Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Necurs virus on my PC


  • Please log in to reply
6 replies to this topic

#1 Nitsua87

Nitsua87

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 September 2012 - 11:01 AM

Hi, everyone.

Over the past several days I have noticed my PC acting slower than usual and sudden errors popping up with my Anti-Virus. After some time of trying to figure out the problem, I installed Microsoft Security Essentials and discovered I have the Necurs trojan on my PC. Help with removing this trojan would be greatly appreciated as MSE doesn't seem to be removing it.

BC AdBot (Login to Remove)

 


#2 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:17 AM

Posted 08 September 2012 - 11:58 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

Please do the following:

:step1:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the box next to Loaded modules
  • If you are asked to reboot, then click Yes.

Next

  • Check the boxes next to Loaded modules, Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply.

:step2:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step3:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step4:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#3 Nitsua87

Nitsua87
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 September 2012 - 01:16 PM

13:50:08.0495 1216 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:50:08.0807 1216 ============================================================
13:50:08.0807 1216 Current date / time: 2012/09/08 13:50:08.0807
13:50:08.0807 1216 SystemInfo:
13:50:08.0807 1216
13:50:08.0807 1216 OS Version: 6.1.7601 ServicePack: 1.0
13:50:08.0807 1216 Product type: Workstation
13:50:08.0807 1216 ComputerName: AUSTIN-LAPTOP
13:50:08.0807 1216 UserName: Austin
13:50:08.0807 1216 Windows directory: C:\Windows
13:50:08.0807 1216 System windows directory: C:\Windows
13:50:08.0807 1216 Running under WOW64
13:50:08.0807 1216 Processor architecture: Intel x64
13:50:08.0807 1216 Number of processors: 8
13:50:08.0807 1216 Page size: 0x1000
13:50:08.0807 1216 Boot type: Normal boot
13:50:08.0807 1216 ============================================================
13:50:11.0820 1216 BG loaded
13:50:14.0285 1216 !crdlk
13:50:14.0410 1216 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
13:50:14.0535 1216 ============================================================
13:50:14.0535 1216 \Device\Harddisk0\DR0:
13:50:14.0660 1216 MBR partitions:
13:50:14.0660 1216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x476572B0
13:50:14.0660 1216 ============================================================
13:50:15.0377 1216 C: <-> \Device\Harddisk0\DR0\Partition1
13:50:15.0377 1216 ============================================================
13:50:15.0377 1216 Initialize success
13:50:15.0377 1216 ============================================================
13:50:30.0447 4940 ============================================================
13:50:30.0447 4940 Scan started
13:50:30.0447 4940 Mode: Manual; SigCheck; TDLFS;
13:50:30.0447 4940 ============================================================
13:50:31.0539 4940 ================ Scan system memory ========================
13:50:31.0539 4940 System memory - ok
13:50:31.0554 4940 ================ Scan services =============================
13:50:32.0834 4940 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:50:58.0125 4940 1394ohci - ok
13:50:58.0277 4940 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:50:58.0290 4940 ACPI - ok
13:50:58.0349 4940 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:50:58.0771 4940 AcpiPmi - ok
13:50:59.0051 4940 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:50:59.0084 4940 AdobeFlashPlayerUpdateSvc - ok
13:50:59.0200 4940 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:50:59.0217 4940 adp94xx - ok
13:50:59.0273 4940 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:50:59.0286 4940 adpahci - ok
13:50:59.0367 4940 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:50:59.0367 4940 adpu320 - ok
13:50:59.0539 4940 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:51:01.0789 4940 AeLookupSvc - ok
13:51:01.0929 4940 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
13:51:01.0945 4940 AFBAgent - ok
13:51:02.0070 4940 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
13:51:02.0210 4940 AFD - ok
13:51:02.0288 4940 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:51:02.0319 4940 agp440 - ok
13:51:02.0569 4940 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
13:51:02.0663 4940 ALG - ok
13:51:02.0772 4940 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
13:51:02.0803 4940 aliide - ok
13:51:02.0943 4940 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
13:51:02.0975 4940 amdide - ok
13:51:03.0068 4940 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:51:03.0160 4940 AmdK8 - ok
13:51:03.0310 4940 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:51:03.0346 4940 AmdPPM - ok
13:51:03.0457 4940 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:51:03.0457 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\amdsata.sys. md5: D4121AE6D0C0E7E13AA221AA57EF2D49
13:51:03.0535 4940 amdsata ( LockedFile.Multi.Generic ) - warning
13:51:03.0535 4940 amdsata - detected LockedFile.Multi.Generic (1)
13:51:03.0644 4940 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:51:03.0644 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\amdsbs.sys. md5: F67F933E79241ED32FF46A4F29B5120B
13:51:03.0754 4940 amdsbs ( LockedFile.Multi.Generic ) - warning
13:51:03.0754 4940 amdsbs - detected LockedFile.Multi.Generic (1)
13:51:03.0832 4940 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:51:03.0832 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\amdxata.sys. md5: 540DAF1CEA6094886D72126FD7C33048
13:51:04.0201 4940 amdxata ( LockedFile.Multi.Generic ) - warning
13:51:04.0201 4940 amdxata - detected LockedFile.Multi.Generic (1)
13:51:04.0897 4940 [ E8494519BCB9E3B1B72E5604993A76E3 ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:51:04.0913 4940 Amsp - ok
13:51:05.0557 4940 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
13:51:08.0437 4940 AppID - ok
13:51:08.0578 4940 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:51:08.0656 4940 AppIDSvc - ok
13:51:08.0827 4940 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
13:51:08.0905 4940 Appinfo - ok
13:51:09.0014 4940 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:51:09.0030 4940 Apple Mobile Device - ok
13:51:09.0092 4940 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
13:51:09.0092 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\arc.sys. md5: C484F8CEB1717C540242531DB7845C4E
13:51:09.0124 4940 arc ( LockedFile.Multi.Generic ) - warning
13:51:09.0124 4940 arc - detected LockedFile.Multi.Generic (1)
13:51:09.0186 4940 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:51:09.0187 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\arcsas.sys. md5: 019AF6924AEFE7839F61C830227FE79C
13:51:09.0210 4940 arcsas ( LockedFile.Multi.Generic ) - warning
13:51:09.0210 4940 arcsas - detected LockedFile.Multi.Generic (1)
13:51:09.0317 4940 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
13:51:09.0325 4940 ASLDRService - ok
13:51:09.0365 4940 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:51:09.0365 4940 Suspicious file (NoAccess): C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys. md5: 4C016FD76ED5C05E84CA8CAB77993961
13:51:09.0387 4940 ASMMAP64 ( LockedFile.Multi.Generic ) - warning
13:51:09.0387 4940 ASMMAP64 - detected LockedFile.Multi.Generic (1)
13:51:09.0424 4940 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:51:09.0424 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\asyncmac.sys. md5: 769765CE2CC62867468CEA93969B2242
13:51:09.0430 4940 AsyncMac ( LockedFile.Multi.Generic ) - warning
13:51:09.0430 4940 AsyncMac - detected LockedFile.Multi.Generic (1)
13:51:09.0522 4940 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
13:51:09.0522 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\atapi.sys. md5: 02062C0B390B7729EDC9E69C680A6F3C
13:51:09.0569 4940 atapi ( LockedFile.Multi.Generic ) - warning
13:51:09.0569 4940 atapi - detected LockedFile.Multi.Generic (1)
13:51:09.0678 4940 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
13:51:09.0678 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btath_flt.sys. md5: CBE61B4494165F458BD87E37181EE934
13:51:09.0694 4940 AthBTPort ( LockedFile.Multi.Generic ) - warning
13:51:09.0694 4940 AthBTPort - detected LockedFile.Multi.Generic (1)
13:51:09.0803 4940 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:51:09.0819 4940 Atheros Bt&Wlan Coex Agent - ok
13:51:09.0881 4940 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:51:09.0897 4940 AtherosSvc - ok
13:51:10.0084 4940 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:51:10.0084 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\athrx.sys. md5: B4174564AD5834A1680610572477878C
13:51:10.0115 4940 athr ( LockedFile.Multi.Generic ) - warning
13:51:10.0115 4940 athr - detected LockedFile.Multi.Generic (1)
13:51:10.0146 4940 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:51:10.0162 4940 ATKGFNEXSrv - ok
13:51:10.0227 4940 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:51:10.0228 4940 Suspicious file (NoAccess): C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys. md5: 1F7238A37389ED92E9D8EEE975CABD54
13:51:10.0245 4940 ATKWMIACPIIO ( LockedFile.Multi.Generic ) - warning
13:51:10.0245 4940 ATKWMIACPIIO - detected LockedFile.Multi.Generic (1)
13:51:10.0322 4940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:51:10.0389 4940 AudioEndpointBuilder - ok
13:51:10.0479 4940 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:51:10.0526 4940 AudioSrv - ok
13:51:10.0588 4940 [ E964EA70249DDE1343C8F694B52575EE ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
13:51:10.0588 4940 avgtp - ok
13:51:10.0666 4940 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:51:10.0791 4940 AxInstSV - ok
13:51:10.0884 4940 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:51:10.0884 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\bxvbda.sys. md5: 3E5B191307609F7514148C6832BB0842
13:51:10.0931 4940 b06bdrv ( LockedFile.Multi.Generic ) - warning
13:51:10.0931 4940 b06bdrv - detected LockedFile.Multi.Generic (1)
13:51:10.0994 4940 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:51:10.0994 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\b57nd60a.sys. md5: B5ACE6968304A3900EEB1EBFD9622DF2
13:51:10.0994 4940 b57nd60a ( LockedFile.Multi.Generic ) - warning
13:51:10.0994 4940 b57nd60a - detected LockedFile.Multi.Generic (1)
13:51:11.0103 4940 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
13:51:11.0134 4940 BBSvc - ok
13:51:11.0203 4940 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
13:51:11.0268 4940 BDESVC - ok
13:51:11.0315 4940 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
13:51:11.0315 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Beep.sys. md5: 16A47CE2DECC9B099349A5F840654746
13:51:11.0338 4940 Beep ( LockedFile.Multi.Generic ) - warning
13:51:11.0338 4940 Beep - detected LockedFile.Multi.Generic (1)
13:51:11.0383 4940 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
13:51:11.0449 4940 BFE - ok
13:51:11.0496 4940 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:51:11.0496 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\blbdrive.sys. md5: 61583EE3C3A17003C4ACD0475646B4D3
13:51:11.0511 4940 blbdrive ( LockedFile.Multi.Generic ) - warning
13:51:11.0511 4940 blbdrive - detected LockedFile.Multi.Generic (1)
13:51:11.0558 4940 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:51:11.0574 4940 Bonjour Service - ok
13:51:11.0620 4940 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:51:11.0620 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bowser.sys. md5: 6C02A83164F5CC0A262F4199F0871CF5
13:51:11.0652 4940 bowser ( LockedFile.Multi.Generic ) - warning
13:51:11.0652 4940 bowser - detected LockedFile.Multi.Generic (1)
13:51:11.0714 4940 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:51:11.0714 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\BrFiltLo.sys. md5: F09EEE9EDC320B5E1501F749FDE686C8
13:51:11.0730 4940 BrFiltLo ( LockedFile.Multi.Generic ) - warning
13:51:11.0730 4940 BrFiltLo - detected LockedFile.Multi.Generic (1)
13:51:11.0776 4940 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:51:11.0776 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\BrFiltUp.sys. md5: B114D3098E9BDB8BEA8B053685831BE6
13:51:11.0776 4940 BrFiltUp ( LockedFile.Multi.Generic ) - warning
13:51:11.0776 4940 BrFiltUp - detected LockedFile.Multi.Generic (1)
13:51:11.0870 4940 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
13:51:11.0932 4940 Browser - ok
13:51:11.0995 4940 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:51:11.0995 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\Brserid.sys. md5: 43BEA8D483BF1870F018E2D02E06A5BD
13:51:12.0010 4940 Brserid ( LockedFile.Multi.Generic ) - warning
13:51:12.0010 4940 Brserid - detected LockedFile.Multi.Generic (1)
