.0243 2956 C:\Windows\System32\Windows.StateRepository.dll - ok
07:06:50.0248 2956 [ 8C0B6B6F40F22D5B8BC012CABE840D1B ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswArray.dll
07:06:50.0248 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswArray.dll - ok
07:06:50.0255 2956 [ A5E7C082485ADE9CBD88D7F327E6B494 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswCleanerDLL.dll
07:06:50.0255 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswCleanerDLL.dll - ok
07:06:50.0259 2956 [ FC323358B28187085B95C30F1C1F8E8A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7c39b2dac8a63e27908163b0d622b0b5\System.ServiceProcess.ni.dll
07:06:50.0259 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\7c39b2dac8a63e27908163b0d622b0b5\System.ServiceProcess.ni.dll - ok
07:06:50.0262 2956 [ 234B2BE9857DD92EE5C075224991A486 ] C:\Windows\System32\container.dll
07:06:50.0262 2956 C:\Windows\System32\container.dll - ok
07:06:50.0266 2956 [ EC8CC81AC2BADEFA3C6CF5386BE69D67 ] C:\Windows\System32\daxexec.dll
07:06:50.0266 2956 C:\Windows\System32\daxexec.dll - ok
07:06:50.0273 2956 [ C029276FFA2389C0DC0571243B00BEEF ] C:\Windows\System32\fltLib.dll
07:06:50.0273 2956 C:\Windows\System32\fltLib.dll - ok
07:06:50.0276 2956 [ 6E9DD22BB3D5FAEB53CA08678935A8A4 ] C:\Windows\System32\InputService.dll
07:06:50.0276 2956 C:\Windows\System32\InputService.dll - ok
07:06:50.0287 2956 [ 6380675C1C5661ED1B2681DC8EDD3191 ] C:\Windows\System32\mssrch.dll
07:06:50.0287 2956 C:\Windows\System32\mssrch.dll - ok
07:06:50.0293 2956 [ 05F1ED5B29D7587B3BAD34B87CF2D978 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
07:06:50.0293 2956 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
07:06:50.0297 2956 [ 1294534CF5622F0ECA2ECCE8831D22A7 ] C:\Windows\System32\wlidprov.dll
07:06:50.0297 2956 C:\Windows\System32\wlidprov.dll - ok
07:06:50.0306 2956 [ 26AAA125696A955E7BD1BBE3E0A3ACA6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\278e4a5b5851850f7da3584fa59cce0d\WindowsBase.ni.dll
07:06:50.0306 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\WindowsBase\278e4a5b5851850f7da3584fa59cce0d\WindowsBase.ni.dll - ok
07:06:50.0311 2956 [ 8375AE0D59124029F9E6E17B8CCC4248 ] C:\Windows\System32\tquery.dll
07:06:50.0311 2956 C:\Windows\System32\tquery.dll - ok
07:06:50.0315 2956 [ F31B6E4762E1134514FE4B84D0B644D9 ] C:\Windows\System32\mscms.dll
07:06:50.0315 2956 C:\Windows\System32\mscms.dll - ok
07:06:50.0322 2956 [ 8186B18F85C08601EA488C0C28FE2F34 ] C:\Windows\System32\esent.dll
07:06:50.0322 2956 C:\Windows\System32\esent.dll - ok
07:06:50.0327 2956 [ 1D1F0C231972C2F2302EC32FF47EAA66 ] C:\Windows\System32\MTFServer.dll
07:06:50.0327 2956 C:\Windows\System32\MTFServer.dll - ok
07:06:50.0330 2956 [ E2C59907C0F44F7B71A96E4BF62FD321 ] C:\Windows\SysWOW64\wkscli.dll
07:06:50.0330 2956 C:\Windows\SysWOW64\wkscli.dll - ok
07:06:50.0335 2956 [ 5DF604B4172FAD052C12784615916F08 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\04d0e178e2a27b725c7c848f0483705b\PresentationCore.ni.dll
07:06:50.0336 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\04d0e178e2a27b725c7c848f0483705b\PresentationCore.ni.dll - ok
07:06:50.0341 2956 [ 507E4773BE8BB3AE81897EFB05220833 ] C:\Windows\System32\coloradapterclient.dll
07:06:50.0341 2956 C:\Windows\System32\coloradapterclient.dll - ok
07:06:50.0345 2956 [ 7604962C0AD25D07102FE51214588990 ] C:\Windows\System32\InputLocaleManager.dll
07:06:50.0345 2956 C:\Windows\System32\InputLocaleManager.dll - ok
07:06:50.0349 2956 [ 77E286164BAFE1FA0AE28B6BBAB94146 ] C:\Windows\System32\wshhyperv.dll
07:06:50.0349 2956 C:\Windows\System32\wshhyperv.dll - ok
07:06:50.0356 2956 [ AD04FAB2E458E2A7E81CCCFE4B4ACAEB ] C:\Windows\System32\CoreShellExtFramework.dll
07:06:50.0356 2956 C:\Windows\System32\CoreShellExtFramework.dll - ok
07:06:50.0360 2956 [ 96BD7C23645E7186B66E5A0A008DFD0F ] C:\Windows\System32\dxva2.dll
07:06:50.0360 2956 C:\Windows\System32\dxva2.dll - ok
07:06:50.0364 2956 [ 938E4C65CD23CCD6297B0EA8781E45F4 ] C:\Windows\System32\winspool.drv
07:06:50.0364 2956 C:\Windows\System32\winspool.drv - ok
07:06:50.0370 2956 [ DAC6849C4D6D7CD412CA5C11E94CAC39 ] C:\Windows\System32\wshqos.dll
07:06:50.0370 2956 C:\Windows\System32\wshqos.dll - ok
07:06:50.0375 2956 [ 8DCA160E6FC187BAED3A7EF22622301D ] C:\Windows\SysWOW64\ntmarta.dll
07:06:50.0375 2956 C:\Windows\SysWOW64\ntmarta.dll - ok
07:06:50.0379 2956 [ B23963938989724C916E4AF1E8E3268F ] C:\Windows\System32\wship6.dll
07:06:50.0379 2956 C:\Windows\System32\wship6.dll - ok
07:06:50.0382 2956 [ EF867286D0E1CF1990B7400BA80FAD77 ] C:\Windows\System32\WSHTCPIP.DLL
07:06:50.0383 2956 C:\Windows\System32\WSHTCPIP.DLL - ok
07:06:50.0389 2956 [ 702773B2566E4365103E496ED4BCF0BC ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll
07:06:50.0389 2956 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\wpfgfx_v0300.dll - ok
07:06:50.0393 2956 [ 72DCA3EF93EAB7A87D3EBE9DD94C959F ] C:\Windows\System32\cdpsvc.dll
07:06:50.0393 2956 C:\Windows\System32\cdpsvc.dll - ok
07:06:50.0396 2956 [ 8BE89FCB007157834E15AD3868F6D405 ] C:\Windows\System32\MTF.dll
07:06:50.0396 2956 C:\Windows\System32\MTF.dll - ok
07:06:50.0401 2956 [ 4EBB9EDE225E0859A7285BF143E8968B ] C:\Windows\System32\TileDataRepository.dll
07:06:50.0401 2956 C:\Windows\System32\TileDataRepository.dll - ok
07:06:50.0407 2956 [ E534219E8F2117FA6175CBA89DD9EF17 ] C:\Windows\System32\dimsjob.dll
07:06:50.0407 2956 C:\Windows\System32\dimsjob.dll - ok
07:06:50.0410 2956 [ 2A798A380EE1187CBD27321C6FDA5AF0 ] C:\Windows\System32\lmhsvc.dll
07:06:50.0410 2956 C:\Windows\System32\lmhsvc.dll - ok
07:06:50.0414 2956 [ EEF425DC9FCC1085B9599EAF43193BFA ] C:\Windows\System32\netfxperf.dll
07:06:50.0414 2956 C:\Windows\System32\netfxperf.dll - ok
07:06:50.0419 2956 [ 1CC19A0D776DBB7196B88A12EB56641A ] C:\Windows\System32\nrpsrv.dll
07:06:50.0419 2956 C:\Windows\System32\nrpsrv.dll - ok
07:06:50.0425 2956 [ EDA212897AD206B6D2B4429BDDD433E8 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
07:06:50.0425 2956 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
07:06:50.0429 2956 [ 32DC3C08E3CF9B75D8AC3FCE947AEDD1 ] C:\Windows\System32\ncryptprov.dll
07:06:50.0429 2956 C:\Windows\System32\ncryptprov.dll - ok
07:06:50.0433 2956 [ F4010006BFAC7676BDB51CD0B267EE50 ] C:\Windows\System32\localspl.dll
07:06:50.0433 2956 C:\Windows\System32\localspl.dll - ok
07:06:50.0439 2956 [ 3D95350B6FECC856A432C8442B95AA84 ] C:\Windows\System32\SettingSyncCore.dll
07:06:50.0439 2956 C:\Windows\System32\SettingSyncCore.dll - ok
07:06:50.0445 2956 [ 8CC17D1FF70048480066718EA850C72C ] C:\Windows\System32\spoolss.dll
07:06:50.0445 2956 C:\Windows\System32\spoolss.dll - ok
07:06:50.0449 2956 [ 5485A575FFB0DE1DCDD0090E0892D14A ] C:\Windows\System32\srvcli.dll
07:06:50.0449 2956 C:\Windows\System32\srvcli.dll - ok
07:06:50.0454 2956 [ 814A312ED278D67A5AE033500065F49F ] C:\Windows\System32\keyiso.dll
07:06:50.0454 2956 C:\Windows\System32\keyiso.dll - ok
07:06:50.0458 2956 [ 6E13163214C64BD6453FBE3AF96F8944 ] C:\Windows\System32\secur32.dll
07:06:50.0459 2956 C:\Windows\System32\secur32.dll - ok
07:06:50.0462 2956 [ 455E89E79F99BC944F7915D6452B0801 ] C:\Windows\System32\sfc_os.dll
07:06:50.0462 2956 C:\Windows\System32\sfc_os.dll - ok
07:06:50.0468 2956 [ A4E2FB50C8F09F90B18EA577F8F7E8D4 ] C:\Windows\System32\shfolder.dll
07:06:50.0468 2956 C:\Windows\System32\shfolder.dll - ok
07:06:50.0475 2956 [ B27279D58FF5801DF02F83E7E51C53C9 ] C:\Windows\System32\AppMon.dll
07:06:50.0475 2956 C:\Windows\System32\AppMon.dll - ok
07:06:50.0479 2956 [ AAA689A385A8CDE02D5D3F619F03F970 ] C:\Windows\System32\PrintIsolationProxy.dll
07:06:50.0479 2956 C:\Windows\System32\PrintIsolationProxy.dll - ok
07:06:50.0483 2956 [ DCF2193778F189C281807A670EED47EE ] C:\Windows\System32\dusmapi.dll
07:06:50.0483 2956 C:\Windows\System32\dusmapi.dll - ok
07:06:50.0489 2956 [ E390C844FFD78351AD78F17B3DA9A712 ] C:\Windows\System32\FXSMON.dll
07:06:50.0489 2956 C:\Windows\System32\FXSMON.dll - ok
07:06:50.0493 2956 [ 65BC40A32D26ECB1BA4DF0731CD02560 ] C:\Windows\System32\snmpapi.dll
07:06:50.0493 2956 C:\Windows\System32\snmpapi.dll - ok
07:06:50.0498 2956 [ C0A22C631462B3122957FB34DC71AA85 ] C:\Windows\System32\tcpmon.dll
07:06:50.0498 2956 C:\Windows\System32\tcpmon.dll - ok
07:06:50.0503 2956 [ 8CEA1C5D51D7FAC2626171604998D520 ] C:\Windows\System32\wshirda.dll
07:06:50.0503 2956 C:\Windows\System32\wshirda.dll - ok
07:06:50.0509 2956 [ A8458E7BF9124E03FE5402B93D01810B ] C:\Windows\System32\wsnmp32.dll
07:06:50.0509 2956 C:\Windows\System32\wsnmp32.dll - ok
07:06:50.0511 2956 [ C16800A2A05724119FE9A8978FD85F4B ] C:\Windows\SysWOW64\cscapi.dll
07:06:50.0511 2956 C:\Windows\SysWOW64\cscapi.dll - ok
07:06:50.0516 2956 [ 10699E358B3D682FDE7D0E6A0585C0BC ] C:\Windows\System32\APMon.dll
07:06:50.0516 2956 C:\Windows\System32\APMon.dll - ok
07:06:50.0522 2956 [ A52716A8E7EA25415F27BBEB0EBD0803 ] C:\Windows\System32\MPSSVC.dll
07:06:50.0522 2956 C:\Windows\System32\MPSSVC.dll - ok
07:06:50.0526 2956 [ 2517371801167619C066D910B98B7EB8 ] C:\Windows\System32\usbmon.dll
07:06:50.0526 2956 C:\Windows\System32\usbmon.dll - ok
07:06:50.0530 2956 [ 62199BF94E3F7B05CF9A1DB1458423FE ] C:\Windows\System32\IPSECSVC.DLL
07:06:50.0530 2956 C:\Windows\System32\IPSECSVC.DLL - ok
07:06:50.0534 2956 [ 8CC02ACC755E3700F5BB328C1F21CE06 ] C:\Windows\System32\webservices.dll
07:06:50.0535 2956 C:\Windows\System32\webservices.dll - ok
07:06:50.0541 2956 [ 5239A6D00B42DE861C4B2232812A952B ] C:\Windows\System32\WSDApi.dll
07:06:50.0541 2956 C:\Windows\System32\WSDApi.dll - ok
07:06:50.0545 2956 [ 4867E864E822A578B2BBC8F1FC7BAFD2 ] C:\Windows\System32\fwpolicyiomgr.dll
07:06:50.0545 2956 C:\Windows\System32\fwpolicyiomgr.dll - ok
07:06:50.0548 2956 [ 92FAE7621EBFB90F48D9B862991AD891 ] C:\Windows\System32\FwRemoteSvr.dll
07:06:50.0548 2956 C:\Windows\System32\FwRemoteSvr.dll - ok
07:06:50.0553 2956 [ 9DB53CCE6C4AE3FE95DF6A26528578B3 ] C:\Program Files\AVAST Software\Avast\defs\19010204\algo.dll
07:06:50.0553 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\algo.dll - ok
07:06:50.0567 2956 [ 9D6DB6038C76BDDCFB563535D08A62C4 ] C:\Windows\System32\webio.dll
07:06:50.0567 2956 C:\Windows\System32\webio.dll - ok
07:06:50.0573 2956 [ A5483EDF19986EECE8383C4BBD554996 ] C:\Windows\System32\IKEEXT.DLL
07:06:50.0573 2956 C:\Windows\System32\IKEEXT.DLL - ok
07:06:50.0577 2956 [ C513432207191FDB95C18629BB3DF018 ] C:\Windows\System32\msxml6.dll
07:06:50.0577 2956 C:\Windows\System32\msxml6.dll - ok
07:06:50.0581 2956 [ BD008510936DD85058E195984CFDCC17 ] C:\Windows\System32\wermgr.exe
07:06:50.0581 2956 C:\Windows\System32\wermgr.exe - ok
07:06:50.0586 2956 [ 78AA5FEDC6ECA8269093F4D1EE2A27B3 ] C:\Windows\System32\wshbth.dll
07:06:50.0586 2956 C:\Windows\System32\wshbth.dll - ok
07:06:50.0594 2956 [ 8E1D1B4EF5E8C56F20167783F7E71AC7 ] C:\Windows\SysWOW64\comdlg32.dll
07:06:50.0594 2956 C:\Windows\SysWOW64\comdlg32.dll - ok
07:06:50.0598 2956 [ 6F10F72890CF07008B98E05A9CA74ADD ] C:\Windows\System32\pautoenr.dll
07:06:50.0598 2956 C:\Windows\System32\pautoenr.dll - ok
07:06:50.0617 2956 [ 3FB1A87F34F3EE005ECCF3CA841949CC ] C:\Windows\System32\sbservicetrigger.dll
07:06:50.0617 2956 C:\Windows\System32\sbservicetrigger.dll - ok
07:06:50.0623 2956 [ 0D088F5BCFA8F086FBA163647CD80CAB ] C:\Windows\System32\cmd.exe
07:06:50.0623 2956 C:\Windows\System32\cmd.exe - ok
07:06:50.0626 2956 [ B697457756096E04A4B534EBEED6B291 ] C:\Windows\System32\drvstore.dll
07:06:50.0626 2956 C:\Windows\System32\drvstore.dll - ok
07:06:50.0629 2956 [ 912B28456292AF00A8EBF2B0F90E42B5 ] C:\Windows\System32\drivers\condrv.sys
07:06:50.0629 2956 C:\Windows\System32\drivers\condrv.sys - ok
07:06:50.0632 2956 [ DE374A5418EF27445DCD478256345DA9 ] C:\Windows\System32\adhapi.dll
07:06:50.0632 2956 C:\Windows\System32\adhapi.dll - ok
07:06:50.0637 2956 [ 4C41666923A14DC687DEEE3B143AFB55 ] C:\Windows\System32\conhost.exe
07:06:50.0637 2956 C:\Windows\System32\conhost.exe - ok
07:06:50.0644 2956 [ 9225DC176C3ADCD36E207E1805364404 ] C:\Windows\System32\dmenrollengine.dll
07:06:50.0644 2956 C:\Windows\System32\dmenrollengine.dll - ok
07:06:50.0648 2956 [ 716870555E38130F5BF6CFB26026D3BC ] C:\Windows\System32\CertEnroll.dll
07:06:50.0648 2956 C:\Windows\System32\CertEnroll.dll - ok
07:06:50.0653 2956 [ 8BCE5437B62FD6061C9D5E738561B0DF ] C:\Windows\System32\DbxSvc.exe
07:06:50.0653 2956 C:\Windows\System32\DbxSvc.exe - ok
07:06:50.0659 2956 [ 03838AADC5FEF7A3354490C18C94E446 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
07:06:50.0659 2956 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
07:06:50.0663 2956 [ 3BBF4C8BB52DCB265EF71E4F75369C65 ] C:\Windows\System32\drivers\ndisuio.sys
07:06:50.0663 2956 C:\Windows\System32\drivers\ndisuio.sys - ok
07:06:50.0666 2956 [ 8260A0FF7EDD2A499D0613761F624980 ] C:\Windows\System32\certca.dll
07:06:50.0666 2956 C:\Windows\System32\certca.dll - ok
07:06:50.0672 2956 [ 65CAA5C91F2C9239F3E008779FA98A48 ] C:\Windows\System32\dbgeng.dll
07:06:50.0672 2956 C:\Windows\System32\dbgeng.dll - ok
07:06:50.0676 2956 [ 5B8D57A3FA8AFD8EA21240E10E570E4E ] C:\Windows\System32\drivers\nwifi.sys
07:06:50.0676 2956 C:\Windows\System32\drivers\nwifi.sys - ok
07:06:50.0680 2956 [ A79265A2CF42790393832EB1771E0967 ] C:\Windows\System32\drivers\srvnet.sys
07:06:50.0680 2956 C:\Windows\System32\drivers\srvnet.sys - ok
07:06:50.0685 2956 [ 936F80B51DE6971431BA390D07EAE688 ] C:\Windows\System32\win32spl.dll
07:06:50.0685 2956 C:\Windows\System32\win32spl.dll - ok
07:06:50.0691 2956 [ A55C4EC26B4B05A9AFF4C26C74343795 ] C:\Windows\System32\drivers\srv2.sys
07:06:50.0691 2956 C:\Windows\System32\drivers\srv2.sys - ok
07:06:50.0695 2956 [ D0CA5F8FBC01102ACB15FD6CCEC416A4 ] C:\Windows\System32\inetpp.dll
07:06:50.0695 2956 C:\Windows\System32\inetpp.dll - ok
07:06:50.0699 2956 [ 88980D5263DDF81E9BA4E50C288A421C ] C:\Windows\System32\drivers\mmcss.sys
07:06:50.0699 2956 C:\Windows\System32\drivers\mmcss.sys - ok
07:06:50.0705 2956 [ 5DFB139945F70FA15CAF7F3929B932AD ] C:\Windows\System32\drivers\Ndu.sys
07:06:50.0705 2956 C:\Windows\System32\drivers\Ndu.sys - ok
07:06:50.0709 2956 [ 4C10D7C0CAC3B1499BF0B69153593777 ] C:\Windows\System32\sti.dll
07:06:50.0709 2956 C:\Windows\System32\sti.dll - ok
07:06:50.0713 2956 [ 817E69FA0C14EDCD06BC32E9EDE21631 ] C:\Windows\System32\cryptcatsvc.dll
07:06:50.0713 2956 C:\Windows\System32\cryptcatsvc.dll - ok
07:06:50.0716 2956 [ E8A9C2E4DCCFA92B197A5FC6D3B5249A ] C:\Windows\System32\cryptsvc.dll
07:06:50.0716 2956 C:\Windows\System32\cryptsvc.dll - ok
07:06:50.0722 2956 [ 0B18AD88FFFAC208FD6CAEBCEA66BB31 ] C:\Windows\System32\crypttpmeksvc.dll
07:06:50.0722 2956 C:\Windows\System32\crypttpmeksvc.dll - ok
07:06:50.0727 2956 [ E4518C35D159A468A789AB216A03AE8C ] C:\Windows\System32\drivers\PEAuth.sys
07:06:50.0727 2956 C:\Windows\System32\drivers\PEAuth.sys - ok
07:06:50.0730 2956 [ ECB760B2391608BA4E0A7987ADA70CCF ] C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
07:06:50.0730 2956 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe - ok
07:06:50.0735 2956 [ 35A20D48D8A84AF8154B47CBCEACBCCC ] C:\Windows\System32\das.dll
07:06:50.0735 2956 C:\Windows\System32\das.dll - ok
07:06:50.0744 2956 [ A8766E18A1E2D41301E7A8EEFBABCDDD ] C:\Windows\System32\drivers\tcpipreg.sys
07:06:50.0744 2956 C:\Windows\System32\drivers\tcpipreg.sys - ok
07:06:50.0747 2956 [ 93FECF4BD3A622DDBBA203FEE51500AA ] C:\Windows\System32\webauthn.dll
07:06:50.0748 2956 C:\Windows\System32\webauthn.dll - ok
07:06:50.0751 2956 [ 5F524E5F9EAA6F347F41D4F3214A20A8 ] C:\Windows\System32\wfapigp.dll
07:06:50.0751 2956 C:\Windows\System32\wfapigp.dll - ok
07:06:50.0758 2956 [ C649D0BF27083B0E483C9F6C0AC8FB88 ] C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
07:06:50.0758 2956 C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe - ok
07:06:50.0762 2956 [ B0A68C5BB8D5493F1AF967F0FDD80382 ] C:\Windows\System32\dbghelp.dll
07:06:50.0762 2956 C:\Windows\System32\dbghelp.dll - ok
07:06:50.0765 2956 [ 7F8BDC3C037CB1E5F50E63CCDFD8246E ] C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
07:06:50.0765 2956 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe - ok
07:06:50.0770 2956 [ 1BCAB96462F3048D6F4F5EF91C192A24 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
07:06:50.0770 2956 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
07:06:50.0776 2956 [ 00000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe
07:06:50.0776 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmdsrv.exe - ok
07:06:50.0780 2956 [ 00000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
07:06:50.0780 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe - ok
07:06:50.0784 2956 [ 1D811E1FEEC39C306B1A9972E20CE742 ] C:\PROGRA~2\COMMON~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE
07:06:50.0784 2956 C:\PROGRA~2\COMMON~1\DATADY~1\ACTIVE~1\WEBCAC~1.EXE - ok
07:06:50.0791 2956 [ F53EFCAE6DA342016A79CE519AB0095F ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlos.dll
07:06:50.0791 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlos.dll - ok
07:06:50.0795 2956 [ EA4DA54938BD58BF9BA6E457AA186AA4 ] C:\Windows\System32\DbgModel.dll
07:06:50.0795 2956 C:\Windows\System32\DbgModel.dll - ok
07:06:50.0798 2956 [ FA6AA982DDF1B76DE85E7DCEE1A929A7 ] C:\Windows\System32\netapi32.dll
07:06:50.0798 2956 C:\Windows\System32\netapi32.dll - ok
07:06:50.0804 2956 [ 0F47E1EAB1410C0C2F7639C1D157B212 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcp80.dll
07:06:50.0804 2956 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcp80.dll - ok
07:06:50.0811 2956 [ 78FB3F169BC7BEA4884CA9B5025A68C8 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\opends60.dll
07:06:50.0811 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\opends60.dll - ok
07:06:50.0814 2956 [ 4C02D7CF0BF5476C05BD1F56E2DDDCD1 ] C:\Windows\System32\diagtrack.dll
07:06:50.0814 2956 C:\Windows\System32\diagtrack.dll - ok
07:06:50.0818 2956 [ 70124ABD0EA0C710F1F10706E2FDE73D ] C:\Windows\System32\iphlpsvc.dll
07:06:50.0818 2956 C:\Windows\System32\iphlpsvc.dll - ok
07:06:50.0824 2956 [ 2EA591DA2D1BFC467C173538249176F0 ] C:\Windows\System32\pdh.dll
07:06:50.0824 2956 C:\Windows\System32\pdh.dll - ok
07:06:50.0828 2956 [ 40F5D24F1365B3847C9EC79E40446140 ] C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\SQLRSOS.dll
07:06:50.0828 2956 C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\SQLRSOS.dll - ok
07:06:50.0831 2956 [ 5A5192A25B64BA520EC1AAFFC67B338D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\batchparser.dll
07:06:50.0832 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\batchparser.dll - ok
07:06:50.0837 2956 [ 9A896F90132B1C538A23093EDF0524E5 ] C:\Windows\System32\httpprxm.dll
07:06:50.0837 2956 C:\Windows\System32\httpprxm.dll - ok
07:06:50.0842 2956 [ 020D5B7E60C39A98983733C520A6AB7A ] C:\Windows\System32\NetSetupApi.dll
07:06:50.0842 2956 C:\Windows\System32\NetSetupApi.dll - ok
07:06:50.0847 2956 [ 1DECC4E876796408E6399F7A46E943B1 ] C:\Windows\System32\adhsvc.dll
07:06:50.0847 2956 C:\Windows\System32\adhsvc.dll - ok
07:06:50.0851 2956 [ B25FAED5F3E6796C909DB4D09BAD3F0C ] C:\Windows\System32\windowsperformancerecordercontrol.dll
07:06:50.0851 2956 C:\Windows\System32\windowsperformancerecordercontrol.dll - ok
07:06:50.0858 2956 [ CBC95B94E0C7525042795F01E3AAF2C6 ] C:\Windows\System32\weretw.dll
07:06:50.0858 2956 C:\Windows\System32\weretw.dll - ok
07:06:50.0862 2956 [ 3323FA7D6EBA946EC070186927573E62 ] C:\Windows\System32\dasHost.exe
07:06:50.0862 2956 C:\Windows\System32\dasHost.exe - ok
07:06:50.0866 2956 [ 5F91EAB16B9BCFFECD58202FBD48F518 ] C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
07:06:50.0866 2956 C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe - ok
07:06:50.0872 2956 [ 7F886D30EF2713A99E717C1AC192D06B ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
07:06:50.0872 2956 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
07:06:50.0878 2956 [ 5EE2E34A4E6E46E0D748E6C1D3BA4EC6 ] C:\Windows\System32\cscapi.dll
07:06:50.0878 2956 C:\Windows\System32\cscapi.dll - ok
07:06:50.0881 2956 [ 449075E8889DE1D57714B8177457D533 ] C:\Windows\System32\dps.dll
07:06:50.0881 2956 C:\Windows\System32\dps.dll - ok
07:06:50.0885 2956 [ 96142856700EC9BD02D2EA30208D1934 ] C:\Windows\System32\wpnservice.dll
07:06:50.0885 2956 C:\Windows\System32\wpnservice.dll - ok
07:06:50.0898 2956 [ 2873E43FD5B22F1076A8C9F65777A04D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\MsDtsSrvr\f4a89b76e21a9063a362e20e3e9416be\MsDtsSrvr.ni.exe
07:06:50.0898 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\MsDtsSrvr\f4a89b76e21a9063a362e20e3e9416be\MsDtsSrvr.ni.exe - ok
07:06:50.0904 2956 [ CAFA5E74679EC39037B5C00F2AB82D7E ] C:\Windows\System32\wlansvc.dll
07:06:50.0904 2956 C:\Windows\System32\wlansvc.dll - ok
07:06:50.0909 2956 [ C91265B3F0BB4C6355AED8A6B735EC2F ] C:\Windows\System32\ReAgent.dll
07:06:50.0909 2956 C:\Windows\System32\ReAgent.dll - ok
07:06:50.0913 2956 [ 01747E0A84F32EBD769A3461A6A27AF3 ] C:\Windows\SysWOW64\clbcatq.dll
07:06:50.0913 2956 C:\Windows\SysWOW64\clbcatq.dll - ok
07:06:50.0932 2956 [ 1C546EB2083C14C6EE79F10A16685F67 ] C:\Windows\System32\srvsvc.dll
07:06:50.0932 2956 C:\Windows\System32\srvsvc.dll - ok
07:06:50.0938 2956 [ 2DF1213455A71E2C453575C425EEE079 ] C:\Windows\System32\wdi.dll
07:06:50.0938 2956 C:\Windows\System32\wdi.dll - ok
07:06:50.0942 2956 [ 88E88D8C1C663769BDD722000A7EB5A7 ] C:\Windows\System32\dbgcore.dll
07:06:50.0942 2956 C:\Windows\System32\dbgcore.dll - ok
07:06:50.0946 2956 [ A851F55E240E5FD5CF444FDA72045A5E ] C:\Windows\System32\onex.dll
07:06:50.0946 2956 C:\Windows\System32\onex.dll - ok
07:06:50.0949 2956 [ 2CA5A7BECA0433EB10ECB4F2F03BB29F ] C:\Windows\System32\sstpsvc.dll
07:06:50.0949 2956 C:\Windows\System32\sstpsvc.dll - ok
07:06:50.0954 2956 [ 129699FE1177E5270804C067623D7F30 ] C:\Windows\System32\wdscore.dll
07:06:50.0955 2956 C:\Windows\System32\wdscore.dll - ok
07:06:50.0960 2956 [ FF0D68C6ED4A6316256BB6E716C767F0 ] C:\Windows\System32\wlanmsm.dll
07:06:50.0960 2956 C:\Windows\System32\wlanmsm.dll - ok
07:06:50.0965 2956 [ A5652D358C6DA7C94C5597AC788919B1 ] C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvrUtil.dll
07:06:50.0965 2956 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvrUtil.dll - ok
07:06:50.0972 2956 [ BCA97819779D7876B6F98C29844CF505 ] C:\Windows\System32\trkwks.dll
07:06:50.0972 2956 C:\Windows\System32\trkwks.dll - ok
07:06:50.0977 2956 [ C2C964BCF7180F69A5E37C5CBA4B1412 ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\xmlrw.dll
07:06:50.0977 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\xmlrw.dll - ok
07:06:50.0981 2956 [ 53109C7E4262E51D2AFF90CA75F59780 ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\xmlrwbin.dll
07:06:50.0981 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\xmlrwbin.dll - ok
07:06:50.0985 2956 [ 89C77EF244F50B1849734623F99F3464 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\42a028787e6a254c511f096a20e29be6\System.Configuration.ni.dll
07:06:50.0986 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\42a028787e6a254c511f096a20e29be6\System.Configuration.ni.dll - ok
07:06:50.0993 2956 [ D90C347C6F88D0E21955BC682CA06918 ] C:\Windows\System32\diagperf.dll
07:06:50.0993 2956 C:\Windows\System32\diagperf.dll - ok
07:06:50.0997 2956 [ 00AD33C25ABF7E7BE7C4982CBE8AF7DF ] C:\Windows\System32\eappprxy.dll
07:06:50.0997 2956 C:\Windows\System32\eappprxy.dll - ok
07:06:51.0001 2956 [ A6ABB00431242A35EA866A182C33B0B0 ] C:\Windows\System32\mi.dll
07:06:51.0001 2956 C:\Windows\System32\mi.dll - ok
07:06:51.0007 2956 [ EF93553049A0DC9619315EDECD96A3C8 ] C:\Windows\System32\miutils.dll
07:06:51.0007 2956 C:\Windows\System32\miutils.dll - ok
07:06:51.0011 2956 [ 0A40BD9006B17DD544722827DEB5371C ] C:\Windows\System32\mlang.dll
07:06:51.0011 2956 C:\Windows\System32\mlang.dll - ok
07:06:51.0014 2956 [ 471846A04C7C4B727828BBD5DD30624C ] C:\Windows\System32\sscore.dll
07:06:51.0014 2956 C:\Windows\System32\sscore.dll - ok
07:06:51.0018 2956 [ 75CF509D00B8D648E97F853522F3A9B7 ] C:\Windows\System32\sscoreext.dll
07:06:51.0018 2956 C:\Windows\System32\sscoreext.dll - ok
07:06:51.0025 2956 [ E83991B17E9EE25DFFCFDA57883A5002 ] C:\Windows\System32\wlansec.dll
07:06:51.0025 2956 C:\Windows\System32\wlansec.dll - ok
07:06:51.0029 2956 [ 80F2A1191FF909612F6B2149BC34D25D ] C:\Windows\SysWOW64\mswsock.dll
07:06:51.0029 2956 C:\Windows\SysWOW64\mswsock.dll - ok
07:06:51.0032 2956 [ 814E43001F3FB159FBB7317DE8D3832A ] C:\Windows\SysWOW64\wshqos.dll
07:06:51.0032 2956 C:\Windows\SysWOW64\wshqos.dll - ok
07:06:51.0038 2956 [ 703CA9A02124E0D377AECD0A0514D3D2 ] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll
07:06:51.0038 2956 C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_8a1a02152edb659b\ATL80.dll - ok
07:06:51.0044 2956 [ D4EC3764AE22944329708984DCC8196A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\f61e7a87e55de9899420c00ebd79f9c0\System.Xml.ni.dll
07:06:51.0044 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\f61e7a87e55de9899420c00ebd79f9c0\System.Xml.ni.dll - ok
07:06:51.0048 2956 [ 623A715A4B528D82315CB8541DBCBF14 ] C:\Windows\System32\httpapi.dll
07:06:51.0048 2956 C:\Windows\System32\httpapi.dll - ok
07:06:51.0052 2956 [ 450E6430481940A25E7B268DCC29A6D4 ] C:\Windows\System32\security.dll
07:06:51.0053 2956 C:\Windows\System32\security.dll - ok
07:06:51.0059 2956 [ 040679147F6EA3928D4643AA598BFA0C ] C:\Windows\System32\wlansvcpal.dll
07:06:51.0059 2956 C:\Windows\System32\wlansvcpal.dll - ok
07:06:51.0063 2956 [ A9BC5F3E3C6406C3C5ABE804FBF7BC76 ] C:\Windows\System32\wmidcom.dll
07:06:51.0063 2956 C:\Windows\System32\wmidcom.dll - ok
07:06:51.0066 2956 [ F5D71C34374C6A5F9FD95DB38C3E66E3 ] C:\Windows\SysWOW64\wship6.dll
07:06:51.0066 2956 C:\Windows\SysWOW64\wship6.dll - ok
07:06:51.0072 2956 [ 4876D6FA718023A3C41221673590F597 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
07:06:51.0072 2956 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
07:06:51.0077 2956 [ 5E636CF2E37A3B2B019DA2FE5FDEF283 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
07:06:51.0077 2956 C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
07:06:51.0082 2956 [ 2CEAEA4EA2851BE29E1F6CDA733D2CBE ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\sqlboot.dll
07:06:51.0082 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\sqlboot.dll - ok
07:06:51.0087 2956 [ 48EA934776B5AA3BEE2510A3C88DBD62 ] C:\Windows\System32\pnpts.dll
07:06:51.0088 2956 C:\Windows\System32\pnpts.dll - ok
07:06:51.0094 2956 [ ACC5828872876B1FAB0132A92B18781A ] C:\Windows\System32\clusapi.dll
07:06:51.0094 2956 C:\Windows\System32\clusapi.dll - ok
07:06:51.0097 2956 [ 438BB0743B2AA510D616AD81ECE2FA08 ] C:\Windows\System32\drivers\ndproxy.sys
07:06:51.0097 2956 C:\Windows\System32\drivers\ndproxy.sys - ok
07:06:51.0101 2956 [ 71A6C25E3B9C7BDF0ACE20958F2CF8C4 ] C:\Windows\System32\drivers\rassstp.sys
07:06:51.0101 2956 C:\Windows\System32\drivers\rassstp.sys - ok
07:06:51.0110 2956 [ 45AB0125043D92394ECD784978AF5E5A ] C:\Windows\System32\perftrack.dll
07:06:51.0110 2956 C:\Windows\System32\perftrack.dll - ok
07:06:51.0114 2956 [ 075E91DAE108281C18BA4B447D0B3092 ] C:\Windows\System32\resutils.dll
07:06:51.0114 2956 C:\Windows\System32\resutils.dll - ok
07:06:51.0118 2956 [ 9DF9BA392F0A0CDBC8EC2B44E57F28EA ] C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll
07:06:51.0118 2956 C:\Program Files\Malwarebytes\Anti-Malware\PoliciesControllerImpl.dll - ok
07:06:51.0126 2956 [ 1E4D128CD72BD41D35C18C06FD35093B ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\Resources\1033\msmdsrv.rll
07:06:51.0126 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\Resources\1033\msmdsrv.rll - ok
07:06:51.0130 2956 [ E475530C814FE2651F550D7DC21B8845 ] C:\Windows\System32\radardt.dll
07:06:51.0130 2956 C:\Windows\System32\radardt.dll - ok
07:06:51.0134 2956 [ B4EA684594613C5D2C600A50D8C62D83 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
07:06:51.0134 2956 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
07:06:51.0139 2956 [ 0E816BB1420C72BF28677576B80B7294 ] C:\Windows\SysWOW64\secur32.dll
07:06:51.0140 2956 C:\Windows\SysWOW64\secur32.dll - ok
07:06:51.0144 2956 [ 20958D22D3A1642F6039716D545251E3 ] C:\Windows\System32\msxml3.dll
07:06:51.0144 2956 C:\Windows\System32\msxml3.dll - ok
07:06:51.0148 2956 [ 42F2BDE4F307A91E6E5AA22A56B3133A ] C:\Windows\SysWOW64\dhcpcsvc.dll
07:06:51.0148 2956 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
07:06:51.0152 2956 [ 66193AC2000AAFECE6B9055E72E8FB54 ] C:\Windows\System32\HNetCfgClient.dll
07:06:51.0152 2956 C:\Windows\System32\HNetCfgClient.dll - ok
07:06:51.0158 2956 [ F9C1FF47F761D4FC09EEE833D226DC06 ] C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll
07:06:51.0158 2956 C:\Program Files\Malwarebytes\Anti-Malware\LicenseControllerImpl.dll - ok
07:06:51.0162 2956 [ 8412671AADE74110F385242CD2BAEA1D ] C:\Windows\System32\FlightSettings.dll
07:06:51.0162 2956 C:\Windows\System32\FlightSettings.dll - ok
07:06:51.0165 2956 [ 267601431DBE55263D605483592B1CFD ] C:\Program Files\Microsoft SQL Server\100\DTS\Binn\DTS.dll
07:06:51.0165 2956 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\DTS.dll - ok
07:06:51.0170 2956 [ B3A17BF375F35123F3CDAD743D59FEDC ] C:\Windows\System32\bcd.dll
07:06:51.0170 2956 C:\Windows\System32\bcd.dll - ok
07:06:51.0176 2956 [ 5DDBDB108881366B3EA947E645698E3A ] C:\Windows\System32\cmdext.dll
07:06:51.0176 2956 C:\Windows\System32\cmdext.dll - ok
07:06:51.0181 2956 [ 2DF79B34F34BEC3031609B7B60805AC9 ] C:\Windows\System32\TetheringIeProvider.dll
07:06:51.0181 2956 C:\Windows\System32\TetheringIeProvider.dll - ok
07:06:51.0186 2956 [ CA3BDB2DF8F62C689F94A5D3B2936C8E ] C:\Windows\System32\WiFiDisplay.dll
07:06:51.0186 2956 C:\Windows\System32\WiFiDisplay.dll - ok
07:06:51.0192 2956 [ FB7F12D7CD3026CECFECC44E2A8970A2 ] C:\Program Files\Microsoft SQL Server\100\DTS\Binn\dtsmsg100.dll
07:06:51.0192 2956 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\dtsmsg100.dll - ok
07:06:51.0196 2956 [ F8D1CFC92AC0C05FCB8D6F791498E4C9 ] C:\Windows\System32\wpnprv.dll
07:06:51.0196 2956 C:\Windows\System32\wpnprv.dll - ok
07:06:51.0199 2956 [ C222443BA793F4C2DD92AF5B20EF0820 ] C:\Windows\SysWOW64\NapiNSP.dll
07:06:51.0199 2956 C:\Windows\SysWOW64\NapiNSP.dll - ok
07:06:51.0205 2956 [ D43032BCCDA09360AA5BAAFF3039AEA6 ] C:\Windows\SysWOW64\pnrpnsp.dll
07:06:51.0205 2956 C:\Windows\SysWOW64\pnrpnsp.dll - ok
07:06:51.0212 2956 [ 2CEAEA4EA2851BE29E1F6CDA733D2CBE ] C:\Program Files\Microsoft SQL Server\100\Shared\sqlboot.dll
07:06:51.0212 2956 C:\Program Files\Microsoft SQL Server\100\Shared\sqlboot.dll - ok
07:06:51.0215 2956 [ B258A1F67F21FF57F6688248552539CF ] C:\Windows\SysWOW64\nlaapi.dll
07:06:51.0215 2956 C:\Windows\SysWOW64\nlaapi.dll - ok
07:06:51.0220 2956 [ 5D8056CE269CDC09733F228883A8279D ] C:\Windows\SysWOW64\winrnr.dll
07:06:51.0220 2956 C:\Windows\SysWOW64\winrnr.dll - ok
07:06:51.0226 2956 [ 3F361BE7140B83974AB4FA9B7E09D0DC ] C:\Windows\SysWOW64\wshbth.dll
07:06:51.0226 2956 C:\Windows\SysWOW64\wshbth.dll - ok
07:06:51.0230 2956 [ 5842FA067C20D55C5B19CFD4F2C1FCCA ] C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll
07:06:51.0230 2956 C:\Program Files\Malwarebytes\Anti-Malware\UpdateControllerImpl.dll - ok
07:06:51.0233 2956 [ 89F47AF2783D1B2F1A62BE3E58668E85 ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmgdsrv.dll
07:06:51.0233 2956 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\msmgdsrv.dll - ok
07:06:51.0240 2956 [ 68CB0FDBA19607617895016FBC24E3D2 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
07:06:51.0240 2956 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
07:06:51.0246 2956 [ 2CEAEA4EA2851BE29E1F6CDA733D2CBE ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlboot.dll
07:06:51.0246 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlboot.dll - ok
07:06:51.0249 2956 [ 132DBA978096923AC29275ACD818D4DC ] C:\Windows\System32\rasmans.dll
07:06:51.0249 2956 C:\Windows\System32\rasmans.dll - ok
07:06:51.0255 2956 [ E9BCF3B07E211C4548F4382735EF4DA7 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17763.195_none_10e7e428642b2110\comctl32.dll
07:06:51.0255 2956 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17763.195_none_10e7e428642b2110\comctl32.dll - ok
07:06:51.0262 2956 [ 2FDD435350463DA6FB116C9F21EE2908 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\4b988ed824732c8c3c9cec0267ee171f\Microsoft.SqlServer.DtsServer.Interop.ni.dll
07:06:51.0262 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SqlServer#\4b988ed824732c8c3c9cec0267ee171f\Microsoft.SqlServer.DtsServer.Interop.ni.dll - ok
07:06:51.0265 2956 [ 4CE975E6E17E50ABCF86F6D4E587AB71 ] C:\Windows\System32\riched20.dll
07:06:51.0265 2956 C:\Windows\System32\riched20.dll - ok
07:06:51.0270 2956 [ 65DD3CF948F18A9E88867493DB3A4400 ] C:\Windows\System32\usp10.dll
07:06:51.0270 2956 C:\Windows\System32\usp10.dll - ok
07:06:51.0276 2956 [ 20AA8A4C048AE151B9B0F6C945DA1C5D ] C:\Windows\System32\dmcmnutils.dll
07:06:51.0276 2956 C:\Windows\System32\dmcmnutils.dll - ok
07:06:51.0280 2956 [ AF17F63DFDE9F19BBE730A1ED86DFEF0 ] C:\Windows\System32\drivers\agilevpn.sys
07:06:51.0280 2956 C:\Windows\System32\drivers\agilevpn.sys - ok
07:06:51.0283 2956 [ C7F932BF5ED6778917C8B4A939504718 ] C:\Windows\System32\msls31.dll
07:06:51.0283 2956 C:\Windows\System32\msls31.dll - ok
07:06:51.0288 2956 [ 06C66FF5CCDC2D22344A3EB761A4D38A ] C:\Windows\System32\wbem\WmiPrvSE.exe
07:06:51.0288 2956 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
07:06:51.0294 2956 [ B7664DCF21EE4C22FEFB7AD23AC3C921 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcm80.dll
07:06:51.0294 2956 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_88e038cb2fae7c50\msvcm80.dll - ok
07:06:51.0297 2956 [ DCE1626DED5C7E08C733BAC6561BD12D ] C:\Windows\System32\wlgpclnt.dll
07:06:51.0297 2956 C:\Windows\System32\wlgpclnt.dll - ok
07:06:51.0302 2956 [ AA6CE184DC4C9429669DE42B903525A5 ] C:\Windows\SysWOW64\icmp.dll
07:06:51.0302 2956 C:\Windows\SysWOW64\icmp.dll - ok
07:06:51.0310 2956 [ 241CBF975FB1D6E46921FF8A724A7917 ] C:\Windows\System32\omadmapi.dll
07:06:51.0310 2956 C:\Windows\System32\omadmapi.dll - ok
07:06:51.0313 2956 [ 7297BD64865B7458EB432331FDFD42BC ] C:\Windows\System32\Windows.StateRepositoryCore.dll
07:06:51.0313 2956 C:\Windows\System32\Windows.StateRepositoryCore.dll - ok
07:06:51.0317 2956 [ B99E18274522185CEAD84FBC5C130186 ] C:\Windows\System32\dafupnp.dll
07:06:51.0317 2956 C:\Windows\System32\dafupnp.dll - ok
07:06:51.0323 2956 [ 6E28E1CE915FE617D4F38BFB8543696F ] C:\Windows\System32\drivers\rasl2tp.sys
07:06:51.0323 2956 C:\Windows\System32\drivers\rasl2tp.sys - ok
07:06:51.0328 2956 [ CB9BFBE6A61F6A9A5CAAC18C133270CD ] C:\Windows\SysWOW64\imm32.dll
07:06:51.0328 2956 C:\Windows\SysWOW64\imm32.dll - ok
07:06:51.0331 2956 [ 2B6E36CD13D06B32926BA2AE4150AF2A ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
07:06:51.0331 2956 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
07:06:51.0335 2956 [ 3515CD197282D7C867DCBD973CD44E3E ] C:\Windows\System32\drivers\raspptp.sys
07:06:51.0335 2956 C:\Windows\System32\drivers\raspptp.sys - ok
07:06:51.0342 2956 [ 8210F7234832CBD6A0E819572FBFFA35 ] C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
07:06:51.0342 2956 C:\Program Files (x86)\GlassWire\GWCtlSrv.exe - ok
07:06:51.0346 2956 [ 039F154D7AA72CB03405F50EB5E5B44D ] C:\Windows\System32\WlanRadioManager.dll
07:06:51.0346 2956 C:\Windows\System32\WlanRadioManager.dll - ok
07:06:51.0349 2956 [ 252FDEF9B98564F47A36CF11911D926C ] C:\Windows\System32\drivers\raspppoe.sys
07:06:51.0349 2956 C:\Windows\System32\drivers\raspppoe.sys - ok
07:06:51.0355 2956 [ 2173BFC80F82F06D55A2A0E72B63DDB3 ] C:\Windows\System32\wifinetworkmanager.dll
07:06:51.0355 2956 C:\Windows\System32\wifinetworkmanager.dll - ok
07:06:51.0362 2956 [ 95AA2DE6A0E2F58A97F064BAF83CF78A ] C:\Windows\System32\wlanhlp.dll
07:06:51.0362 2956 C:\Windows\System32\wlanhlp.dll - ok
07:06:51.0366 2956 [ E997374B5EBB4FC5528B4F653B2E6CAB ] C:\Windows\System32\drivers\ndistapi.sys
07:06:51.0366 2956 C:\Windows\System32\drivers\ndistapi.sys - ok
07:06:51.0371 2956 [ 3414EAC66A02A3FAB5F61F17AEC156D5 ] C:\Windows\System32\wwapi.dll
07:06:51.0371 2956 C:\Windows\System32\wwapi.dll - ok
07:06:51.0378 2956 [ 1695661A5FE530890AC22762980D2DFB ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17763.195_none_58951aff78a74a16\comctl32.dll
07:06:51.0378 2956 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.17763.195_none_58951aff78a74a16\comctl32.dll - ok
07:06:51.0382 2956 [ F9FACC5EA4D793F8265F30C2DA0EDBA7 ] C:\Windows\System32\drivers\ndiswan.sys
07:06:51.0382 2956 C:\Windows\System32\drivers\ndiswan.sys - ok
07:06:51.0386 2956 [ E90D56CBBF0C34F0F3B54717703F079C ] C:\Windows\System32\edputil.dll
07:06:51.0387 2956 C:\Windows\System32\edputil.dll - ok
07:06:51.0393 2956 [ 06B6E9408BCE355CE4DA24FD7609F93C ] C:\Windows\System32\ssdpsrv.dll
07:06:51.0393 2956 C:\Windows\System32\ssdpsrv.dll - ok
07:06:51.0397 2956 [ CD023B633F9005F65C0FB396E1DF0F79 ] C:\Windows\System32\tetheringclient.dll
07:06:51.0397 2956 C:\Windows\System32\tetheringclient.dll - ok
07:06:51.0400 2956 [ 708198EA6AC0BB519AFA3A95A419E31A ] C:\Windows\System32\aepic.dll
07:06:51.0401 2956 C:\Windows\System32\aepic.dll - ok
07:06:51.0406 2956 [ AD42210CADBCE525050ACBA450AC5ABE ] C:\Windows\System32\srumsvc.dll
07:06:51.0406 2956 C:\Windows\System32\srumsvc.dll - ok
07:06:51.0412 2956 [ D7B51B1B48357D4243D1B540E0487E24 ] C:\Windows\System32\wbem\cimwin32.dll
07:06:51.0412 2956 C:\Windows\System32\wbem\cimwin32.dll - ok
07:06:51.0416 2956 [ 368D14219C2F13DF11BE71924632B9CE ] C:\Windows\System32\framedynos.dll
07:06:51.0416 2956 C:\Windows\System32\framedynos.dll - ok
07:06:51.0420 2956 [ 80118C73ED5E5FB800875585DE4370C3 ] C:\Windows\System32\wlidsvc.dll
07:06:51.0420 2956 C:\Windows\System32\wlidsvc.dll - ok
07:06:51.0427 2956 [ 10E74C88B3366DE2140DAA1FCFCD08FE ] C:\Windows\SysWOW64\rasadhlp.dll
07:06:51.0427 2956 C:\Windows\SysWOW64\rasadhlp.dll - ok
07:06:51.0430 2956 [ 351D0D5CA2BECF579D7424273B7A6F55 ] C:\Windows\System32\CellularAPI.dll
07:06:51.0430 2956 C:\Windows\System32\CellularAPI.dll - ok
07:06:51.0434 2956 [ F687CBDC805890CED9DAB5F2C193F004 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
07:06:51.0435 2956 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
07:06:51.0440 2956 [ F2376080917DFE8AA704E8FE60F9F08C ] C:\Windows\System32\Clipc.dll
07:06:51.0441 2956 C:\Windows\System32\Clipc.dll - ok
07:06:51.0445 2956 [ 5EE4663BAEB8A64CFA303288EFA2E802 ] C:\Windows\System32\netwphelper.dll
07:06:51.0445 2956 C:\Windows\System32\netwphelper.dll - ok
07:06:51.0449 2956 [ 02620016F5AB7CE7EA7EA6341E6CA0D9 ] C:\Windows\System32\rilproxy.dll
07:06:51.0449 2956 C:\Windows\System32\rilproxy.dll - ok
07:06:51.0453 2956 [ A1F58FFF448E4099297D6EE0641D4D0E ] C:\Program Files (x86)\Dropbox\Update\1.3.141.1\DropboxCrashHandler.exe
07:06:51.0453 2956 C:\Program Files (x86)\Dropbox\Update\1.3.141.1\DropboxCrashHandler.exe - ok
07:06:51.0460 2956 [ 581B11745A2EB7987A1039A09D3F0FF1 ] C:\Windows\SysWOW64\mstask.dll
07:06:51.0460 2956 C:\Windows\SysWOW64\mstask.dll - ok
07:06:51.0465 2956 [ 5E5BCE41589AB21999B0441CDCA4A3FD ] C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeServer.dll
07:06:51.0465 2956 C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeServer.dll - ok
07:06:51.0469 2956 [ 0C623C912BCF1DA4CE0CE826DDBBACAF ] C:\Windows\System32\rastapi.dll
07:06:51.0469 2956 C:\Windows\System32\rastapi.dll - ok
07:06:51.0475 2956 [ D82E4A59A084B8B18CB5C17F3D218FE7 ] C:\Windows\System32\eeprov.dll
07:06:51.0475 2956 C:\Windows\System32\eeprov.dll - ok
07:06:51.0480 2956 [ 4CAD91247889D6D32F5A53D0BB875007 ] C:\Windows\SysWOW64\imagehlp.dll
07:06:51.0480 2956 C:\Windows\SysWOW64\imagehlp.dll - ok
07:06:51.0484 2956 [ 9AFD38E3F223C730888F3B634FA9E833 ] C:\Windows\System32\nduprov.dll
07:06:51.0484 2956 C:\Windows\System32\nduprov.dll - ok
07:06:51.0489 2956 [ 6E9D092513444F5D48F25B14784DEB4D ] C:\Windows\System32\vfuprov.dll
07:06:51.0489 2956 C:\Windows\System32\vfuprov.dll - ok
07:06:51.0496 2956 [ A44D27D03056EEC97CF2AFDC658EAB45 ] C:\Windows\System32\rasapi32.dll
07:06:51.0496 2956 C:\Windows\System32\rasapi32.dll - ok
07:06:51.0500 2956 [ 578973A75B1C8E3E57ED0BAF53B0EF02 ] C:\Windows\System32\rasppp.dll
07:06:51.0500 2956 C:\Windows\System32\rasppp.dll - ok
07:06:51.0505 2956 [ BD453526ADCC0560505F75E8AF31CAE7 ] C:\Windows\System32\appsruprov.dll
07:06:51.0505 2956 C:\Windows\System32\appsruprov.dll - ok
07:06:51.0511 2956 [ 9FAE1189A51D762E51E7E772B3C9706C ] C:\Windows\System32\eappcfg.dll
07:06:51.0511 2956 C:\Windows\System32\eappcfg.dll - ok
07:06:51.0515 2956 [ BF7D0605A7C7843FA066BB11AB886088 ] C:\Windows\System32\rasman.dll
07:06:51.0515 2956 C:\Windows\System32\rasman.dll - ok
07:06:51.0517 2956 [ 6856D006AD379B4A21197434AFBB150C ] C:\Windows\System32\vpnike.dll
07:06:51.0517 2956 C:\Windows\System32\vpnike.dll - ok
07:06:51.0524 2956 [ D65CD0BD7C0D036419D2D931C9BB21C2 ] C:\Windows\System32\wpnsruprov.dll
07:06:51.0524 2956 C:\Windows\System32\wpnsruprov.dll - ok
07:06:51.0529 2956 [ CA1F576E793243525382B91FDC334583 ] C:\Windows\System32\dmprocessxmlfiltered.dll
07:06:51.0529 2956 C:\Windows\System32\dmprocessxmlfiltered.dll - ok
07:06:51.0533 2956 [ FB1C8BD20DF9B4AE34F0A3EABD500337 ] C:\Windows\System32\rascustom.dll
07:06:51.0533 2956 C:\Windows\System32\rascustom.dll - ok
07:06:51.0537 2956 [ 58B0209DF4EA950204E2DDDEC8DC23AD ] C:\Windows\SysWOW64\gpapi.dll
07:06:51.0537 2956 C:\Windows\SysWOW64\gpapi.dll - ok
07:06:51.0545 2956 [ FFC3963ED3CD84C38B1F1286FC1BD42E ] C:\Windows\System32\raschap.dll
07:06:51.0545 2956 C:\Windows\System32\raschap.dll - ok
07:06:51.0549 2956 [ 812CE60896D20430B851526F04BCD6C9 ] C:\Windows\SysWOW64\devobj.dll
07:06:51.0549 2956 C:\Windows\SysWOW64\devobj.dll - ok
07:06:51.0554 2956 [ 7559A91318ECC2B8CBA2603F09AF4A13 ] C:\Windows\System32\msauserext.dll
07:06:51.0554 2956 C:\Windows\System32\msauserext.dll - ok
07:06:51.0560 2956 [ 9657F93666EF0129FAAEBC176170B1C0 ] C:\Windows\System32\ngcpopkeysrv.dll
07:06:51.0560 2956 C:\Windows\System32\ngcpopkeysrv.dll - ok
07:06:51.0564 2956 [ DBE42F525D2266A43E53277725661C55 ] C:\Program Files (x86)\GlassWire\EasyHook32.dll
07:06:51.0564 2956 C:\Program Files (x86)\GlassWire\EasyHook32.dll - ok
07:06:51.0568 2956 [ 1D8C79F293CA86E8857149FB4EFE4452 ] C:\Windows\SysWOW64\msvcp140.dll
07:06:51.0568 2956 C:\Windows\SysWOW64\msvcp140.dll - ok
07:06:51.0573 2956 [ B77EEAEAF5F8493189B89852F3A7A712 ] C:\Windows\SysWOW64\vcruntime140.dll
07:06:51.0573 2956 C:\Windows\SysWOW64\vcruntime140.dll - ok
07:06:51.0578 2956 [ DF71FBA095D2BC4581BCBD6C3BCC7013 ] C:\Windows\SysWOW64\Wldap32.dll
07:06:51.0578 2956 C:\Windows\SysWOW64\Wldap32.dll - ok
07:06:51.0582 2956 [ 7F4AD9AAF536F66C48D85BF27F7C98AF ] C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeClient.dll
07:06:51.0582 2956 C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesNativeClient.dll - ok
07:06:51.0586 2956 [ A7EE09E3F1579599D55EC5CCCA99F8EA ] C:\Windows\SysWOW64\wbemcomn.dll
07:06:51.0586 2956 C:\Windows\SysWOW64\wbemcomn.dll - ok
07:06:51.0593 2956 [ D72CF7ADD761774F916A9FE98C8B9405 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
07:06:51.0593 2956 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
07:06:51.0597 2956 [ 82FF065F045FADE1EB3F76FFEDA4297B ] C:\Windows\System32\wbem\wmiprov.dll
07:06:51.0597 2956 C:\Windows\System32\wbem\wmiprov.dll - ok
07:06:51.0601 2956 [ 17659462930CCD607EE315775EFF8187 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
07:06:51.0601 2956 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
07:06:51.0609 2956 [ 1F4916DAFA29FB3689046C87D8B9B4FE ] C:\Program Files\AVAST Software\Avast\aswpsicx.dll
07:06:51.0609 2956 C:\Program Files\AVAST Software\Avast\aswpsicx.dll - ok
07:06:51.0614 2956 [ 73EC505200D33BC00E063B69465D6665 ] C:\Program Files\AVAST Software\Avast\aswsysx.dll
07:06:51.0614 2956 C:\Program Files\AVAST Software\Avast\aswsysx.dll - ok
07:06:51.0618 2956 [ D1F467D83746CB2CA455AE082F5D8DB5 ] C:\Windows\SysWOW64\wbem\fastprox.dll
07:06:51.0618 2956 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
07:06:51.0624 2956 [ 6C5B522F1210C8C0E13DE715E1938C7C ] C:\Program Files\AVAST Software\Avast\fltlib_wrapper.dll
07:06:51.0624 2956 C:\Program Files\AVAST Software\Avast\fltlib_wrapper.dll - ok
07:06:51.0630 2956 [ 29AEBB3351660240BF68D84D113830A2 ] C:\Windows\System32\winbrand.dll
07:06:51.0630 2956 C:\Windows\System32\winbrand.dll - ok
07:06:51.0633 2956 [ BE954C86E8F094169E32C0FE14D18909 ] C:\Windows\SysWOW64\fltLib.dll
07:06:51.0633 2956 C:\Windows\SysWOW64\fltLib.dll - ok
07:06:51.0637 2956 [ 6C1A1E9C7C20EB652B2B8804282E045E ] C:\Windows\System32\ncryptsslp.dll
07:06:51.0637 2956 C:\Windows\System32\ncryptsslp.dll - ok
07:06:51.0643 2956 [ 04EC32CBCBE1939F95AEF016AA5354D0 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
07:06:51.0644 2956 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
07:06:51.0647 2956 [ 26BBBE6CB5F57D25AA67296B63B455BF ] C:\Windows\System32\dssenh.dll
07:06:51.0647 2956 C:\Windows\System32\dssenh.dll - ok
07:06:51.0652 2956 [ 63E8BE92F87780A669A24F4BFC324D31 ] C:\Windows\System32\mskeyprotect.dll
07:06:51.0652 2956 C:\Windows\System32\mskeyprotect.dll - ok
07:06:51.0658 2956 [ 78BC170F4F411EA796889DB8B184276A ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
07:06:51.0658 2956 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
07:06:51.0663 2956 [ 78FC4EC3004B5C219E816DD948EBF2C6 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
07:06:51.0663 2956 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
07:06:51.0667 2956 [ D3A854099013A3B3914C238D04ECDD27 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\3c6819dea08846accd31d79955904e5b\System.Data.ni.dll
07:06:51.0667 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\3c6819dea08846accd31d79955904e5b\System.Data.ni.dll - ok
07:06:51.0673 2956 [ B96EBFA98FDE73D7C0121C099129C24F ] C:\Program Files\AVAST Software\Avast\AhResIdp.dll
07:06:51.0673 2956 C:\Program Files\AVAST Software\Avast\AhResIdp.dll - ok
07:06:51.0679 2956 [ BFE68DCDCEC8DA50FACDAE269D5B888D ] C:\Program Files\AVAST Software\Avast\aswsecapix.dll
07:06:51.0679 2956 C:\Program Files\AVAST Software\Avast\aswsecapix.dll - ok
07:06:51.0684 2956 [ 244D4C8B4E4D2F416C74A55635AAE5CE ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
07:06:51.0684 2956 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
07:06:51.0688 2956 [ C36267AA7873A95AC2285D856ADA83C6 ] C:\Windows\System32\ncuprov.dll
07:06:51.0688 2956 C:\Windows\System32\ncuprov.dll - ok
07:06:51.0694 2956 [ 1EED0AC8BE35C771C5BA7A647EA0CC2E ] C:\Windows\System32\Windows.StateRepositoryPS.dll
07:06:51.0694 2956 C:\Windows\System32\Windows.StateRepositoryPS.dll - ok
07:06:51.0699 2956 [ 26C416F60349E2198B1E3BF9497260FE ] C:\Program Files\AVAST Software\Avast\aswcmlx.dll
07:06:51.0699 2956 C:\Program Files\AVAST Software\Avast\aswcmlx.dll - ok
07:06:51.0702 2956 [ 2CB9D69FE2F7461945A29DCDD8442E06 ] C:\Program Files\AVAST Software\Avast\aswlogx.dll
07:06:51.0702 2956 C:\Program Files\AVAST Software\Avast\aswlogx.dll - ok
07:06:51.0708 2956 [ E28141004B5FF318CDCEFF8972562E90 ] C:\Windows\System32\AppXDeploymentServer.dll
07:06:51.0708 2956 C:\Windows\System32\AppXDeploymentServer.dll - ok
07:06:51.0714 2956 [ 4B830F84061081EC2ABBA664787B973B ] C:\Windows\System32\energyprov.dll
07:06:51.0714 2956 C:\Windows\System32\energyprov.dll - ok
07:06:51.0717 2956 [ F639BC7932F6AA0BB3EA1485061C30C5 ] C:\Windows\System32\MrmDeploy.dll
07:06:51.0717 2956 C:\Windows\System32\MrmDeploy.dll - ok
07:06:51.0722 2956 [ 6DEBEE59947584CFCB818ED7D4017ED8 ] C:\Windows\System32\schedcli.dll
07:06:51.0722 2956 C:\Windows\System32\schedcli.dll - ok
07:06:51.0728 2956 [ C15688A1216CEE83F1C5154B3B160D86 ] C:\Program Files\AVAST Software\Avast\aswdetallocatorx.dll
07:06:51.0728 2956 C:\Program Files\AVAST Software\Avast\aswdetallocatorx.dll - ok
07:06:51.0731 2956 [ AB490605552765724BA29BE9F97B6737 ] C:\Windows\System32\Windows.StateRepositoryClient.dll
07:06:51.0732 2956 C:\Windows\System32\Windows.StateRepositoryClient.dll - ok
07:06:51.0737 2956 [ E6261E00CDBF720CA4A8E2603291DBB4 ] C:\Program Files\AVAST Software\Avast\aswcommx.dll
07:06:51.0737 2956 C:\Program Files\AVAST Software\Avast\aswcommx.dll - ok
07:06:51.0743 2956 [ CF912158810C6C526D4B295EA0D8B5B0 ] C:\Windows\System32\cldapi.dll
07:06:51.0744 2956 C:\Windows\System32\cldapi.dll - ok
07:06:51.0748 2956 [ 473C5E2851F0DBB106F02B8F35DB5EFC ] C:\Windows\System32\srumapi.dll
07:06:51.0748 2956 C:\Windows\System32\srumapi.dll - ok
07:06:51.0751 2956 [ 049B1BFF95AC05D79EA829CBDA5DE0EA ] C:\Windows\System32\Windows.StateRepositoryBroker.dll
07:06:51.0751 2956 C:\Windows\System32\Windows.StateRepositoryBroker.dll - ok
07:06:51.0756 2956 [ 066737F2DF6314394820ABCC76514070 ] C:\Program Files\AVAST Software\Avast\aswremovalx.dll
07:06:51.0756 2956 C:\Program Files\AVAST Software\Avast\aswremovalx.dll - ok
07:06:51.0762 2956 [ DAADBC77E8F0B0871AF343A6A1A3CC47 ] C:\Windows\System32\AppResolver.dll
07:06:51.0762 2956 C:\Windows\System32\AppResolver.dll - ok
07:06:51.0766 2956 [ 5889681AF5F18F358645C66E84BD7CC2 ] C:\Program Files\AVAST Software\Avast\aswntsqlitex.dll
07:06:51.0766 2956 C:\Program Files\AVAST Software\Avast\aswntsqlitex.dll - ok
07:06:51.0769 2956 [ 83A1C50FE909C904EEA69851CE56D4F4 ] C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll
07:06:51.0769 2956 C:\Windows\System32\Windows.CloudStore.Schema.Shell.dll - ok
07:06:51.0775 2956 [ CB0BD82ECE6072BFD119A2730E1B6AFC ] C:\Windows\System32\wpnapps.dll
07:06:51.0775 2956 C:\Windows\System32\wpnapps.dll - ok
07:06:51.0780 2956 [ 872D45930605CC77225C713072D2A694 ] C:\Windows\System32\wpnclient.dll
07:06:51.0780 2956 C:\Windows\System32\wpnclient.dll - ok
07:06:51.0783 2956 [ EFB8E53226720E0E7C3F9388ACEC1BF0 ] C:\Windows\System32\pcacli.dll
07:06:51.0783 2956 C:\Windows\System32\pcacli.dll - ok
07:06:51.0787 2956 [ CBDF9B86F8F1840C2BC7B797C6769879 ] C:\Program Files\AVAST Software\Avast\aswidpsdkx.dll
07:06:51.0787 2956 C:\Program Files\AVAST Software\Avast\aswidpsdkx.dll - ok
07:06:51.0794 2956 [ 4677B36567AC7B8D1DC659E37225167D ] C:\Windows\System32\igfxEM.exe
07:06:51.0794 2956 C:\Windows\System32\igfxEM.exe - ok
07:06:51.0798 2956 [ 4FF458BE8D738BABEE203740F9A32035 ] C:\Program Files\AVAST Software\Avast\aswwinamapix.dll
07:06:51.0798 2956 C:\Program Files\AVAST Software\Avast\aswwinamapix.dll - ok
07:06:51.0802 2956 [ BF8825D08BC235F0609CA8BBEF4E179C ] C:\Windows\System32\userinit.exe
07:06:51.0802 2956 C:\Windows\System32\userinit.exe - ok
07:06:51.0808 2956 [ B9450D9F1E9ACB75E25FC57027FDDE26 ] C:\Windows\System32\userinitext.dll
07:06:51.0808 2956 C:\Windows\System32\userinitext.dll - ok
07:06:51.0813 2956 [ 45F1B2C26C32D5A5A0C3D415E8988CA5 ] C:\Windows\System32\ContentDeliveryManager.Utilities.dll
07:06:51.0813 2956 C:\Windows\System32\ContentDeliveryManager.Utilities.dll - ok
07:06:51.0816 2956 [ EB58FF4DF93F58A158ABB60776BDC841 ] C:\Windows\SysWOW64\AppXDeploymentClient.dll
07:06:51.0816 2956 C:\Windows\SysWOW64\AppXDeploymentClient.dll - ok
07:06:51.0820 2956 [ E9247B2CFFD0BC61B91C1E44B2141A0B ] C:\Windows\SysWOW64\StateRepository.Core.dll
07:06:51.0821 2956 C:\Windows\SysWOW64\StateRepository.Core.dll - ok
07:06:51.0827 2956 [ A7E2DDABB0A7C7619E731D2833E6A026 ] C:\Program Files\AVAST Software\Avast\aswVmm.dll
07:06:51.0827 2956 C:\Program Files\AVAST Software\Avast\aswVmm.dll - ok
07:06:51.0832 2956 [ 02466F4A9298A6B51DFDC9A56A4A62DA ] C:\Program Files\AVAST Software\Avast\custody.dll
07:06:51.0832 2956 C:\Program Files\AVAST Software\Avast\custody.dll - ok
07:06:51.0835 2956 [ 352DAC96144425744E6BA800340340A1 ] C:\Program Files\AVAST Software\Avast\ffl2.dll
07:06:51.0835 2956 C:\Program Files\AVAST Software\Avast\ffl2.dll - ok
07:06:51.0842 2956 [ A75CF6A7F30DE42BB4DD50BCC92566E0 ] C:\Windows\System32\vaultcli.dll
07:06:51.0842 2956 C:\Windows\System32\vaultcli.dll - ok
07:06:51.0847 2956 [ 31C8B7E0CA7D7B5616D66DB067BC59D3 ] C:\Windows\SysWOW64\samlib.dll
07:06:51.0847 2956 C:\Windows\SysWOW64\samlib.dll - ok
07:06:51.0850 2956 [ 79C918F40E5656A360E8A89937221B20 ] C:\Windows\System32\igfxDH.dll
07:06:51.0850 2956 C:\Windows\System32\igfxDH.dll - ok
07:06:51.0855 2956 [ 6D6C51FF66C66596F33DA458ADF059EF ] C:\Program Files\AVAST Software\Avast\defs\19010204\ArPot.dll
07:06:51.0855 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\ArPot.dll - ok
07:06:51.0863 2956 [ D033CC75DD4CC0856E89B2A87559C2CC ] C:\Windows\explorer.exe
07:06:51.0863 2956 C:\Windows\explorer.exe - ok
07:06:51.0866 2956 [ FA073D6A6BF82E895A7CDC78F7969393 ] C:\Windows\System32\igfxLHM.dll
07:06:51.0866 2956 C:\Windows\System32\igfxLHM.dll - ok
07:06:51.0872 2956 [ 3FBB96DCA2AB609E30AA64385D2B1ECF ] C:\Windows\System32\twinapi.dll
07:06:51.0872 2956 C:\Windows\System32\twinapi.dll - ok
07:06:51.0879 2956 [ 15DF04D2F92176C9A208DE7069867675 ] C:\Windows\System32\igfxDI.dll
07:06:51.0879 2956 C:\Windows\System32\igfxDI.dll - ok
07:06:51.0882 2956 [ 4323D73E6A56D642C8EDC6BC54F5344E ] C:\Windows\System32\opengl32.dll
07:06:51.0882 2956 C:\Windows\System32\opengl32.dll - ok
07:06:51.0886 2956 [ 26250F30D52E1B65F76C437445A333F1 ] C:\Windows\System32\twinui.pcshell.dll
07:06:51.0886 2956 C:\Windows\System32\twinui.pcshell.dll - ok
07:06:51.0891 2956 [ 3E76CE05D73082513D5C773D99D599C9 ] C:\Windows\SysWOW64\wevtapi.dll
07:06:51.0891 2956 C:\Windows\SysWOW64\wevtapi.dll - ok
07:06:51.0897 2956 [ D712BB165B278695FCFAB789166FD654 ] C:\Windows\System32\d3d10_1.dll
07:06:51.0897 2956 C:\Windows\System32\d3d10_1.dll - ok
07:06:51.0900 2956 [ 4DC30F697E66D1720A12EB478BD5C2BE ] C:\Windows\System32\d3d10_1core.dll
07:06:51.0900 2956 C:\Windows\System32\d3d10_1core.dll - ok
07:06:51.0904 2956 [ 2318B2A5EF692E45EF67D9AAED52969C ] C:\Windows\System32\glu32.dll
07:06:51.0904 2956 C:\Windows\System32\glu32.dll - ok
07:06:51.0911 2956 [ ADE04BC33BF8C598170508354B8C6C9D ] C:\Windows\System32\igfxHK.exe
07:06:51.0911 2956 C:\Windows\System32\igfxHK.exe - ok
07:06:51.0916 2956 [ CE09519F486D58E370A335F879DA6A35 ] C:\Windows\SysWOW64\wlanapi.dll
07:06:51.0916 2956 C:\Windows\SysWOW64\wlanapi.dll - ok
07:06:51.0919 2956 [ 4B77F79276C84DF99DE29C18E37FC5C1 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\d3f2f9929b02c8efe419a77598993908\System.Transactions.ni.dll
07:06:51.0919 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\d3f2f9929b02c8efe419a77598993908\System.Transactions.ni.dll - ok
07:06:51.0924 2956 [ 1BF1820BFBE94BBBD1D1A324BB5BC496 ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
07:06:51.0925 2956 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
07:06:51.0930 2956 [ 11CE5856486B1AEA6F648479BB6A4FA6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\2bcf2e88a76482b3a328381696803df3\System.EnterpriseServices.ni.dll
07:06:51.0930 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.EnterpriseSe#\2bcf2e88a76482b3a328381696803df3\System.EnterpriseServices.ni.dll - ok
07:06:51.0934 2956 [ 550D2E9CC1865B5230ED5ADEF1A2A7A2 ] C:\Windows\System32\ntdsapi.dll
07:06:51.0934 2956 C:\Windows\System32\ntdsapi.dll - ok
07:06:51.0938 2956 [ F878DA721D14A7668E2898343F62FA19 ] C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll
07:06:51.0938 2956 C:\Windows\SysWOW64\OnDemandConnRouteHelper.dll - ok
07:06:51.0945 2956 [ F3E1B4D249B9E2E820870A3C1ED82AC8 ] C:\Windows\System32\igfxTray.exe
07:06:51.0945 2956 C:\Windows\System32\igfxTray.exe - ok
07:06:51.0948 2956 [ DE6DC86EDD7D169C70BB5422BA525CB7 ] C:\Windows\SysWOW64\webio.dll
07:06:51.0949 2956 C:\Windows\SysWOW64\webio.dll - ok
07:06:51.0951 2956 [ 8C1FCAAA2263CE68ACBBAE1F8B8298C1 ] C:\Program Files\AVAST Software\Avast\gui_cache.dll
07:06:51.0952 2956 C:\Program Files\AVAST Software\Avast\gui_cache.dll - ok
07:06:51.0956 2956 [ 94806CBBCBEF9E09EC6CE73AC64F23E3 ] C:\Windows\System32\StartTileData.dll
07:06:51.0956 2956 C:\Windows\System32\StartTileData.dll - ok
07:06:51.0962 2956 [ 3EF9D06EE1B3B7C43180230321323978 ] C:\Windows\System32\cryptnet.dll
07:06:51.0962 2956 C:\Windows\System32\cryptnet.dll - ok
07:06:51.0967 2956 [ F6F7E2A663482CECE4B9B98A249D28B5 ] C:\Windows\System32\SecureTimeAggregator.dll
07:06:51.0967 2956 C:\Windows\System32\SecureTimeAggregator.dll - ok
07:06:51.0970 2956 [ BA3A4D3059D944D7B591FC022F8E753D ] C:\Windows\System32\vbsapi.dll
07:06:51.0970 2956 C:\Windows\System32\vbsapi.dll - ok
07:06:51.0976 2956 [ ADAD15298AD0D593FAF61BB89D538D73 ] C:\Windows\System32\wscsvc.dll
07:06:51.0976 2956 C:\Windows\System32\wscsvc.dll - ok
07:06:51.0983 2956 [ BFF3051BD88C46D3728231A287697BA2 ] C:\Windows\System32\SecurityCenterBroker.dll
07:06:51.0983 2956 C:\Windows\System32\SecurityCenterBroker.dll - ok
07:06:51.0986 2956 [ 29E7C5988F2944FAE23E15DCB089A47A ] C:\Windows\SysWOW64\FirewallAPI.dll
07:06:51.0987 2956 C:\Windows\SysWOW64\FirewallAPI.dll - ok
07:06:51.0993 2956 [ BD901E4070E5B9D9528B8E71B5C56BC6 ] C:\Windows\SysWOW64\fwbase.dll
07:06:51.0993 2956 C:\Windows\SysWOW64\fwbase.dll - ok
07:06:51.0998 2956 [ 393AF247AAE46C04B5C4D82F2C706989 ] C:\Windows\SysWOW64\netprofm.dll
07:06:51.0998 2956 C:\Windows\SysWOW64\netprofm.dll - ok
07:06:52.0002 2956 [ A939CDAB068CF5775E29D8B915042BA2 ] C:\Windows\System32\appinfo.dll
07:06:52.0002 2956 C:\Windows\System32\appinfo.dll - ok
07:06:52.0006 2956 [ 5F9BDBFC8DB838B36C126C4BFBB58152 ] C:\Windows\SysWOW64\npmproxy.dll
07:06:52.0006 2956 C:\Windows\SysWOW64\npmproxy.dll - ok
07:06:52.0012 2956 [ 6B4BE68B00DA5E2776AB1F06D589AC84 ] C:\Windows\System32\appinfoext.dll
07:06:52.0012 2956 C:\Windows\System32\appinfoext.dll - ok
07:06:52.0016 2956 [ 05B30AB4768E5108E18986A5867C68F7 ] C:\Windows\System32\runonce.exe