13:51:12.0088 4940 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:51:12.0088 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrSerWdm.sys. md5: A6ECA2151B08A09CACECA35C07F05B42
13:51:12.0088 4940 BrSerWdm ( LockedFile.Multi.Generic ) - warning
13:51:12.0088 4940 BrSerWdm - detected LockedFile.Multi.Generic (1)
13:51:12.0151 4940 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:51:12.0151 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrUsbMdm.sys. md5: B79968002C277E869CF38BD22CD61524
13:51:12.0166 4940 BrUsbMdm ( LockedFile.Multi.Generic ) - warning
13:51:12.0166 4940 BrUsbMdm - detected LockedFile.Multi.Generic (1)
13:51:12.0182 4940 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:51:12.0182 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrUsbSer.sys. md5: A87528880231C54E75EA7A44943B38BF
13:51:12.0198 4940 BrUsbSer ( LockedFile.Multi.Generic ) - warning
13:51:12.0198 4940 BrUsbSer - detected LockedFile.Multi.Generic (1)
13:51:12.0244 4940 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
13:51:12.0244 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\btath_a2dp.sys. md5: FE70889A85C57A9268101B2DB0474509
13:51:12.0260 4940 BTATH_A2DP ( LockedFile.Multi.Generic ) - warning
13:51:12.0260 4940 BTATH_A2DP - detected LockedFile.Multi.Generic (1)
13:51:12.0322 4940 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
13:51:12.0322 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btath_bus.sys. md5: A83A91D07D1FE6BBE7A9DB46CA00434B
13:51:12.0338 4940 BTATH_BUS ( LockedFile.Multi.Generic ) - warning
13:51:12.0338 4940 BTATH_BUS - detected LockedFile.Multi.Generic (1)
13:51:12.0369 4940 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
13:51:12.0369 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btath_hcrp.sys. md5: C864FF85EE16D61C2BDD5EF76824625F
13:51:12.0385 4940 BTATH_HCRP ( LockedFile.Multi.Generic ) - warning
13:51:12.0385 4940 BTATH_HCRP - detected LockedFile.Multi.Generic (1)
13:51:12.0447 4940 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
13:51:12.0447 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btath_lwflt.sys. md5: 0DEA505EFB5D771826D177EF8B8A208F
13:51:12.0463 4940 BTATH_LWFLT ( LockedFile.Multi.Generic ) - warning
13:51:12.0463 4940 BTATH_LWFLT - detected LockedFile.Multi.Generic (1)
13:51:12.0494 4940 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
13:51:12.0494 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btath_rcp.sys. md5: 724C8088C96EFE7A3E63FEC21D4681C0
13:51:12.0510 4940 BTATH_RCP ( LockedFile.Multi.Generic ) - warning
13:51:12.0510 4940 BTATH_RCP - detected LockedFile.Multi.Generic (1)
13:51:12.0588 4940 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
13:51:12.0588 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\btfilter.sys. md5: AA0F5AFCF077C5246589B32ECEEAE566
13:51:12.0603 4940 BtFilter ( LockedFile.Multi.Generic ) - warning
13:51:12.0603 4940 BtFilter - detected LockedFile.Multi.Generic (1)
13:51:12.0681 4940 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
13:51:12.0681 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\BthEnum.sys. md5: CF98190A94F62E405C8CB255018B2315
13:51:12.0681 4940 BthEnum ( LockedFile.Multi.Generic ) - warning
13:51:12.0681 4940 BthEnum - detected LockedFile.Multi.Generic (1)
13:51:12.0759 4940 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:51:12.0759 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\bthmodem.sys. md5: 9DA669F11D1F894AB4EB69BF546A42E8
13:51:12.0775 4940 BTHMODEM ( LockedFile.Multi.Generic ) - warning
13:51:12.0775 4940 BTHMODEM - detected LockedFile.Multi.Generic (1)
13:51:12.0806 4940 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
13:51:12.0806 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bthpan.sys. md5: 02DD601B708DD0667E1331FA8518E9FF
13:51:12.0822 4940 BthPan ( LockedFile.Multi.Generic ) - warning
13:51:12.0822 4940 BthPan - detected LockedFile.Multi.Generic (1)
13:51:12.0931 4940 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:51:12.0931 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\BTHport.sys. md5: 738D0E9272F59EB7A1449C3EC118E6C4
13:51:12.0962 4940 BTHPORT ( LockedFile.Multi.Generic ) - warning
13:51:12.0962 4940 BTHPORT - detected LockedFile.Multi.Generic (1)
13:51:13.0024 4940 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
13:51:13.0102 4940 bthserv - ok
13:51:13.0180 4940 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:51:13.0180 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\BTHUSB.sys. md5: F188B7394D81010767B6DF3178519A37
13:51:13.0210 4940 BTHUSB ( LockedFile.Multi.Generic ) - warning
13:51:13.0210 4940 BTHUSB - detected LockedFile.Multi.Generic (1)
13:51:13.0290 4940 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:51:13.0291 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cdfs.sys. md5: B8BD2BB284668C84865658C77574381A
13:51:13.0315 4940 cdfs ( LockedFile.Multi.Generic ) - warning
13:51:13.0315 4940 cdfs - detected LockedFile.Multi.Generic (1)
13:51:13.0345 4940 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:51:13.0345 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cdrom.sys. md5: F036CE71586E93D94DAB220D7BDF4416
13:51:13.0354 4940 cdrom ( LockedFile.Multi.Generic ) - warning
13:51:13.0354 4940 cdrom - detected LockedFile.Multi.Generic (1)
13:51:13.0413 4940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
13:51:13.0465 4940 CertPropSvc - ok
13:51:13.0502 4940 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
13:51:13.0502 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\circlass.sys. md5: D7CD5C4E1B71FA62050515314CFB52CF
13:51:13.0533 4940 circlass ( LockedFile.Multi.Generic ) - warning
13:51:13.0533 4940 circlass - detected LockedFile.Multi.Generic (1)
13:51:13.0565 4940 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
13:51:13.0565 4940 Suspicious file (NoAccess): C:\Windows\system32\CLFS.sys. md5: FE1EC06F2253F691FE36217C592A0206
13:51:13.0580 4940 CLFS ( LockedFile.Multi.Generic ) - warning
13:51:13.0580 4940 CLFS - detected LockedFile.Multi.Generic (1)
13:51:13.0658 4940 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:51:13.0674 4940 clr_optimization_v2.0.50727_32 - ok
13:51:13.0736 4940 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:51:13.0752 4940 clr_optimization_v2.0.50727_64 - ok
13:51:13.0877 4940 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:51:13.0955 4940 clr_optimization_v4.0.30319_32 - ok
13:51:14.0017 4940 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:51:14.0048 4940 clr_optimization_v4.0.30319_64 - ok
13:51:14.0111 4940 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:51:14.0111 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\CmBatt.sys. md5: 0840155D0BDDF1190F84A663C284BD33
13:51:14.0142 4940 CmBatt ( LockedFile.Multi.Generic ) - warning
13:51:14.0142 4940 CmBatt - detected LockedFile.Multi.Generic (1)
13:51:14.0157 4940 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:51:14.0157 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\cmdide.sys. md5: E19D3F095812725D88F9001985B94EDD
13:51:14.0157 4940 cmdide ( LockedFile.Multi.Generic ) - warning
13:51:14.0157 4940 cmdide - detected LockedFile.Multi.Generic (1)
13:51:14.0225 4940 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
13:51:14.0226 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\cng.sys. md5: 9AC4F97C2D3E93367E2148EA940CD2CD
13:51:14.0234 4940 CNG ( LockedFile.Multi.Generic ) - warning
13:51:14.0234 4940 CNG - detected LockedFile.Multi.Generic (1)
13:51:14.0266 4940 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:51:14.0266 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\compbatt.sys. md5: 102DE219C3F61415F964C88E9085AD14
13:51:14.0273 4940 Compbatt ( LockedFile.Multi.Generic ) - warning
13:51:14.0273 4940 Compbatt - detected LockedFile.Multi.Generic (1)
13:51:14.0320 4940 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
13:51:14.0320 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\CompositeBus.sys. md5: 03EDB043586CCEBA243D689BDDA370A8
13:51:14.0326 4940 CompositeBus ( LockedFile.Multi.Generic ) - warning
13:51:14.0326 4940 CompositeBus - detected LockedFile.Multi.Generic (1)
13:51:14.0348 4940 COMSysApp - ok
13:51:14.0399 4940 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:51:14.0399 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\crcdisk.sys. md5: 1C827878A998C18847245FE1F34EE597
13:51:14.0405 4940 crcdisk ( LockedFile.Multi.Generic ) - warning
13:51:14.0405 4940 crcdisk - detected LockedFile.Multi.Generic (1)
13:51:14.0472 4940 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:51:14.0522 4940 CryptSvc - ok
13:51:14.0600 4940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:51:14.0662 4940 DcomLaunch - ok
13:51:14.0725 4940 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
13:51:14.0818 4940 defragsvc - ok
13:51:14.0881 4940 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:51:14.0881 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 9BB2EF44EAA163B29C4A4587887A0FE4
13:51:14.0912 4940 DfsC ( LockedFile.Multi.Generic ) - warning
13:51:14.0912 4940 DfsC - detected LockedFile.Multi.Generic (1)
13:51:14.0959 4940 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
13:51:15.0037 4940 Dhcp - ok
13:51:15.0099 4940 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
13:51:15.0099 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\discache.sys. md5: 13096B05847EC78F0977F2C0F79E9AB3
13:51:15.0099 4940 discache ( LockedFile.Multi.Generic ) - warning
13:51:15.0099 4940 discache - detected LockedFile.Multi.Generic (1)
13:51:15.0162 4940 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
13:51:15.0162 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\disk.sys. md5: 9819EEE8B5EA3784EC4AF3B137A5244C
13:51:15.0162 4940 Disk ( LockedFile.Multi.Generic ) - warning
13:51:15.0162 4940 Disk - detected LockedFile.Multi.Generic (1)
13:51:15.0225 4940 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:51:15.0293 4940 Dnscache - ok
13:51:15.0373 4940 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
13:51:15.0420 4940 dot3svc - ok
13:51:15.0475 4940 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
13:51:15.0540 4940 DPS - ok
13:51:15.0618 4940 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:51:15.0618 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\drmkaud.sys. md5: 9B19F34400D24DF84C858A421C205754
13:51:15.0649 4940 drmkaud ( LockedFile.Multi.Generic ) - warning
13:51:15.0649 4940 drmkaud - detected LockedFile.Multi.Generic (1)
13:51:15.0758 4940 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:51:15.0758 4940 Suspicious file (NoAccess): C:\Windows\System32\drivers\dxgkrnl.sys. md5: F5BEE30450E18E6B83A5012C100616FD
13:51:15.0774 4940 DXGKrnl ( LockedFile.Multi.Generic ) - warning
13:51:15.0774 4940 DXGKrnl - detected LockedFile.Multi.Generic (1)
13:51:15.0774 4940 Suspicious service (NoAccess): e3083e853d691545
13:51:15.0821 4940 [ 0A7DAB6A5D1C59348CD56EDA45CF90B7 ] e3083e853d691545 C:\Windows\System32\Drivers\e3083e853d691545.sys
13:51:15.0821 4940 Suspicious file (NoAccess): C:\Windows\System32\Drivers\e3083e853d691545.sys. md5: 0A7DAB6A5D1C59348CD56EDA45CF90B7
13:51:15.0867 4940 e3083e853d691545 ( Rootkit.Win32.Necurs.gen ) - infected
13:51:15.0867 4940 e3083e853d691545 - detected Rootkit.Win32.Necurs.gen (0)
13:51:15.0930 4940 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
13:51:16.0023 4940 EapHost - ok
13:51:16.0164 4940 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:51:16.0164 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\evbda.sys. md5: DC5D737F51BE844D8C82C695EB17372F
13:51:16.0195 4940 ebdrv ( LockedFile.Multi.Generic ) - warning
13:51:16.0195 4940 ebdrv - detected LockedFile.Multi.Generic (1)
13:51:16.0257 4940 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
13:51:16.0320 4940 EFS - ok
13:51:16.0413 4940 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:51:16.0507 4940 ehRecvr - ok
13:51:16.0554 4940 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
13:51:16.0632 4940 ehSched - ok
13:51:16.0741 4940 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:51:16.0741 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\elxstor.sys. md5: 0E5DA5369A0FCAEA12456DD852545184
13:51:16.0772 4940 elxstor ( LockedFile.Multi.Generic ) - warning
13:51:16.0772 4940 elxstor - detected LockedFile.Multi.Generic (1)
13:51:16.0819 4940 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:51:16.0819 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\errdev.sys. md5: 34A3C54752046E79A126E15C51DB409B
13:51:16.0819 4940 ErrDev ( LockedFile.Multi.Generic ) - warning
13:51:16.0819 4940 ErrDev - detected LockedFile.Multi.Generic (1)
13:51:16.0897 4940 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
13:51:16.0897 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ETD.sys. md5: 05B0DCDA418E297A1B4CD8D7B8ADE403
13:51:16.0913 4940 ETD ( LockedFile.Multi.Generic ) - warning
13:51:16.0913 4940 ETD - detected LockedFile.Multi.Generic (1)
13:51:17.0006 4940 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
13:51:17.0069 4940 EventSystem - ok
13:51:17.0115 4940 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