07:06:52.0016 2956 C:\Windows\System32\runonce.exe - ok
07:06:52.0019 2956 [ F3B8FA56C28691DB4AABDAE96F9D9FC1 ] C:\Windows\System32\SettingSyncPolicy.dll
07:06:52.0019 2956 C:\Windows\System32\SettingSyncPolicy.dll - ok
07:06:52.0023 2956 [ 9757EA3CF0E4554CC674DE61DF28E1B3 ] C:\Windows\SysWOW64\fwpolicyiomgr.dll
07:06:52.0023 2956 C:\Windows\SysWOW64\fwpolicyiomgr.dll - ok
07:06:52.0030 2956 [ 994F0AC771D118A9D087201D8C02C4F8 ] C:\Windows\System32\SndVolSSO.dll
07:06:52.0030 2956 C:\Windows\System32\SndVolSSO.dll - ok
07:06:52.0033 2956 [ 6362D90DA142ED5F8CA68B5D7BC92F21 ] C:\Windows\System32\oleacc.dll
07:06:52.0033 2956 C:\Windows\System32\oleacc.dll - ok
07:06:52.0036 2956 [ 2BBDC1DA14CB5020C4FBC201A11BC5F4 ] C:\Windows\SysWOW64\wscapi.dll
07:06:52.0037 2956 C:\Windows\SysWOW64\wscapi.dll - ok
07:06:52.0042 2956 [ 7C0B0898904ED2E371B805AC9A05887B ] C:\Windows\System32\DataExchange.dll
07:06:52.0042 2956 C:\Windows\System32\DataExchange.dll - ok
07:06:52.0048 2956 [ 6FEF96ED9F43ADB12929A3E84856C6FB ] C:\Windows\SysWOW64\runonce.exe
07:06:52.0048 2956 C:\Windows\SysWOW64\runonce.exe - ok
07:06:52.0051 2956 [ 8C70C412056C347F3C79CD212114B61F ] C:\Windows\System32\ExplorerFrame.dll
07:06:52.0051 2956 C:\Windows\System32\ExplorerFrame.dll - ok
07:06:52.0056 2956 [ 5CFE97DD2365AFAE341C370CAF85FE1A ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
07:06:52.0056 2956 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
07:06:52.0063 2956 [ 5631B6A19CB310E09E987A37009D659B ] C:\Program Files\AVAST Software\Avast\defs\19010204\exts.dll
07:06:52.0063 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\exts.dll - ok
07:06:52.0067 2956 [ AC6503853A66FAD60188DC726F2EFB7C ] C:\Windows\SysWOW64\dpapi.dll
07:06:52.0067 2956 C:\Windows\SysWOW64\dpapi.dll - ok
07:06:52.0070 2956 [ AD0BF4D446C118DAD7E42F15CFC26075 ] C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll
07:06:52.0070 2956 C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll - ok
07:06:52.0077 2956 [ 13AF5E5D911A78EEDB05071C024CAB8A ] C:\Windows\System32\thumbcache.dll
07:06:52.0077 2956 C:\Windows\System32\thumbcache.dll - ok
07:06:52.0081 2956 [ F0D411B8A03CB896B2122602B16776E4 ] C:\Program Files\AVAST Software\Avast\aswDnsCache.dll
07:06:52.0081 2956 C:\Program Files\AVAST Software\Avast\aswDnsCache.dll - ok
07:06:52.0085 2956 [ 2E78F40D45828674F073669DC2302FEF ] C:\Program Files\AVAST Software\Avast\hns_tools.dll
07:06:52.0085 2956 C:\Program Files\AVAST Software\Avast\hns_tools.dll - ok
07:06:52.0089 2956 [ 68656EE3F92E1ADC436DE7BFB22094CC ] C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
07:06:52.0089 2956 C:\Program Files\AVAST Software\Avast\wsc_proxy.exe - ok
07:06:52.0097 2956 [ 9C9388AEB9AF802D79A3F6C466600FEB ] C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
07:06:52.0097 2956 C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe - ok
07:06:52.0100 2956 [ 5597C11511E6407EDC0BECCDC7D6CD8C ] C:\Program Files\AVAST Software\Avast\wsc.dll
07:06:52.0100 2956 C:\Program Files\AVAST Software\Avast\wsc.dll - ok
07:06:52.0106 2956 [ AB1EC3FD9A545D762BEFAACB97B6D912 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
07:06:52.0106 2956 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
07:06:52.0114 2956 [ A42F35E91EAA866757AFDA8C405C7C40 ] C:\Windows\System32\wuceffects.dll
07:06:52.0114 2956 C:\Windows\System32\wuceffects.dll - ok
07:06:52.0117 2956 [ E79E0BCCA6DAEB922BD447A806CC541A ] C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
07:06:52.0117 2956 C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll - ok
07:06:52.0122 2956 [ D396985225D85CAA7D743D67C7DA6316 ] C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\msvcp140.dll
07:06:52.0122 2956 C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\msvcp140.dll - ok
07:06:52.0129 2956 [ 3CAA9A163FA7EFBC8DE70320903C7127 ] C:\Program Files\AVAST Software\Avast\x64\aswCmnBS.dll
07:06:52.0129 2956 C:\Program Files\AVAST Software\Avast\x64\aswCmnBS.dll - ok
07:06:52.0133 2956 [ 3FDBDE0C62ED677534095ECEE5E1153C ] C:\Program Files\AVAST Software\Avast\x64\aswsysa.dll
07:06:52.0133 2956 C:\Program Files\AVAST Software\Avast\x64\aswsysa.dll - ok
07:06:52.0137 2956 [ 259A4C824E9DD859A874F7D6E8D924DF ] C:\Program Files\AVAST Software\Avast\rescue_disk.dll
07:06:52.0137 2956 C:\Program Files\AVAST Software\Avast\rescue_disk.dll - ok
07:06:52.0145 2956 [ 0FF7697C98CCD6B9AE93029232BFE9C4 ] C:\Program Files\AVAST Software\Avast\x64\aswCmnIS.dll
07:06:52.0145 2956 C:\Program Files\AVAST Software\Avast\x64\aswCmnIS.dll - ok
07:06:52.0149 2956 [ DD11D7AA8EF7973E5F1589D1FD593806 ] C:\Program Files\AVAST Software\Avast\x64\aswCmnOS.dll
07:06:52.0149 2956 C:\Program Files\AVAST Software\Avast\x64\aswCmnOS.dll - ok
07:06:52.0153 2956 [ 9A53905892D9C9F3BF9D295C8B32E446 ] C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\vcruntime140.dll
07:06:52.0153 2956 C:\Windows\WinSxS\amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.25325.0_none_586e9d411a1940c6\vcruntime140.dll - ok
07:06:52.0158 2956 [ 44D13FA440936CCDEF1B88E036003E81 ] C:\Program Files\AVAST Software\Avast\aswUrlCache.dll
07:06:52.0158 2956 C:\Program Files\AVAST Software\Avast\aswUrlCache.dll - ok
07:06:52.0163 2956 [ 35996EFA1DA704634E28957364CA6D4D ] C:\Windows\System32\ELSCore.dll
07:06:52.0163 2956 C:\Windows\System32\ELSCore.dll - ok
07:06:52.0167 2956 [ FF2454AB1612F03B58F8BC6BCD4EA0C3 ] C:\Windows\System32\elsTrans.dll
07:06:52.0167 2956 C:\Windows\System32\elsTrans.dll - ok
07:06:52.0170 2956 [ F0CC2D82673162350BF3DD5615297FC1 ] C:\Program Files\AVAST Software\Avast\x64\AavmRpch.dll
07:06:52.0171 2956 C:\Program Files\AVAST Software\Avast\x64\AavmRpch.dll - ok
07:06:52.0178 2956 [ 64A4D8E1FF1DA03416C88792C66C1029 ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
07:06:52.0178 2956 C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
07:06:52.0183 2956 [ 60CA3AD72EFB8F9990698B7CE2E87608 ] C:\Windows\SysWOW64\wscisvif.dll
07:06:52.0183 2956 C:\Windows\SysWOW64\wscisvif.dll - ok
07:06:52.0187 2956 [ 2CDE19E95556B529C9A07A056D7123E4 ] C:\Windows\SysWOW64\wscproxystub.dll
07:06:52.0187 2956 C:\Windows\SysWOW64\wscproxystub.dll - ok
07:06:52.0192 2956 [ B89EC2A259BA46C517AE764B2AA08CEA ] C:\Program Files\AVAST Software\Avast\shepherdsync.dll
07:06:52.0192 2956 C:\Program Files\AVAST Software\Avast\shepherdsync.dll - ok
07:06:52.0198 2956 [ 4A749E337E64DC8F12BB423DA930A51A ] C:\Program Files\AVAST Software\Avast\x64\aswcmla.dll
07:06:52.0198 2956 C:\Program Files\AVAST Software\Avast\x64\aswcmla.dll - ok
07:06:52.0201 2956 [ FED9AB89CEA58D22566DBF65DB3A5BDC ] C:\Windows\System32\CBDHSvc.dll
07:06:52.0201 2956 C:\Windows\System32\CBDHSvc.dll - ok
07:06:52.0206 2956 [ 1CB15A407354185F858BA127A44CD883 ] C:\Program Files\AVAST Software\Avast\x64\libcrypto-1_1-x64.dll
07:06:52.0207 2956 C:\Program Files\AVAST Software\Avast\x64\libcrypto-1_1-x64.dll - ok
07:06:52.0213 2956 [ 0B64D9BAD243ED541A599BBA8AD468DC ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
07:06:52.0213 2956 C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
07:06:52.0219 2956 [ F5FFB8ED5B44E2C62F30FAF8011E8C23 ] C:\Program Files\AVAST Software\Avast\TuneupBin\TuneupSmartScan.dll
07:06:52.0219 2956 C:\Program Files\AVAST Software\Avast\TuneupBin\TuneupSmartScan.dll - ok
07:06:52.0224 2956 [ 9C8843AF168515A4DBD5420C895C5482 ] C:\Program Files\AVAST Software\Avast\x64\aswloga.dll
07:06:52.0224 2956 C:\Program Files\AVAST Software\Avast\x64\aswloga.dll - ok
07:06:52.0231 2956 [ AB9F419F4545FD6E8A3B8CE714021A37 ] C:\Windows\SysWOW64\edputil.dll
07:06:52.0231 2956 C:\Windows\SysWOW64\edputil.dll - ok
07:06:52.0234 2956 [ CEEAA1AA6C9F90DE0EB292FB6B70E2FA ] C:\Windows\SysWOW64\cldapi.dll
07:06:52.0234 2956 C:\Windows\SysWOW64\cldapi.dll - ok
07:06:52.0238 2956 [ D0CF4A34AC21E54B4736D02FC5858A83 ] C:\Program Files\AVAST Software\Avast\x64\aswcomma.dll
07:06:52.0238 2956 C:\Program Files\AVAST Software\Avast\x64\aswcomma.dll - ok
07:06:52.0245 2956 [ E176BEB6C542ECEA2BA3D7F3BE3895F9 ] C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll
07:06:52.0245 2956 C:\Program Files\Malwarebytes\Anti-Malware\CloudControllerImpl.dll - ok
07:06:52.0250 2956 [ 82FA8887674DAAFFE7F9AC66BCF98D27 ] C:\Windows\SysWOW64\rasapi32.dll
07:06:52.0250 2956 C:\Windows\SysWOW64\rasapi32.dll - ok
07:06:52.0253 2956 [ A5E66DD1EAF54AFC5E6C2C2DAE137004 ] C:\Windows\SysWOW64\sfc.dll
07:06:52.0253 2956 C:\Windows\SysWOW64\sfc.dll - ok
07:06:52.0258 2956 [ 5A168BC0B98170B516D7CFE837C849CC ] C:\Windows\SysWOW64\WinTypes.dll
07:06:52.0258 2956 C:\Windows\SysWOW64\WinTypes.dll - ok
07:06:52.0264 2956 [ 23B8B613061BA938098E1D7F526FD3B5 ] C:\Program Files\AVAST Software\Avast\x64\aswdetallocatora.dll
07:06:52.0264 2956 C:\Program Files\AVAST Software\Avast\x64\aswdetallocatora.dll - ok
07:06:52.0267 2956 [ CBB4B3CC8A003302671E8BB88F9958EA ] C:\Windows\SysWOW64\AppResolver.dll
07:06:52.0268 2956 C:\Windows\SysWOW64\AppResolver.dll - ok
07:06:52.0271 2956 [ 8808F10761B590091294B3C542F87112 ] C:\Windows\SysWOW64\rasman.dll
07:06:52.0271 2956 C:\Windows\SysWOW64\rasman.dll - ok
07:06:52.0275 2956 [ AC8FAEAA70B4DA868F6D33E3352F6F48 ] C:\Windows\SysWOW64\RstrtMgr.dll
07:06:52.0275 2956 C:\Windows\SysWOW64\RstrtMgr.dll - ok
07:06:52.0282 2956 [ 1311999033B01B21B53463AFC28FCE9C ] C:\Windows\SysWOW64\sfc_os.dll
07:06:52.0282 2956 C:\Windows\SysWOW64\sfc_os.dll - ok
07:06:52.0285 2956 [ 9A7A5F46065C00F00D7CAFAE6C34BF2F ] C:\Program Files\AVAST Software\Avast\x64\aswcerta.dll
07:06:52.0285 2956 C:\Program Files\AVAST Software\Avast\x64\aswcerta.dll - ok
07:06:52.0290 2956 [ A0802D3B0E895030460479EA30148A94 ] C:\Windows\SysWOW64\BCP47Langs.dll
07:06:52.0290 2956 C:\Windows\SysWOW64\BCP47Langs.dll - ok
07:06:52.0296 2956 [ 58CBBED6DC46310C7196313D994929D6 ] C:\Windows\SysWOW64\ncrypt.dll
07:06:52.0296 2956 C:\Windows\SysWOW64\ncrypt.dll - ok
07:06:52.0300 2956 [ 94DDDB96EC3E28FEFCC27FFD7080E1D1 ] C:\Windows\SysWOW64\ntasn1.dll
07:06:52.0300 2956 C:\Windows\SysWOW64\ntasn1.dll - ok
07:06:52.0303 2956 [ F268FF22B277E2F414A8BE283E8B034E ] C:\Windows\SysWOW64\slc.dll
07:06:52.0303 2956 C:\Windows\SysWOW64\slc.dll - ok
07:06:52.0310 2956 [ FCA983940C0949B7BDF7246992A40B01 ] C:\Windows\SysWOW64\sppc.dll
07:06:52.0310 2956 C:\Windows\SysWOW64\sppc.dll - ok
07:06:52.0316 2956 [ 58AEEED846D6308A761A52D255C861CE ] C:\Program Files\AVAST Software\Avast\x64\aswpsica.dll
07:06:52.0316 2956 C:\Program Files\AVAST Software\Avast\x64\aswpsica.dll - ok
07:06:52.0319 2956 [ EC68DE8E159EFDDCD2F8BD78DC00AD82 ] C:\Program Files\AVAST Software\Avast\x64\aswProperty.dll
07:06:52.0319 2956 C:\Program Files\AVAST Software\Avast\x64\aswProperty.dll - ok
07:06:52.0323 2956 [ 49A39B84AFF09FEE66BB853130BD860D ] C:\Windows\SysWOW64\cmd.exe
07:06:52.0324 2956 C:\Windows\SysWOW64\cmd.exe - ok
07:06:52.0331 2956 [ 6428F2FC330975288CA3F237F8A150D4 ] C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll
07:06:52.0331 2956 C:\Program Files\AVAST Software\Avast\x64\dll_loader.dll - ok
07:06:52.0334 2956 [ C93EDBA8A0E80E5DF26B37A5C4085AD8 ] C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
07:06:52.0334 2956 C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll - ok
07:06:52.0338 2956 [ BD979FFBCA07C652B771886A626339E8 ] C:\Program Files\AVAST Software\Avast\x64\log.dll
07:06:52.0338 2956 C:\Program Files\AVAST Software\Avast\x64\log.dll - ok
07:06:52.0342 2956 [ A2CC0A771F7507D28D4EA0131695186A ] C:\Program Files\Malwarebytes\Anti-Malware\7z.dll
07:06:52.0342 2956 C:\Program Files\Malwarebytes\Anti-Malware\7z.dll - ok
07:06:52.0350 2956 [ 6C294BA4F53127DF5060D3DD057A2DCA ] C:\Windows\System32\SecurityHealthService.exe
07:06:52.0350 2956 C:\Windows\System32\SecurityHealthService.exe - ok
07:06:52.0354 2956 [ 581F9B1A44A6F342E45DFC9507E09B2E ] C:\Windows\SysWOW64\msimg32.dll
07:06:52.0354 2956 C:\Windows\SysWOW64\msimg32.dll - ok
07:06:52.0359 2956 [ 683277EBCEADE1A03E44E1E9AABB7F17 ] C:\Windows\SysWOW64\oleacc.dll
07:06:52.0359 2956 C:\Windows\SysWOW64\oleacc.dll - ok
07:06:52.0365 2956 [ CC47DEEE592D73A3C6F35B33F49CF7FD ] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17763.195_none_7e4c6068762ed86d\GdiPlus.dll
07:06:52.0365 2956 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17763.195_none_7e4c6068762ed86d\GdiPlus.dll - ok
07:06:52.0371 2956 [ 0D46AF74F673F650DA37FCB16FF327D5 ] C:\Windows\System32\KeyCredMgr.dll
07:06:52.0371 2956 C:\Windows\System32\KeyCredMgr.dll - ok
07:06:52.0376 2956 [ 2ECE376E26B6357BD572CDA3627B2746 ] C:\Windows\System32\TpmCoreProvisioning.dll
07:06:52.0376 2956 C:\Windows\System32\TpmCoreProvisioning.dll - ok
07:06:52.0382 2956 [ AC9DEF8BC6E3303F0ED7A3633C4E44D5 ] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
07:06:52.0383 2956 C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll - ok
07:06:52.0386 2956 [ 41BEE78448831942BBA85201C18F18AA ] C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll
07:06:52.0386 2956 C:\Program Files\Malwarebytes\Anti-Malware\TelemetryControllerImpl.dll - ok
07:06:52.0392 2956 [ 57D8C8F5F46B336ECE4B12B5F27F450A ] C:\Windows\SysWOW64\logoncli.dll
07:06:52.0392 2956 C:\Windows\SysWOW64\logoncli.dll - ok
07:06:52.0398 2956 [ 99832256163D6C6BCCC6F5753ACBDFFF ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll
07:06:52.0398 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
07:06:52.0401 2956 [ 56417EA2E2453D87274912BDE73FA355 ] C:\Program Files\Windows Defender\MpClient.dll
07:06:52.0401 2956 C:\Program Files\Windows Defender\MpClient.dll - ok
07:06:52.0405 2956 [ 351219B502AB7843DC1CAAB1675F7986 ] C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll
07:06:52.0405 2956 C:\Program Files\Malwarebytes\Anti-Malware\CleanControllerImpl.dll - ok
07:06:52.0411 2956 [ B70A38BD67559162182958E35DBFAF30 ] C:\Windows\System32\sfc.dll
07:06:52.0411 2956 C:\Windows\System32\sfc.dll - ok
07:06:52.0416 2956 [ 4E2EDC19EC66F29A9A08A1EE428F863F ] C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll
07:06:52.0416 2956 C:\Program Files\Malwarebytes\Anti-Malware\ScanControllerImpl.dll - ok
07:06:52.0420 2956 [ 2BAC586D6216C57909E72AB7B62A8B6C ] C:\Windows\System32\SecurityHealthProxyStub.dll
07:06:52.0420 2956 C:\Windows\System32\SecurityHealthProxyStub.dll - ok
07:06:52.0424 2956 [ 628FC29985B8B22C92D1F85B8C13A1EF ] C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll
07:06:52.0424 2956 C:\Program Files\Malwarebytes\Anti-Malware\ActionsShim.dll - ok
07:06:52.0431 2956 [ 496FCA2B0E9572B460D1A1C153B7EA91 ] C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll
07:06:52.0431 2956 C:\Program Files\Malwarebytes\Anti-Malware\MBAMShim.dll - ok
07:06:52.0434 2956 [ 8B78B1BB365D9F877ABF8F8B493BAD9A ] C:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
07:06:52.0434 2956 C:\Program Files\AVAST Software\Avast\x64\vaarclient.dll - ok
07:06:52.0438 2956 [ EC616485F4065A79483FCF46EC064226 ] C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
07:06:52.0438 2956 C:\Program Files\AVAST Software\Avast\x64\ffl2.dll - ok
07:06:52.0444 2956 [ 1420AD0AF20C9386C1F67E4262CBE366 ] C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll
07:06:52.0444 2956 C:\Program Files\Malwarebytes\Anti-Malware\SwissarmyShim.dll - ok
07:06:52.0449 2956 [ 73A90462B7BA7491CF9B64FF071FCB39 ] C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll
07:06:52.0449 2956 C:\Program Files\Malwarebytes\Anti-Malware\Actions.dll - ok
07:06:52.0453 2956 [ 349A42C19107E32C3A467B7B86F143E2 ] C:\Windows\SysWOW64\schannel.dll
07:06:52.0453 2956 C:\Windows\SysWOW64\schannel.dll - ok
07:06:52.0463 2956 [ BB9485931D99482DDD9C8059B4A97D37 ] C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll
07:06:52.0463 2956 C:\Program Files\Malwarebytes\Anti-Malware\Swissarmy.dll - ok
07:06:52.0469 2956 [ B25B71B6A6CB3E48B2F1129F064B1F32 ] C:\Windows\System32\windows.applicationmodel.datatransfer.dll
07:06:52.0469 2956 C:\Windows\System32\windows.applicationmodel.datatransfer.dll - ok
07:06:52.0474 2956 [ DBFF13F89B8A5ECC33CBFC61A5CDFA10 ] C:\Windows\SysWOW64\pcacli.dll
07:06:52.0474 2956 C:\Windows\SysWOW64\pcacli.dll - ok
07:06:52.0481 2956 [ 482EFCAB2FBFEB13770ABA366CC3C39D ] C:\Windows\System32\twinui.dll
07:06:52.0481 2956 C:\Windows\System32\twinui.dll - ok
07:06:52.0485 2956 [ 005B5F4FF4AAB4FC3CDE47762F1616EB ] C:\Windows\System32\ntshrui.dll
07:06:52.0485 2956 C:\Windows\System32\ntshrui.dll - ok
07:06:52.0489 2956 [ FBB6722E2A14F30F81EB17EB210459FA ] C:\Program Files\AVAST Software\Avast\x64\streamback.dll
07:06:52.0489 2956 C:\Program Files\AVAST Software\Avast\x64\streamback.dll - ok
07:06:52.0495 2956 [ 3A957A2346619C402B4528E2211DBB0D ] C:\Windows\System32\ApplicationFrame.dll
07:06:52.0495 2956 C:\Windows\System32\ApplicationFrame.dll - ok
07:06:52.0500 2956 [ 7068D8BC2079B23B6371321A8613BA9F ] C:\Program Files\AVAST Software\Avast\x64\CommChannel.dll
07:06:52.0501 2956 C:\Program Files\AVAST Software\Avast\x64\CommChannel.dll - ok
07:06:52.0504 2956 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\admin\AppData\Local\Temp\6E8F50F5-E1E2-4D75-A4AA-1F7F274A17B5.exe
07:06:52.0504 2956 C:\Users\admin\AppData\Local\Temp\6E8F50F5-E1E2-4D75-A4AA-1F7F274A17B5.exe - ok
07:06:52.0509 2956 [ A1B6422FA3B348AD8F7D1E608D64DA64 ] C:\Program Files\AVAST Software\Avast\x64\aswIP.dll
07:06:52.0509 2956 C:\Program Files\AVAST Software\Avast\x64\aswIP.dll - ok
07:06:52.0515 2956 [ 8B0E699F01BDD3B9AD741D1BD7343248 ] C:\Windows\System32\wbem\unsecapp.exe
07:06:52.0515 2956 C:\Windows\System32\wbem\unsecapp.exe - ok
07:06:52.0519 2956 [ 519C70A90D88799E6DAD7AA394FA4699 ] C:\Windows\System32\devrtl.dll
07:06:52.0519 2956 C:\Windows\System32\devrtl.dll - ok
07:06:52.0522 2956 [ D7C68326D4E7A346E697CB89BBA9970D ] C:\Windows\System32\spfileq.dll
07:06:52.0522 2956 C:\Windows\System32\spfileq.dll - ok
07:06:52.0528 2956 [ CC0A3DBE0464B1AF67CEB55D5F8A146E ] C:\Windows\System32\linkinfo.dll
07:06:52.0528 2956 C:\Windows\System32\linkinfo.dll - ok
07:06:52.0533 2956 [ 335B127A34D98A92749B91902AB0A3A8 ] C:\Windows\SysWOW64\dsparse.dll
07:06:52.0533 2956 C:\Windows\SysWOW64\dsparse.dll - ok
07:06:52.0536 2956 [ C708F9418F6E5C8FA5EB28EA61C2282D ] C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll
07:06:52.0536 2956 C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll - ok
07:06:52.0541 2956 [ 95B5E8A264F91EDE2795B7FF8DAC1013 ] C:\Windows\System32\HolographicExtensions.dll
07:06:52.0541 2956 C:\Windows\System32\HolographicExtensions.dll - ok
07:06:52.0548 2956 [ 06B8F2D91C7ED9602F90550FA39D001D ] C:\Users\admin\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll
07:06:52.0548 2956 C:\Users\admin\AppData\Local\Microsoft\OneDrive\18.222.1104.0007\amd64\FileSyncShell64.dll - ok
07:06:52.0551 2956 [ 441DEA4C75597D7EFD0A6C89808838D7 ] C:\Windows\System32\ktmw32.dll
07:06:52.0551 2956 C:\Windows\System32\ktmw32.dll - ok
07:06:52.0555 2956 [ A269A857C45754AC2D458195DE61D833 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
07:06:52.0555 2956 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
07:06:52.0562 2956 [ 2334A4A65CD7B53EEE185C75A1B65F2B ] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17763.195_none_369f299161b2af67\GdiPlus.dll
07:06:52.0562 2956 C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.17763.195_none_369f299161b2af67\GdiPlus.dll - ok
07:06:52.0566 2956 [ F65A9FD335CC25726F35B279E36E724D ] C:\Windows\SysWOW64\msctf.dll
07:06:52.0566 2956 C:\Windows\SysWOW64\msctf.dll - ok
07:06:52.0570 2956 [ A6D5768C1C44B79B042CD965FF784C65 ] C:\Windows\SysWOW64\mskeyprotect.dll
07:06:52.0570 2956 C:\Windows\SysWOW64\mskeyprotect.dll - ok
07:06:52.0574 2956 [ 746BE1DBD9E0D0129F52D798C567ABDE ] C:\Windows\System32\msi.dll
07:06:52.0575 2956 C:\Windows\System32\msi.dll - ok
07:06:52.0581 2956 [ 5B428EBEB61F1BEAD570655C47D0448E ] C:\Windows\SysWOW64\ncryptsslp.dll
07:06:52.0581 2956 C:\Windows\SysWOW64\ncryptsslp.dll - ok
07:06:52.0584 2956 [ 690EFB99D5633F95C884BD538CB708A6 ] C:\Windows\System32\drivers\mbamswissarmy.sys
07:06:52.0585 2956 C:\Windows\System32\drivers\mbamswissarmy.sys - ok
07:06:52.0588 2956 [ 2ADFC9707416C373244F7900B927CAFF ] C:\Windows\System32\EhStorShell.dll
07:06:52.0588 2956 C:\Windows\System32\EhStorShell.dll - ok
07:06:52.0593 2956 [ 23B5CF987C66B31053EDCF7B8ACBEEF8 ] C:\Windows\System32\provsvc.dll
07:06:52.0593 2956 C:\Windows\System32\provsvc.dll - ok
07:06:52.0599 2956 [ 0C0EDC90F6D3F80EE82DAC1586F432AF ] C:\Windows\System32\winrnr.dll
07:06:52.0599 2956 C:\Windows\System32\winrnr.dll - ok
07:06:52.0603 2956 [ F0DA491C758DC53340E56E1BF5C95CE9 ] C:\Windows\System32\cscui.dll
07:06:52.0603 2956 C:\Windows\System32\cscui.dll - ok
07:06:52.0607 2956 [ D7B3F90F922173697717EC7800117E60 ] C:\Windows\System32\AboveLockAppHost.dll
07:06:52.0607 2956 C:\Windows\System32\AboveLockAppHost.dll - ok
07:06:52.0615 2956 [ 4E6987B5D0678F77CEE802ACC780C51D ] C:\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLLShim.dll
07:06:52.0615 2956 C:\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLLShim.dll - ok
07:06:52.0620 2956 [ A792B49B96CE0C33D5BBDF3D3EDC1751 ] C:\Windows\System32\pnrpnsp.dll
07:06:52.0620 2956 C:\Windows\System32\pnrpnsp.dll - ok
07:06:52.0625 2956 [ 9A2DF1905A6AC59527FED7D0DFEBA42D ] C:\Windows\System32\NapiNSP.dll
07:06:52.0625 2956 C:\Windows\System32\NapiNSP.dll - ok
07:06:52.0631 2956 [ 00B0A7E23AFB9EB2C42FBF6150D4F28F ] C:\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLL.dll
07:06:52.0631 2956 C:\Program Files\Malwarebytes\Anti-Malware\BrowserSDKDLL.dll - ok
07:06:52.0636 2956 [ 8C7482D593AB9122BB045B17DF49CB81 ] C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll
07:06:52.0636 2956 C:\Program Files\Malwarebytes\Anti-Malware\RTPControllerImpl.dll - ok
07:06:52.0639 2956 [ E4ECDB7A312806D1750D5A6CA0762547 ] C:\Windows\System32\NPSM.dll
07:06:52.0639 2956 C:\Windows\System32\NPSM.dll - ok
07:06:52.0646 2956 [ C760EE98293826A357026E8B4BD51B62 ] C:\Windows\System32\Windows.Shell.BlueLightReduction.dll
07:06:52.0646 2956 C:\Windows\System32\Windows.Shell.BlueLightReduction.dll - ok
07:06:52.0651 2956 [ F0E9EBC2A438C7990AA778F111C102BB ] C:\Windows\System32\Windows.Web.dll
07:06:52.0651 2956 C:\Windows\System32\Windows.Web.dll - ok
07:06:52.0655 2956 [ E3FEE579A3E7F34EBDF6D8CEDA97F950 ] C:\Windows\System32\Windows.Internal.Signals.dll
07:06:52.0655 2956 C:\Windows\System32\Windows.Internal.Signals.dll - ok
07:06:52.0660 2956 [ F2E685815DDFE8D86821271F85BF596E ] C:\Windows\System32\wscapi.dll
07:06:52.0660 2956 C:\Windows\System32\wscapi.dll - ok
07:06:52.0665 2956 [ 1F50C0FADB0B107CC078DB9662D954C3 ] C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll
07:06:52.0665 2956 C:\Program Files\Malwarebytes\Anti-Malware\MWACControllerImpl.dll - ok
07:06:52.0669 2956 [ E236BC25E0F5C92C228E3E2193D1F8D7 ] C:\Windows\System32\TaskFlowDataEngine.dll
07:06:52.0669 2956 C:\Windows\System32\TaskFlowDataEngine.dll - ok
07:06:52.0672 2956 [ 8C4FD917B47D725EFABD0EF2A5470B48 ] C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll
07:06:52.0672 2956 C:\Program Files\Malwarebytes\Anti-Malware\ArwControllerImpl.dll - ok
07:06:52.0678 2956 [ F25D2E11A8AFF3C76931E9A1AED93016 ] C:\Windows\System32\Windows.Data.Activities.dll
07:06:52.0678 2956 C:\Windows\System32\Windows.Data.Activities.dll - ok
07:06:52.0685 2956 [ 7D57315B924DF8C4D5CC270543BDD134 ] C:\Windows\System32\actxprxy.dll
07:06:52.0685 2956 C:\Windows\System32\actxprxy.dll - ok
07:06:52.0689 2956 [ 9A6F2B715C1D5E6F88A34A805F5088EE ] C:\Windows\System32\Windows.UI.Core.TextInput.dll
07:06:52.0689 2956 C:\Windows\System32\Windows.UI.Core.TextInput.dll - ok
07:06:52.0694 2956 [ 0E7F1D5E7B63EF401187D569BF569D14 ] C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll
07:06:52.0695 2956 C:\Program Files\Malwarebytes\Anti-Malware\AEControllerImpl.dll - ok
07:06:52.0700 2956 [ A8813C01C119B3583140D92A76A53650 ] C:\Windows\System32\cflapi.dll
07:06:52.0700 2956 C:\Windows\System32\cflapi.dll - ok
07:06:52.0703 2956 [ C73575187D18D3AD11E57A9E13F3BDE0 ] C:\Windows\System32\ShellCommonCommonProxyStub.dll
07:06:52.0703 2956 C:\Windows\System32\ShellCommonCommonProxyStub.dll - ok
07:06:52.0707 2956 [ BE339F2BC247BDB461A9210549758B5C ] C:\Windows\System32\LicenseManagerApi.dll
07:06:52.0707 2956 C:\Windows\System32\LicenseManagerApi.dll - ok
07:06:52.0714 2956 [ FC222D130E8F352BFD25622C47AA925B ] C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll
07:06:52.0714 2956 C:\Program Files\Malwarebytes\Anti-Malware\SPControllerImpl.dll - ok
07:06:52.0719 2956 [ B37D223D9D71041CE41A2C4B0E5CD539 ] C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionShim.dll
07:06:52.0719 2956 C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionShim.dll - ok
07:06:52.0723 2956 [ 29A1AD6714EE5EE7623B1C37B8F2EE79 ] C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionSdk.dll
07:06:52.0723 2956 C:\Program Files\Malwarebytes\Anti-Malware\SelfProtectionSdk.dll - ok
07:06:52.0729 2956 [ 78AC970D7765FD11580FF67DF518197B ] C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
07:06:52.0729 2956 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe - ok
07:06:52.0735 2956 [ 727EFCFB3DDEF0906BA4B8D62BCFDDA5 ] C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
07:06:52.0735 2956 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe - ok
07:06:52.0738 2956 [ 4A30DED62A17CBC7EC365248DE11A14A ] C:\Windows\SysWOW64\newdev.dll
07:06:52.0738 2956 C:\Windows\SysWOW64\newdev.dll - ok
07:06:52.0742 2956 [ 2A3A760C03A44873B4DCD6057C4EEA16 ] C:\Windows\ShellExperiences\StartUI.dll
07:06:52.0742 2956 C:\Windows\ShellExperiences\StartUI.dll - ok
07:06:52.0749 2956 [ 0EFB89E88FAA96AEE125C0E53DD47972 ] C:\Program Files\AVAST Software\Avast\aswhookx.dll
07:06:52.0749 2956 C:\Program Files\AVAST Software\Avast\aswhookx.dll - ok
07:06:52.0752 2956 [ B7EEAE4364FB175C3809FDC93F0643C4 ] C:\Windows\ShellExperiences\QuickActions.dll
07:06:52.0752 2956 C:\Windows\ShellExperiences\QuickActions.dll - ok
07:06:52.0756 2956 [ A795DA8E000C9CAB2CC7B2242C8075E9 ] C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
07:06:52.0756 2956 C:\Windows\System32\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll - ok
07:06:52.0761 2956 [ 26F7877377A6840C8EFC671561DE25C3 ] C:\Windows\ShellExperiences\Windows.UI.ActionCenter.dll
07:06:52.0761 2956 C:\Windows\ShellExperiences\Windows.UI.ActionCenter.dll - ok
07:06:52.0767 2956 [ 6C45B798514633713EFF0AFEC662D68B ] C:\Windows\System32\iri.dll
07:06:52.0767 2956 C:\Windows\System32\iri.dll - ok
07:06:52.0770 2956 [ 12BBC36D2B259545A0DFC3E7ADC1FB59 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
07:06:52.0770 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll - ok
07:06:52.0775 2956 [ 549684ED7A727161CE9BC8E7D830849B ] C:\Windows\System32\QuickActionsDataModel.dll
07:06:52.0775 2956 C:\Windows\System32\QuickActionsDataModel.dll - ok
07:06:52.0794 2956 [ A82788A5FEC731FECD3E57BF480B6951 ] C:\Program Files (x86)\TeamViewer\TeamViewer.exe
07:06:52.0794 2956 C:\Program Files (x86)\TeamViewer\TeamViewer.exe - ok
07:06:52.0798 2956 [ F97FB9B9FF9ED7CFBF4E88B27738C14C ] C:\Program Files\AVAST Software\Avast\setup\uat_7060.dll
07:06:52.0799 2956 C:\Program Files\AVAST Software\Avast\setup\uat_7060.dll - ok
07:06:52.0802 2956 [ E66EC667078E707ADFE4AE4A4B2F4BC1 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
07:06:52.0802 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll - ok
07:06:52.0806 2956 [ 69D9E1D4A82FFCE973652BB742B97ACA ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
07:06:52.0806 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll - ok
07:06:52.0812 2956 [ 6578118EC014895388AB06D9B2B6C695 ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
07:06:52.0812 2956 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
07:06:52.0817 2956 [ 3B85A80EF1B1A88AB172F647A4B67788 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
07:06:52.0817 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll - ok
07:06:52.0821 2956 [ 68CDA1C9BEB5058667A746C7FD01CF6E ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
07:06:52.0821 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll - ok
07:06:52.0825 2956 [ 319A850CC5741CDA9F657857E936A3AF ] C:\Windows\System32\biwinrt.dll
07:06:52.0825 2956 C:\Windows\System32\biwinrt.dll - ok
07:06:52.0832 2956 [ E800DB762544BE7A761FBF9AAFC7D5C9 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
07:06:52.0832 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll - ok
07:06:52.0835 2956 [ 52CCC457AC5ED9CAE7F6C2F04BEE3577 ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
07:06:52.0835 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll - ok
07:06:52.0840 2956 [ 9DDA681B0406C3575E666F52CBDE4F80 ] C:\Program Files\Malwarebytes\Anti-Malware\msvcp140.dll
07:06:52.0840 2956 C:\Program Files\Malwarebytes\Anti-Malware\msvcp140.dll - ok
07:06:52.0847 2956 [ A8F9900EC03B8C146FEE06B6F4A3CF32 ] C:\Program Files\Malwarebytes\Anti-Malware\mbcut.dll