13:51:17.0115 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\exfat.sys. md5: A510C654EC00C1E9BDD91EEB3A59823B
13:51:17.0131 4940 exfat ( LockedFile.Multi.Generic ) - warning
13:51:17.0131 4940 exfat - detected LockedFile.Multi.Generic (1)
13:51:17.0193 4940 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:51:17.0193 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\fastfat.sys. md5: 0ADC83218B66A6DB380C330836F3E36D
13:51:17.0193 4940 fastfat ( LockedFile.Multi.Generic ) - warning
13:51:17.0193 4940 fastfat - detected LockedFile.Multi.Generic (1)
13:51:17.0291 4940 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
13:51:17.0362 4940 Fax - ok
13:51:17.0411 4940 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
13:51:17.0411 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\fdc.sys. md5: D765D19CD8EF61F650C384F62FAC00AB
13:51:17.0417 4940 fdc ( LockedFile.Multi.Generic ) - warning
13:51:17.0417 4940 fdc - detected LockedFile.Multi.Generic (1)
13:51:17.0485 4940 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
13:51:17.0546 4940 fdPHost - ok
13:51:17.0592 4940 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
13:51:17.0670 4940 FDResPub - ok
13:51:17.0717 4940 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:51:17.0717 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\fileinfo.sys. md5: 655661BE46B5F5F3FD454E2C3095B930
13:51:17.0748 4940 FileInfo ( LockedFile.Multi.Generic ) - warning
13:51:17.0748 4940 FileInfo - detected LockedFile.Multi.Generic (1)
13:51:17.0795 4940 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:51:17.0795 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\filetrace.sys. md5: 5F671AB5BC87EEA04EC38A6CD5962A47
13:51:17.0811 4940 Filetrace ( LockedFile.Multi.Generic ) - warning
13:51:17.0811 4940 Filetrace - detected LockedFile.Multi.Generic (1)
13:51:17.0842 4940 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:51:17.0842 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\flpydisk.sys. md5: C172A0F53008EAEB8EA33FE10E177AF5
13:51:17.0842 4940 flpydisk ( LockedFile.Multi.Generic ) - warning
13:51:17.0842 4940 flpydisk - detected LockedFile.Multi.Generic (1)
13:51:17.0889 4940 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:51:17.0889 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\fltmgr.sys. md5: DA6B67270FD9DB3697B20FCE94950741
13:51:17.0904 4940 FltMgr ( LockedFile.Multi.Generic ) - warning
13:51:17.0904 4940 FltMgr - detected LockedFile.Multi.Generic (1)
13:51:17.0982 4940 [ 10B5AB16C34D4E316EDB825386F57DA6 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
13:51:17.0998 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\FLxHCIc.sys. md5: 10B5AB16C34D4E316EDB825386F57DA6
13:51:17.0998 4940 FLxHCIc ( LockedFile.Multi.Generic ) - warning
13:51:17.0998 4940 FLxHCIc - detected LockedFile.Multi.Generic (1)
13:51:18.0029 4940 [ 66DE264C2DEFE746CB2E71F3A5EB5C2C ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
13:51:18.0029 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\FLxHCIh.sys. md5: 66DE264C2DEFE746CB2E71F3A5EB5C2C
13:51:18.0045 4940 FLxHCIh ( LockedFile.Multi.Generic ) - warning
13:51:18.0045 4940 FLxHCIh - detected LockedFile.Multi.Generic (1)
13:51:18.0154 4940 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
13:51:18.0255 4940 FontCache - ok
13:51:18.0316 4940 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:51:18.0327 4940 FontCache3.0.0.0 - ok
13:51:18.0363 4940 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:51:18.0363 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\FsDepends.sys. md5: D43703496149971890703B4B1B723EAC
13:51:18.0393 4940 FsDepends ( LockedFile.Multi.Generic ) - warning
13:51:18.0393 4940 FsDepends - detected LockedFile.Multi.Generic (1)
13:51:18.0459 4940 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
13:51:18.0460 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fssfltr.sys. md5: 6C06701BF1DB05405804D7EB610991CE
13:51:18.0469 4940 fssfltr ( LockedFile.Multi.Generic ) - warning
13:51:18.0469 4940 fssfltr - detected LockedFile.Multi.Generic (1)
13:51:18.0580 4940 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:51:18.0627 4940 fsssvc - ok
13:51:18.0720 4940 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:51:18.0720 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Fs_Rec.sys. md5: 6BD9295CC032DD3077C671FCCF579A7B
13:51:18.0752 4940 Fs_Rec ( LockedFile.Multi.Generic ) - warning
13:51:18.0752 4940 Fs_Rec - detected LockedFile.Multi.Generic (1)
13:51:18.0798 4940 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:51:18.0798 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fvevol.sys. md5: 1F7B25B858FA27015169FE95E54108ED
13:51:18.0814 4940 fvevol ( LockedFile.Multi.Generic ) - warning
13:51:18.0814 4940 fvevol - detected LockedFile.Multi.Generic (1)
13:51:18.0830 4940 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:51:18.0830 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\gagp30kx.sys. md5: 8C778D335C9D272CFD3298AB02ABE3B6
13:51:18.0845 4940 gagp30kx ( LockedFile.Multi.Generic ) - warning
13:51:18.0845 4940 gagp30kx - detected LockedFile.Multi.Generic (1)
13:51:18.0892 4940 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:51:18.0892 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\GEARAspiWDM.sys. md5: E403AACF8C7BB11375122D2464560311
13:51:18.0892 4940 GEARAspiWDM ( LockedFile.Multi.Generic ) - warning
13:51:18.0892 4940 GEARAspiWDM - detected LockedFile.Multi.Generic (1)
13:51:18.0986 4940 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
13:51:19.0048 4940 gpsvc - ok
13:51:19.0188 4940 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:19.0204 4940 gupdate - ok
13:51:19.0259 4940 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:19.0274 4940 gupdatem - ok
13:51:19.0308 4940 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:51:19.0320 4940 gusvc - ok
13:51:19.0402 4940 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:51:19.0402 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\hcw85cir.sys. md5: F2523EF6460FC42405B12248338AB2F0
13:51:19.0428 4940 hcw85cir ( LockedFile.Multi.Generic ) - warning
13:51:19.0429 4940 hcw85cir - detected LockedFile.Multi.Generic (1)
13:51:19.0486 4940 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:51:19.0486 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\HdAudio.sys. md5: 975761C778E33CD22498059B91E7373A
13:51:19.0492 4940 HdAudAddService ( LockedFile.Multi.Generic ) - warning
13:51:19.0492 4940 HdAudAddService - detected LockedFile.Multi.Generic (1)
13:51:19.0537 4940 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:51:19.0537 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HDAudBus.sys. md5: 97BFED39B6B79EB12CDDBFEED51F56BB
13:51:19.0537 4940 HDAudBus ( LockedFile.Multi.Generic ) - warning
13:51:19.0537 4940 HDAudBus - detected LockedFile.Multi.Generic (1)
13:51:19.0569 4940 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:51:19.0569 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\HidBatt.sys. md5: 78E86380454A7B10A5EB255DC44A355F
13:51:19.0569 4940 HidBatt ( LockedFile.Multi.Generic ) - warning
13:51:19.0569 4940 HidBatt - detected LockedFile.Multi.Generic (1)
13:51:19.0615 4940 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:51:19.0615 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidbth.sys. md5: 7FD2A313F7AFE5C4DAB14798C48DD104
13:51:19.0631 4940 HidBth ( LockedFile.Multi.Generic ) - warning
13:51:19.0631 4940 HidBth - detected LockedFile.Multi.Generic (1)
13:51:19.0678 4940 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
13:51:19.0678 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\hidir.sys. md5: 0A77D29F311B88CFAE3B13F9C1A73825
13:51:19.0693 4940 HidIr ( LockedFile.Multi.Generic ) - warning
13:51:19.0693 4940 HidIr - detected LockedFile.Multi.Generic (1)
13:51:19.0771 4940 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
13:51:19.0849 4940 hidserv - ok
13:51:19.0927 4940 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:51:19.0927 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: 9592090A7E2B61CD582B612B6DF70536
13:51:19.0990 4940 HidUsb ( LockedFile.Multi.Generic ) - warning
13:51:19.0990 4940 HidUsb - detected LockedFile.Multi.Generic (1)
13:51:20.0068 4940 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:51:20.0161 4940 hkmsvc - ok
13:51:20.0224 4940 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:51:20.0316 4940 HomeGroupListener - ok
13:51:20.0371 4940 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:51:20.0406 4940 HomeGroupProvider - ok
13:51:20.0488 4940 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:51:20.0489 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\HpSAMD.sys. md5: 39D2ABCD392F3D8A6DCE7B60AE7B8EFC
13:51:20.0512 4940 HpSAMD ( LockedFile.Multi.Generic ) - warning
13:51:20.0512 4940 HpSAMD - detected LockedFile.Multi.Generic (1)
13:51:20.0554 4940 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:51:20.0554 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: 0EA7DE1ACB728DD5A369FD742D6EEE28
13:51:20.0570 4940 HTTP ( LockedFile.Multi.Generic ) - warning
13:51:20.0570 4940 HTTP - detected LockedFile.Multi.Generic (1)
13:51:20.0632 4940 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:51:20.0632 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\hwpolicy.sys. md5: A5462BD6884960C9DC85ED49D34FF392
13:51:20.0632 4940 hwpolicy ( LockedFile.Multi.Generic ) - warning
13:51:20.0632 4940 hwpolicy - detected LockedFile.Multi.Generic (1)
13:51:20.0710 4940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:51:20.0710 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\i8042prt.sys. md5: FA55C73D4AFFA7EE23AC4BE53B4592D3
13:51:20.0726 4940 i8042prt ( LockedFile.Multi.Generic ) - warning
13:51:20.0726 4940 i8042prt - detected LockedFile.Multi.Generic (1)
13:51:20.0819 4940 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:51:20.0819 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\iaStor.sys. md5: D7921D5A870B11CC1ADAB198A519D50A
13:51:20.0851 4940 iaStor ( LockedFile.Multi.Generic ) - warning
13:51:20.0851 4940 iaStor - detected LockedFile.Multi.Generic (1)
13:51:20.0913 4940 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:51:20.0913 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\iaStorV.sys. md5: AAAF44DB3BD0B9D1FB6969B23ECC8366
13:51:20.0944 4940 iaStorV ( LockedFile.Multi.Generic ) - warning
13:51:20.0944 4940 iaStorV - detected LockedFile.Multi.Generic (1)
13:51:21.0038 4940 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:51:21.0053 4940 idsvc - ok
13:51:21.0358 4940 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:51:21.0358 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\igdkmd64.sys. md5: EFE5A0AF39A8E179624117C521F1E012
13:51:21.0465 4940 igfx ( LockedFile.Multi.Generic ) - warning
13:51:21.0465 4940 igfx - detected LockedFile.Multi.Generic (1)
13:51:21.0512 4940 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:51:21.0513 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\iirsp.sys. md5: 5C18831C61933628F5BB0EA2675B9D21
13:51:21.0523 4940 iirsp ( LockedFile.Multi.Generic ) - warning
13:51:21.0523 4940 iirsp - detected LockedFile.Multi.Generic (1)
13:51:21.0573 4940 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
13:51:21.0651 4940 IKEEXT - ok
13:51:21.0760 4940 [ 177B4E48C7A288E70779B42AB81D2D06 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:51:21.0760 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\RTKVHD64.sys. md5: 177B4E48C7A288E70779B42AB81D2D06
13:51:21.0791 4940 IntcAzAudAddService ( LockedFile.Multi.Generic ) - warning
13:51:21.0791 4940 IntcAzAudAddService - detected LockedFile.Multi.Generic (1)
13:51:21.0869 4940 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:51:21.0869 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\IntcDAud.sys. md5: FC727061C0F47C8059E88E05D5C8E381
13:51:21.0885 4940 IntcDAud ( LockedFile.Multi.Generic ) - warning
13:51:21.0885 4940 IntcDAud - detected LockedFile.Multi.Generic (1)
13:51:21.0994 4940 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
13:51:21.0994 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: F00F20E70C6EC3AA366910083A0518AA
13:51:22.0010 4940 intelide ( LockedFile.Multi.Generic ) - warning
13:51:22.0010 4940 intelide - detected LockedFile.Multi.Generic (1)
13:51:22.0072 4940 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:51:22.0088 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: ADA036632C664CAA754079041CF1F8C1
13:51:22.0088 4940 intelppm ( LockedFile.Multi.Generic ) - warning
13:51:22.0088 4940 intelppm - detected LockedFile.Multi.Generic (1)
13:51:22.0166 4940 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:51:22.0259 4940 IPBusEnum - ok
13:51:22.0291 4940 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:51:22.0291 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: C9F0E1BD74365A8771590E9008D22AB6
13:51:22.0322 4940 IpFilterDriver ( LockedFile.Multi.Generic ) - warning
13:51:22.0322 4940 IpFilterDriver - detected LockedFile.Multi.Generic (1)
13:51:22.0384 4940 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:51:22.0478 4940 iphlpsvc - ok

Cont.

:51:22.0540 4940 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:51:22.0540 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\IPMIDrv.sys. md5: 0FC1AEA580957AA8817B8F305D18CA3A
13:51:22.0571 4940 IPMIDRV ( LockedFile.Multi.Generic ) - warning
13:51:22.0571 4940 IPMIDRV - detected LockedFile.Multi.Generic (1)
13:51:22.0603 4940 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:51:22.0603 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ipnat.sys. md5: AF9B39A7E7B6CAA203B3862582E9F2D0
13:51:22.0618 4940 IPNAT ( LockedFile.Multi.Generic ) - warning
13:51:22.0618 4940 IPNAT - detected LockedFile.Multi.Generic (1)
13:51:22.0681 4940 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:51:22.0712 4940 iPod Service - ok
13:51:22.0759 4940 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:51:22.0759 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 3ABF5E7213EB28966D55D58B515D5CE9
13:51:22.0790 4940 IRENUM ( LockedFile.Multi.Generic ) - warning
13:51:22.0790 4940 IRENUM - detected LockedFile.Multi.Generic (1)
13:51:22.0852 4940 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:51:22.0852 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 2F7B28DC3E1183E5EB418DF55C204F38
13:51:22.0868 4940 isapnp ( LockedFile.Multi.Generic ) - warning
13:51:22.0868 4940 isapnp - detected LockedFile.Multi.Generic (1)
13:51:22.0899 4940 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:51:22.0899 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\msiscsi.sys. md5: D931D7309DEB2317035B07C9F9E6B0BD
13:51:22.0915 4940 iScsiPrt ( LockedFile.Multi.Generic ) - warning
13:51:22.0915 4940 iScsiPrt - detected LockedFile.Multi.Generic (1)
13:51:22.0946 4940 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:51:22.0946 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: BC02336F1CBA7DCC7D1213BB588A68A5
13:51:22.0961 4940 kbdclass ( LockedFile.Multi.Generic ) - warning
13:51:22.0961 4940 kbdclass - detected LockedFile.Multi.Generic (1)
13:51:22.0993 4940 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:51:22.0993 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\kbdhid.sys. md5: 0705EFF5B42A9DB58548EEC3B26BB484
13:51:23.0008 4940 kbdhid ( LockedFile.Multi.Generic ) - warning
13:51:23.0008 4940 kbdhid - detected LockedFile.Multi.Generic (1)
13:51:23.0086 4940 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
13:51:23.0086 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbfiltr.sys. md5: E63EF8C3271D014F14E2469CE75FECB4
13:51:23.0117 4940 kbfiltr ( LockedFile.Multi.Generic ) - warning
13:51:23.0117 4940 kbfiltr - detected LockedFile.Multi.Generic (1)
13:51:23.0164 4940 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
13:51:23.0180 4940 KeyIso - ok
13:51:23.0242 4940 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:51:23.0242 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 97A7070AEA4C058B6418519E869A63B4
13:51:23.0258 4940 KSecDD ( LockedFile.Multi.Generic ) - warning
13:51:23.0258 4940 KSecDD - detected LockedFile.Multi.Generic (1)
13:51:23.0316 4940 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:51:23.0316 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecpkg.sys. md5: 26C43A7C2862447EC59DEDA188D1DA07
13:51:23.0326 4940 KSecPkg ( LockedFile.Multi.Generic ) - warning
13:51:23.0326 4940 KSecPkg - detected LockedFile.Multi.Generic (1)
13:51:23.0377 4940 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:51:23.0377 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ksthunk.sys. md5: 6869281E78CB31A43E969F06B57347C4
13:51:23.0383 4940 ksthunk ( LockedFile.Multi.Generic ) - warning
13:51:23.0383 4940 ksthunk - detected LockedFile.Multi.Generic (1)
13:51:23.0458 4940 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
13:51:23.0528 4940 KtmRm - ok
13:51:23.0581 4940 [ 033B4AED2C5519072C0D81E00804D003 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
13:51:23.0581 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\L1C62x64.sys. md5: 033B4AED2C5519072C0D81E00804D003
13:51:23.0612 4940 L1C ( LockedFile.Multi.Generic ) - warning
13:51:23.0612 4940 L1C - detected LockedFile.Multi.Generic (1)
13:51:23.0674 4940 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:51:23.0737 4940 LanmanServer - ok
13:51:23.0799 4940 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:51:23.0846 4940 LanmanWorkstation - ok
13:51:23.0908 4940 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:51:23.0924 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: 1538831CF8AD2979A04C423779465827
13:51:23.0955 4940 lltdio ( LockedFile.Multi.Generic ) - warning
13:51:23.0955 4940 lltdio - detected LockedFile.Multi.Generic (1)
13:51:24.0017 4940 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:51:24.0111 4940 lltdsvc - ok
13:51:24.0158 4940 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:51:24.0236 4940 lmhosts - ok
13:51:24.0342 4940 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:51:24.0354 4940 LMS - ok
13:51:24.0427 4940 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:51:24.0427 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_fc.sys. md5: 1A93E54EB0ECE102495A51266DCDB6A6
13:51:24.0453 4940 LSI_FC ( LockedFile.Multi.Generic ) - warning
13:51:24.0453 4940 LSI_FC - detected LockedFile.Multi.Generic (1)
13:51:24.0489 4940 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:51:24.0490 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas.sys. md5: 1047184A9FDC8BDBFF857175875EE810
13:51:24.0501 4940 LSI_SAS ( LockedFile.Multi.Generic ) - warning
13:51:24.0501 4940 LSI_SAS - detected LockedFile.Multi.Generic (1)
13:51:24.0521 4940 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:51:24.0521 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_sas2.sys. md5: 30F5C0DE1EE8B5BC9306C1F0E4A75F93
13:51:24.0530 4940 LSI_SAS2 ( LockedFile.Multi.Generic ) - warning
13:51:24.0530 4940 LSI_SAS2 - detected LockedFile.Multi.Generic (1)
13:51:24.0559 4940 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:51:24.0559 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\lsi_scsi.sys. md5: 0504EACAFF0D3C8AED161C4B0D369D4A
13:51:24.0568 4940 LSI_SCSI ( LockedFile.Multi.Generic ) - warning
13:51:24.0568 4940 LSI_SCSI - detected LockedFile.Multi.Generic (1)
13:51:24.0599 4940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
13:51:24.0599 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 43D0F98E1D56CCDDB0D5254CFF7B356E
13:51:24.0599 4940 luafv ( LockedFile.Multi.Generic ) - warning
13:51:24.0599 4940 luafv - detected LockedFile.Multi.Generic (1)
13:51:24.0662 4940 [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:51:24.0662 4940 MBAMProtector - ok
13:51:24.0724 4940 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:51:24.0740 4940 MBAMService - ok
13:51:24.0802 4940 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:51:24.0880 4940 Mcx2Svc - ok
13:51:24.0943 4940 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
13:51:24.0943 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\megasas.sys. md5: A55805F747C6EDB6A9080D7C633BD0F4
13:51:24.0974 4940 megasas ( LockedFile.Multi.Generic ) - warning
13:51:24.0974 4940 megasas - detected LockedFile.Multi.Generic (1)
13:51:25.0021 4940 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:51:25.0021 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MegaSR.sys. md5: BAF74CE0072480C3B6B7C13B2A94D6B3
13:51:25.0036 4940 MegaSR ( LockedFile.Multi.Generic ) - warning
13:51:25.0036 4940 MegaSR - detected LockedFile.Multi.Generic (1)
13:51:25.0099 4940 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:51:25.0099 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HECIx64.sys. md5: A6518DCC42F7A6E999BB3BEA8FD87567
13:51:25.0130 4940 MEIx64 ( LockedFile.Multi.Generic ) - warning
13:51:25.0130 4940 MEIx64 - detected LockedFile.Multi.Generic (1)
13:51:25.0192 4940 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
13:51:25.0270 4940 MMCSS - ok
13:51:25.0303 4940 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
13:51:25.0303 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: 800BA92F7010378B09F9ED9270F07137
13:51:25.0332 4940 Modem ( LockedFile.Multi.Generic ) - warning
13:51:25.0333 4940 Modem - detected LockedFile.Multi.Generic (1)
13:51:25.0399 4940 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:51:25.0399 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: B03D591DC7DA45ECE20B3B467E6AADAA
13:51:25.0425 4940 monitor ( LockedFile.Multi.Generic ) - warning
13:51:25.0425 4940 monitor - detected LockedFile.Multi.Generic (1)
13:51:25.0466 4940 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:51:25.0466 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 7D27EA49F3C1F687D357E77A470AEA99
13:51:25.0472 4940 mouclass ( LockedFile.Multi.Generic ) - warning
13:51:25.0472 4940 mouclass - detected LockedFile.Multi.Generic (1)
13:51:25.0503 4940 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:51:25.0503 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: D3BF052C40B0C4166D9FD86A4288C1E6
13:51:25.0511 4940 mouhid ( LockedFile.Multi.Generic ) - warning
13:51:25.0511 4940 mouhid - detected LockedFile.Multi.Generic (1)
13:51:25.0535 4940 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:51:25.0536 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: 32E7A3D591D671A6DF2DB515A5CBE0FA
13:51:25.0542 4940 mountmgr ( LockedFile.Multi.Generic ) - warning
13:51:25.0542 4940 mountmgr - detected LockedFile.Multi.Generic (1)
13:51:25.0602 4940 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:51:25.0617 4940 MozillaMaintenance - ok
13:51:25.0680 4940 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
13:51:25.0680 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: A44B420D30BD56E145D6A2BC8768EC58
13:51:25.0695 4940 mpio ( LockedFile.Multi.Generic ) - warning
13:51:25.0695 4940 mpio - detected LockedFile.Multi.Generic (1)
13:51:25.0742 4940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:51:25.0742 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 6C38C9E45AE0EA2FA5E551F2ED5E978F
13:51:25.0742 4940 mpsdrv ( LockedFile.Multi.Generic ) - warning
13:51:25.0742 4940 mpsdrv - detected LockedFile.Multi.Generic (1)
13:51:25.0820 4940 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:51:25.0882 4940 MpsSvc - ok
13:51:25.0945 4940 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:51:25.0945 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: DC722758B8261E1ABAFD31A3C0A66380
13:51:25.0992 4940 MRxDAV ( LockedFile.Multi.Generic ) - warning
13:51:25.0992 4940 MRxDAV - detected LockedFile.Multi.Generic (1)
13:51:26.0054 4940 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:51:26.0054 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: A5D9106A73DC88564C825D317CAC68AC
13:51:26.0054 4940 mrxsmb ( LockedFile.Multi.Generic ) - warning
13:51:26.0054 4940 mrxsmb - detected LockedFile.Multi.Generic (1)
13:51:26.0101 4940 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:51:26.0101 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: D711B3C1D5F42C0C2415687BE09FC163
13:51:26.0116 4940 mrxsmb10 ( LockedFile.Multi.Generic ) - warning
13:51:26.0116 4940 mrxsmb10 - detected LockedFile.Multi.Generic (1)
13:51:26.0163 4940 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:51:26.0163 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: 9423E9D355C8D303E76B8CFBD8A5C30C
13:51:26.0163 4940 mrxsmb20 ( LockedFile.Multi.Generic ) - warning
13:51:26.0163 4940 mrxsmb20 - detected LockedFile.Multi.Generic (1)
13:51:26.0226 4940 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
13:51:26.0226 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: C25F0BAFA182CBCA2DD3C851C2E75796
13:51:26.0241 4940 msahci ( LockedFile.Multi.Generic ) - warning
13:51:26.0241 4940 msahci - detected LockedFile.Multi.Generic (1)
13:51:26.0306 4940 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:51:26.0306 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: DB801A638D011B9633829EB6F663C900
13:51:26.0318 4940 msdsm ( LockedFile.Multi.Generic ) - warning
13:51:26.0318 4940 msdsm - detected LockedFile.Multi.Generic (1)
13:51:26.0356 4940 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
13:51:26.0391 4940 MSDTC - ok
13:51:26.0489 4940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:51:26.0489 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: AA3FB40E17CE1388FA1BEDAB50EA8F96
13:51:26.0504 4940 Msfs ( LockedFile.Multi.Generic ) - warning
13:51:26.0504 4940 Msfs - detected LockedFile.Multi.Generic (1)
13:51:26.0536 4940 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:51:26.0537 4940 Suspicious file (NoAccess): C:\Windows\System32\drivers\mshidkmdf.sys. md5: F9D215A46A8B9753F61767FA72A20326
13:51:26.0543 4940 mshidkmdf ( LockedFile.Multi.Generic ) - warning
13:51:26.0543 4940 mshidkmdf - detected LockedFile.Multi.Generic (1)
13:51:26.0590 4940 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:51:26.0590 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: D916874BBD4F8B07BFB7FA9B3CCAE29D
13:51:26.0590 4940 msisadrv ( LockedFile.Multi.Generic ) - warning
13:51:26.0590 4940 msisadrv - detected LockedFile.Multi.Generic (1)
13:51:26.0636 4940 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:51:26.0699 4940 MSiSCSI - ok
13:51:26.0714 4940 msiserver - ok
13:51:26.0761 4940 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:51:26.0761 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 49CCF2C4FEA34FFAD8B1B59D49439366
13:51:26.0792 4940 MSKSSRV ( LockedFile.Multi.Generic ) - warning
13:51:26.0792 4940 MSKSSRV - detected LockedFile.Multi.Generic (1)
13:51:26.0839 4940 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:51:26.0839 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: BDD71ACE35A232104DDD349EE70E1AB3
13:51:26.0839 4940 MSPCLOCK ( LockedFile.Multi.Generic ) - warning
13:51:26.0839 4940 MSPCLOCK - detected LockedFile.Multi.Generic (1)
13:51:26.0886 4940 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:51:26.0886 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: 4ED981241DB27C3383D72092B618A1D0
13:51:26.0886 4940 MSPQM ( LockedFile.Multi.Generic ) - warning
13:51:26.0886 4940 MSPQM - detected LockedFile.Multi.Generic (1)
13:51:26.0933 4940 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:51:26.0933 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: 759A9EEB0FA9ED79DA1FB7D4EF78866D
13:51:26.0948 4940 MsRPC ( LockedFile.Multi.Generic ) - warning
13:51:26.0948 4940 MsRPC - detected LockedFile.Multi.Generic (1)
13:51:27.0026 4940 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
13:51:27.0026 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mssmbios.sys. md5: 0EED230E37515A0EAEE3C2E1BC97B288
13:51:27.0089 4940 mssmbios ( LockedFile.Multi.Generic ) - warning
13:51:27.0089 4940 mssmbios - detected LockedFile.Multi.Generic (1)
13:51:27.0120 4940 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:51:27.0120 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 2E66F9ECB30B4221A318C92AC2250779
13:51:27.0136 4940 MSTEE ( LockedFile.Multi.Generic ) - warning
13:51:27.0136 4940 MSTEE - detected LockedFile.Multi.Generic (1)
13:51:27.0151 4940 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:51:27.0151 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\MTConfig.sys. md5: 7EA404308934E675BFFDE8EDF0757BCD