07:06:52.0847 2956 C:\Program Files\Malwarebytes\Anti-Malware\mbcut.dll - ok
07:06:52.0851 2956 [ E79EF25890B214B13A7473E52330D0EC ] C:\Program Files\Malwarebytes\Anti-Malware\vcruntime140.dll
07:06:52.0851 2956 C:\Program Files\Malwarebytes\Anti-Malware\vcruntime140.dll - ok
07:06:52.0855 2956 [ 28DC4F094E7769441FB891367AB4BB84 ] C:\Windows\SysWOW64\opengl32.dll
07:06:52.0855 2956 C:\Windows\SysWOW64\opengl32.dll - ok
07:06:52.0860 2956 [ 6855C86D80B379CD3DF523AF36AA6EC5 ] C:\Windows\SysWOW64\glu32.dll
07:06:52.0860 2956 C:\Windows\SysWOW64\glu32.dll - ok
07:06:52.0866 2956 [ 6D66AFEF886392CE79C1A61F3AF835A1 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
07:06:52.0866 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe - ok
07:06:52.0870 2956 [ 3D7DC5D1FF6985A06E0F4E736B5C22E5 ] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
07:06:52.0870 2956 C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll - ok
07:06:52.0873 2956 [ C6FF6DD06566994B4FB53F210083874A ] C:\Windows\SysWOW64\d3d11.dll
07:06:52.0873 2956 C:\Windows\SysWOW64\d3d11.dll - ok
07:06:52.0879 2956 [ C6C742DCB64892659D51F6CBA3376D84 ] C:\Windows\SysWOW64\dxgi.dll
07:06:52.0879 2956 C:\Windows\SysWOW64\dxgi.dll - ok
07:06:52.0884 2956 [ DEDC76E0CC8405DC38A68FD4E0D8DB71 ] C:\Windows\SysWOW64\d3d9.dll
07:06:52.0884 2956 C:\Windows\SysWOW64\d3d9.dll - ok
07:06:52.0887 2956 [ 418F15B633799EB31F64565A299FA966 ] C:\Windows\SysWOW64\Magnification.dll
07:06:52.0887 2956 C:\Windows\SysWOW64\Magnification.dll - ok
07:06:52.0892 2956 [ 65996A0AFAD353EC43FFE1CA69A2BE88 ] C:\Windows\System32\UIAutomationCore.dll
07:06:52.0892 2956 C:\Windows\System32\UIAutomationCore.dll - ok
07:06:52.0898 2956 [ 175398FCF92E94A8E5E628069F57CD22 ] C:\Windows\SysWOW64\riched20.dll
07:06:52.0899 2956 C:\Windows\SysWOW64\riched20.dll - ok
07:06:52.0904 2956 [ ACCD854D0163622E1E5269C0BF2591B3 ] C:\Windows\SysWOW64\msls31.dll
07:06:52.0904 2956 C:\Windows\SysWOW64\msls31.dll - ok
07:06:52.0907 2956 [ FE7795FE3004F0E410CF4B43B95709CA ] C:\Windows\SysWOW64\quartz.dll
07:06:52.0907 2956 C:\Windows\SysWOW64\quartz.dll - ok
07:06:52.0913 2956 [ 5B5EAFEF9CB05D3A1187D72901CF6D24 ] C:\Windows\SysWOW64\usp10.dll
07:06:52.0913 2956 C:\Windows\SysWOW64\usp10.dll - ok
07:06:52.0917 2956 [ 41D1AC6E4652344E6E0F40C2E757555E ] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
07:06:52.0917 2956 C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll - ok
07:06:52.0920 2956 [ 90009B3A0212C816B89B8D9497EACD75 ] C:\Windows\SysWOW64\avicap32.dll
07:06:52.0921 2956 C:\Windows\SysWOW64\avicap32.dll - ok
07:06:52.0925 2956 [ AA1D4B07AB469F1C0125F2DEE3834855 ] C:\Windows\SysWOW64\msvfw32.dll
07:06:52.0925 2956 C:\Windows\SysWOW64\msvfw32.dll - ok
07:06:52.0931 2956 [ C3EA3A704669F6C72876D7B05CDC0166 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
07:06:52.0931 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll - ok
07:06:52.0935 2956 [ 172F2ED27C74EB1DC99DB5C8B125DBFB ] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
07:06:52.0936 2956 C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll - ok
07:06:52.0939 2956 [ AEEBF4C6A91FB7C952C4C23A2C2B899B ] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
07:06:52.0939 2956 C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll - ok
07:06:52.0945 2956 [ 57951FDDFF118189CC45EC4DC52990BA ] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
07:06:52.0945 2956 C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll - ok
07:06:52.0950 2956 [ 4E858BF2FE10072B75CCAC064FF02B74 ] C:\Windows\System32\Windows.Cortana.PAL.Desktop.dll
07:06:52.0951 2956 C:\Windows\System32\Windows.Cortana.PAL.Desktop.dll - ok
07:06:52.0954 2956 [ 4F661DB85F4C037362FAF958A4E218C6 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll
07:06:52.0954 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\BingConfigurationClient.dll - ok
07:06:52.0958 2956 [ C5C2D7E924D91BDF6F48E12F102E6814 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
07:06:52.0958 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll - ok
07:06:52.0965 2956 [ 3B803CA4C9A470654DCC784200AFF2BD ] C:\Windows\SysWOW64\ExplorerFrame.dll
07:06:52.0965 2956 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
07:06:52.0968 2956 [ 577AC525B0DE2FD1D4D850B2349DEA24 ] C:\Windows\System32\ActionMgr.dll
07:06:52.0968 2956 C:\Windows\System32\ActionMgr.dll - ok
07:06:52.0971 2956 [ 07D6263F2D0E81B4618207EEF1B34456 ] C:\Windows\System32\Speech_OneCore\common\sapi_onecore.dll
07:06:52.0972 2956 C:\Windows\System32\Speech_OneCore\common\sapi_onecore.dll - ok
07:06:52.0980 2956 [ BDAD08AA85A7F85B58A87454101600FE ] C:\Windows\System32\ConstraintIndex.Search.dll
07:06:52.0980 2956 C:\Windows\System32\ConstraintIndex.Search.dll - ok
07:06:52.0987 2956 [ B514935F552EF895F5534ED307EF3C11 ] C:\Windows\System32\Windows.Graphics.dll
07:06:52.0987 2956 C:\Windows\System32\Windows.Graphics.dll - ok
07:06:52.0991 2956 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\73035424.sys
07:06:52.0991 2956 C:\Windows\System32\drivers\73035424.sys - ok
07:06:52.0997 2956 [ 518A0A95CB79138B99C6DE13D986E20F ] C:\Windows\System32\PersonaX.dll
07:06:52.0997 2956 C:\Windows\System32\PersonaX.dll - ok
07:06:53.0002 2956 [ E65CF7F26B2FCC4C0CE7B4F24106A17B ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
07:06:53.0002 2956 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
07:06:53.0006 2956 [ D56532EC57850FFF07DBE8931FC31F70 ] C:\Windows\System32\fontgroupsoverride.dll
07:06:53.0006 2956 C:\Windows\System32\fontgroupsoverride.dll - ok
07:06:53.0012 2956 [ 20A99C58D3CF89AD2AF69B58AB130E19 ] C:\Windows\System32\Windows.Web.Http.dll
07:06:53.0012 2956 C:\Windows\System32\Windows.Web.Http.dll - ok
07:06:53.0017 2956 [ 47BCA861EC17CBE5AF8C61D297790A20 ] C:\Windows\System32\msftedit.dll
07:06:53.0017 2956 C:\Windows\System32\msftedit.dll - ok
07:06:53.0020 2956 [ E7B730573DEC94E3859DA9E9C15CEBD8 ] C:\Windows\System32\RTMediaFrame.dll
07:06:53.0021 2956 C:\Windows\System32\RTMediaFrame.dll - ok
07:06:53.0025 2956 [ 2879BF3F6F6CE63477135F7C061B14F3 ] C:\Windows\System32\RuntimeBroker.exe
07:06:53.0025 2956 C:\Windows\System32\RuntimeBroker.exe - ok
07:06:53.0031 2956 [ E1AF5F3BD2088CC301EC0A6D5F31CDFD ] C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll
07:06:53.0031 2956 C:\Program Files\AVAST Software\Avast\x64\aswhooka.dll - ok
07:06:53.0035 2956 [ 6C3E889EB117F0C07409998BE33F7638 ] C:\Windows\SysWOW64\CoreMessaging.dll
07:06:53.0035 2956 C:\Windows\SysWOW64\CoreMessaging.dll - ok
07:06:53.0039 2956 [ FB13E6D6C4F01022C661C0C172A9424F ] C:\Windows\System32\GlobCollationHost.dll
07:06:53.0039 2956 C:\Windows\System32\GlobCollationHost.dll - ok
07:06:53.0043 2956 [ 0A9A2359648EBD80287A39984D9E2480 ] C:\Windows\System32\mfplat.dll
07:06:53.0043 2956 C:\Windows\System32\mfplat.dll - ok
07:06:53.0050 2956 [ 4ADBE980CC440695BDB9C0E0D0EA58D4 ] C:\Windows\System32\stobject.dll
07:06:53.0050 2956 C:\Windows\System32\stobject.dll - ok
07:06:53.0053 2956 [ E2416A02A8FF217D5C02727B735E42DD ] C:\Windows\System32\batmeter.dll
07:06:53.0053 2956 C:\Windows\System32\batmeter.dll - ok
07:06:53.0058 2956 [ 3223D201F9950FC8298AC13013DDC8D6 ] C:\Windows\System32\Windows.Cortana.OneCore.dll
07:06:53.0058 2956 C:\Windows\System32\Windows.Cortana.OneCore.dll - ok
07:06:53.0063 2956 [ EFEE3782C7698E22494C288D7291108B ] C:\Windows\System32\Windows.Cortana.ProxyStub.dll
07:06:53.0063 2956 C:\Windows\System32\Windows.Cortana.ProxyStub.dll - ok
07:06:53.0068 2956 [ 536B4D3FC42D9F56AB3CAB7A2E6AE2BB ] C:\Windows\System32\Windows.UI.Shell.dll
07:06:53.0068 2956 C:\Windows\System32\Windows.UI.Shell.dll - ok
07:06:53.0071 2956 [ C2458E8FC59D3853858ED6F8136F46FB ] C:\Windows\System32\prnfldr.dll
07:06:53.0071 2956 C:\Windows\System32\prnfldr.dll - ok
07:06:53.0075 2956 [ 17C1FCBCC3F46DCBFBD86F0A87E3912D ] C:\Windows\System32\Windows.UI.Input.Inking.dll
07:06:53.0075 2956 C:\Windows\System32\Windows.UI.Input.Inking.dll - ok
07:06:53.0081 2956 [ 23B1D49F28D6034B7742EC33A3F5E310 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
07:06:53.0081 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll - ok
07:06:53.0086 2956 [ 10AB7A550947F700C8777973C9B3ABEA ] C:\Windows\System32\Windows.Internal.Shell.Broker.dll
07:06:53.0086 2956 C:\Windows\System32\Windows.Internal.Shell.Broker.dll - ok
07:06:53.0090 2956 [ 4DD2489804E311082D5FD1E61258B175 ] C:\Windows\SysWOW64\WindowsCodecs.dll
07:06:53.0090 2956 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
07:06:53.0104 2956 [ E85C8737760101278D59BFAA66C09D1C ] C:\Windows\System32\edgehtml.dll
07:06:53.0104 2956 C:\Windows\System32\edgehtml.dll - ok
07:06:53.0111 2956 [ 4DC82F4268EE339A06AC50F6D9500D95 ] C:\Windows\System32\EdgeManager.dll
07:06:53.0111 2956 C:\Windows\System32\EdgeManager.dll - ok
07:06:53.0117 2956 [ 69B50947FE6174B28AD7FD12D9B1EB80 ] C:\Windows\System32\d3d10warp.dll
07:06:53.0117 2956 C:\Windows\System32\d3d10warp.dll - ok
07:06:53.0121 2956 [ B3BB45842114787BF4CE5935769F4085 ] C:\Windows\SysWOW64\sxs.dll
07:06:53.0121 2956 C:\Windows\SysWOW64\sxs.dll - ok
07:06:53.0126 2956 [ 1486B012666EF1F6C30B39EE4B8A7EE2 ] C:\Windows\System32\atlthunk.dll
07:06:53.0126 2956 C:\Windows\System32\atlthunk.dll - ok
07:06:53.0132 2956 [ 27DD99AD9186B1753A17BEF87FE14160 ] C:\Windows\System32\DXP.dll
07:06:53.0132 2956 C:\Windows\System32\DXP.dll - ok
07:06:53.0137 2956 [ ED08905B91230BB536A7049B8D0473AB ] C:\Windows\System32\shdocvw.dll
07:06:53.0137 2956 C:\Windows\System32\shdocvw.dll - ok
07:06:53.0140 2956 [ 8D8010C4A0940844794270AC727F81D9 ] C:\Windows\System32\ActionCenter.dll
07:06:53.0140 2956 C:\Windows\System32\ActionCenter.dll - ok
07:06:53.0146 2956 [ B5C72D4615BD79078E73490F1F3E9CB0 ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
07:06:53.0146 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe - ok
07:06:53.0151 2956 [ 76B121357A8058A236920A3F9E674281 ] C:\Windows\System32\authui.dll
07:06:53.0152 2956 C:\Windows\System32\authui.dll - ok
07:06:53.0155 2956 [ 50D5FD1290D94D46ACCA0585311E74D5 ] C:\Windows\System32\backgroundTaskHost.exe
07:06:53.0155 2956 C:\Windows\System32\backgroundTaskHost.exe - ok
07:06:53.0159 2956 [ ED880E432131DDD321E5549192F55A3D ] C:\Windows\System32\Syncreg.dll
07:06:53.0159 2956 C:\Windows\System32\Syncreg.dll - ok
07:06:53.0165 2956 [ 7AAA4845CA3B7F6E85EA0521D7C88CA6 ] C:\Windows\System32\Chakra.dll
07:06:53.0165 2956 C:\Windows\System32\Chakra.dll - ok
07:06:53.0170 2956 [ 57F5ABA6803A03D89E35284E9EFE7CF3 ] C:\Windows\System32\rometadata.dll
07:06:53.0170 2956 C:\Windows\System32\rometadata.dll - ok
07:06:53.0173 2956 [ 1B0DCBE679AC32E61CE8C8609B948F34 ] C:\Windows\System32\pnidui.dll
07:06:53.0173 2956 C:\Windows\System32\pnidui.dll - ok
07:06:53.0177 2956 [ 4E8DC385E4272D240107F7FAAA5AFB6D ] C:\Windows\System32\icuin.dll
07:06:53.0177 2956 C:\Windows\System32\icuin.dll - ok
07:06:53.0184 2956 [ 18FDD8D8C5BFA9B1767C2BFE97E74090 ] C:\Windows\System32\icuuc.dll
07:06:53.0184 2956 C:\Windows\System32\icuuc.dll - ok
07:06:53.0187 2956 [ 2459D09C499EA71EC62917DEB84A011C ] C:\Windows\System32\NetworkUXBroker.dll
07:06:53.0187 2956 C:\Windows\System32\NetworkUXBroker.dll - ok
07:06:53.0190 2956 [ ACF2E22E631CE881FC45FC1A6EAD5240 ] C:\Windows\System32\srpapi.dll
07:06:53.0190 2956 C:\Windows\System32\srpapi.dll - ok
07:06:53.0196 2956 [ D1C36DD3947F6CEE998C8B10836E92E7 ] C:\Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll
07:06:53.0196 2956 C:\Windows\System32\Windows.ApplicationModel.Background.TimeBroker.dll - ok
07:06:53.0202 2956 [ 94C1F6828CBBC3D91D2DC4F89F0A0BCD ] C:\Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll
07:06:53.0202 2956 C:\Windows\System32\Windows.Internal.SecurityMitigationsBroker.dll - ok
07:06:53.0206 2956 [ 246AFC8446534EDB53BDDC19AB02486F ] C:\Windows\SysWOW64\devrtl.dll
07:06:53.0206 2956 C:\Windows\SysWOW64\devrtl.dll - ok
07:06:53.0209 2956 [ B8E6AB6F58911BAD71A4D6EEA356159B ] C:\Windows\System32\EthernetMediaManager.dll
07:06:53.0209 2956 C:\Windows\System32\EthernetMediaManager.dll - ok
07:06:53.0215 2956 [ 09267268924A2CB0312E62F55591082F ] C:\Windows\System32\WlanMediaManager.dll
07:06:53.0215 2956 C:\Windows\System32\WlanMediaManager.dll - ok
07:06:53.0220 2956 [ B4EECC79460FE3DC001D36B65D2D9823 ] C:\Windows\System32\edgeIso.dll
07:06:53.0220 2956 C:\Windows\System32\edgeIso.dll - ok
07:06:53.0223 2956 [ 7F587767C593AC39B3723C08B46284BA ] C:\Windows\System32\msimtf.dll
07:06:53.0223 2956 C:\Windows\System32\msimtf.dll - ok
07:06:53.0228 2956 [ 1D656E3132B1F02A9A64600B56266FE4 ] C:\Windows\System32\PortableDeviceTypes.dll
07:06:53.0228 2956 C:\Windows\System32\PortableDeviceTypes.dll - ok
07:06:53.0235 2956 [ C6934B5D232079D629B04AD892A3405B ] C:\Windows\System32\WPDShServiceObj.dll
07:06:53.0235 2956 C:\Windows\System32\WPDShServiceObj.dll - ok
07:06:53.0238 2956 [ 3D1E3D72FAC062B2676AF5EAD1BF27A5 ] C:\Windows\System32\SettingMonitor.dll
07:06:53.0238 2956 C:\Windows\System32\SettingMonitor.dll - ok
07:06:53.0242 2956 [ 119428E22976076437DF0EE2A24FC989 ] C:\Windows\System32\TetheringStation.dll
07:06:53.0242 2956 C:\Windows\System32\TetheringStation.dll - ok
07:06:53.0249 2956 [ EA4C04798F17A64990582E1EFC2D71DE ] C:\Windows\SysWOW64\mshtml.dll
07:06:53.0249 2956 C:\Windows\SysWOW64\mshtml.dll - ok
07:06:53.0253 2956 [ 9C6D2F1DFD3B5AF160FD06E45E4A2DE4 ] C:\Windows\System32\bthprops.cpl
07:06:53.0253 2956 C:\Windows\System32\bthprops.cpl - ok
07:06:53.0257 2956 [ 3E07E4194A4AB407AF3B0538D5AF2066 ] C:\Windows\System32\Windows.Internal.Management.dll
07:06:53.0257 2956 C:\Windows\System32\Windows.Internal.Management.dll - ok
07:06:53.0262 2956 [ 3BC94575DBC3649CFCEE571783A45EAA ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Internal.Search.winmd
07:06:53.0262 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Internal.Search.winmd - ok
07:06:53.0268 2956 [ 41AC65F370211EC8519FC65B4183281C ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Search.winmd
07:06:53.0268 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Search.winmd - ok
07:06:53.0272 2956 [ 2D89D15D2C9D1494607317B4B2ECB572 ] C:\Windows\System32\WinMetadata\Windows.Foundation.winmd
07:06:53.0272 2956 C:\Windows\System32\WinMetadata\Windows.Foundation.winmd - ok
07:06:53.0276 2956 [ 1A60978D3DD1BC1279030F97ED2F7AAC ] C:\Windows\System32\WinMetadata\Windows.Security.winmd
07:06:53.0277 2956 C:\Windows\System32\WinMetadata\Windows.Security.winmd - ok
07:06:53.0283 2956 [ 9DF1DE40A6108BB60F0310A52177B837 ] C:\Windows\System32\WinMetadata\Windows.Storage.winmd
07:06:53.0283 2956 C:\Windows\System32\WinMetadata\Windows.Storage.winmd - ok
07:06:53.0287 2956 [ AB3A51D8EF8563FF24BBAE086B7EE315 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Tips.winmd
07:06:53.0287 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Tips.winmd - ok
07:06:53.0291 2956 [ EF72B718EB7F48D58DB26D1E94131EE9 ] C:\Windows\System32\WinMetadata\Windows.System.winmd
07:06:53.0291 2956 C:\Windows\System32\WinMetadata\Windows.System.winmd - ok
07:06:53.0299 2956 [ 62D6AF6800CE783C1BB20F51F051C2A3 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SPA.winmd
07:06:53.0299 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.SPA.winmd - ok
07:06:53.0303 2956 [ 675BEC9A581AC27118E721555E3459F0 ] C:\Windows\System32\cscobj.dll
07:06:53.0303 2956 C:\Windows\System32\cscobj.dll - ok
07:06:53.0307 2956 [ 39C467F5BDC0F05AF6F82431551D8592 ] C:\Windows\System32\srchadmin.dll
07:06:53.0307 2956 C:\Windows\System32\srchadmin.dll - ok
07:06:53.0312 2956 [ F0051F08F5DCF95F6C82D65AB7D14839 ] C:\Program Files (x86)\TeamViewer\tv_w32.dll
07:06:53.0312 2956 C:\Program Files (x86)\TeamViewer\tv_w32.dll - ok
07:06:53.0318 2956 [ 069F2FA958C87D936AC4B390A9234814 ] C:\Windows\System32\Windows.Storage.Search.dll
07:06:53.0318 2956 C:\Windows\System32\Windows.Storage.Search.dll - ok
07:06:53.0321 2956 [ 3ACCB032D83145211547B46B10197E52 ] C:\Program Files (x86)\TeamViewer\tv_w32.exe
07:06:53.0321 2956 C:\Program Files (x86)\TeamViewer\tv_w32.exe - ok
07:06:53.0324 2956 [ 0FE5160E5A0F3908BF1DA55779DDDD6C ] C:\Program Files (x86)\TeamViewer\tv_x64.exe
07:06:53.0324 2956 C:\Program Files (x86)\TeamViewer\tv_x64.exe - ok
07:06:53.0332 2956 [ EE084595DE6CF800DDE95B0E7C7E0239 ] C:\Windows\System32\SyncCenter.dll
07:06:53.0332 2956 C:\Windows\System32\SyncCenter.dll - ok
07:06:53.0337 2956 [ 824E2337116D2CBFD2205706DB536A98 ] C:\Windows\System32\newdev.dll
07:06:53.0337 2956 C:\Windows\System32\newdev.dll - ok
07:06:53.0340 2956 [ FC0EA2AE97519B6159DB2181B6C608AD ] C:\Windows\System32\imapi2.dll
07:06:53.0340 2956 C:\Windows\System32\imapi2.dll - ok
07:06:53.0345 2956 [ CB91021A7FAA46C0CDDC2E833BC5B07C ] C:\Windows\System32\printui.dll
07:06:53.0345 2956 C:\Windows\System32\printui.dll - ok
07:06:53.0351 2956 [ DDC5D0D0B693503DB579D2C6E93DF6C6 ] C:\Windows\SysWOW64\printui.dll
07:06:53.0351 2956 C:\Windows\SysWOW64\printui.dll - ok
07:06:53.0355 2956 [ F401ED8A54E682EEFE9AF793A03854A1 ] C:\Windows\System32\puiapi.dll
07:06:53.0355 2956 C:\Windows\System32\puiapi.dll - ok
07:06:53.0360 2956 [ 5AE1D03AD508652571158DE6D3A713FE ] C:\Windows\SysWOW64\puiapi.dll
07:06:53.0360 2956 C:\Windows\SysWOW64\puiapi.dll - ok
07:06:53.0366 2956 [ 7797FF28ADF050C8EAC1D3CEAB19E19A ] C:\Windows\System32\WinMetadata\Windows.Web.winmd
07:06:53.0366 2956 C:\Windows\System32\WinMetadata\Windows.Web.winmd - ok
07:06:53.0371 2956 [ 905D2687387D2E561719109E38E6B9E6 ] C:\Program Files (x86)\TeamViewer\tv_x64.dll
07:06:53.0371 2956 C:\Program Files (x86)\TeamViewer\tv_x64.dll - ok
07:06:53.0375 2956 [ E30BE1231813D7FB16259CEA3DFCBBEE ] C:\Windows\System32\WinMetadata\Windows.UI.winmd
07:06:53.0375 2956 C:\Windows\System32\WinMetadata\Windows.UI.winmd - ok
07:06:53.0381 2956 [ 60184AAD5DEBDF6C19605AFD833DA1DB ] C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd
07:06:53.0381 2956 C:\Windows\System32\WinMetadata\Windows.ApplicationModel.winmd - ok
07:06:53.0386 2956 [ B7644AAA9A8C172E25D4024346A89A9B ] C:\Windows\SysWOW64\pdh.dll
07:06:53.0386 2956 C:\Windows\SysWOW64\pdh.dll - ok
07:06:53.0390 2956 [ 0CF7A2BCF2E40E9FC81668CE3796CD24 ] C:\Windows\System32\mdmmigrator.dll
07:06:53.0390 2956 C:\Windows\System32\mdmmigrator.dll - ok
07:06:53.0395 2956 [ 4B3982A5C0F265D16B3725F9030DD83D ] C:\Windows\SysWOW64\DataExchange.dll
07:06:53.0395 2956 C:\Windows\SysWOW64\DataExchange.dll - ok
07:06:53.0401 2956 [ BCA2B8589EAE945156EB4435B92EBEB3 ] C:\Windows\SysWOW64\dcomp.dll
07:06:53.0401 2956 C:\Windows\SysWOW64\dcomp.dll - ok
07:06:53.0404 2956 [ E0C9BFCDEC97D66F2ADAF356967508F9 ] C:\Windows\SysWOW64\olepro32.dll
07:06:53.0404 2956 C:\Windows\SysWOW64\olepro32.dll - ok
07:06:53.0408 2956 [ 413BC3013B2F02CD95976900EB4071A1 ] C:\Windows\SysWOW64\twinapi.appcore.dll
07:06:53.0408 2956 C:\Windows\SysWOW64\twinapi.appcore.dll - ok
07:06:53.0413 2956 [ FF6E2BA4257F6E56020302F47D75E067 ] C:\Windows\SysWOW64\rmclient.dll
07:06:53.0413 2956 C:\Windows\SysWOW64\rmclient.dll - ok
07:06:53.0419 2956 [ DD8A0A65CF7DA7D1E2A4D119B7EDB9D5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll
07:06:53.0419 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll - ok
07:06:53.0424 2956 [ D75645B2A09766919061FA6589C5D06D ] C:\Program Files (x86)\GlassWire\GWIdlMon.exe
07:06:53.0424 2956 C:\Program Files (x86)\GlassWire\GWIdlMon.exe - ok
07:06:53.0429 2956 [ 52CB1191BA9F43A8C9DFE2D66D264E0A ] C:\Windows\SysWOW64\devenum.dll
07:06:53.0429 2956 C:\Windows\SysWOW64\devenum.dll - ok
07:06:53.0436 2956 [ DA36B9199EAA8183235F8423D9DE22C5 ] C:\Windows\SysWOW64\msdmo.dll
07:06:53.0436 2956 C:\Windows\SysWOW64\msdmo.dll - ok
07:06:53.0439 2956 [ 0CEE231926DDD849922A9DDEF2F54B8B ] C:\Windows\SysWOW64\hhctrl.ocx
07:06:53.0439 2956 C:\Windows\SysWOW64\hhctrl.ocx - ok
07:06:53.0444 2956 [ FA53944BB994114197F43DD2C02E05C0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ftimport.dll
07:06:53.0444 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ftimport.dll - ok
07:06:53.0451 2956 [ 5D2F22BCDB24AEB5AF82E8F7B4BA3F5E ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\msfte.dll
07:06:53.0451 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\msfte.dll - ok
07:06:53.0455 2956 [ 971FFC32025DCA6D5A74C4FF3E86E687 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL
07:06:53.0455 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL - ok
07:06:53.0458 2956 [ 472F7C2D64996748588AFDF96BC6FFE0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
07:06:53.0458 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE - ok
07:06:53.0464 2956 [ FDB6B2E1B61A499607E646E61B05BA46 ] C:\Windows\System32\odbc32.dll
07:06:53.0464 2956 C:\Windows\System32\odbc32.dll - ok
07:06:53.0470 2956 [ 2BAAF86F414E1FE77329E94799DD8BFC ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll
07:06:53.0470 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll - ok
07:06:53.0473 2956 [ 3F8E584D320B58E329FC212DE416D856 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll
07:06:53.0473 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll - ok
07:06:53.0478 2956 [ 56CE429ED8FD951388944E8BF96E24E2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SEMMAP.DLL
07:06:53.0478 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SEMMAP.DLL - ok
07:06:53.0483 2956 [ 38CBAAA7A219CB6D32A28929BA5E4F2B ] C:\Windows\System32\sqlncli10.dll
07:06:53.0483 2956 C:\Windows\System32\sqlncli10.dll - ok
07:06:53.0489 2956 [ 5965125255D4B462F140BA10CD65DC56 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscm.dll
07:06:53.0489 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscm.dll - ok
07:06:53.0493 2956 [ E551E335D794F55EDA76D65E1EB08240 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SEMMAP.RLL
07:06:53.0493 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SEMMAP.RLL - ok
07:06:53.0500 2956 [ 5407EA91A60741FCC6AA8641A1E391D3 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL
07:06:53.0500 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL - ok
07:06:53.0504 2956 [ 710146A31A791475BE6CA058DF6D5E3F ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll
07:06:53.0504 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll - ok
07:06:53.0508 2956 [ 04B4C6CFDEFC0A1C5D1AB212AFF1A9DC ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
07:06:53.0508 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe - ok
07:06:53.0514 2956 [ 762E1319019E9E3D61127533FA3F3A07 ] C:\Windows\System32\qmgr.dll
07:06:53.0514 2956 C:\Windows\System32\qmgr.dll - ok
07:06:53.0520 2956 [ E560062C90A9D86EA8F30AB7FF1445C3 ] C:\Windows\System32\bitsperf.dll
07:06:53.0520 2956 C:\Windows\System32\bitsperf.dll - ok
07:06:53.0523 2956 [ 10F6EBB271410ECF1986DF0922055853 ] C:\Windows\System32\bitsigd.dll
07:06:53.0523 2956 C:\Windows\System32\bitsigd.dll - ok
07:06:53.0528 2956 [ B9C7E2FEDB04EF476905D9610396BACA ] C:\Windows\System32\upnp.dll
07:06:53.0528 2956 C:\Windows\System32\upnp.dll - ok
07:06:53.0535 2956 [ 143A9BB8D22991E9C6E1E83B532E2F2D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL
07:06:53.0535 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL - ok
07:06:53.0539 2956 [ 9EF88C73068792A39F1C6C55A2A088A6 ] C:\Windows\System32\1033\sqlnclir10.rll
07:06:53.0539 2956 C:\Windows\System32\1033\sqlnclir10.rll - ok
07:06:53.0542 2956 [ 29B6384BDFEBB89C55C83350BDCCA8B5 ] C:\Windows\System32\netbios.dll
07:06:53.0542 2956 C:\Windows\System32\netbios.dll - ok
07:06:53.0548 2956 [ 45DCE0240155F3D79B7028CD06EBA129 ] C:\Windows\SysWOW64\igdumdim32.dll
07:06:53.0548 2956 C:\Windows\SysWOW64\igdumdim32.dll - ok
07:06:53.0552 2956 [ 8A6D92C24314304292B2F4D8408E1933 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
07:06:53.0552 2956 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
07:06:53.0556 2956 [ 5BA6F3F8A3819BC8BEA3FF358A4E4CB5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
07:06:53.0557 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe - ok
07:06:53.0562 2956 [ 6A41A1042F31A8BBD1EE3E3E4F172849 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fd.dll
07:06:53.0563 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fd.dll - ok
07:06:53.0569 2956 [ 2E703AB53BF5314AAD8009BE796722BA ] C:\Windows\System32\WsmAuto.dll
07:06:53.0569 2956 C:\Windows\System32\WsmAuto.dll - ok
07:06:53.0573 2956 [ 12A603B617FD88D8C5420851241466E6 ] C:\Windows\System32\WsmSvc.dll
07:06:53.0573 2956 C:\Windows\System32\WsmSvc.dll - ok
07:06:53.0577 2956 [ 5822E3E103C0B322A0C0446803AC33C1 ] C:\Windows\System32\pcwum.dll
07:06:53.0577 2956 C:\Windows\System32\pcwum.dll - ok
07:06:53.0583 2956 [ A924FCAA92481C04AC821AFFA49E87EA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\query.dll
07:06:53.0583 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\query.dll - ok
07:06:53.0587 2956 [ 6E16241476B38C35C849C5AD92886F5D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlft105ph.dll
07:06:53.0587 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlft105ph.dll - ok
07:06:53.0591 2956 [ 69A29965C5CD5F823CACB11D2F605975 ] C:\Windows\System32\LicenseManager.dll
07:06:53.0591 2956 C:\Windows\System32\LicenseManager.dll - ok
07:06:53.0596 2956 [ 112EFD0CCFA2994491F4D877D2DBA582 ] C:\Windows\System32\LicenseManagerSvc.dll
07:06:53.0596 2956 C:\Windows\System32\LicenseManagerSvc.dll - ok
07:06:53.0602 2956 [ CF4F9EEE0B58988F3CFA1F3D938CA4A5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll
07:06:53.0602 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll - ok
07:06:53.0607 2956 [ 759E47EE37B5C8368A5CA39F95F3B0B8 ] C:\Windows\System32\ClipSVC.dll
07:06:53.0607 2956 C:\Windows\System32\ClipSVC.dll - ok
07:06:53.0612 2956 [ BD19E4BA521D6DBEDE226A6CA26362B0 ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
07:06:53.0612 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe - ok
07:06:53.0619 2956 [ 8DAE34F16F8EB3E058637DF11CAF9DDD ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\XPStar.DLL
07:06:53.0619 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\XPStar.DLL - ok
07:06:53.0623 2956 [ 5DC82354ADADD514B040B4740223DABA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL
07:06:53.0623 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL - ok
07:06:53.0627 2956 [ 779FD1B8B0F497DE48C0ABB4D65E129C ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswAR.dll
07:06:53.0627 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswAR.dll - ok
07:06:53.0633 2956 [ 496F525FB02418D6235AC8E1D2A9B2A6 ] C:\Program Files\AVAST Software\Avast\defs\19010204\aswRawFS.dll
07:06:53.0633 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\aswRawFS.dll - ok
07:06:53.0638 2956 [ EAC76F1992BC3369818AAE89EFD52061 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll
07:06:53.0638 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll - ok
07:06:53.0642 2956 [ 77E2BF938AABB9331C4EB14C17CAA61E ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xplog70.dll
07:06:53.0642 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xplog70.dll - ok
07:06:53.0647 2956 [ DFBBAC38EF42617FECE24D35D459D860 ] C:\Program Files\Microsoft SQL Server\100\COM\AXSCPHST.DLL
07:06:53.0647 2956 C:\Program Files\Microsoft SQL Server\100\COM\AXSCPHST.DLL - ok
07:06:53.0653 2956 [ B4BA04B95EA03D02AB3979C9D2C459B5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\atxcore.dll
07:06:53.0653 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\atxcore.dll - ok
07:06:53.0656 2956 [ 565335FD16E90B74A63F468E41DED7CE ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll
07:06:53.0656 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll - ok
07:06:53.0661 2956 [ 0C15D6765A6F5CBA0E5C8B68EF8144A8 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL
07:06:53.0661 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL - ok
07:06:53.0669 2956 [ 00FC60BAB4F9C9DE5EF05454AF4A72B2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL
07:06:53.0669 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL - ok
07:06:53.0673 2956 [ BD8B890E46E851A6CE7DED2F67BC9F50 ] C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\AXSCPHST.RLL
07:06:53.0673 2956 C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\AXSCPHST.RLL - ok
07:06:53.0677 2956 [ ADBF9B4F4B4E4C6733FF70AC818D81DA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL
07:06:53.0677 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL - ok
07:06:53.0684 2956 [ 95F023A4D3A1657EFC5E61F623DC335A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL
07:06:53.0684 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL - ok
07:06:53.0688 2956 [ 1F48397185A34C9BC502D4ED46318644 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL
07:06:53.0688 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL - ok
07:06:53.0691 2956 [ 026017F0EF12B1F1A51D16179EA0FCBB ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL
07:06:53.0691 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL - ok
07:06:53.0699 2956 [ D2452C83C9376197F557B82BA4A603F7 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL
07:06:53.0699 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL - ok
07:06:53.0705 2956 [ 3B0795EFB18898BC50463EE328070F61 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL
07:06:53.0705 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL - ok
07:06:53.0710 2956 [ C173DDA91F5EB542B0F01E3B4BD95E79 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL
07:06:53.0710 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL - ok
07:06:53.0716 2956 [ 0129DC94FE97CEFD5C1CF606D4802869 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL
07:06:53.0716 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL - ok
07:06:53.0721 2956 [ 748028DE9A8CC90FB77B186BC5D50533 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL
07:06:53.0721 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL - ok
07:06:53.0724 2956 [ 3C00FC1B12C5657AEF020BCA072E757A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL
07:06:53.0724 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL - ok
07:06:53.0734 2956 [ 797ADFBCC8E00F44F2D0296B0B5BFEC3 ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
07:06:53.0734 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll - ok
07:06:53.0740 2956 [ 4D71E53C8503B027D1C88DEF4A330613 ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
07:06:53.0740 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll - ok
07:06:53.0747 2956 [ 38187F5567A13B1144764C6E8FD9202C ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
07:06:53.0747 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll - ok
07:06:53.0753 2956 [ A4B23DFC2558CD0B87363FBE271E17BF ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
07:06:53.0753 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll - ok
07:06:53.0757 2956 [ A9110957226342A676CD4D13E459356E ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
07:06:53.0757 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll - ok
07:06:53.0761 2956 [ E9043DAD38CD912BF3312F5D1689A995 ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.dll
07:06:53.0761 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.dll - ok
07:06:53.0768 2956 [ 8DF0446D2FB75EA9656F05F5D67C4D13 ] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
07:06:53.0768 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll - ok
07:06:53.0772 2956 [ 071257B0A7B17683810A12FE6C1C6BA6 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\vcruntime140_app.dll
07:06:53.0772 2956 C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\vcruntime140_app.dll - ok
07:06:53.0776 2956 [ ABA4C82D1906784713C5FBFA16BFB04B ] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
07:06:53.0776 2956 C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll - ok
07:06:53.0782 2956 [ C30ACEB6BEBD614C1C7FD75F8610FF97 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\concrt140_app.dll
07:06:53.0782 2956 C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\concrt140_app.dll - ok
07:06:53.0787 2956 [ 31D0910E0326B2B6510044C38E808130 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\msvcp140_app.dll
07:06:53.0787 2956 C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\msvcp140_app.dll - ok
07:06:53.0791 2956 [ 2490DE404CFC0C501490A85341AD89F5 ] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
07:06:53.0791 2956 C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll - ok
07:06:53.0795 2956 [ 94FC2F221D3FDE319714BF6171E8EB0C ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27011.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
07:06:53.0796 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27011.0_x64__8wekyb3d8bbwe\SharedLibrary.dll - ok
07:06:53.0803 2956 [ 43B2D4FBF59806A3908305DD81B68F51 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.2.2_2.2.27011.0_x64__8wekyb3d8bbwe\mrt100_app.dll
07:06:53.0803 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.2.2_2.2.27011.0_x64__8wekyb3d8bbwe\mrt100_app.dll - ok
07:06:53.0805 2956 [ 3C80A2D38519895B63E218BB54801A3E ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\yoga.dll
07:06:53.0805 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\yoga.dll - ok
07:06:53.0810 2956 [ 0E04F05DCC0CC91D8AF043AD0D267F0F ] C:\Windows\System32\mobsync.exe
07:06:53.0811 2956 C:\Windows\System32\mobsync.exe - ok
07:06:53.0817 2956 [ FE06A07D20B5044EFE2CF04860BF56E9 ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
07:06:53.0817 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll - ok
07:06:53.0821 2956 [ 20DEBC1B769B83744CE09410B65ACE9F ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\clrcompression.dll
07:06:53.0822 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\clrcompression.dll - ok
07:06:53.0825 2956 [ 161F3FA7C0885E5103B239751C704AEC ] C:\Windows\System32\SyncInfrastructure.dll
07:06:53.0825 2956 C:\Windows\System32\SyncInfrastructure.dll - ok
07:06:53.0830 2956 [ 5E636CF2E37A3B2B019DA2FE5FDEF283 ] C:\Program Files\Microsoft SQL Server\100\COM\instapi10.dll
07:06:53.0830 2956 C:\Program Files\Microsoft SQL Server\100\COM\instapi10.dll - ok
07:06:53.0836 2956 [ 505545725C5E50F976347AF224CEC624 ] C:\Program Files\Microsoft SQL Server\100\COM\replsync.dll
07:06:53.0836 2956 C:\Program Files\Microsoft SQL Server\100\COM\replsync.dll - ok
07:06:53.0840 2956 [ AD860F69B6D0C7F9AAE8132A509F79A4 ] C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\REPLRES.rll
07:06:53.0840 2956 C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\REPLRES.rll - ok
07:06:53.0844 2956 [ 882231FB6CBA90C631892A5AA33A88C3 ] C:\Windows\System32\Windows.Services.TargetedContent.dll
07:06:53.0844 2956 C:\Windows\System32\Windows.Services.TargetedContent.dll - ok
07:06:53.0850 2956 [ 149BC0C10FCC4E14B29AB6685984BF72 ] C:\Windows\System32\SearchIndexer.exe
07:06:53.0850 2956 C:\Windows\System32\SearchIndexer.exe - ok
07:06:53.0856 2956 [ 94ACF4A65D03A19B912A660D35EF4EDE ] C:\Windows\System32\msidle.dll
07:06:53.0856 2956 C:\Windows\System32\msidle.dll - ok
07:06:53.0861 2956 [ 69992C1C3C34F154C6871665B9AE7C26 ] C:\Windows\System32\mssprxy.dll
07:06:53.0861 2956 C:\Windows\System32\mssprxy.dll - ok
07:06:53.0867 2956 [ E1F51A60689002C614CD4BEA49534D4D ] C:\Windows\System32\mrt100.dll
07:06:53.0867 2956 C:\Windows\System32\mrt100.dll - ok
07:06:53.0872 2956 [ EEE5DF1C42A3127E5BC813210FB99BE7 ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
07:06:53.0872 2956 C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
07:06:53.0875 2956 [ 89D71B1EB7D0FBE4578655C4D230B8DD ] C:\Windows\System32\SearchProtocolHost.exe
07:06:53.0875 2956 C:\Windows\System32\SearchProtocolHost.exe - ok
07:06:53.0880 2956 [ 524B11A926E09DCF350B30AB3E73276B ] C:\Windows\System32\BitsProxy.dll
07:06:53.0880 2956 C:\Windows\System32\BitsProxy.dll - ok
07:06:53.0887 2956 [ DACAFE4D5983F600C924193B9C14AC99 ] C:\Windows\SysWOW64\BitsProxy.dll
07:06:53.0887 2956 C:\Windows\SysWOW64\BitsProxy.dll - ok
07:06:53.0891 2956 [ BE003A80F52A656CD0F58409101F8F3D ] C:\Windows\System32\SearchFilterHost.exe
07:06:53.0891 2956 C:\Windows\System32\SearchFilterHost.exe - ok
07:06:53.0895 2956 [ F946D3441E405192F28CAD560DC0ABC2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ODSOLE70.dll
07:06:53.0895 2956 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ODSOLE70.dll - ok
07:06:53.0902 2956 [ C35E8C37E5D3BB64D5136B25B99E9D31 ] C:\Windows\SysWOW64\DWrite.dll
07:06:53.0902 2956 C:\Windows\SysWOW64\DWrite.dll - ok
07:06:53.0905 2956 [ A9C1CA26503DA686EB54ECFBEB42D01E ] C:\Windows\System32\wbem\wbemdisp.dll
07:06:53.0905 2956 C:\Windows\System32\wbem\wbemdisp.dll - ok
07:06:53.0909 2956 [ 7337800A8C9DB6F6C48AA64A0E1A4F1F ] C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll
07:06:53.0909 2956 C:\Program Files\WindowsApps\Microsoft.OneConnect_5.1809.2571.0_x64__8wekyb3d8bbwe\OneConnect.dll - ok
07:06:53.0914 2956 [ C79A891C9105A5FEB590885EA3078072 ] C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
07:06:53.0914 2956 C:\Windows\System32\Windows.ApplicationModel.Background.SystemEventsBroker.dll - ok
07:06:53.0920 2956 [ 1A89AB98EB679DDB21768F230221BC3C ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe
07:06:53.0920 2956 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxTsr.exe - ok
07:06:53.0924 2956 [ 6FCD38084BB8221DCBF3D6DC69BF9401 ] C:\Windows\System32\mssph.dll
07:06:53.0924 2956 C:\Windows\System32\mssph.dll - ok
07:06:53.0928 2956 [ 3E7356CAC4103DC9FF3EF3617D5AA882 ] C:\Windows\System32\elslad.dll
07:06:53.0928 2956 C:\Windows\System32\elslad.dll - ok
07:06:53.0934 2956 [ A7D23BF6B68BB41CFE0DAF6092613061 ] C:\Windows\SysWOW64\cryptnet.dll
07:06:53.0934 2956 C:\Windows\SysWOW64\cryptnet.dll - ok
07:06:53.0938 2956 [ 7DA9FABE359EBD3F84459795CCBC56A2 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
07:06:53.0938 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\SharedLibrary.dll - ok
07:06:53.0942 2956 [ 133C6BCC72A1D991614CE75FEE2152E2 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\mrt100_app.dll
07:06:53.0942 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.6_1.6.24903.0_x64__8wekyb3d8bbwe\mrt100_app.dll - ok
07:06:53.0948 2956 [ A7C35D62DF81734D958F085F5DF9A538 ] C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18179.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
07:06:53.0948 2956 C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18179.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll - ok
07:06:53.0954 2956 [ DDBF85233525AD0B0AC4490C84A58880 ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
07:06:53.0954 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\SharedLibrary.dll - ok
07:06:53.0957 2956 [ F5E44A252955BF8058202F567172B2CD ] C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\mrt100_app.dll
07:06:53.0957 2956 C:\Program Files\WindowsApps\Microsoft.NET.Native.Runtime.1.7_1.7.25531.0_x64__8wekyb3d8bbwe\mrt100_app.dll - ok
07:06:53.0962 2956 [ 8BBBBC05608A9B47D1538EEE93C61EA7 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
07:06:53.0962 2956 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll - ok
07:06:53.0969 2956 [ B510E8F79E861D77B7DC6B0A46B7D3B7 ] C:\Windows\System32\ieframe.dll
07:06:53.0969 2956 C:\Windows\System32\ieframe.dll - ok
07:06:53.0973 2956 [ C8BAB372754BCC633E0987A9BDF1AB1B ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlookBackground.dll
07:06:53.0973 2956 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxOutlookBackground.dll - ok
07:06:53.0977 2956 [ 734D1370C9B48C67AB9C47B212FD0511 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\vccorlib140_app.dll
07:06:53.0977 2956 C:\Program Files\WindowsApps\Microsoft.VCLibs.140.00_14.0.26706.0_x64__8wekyb3d8bbwe\vccorlib140_app.dll - ok
07:06:53.0985 2956 [ B96FAD2F7C70397FFE01D2F608CE2CB8 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxComm.dll
07:06:53.0985 2956 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe\HxComm.dll - ok
07:06:53.0990 2956 [ E6FDB27538082195FB991D85802B648F ] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
07:06:53.0990 2956 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll - ok
07:06:53.0995 2956 [ 6D412524B717D75B012BD5967A7E4B23 ] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
07:06:53.0995 2956 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll - ok
07:06:54.0001 2956 [ B9725E0A567A2D928DC0BE3F69B63BA4 ] C:\Windows\System32\Windows.Management.Workplace.dll
07:06:54.0001 2956 C:\Windows\System32\Windows.Management.Workplace.dll - ok
07:06:54.0005 2956 [ 34C6D914EAE6FDE45F375FB5993565AC ] C:\Windows\System32\WinRtTracing.dll
07:06:54.0005 2956 C:\Windows\System32\WinRtTracing.dll - ok
07:06:54.0009 2956 [ 9D933BC35A26703DC33F0E57DA9278C1 ] C:\Windows\System32\Windows.Payments.dll
07:06:54.0009 2956 C:\Windows\System32\Windows.Payments.dll - ok
07:06:54.0016 2956 [ A8B45D3457D42A29602CBCED7DA0FA76 ] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
07:06:54.0016 2956 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.13402.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll - ok
07:06:54.0022 2956 [ C2A4DF24C2E2D34E60DD3392C42AA12C ] C:\Windows\System32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
07:06:54.0022 2956 C:\Windows\System32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll - ok
07:06:54.0025 2956 [ 5E0006CCFBAEA3014DA2701F5F868549 ] C:\Windows\System32\PaymentMediatorServiceProxy.dll
07:06:54.0025 2956 C:\Windows\System32\PaymentMediatorServiceProxy.dll - ok
07:06:54.0030 2956 [ F0B26AD3C8F394E89E305302DC460A41 ] C:\Windows\System32\drprov.dll
07:06:54.0030 2956 C:\Windows\System32\drprov.dll - ok
07:06:54.0037 2956 [ 42B5CFCB2AEAF1DB7C8B6E1C8D099FBF ] C:\Windows\System32\networkexplorer.dll
07:06:54.0037 2956 C:\Windows\System32\networkexplorer.dll - ok
07:06:54.0040 2956 [ 27181A13DF0FCEAFF7DD7251BA1417A5 ] C:\Windows\System32\ntlanman.dll
07:06:54.0041 2956 C:\Windows\System32\ntlanman.dll - ok
07:06:54.0044 2956 [ E0C161209A692BA43B94FE91CC1B4733 ] C:\Windows\System32\davclnt.dll
07:06:54.0044 2956 C:\Windows\System32\davclnt.dll - ok
07:06:54.0050 2956 [ D10976FD4F48CAE08C3ECDBC2EBF347C ] C:\Windows\System32\davhlpr.dll
07:06:54.0050 2956 C:\Windows\System32\davhlpr.dll - ok
07:06:54.0055 2956 [ B9CD69D2D14FF3332EAA56589AB7F9FC ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
07:06:54.0055 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll - ok
07:06:54.0058 2956 [ DE8D37D0F279BD2B3E656C682DD95DAC ] C:\Windows\System32\FamilySafetyExt.dll
07:06:54.0058 2956 C:\Windows\System32\FamilySafetyExt.dll - ok
07:06:54.0062 2956 [ 978DA7C5E4E1E06D2B74DFBA0BF8D281 ] C:\Windows\System32\Wpc.dll
07:06:54.0062 2956 C:\Windows\System32\Wpc.dll - ok
07:06:54.0068 2956 [ 47100CF8A5D8B37C8CC22549C16AF038 ] C:\Windows\System32\Windows.Cortana.Desktop.dll
07:06:54.0068 2956 C:\Windows\System32\Windows.Cortana.Desktop.dll - ok
07:06:54.0072 2956 [ 7B978CAB5186C9D32C8A5FC67D3CE95F ] C:\Windows\System32\SystemSettings.DataModel.dll
07:06:54.0073 2956 C:\Windows\System32\SystemSettings.DataModel.dll - ok
07:06:54.0076 2956 [ 0FDE01FF5D07AA3B47E6DAC1A09D1845 ] C:\Windows\System32\dlnashext.dll
07:06:54.0076 2956 C:\Windows\System32\dlnashext.dll - ok
07:06:54.0081 2956 [ F29D93E5790F1C970EE4E130C87A68A1 ] C:\Windows\System32\wpdshext.dll
07:06:54.0081 2956 C:\Windows\System32\wpdshext.dll - ok
07:06:54.0087 2956 [ CD6A9CCB4201CB5835745506091006EA ] C:\Windows\System32\PlayToDevice.dll
07:06:54.0087 2956 C:\Windows\System32\PlayToDevice.dll - ok
07:06:54.0091 2956 [ 7427A12685835658963428617FE8744B ] C:\Windows\System32\Windows.System.Profile.RetailInfo.dll
07:06:54.0091 2956 C:\Windows\System32\Windows.System.Profile.RetailInfo.dll - ok
07:06:54.0094 2956 [ ABBEAB1B4B38B1CBD3FD4EDD9AE5ECB8 ] C:\Windows\System32\Windows.Energy.dll
07:06:54.0094 2956 C:\Windows\System32\Windows.Energy.dll - ok
07:06:54.0100 2956 [ 2E701B267E002C565FE3B6DC4D751F8C ] C:\Windows\System32\Windows.Networking.HostName.dll
07:06:54.0100 2956 C:\Windows\System32\Windows.Networking.HostName.dll - ok
07:06:54.0105 2956 [ 966FF205AE7C211C5D177B368AB63C76 ] C:\Windows\System32\Windows.System.Diagnostics.dll
07:06:54.0105 2956 C:\Windows\System32\Windows.System.Diagnostics.dll - ok
07:06:54.0109 2956 [ EF8D3E4F7AD270C6F0890A16FB3DBD75 ] C:\Windows\System32\Windows.ApplicationModel.Store.dll
07:06:54.0109 2956 C:\Windows\System32\Windows.ApplicationModel.Store.dll - ok
07:06:54.0116 2956 [ 80B349DC24D2AFE6F0BFFBA870C5F55E ] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
07:06:54.0117 2956 C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\ChakraBridge.dll - ok
07:06:54.0122 2956 [ 26D83C8857FAC894FDB287D53D10CD32 ] C:\Windows\System32\Windows.System.Profile.SystemId.dll
07:06:54.0122 2956 C:\Windows\System32\Windows.System.Profile.SystemId.dll - ok
07:06:54.0125 2956 [ B7FC21BCC245F820E29AB23152C03EB8 ] C:\Windows\System32\CryptoWinRT.dll
07:06:54.0125 2956 C:\Windows\System32\CryptoWinRT.dll - ok
07:06:54.0130 2956 [ 862BB042B77F9D37CFC378CABA0BA134 ] C:\Windows\System32\MbaeApiPublic.dll
07:06:54.0130 2956 C:\Windows\System32\MbaeApiPublic.dll - ok
07:06:54.0137 2956 [ 2CC216DBAC04B8DAA8EDCA2DC89373B4 ] C:\Windows\System32\Windows.System.UserProfile.DiagnosticsSettings.dll
07:06:54.0137 2956 C:\Windows\System32\Windows.System.UserProfile.DiagnosticsSettings.dll - ok
07:06:54.0141 2956 [ 148517C781A9040EC2190C4DC51F861E ] C:\Windows\System32\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll
07:06:54.0141 2956 C:\Windows\System32\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll - ok
07:06:54.0145 2956 [ 3C433EEA3DAE06494288CD68BF8B7470 ] C:\Windows\System32\efswrt.dll
07:06:54.0145 2956 C:\Windows\System32\efswrt.dll - ok
07:06:54.0151 2956 [ 9F6D1066F3B04873C449F98FFCA8561C ] C:\Windows\System32\AppointmentApis.dll
07:06:54.0151 2956 C:\Windows\System32\AppointmentApis.dll - ok
07:06:54.0156 2956 [ F4273AA4D4212B8FB826A750466A4215 ] C:\Windows\System32\UserDataAccountApis.dll
07:06:54.0156 2956 C:\Windows\System32\UserDataAccountApis.dll - ok
07:06:54.0159 2956 [ 15740A5F882C883DB9136DBF217BFB7B ] C:\Windows\System32\UserDataPlatformHelperUtil.dll
07:06:54.0159 2956 C:\Windows\System32\UserDataPlatformHelperUtil.dll - ok
07:06:54.0164 2956 [ FC1583FC7507E742603B423682BD74A1 ] C:\Windows\System32\ContactActivation.dll
07:06:54.0164 2956 C:\Windows\System32\ContactActivation.dll - ok
07:06:54.0170 2956 [ 8502DC3856A4C11F30B6B2088918140B ] C:\Windows\System32\ContactApis.dll
07:06:54.0170 2956 C:\Windows\System32\ContactApis.dll - ok
07:06:54.0174 2956 [ DA76AC8A64B1653E272D78E959EF9E2A ] C:\Windows\System32\Phoneutil.dll
07:06:54.0174 2956 C:\Windows\System32\Phoneutil.dll - ok
07:06:54.0179 2956 [ 91B6EFA27608E6E014BAE880CF92C2EA ] C:\Windows\System32\UserDataLanguageUtil.dll
07:06:54.0179 2956 C:\Windows\System32\UserDataLanguageUtil.dll - ok
07:06:54.0186 2956 [ 40FBAC968114023194758698C9195601 ] C:\Windows\System32\UserDataTypeHelperUtil.dll
07:06:54.0186 2956 C:\Windows\System32\UserDataTypeHelperUtil.dll - ok
07:06:54.0190 2956 [ 10FDE4EDD40B7A033F4015E4E3EFD63E ] C:\Windows\System32\EmailApis.dll
07:06:54.0190 2956 C:\Windows\System32\EmailApis.dll - ok
07:06:54.0193 2956 [ DFABFDC1B04DD4920ECD67F270A8630F ] C:\Windows\System32\TaskApis.dll
07:06:54.0193 2956 C:\Windows\System32\TaskApis.dll - ok
07:06:54.0198 2956 [ 8B4DC02D01400255E6CFB53C51689557 ] C:\Windows\System32\Unistore.dll
07:06:54.0198 2956 C:\Windows\System32\Unistore.dll - ok
07:06:54.0204 2956 [ C05A20A037C6675E854FFE8282BE9B20 ] C:\Windows\System32\UserDataService.dll
07:06:54.0204 2956 C:\Windows\System32\UserDataService.dll - ok
07:06:54.0208 2956 [ 974886C2F2F470975B830B7660B02F9E ] C:\Windows\System32\MessagingDataModel2.dll
07:06:54.0208 2956 C:\Windows\System32\MessagingDataModel2.dll - ok
07:06:54.0211 2956 [ 70ADC804609BB1C3E98C1B1B45A30ED3 ] C:\Windows\System32\Pimstore.dll
07:06:54.0211 2956 C:\Windows\System32\Pimstore.dll - ok
07:06:54.0218 2956 [ D3C16C36B6D848BBB1D13CABA81A499A ] C:\Windows\System32\cemapi.dll
07:06:54.0218 2956 C:\Windows\System32\cemapi.dll - ok
07:06:54.0222 2956 [ 337207D805D480A5B24D1F9349571F28 ] C:\Windows\System32\PimIndexMaintenanceClient.dll
07:06:54.0222 2956 C:\Windows\System32\PimIndexMaintenanceClient.dll - ok
07:06:54.0226 2956 [ 68594C1DBB617C2F9669016DE4B5BA78 ] C:\Windows\System32\PimIndexMaintenance.dll
07:06:54.0226 2956 C:\Windows\System32\PimIndexMaintenance.dll - ok
07:06:54.0229 2956 [ 56737327530D7474E56410A4682D823D ] C:\Windows\System32\POSyncServices.dll
07:06:54.0229 2956 C:\Windows\System32\POSyncServices.dll - ok
07:06:54.0237 2956 [ 3E489B33D50EEE4D2E72D6E6CC348616 ] C:\Windows\System32\WinSync.dll
07:06:54.0237 2956 C:\Windows\System32\WinSync.dll - ok
07:06:54.0240 2956 [ 5ECE1AE48E9F487916C69D873725B267 ] C:\Windows\SysWOW64\perfdisk.dll
07:06:54.0240 2956 C:\Windows\SysWOW64\perfdisk.dll - ok
07:06:54.0244 2956 [ F7B0049BB023944673AC67EA31A3B8AA ] C:\Windows\SysWOW64\wmiclnt.dll
07:06:54.0245 2956 C:\Windows\SysWOW64\wmiclnt.dll - ok
07:06:54.0250 2956 [ 7124FA3DE06A32EE36D51252A2EDDA08 ] C:\Program Files (x86)\Hard Disk Sentinel\detect.dll
07:06:54.0250 2956 C:\Program Files (x86)\Hard Disk Sentinel\detect.dll - ok
07:06:54.0256 2956 [ 9F21BE8790FEBA2BE6F063B29CE18BAB ] C:\Windows\SysWOW64\activeds.dll
07:06:54.0256 2956 C:\Windows\SysWOW64\activeds.dll - ok
07:06:54.0260 2956 [ 235A342E71BA0DCE0CE7E2E55F005DC6 ] C:\Windows\SysWOW64\adsldpc.dll
07:06:54.0260 2956 C:\Windows\SysWOW64\adsldpc.dll - ok
07:06:54.0264 2956 [ AE506EC1AB429BEE3EA52E50217FC914 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
07:06:54.0264 2956 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
07:06:54.0271 2956 [ FA3326795724724F530F68D181FECFC1 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
07:06:54.0271 2956 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
07:06:54.0274 2956 [ 98D420A2771FD7C5EE3B03B33C4BC9E9 ] C:\Windows\SysWOW64\fsutil.exe
07:06:54.0274 2956 C:\Windows\SysWOW64\fsutil.exe - ok
07:06:54.0278 2956 [ C65DD5406C8ECCB059FD03636799CFFB ] C:\Windows\SysWOW64\netshell.dll
07:06:54.0278 2956 C:\Windows\SysWOW64\netshell.dll - ok
07:06:54.0283 2956 [ 70292FA0A21FE00503386478117CA067 ] C:\Windows\System32\netman.dll
07:06:54.0283 2956 C:\Windows\System32\netman.dll - ok
07:06:54.0289 2956 [ D053D7022C4126D937BCF5906582C363 ] C:\Windows\System32\netshell.dll
07:06:54.0289 2956 C:\Windows\System32\netshell.dll - ok
07:06:54.0292 2956 [ 155FF40C279B9C1D8DFC4C9A2A87841C ] C:\Windows\System32\NetSetupShim.dll
07:06:54.0292 2956 C:\Windows\System32\NetSetupShim.dll - ok
07:06:54.0297 2956 [ A8F1C360A20D044BFF28E54C981330FF ] C:\Windows\System32\NetSetupEngine.dll
07:06:54.0297 2956 C:\Windows\System32\NetSetupEngine.dll - ok
07:06:54.0304 2956 [ C6D64FDB19A235BF9D0F0CA526BA9129 ] C:\Windows\System32\NetSetupSvc.dll
07:06:54.0304 2956 C:\Windows\System32\NetSetupSvc.dll - ok
07:06:54.0307 2956 [ D58A41151E5A0900453FD67B3C8D83ED ] C:\Windows\System32\ImplatSetup.dll
07:06:54.0307 2956 C:\Windows\System32\ImplatSetup.dll - ok
07:06:54.0311 2956 [ 9FBA7270A7EB62356DB47BD62C6EC01E ] C:\Windows\System32\dot3api.dll
07:06:54.0311 2956 C:\Windows\System32\dot3api.dll - ok
07:06:54.0316 2956 [ 79E4FBFE24A81B3A2AEB3B3D3DEB3D75 ] C:\Windows\SysWOW64\cscript.exe
07:06:54.0316 2956 C:\Windows\SysWOW64\cscript.exe - ok
07:06:54.0322 2956 [ 9D787D87E63C6B6926C9C53F71BB0231 ] C:\Program Files\AVAST Software\Avast\snxhk.dll
07:06:54.0323 2956 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
07:06:54.0326 2956 [ BA42F76500D20ECD43F7E4AC5127C131 ] C:\Windows\SysWOW64\vbscript.dll
07:06:54.0326 2956 C:\Windows\SysWOW64\vbscript.dll - ok
07:06:54.0330 2956 [ 54EFEC7B61088516B688BA445AB4332B ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
07:06:54.0330 2956 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
07:06:54.0336 2956 [ 35AB779E55BAFDFBC2BEC48D244FF166 ] C:\Windows\SysWOW64\amsi.dll
07:06:54.0336 2956 C:\Windows\SysWOW64\amsi.dll - ok
07:06:54.0340 2956 [ 69758E839ADD5BE6A8E07DA57C4AA7D5 ] C:\Program Files\AVAST Software\Avast\aswAMSI.dll
07:06:54.0340 2956 C:\Program Files\AVAST Software\Avast\aswAMSI.dll - ok
07:06:54.0343 2956 [ B8E855CD879678AF66BD66A40F3738AC ] C:\Windows\SysWOW64\wldp.dll
07:06:54.0343 2956 C:\Windows\SysWOW64\wldp.dll - ok
07:06:54.0347 2956 [ 6B726A1CAA981CCD30B014AA4B938330 ] C:\Windows\SysWOW64\msisip.dll
07:06:54.0347 2956 C:\Windows\SysWOW64\msisip.dll - ok
07:06:54.0354 2956 [ 7FB6FC372D58B070523D44E232460E0C ] C:\Windows\SysWOW64\coml2.dll
07:06:54.0354 2956 C:\Windows\SysWOW64\coml2.dll - ok
07:06:54.0358 2956 [ B228B4896CB3F7C1F1E448BA74BB05BA ] C:\Windows\SysWOW64\wshext.dll
07:06:54.0358 2956 C:\Windows\SysWOW64\wshext.dll - ok
07:06:54.0364 2956 [ 7444E606A6B478E5BA37772683E907FB ] C:\Windows\SysWOW64\scrobj.dll
07:06:54.0364 2956 C:\Windows\SysWOW64\scrobj.dll - ok
07:06:54.0371 2956 [ 23146E6D040B1AB5A9D93255D2789AD0 ] C:\Windows\SysWOW64\taskschd.dll
07:06:54.0371 2956 C:\Windows\SysWOW64\taskschd.dll - ok
07:06:54.0375 2956 [ 21E4C3B1FF454D9DC37464B7E2B96300 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\13047d33fafdf2123d7e22cd9afd3adc\System.Web.ni.dll
07:06:54.0375 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\13047d33fafdf2123d7e22cd9afd3adc\System.Web.ni.dll - ok
07:06:54.0380 2956 [ F7729589D920DF64AA724D5671FE247B ] C:\Windows\System32\smartscreenps.dll
07:06:54.0380 2956 C:\Windows\System32\smartscreenps.dll - ok
07:06:54.0385 2956 [ 33C24A31DF112266EE3580FAA5C6D088 ] C:\Windows\System32\smartscreen.exe
07:06:54.0385 2956 C:\Windows\System32\smartscreen.exe - ok
07:06:54.0390 2956 [ 3615B3BBF01D9169651667FD8C130160 ] C:\Windows\SysWOW64\riched32.dll
07:06:54.0391 2956 C:\Windows\SysWOW64\riched32.dll - ok
07:06:54.0394 2956 [ 09F3F2298DDA6EBB57B12C530D35C52C ] C:\Windows\System32\SecurityHealthSystray.exe
07:06:54.0394 2956 C:\Windows\System32\SecurityHealthSystray.exe - ok
07:06:54.0399 2956 [ CE8BCED8D28500DB4C0FE80962DD22F2 ] C:\Windows\System32\SecurityHealthSSO.dll
07:06:54.0399 2956 C:\Windows\System32\SecurityHealthSSO.dll - ok
07:06:54.0405 2956 [ E47757FF5E52C2A87B21DFCF0C486A21 ] C:\Windows\System32\SecurityCenterBrokerPS.dll
07:06:54.0405 2956 C:\Windows\System32\SecurityCenterBrokerPS.dll - ok
07:06:54.0410 2956 [ 7963A81757459412B08C6DD6A72D5FC1 ] C:\Windows\System32\ngcsvc.dll
07:06:54.0410 2956 C:\Windows\System32\ngcsvc.dll - ok
07:06:54.0414 2956 [ 56C91F8EA5C83A5AFE83AACF2586B875 ] C:\Windows\System32\NgcCtnrSvc.dll
07:06:54.0414 2956 C:\Windows\System32\NgcCtnrSvc.dll - ok
07:06:54.0421 2956 [ 521E40B53313923B62EFF747308F4B1C ] C:\Windows\System32\NgcCtnrGidsHandler.dll
07:06:54.0421 2956 C:\Windows\System32\NgcCtnrGidsHandler.dll - ok
07:06:54.0425 2956 [ 27581F6F1F9CB926C4D3029F66851EA9 ] C:\Windows\System32\NgcCtnr.dll
07:06:54.0425 2956 C:\Windows\System32\NgcCtnr.dll - ok
07:06:54.0428 2956 [ 4AA15770B5B0A69CEBD4222DA6D6421A ] C:\Program Files\AVAST Software\Avast\AvLaunch.exe
07:06:54.0429 2956 C:\Program Files\AVAST Software\Avast\AvLaunch.exe - ok
07:06:54.0436 2956 [ 3C0672B917B120EDB23BD5F00A8FB159 ] C:\Windows\SysWOW64\AcLayers.dll
07:06:54.0436 2956 C:\Windows\SysWOW64\AcLayers.dll - ok
07:06:54.0441 2956 [ DE99E8E366CE9589A5E5BDD053B9B0CE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
07:06:54.0441 2956 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
07:06:54.0444 2956 [ 244C1D9C61B713D6AAB9C936FCA842A0 ] C:\Windows\SysWOW64\cryptui.dll
07:06:54.0444 2956 C:\Windows\SysWOW64\cryptui.dll - ok
07:06:54.0449 2956 [ 0552AE836D3C8168D881A179CA1BCE5D ] C:\Program Files\AVAST Software\Avast\AvChrome.dll
07:06:54.0449 2956 C:\Program Files\AVAST Software\Avast\AvChrome.dll - ok
07:06:54.0456 2956 [ EC4A7E3C56B2D6AE2AF9D2BF7A35807E ] C:\Program Files\AVAST Software\Avast\CommonUI.dll
07:06:54.0456 2956 C:\Program Files\AVAST Software\Avast\CommonUI.dll - ok
07:06:54.0459 2956 [ 53C832A34A78255074743693640E32C4 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
07:06:54.0459 2956 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
07:06:54.0463 2956 [ B54D206D5972926161922A27E10F42C2 ] C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.25325.0_none_a4fbd60a2b6998ff\mfc140u.dll
07:06:54.0463 2956 C:\Windows\WinSxS\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.25325.0_none_a4fbd60a2b6998ff\mfc140u.dll - ok
07:06:54.0469 2956 [ D2EA25068A1D111DEACF938FBF4E4281 ] C:\Windows\SysWOW64\TextInputFramework.dll
07:06:54.0469 2956 C:\Windows\SysWOW64\TextInputFramework.dll - ok
07:06:54.0473 2956 [ EE236301A8285BE652C19F4CFF09AC17 ] C:\Windows\SysWOW64\CoreUIComponents.dll
07:06:54.0473 2956 C:\Windows\SysWOW64\CoreUIComponents.dll - ok
07:06:54.0478 2956 [ C1046C79EB891D2ADD9F69682CE76B9F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
07:06:54.0478 2956 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
07:06:54.0481 2956 [ 9FAD8034D504201B557BD82E824F9EFC ] C:\Windows\System32\dsound.dll
07:06:54.0481 2956 C:\Windows\System32\dsound.dll - ok
07:06:54.0489 2956 [ D17F6C945AF73BEAC7A6FFAD6E30859F ] C:\Windows\System32\msimg32.dll
07:06:54.0489 2956 C:\Windows\System32\msimg32.dll - ok
07:06:54.0492 2956 [ E104BA77D289204B5165BBB27473F037 ] C:\Windows\System32\perfos.dll
07:06:54.0492 2956 C:\Windows\System32\perfos.dll - ok
07:06:54.0497 2956 [ 9BA0427F5D0452199785DEEF07FAFEA6 ] C:\Windows\System32\cdprt.dll
07:06:54.0497 2956 C:\Windows\System32\cdprt.dll - ok
07:06:54.0503 2956 [ 8A2345E3A72CAB088214BE5784B3EB3D ] C:\Windows\System32\mode.com
07:06:54.0503 2956 C:\Windows\System32\mode.com - ok
07:06:54.0507 2956 [ 585EB83187FBB150D2BD021D170C84F2 ] C:\Windows\System32\ulib.dll
07:06:54.0507 2956 C:\Windows\System32\ulib.dll - ok
07:06:54.0511 2956 [ FA55BC0596C77464618FFEF51B334E9B ] C:\Windows\System32\ureg.dll
07:06:54.0511 2956 C:\Windows\System32\ureg.dll - ok
07:06:54.0516 2956 [ BC4B69D739AA7223E4C4323385BCDF38 ] C:\Windows\System32\fsutilext.dll
07:06:54.0516 2956 C:\Windows\System32\fsutilext.dll - ok
07:06:54.0522 2956 [ 7B353F98E18FD9BEA92D4CA9AEEBA9CC ] C:\Windows\System32\cacls.exe
07:06:54.0522 2956 C:\Windows\System32\cacls.exe - ok
07:06:54.0525 2956 [ F1E1663DE2705A9AB1A7F8C1D236093B ] C:\Windows\System32\ApiSetHost.AppExecutionAlias.dll
07:06:54.0525 2956 C:\Windows\System32\ApiSetHost.AppExecutionAlias.dll - ok
07:06:54.0528 2956 [ ABA3AAD5620E89D22D51028EEDAD3FD6 ] C:\Windows\System32\taskkill.exe
07:06:54.0528 2956 C:\Windows\System32\taskkill.exe - ok
07:06:54.0534 2956 [ DA0E9A7777D16AE18BD9C642A9F42223 ] C:\Windows\System32\regsvr32.exe
07:06:54.0534 2956 C:\Windows\System32\regsvr32.exe - ok
07:06:54.0540 2956 [ C0815F4D4B902C62B2F14991E771E1BE ] C:\Windows\System32\AcLayers.dll
07:06:54.0540 2956 C:\Windows\System32\AcLayers.dll - ok
07:06:54.0544 2956 [ 205DC5EBCB1EDC3763B047BDC454E1B1 ] C:\Windows\System32\jscript.dll
07:06:54.0544 2956 C:\Windows\System32\jscript.dll - ok
07:06:54.0548 2956 [ B858CD7F09609D43F86FCE8BE7B87695 ] C:\Windows\System32\vbscript.dll
07:06:54.0548 2956 C:\Windows\System32\vbscript.dll - ok
07:06:54.0555 2956 [ 5B9C1B27454E81E7D8601CCB00A0901C ] C:\Windows\System32\scrrun.dll
07:06:54.0555 2956 C:\Windows\System32\scrrun.dll - ok
07:06:54.0559 2956 [ 2F03064E99786D764F9AE535C5A5C1CF ] C:\Windows\System32\wshom.ocx
07:06:54.0559 2956 C:\Windows\System32\wshom.ocx - ok
07:06:54.0561 2956 [ 3A536CC896D9C6CA2C2EE4C21CCA1DFA ] C:\Windows\System32\attrib.exe
07:06:54.0561 2956 C:\Windows\System32\attrib.exe - ok
07:06:54.0566 2956 [ 3F4DB17E9534DB1CEDA28FF77C27F535 ] C:\Windows\System32\scrobj.dll
07:06:54.0566 2956 C:\Windows\System32\scrobj.dll - ok
07:06:54.0572 2956 [ FB953BD1C9B60607B9CBEE70EAFC7ABA ] C:\Windows\System32\pcasvc.dll
07:06:54.0572 2956 C:\Windows\System32\pcasvc.dll - ok
07:06:54.0576 2956 [ A7E2C4077DF2E63DE809E4B11924C360 ] C:\Program Files (x86)\GlassWire\GlassWire.exe
07:06:54.0576 2956 C:\Program Files (x86)\GlassWire\GlassWire.exe - ok
07:06:54.0581 2956 [ 785D2832863C28491A34BBF5314949EC ] C:\Windows\System32\msiexec.exe
07:06:54.0581 2956 C:\Windows\System32\msiexec.exe - ok
07:06:54.0588 2956 [ B9D6CB71E4E731457FE37A73F1230E5F ] C:\Program Files (x86)\GlassWire\Qt5Core.dll
07:06:54.0588 2956 C:\Program Files (x86)\GlassWire\Qt5Core.dll - ok
07:06:54.0592 2956 [ 32E2DB02CC75201E638A010E013BBA03 ] C:\Program Files (x86)\GlassWire\Qt5Widgets.dll
07:06:54.0592 2956 C:\Program Files (x86)\GlassWire\Qt5Widgets.dll - ok
07:06:54.0595 2956 [ F1329F0C072EE1DCB2F6B898B1A000BC ] C:\Program Files (x86)\GlassWire\Qt5Gui.dll
07:06:54.0596 2956 C:\Program Files (x86)\GlassWire\Qt5Gui.dll - ok
07:06:54.0601 2956 [ 815CE3B13020A9D912604E1FEE623181 ] C:\Program Files (x86)\GlassWire\Qt5Svg.dll
07:06:54.0601 2956 C:\Program Files (x86)\GlassWire\Qt5Svg.dll - ok
07:06:54.0607 2956 [ A1D2DAF2AB826181DDFF42C5214FB8FE ] C:\Program Files (x86)\GlassWire\Qt5WinExtras.dll
07:06:54.0607 2956 C:\Program Files (x86)\GlassWire\Qt5WinExtras.dll - ok
07:06:54.0611 2956 [ DAC8C49519D07A8B66CC9C683FA79032 ] C:\Windows\System32\pcadm.dll
07:06:54.0611 2956 C:\Windows\System32\pcadm.dll - ok
07:06:54.0618 2956 [ BD0870D2834B52946BA46692DEDA2A85 ] C:\Program Files (x86)\GlassWire\platforms\qwindows.dll
07:06:54.0618 2956 C:\Program Files (x86)\GlassWire\platforms\qwindows.dll - ok
07:06:54.0625 2956 [ 71E11BA8E3493E6AD62FDB7008C9445E ] C:\Program Files (x86)\GlassWire\imageformats\qico.dll
07:06:54.0625 2956 C:\Program Files (x86)\GlassWire\imageformats\qico.dll - ok
07:06:54.0629 2956 [ 6013F3A98B904310DA8853682949FFD2 ] C:\Program Files (x86)\GlassWire\iconengines\qsvgicon.dll
07:06:54.0629 2956 C:\Program Files (x86)\GlassWire\iconengines\qsvgicon.dll - ok
07:06:54.0635 2956 [ 00000000000000000000000000000000 ] C:\Program Files\AVAST Software\Avast\libcef.dll
07:06:54.0635 2956 C:\Program Files\AVAST Software\Avast\libcef.dll - ok
07:06:54.0642 2956 [ B8750EE8D57923A607B71C7F9B9D0917 ] C:\Program Files\AVAST Software\Avast\chrome_elf.dll
07:06:54.0642 2956 C:\Program Files\AVAST Software\Avast\chrome_elf.dll - ok
07:06:54.0645 2956 [ 2BC4B42810D8B5917D6E19E13C7FCDBB ] C:\Windows\SysWOW64\credui.dll
07:06:54.0645 2956 C:\Windows\SysWOW64\credui.dll - ok
07:06:54.0650 2956 [ 517C3B10469AC08FDEF741DE843E87E9 ] C:\Windows\SysWOW64\dxva2.dll
07:06:54.0650 2956 C:\Windows\SysWOW64\dxva2.dll - ok
07:06:54.0656 2956 [ D7B9ECE8DC6766F0FBD7C09A5FDFDB7E ] C:\Windows\SysWOW64\fontsub.dll
07:06:54.0656 2956 C:\Windows\SysWOW64\fontsub.dll - ok
07:06:54.0660 2956 [ 6D56DAB5FF11DE0DA994A78EE1323323 ] C:\Program Files\AVAST Software\Avast\aswData.dll
07:06:54.0660 2956 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
07:06:54.0663 2956 [ 0EAFF2E347541DE55433955908C36BA0 ] C:\Program Files\AVAST Software\Avast\gaming_probe.dll
07:06:54.0663 2956 C:\Program Files\AVAST Software\Avast\gaming_probe.dll - ok
07:06:54.0669 2956 [ 88A744BA261B0A9F46B5B87BB001FCE2 ] C:\Windows\SysWOW64\Windows.ApplicationModel.dll
07:06:54.0670 2956 C:\Windows\SysWOW64\Windows.ApplicationModel.dll - ok
07:06:54.0674 2956 [ B8E16AF005E7F7FA634522F994F82B56 ] C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe
07:06:54.0674 2956 C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe - ok
07:06:54.0678 2956 [ 2973AF8515EFFD0A3BFC7A43B03B3FCC ] C:\Program Files\AVAST Software\Avast\setup\gcapi_15464702389172.dll
07:06:54.0678 2956 C:\Program Files\AVAST Software\Avast\setup\gcapi_15464702389172.dll - ok
07:06:54.0683 2956 [ EC95D25F9534B5F78A96A6A0795BD577 ] C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
07:06:54.0683 2956 C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll - ok
07:06:54.0689 2956 [ 3CAE118612179DEE08EF295266C615D9 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
07:06:54.0689 2956 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
07:06:54.0693 2956 [ 2DC7DCBD2EF57EDEF2BBEDA4E8891CF7 ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
07:06:54.0693 2956 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
07:06:54.0697 2956 [ 967FBE4BCD8D9EDC4CC0F8A2CADC3D44 ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
07:06:54.0697 2956 C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
07:06:54.0704 2956 [ 924973F86029C412DC0E28AFC9ED4F04 ] C:\Program Files\AVAST Software\Avast\defs\19010204\uiext.dll
07:06:54.0704 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\uiext.dll - ok
07:06:54.0709 2956 [ 584A528129AF5BF085B6285F504CD929 ] C:\Program Files\AVAST Software\Avast\pam.dll
07:06:54.0709 2956 C:\Program Files\AVAST Software\Avast\pam.dll - ok
07:06:54.0712 2956 [ D4DF6421BC6608A4EF8BC25273B86780 ] C:\Program Files\AVAST Software\Avast\aswidpmx.dll
07:06:54.0712 2956 C:\Program Files\AVAST Software\Avast\aswidpmx.dll - ok
07:06:54.0717 2956 [ 14C8D58823385179A392F561E96CCF2B ] C:\Program Files\AVAST Software\Avast\aswDataScan.dll
07:06:54.0717 2956 C:\Program Files\AVAST Software\Avast\aswDataScan.dll - ok
07:06:54.0723 2956 [ D6784642DFE9A871F70E5427298B0D84 ] C:\Windows\SysWOW64\Query.dll
07:06:54.0723 2956 C:\Windows\SysWOW64\Query.dll - ok
07:06:54.0727 2956 [ E3AFE279387EEE94BF79388AB6F4276C ] C:\Program Files\AVAST Software\Avast\gaming_mode.dll
07:06:54.0727 2956 C:\Program Files\AVAST Software\Avast\gaming_mode.dll - ok
07:06:54.0730 2956 [ 8F55D77770D301A31DB38FA3F5009ACA ] C:\Program Files\AVAST Software\Avast\defs\19010204\PushPin.dll
07:06:54.0730 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\PushPin.dll - ok
07:06:54.0736 2956 [ CDEDA122FDC8FE6E0AA5374A7A21704D ] C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll
07:06:54.0736 2956 C:\Program Files\AVAST Software\Avast\x64\tasks_core.dll - ok
07:06:54.0742 2956 [ C322335A0F3647110E79221E001DB7FB ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
07:06:54.0742 2956 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe - ok
07:06:54.0746 2956 [ 99CD4FD9BB29D7205283B1F12B327C43 ] C:\Windows\SysWOW64\mscms.dll
07:06:54.0746 2956 C:\Windows\SysWOW64\mscms.dll - ok
07:06:54.0751 2956 [ 3B34AD28F28F1F9FA0A5D1E6B22B78FA ] C:\Windows\SysWOW64\coloradapterclient.dll
07:06:54.0751 2956 C:\Windows\SysWOW64\coloradapterclient.dll - ok
07:06:54.0757 2956 [ 9DDA681B0406C3575E666F52CBDE4F80 ] C:\Program Files (x86)\Dropbox\Client\msvcp140.dll
07:06:54.0757 2956 C:\Program Files (x86)\Dropbox\Client\msvcp140.dll - ok
07:06:54.0761 2956 [ E79EF25890B214B13A7473E52330D0EC ] C:\Program Files (x86)\Dropbox\Client\vcruntime140.dll
07:06:54.0761 2956 C:\Program Files (x86)\Dropbox\Client\vcruntime140.dll - ok
07:06:54.0765 2956 [ B3AD2BF3290A598A97E462CE1AD319C9 ] C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
07:06:54.0765 2956 C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll - ok
07:06:54.0772 2956 [ 24F740AA79CE4C4A6B49B6DF943B4AAB ] C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
07:06:54.0772 2956 C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll - ok
07:06:54.0775 2956 [ C2E47BBFFFFEFB721B00F977D39565E0 ] C:\Program Files (x86)\Dropbox\Client\dropbox_bootstrap.dll
07:06:54.0775 2956 C:\Program Files (x86)\Dropbox\Client\dropbox_bootstrap.dll - ok
07:06:54.0779 2956 [ 99F81FFEAAC78B519C17C7044EA6BE65 ] C:\Program Files (x86)\Dropbox\Client\python35.dll
07:06:54.0779 2956 C:\Program Files (x86)\Dropbox\Client\python35.dll - ok
07:06:54.0785 2956 [ 44610FE2ECB187BB39CC8240AE783AB9 ] C:\Windows\SysWOW64\directmanipulation.dll
07:06:54.0785 2956 C:\Windows\SysWOW64\directmanipulation.dll - ok
07:06:54.0791 2956 [ 321FC9C7D65B9842558894559A74662D ] C:\Windows\SysWOW64\atlthunk.dll
07:06:54.0791 2956 C:\Windows\SysWOW64\atlthunk.dll - ok
07:06:54.0794 2956 [ 2158F621E0CC1D1F309C24E941451A7A ] C:\Program Files (x86)\Dropbox\Client\select.cp35-win32.pyd
07:06:54.0794 2956 C:\Program Files (x86)\Dropbox\Client\select.cp35-win32.pyd - ok
07:06:54.0799 2956 [ FA491325FECF6F106C8D27289EEF05E0 ] C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
07:06:54.0799 2956 C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd - ok
07:06:54.0805 2956 [ E350FE262F8B1886770F499E445F25A1 ] C:\Program Files (x86)\Dropbox\Client\_bz2.cp35-win32.pyd
07:06:54.0806 2956 C:\Program Files (x86)\Dropbox\Client\_bz2.cp35-win32.pyd - ok
07:06:54.0809 2956 [ 352FC1B6BED0F606AE7739C075142E0D ] C:\Program Files (x86)\Dropbox\Client\_multiprocessing.cp35-win32.pyd
07:06:54.0809 2956 C:\Program Files (x86)\Dropbox\Client\_multiprocessing.cp35-win32.pyd - ok
07:06:54.0812 2956 [ C66AAC5B89EF9E34796B7E64BD6DB672 ] C:\Program Files (x86)\Dropbox\Client\_ctypes.cp35-win32.pyd
07:06:54.0812 2956 C:\Program Files (x86)\Dropbox\Client\_ctypes.cp35-win32.pyd - ok
07:06:54.0817 2956 [ EB5BA7D65E73C16608CF28EC95E488B3 ] C:\Program Files (x86)\Dropbox\Client\unicodedata.cp35-win32.pyd
07:06:54.0817 2956 C:\Program Files (x86)\Dropbox\Client\unicodedata.cp35-win32.pyd - ok
07:06:54.0823 2956 [ C9A16A946E2FFB03D554FF9EEC338A7B ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
07:06:54.0823 2956 C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd - ok
07:06:54.0827 2956 [ FA19445A904135EDAC84D388028FC786 ] C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
07:06:54.0827 2956 C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd - ok
07:06:54.0832 2956 [ 00A67B1AD7D52FAC3FB711C9A8093404 ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
07:06:54.0832 2956 C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd - ok
07:06:54.0839 2956 [ A24F0900023D52F08F8F789BF94563A3 ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
07:06:54.0839 2956 C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd - ok
07:06:54.0844 2956 [ 080869B16D720FD64296455E0A3A9235 ] C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
07:06:54.0844 2956 C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll - ok
07:06:54.0849 2956 [ 814E9259C1E13437DF637CC50C156D03 ] C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
07:06:54.0849 2956 C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd - ok
07:06:54.0856 2956 [ B9FA77DA5F7C1EACEDEDEBD722C21C16 ] C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
07:06:54.0856 2956 C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd - ok
07:06:54.0859 2956 [ 1101D88A9E13759AB3C07D50987BF6CF ] C:\Program Files (x86)\Dropbox\Client\pyexpat.cp35-win32.pyd
07:06:54.0859 2956 C:\Program Files (x86)\Dropbox\Client\pyexpat.cp35-win32.pyd - ok
07:06:54.0863 2956 [ D21F7B8778C3593FC8547CEF17075030 ] C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
07:06:54.0863 2956 C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll - ok
07:06:54.0868 2956 [ 9605A2E032F5F548E25ED4225DAB071B ] C:\Program Files (x86)\Dropbox\Client\_decimal.cp35-win32.pyd
07:06:54.0868 2956 C:\Program Files (x86)\Dropbox\Client\_decimal.cp35-win32.pyd - ok
07:06:54.0875 2956 [ 62A698CDEFD26E6767C0BE8096559B6C ] C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
07:06:54.0875 2956 C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd - ok
07:06:54.0879 2956 [ DE45D7967C30BBB88E01F5FA21A566A2 ] C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
07:06:54.0879 2956 C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd - ok
07:06:54.0885 2956 [ C3228B73D581B6654C9734E8594E7D50 ] C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
07:06:54.0885 2956 C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd - ok
07:06:54.0891 2956 [ 79881561674090AB808DCE9714A81F42 ] C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
07:06:54.0891 2956 C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd - ok
07:06:54.0895 2956 [ 01CB97E741254C5E707356E94B8A4B12 ] C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
07:06:54.0895 2956 C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd - ok
07:06:54.0899 2956 [ 2047D7B2BB0D1FE1EA6697C0920C1B33 ] C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
07:06:54.0899 2956 C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd - ok
07:06:54.0906 2956 [ AE1CC08289EA4CDD0F061B06A8D852BF ] C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
07:06:54.0906 2956 C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd - ok
07:06:54.0909 2956 [ AC3BD37F86C63BC3686ED1D29D2EAEE8 ] C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
07:06:54.0909 2956 C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd - ok
07:06:54.0913 2956 [ 818358468C5A51B9CB13D925E8E6FD31 ] C:\Windows\SysWOW64\security.dll
07:06:54.0913 2956 C:\Windows\SysWOW64\security.dll - ok
07:06:54.0918 2956 [ 8B63363130C056F2A9F69E6C3788BFF7 ] C:\Windows\SysWOW64\ntdsapi.dll
07:06:54.0918 2956 C:\Windows\SysWOW64\ntdsapi.dll - ok
07:06:54.0924 2956 [ 8FAA8BDCB465083D23DA1D9E1A94D2A3 ] C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
07:06:54.0924 2956 C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd - ok
07:06:54.0927 2956 [ 06B0906576DE26C79E5E8A8AF58D8921 ] C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
07:06:54.0927 2956 C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd - ok
07:06:54.0933 2956 [ CF3CFE2FFA4D295B238DACEF69AE7D31 ] C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
07:06:54.0933 2956 C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd - ok
07:06:54.0940 2956 [ 5194979881981AE25D56ECD4DCC2AEC0 ] C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
07:06:54.0941 2956 C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd - ok
07:06:54.0944 2956 [ 0E56394B67399E534D98535CA3959186 ] C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
07:06:54.0944 2956 C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd - ok
07:06:54.0949 2956 [ CD7ED9B4BE1F9A53A95353E6775F55FC ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
07:06:54.0949 2956 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
07:06:54.0955 2956 [ A6CC712E7CBFEC3A96184177DD8F85FD ] C:\Program Files\AVAST Software\Avast\defs\19010204\swhealthex2.dll
07:06:54.0955 2956 C:\Program Files\AVAST Software\Avast\defs\19010204\swhealthex2.dll - ok
07:06:54.0959 2956 [ ECA0A8DB3541A1064E00DE428EA8B1D6 ] C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
07:06:54.0959 2956 C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd - ok
07:06:54.0962 2956 [ 9735F84524968CCD40F3D88CBB454BA1 ] C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
07:06:54.0962 2956 C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd - ok
07:06:54.0970 2956 [ 796E81F2F71031F602B71994A6931548 ] C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
07:06:54.0970 2956 C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd - ok
07:06:54.0975 2956 [ 4BDE91C3E30D08EC749DB860827BE411 ] C:\Windows\SysWOW64\MMDevAPI.dll
07:06:54.0975 2956 C:\Windows\SysWOW64\MMDevAPI.dll - ok
07:06:54.0979 2956 [ 5FDE3AEA56616857FA586CBD2A82A360 ] C:\Windows\SysWOW64\wdmaud.drv
07:06:54.0979 2956 C:\Windows\SysWOW64\wdmaud.drv - ok
07:06:54.0983 2956 [ 4A3DDD2CC78789A08DE4AFF23F01CE56 ] C:\Windows\SysWOW64\ksuser.dll
07:06:54.0983 2956 C:\Windows\SysWOW64\ksuser.dll - ok
07:06:54.0989 2956 [ 2095706EFFB80F05C56529D0C7F2380A ] C:\Windows\SysWOW64\avrt.dll
07:06:54.0989 2956 C:\Windows\SysWOW64\avrt.dll - ok
07:06:54.0994 2956 [ BBD31D924FB86F61698996FDD5B578FC ] C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
07:06:54.0994 2956 C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd - ok
07:06:54.0999 2956 [ CFF591AA645D1E928280B410CB41D902 ] C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
07:06:54.0999 2956 C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd - ok
07:06:55.0005 2956 [ 42F92C324C7DB6B1008D576F79F8F61C ] C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
07:06:55.0005 2956 C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd - ok
07:06:55.0009 2956 [ 312E2F16E43281B58DFC9F6E90BE6A8B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\dd71169f5bcca438de21a1523d0391a8\System.DirectoryServices.ni.dll
07:06:55.0009 2956 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\dd71169f5bcca438de21a1523d0391a8\System.DirectoryServices.ni.dll - ok
07:06:55.0014 2956 [ 5B83C68E485E8DF438E0987B3220F87A ] C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
07:06:55.0014 2956 C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd - ok
07:06:55.0020 2956 [ BC6D700E14551714DEB55AE1626F78D3 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
07:06:55.0020 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd - ok
07:06:55.0025 2956 [ 694854A0CCA312B4041CF953DD80AEA1 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll
07:06:55.0025 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll - ok
07:06:55.0028 2956 [ CFA779F3907A4B81141A64C33B18E3CB ] C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll
07:06:55.0028 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll - ok
07:06:55.0032 2956 [ CBE872789ADB6746D8D2AC721959F1DD ] C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll
07:06:55.0032 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll - ok
07:06:55.0038 2956 [ EEFF5C00367CF496B90C2B08CC67CB69 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineCore.dll
07:06:55.0038 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineCore.dll - ok
07:06:55.0042 2956 [ FA5D67E56759E76E0F755EF841C9CCD3 ] C:\Program Files (x86)\Dropbox\Client\Qt5Quick.dll
07:06:55.0042 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Quick.dll - ok
07:06:55.0046 2956 [ F73D14EA2CE062F78CE8DCE6B88FB175 ] C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll
07:06:55.0046 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll - ok
07:06:55.0053 2956 [ B6153CFD58FECFF3C9FE22542ED0DB45 ] C:\Program Files (x86)\Dropbox\Client\Qt5Network.dll
07:06:55.0053 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Network.dll - ok
07:06:55.0059 2956 [ 31AD766ACED68CD8C4965E5D6368A57D ] C:\Program Files (x86)\Dropbox\Client\icuin56.dll
07:06:55.0059 2956 C:\Program Files (x86)\Dropbox\Client\icuin56.dll - ok
07:06:55.0062 2956 [ 9B1D79EFC09C6937504A9ACD273E1BEC ] C:\Program Files (x86)\Dropbox\Client\icuuc56.dll
07:06:55.0062 2956 C:\Program Files (x86)\Dropbox\Client\icuuc56.dll - ok
07:06:55.0066 2956 [ BE8DA757A559EC6BD278C0BC0240C23D ] C:\Program Files (x86)\Dropbox\Client\Qt5WebChannel.dll
07:06:55.0066 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WebChannel.dll - ok
07:06:55.0073 2956 [ B8A30702140A0C552C6356C9C0E948C2 ] C:\Program Files (x86)\Dropbox\Client\Qt5QML.dll
07:06:55.0073 2956 C:\Program Files (x86)\Dropbox\Client\Qt5QML.dll - ok
07:06:55.0077 2956 [ 2D6F7E9EE4811803D93C33FA8CBF5DA4 ] C:\Program Files (x86)\Dropbox\Client\icudt56.dll
07:06:55.0077 2956 C:\Program Files (x86)\Dropbox\Client\icudt56.dll - ok
07:06:55.0080 2956 [ B7820DE33CD183F303EDC6293362525B ] C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd
07:06:55.0080 2956 C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd - ok
07:06:55.0087 2956 [ 9EB7C3985AEF7B98FE7EA7387695DC02 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
07:06:55.0087 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd - ok
07:06:55.0092 2956 [ 07E20601E3DB73763BF8D91AF154FA97 ] C:\Windows\System32\WindowsInternal.ComposableShell.DesktopHosting.dll
07:06:55.0092 2956 C:\Windows\System32\WindowsInternal.ComposableShell.DesktopHosting.dll - ok
07:06:55.0096 2956 [ 02163E16B1FF20BFADCAFDCB24960233 ] C:\Windows\ShellComponents\WindowsInternal.ComposableShell.Experiences.Switcher.dll
07:06:55.0096 2956 C:\Windows\ShellComponents\WindowsInternal.ComposableShell.Experiences.Switcher.dll - ok
07:06:55.0101 2956 [ 45D5A98127F90791E899E7FDA19C2100 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
07:06:55.0101 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd - ok
07:06:55.0106 2956 [ ACD62A0ADC44658A2C2CDF8CEBC1B795 ] C:\Windows\ShellExperiences\TileControl.dll
07:06:55.0106 2956 C:\Windows\ShellExperiences\TileControl.dll - ok
07:06:55.0111 2956 [ 7E7706E72702DE5852B5AEFCD7A01E95 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
07:06:55.0111 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd - ok
07:06:55.0116 2956 [ BAB2E875DA50B7A13A0790094ADE3A23 ] C:\Windows\ShellComponents\TaskFlowUI.dll
07:06:55.0116 2956 C:\Windows\ShellComponents\TaskFlowUI.dll - ok
07:06:55.0123 2956 [ B9326DA064915B959FDC2E4CAE2C3DA0 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
07:06:55.0123 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd - ok
07:06:55.0127 2956 [ A12733907EE712C5520480F0D016C14A ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
07:06:55.0127 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd - ok
07:06:55.0131 2956 [ 08E0DC45FCDC33E457E450C8451F2695 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
07:06:55.0131 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd - ok
07:06:55.0137 2956 [ 580A34BFD8E2958D3EC9A1CFC01E5C60 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
07:06:55.0137 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd - ok
07:06:55.0142 2956 [ 4C746684EB428300CFD4AF2F3C0A4F44 ] C:\Program Files (x86)\Dropbox\Client\Qt5Webkit.dll
07:06:55.0142 2956 C:\Program Files (x86)\Dropbox\Client\Qt5Webkit.dll - ok
07:06:55.0145 2956 [ BF30009128A2F3E02DD39DD2B979EEF5 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
07:06:55.0145 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd - ok
07:06:55.0150 2956 [ 32BD40A8DFEC6B398EADBE1652AF6F24 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebkitWidgets.dll
07:06:55.0150 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WebkitWidgets.dll - ok
07:06:55.0157 2956 [ AB2E54C3B3A3BB531F3AAA2CC970BBC5 ] C:\Program Files (x86)\Dropbox\Client\Qt5PrintSupport.dll
07:06:55.0157 2956 C:\Program Files (x86)\Dropbox\Client\Qt5PrintSupport.dll - ok
07:06:55.0161 2956 [ C352A07EA957E5F693AEBDD935CBB29B ] C:\Program Files (x86)\Dropbox\Client\Qt5OpenGL.dll
07:06:55.0161 2956 C:\Program Files (x86)\Dropbox\Client\Qt5OpenGL.dll - ok
07:06:55.0164 2956 [ 642E3AA4637E07C7F24B19CB2C581824 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
07:06:55.0164 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd - ok
07:06:55.0171 2956 [ CA327D2C324A5CB6310379E9983C1B77 ] C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
07:06:55.0172 2956 C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd - ok
07:06:55.0177 2956 [ C3F5A59AC05C4EE667251F2E91EAD101 ] C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
07:06:55.0177 2956 C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd - ok
07:06:55.0180 2956 [ 0CDFDD574084E00E8C95C3F28D331AAF ] C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
07:06:55.0180 2956 C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd - ok
07:06:55.0186 2956 [ 8413606A5AAD51C778FEC042935E32B1 ] C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
07:06:55.0186 2956 C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd - ok
07:06:55.0192 2956 [ 475A10CEAAE6FF516E9510191680FCD9 ] C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
07:06:55.0192 2956 C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd - ok
07:06:55.0197 2956 [ E05F773B651E624DBA360189BD496C75 ] C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
07:06:55.0197 2956 C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd - ok
07:06:55.0203 2956 [ F284B8E9249B99D066D9F65DB36A285B ] C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
07:06:55.0203 2956 C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd - ok
07:06:55.0209 2956 [ D714FA628C61BA759F331333294E39E3 ] C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
07:06:55.0209 2956 C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd - ok
07:06:55.0212 2956 [ B7B6C2F1B54E41F5EABDAFF8C671005F ] C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
07:06:55.0212 2956 C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd - ok
07:06:55.0216 2956 [ 5F1BF7CB51E0E44B84B67B5B727E1DD6 ] C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
07:06:55.0217 2956 C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd - ok
07:06:55.0223 2956 [ 8C6F544623B45A103154522DF18C1EF6 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
07:06:55.0223 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd - ok
07:06:55.0227 2956 [ 6B8EBFC1F4948D867E227F3A68A9E9AB ] C:\Program Files (x86)\Dropbox\Client\Qt5WinExtras.dll
07:06:55.0227 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WinExtras.dll - ok
07:06:55.0230 2956 [ 795558F593759888A5C957361A8076FC ] C:\Program Files (x86)\Dropbox\Client\_elementtree.cp35-win32.pyd
07:06:55.0230 2956 C:\Program Files (x86)\Dropbox\Client\_elementtree.cp35-win32.pyd - ok
07:06:55.0239 2956 [ ED077CA79AE9C1D18EEEB087118E44E0 ] C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
07:06:55.0239 2956 C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd - ok
07:06:55.0244 2956 [ FE05FF605AA7549C2D3712CEC8C7D175 ] C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
07:06:55.0244 2956 C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd - ok
07:06:55.0247 2956 [ 240B686364AFC26BFAF575085F6BDE99 ] C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
07:06:55.0247 2956 C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd - ok
07:06:55.0252 2956 [ 23EDC7F41EA4C7AB044720BA1A05DC28 ] C:\Program Files (x86)\Dropbox\Client\librsync.dll
07:06:55.0252 2956 C:\Program Files (x86)\Dropbox\Client\librsync.dll - ok
07:06:55.0259 2956 [ 9D3AC06CEC76941305E94241E924E6B7 ] C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
07:06:55.0259 2956 C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd - ok
07:06:55.0262 2956 [ A190B5ECBD873A62288B03AF446835A3 ] C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
07:06:55.0262 2956 C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll - ok
07:06:55.0267 2956 [ 43977231EA53B7E17AA7B5A9C5D490D3 ] C:\Program Files (x86)\Dropbox\Client\vccorlib140.dll
07:06:55.0267 2956 C:\Program Files (x86)\Dropbox\Client\vccorlib140.dll - ok
07:06:55.0273 2956 [ 10D129E4358761EAC7AB08D6B02B9202 ] C:\Program Files (x86)\Dropbox\Client\concrt140.dll
07:06:55.0273 2956 C:\Program Files (x86)\Dropbox\Client\concrt140.dll - ok
07:06:55.0277 2956 [ BCBB1CB967F65A24C7F0F87BCCA6F527 ] C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
07:06:55.0277 2956 C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd - ok
07:06:55.0281 2956 [ B6C0E0CC97788D27932D7EE88B485514 ] C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll
07:06:55.0281 2956 C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.dll - ok
07:06:55.0286 2956 [ D6868E020F180C5356926260F3898125 ] C:\Windows\System32\ploptin.dll
07:06:55.0286 2956 C:\Windows\System32\ploptin.dll - ok
07:06:55.0292 2956 [ 1F4C968470C4565325A5925A598495AE ] C:\Windows\System32\Windows.Media.Devices.dll
07:06:55.0292 2956 C:\Windows\System32\Windows.Media.Devices.dll - ok
07:06:55.0297 2956 [ 1E0BB25D7DADF12650965C3D40E8B8E6 ] C:\Windows\System32\HrtfApo.dll
07:06:55.0297 2956 C:\Windows\System32\HrtfApo.dll - ok
07:06:55.0303 2956 [ FD20A0999BF34351279EAFD4E43D16B5 ] C:\Windows\System32\CompPkgSup.dll