13:51:27.0167 4940 MTConfig ( LockedFile.Multi.Generic ) - warning
13:51:27.0167 4940 MTConfig - detected LockedFile.Multi.Generic (1)
13:51:27.0198 4940 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
13:51:27.0198 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: F9A18612FD3526FE473C1BDA678D61C8
13:51:27.0214 4940 Mup ( LockedFile.Multi.Generic ) - warning
13:51:27.0214 4940 Mup - detected LockedFile.Multi.Generic (1)
13:51:27.0292 4940 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
13:51:27.0376 4940 napagent - ok
13:51:27.0504 4940 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:51:27.0504 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 1EA3749C4114DB3E3161156FFFFA6B33
13:51:27.0590 4940 NativeWifiP ( LockedFile.Multi.Generic ) - warning
13:51:27.0590 4940 NativeWifiP - detected LockedFile.Multi.Generic (1)
13:51:27.0683 4940 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:51:27.0683 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: C38B8AE57F78915905064A9A24DC1586
13:51:27.0699 4940 NDIS ( LockedFile.Multi.Generic ) - warning
13:51:27.0699 4940 NDIS - detected LockedFile.Multi.Generic (1)
13:51:27.0730 4940 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:51:27.0730 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiscap.sys. md5: 9F9A1F53AAD7DA4D6FEF5BB73AB811AC
13:51:27.0746 4940 NdisCap ( LockedFile.Multi.Generic ) - warning
13:51:27.0761 4940 NdisCap - detected LockedFile.Multi.Generic (1)
13:51:27.0777 4940 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:51:27.0777 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 30639C932D9FEF22B31268FE25A1B6E5
13:51:27.0793 4940 NdisTapi ( LockedFile.Multi.Generic ) - warning
13:51:27.0793 4940 NdisTapi - detected LockedFile.Multi.Generic (1)
13:51:27.0839 4940 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:51:27.0839 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: 136185F9FB2CC61E573E676AA5402356
13:51:27.0855 4940 Ndisuio ( LockedFile.Multi.Generic ) - warning
13:51:27.0855 4940 Ndisuio - detected LockedFile.Multi.Generic (1)
13:51:27.0886 4940 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:51:27.0886 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 53F7305169863F0A2BDDC49E116C2E11
13:51:27.0902 4940 NdisWan ( LockedFile.Multi.Generic ) - warning
13:51:27.0902 4940 NdisWan - detected LockedFile.Multi.Generic (1)
13:51:27.0949 4940 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:51:27.0949 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 015C0D8E0E0421B4CFD48CFFE2825879
13:51:27.0949 4940 NDProxy ( LockedFile.Multi.Generic ) - warning
13:51:27.0964 4940 NDProxy - detected LockedFile.Multi.Generic (1)
13:51:27.0995 4940 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:51:27.0995 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: 86743D9F5D2B1048062B14B1D84501C4
13:51:28.0027 4940 NetBIOS ( LockedFile.Multi.Generic ) - warning
13:51:28.0027 4940 NetBIOS - detected LockedFile.Multi.Generic (1)
13:51:28.0073 4940 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:51:28.0073 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: 09594D1089C523423B32A4229263F068
13:51:28.0105 4940 NetBT ( LockedFile.Multi.Generic ) - warning
13:51:28.0105 4940 NetBT - detected LockedFile.Multi.Generic (1)
13:51:28.0151 4940 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
13:51:28.0167 4940 Netlogon - ok
13:51:28.0229 4940 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
13:51:28.0321 4940 Netman - ok
13:51:28.0359 4940 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
13:51:28.0414 4940 netprofm - ok
13:51:28.0522 4940 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:51:28.0533 4940 NetTcpPortSharing - ok
13:51:28.0593 4940 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:51:28.0593 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\nfrd960.sys. md5: 77889813BE4D166CDAB78DDBA990DA92
13:51:28.0609 4940 nfrd960 ( LockedFile.Multi.Generic ) - warning
13:51:28.0609 4940 nfrd960 - detected LockedFile.Multi.Generic (1)
13:51:28.0671 4940 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:51:28.0733 4940 NlaSvc - ok
13:51:28.0780 4940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:51:28.0780 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: 1E4C4AB5C9B8DD13179BBDC75A2A01F7
13:51:28.0811 4940 Npfs ( LockedFile.Multi.Generic ) - warning
13:51:28.0811 4940 Npfs - detected LockedFile.Multi.Generic (1)
13:51:28.0874 4940 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
13:51:28.0983 4940 nsi - ok
13:51:29.0014 4940 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:51:29.0014 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: E7F5AE18AF4168178A642A9247C63001
13:51:29.0045 4940 nsiproxy ( LockedFile.Multi.Generic ) - warning
13:51:29.0045 4940 nsiproxy - detected LockedFile.Multi.Generic (1)
13:51:29.0170 4940 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:51:29.0170 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: A2F74975097F52A00745F9637451FDD8
13:51:29.0186 4940 Ntfs ( LockedFile.Multi.Generic ) - warning
13:51:29.0186 4940 Ntfs - detected LockedFile.Multi.Generic (1)
13:51:29.0233 4940 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
13:51:29.0233 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: 9899284589F75FA8724FF3D16AED75C1
13:51:29.0248 4940 Null ( LockedFile.Multi.Generic ) - warning
13:51:29.0248 4940 Null - detected LockedFile.Multi.Generic (1)
13:51:29.0571 4940 [ BA0B4889C40380A01ECDF84C227A89C9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:51:29.0571 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvlddmkm.sys. md5: BA0B4889C40380A01ECDF84C227A89C9
13:51:29.0724 4940 nvlddmkm ( LockedFile.Multi.Generic ) - warning
13:51:29.0724 4940 nvlddmkm - detected LockedFile.Multi.Generic (1)
13:51:29.0786 4940 [ 715D45ED30003FC70CFA0D9C6DD0B538 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
13:51:29.0786 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nvpciflt.sys. md5: 715D45ED30003FC70CFA0D9C6DD0B538
13:51:29.0802 4940 nvpciflt ( LockedFile.Multi.Generic ) - warning
13:51:29.0802 4940 nvpciflt - detected LockedFile.Multi.Generic (1)
13:51:29.0864 4940 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:51:29.0864 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: 0A92CB65770442ED0DC44834632F66AD
13:51:29.0880 4940 nvraid ( LockedFile.Multi.Generic ) - warning
13:51:29.0880 4940 nvraid - detected LockedFile.Multi.Generic (1)
13:51:29.0942 4940 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:51:29.0942 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: DAB0E87525C10052BF65F06152F37E4A
13:51:29.0958 4940 nvstor ( LockedFile.Multi.Generic ) - warning
13:51:29.0958 4940 nvstor - detected LockedFile.Multi.Generic (1)
13:51:30.0052 4940 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] NVSvc C:\Windows\system32\nvvsvc.exe
13:51:30.0083 4940 NVSvc - ok
13:51:30.0239 4940 [ 53B629CE436B110C5689C2F6439E567B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:51:30.0317 4940 nvUpdatusService - ok
13:51:30.0399 4940 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:51:30.0400 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 270D7CD42D6E3979F6DD0146650F0E05
13:51:30.0415 4940 nv_agp ( LockedFile.Multi.Generic ) - warning
13:51:30.0415 4940 nv_agp - detected LockedFile.Multi.Generic (1)
13:51:30.0455 4940 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:51:30.0456 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ohci1394.sys. md5: 3589478E4B22CE21B41FA1BFC0B8B8A0
13:51:30.0461 4940 ohci1394 ( LockedFile.Multi.Generic ) - warning
13:51:30.0461 4940 ohci1394 - detected LockedFile.Multi.Generic (1)
13:51:30.0527 4940 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:51:30.0539 4940 ose - ok
13:51:30.0678 4940 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:51:30.0740 4940 osppsvc - ok
13:51:30.0834 4940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:51:30.0912 4940 p2pimsvc - ok
13:51:30.0990 4940 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
13:51:31.0068 4940 p2psvc - ok
13:51:31.0161 4940 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
13:51:31.0161 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\parport.sys. md5: 0086431C29C35BE1DBC43F52CC273887
13:51:31.0177 4940 Parport ( LockedFile.Multi.Generic ) - warning
13:51:31.0177 4940 Parport - detected LockedFile.Multi.Generic (1)
13:51:31.0270 4940 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:51:31.0270 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: E9766131EEADE40A27DC27D2D68FBA9C
13:51:31.0286 4940 partmgr ( LockedFile.Multi.Generic ) - warning
13:51:31.0286 4940 partmgr - detected LockedFile.Multi.Generic (1)
13:51:31.0488 4940 [ 9665402B7FA59302D520AD845DDFC026 ] Partner Service C:\ProgramData\Partner\Partner.exe
13:51:31.0502 4940 Partner Service - ok
13:51:31.0567 4940 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:51:31.0665 4940 PcaSvc - ok
13:51:31.0728 4940 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
13:51:31.0728 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 94575C0571D1462A0F70BDE6BD6EE6B3
13:51:31.0774 4940 pci ( LockedFile.Multi.Generic ) - warning
13:51:31.0774 4940 pci - detected LockedFile.Multi.Generic (1)
13:51:31.0821 4940 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
13:51:31.0821 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: B5B8B5EF2E5CB34DF8DCF8831E3534FA
13:51:31.0821 4940 pciide ( LockedFile.Multi.Generic ) - warning
13:51:31.0821 4940 pciide - detected LockedFile.Multi.Generic (1)
13:51:31.0868 4940 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:51:31.0868 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcmcia.sys. md5: B2E81D4E87CE48589F98CB8C05B01F2F
13:51:31.0915 4940 pcmcia ( LockedFile.Multi.Generic ) - warning
13:51:31.0915 4940 pcmcia - detected LockedFile.Multi.Generic (1)
13:51:31.0977 4940 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
13:51:31.0977 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\pcw.sys. md5: D6B9C2E1A11A3A4B26A182FFEF18F603
13:51:31.0977 4940 pcw ( LockedFile.Multi.Generic ) - warning
13:51:31.0977 4940 pcw - detected LockedFile.Multi.Generic (1)
13:51:32.0055 4940 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:51:32.0055 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 68769C3356B3BE5D1C732C97B9A80D6E
13:51:32.0071 4940 PEAUTH ( LockedFile.Multi.Generic ) - warning
13:51:32.0071 4940 PEAUTH - detected LockedFile.Multi.Generic (1)
13:51:32.0180 4940 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:51:32.0242 4940 PerfHost - ok
13:51:32.0438 4940 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
13:51:32.0524 4940 pla - ok
13:51:32.0599 4940 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:51:32.0637 4940 PlugPlay - ok
13:51:32.0715 4940 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:51:32.0778 4940 PNRPAutoReg - ok
13:51:32.0824 4940 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:51:32.0840 4940 PNRPsvc - ok
13:51:32.0934 4940 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:51:33.0058 4940 PolicyAgent - ok
13:51:33.0152 4940 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
13:51:33.0246 4940 Power - ok
13:51:33.0324 4940 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:51:33.0324 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: F92A2C41117A11A00BE01CA01A7FCDE9
13:51:33.0400 4940 PptpMiniport ( LockedFile.Multi.Generic ) - warning
13:51:33.0400 4940 PptpMiniport - detected LockedFile.Multi.Generic (1)
13:51:33.0469 4940 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
13:51:33.0469 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\processr.sys. md5: 0D922E23C041EFB1C3FAC2A6F943C9BF
13:51:33.0474 4940 Processor ( LockedFile.Multi.Generic ) - warning
13:51:33.0474 4940 Processor - detected LockedFile.Multi.Generic (1)
13:51:33.0598 4940 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
13:51:33.0656 4940 ProfSvc - ok
13:51:33.0687 4940 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:51:33.0703 4940 ProtectedStorage - ok
13:51:33.0796 4940 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:51:33.0796 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 0557CF5A2556BD58E26384169D72438D
13:51:33.0843 4940 Psched ( LockedFile.Multi.Generic ) - warning
13:51:33.0843 4940 Psched - detected LockedFile.Multi.Generic (1)
13:51:33.0952 4940 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:51:33.0952 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql2300.sys. md5: A53A15A11EBFD21077463EE2C7AFEEF0
13:51:33.0952 4940 ql2300 ( LockedFile.Multi.Generic ) - warning
13:51:33.0952 4940 ql2300 - detected LockedFile.Multi.Generic (1)
13:51:34.0015 4940 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:51:34.0015 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ql40xx.sys. md5: 4F6D12B51DE1AAEFF7DC58C4D75423C8
13:51:34.0030 4940 ql40xx ( LockedFile.Multi.Generic ) - warning
13:51:34.0030 4940 ql40xx - detected LockedFile.Multi.Generic (1)
13:51:34.0093 4940 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
13:51:34.0186 4940 QWAVE - ok
13:51:34.0249 4940 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:51:34.0249 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 76707BB36430888D9CE9D705398ADB6C
13:51:34.0280 4940 QWAVEdrv ( LockedFile.Multi.Generic ) - warning
13:51:34.0280 4940 QWAVEdrv - detected LockedFile.Multi.Generic (1)
13:51:34.0311 4940 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:51:34.0311 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 5A0DA8AD5762FA2D91678A8A01311704
13:51:34.0327 4940 RasAcd ( LockedFile.Multi.Generic ) - warning
13:51:34.0327 4940 RasAcd - detected LockedFile.Multi.Generic (1)
13:51:34.0376 4940 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:51:34.0377 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\AgileVpn.sys. md5: 7ECFF9B22276B73F43A99A15A6094E90
13:51:34.0384 4940 RasAgileVpn ( LockedFile.Multi.Generic ) - warning
13:51:34.0384 4940 RasAgileVpn - detected LockedFile.Multi.Generic (1)
13:51:34.0474 4940 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
13:51:34.0532 4940 RasAuto - ok
13:51:34.0578 4940 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:51:34.0578 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: 471815800AE33E6F1C32FB1B97C490CA
13:51:34.0604 4940 Rasl2tp ( LockedFile.Multi.Generic ) - warning
13:51:34.0604 4940 Rasl2tp - detected LockedFile.Multi.Generic (1)
13:51:34.0643 4940 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
13:51:34.0705 4940 RasMan - ok
13:51:34.0736 4940 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:51:34.0736 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 855C9B1CD4756C5E9A2AA58A15F58C25
13:51:34.0752 4940 RasPppoe ( LockedFile.Multi.Generic ) - warning
13:51:34.0752 4940 RasPppoe - detected LockedFile.Multi.Generic (1)
13:51:34.0783 4940 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:51:34.0783 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: E8B1E447B008D07FF47D016C2B0EEECB
13:51:34.0783 4940 RasSstp ( LockedFile.Multi.Generic ) - warning