07:06:55.0303 2956 C:\Windows\System32\CompPkgSup.dll - ok
07:06:55.0309 2956 [ 9DA75F4D54BAAB8781BD3BE63F22DB24 ] C:\Windows\System32\RtkApi64.dll
07:06:55.0309 2956 C:\Windows\System32\RtkApi64.dll - ok
07:06:55.0311 2956 [ 99DC7658168D38E783EDF7777AF0E476 ] C:\Windows\System32\RtkCfg64.dll
07:06:55.0311 2956 C:\Windows\System32\RtkCfg64.dll - ok
07:06:55.0315 2956 [ AD945F1B0E3087C0E5504DCBB210DB23 ] C:\Windows\System32\RltkAPO64.dll
07:06:55.0315 2956 C:\Windows\System32\RltkAPO64.dll - ok
07:06:55.0321 2956 [ 1643CEFBE4DDCE34D5FB1B6A9242AB79 ] C:\Windows\System32\AudioEng.dll
07:06:55.0321 2956 C:\Windows\System32\AudioEng.dll - ok
07:06:55.0326 2956 [ F04ADA7AF26797029FA84FE969E7D215 ] C:\Windows\System32\ApplicationFrameHost.exe
07:06:55.0326 2956 C:\Windows\System32\ApplicationFrameHost.exe - ok
07:06:55.0330 2956 [ FEDC81E87FBD2180E99A71D9DEC27718 ] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
07:06:55.0330 2956 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe - ok
07:06:55.0335 2956 [ ACD47EAE97279ABA4D1BC486EDC67CF5 ] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.dll
07:06:55.0335 2956 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.dll - ok
07:06:55.0342 2956 [ 0FB8B976F9D5E11DBD1930CAF9E72282 ] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
07:06:55.0342 2956 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll - ok
07:06:55.0346 2956 [ 51B8E8351BA3D6C29F731576C5DB305B ] C:\Windows\System32\WinMetadata\Windows.UI.Xaml.winmd
07:06:55.0346 2956 C:\Windows\System32\WinMetadata\Windows.UI.Xaml.winmd - ok
07:06:55.0350 2956 [ 69343DA8FAF268C33750100F0F8E400E ] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
07:06:55.0350 2956 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll - ok
07:06:55.0357 2956 [ E0E092D4EFC15F25FD9C0923C52C33D6 ] C:\Windows\ImmersiveControlPanel\SystemSettings.exe
07:06:55.0357 2956 C:\Windows\ImmersiveControlPanel\SystemSettings.exe - ok
07:06:55.0362 2956 [ D22D21F7CB6024B966C8B1CAC249738B ] C:\Windows\ImmersiveControlPanel\SystemSettings.dll
07:06:55.0363 2956 C:\Windows\ImmersiveControlPanel\SystemSettings.dll - ok
07:06:55.0366 2956 [ 740C22FD2C85E00A0E7920F5A5D1B03D ] C:\Windows\ImmersiveControlPanel\Telemetry.Common.dll
07:06:55.0366 2956 C:\Windows\ImmersiveControlPanel\Telemetry.Common.dll - ok
07:06:55.0373 2956 [ CBBC805B2D08C06D46F774B1DA112ACA ] C:\Windows\ImmersiveControlPanel\SystemSettingsViewModel.Desktop.dll
07:06:55.0373 2956 C:\Windows\ImmersiveControlPanel\SystemSettingsViewModel.Desktop.dll - ok
07:06:55.0378 2956 [ 1FA778B0A8A2E9E1D58A57635A70EB84 ] C:\Windows\System32\SettingsEnvironment.Desktop.dll
07:06:55.0378 2956 C:\Windows\System32\SettingsEnvironment.Desktop.dll - ok
07:06:55.0381 2956 [ 8734D37C8A257799D7E89BE6652E0F06 ] C:\Windows\System32\regapi.dll
07:06:55.0381 2956 C:\Windows\System32\regapi.dll - ok
07:06:55.0386 2956 [ 04BE0E2A832363056479A1352B1C6149 ] C:\Windows\System32\Windows.UI.Xaml.Phone.dll
07:06:55.0386 2956 C:\Windows\System32\Windows.UI.Xaml.Phone.dll - ok
07:06:55.0393 2956 [ 5A01E86153206CBAC23531A90D105EC4 ] C:\Windows\System32\OnDemandBrokerClient.dll
07:06:55.0393 2956 C:\Windows\System32\OnDemandBrokerClient.dll - ok
07:06:55.0396 2956 [ 72B806AA25CB36721DD91C16E56FA846 ] C:\Windows\System32\deviceaccess.dll
07:06:55.0396 2956 C:\Windows\System32\deviceaccess.dll - ok
07:06:55.0400 2956 [ 1879FD00DB5FC8CA37D6099EB36698D3 ] C:\Windows\System32\Windows.Media.Speech.dll
07:06:55.0400 2956 C:\Windows\System32\Windows.Media.Speech.dll - ok
07:06:55.0415 2956 [ DC99ADCDFF3C68F4521E0198F75CDBA2 ] C:\Windows\System32\Speech_OneCore\common\SpeechBrokeredApi.dll
07:06:55.0415 2956 C:\Windows\System32\Speech_OneCore\common\SpeechBrokeredApi.dll - ok
07:06:55.0420 2956 [ 112A782866DDAD3A648918FEE57E6E27 ] C:\Windows\System32\Speech_OneCore\common\SpeechServiceWinRTApi.ProxyStub.dll
07:06:55.0420 2956 C:\Windows\System32\Speech_OneCore\common\SpeechServiceWinRTApi.ProxyStub.dll - ok
07:06:55.0423 2956 [ 3B26C408962AAB9C07499F4AC4528755 ] C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
07:06:55.0423 2956 C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe - ok
07:06:55.0426 2956 [ 2F31002A28A233364455FE6AD2235CE8 ] C:\Windows\System32\wbiosrvc.dll
07:06:55.0426 2956 C:\Windows\System32\wbiosrvc.dll - ok
07:06:55.0429 2956 [ 33987F968084F9073A914CBDEEDD8304 ] C:\Windows\System32\winbioext.dll
07:06:55.0429 2956 C:\Windows\System32\winbioext.dll - ok
07:06:55.0434 2956 [ 86D5390DBC663434E31BA24A5A811178 ] C:\Windows\System32\WinBioPlugIns\FaceBootstrapAdapter.dll
07:06:55.0434 2956 C:\Windows\System32\WinBioPlugIns\FaceBootstrapAdapter.dll - ok
07:06:55.0441 2956 [ CC008F3344F6DEBC9A3C9495C4099997 ] C:\Windows\System32\WinBioPlugIns\NUIVoiceWBSAdapters.dll
07:06:55.0441 2956 C:\Windows\System32\WinBioPlugIns\NUIVoiceWBSAdapters.dll - ok
07:06:55.0445 2956 [ 4D3C8B47A0BC4637B1306805FF2D859B ] C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll
07:06:55.0445 2956 C:\Windows\System32\WinBioPlugIns\winbiostorageadapter.dll - ok
07:06:55.0448 2956 [ 7988E3FED5D90BF08856667F5B3F2384 ] C:\Windows\System32\VoiceActivationManager.dll
07:06:55.0448 2956 C:\Windows\System32\VoiceActivationManager.dll - ok
07:06:55.0453 2956 [ 0F0AA2A0BFDEF23EA84D3C575B0A0BD9 ] C:\Windows\System32\KeywordDetectorMsftSidAdapter.dll
07:06:55.0453 2956 C:\Windows\System32\KeywordDetectorMsftSidAdapter.dll - ok
07:06:55.0459 2956 [ CA952481919D9DB5226357FA47575CA5 ] C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Pal.Desktop.dll
07:06:55.0459 2956 C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Pal.Desktop.dll - ok
07:06:55.0463 2956 [ 36A187A5FD04008C5E50C3F756FCC110 ] C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Shell.dll
07:06:55.0463 2956 C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Shell.dll - ok
07:06:55.0467 2956 [ 375BD46EF9FAF75E0FE66F71F5DC30B9 ] C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Dictation.dll
07:06:55.0467 2956 C:\Windows\System32\Speech_OneCore\common\Windows.Speech.Dictation.dll - ok
07:06:55.0474 2956 [ 1AAF130D1A6876460CF5E19D78704666 ] C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
07:06:55.0474 2956 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll - ok
07:06:55.0480 2956 [ D823FA2D99D3C638522AB0A3715AF35D ] C:\Windows\System32\SpeechPal.dll
07:06:55.0480 2956 C:\Windows\System32\SpeechPal.dll - ok
07:06:55.0487 2956 [ 9CABD04B14CDFC6C4CE9230DAE7E244E ] C:\Windows\System32\Windows.System.Profile.HardwareId.dll
07:06:55.0487 2956 C:\Windows\System32\Windows.System.Profile.HardwareId.dll - ok
07:06:55.0494 2956 [ 69FD4CC699EF3C9312A2371F3BB1B102 ] C:\Windows\System32\WWanAPI.dll
07:06:55.0494 2956 C:\Windows\System32\WWanAPI.dll - ok
07:06:55.0497 2956 [ DF68DF70BD7C4B5285A54D63130C213A ] C:\Windows\System32\MiracastReceiver.dll
07:06:55.0497 2956 C:\Windows\System32\MiracastReceiver.dll - ok
07:06:55.0501 2956 [ 56DF77DBD6A8CCEE2A70897EDF609682 ] C:\Windows\System32\NcaApi.dll
07:06:55.0502 2956 C:\Windows\System32\NcaApi.dll - ok
07:06:55.0510 2956 [ FA4F8624421C270AD3D9DABD6FA5E7F8 ] C:\Windows\System32\mfcore.dll
07:06:55.0510 2956 C:\Windows\System32\mfcore.dll - ok
07:06:55.0514 2956 [ ABF80D6CA310317D10DA580BC59D0202 ] C:\Windows\System32\ksuser.dll
07:06:55.0514 2956 C:\Windows\System32\ksuser.dll - ok
07:06:55.0518 2956 [ 012D04EC1B8B9EF1B61472FD28393518 ] C:\Windows\System32\bcastdvruserservice.dll
07:06:55.0518 2956 C:\Windows\System32\bcastdvruserservice.dll - ok
07:06:55.0524 2956 [ 03F3A161DC6AA77C9448772B775D5219 ] C:\Windows\System32\BcastDVRCommon.dll
07:06:55.0524 2956 C:\Windows\System32\BcastDVRCommon.dll - ok
07:06:55.0529 2956 [ 8B01BB2121C93C2A46B8303B09B3D4C0 ] C:\Windows\System32\mfreadwrite.dll
07:06:55.0529 2956 C:\Windows\System32\mfreadwrite.dll - ok
07:06:55.0532 2956 [ ED4A82A63160D77FAB1D68355CE637D9 ] C:\Windows\System32\bcastdvr.proxy.dll
07:06:55.0532 2956 C:\Windows\System32\bcastdvr.proxy.dll - ok
07:06:55.0537 2956 [ 3B1AB66B8112FB4CA9A54C2D270BFB81 ] C:\Windows\System32\OneBackupHandler.dll
07:06:55.0537 2956 C:\Windows\System32\OneBackupHandler.dll - ok
07:06:55.0543 2956 [ F357E312A71C2C39BD909CEE68AE5AA6 ] C:\Windows\System32\fhsettingsprovider.dll
07:06:55.0543 2956 C:\Windows\System32\fhsettingsprovider.dll - ok
07:06:55.0546 2956 [ AEEFE41403E2BDA9DA8C6770C88D9A05 ] C:\Windows\System32\fhsvcctl.dll
07:06:55.0546 2956 C:\Windows\System32\fhsvcctl.dll - ok
07:06:55.0549 2956 [ 2610FFD7D1534C34F6157C9147D73D16 ] C:\Windows\System32\fhcfg.dll
07:06:55.0549 2956 C:\Windows\System32\fhcfg.dll - ok
07:06:55.0556 2956 [ 1C63D963A9F5DEF240E073850DC78928 ] C:\Windows\System32\efsutil.dll
07:06:55.0556 2956 C:\Windows\System32\efsutil.dll - ok
07:06:55.0561 2956 [ A8347391E23A0E1C1AB1C1C15A6E11B4 ] C:\Windows\System32\sdengin2.dll
07:06:55.0561 2956 C:\Windows\System32\sdengin2.dll - ok
07:06:55.0563 2956 [ FB057C5CCFE093C1E1AD38FD9ECED45A ] C:\Windows\System32\spp.dll
07:06:55.0563 2956 C:\Windows\System32\spp.dll - ok
07:06:55.0568 2956 [ 5075D1D035D7594A51A878FF0AFB271F ] C:\Windows\System32\Windows.Perception.Stub.dll
07:06:55.0568 2956 C:\Windows\System32\Windows.Perception.Stub.dll - ok
07:06:55.0574 2956 [ 5A66859BED437EA1094B11A4C5DE2996 ] C:\Windows\System32\keepaliveprovider.dll
07:06:55.0574 2956 C:\Windows\System32\keepaliveprovider.dll - ok
07:06:55.0578 2956 [ 288D836B81E809EB33CDCCAA9D1AB395 ] C:\Program Files\Windows Defender\MpCmdRun.exe
07:06:55.0578 2956 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
07:06:55.0582 2956 [ 78FF895034A371283C521071F72D035E ] C:\Windows\System32\WiFiCloudStore.dll
07:06:55.0582 2956 C:\Windows\System32\WiFiCloudStore.dll - ok
07:06:55.0588 2956 [ CA17485856B8D47B75EEBF888325D687 ] C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
07:06:55.0588 2956 C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd - ok
07:06:55.0594 2956 [ D8C71DA2624C424D78B2F29933760AFE ] C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll
07:06:55.0594 2956 C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll - ok
07:06:55.0598 2956 [ AC25092E9D3C517EC20805EE1694B5C5 ] C:\Windows\SysWOW64\ResourcePolicyClient.dll
07:06:55.0599 2956 C:\Windows\SysWOW64\ResourcePolicyClient.dll - ok
07:06:55.0604 2956 [ FA6460D69F1DCC1AB561FCF0693F205D ] C:\Windows\SysWOW64\igd10iumd32.dll
07:06:55.0605 2956 C:\Windows\SysWOW64\igd10iumd32.dll - ok
07:06:55.0610 2956 [ EC36F836F4B28E75E052252E816B1A98 ] C:\Windows\SysWOW64\igdusc32.dll
07:06:55.0610 2956 C:\Windows\SysWOW64\igdusc32.dll - ok
07:06:55.0614 2956 [ 7B93C6433BAC2D98EA0D27E1CB43D25D ] C:\Program Files (x86)\Dropbox\Client\libEGL.dll
07:06:55.0614 2956 C:\Program Files (x86)\Dropbox\Client\libEGL.dll - ok
07:06:55.0618 2956 [ 68FE132BF6DA9C6B636CB0E20575636F ] C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
07:06:55.0618 2956 C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll - ok
07:06:55.0626 2956 [ F76B1D2CD95385B21E61874761DDB53A ] C:\Program Files (x86)\Dropbox\Client\d3dcompiler_47.dll
07:06:55.0626 2956 C:\Program Files (x86)\Dropbox\Client\d3dcompiler_47.dll - ok
07:06:55.0630 2956 [ 79F3AB798300E287299F2020229F79B1 ] C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
07:06:55.0630 2956 C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd - ok
07:06:55.0635 2956 [ 9472C0AFEA5CFC580E1FA96DD289F134 ] C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
07:06:55.0635 2956 C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd - ok
07:06:55.0641 2956 [ CBE6351DF11CF6D070C70C8CBEC6F53F ] C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qgif.dll
07:06:55.0641 2956 C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qgif.dll - ok
07:06:55.0645 2956 [ C11565000C1DFE0B71C035DB991241AC ] C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll
07:06:55.0645 2956 C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll - ok
07:06:55.0649 2956 [ 8DF5E90873179B1B84FC4CAFFCE14B46 ] C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
07:06:55.0649 2956 C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd - ok
07:06:55.0656 2956 [ AD4EEEF0957D5783E212FDD0CF92017E ] C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
07:06:55.0656 2956 C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd - ok
07:06:55.0661 2956 [ EBED4A5CCFF36D7B0667A7D66899B894 ] C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
07:06:55.0661 2956 C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd - ok
07:06:55.0664 2956 [ 59D38A41008A7A229273D8AF693ADBAC ] C:\Windows\servicing\TrustedInstaller.exe
07:06:55.0664 2956 C:\Windows\servicing\TrustedInstaller.exe - ok
07:06:55.0669 2956 [ 129699FE1177E5270804C067623D7F30 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\wdscore.dll
07:06:55.0669 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\wdscore.dll - ok
07:06:55.0676 2956 [ E9D5E96EAD715E75F5231E53C68C8FBA ] C:\Windows\servicing\CbsApi.dll
07:06:55.0676 2956 C:\Windows\servicing\CbsApi.dll - ok
07:06:55.0680 2956 [ A925D158B68DA0F861F8738D827E6317 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe
07:06:55.0680 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe - ok
07:06:55.0684 2956 [ 31F4A3F8AD6ABB438BD73F3E81DD7479 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\CbsCore.dll
07:06:55.0685 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\CbsCore.dll - ok
07:06:55.0691 2956 [ 5F4A32C3E939C9C163F938AC48E175B8 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\dpx.dll
07:06:55.0691 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\dpx.dll - ok
07:06:55.0695 2956 [ 1BDD7B6843645DF5EC5D4AE84C604B9C ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\wcp.dll
07:06:55.0695 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\wcp.dll - ok
07:06:55.0699 2956 [ 8589C9047CCA856576F529EEC5455D90 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\drupdate.dll
07:06:55.0699 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\drupdate.dll - ok
07:06:55.0711 2956 [ 077F8FDD675E86861710FA8804913A4D ] C:\Windows\System32\srclient.dll
07:06:55.0711 2956 C:\Windows\System32\srclient.dll - ok
07:06:55.0716 2956 [ 4268CC1FBDD2947725521853602E3351 ] C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\msdelta.dll
07:06:55.0716 2956 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\msdelta.dll - ok
07:06:55.0722 2956 [ 87B72CF949250255F23D577CEFE4F7D1 ] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
07:06:55.0722 2956 C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll - ok
07:06:55.0729 2956 [ 1C7C95A2A36A088F480A83996F84661B ] C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
07:06:55.0729 2956 C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll - ok
07:06:55.0735 2956 [ 4171E1EF44EAECDFA62041DB9E26F996 ] C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
07:06:55.0735 2956 C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll - ok
07:06:55.0741 2956 [ 2E8DB0FC5D0A8D70ED1953A1BB8C6810 ] C:\Windows\System32\InstallService.dll
07:06:55.0741 2956 C:\Windows\System32\InstallService.dll - ok
07:06:55.0746 2956 [ 454A5042889C41ED772717E559FFEE79 ] C:\Windows\System32\EAMProgressHandler.dll
07:06:55.0746 2956 C:\Windows\System32\EAMProgressHandler.dll - ok
07:06:55.0749 2956 [ 25F8AD183EECAA81427D7A93A5EE5C38 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
07:06:55.0749 2956 C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd - ok
07:06:55.0755 2956 [ 19B8016885DF37FFCF7C78C19BD725E8 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll
07:06:55.0755 2956 C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll - ok
07:06:55.0761 2956 [ 43C9CCAA6BE7AED7E2957A7FCFB4AC54 ] C:\Windows\System32\APHostService.dll
07:06:55.0761 2956 C:\Windows\System32\APHostService.dll - ok
07:06:55.0764 2956 [ 9A1FA53C7B2612F173ECE6C90EEA0584 ] C:\Windows\System32\networkhelper.dll
07:06:55.0764 2956 C:\Windows\System32\networkhelper.dll - ok
07:06:55.0769 2956 [ 42018DCF9DD2B9C71624FCE102BFC6AD ] C:\Windows\System32\MCCSPal.dll
07:06:55.0769 2956 C:\Windows\System32\MCCSPal.dll - ok
07:06:55.0776 2956 [ 746E9703F1EBF036B75BE0BF61683E66 ] C:\Windows\System32\syncutil.dll
07:06:55.0776 2956 C:\Windows\System32\syncutil.dll - ok
07:06:55.0780 2956 [ 5AF4F6C3FEBD5C618082C18DC6411697 ] C:\Windows\System32\dmcfgutils.dll
07:06:55.0780 2956 C:\Windows\System32\dmcfgutils.dll - ok
07:06:55.0784 2956 [ 31C47EBA04CB08D06EB16814AA427B82 ] C:\Windows\System32\dmxmlhelputils.dll
07:06:55.0784 2956 C:\Windows\System32\dmxmlhelputils.dll - ok
07:06:55.0790 2956 [ 8D814E7B9F757DA254BE0E5596FCFFA9 ] C:\Windows\System32\InprocLogger.dll
07:06:55.0790 2956 C:\Windows\System32\InprocLogger.dll - ok
07:06:55.0795 2956 [ AD6E193563A734410F01A55A932117DA ] C:\Windows\System32\SyncController.dll
07:06:55.0795 2956 C:\Windows\System32\SyncController.dll - ok
07:06:55.0798 2956 [ 766AA21408E05C4111D4646CB380B54B ] C:\Windows\System32\APHostClient.dll
07:06:55.0798 2956 C:\Windows\System32\APHostClient.dll - ok
07:06:55.0803 2956 [ 591BF33F03B2F33F69CF555922D283BD ] C:\Windows\System32\accountaccessor.dll
07:06:55.0803 2956 C:\Windows\System32\accountaccessor.dll - ok
07:06:55.0810 2956 [ 360135B56178B3AA53176846D6DC4449 ] C:\Windows\System32\dsclient.dll
07:06:55.0810 2956 C:\Windows\System32\dsclient.dll - ok
07:06:55.0813 2956 [ 9E495F7556D7CE629077818A0F0E44A2 ] C:\Windows\System32\MCCSEngineShared.dll
07:06:55.0813 2956 C:\Windows\System32\MCCSEngineShared.dll - ok
07:06:55.0816 2956 [ 7D824D8A2C82B4D3EA69D41D74C1394D ] C:\Windows\System32\vaultsvc.dll
07:06:55.0817 2956 C:\Windows\System32\vaultsvc.dll - ok
07:06:55.0822 2956 [ 445D4ADAB34429A84915C6C208719DEE ] C:\Windows\System32\wscinterop.dll
07:06:55.0822 2956 C:\Windows\System32\wscinterop.dll - ok
07:06:55.0828 2956 [ 9D276A1BF69346FFF72BD54B90D48AB0 ] C:\Windows\System32\wscui.cpl
07:06:55.0828 2956 C:\Windows\System32\wscui.cpl - ok
07:06:55.0831 2956 [ 29AC697696A9B5E14C34ADD760A833BA ] C:\Windows\System32\SecurityHealthAgent.dll
07:06:55.0831 2956 C:\Windows\System32\SecurityHealthAgent.dll - ok
07:06:55.0836 2956 [ 7FC9F9D5DD96C0D1064FA0D40CFF7AE4 ] C:\Windows\System32\werconcpl.dll
07:06:55.0836 2956 C:\Windows\System32\werconcpl.dll - ok
07:06:55.0842 2956 [ 11F8BDE1D0B42D73D39AF9DAA1AAE8B0 ] C:\Windows\System32\hcproviders.dll
07:06:55.0842 2956 C:\Windows\System32\hcproviders.dll - ok
07:06:55.0846 2956 [ 9F870EE236B59A36C8969FC9F25CFF7B ] C:\Windows\System32\ieproxy.dll
07:06:55.0846 2956 C:\Windows\System32\ieproxy.dll - ok
07:06:55.0849 2956 [ B6D873CFAEFFA3A302FC1533B66055FB ] C:\Windows\System32\dosvc.dll
07:06:55.0849 2956 C:\Windows\System32\dosvc.dll - ok
07:06:55.0854 2956 [ 10967D62F419CA0EB6EB9DA57D91286B ] C:\Windows\System32\moshost.dll
07:06:55.0854 2956 C:\Windows\System32\moshost.dll - ok
07:06:55.0861 2956 [ D6BFF08DCDF43663FC27450192B29E3B ] C:\Windows\System32\MapsBtSvc.dll
07:06:55.0861 2956 C:\Windows\System32\MapsBtSvc.dll - ok
07:06:55.0865 2956 [ E4F71CC30F7156EE05262E447BBF5213 ] C:\Windows\System32\MosStorage.dll
07:06:55.0865 2956 C:\Windows\System32\MosStorage.dll - ok
07:06:55.0870 2956 [ AA09EB75F10C167820B634A8A5909D61 ] C:\Windows\System32\ztrace_maps.dll
07:06:55.0870 2956 C:\Windows\System32\ztrace_maps.dll - ok
07:06:55.0877 2956 [ BD2E4F2777119E3CD3B74A8661BF670C ] C:\Windows\System32\MapConfiguration.dll
07:06:55.0877 2956 C:\Windows\System32\MapConfiguration.dll - ok
07:06:55.0880 2956 [ 5A38F3BAD50558F0E09D696ACF612D9E ] C:\Program Files (x86)\No-IP\ducservice.exe
07:06:55.0880 2956 C:\Program Files (x86)\No-IP\ducservice.exe - ok
07:06:55.0884 2956 [ 208B18B92C068377F5EB21CD72FBC993 ] C:\Windows\SysWOW64\mscoree.dll
07:06:55.0884 2956 C:\Windows\SysWOW64\mscoree.dll - ok
07:06:55.0890 2956 [ 4183E6559FDF1DF9426E40281F3A89C7 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
07:06:55.0890 2956 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
07:06:55.0895 2956 [ F30C38A3409F76FF9AA0B76CC36188C2 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
07:06:55.0895 2956 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
07:06:55.0899 2956 [ 43143ABB001D4211FAB627C136124A44 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_d08d6fa2442aa556\msvcr80.dll
07:06:55.0899 2956 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.9554_none_d08d6fa2442aa556\msvcr80.dll - ok
07:06:55.0904 2956 [ F078ED35E5C62E98B2A18E029E136958 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\64f8e4e9ad1cde3df5ae40ac89f9d4bd\mscorlib.ni.dll
07:06:55.0904 2956 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\64f8e4e9ad1cde3df5ae40ac89f9d4bd\mscorlib.ni.dll - ok
07:06:55.0911 2956 [ F51378A657FE3830BA21131911226847 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
07:06:55.0911 2956 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
07:06:55.0914 2956 [ 866D576B2EEA77867653E69D6FC37FFB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\8dd916f18ce5018006a2e2d55262d47f\System.ni.dll
07:06:55.0914 2956 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\8dd916f18ce5018006a2e2d55262d47f\System.ni.dll - ok
07:06:55.0919 2956 [ CC93DB925BD8A26F8B504C4D3E19BBA6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\27247aa3c6664119fdce3c9952c047fb\System.ServiceProcess.ni.dll
07:06:55.0919 2956 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\27247aa3c6664119fdce3c9952c047fb\System.ServiceProcess.ni.dll - ok
07:06:55.0925 2956 [ C57989F9774CD4932C7B231E0736B26A ] C:\Program Files (x86)\No-IP\ducapi.dll
07:06:55.0925 2956 C:\Program Files (x86)\No-IP\ducapi.dll - ok
07:06:55.0929 2956 [ 2EC0FB00608F6907693BF1E7ACC777D9 ] C:\Windows\SysWOW64\netfxperf.dll
07:06:55.0929 2956 C:\Windows\SysWOW64\netfxperf.dll - ok
07:06:55.0934 2956 [ 74E3084A79502136CE96385DF3BA55F7 ] C:\Windows\SysWOW64\shfolder.dll
07:06:55.0934 2956 C:\Windows\SysWOW64\shfolder.dll - ok
07:06:55.0941 2956 [ 1760AE8C5D731819A4BB1CF0448AC57C ] C:\Windows\System32\SgrmBroker.exe
07:06:55.0941 2956 C:\Windows\System32\SgrmBroker.exe - ok
07:06:55.0945 2956 [ 08C4E223D11E982A05FACF69548F3668 ] C:\Windows\System32\SgrmEnclave.dll
07:06:55.0945 2956 C:\Windows\System32\SgrmEnclave.dll - ok
07:06:55.0948 2956 [ F9231E00FEFB65D600E073A1BF979B66 ] C:\Windows\System32\sppsvc.exe
07:06:55.0948 2956 C:\Windows\System32\sppsvc.exe - ok
07:06:55.0953 2956 [ C437587FC7F7F3FA569D56BF803BF47E ] C:\Windows\System32\cryptxml.dll
07:06:55.0953 2956 C:\Windows\System32\cryptxml.dll - ok
07:06:55.0959 2956 [ 7D8AC0DC08FDCA88ABCCEEE7B1DF2406 ] C:\Windows\System32\sppwinob.dll
07:06:55.0959 2956 C:\Windows\System32\sppwinob.dll - ok
07:06:55.0963 2956 [ 317F54D4AE79CBDF783110656D46A80B ] C:\Windows\System32\pkeyhelper.dll
07:06:55.0963 2956 C:\Windows\System32\pkeyhelper.dll - ok
07:06:55.0966 2956 [ AF2979208ABA46C5DAAF254DD0919EC7 ] C:\Windows\System32\usocore.dll
07:06:55.0966 2956 C:\Windows\System32\usocore.dll - ok
07:06:55.0971 2956 [ 0A56FBEDDDF672C4C151F677F9D5A6B7 ] C:\Windows\System32\updatepolicy.dll
07:06:55.0972 2956 C:\Windows\System32\updatepolicy.dll - ok
07:06:55.0978 2956 [ E7252816762B3E2F88AF8A9520ADA404 ] C:\Windows\System32\sppobjs.dll
07:06:55.0978 2956 C:\Windows\System32\sppobjs.dll - ok
07:06:55.0981 2956 [ 1943487BC459CE46DB3D53578416D330 ] C:\Windows\System32\updatehandlers.dll
07:06:55.0981 2956 C:\Windows\System32\updatehandlers.dll - ok
07:06:55.0986 2956 [ 38451DCA0CA34586F976CB0C052F2E21 ] C:\Windows\System32\wuapi.dll
07:06:55.0986 2956 C:\Windows\System32\wuapi.dll - ok
07:06:55.0992 2956 [ 26E6588F4644F4F74FCC23108FB45438 ] C:\Windows\System32\wups.dll
07:06:55.0992 2956 C:\Windows\System32\wups.dll - ok
07:06:55.0998 2956 [ 067D65897550F395F2A1DECFE34558DA ] C:\Windows\System32\upshared.dll
07:06:55.0998 2956 C:\Windows\System32\upshared.dll - ok
07:06:56.0002 2956 [ F38DBE74D59B7F0E6E330981B715F512 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d7736a1e1984e2d7a3463585355afa8e\System.Xml.ni.dll
07:06:56.0002 2956 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d7736a1e1984e2d7a3463585355afa8e\System.Xml.ni.dll - ok
07:06:56.0008 2956 [ A0039CC8C213D9CD79A19772C2090C74 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\6333f0d2ce67cfc807e6af9cd20dab8a\System.Configuration.ni.dll
07:06:56.0008 2956 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\6333f0d2ce67cfc807e6af9cd20dab8a\System.Configuration.ni.dll - ok
07:06:56.0013 2956 [ 50DDCD42CD390522AEEEB0A138ACFC0B ] C:\Windows\SysWOW64\rtutils.dll
07:06:56.0014 2956 C:\Windows\SysWOW64\rtutils.dll - ok
07:06:56.0017 2956 [ 318BFE314F6F3490F81E2685A68BA7F0 ] C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
07:06:56.0017 2956 C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe - ok
07:06:56.0022 2956 [ 13EDD8BAA09053B4D42B3CEF4C8553B5 ] C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
07:06:56.0022 2956 C:\Windows\SysWOW64\OneCoreUAPCommonProxyStub.dll - ok
07:06:56.0028 2956 [ CABEC2FE77C070032E6CB15E0F58D9A5 ] C:\Windows\SysWOW64\twinapi.dll
07:06:56.0028 2956 C:\Windows\SysWOW64\twinapi.dll - ok
07:06:56.0031 2956 [ ABB56882148DE65D53ABFC55544A49A8 ] C:\Windows\System32\sc.exe
07:06:56.0031 2956 C:\Windows\System32\sc.exe - ok
07:06:56.0036 2956 [ AF9974196D2A646DD08811F1178A57D8 ] C:\Windows\System32\wsqmcons.exe
07:06:56.0036 2956 C:\Windows\System32\wsqmcons.exe - ok
07:06:56.0043 2956 [ 4FF4785BF30ED6978FB8F3AF759E41AA ] C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
07:06:56.0043 2956 C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe - ok
07:06:56.0047 2956 [ 52226CF6A78D697D1E362E5EEF008394 ] C:\Windows\System32\MusNotification.exe
07:06:56.0047 2956 C:\Windows\System32\MusNotification.exe - ok
07:06:56.0051 2956 [ F0C9F0FEA1C496FE1F64685464407643 ] C:\Windows\System32\dmiso8601utils.dll
07:06:56.0051 2956 C:\Windows\System32\dmiso8601utils.dll - ok
07:06:56.0058 2956 [ BFA310AA9F9E8EF73020984CACC41AEA ] C:\Windows\SysWOW64\ktmw32.dll
07:06:56.0058 2956 C:\Windows\SysWOW64\ktmw32.dll - ok
07:06:56.0063 2956 [ 9507F059F53CA14F496C025AF536EE95 ] C:\Windows\System32\PushToInstall.dll
07:06:56.0063 2956 C:\Windows\System32\PushToInstall.dll - ok
07:06:56.0066 2956 [ 482454CAD702F44B34D07C9A99B60B22 ] C:\Windows\SysWOW64\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll
07:06:56.0066 2956 C:\Windows\SysWOW64\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll - ok
07:06:56.0073 2956 [ 69F803A45B704351E47E9E2ED320C4D1 ] C:\Windows\System32\usoapi.dll
07:06:56.0073 2956 C:\Windows\System32\usoapi.dll - ok
07:06:56.0079 2956 [ 1E56DDFC3D45C7B3CC106603AD6C7F25 ] C:\Windows\System32\MusNotificationUx.exe
07:06:56.0079 2956 C:\Windows\System32\MusNotificationUx.exe - ok
07:06:56.0083 2956 [ DC53045859A6F42A2F0F4971360C4D51 ] C:\Windows\System32\WaaSAssessment.dll
07:06:56.0083 2956 C:\Windows\System32\WaaSAssessment.dll - ok
07:06:56.0089 2956 [ 0D2B1D0D8FFA24C8684965B21AB29507 ] C:\Windows\System32\wosc.dll
07:06:56.0089 2956 C:\Windows\System32\wosc.dll - ok
07:06:56.0095 2956 [ C1FF11FEFC30797F4E1CD339BE58107A ] C:\Windows\System32\utcutil.dll
07:06:56.0095 2956 C:\Windows\System32\utcutil.dll - ok
07:06:56.0099 2956 [ 7587AB4C62747E0DC94C150E9432BB7A ] C:\Windows\System32\dcntel.dll
07:06:56.0099 2956 C:\Windows\System32\dcntel.dll - ok
07:06:56.0109 2956 [ 89AE139011B7B4673FF9A33D189C9282 ] C:\Windows\System32\appraiser.dll
07:06:56.0110 2956 C:\Windows\System32\appraiser.dll - ok
07:06:56.0117 2956 [ 9A939C87F0F6EC2DF82A6BECB896CD4C ] C:\Windows\System32\wuaueng.dll
07:06:56.0117 2956 C:\Windows\System32\wuaueng.dll - ok
07:06:56.0129 2956 [ 3EF9CA763B9BB76E6C89D11A5F516088 ] C:\Windows\System32\wups2.dll
07:06:56.0129 2956 C:\Windows\System32\wups2.dll - ok
07:06:56.0134 2956 [ 79714A375A5B50E3C3B858625B2D4F80 ] C:\Windows\System32\wbem\wmipcima.dll
07:06:56.0134 2956 C:\Windows\System32\wbem\wmipcima.dll - ok
07:06:56.0143 2956 [ 94B41B42F6C48312F4262A1FF42E12FB ] C:\Windows\System32\wuuhext.dll
07:06:56.0143 2956 C:\Windows\System32\wuuhext.dll - ok
07:06:56.0148 2956 [ 32B2E26E6E6B2C13A92AE66F9BF2799B ] C:\Windows\System32\wuuhosdeployment.dll
07:06:56.0148 2956 C:\Windows\System32\wuuhosdeployment.dll - ok
07:06:56.0155 2956 [ 348BD30018FD6C5F97F6467639774F5E ] C:\Windows\SysWOW64\msxml6.dll
07:06:56.0155 2956 C:\Windows\SysWOW64\msxml6.dll - ok
07:06:56.0160 2956 ============================================================
07:06:56.0160 2956 Scan finished
07:06:56.0160 2956 ============================================================
07:06:56.0176 6536 Detected object count: 2
07:06:56.0177 6536 Actual detected object count: 2
07:07:40.0241 6536 90599366 ( HiddenService.Multi.Generic ) - skipped by user
07:07:40.0242 6536 90599366 ( HiddenService.Multi.Generic ) - User select action: Skip
07:07:40.0245 6536 NoIPDUCService4 ( UnsignedFile.Multi.Generic ) - skipped by user
07:07:40.0245 6536 NoIPDUCService4 ( UnsignedFile.Multi.Generic ) - User select action: Skip