13:51:34.0783 4940 RasSstp - detected LockedFile.Multi.Generic (1)
13:51:34.0861 4940 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:51:34.0861 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: 77F665941019A1594D887A74F301FA2F
13:51:34.0861 4940 rdbss ( LockedFile.Multi.Generic ) - warning
13:51:34.0861 4940 rdbss - detected LockedFile.Multi.Generic (1)
13:51:34.0908 4940 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:51:34.0908 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpbus.sys. md5: 302DA2A0539F2CF54D7C6CC30C1F2D8D
13:51:34.0923 4940 rdpbus ( LockedFile.Multi.Generic ) - warning
13:51:34.0923 4940 rdpbus - detected LockedFile.Multi.Generic (1)
13:51:34.0955 4940 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:51:34.0955 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: CEA6CC257FC9B7715F1C2B4849286D24
13:51:34.0970 4940 RDPCDD ( LockedFile.Multi.Generic ) - warning
13:51:34.0970 4940 RDPCDD - detected LockedFile.Multi.Generic (1)
13:51:35.0001 4940 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:51:35.0001 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: BB5971A4F00659529A5C44831AF22365
13:51:35.0017 4940 RDPENCDD ( LockedFile.Multi.Generic ) - warning
13:51:35.0017 4940 RDPENCDD - detected LockedFile.Multi.Generic (1)
13:51:35.0064 4940 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:51:35.0064 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdprefmp.sys. md5: 216F3FA57533D98E1F74DED70113177A
13:51:35.0079 4940 RDPREFMP ( LockedFile.Multi.Generic ) - warning
13:51:35.0079 4940 RDPREFMP - detected LockedFile.Multi.Generic (1)
13:51:35.0142 4940 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:51:35.0142 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: E61608AA35E98999AF9AAEEEA6114B0A
13:51:35.0189 4940 RDPWD ( LockedFile.Multi.Generic ) - warning
13:51:35.0189 4940 RDPWD - detected LockedFile.Multi.Generic (1)
13:51:35.0251 4940 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:51:35.0251 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\rdyboost.sys. md5: 34ED295FA0121C241BFEF24764FC4520
13:51:35.0298 4940 rdyboost ( LockedFile.Multi.Generic ) - warning
13:51:35.0298 4940 rdyboost - detected LockedFile.Multi.Generic (1)
13:51:35.0373 4940 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:51:35.0445 4940 RemoteAccess - ok
13:51:35.0492 4940 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:51:35.0538 4940 RemoteRegistry - ok
13:51:35.0597 4940 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
13:51:35.0597 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rfcomm.sys. md5: 3DD798846E2C28102B922C56E71B7932
13:51:35.0623 4940 RFCOMM ( LockedFile.Multi.Generic ) - warning
13:51:35.0624 4940 RFCOMM - detected LockedFile.Multi.Generic (1)
13:51:35.0802 4940 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:51:35.0817 4940 RichVideo - ok
13:51:35.0989 4940 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:51:36.0083 4940 RpcEptMapper - ok
13:51:36.0161 4940 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
13:51:36.0192 4940 RpcLocator - ok
13:51:36.0285 4940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
13:51:36.0332 4940 RpcSs - ok
13:51:36.0395 4940 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:51:36.0395 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: DDC86E4F8E7456261E637E3552E804FF
13:51:36.0426 4940 rspndr ( LockedFile.Multi.Generic ) - warning
13:51:36.0426 4940 rspndr - detected LockedFile.Multi.Generic (1)
13:51:36.0488 4940 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:51:36.0488 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rt64win7.sys. md5: ED5873F7DFB2F96D37F13322211B6BDC
13:51:36.0504 4940 RTL8167 ( LockedFile.Multi.Generic ) - warning
13:51:36.0504 4940 RTL8167 - detected LockedFile.Multi.Generic (1)
13:51:36.0535 4940 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
13:51:36.0551 4940 SamSs - ok
13:51:36.0613 4940 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:51:36.0613 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: AC03AF3329579FFFB455AA2DAABBE22B
13:51:36.0644 4940 sbp2port ( LockedFile.Multi.Generic ) - warning
13:51:36.0644 4940 sbp2port - detected LockedFile.Multi.Generic (1)
13:51:36.0707 4940 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:51:36.0800 4940 SCardSvr - ok
13:51:36.0847 4940 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:51:36.0847 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\scfilter.sys. md5: 253F38D0D7074C02FF8DEB9836C97D2B
13:51:36.0878 4940 scfilter ( LockedFile.Multi.Generic ) - warning
13:51:36.0878 4940 scfilter - detected LockedFile.Multi.Generic (1)
13:51:36.0987 4940 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
13:51:37.0050 4940 Schedule - ok
13:51:37.0112 4940 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
13:51:37.0159 4940 SCPolicySvc - ok
13:51:37.0221 4940 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:51:37.0299 4940 SDRSVC - ok
13:51:37.0422 4940 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:51:37.0446 4940 SeaPort - ok
13:51:37.0482 4940 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:51:37.0482 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 3EA8A16169C26AFBEB544E0E48421186
13:51:37.0534 4940 secdrv ( LockedFile.Multi.Generic ) - warning
13:51:37.0534 4940 secdrv - detected LockedFile.Multi.Generic (1)
13:51:37.0603 4940 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
13:51:37.0661 4940 seclogon - ok
13:51:37.0699 4940 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
13:51:37.0730 4940 SENS - ok
13:51:37.0762 4940 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:51:37.0871 4940 SensrSvc - ok
13:51:37.0949 4940 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
13:51:37.0949 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\serenum.sys. md5: CB624C0035412AF0DEBEC78C41F5CA1B
13:51:37.0980 4940 Serenum ( LockedFile.Multi.Generic ) - warning
13:51:37.0980 4940 Serenum - detected LockedFile.Multi.Generic (1)
13:51:38.0027 4940 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
13:51:38.0027 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\serial.sys. md5: C1D8E28B2C2ADFAEC4BA89E9FDA69BD6
13:51:38.0027 4940 Serial ( LockedFile.Multi.Generic ) - warning
13:51:38.0027 4940 Serial - detected LockedFile.Multi.Generic (1)
13:51:38.0058 4940 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:51:38.0058 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sermouse.sys. md5: 1C545A7D0691CC4A027396535691C3E3
13:51:38.0074 4940 sermouse ( LockedFile.Multi.Generic ) - warning
13:51:38.0074 4940 sermouse - detected LockedFile.Multi.Generic (1)
13:51:38.0152 4940 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
13:51:38.0245 4940 SessionEnv - ok
13:51:38.0292 4940 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:51:38.0292 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: A554811BCD09279536440C964AE35BBF
13:51:38.0323 4940 sffdisk ( LockedFile.Multi.Generic ) - warning
13:51:38.0323 4940 sffdisk - detected LockedFile.Multi.Generic (1)
13:51:38.0370 4940 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:51:38.0370 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: FF414F0BAEFEBA59BC6C04B3DB0B87BF
13:51:38.0386 4940 sffp_mmc ( LockedFile.Multi.Generic ) - warning
13:51:38.0386 4940 sffp_mmc - detected LockedFile.Multi.Generic (1)
13:51:38.0423 4940 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:51:38.0424 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: DD85B78243A19B59F0637DCF284DA63C
13:51:38.0435 4940 sffp_sd ( LockedFile.Multi.Generic ) - warning
13:51:38.0435 4940 sffp_sd - detected LockedFile.Multi.Generic (1)
13:51:38.0455 4940 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:51:38.0456 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sfloppy.sys. md5: A9D601643A1647211A1EE2EC4E433FF4
13:51:38.0462 4940 sfloppy ( LockedFile.Multi.Generic ) - warning
13:51:38.0462 4940 sfloppy - detected LockedFile.Multi.Generic (1)
13:51:38.0500 4940 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:51:38.0557 4940 SharedAccess - ok
13:51:38.0623 4940 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:51:38.0686 4940 ShellHWDetection - ok
13:51:38.0733 4940 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
13:51:38.0733 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SiSG664.sys. md5: 1BC348CF6BAA90EC8E533EF6E6A69933
13:51:38.0764 4940 SiSGbeLH ( LockedFile.Multi.Generic ) - warning
13:51:38.0764 4940 SiSGbeLH - detected LockedFile.Multi.Generic (1)
13:51:38.0826 4940 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:51:38.0826 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\SiSRaid2.sys. md5: 843CAF1E5FDE1FFD5FF768F23A51E2E1
13:51:38.0842 4940 SiSRaid2 ( LockedFile.Multi.Generic ) - warning
13:51:38.0842 4940 SiSRaid2 - detected LockedFile.Multi.Generic (1)
13:51:38.0873 4940 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:51:38.0873 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\sisraid4.sys. md5: 6A6C106D42E9FFFF8B9FCB4F754F6DA4
13:51:38.0889 4940 SiSRaid4 ( LockedFile.Multi.Generic ) - warning
13:51:38.0889 4940 SiSRaid4 - detected LockedFile.Multi.Generic (1)
13:51:38.0920 4940 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:51:38.0920 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 548260A7B8654E024DC30BF8A7C5BAA4
13:51:38.0935 4940 Smb ( LockedFile.Multi.Generic ) - warning
13:51:38.0935 4940 Smb - detected LockedFile.Multi.Generic (1)
13:51:39.0013 4940 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:51:39.0107 4940 SNMPTRAP - ok
13:51:39.0232 4940 [ C98375D19F9E9966F6201BAE65FB3728 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
13:51:39.0232 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\snp2uvc.sys. md5: C98375D19F9E9966F6201BAE65FB3728
13:51:39.0294 4940 SNP2UVC ( LockedFile.Multi.Generic ) - warning
13:51:39.0294 4940 SNP2UVC - detected LockedFile.Multi.Generic (1)
13:51:39.0325 4940 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
13:51:39.0341 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: B9E31E5CACDFE584F34F730A677803F9
13:51:39.0341 4940 spldr ( LockedFile.Multi.Generic ) - warning
13:51:39.0341 4940 spldr - detected LockedFile.Multi.Generic (1)
13:51:39.0422 4940 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
13:51:39.0483 4940 Spooler - ok
13:51:39.0600 4940 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
13:51:39.0689 4940 sppsvc - ok
13:51:39.0767 4940 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:51:39.0829 4940 sppuinotify - ok
13:51:39.0907 4940 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
13:51:39.0907 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 441FBA48BFF01FDB9D5969EBC1838F0B
13:51:39.0939 4940 srv ( LockedFile.Multi.Generic ) - warning
13:51:39.0939 4940 srv - detected LockedFile.Multi.Generic (1)
13:51:40.0001 4940 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:51:40.0001 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: B4ADEBBF5E3677CCE9651E0F01F7CC28
13:51:40.0017 4940 srv2 ( LockedFile.Multi.Generic ) - warning
13:51:40.0017 4940 srv2 - detected LockedFile.Multi.Generic (1)
13:51:40.0079 4940 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:51:40.0079 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 27E461F0BE5BFF5FC737328F749538C3
13:51:40.0079 4940 srvnet ( LockedFile.Multi.Generic ) - warning
13:51:40.0079 4940 srvnet - detected LockedFile.Multi.Generic (1)
13:51:40.0157 4940 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:51:40.0235 4940 SSDPSRV - ok
13:51:40.0313 4940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:51:40.0360 4940 SstpSvc - ok
13:51:40.0410 4940 Steam Client Service - ok
13:51:40.0488 4940 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:51:40.0488 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\stexstor.sys. md5: F3817967ED533D08327DC73BC4D5542A
13:51:40.0531 4940 stexstor ( LockedFile.Multi.Generic ) - warning
13:51:40.0531 4940 stexstor - detected LockedFile.Multi.Generic (1)
13:51:40.0619 4940 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
13:51:40.0671 4940 stisvc - ok
13:51:40.0722 4940 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
13:51:40.0722 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\swenum.sys. md5: D01EC09B6711A5F8E7E6564A4D0FBC90
13:51:40.0754 4940 swenum ( LockedFile.Multi.Generic ) - warning
13:51:40.0754 4940 swenum - detected LockedFile.Multi.Generic (1)
13:51:40.0816 4940 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
13:51:40.0863 4940 swprv - ok
13:51:40.0972 4940 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
13:51:41.0066 4940 SysMain - ok
13:51:41.0097 4940 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:51:41.0159 4940 TabletInputService - ok
13:51:41.0222 4940 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
13:51:41.0284 4940 TapiSrv - ok
13:51:41.0346 4940 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
13:51:41.0426 4940 TBS - ok
13:51:41.0552 4940 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:51:41.0552 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: ACB82BDA8F46C84F465C1AFA517DC4B9
13:51:41.0596 4940 Tcpip ( LockedFile.Multi.Generic ) - warning
13:51:41.0596 4940 Tcpip - detected LockedFile.Multi.Generic (1)
13:51:41.0659 4940 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:51:41.0659 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: ACB82BDA8F46C84F465C1AFA517DC4B9
13:51:41.0678 4940 TCPIP6 ( LockedFile.Multi.Generic ) - warning
13:51:41.0678 4940 TCPIP6 - detected LockedFile.Multi.Generic (1)
13:51:41.0740 4940 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:51:41.0740 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: DF687E3D8836BFB04FCC0615BF15A519
13:51:41.0756 4940 tcpipreg ( LockedFile.Multi.Generic ) - warning
13:51:41.0756 4940 tcpipreg - detected LockedFile.Multi.Generic (1)
13:51:41.0771 4940 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:51:41.0771 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 3371D21011695B16333A3934340C4E7C
13:51:41.0787 4940 TDPIPE ( LockedFile.Multi.Generic ) - warning
13:51:41.0787 4940 TDPIPE - detected LockedFile.Multi.Generic (1)
13:51:41.0818 4940 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:51:41.0818 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 51C5ECEB1CDEE2468A1748BE550CFBC8
13:51:41.0834 4940 TDTCP ( LockedFile.Multi.Generic ) - warning
13:51:41.0834 4940 TDTCP - detected LockedFile.Multi.Generic (1)
13:51:41.0865 4940 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:51:41.0865 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: DDAD5A7AB24D8B65F8D724F5C20FD806
13:51:41.0865 4940 tdx ( LockedFile.Multi.Generic ) - warning
13:51:41.0865 4940 tdx - detected LockedFile.Multi.Generic (1)
13:51:41.0927 4940 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
13:51:41.0927 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\termdd.sys. md5: 561E7E1F06895D78DE991E01DD0FB6E5
13:51:41.0943 4940 TermDD ( LockedFile.Multi.Generic ) - warning
13:51:41.0943 4940 TermDD - detected LockedFile.Multi.Generic (1)
13:51:42.0005 4940 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
13:51:42.0115 4940 TermService - ok