attached are the two result from Adiag

Adiag1.txt

Adiag2.txt

kevinf80 · January 3, 2019

Hello mnmlisme,

Thanks for those logs, please do not use quote or code boxes to wrap your logs. Either copy/paste direct or attach logs. Continue with the following:

Open Malwarebytes Anti-Malware.

On the Settings tab > Protection Scroll to and make sure the following are selected:

Scan for Rootkits
Scan within Archives
Scroll further to Potential Threat Protection make sure the following are set as follows:
Potentially Unwanted Programs (PUP`s) set as :- Always detect PUP`s (recommended)
Potentially Unwanted Modifications (PUM`s) set as :- Alwaysdetect PUM`s (recommended)
Click on the Scan make sure Threat Scan is selected,
A Threat Scan will begin.
When the scan is complete if anything is found make sure that the first checkbox at the top is checked (that will automatically check all detected items), then click on the Quarantine Selected Tab
If asked to restart your computer to complete the removal, please do so
When complete click on Export Summary after deletion (bottom-left corner) and select Copy to Clipboard.
Wait for the prompt to restart the computer to appear, then click on Yes.
After the restart once you are back at your desktop, open Malwarebytes once more to retrieve the log.

To get the log from Malwarebytes do the following:

Click on the Reports tab > from main interface.
Double click on the Scan log which shows the Date and time of the scan just performed.
Click Export > From export you have two options:
Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
Use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…

Next,

Download AdwCleaner by Malwarebytes onto your Desktop.

Or from this Mirror

Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
Accept the EULA (I accept), then click on Scan
Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes
Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....

Please Do Not use your PC whilst the scan is in progress.... This scan is very thorough so may take several hours...

Double click the icon and select Run
Click Next
Select I accept the terms in this license agreement, then click Next twice
Click Install
Click Finish to launch the program
Once the virus database has been updated click Start Scanning
If any threats are found click Details, then View log file... (bottom left hand corner)
Copy and paste the results in your reply
Close the Notepad document, close the Threat Details screen, then click Start cleanup
Click Exit to close the program
If no threats were found please confirm that result....

The Virus Removal Tool scans the following areas of your computer:

Memory, including system memory on 32-bit (x86) versions of Windows
The Windows registry
All local hard drives, fixed and removable
Mapped network drives are not scanned.

Note: If threats are found in the computer memory, the scan stops. This is because further scanning could enable the threat to spread. You will be asked to click Start Cleanup to remove the threats before continuing the scan.

Saved logs are found here: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Next,

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the new logs. "FRST.txt" and "Addition.txt"

Let me see those logs in your reply...

Thank you,

Kevin...

mnmlisme · January 4, 2019

Hi Kev, I thought we had done the malwarebytes and the adware, is there a different settings?

kevinf80 · January 4, 2019

I ask for those scans because the last time we looked at your system was December 18th 2018, it is now Jan 4th 2019. In that time we are unsure if your system has degraded again.. The last scan by Sophos AV is very thorough, it may take several hours to complete...

mnmlisme · January 7, 2019

Will do the scan all over for the latest condition. The previously infected PC has been formatted, however, the replacement PC was infected with similar symptoms. The only thing we copied from the infected PC was SQL database backup and installer file. So I suspect the SQL files are infected (or injected) so it carries over to the new PC. So I will re-do the whole test, up until your last suggestion using the Sophos. The watchlist should be still useable in the new PC right? Since the symptoms and malware names are exactly the same.

kevinf80 · January 7, 2019

I`m a bit lost off, so we a dealing with a different PC, is that correct....? Also the common denominator seems to be SQL database, is that also correct...? One other point, is this a business set up or personal home set up.

Thank you,

Kevin..

mnmlisme · January 7, 2019

Yes Kevin, different pc with identical symptoms. Common denominator seems to be SQL database OR install files, yes.

personal home setup, well, non profit organization to be exact. a church. sql database is for a CRM software.

kevinf80 · January 7, 2019

Thanks for the update, I do not believe SQL database can have a virus per se, more than likely a HTML code in a text field or similar will be present. The HTML code may contain a script call to a URL to the infection on another computer, server or website to transfer that infection to the PC in question. Does that make sense to you...?

Is there any chance the SQL database can be checked to see if column values have any HTML where it should not be.

mnmlisme · January 11, 2019

Hi Kev, it made some sense but not complete. But I think I understand what are you saying.

The infected PC and the new PC was indeed in the same network when I was setting it up. The next time I'm setting up the new PC, I will have the previous system offline and transfer the necessary files manually. Hope that will stop the infection.

Meanwhile, still yet to do the test since the PC has been in use daily. Will find some time this weekend to conduct the test.

kevinf80 · January 11, 2019

Thanks for the update mnmlisme, yes post back whenevrer you`re ready...

Thank you,

Kevin..

Hijack.BitCoinMiner.WMI keeps coming back

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information