Cont.

13:51:42.0193 4940 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
13:51:42.0239 4940 Themes - ok
13:51:42.0302 4940 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
13:51:42.0349 4940 THREADORDER - ok
13:51:42.0469 4940 [ 69D76CE06BB629B69165C81D83A4B03E ] TiMiniService C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
13:51:42.0484 4940 TiMiniService - ok
13:51:42.0550 4940 [ 73AAFFDD2AC3C8814B26C440E5DD9DD4 ] tmactmon C:\Windows\system32\DRIVERS\tmactmon.sys
13:51:42.0550 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tmactmon.sys. md5: 73AAFFDD2AC3C8814B26C440E5DD9DD4
13:51:42.0602 4940 tmactmon ( LockedFile.Multi.Generic ) - warning
13:51:42.0602 4940 tmactmon - detected LockedFile.Multi.Generic (1)
13:51:42.0633 4940 [ 360E61217D4E1E333583D0C721057F70 ] tmcomm C:\Windows\system32\DRIVERS\tmcomm.sys
13:51:42.0633 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tmcomm.sys. md5: 360E61217D4E1E333583D0C721057F70
13:51:42.0639 4940 tmcomm ( LockedFile.Multi.Generic ) - warning
13:51:42.0639 4940 tmcomm - detected LockedFile.Multi.Generic (1)
13:51:42.0668 4940 [ 699D34EB7C670139CA23A65372BD5743 ] tmevtmgr C:\Windows\system32\DRIVERS\tmevtmgr.sys
13:51:42.0676 4940 tmevtmgr - ok
13:51:42.0713 4940 [ 262198EFB734012BFCD17E7479AE4A09 ] tmtdi C:\Windows\system32\DRIVERS\tmtdi.sys
13:51:42.0713 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tmtdi.sys. md5: 262198EFB734012BFCD17E7479AE4A09
13:51:42.0729 4940 tmtdi ( LockedFile.Multi.Generic ) - warning
13:51:42.0729 4940 tmtdi - detected LockedFile.Multi.Generic (1)
13:51:42.0776 4940 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
13:51:42.0838 4940 TrkWks - ok
13:51:42.0932 4940 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:51:43.0010 4940 TrustedInstaller - ok
13:51:43.0072 4940 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:51:43.0072 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: CE18B2CDFC837C99E5FAE9CA6CBA5D30
13:51:43.0088 4940 tssecsrv ( LockedFile.Multi.Generic ) - warning
13:51:43.0088 4940 tssecsrv - detected LockedFile.Multi.Generic (1)
13:51:43.0150 4940 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:51:43.0150 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\tsusbflt.sys. md5: D11C783E3EF9A3C52C0EBE83CC5000E9
13:51:43.0150 4940 TsUsbFlt ( LockedFile.Multi.Generic ) - warning
13:51:43.0150 4940 TsUsbFlt - detected LockedFile.Multi.Generic (1)
13:51:43.0181 4940 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:51:43.0181 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\TsUsbGD.sys. md5: 9CC2CCAE8A84820EAECB886D477CBCB8
13:51:43.0197 4940 TsUsbGD ( LockedFile.Multi.Generic ) - warning
13:51:43.0197 4940 TsUsbGD - detected LockedFile.Multi.Generic (1)
13:51:43.0228 4940 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:51:43.0228 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 3566A8DAAFA27AF944F5D705EAA64894
13:51:43.0244 4940 tunnel ( LockedFile.Multi.Generic ) - warning
13:51:43.0244 4940 tunnel - detected LockedFile.Multi.Generic (1)
13:51:43.0306 4940 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
13:51:43.0306 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\TurboB.sys. md5: FD24F98D2898BE093FE926604BE7DB99
13:51:43.0306 4940 TurboB ( LockedFile.Multi.Generic ) - warning
13:51:43.0306 4940 TurboB - detected LockedFile.Multi.Generic (1)
13:51:43.0353 4940 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:51:43.0368 4940 TurboBoost - ok
13:51:43.0431 4940 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:51:43.0431 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\uagp35.sys. md5: B4DD609BD7E282BFC683CEC7EAAAAD67
13:51:43.0446 4940 uagp35 ( LockedFile.Multi.Generic ) - warning
13:51:43.0446 4940 uagp35 - detected LockedFile.Multi.Generic (1)
13:51:43.0509 4940 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:51:43.0509 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: FF4232A1A64012BAA1FD97C7B67DF593
13:51:43.0509 4940 udfs ( LockedFile.Multi.Generic ) - warning
13:51:43.0509 4940 udfs - detected LockedFile.Multi.Generic (1)
13:51:43.0602 4940 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:51:43.0649 4940 UI0Detect - ok
13:51:43.0712 4940 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:51:43.0712 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 4BFE1BC28391222894CBF1E7D0E42320
13:51:43.0743 4940 uliagpkx ( LockedFile.Multi.Generic ) - warning
13:51:43.0743 4940 uliagpkx - detected LockedFile.Multi.Generic (1)
13:51:43.0805 4940 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:51:43.0805 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umbus.sys. md5: DC54A574663A895C8763AF0FA1FF7561
13:51:43.0805 4940 umbus ( LockedFile.Multi.Generic ) - warning
13:51:43.0805 4940 umbus - detected LockedFile.Multi.Generic (1)
13:51:43.0883 4940 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
13:51:43.0883 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\umpass.sys. md5: B2E8E8CB557B156DA5493BBDDCC1474D
13:51:43.0899 4940 UmPass ( LockedFile.Multi.Generic ) - warning
13:51:43.0899 4940 UmPass - detected LockedFile.Multi.Generic (1)
13:51:44.0086 4940 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:51:44.0180 4940 UNS - ok
13:51:44.0289 4940 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
13:51:44.0398 4940 upnphost - ok
13:51:44.0502 4940 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:51:44.0502 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: 6F1A3157A1C89435352CEB543CDB359C
13:51:44.0527 4940 usbccgp ( LockedFile.Multi.Generic ) - warning
13:51:44.0527 4940 usbccgp - detected LockedFile.Multi.Generic (1)
13:51:44.0592 4940 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:51:44.0592 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: AF0892A803FDDA7492F595368E3B68E7
13:51:44.0604 4940 usbcir ( LockedFile.Multi.Generic ) - warning
13:51:44.0605 4940 usbcir - detected LockedFile.Multi.Generic (1)
13:51:44.0639 4940 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:51:44.0639 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbehci.sys. md5: C025055FE7B87701EB042095DF1A2D7B
13:51:44.0645 4940 usbehci ( LockedFile.Multi.Generic ) - warning
13:51:44.0645 4940 usbehci - detected LockedFile.Multi.Generic (1)
13:51:44.0703 4940 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:51:44.0703 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 287C6C9410B111B68B52CA298F7B8C24
13:51:44.0719 4940 usbhub ( LockedFile.Multi.Generic ) - warning
13:51:44.0719 4940 usbhub - detected LockedFile.Multi.Generic (1)
13:51:44.0750 4940 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:51:44.0750 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbohci.sys. md5: 9840FC418B4CBD632D3D0A667A725C31
13:51:44.0750 4940 usbohci ( LockedFile.Multi.Generic ) - warning
13:51:44.0750 4940 usbohci - detected LockedFile.Multi.Generic (1)
13:51:44.0813 4940 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
13:51:44.0813 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbprint.sys. md5: 73188F58FB384E75C4063D29413CEE3D
13:51:44.0813 4940 usbprint ( LockedFile.Multi.Generic ) - warning
13:51:44.0813 4940 usbprint - detected LockedFile.Multi.Generic (1)
13:51:44.0844 4940 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
13:51:44.0844 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\USBSTOR.SYS. md5: FED648B01349A3C8395A5169DB5FB7D6
13:51:44.0859 4940 USBSTOR ( LockedFile.Multi.Generic ) - warning
13:51:44.0859 4940 USBSTOR - detected LockedFile.Multi.Generic (1)
13:51:44.0891 4940 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:51:44.0891 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\usbuhci.sys. md5: 62069A34518BCF9C1FD9E74B3F6DB7CD
13:51:44.0891 4940 usbuhci ( LockedFile.Multi.Generic ) - warning
13:51:44.0891 4940 usbuhci - detected LockedFile.Multi.Generic (1)
13:51:44.0937 4940 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
13:51:44.0937 4940 Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbvideo.sys. md5: 454800C2BC7F3927CE030141EE4F4C50
13:51:44.0953 4940 usbvideo ( LockedFile.Multi.Generic ) - warning
13:51:44.0953 4940 usbvideo - detected LockedFile.Multi.Generic (1)
13:51:45.0000 4940 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
13:51:45.0093 4940 UxSms - ok
13:51:45.0156 4940 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
13:51:45.0187 4940 VaultSvc - ok
13:51:45.0265 4940 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:51:45.0265 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\vdrvroot.sys. md5: C5C876CCFC083FF3B128F933823E87BD
13:51:45.0296 4940 vdrvroot ( LockedFile.Multi.Generic ) - warning
13:51:45.0296 4940 vdrvroot - detected LockedFile.Multi.Generic (1)
13:51:45.0359 4940 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
13:51:45.0449 4940 vds - ok
13:51:45.0488 4940 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:51:45.0488 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: DA4DA3F5E02943C2DC8C6ED875DE68DD
13:51:45.0516 4940 vga ( LockedFile.Multi.Generic ) - warning
13:51:45.0516 4940 vga - detected LockedFile.Multi.Generic (1)
13:51:45.0571 4940 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
13:51:45.0571 4940 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 53E92A310193CB3C03BEA963DE7D9CFC
13:51:45.0582 4940 VgaSave ( LockedFile.Multi.Generic ) - warning
13:51:45.0582 4940 VgaSave - detected LockedFile.Multi.Generic (1)
13:51:45.0606 4940 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:51:45.0607 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\vhdmp.sys. md5: 2CE2DF28C83AEAF30084E1B1EB253CBB
13:51:45.0615 4940 vhdmp ( LockedFile.Multi.Generic ) - warning
13:51:45.0615 4940 vhdmp - detected LockedFile.Multi.Generic (1)
13:51:45.0641 4940 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
13:51:45.0642 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: E5689D93FFE4E5D66C0178761240DD54
13:51:45.0648 4940 viaide ( LockedFile.Multi.Generic ) - warning
13:51:45.0648 4940 viaide - detected LockedFile.Multi.Generic (1)
13:51:45.0722 4940 [ 0ADF410187B71C9B855721C8D59CEC7A ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
13:51:45.0753 4940 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning
13:51:45.0753 4940 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)
13:51:45.0785 4940 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:51:45.0785 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: D2AAFD421940F640B407AEFAAEBD91B0
13:51:45.0800 4940 volmgr ( LockedFile.Multi.Generic ) - warning
13:51:45.0800 4940 volmgr - detected LockedFile.Multi.Generic (1)
13:51:45.0831 4940 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:51:45.0831 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: A255814907C89BE58B79EF2F189B843B
13:51:45.0831 4940 volmgrx ( LockedFile.Multi.Generic ) - warning
13:51:45.0831 4940 volmgrx - detected LockedFile.Multi.Generic (1)
13:51:45.0878 4940 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:51:45.0878 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 0D08D2F3B3FF84E433346669B5E0F639
13:51:45.0894 4940 volsnap ( LockedFile.Multi.Generic ) - warning
13:51:45.0894 4940 volsnap - detected LockedFile.Multi.Generic (1)
13:51:45.0941 4940 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:51:45.0941 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: 5E2016EA6EBACA03C04FEAC5F330D997
13:51:45.0941 4940 vsmraid ( LockedFile.Multi.Generic ) - warning
13:51:45.0941 4940 vsmraid - detected LockedFile.Multi.Generic (1)
13:51:46.0034 4940 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
13:51:46.0112 4940 VSS - ok
13:51:46.0237 4940 [ EF51747440486C23BD466311048BD924 ] vToolbarUpdater12.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
13:51:46.0253 4940 vToolbarUpdater12.2.0 - ok
13:51:46.0315 4940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:51:46.0315 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 36D4720B72B5C5D9CB2B9C29E9DF67A1
13:51:46.0331 4940 vwifibus ( LockedFile.Multi.Generic ) - warning
13:51:46.0331 4940 vwifibus - detected LockedFile.Multi.Generic (1)
13:51:46.0362 4940 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:51:46.0362 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 6A3D66263414FF0D6FA754C646612F3F
13:51:46.0362 4940 vwififlt ( LockedFile.Multi.Generic ) - warning
13:51:46.0362 4940 vwififlt - detected LockedFile.Multi.Generic (1)
13:51:46.0452 4940 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
13:51:46.0529 4940 W32Time - ok
13:51:46.0575 4940 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:51:46.0575 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: 4E9440F4F152A7B944CB1663D3935A3E
13:51:46.0598 4940 WacomPen ( LockedFile.Multi.Generic ) - warning
13:51:46.0598 4940 WacomPen - detected LockedFile.Multi.Generic (1)
13:51:46.0641 4940 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:51:46.0642 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 356AFD78A6ED4457169241AC3965230C
13:51:46.0651 4940 WANARP ( LockedFile.Multi.Generic ) - warning
13:51:46.0651 4940 WANARP - detected LockedFile.Multi.Generic (1)
13:51:46.0667 4940 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:51:46.0667 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 356AFD78A6ED4457169241AC3965230C
13:51:46.0674 4940 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
13:51:46.0674 4940 Wanarpv6 - detected LockedFile.Multi.Generic (1)
13:51:46.0756 4940 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:51:46.0787 4940 WatAdminSvc - ok
13:51:46.0834 4940 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
13:51:46.0943 4940 wbengine - ok
13:51:46.0990 4940 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:51:47.0036 4940 WbioSrvc - ok
13:51:47.0099 4940 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:51:47.0146 4940 wcncsvc - ok
13:51:47.0208 4940 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:51:47.0239 4940 WcsPlugInService - ok
13:51:47.0302 4940 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
13:51:47.0302 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: 72889E16FF12BA0F235467D6091B17DC
13:51:47.0333 4940 Wd ( LockedFile.Multi.Generic ) - warning
13:51:47.0333 4940 Wd - detected LockedFile.Multi.Generic (1)
13:51:47.0411 4940 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:51:47.0411 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 441BD2D7B4F98134C3A4F9FA570FD250
13:51:47.0411 4940 Wdf01000 ( LockedFile.Multi.Generic ) - warning
13:51:47.0411 4940 Wdf01000 - detected LockedFile.Multi.Generic (1)
13:51:47.0458 4940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:51:47.0558 4940 WdiServiceHost - ok
13:51:47.0579 4940 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:51:47.0597 4940 WdiSystemHost - ok
13:51:47.0668 4940 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
13:51:47.0705 4940 WebClient - ok
13:51:47.0773 4940 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:51:47.0851 4940 Wecsvc - ok
13:51:47.0914 4940 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:51:47.0976 4940 wercplsupport - ok
13:51:48.0039 4940 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
13:51:48.0179 4940 WerSvc - ok
13:51:48.0210 4940 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:51:48.0210 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 611B23304BF067451A9FDEE01FBDD725
13:51:48.0226 4940 WfpLwf ( LockedFile.Multi.Generic ) - warning
13:51:48.0226 4940 WfpLwf - detected LockedFile.Multi.Generic (1)
13:51:48.0304 4940 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
13:51:48.0304 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wimfltr.sys. md5: 52DED146E4797E6CCF94799E8E22BB2A
13:51:48.0319 4940 WimFltr ( LockedFile.Multi.Generic ) - warning
13:51:48.0319 4940 WimFltr - detected LockedFile.Multi.Generic (1)
13:51:48.0382 4940 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:51:48.0382 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 05ECAEC3E4529A7153B3136CEB49F0EC
13:51:48.0397 4940 WIMMount ( LockedFile.Multi.Generic ) - warning
13:51:48.0397 4940 WIMMount - detected LockedFile.Multi.Generic (1)
13:51:48.0458 4940 WinHttpAutoProxySvc - ok
13:51:48.0559 4940 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:51:48.0622 4940 Winmgmt - ok
13:51:48.0690 4940 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
13:51:48.0760 4940 WinRM - ok
13:51:48.0885 4940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
13:51:48.0932 4940 Wlansvc - ok
13:51:49.0041 4940 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:51:49.0056 4940 wlcrasvc - ok
13:51:49.0244 4940 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:51:49.0275 4940 wlidsvc - ok
13:51:49.0322 4940 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
13:51:49.0322 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: F6FF8944478594D0E414D3F048F0D778
13:51:49.0337 4940 WmiAcpi ( LockedFile.Multi.Generic ) - warning
13:51:49.0337 4940 WmiAcpi - detected LockedFile.Multi.Generic (1)
13:51:49.0431 4940 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:51:49.0488 4940 wmiApSrv - ok
13:51:49.0537 4940 WMPNetworkSvc - ok
13:51:49.0608 4940 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:51:49.0638 4940 WPCSvc - ok
13:51:49.0696 4940 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:51:49.0716 4940 WPDBusEnum - ok
13:51:49.0794 4940 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:51:49.0794 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6BCC1D7D2FD2453957C5479A32364E52
13:51:49.0826 4940 ws2ifsl ( LockedFile.Multi.Generic ) - warning
13:51:49.0826 4940 ws2ifsl - detected LockedFile.Multi.Generic (1)
13:51:49.0904 4940 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
13:51:49.0966 4940 wscsvc - ok
13:51:49.0982 4940 WSearch - ok
13:51:50.0138 4940 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
13:51:50.0247 4940 wuauserv - ok
13:51:50.0356 4940 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:51:50.0356 4940 Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: D3381DC54C34D79B22CEE0D65BA91B7C
13:51:50.0372 4940 WudfPf ( LockedFile.Multi.Generic ) - warning
13:51:50.0372 4940 WudfPf - detected LockedFile.Multi.Generic (1)
13:51:50.0464 4940 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:51:50.0464 4940 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: CF8D590BE3373029D57AF80914190682
13:51:50.0472 4940 WUDFRd ( LockedFile.Multi.Generic ) - warning
13:51:50.0472 4940 WUDFRd - detected LockedFile.Multi.Generic (1)
13:51:50.0532 4940 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:51:50.0572 4940 wudfsvc - ok
13:51:50.0611 4940 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
13:51:50.0651 4940 WwanSvc - ok
13:51:50.0735 4940 ================ Scan global ===============================
13:51:50.0844 4940 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:51:50.0891 4940 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:50.0907 4940 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
13:51:50.0922 4940 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:51:50.0954 4940 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:51:50.0969 4940 [Global] - ok
13:51:50.0969 4940 ================ Scan MBR ==================================
13:51:50.0985 4940 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:51:51.0469 4940 \Device\Harddisk0\DR0 - ok
13:51:51.0470 4940 ================ Scan VBR ==================================
13:51:51.0474 4940 [ 141C1886EB4CCEA64AE9160EDCA35979 ] \Device\Harddisk0\DR0\Partition1
13:51:51.0476 4940 \Device\Harddisk0\DR0\Partition1 - ok
13:51:51.0476 4940 ================ Scan active images ========================
13:51:51.0479 4940 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
13:51:51.0479 4940 C:\Windows\System32\drivers\crashdmp.sys - ok
13:51:51.0483 4940 [ D7921D5A870B11CC1ADAB198A519D50A ] C:\Windows\System32\drivers\iaStor.sys
13:51:51.0483 4940 C:\Windows\System32\drivers\iaStor.sys - ok
13:51:51.0488 4940 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
13:51:51.0488 4940 C:\Windows\System32\drivers\dumpfve.sys - ok
13:51:51.0492 4940 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
13:51:51.0492 4940 C:\Windows\System32\drivers\beep.sys - ok
13:51:51.0497 4940 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
13:51:51.0497 4940 C:\Windows\System32\drivers\cdrom.sys - ok
13:51:51.0501 4940 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
13:51:51.0501 4940 C:\Windows\System32\drivers\null.sys - ok
13:51:51.0505 4940 [ E964EA70249DDE1343C8F694B52575EE ] C:\Windows\System32\drivers\avgtpx64.sys
13:51:51.0505 4940 C:\Windows\System32\drivers\avgtpx64.sys - ok
13:51:51.0508 4940 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
13:51:51.0508 4940 C:\Windows\System32\drivers\RDPCDD.sys - ok
13:51:51.0511 4940 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
13:51:51.0511 4940 C:\Windows\System32\drivers\RDPENCDD.sys - ok
13:51:51.0513 4940 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
13:51:51.0513 4940 C:\Windows\System32\drivers\RDPREFMP.sys - ok
13:51:51.0516 4940 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
13:51:51.0516 4940 C:\Windows\System32\drivers\vga.sys - ok
13:51:51.0518 4940 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
13:51:51.0518 4940 C:\Windows\System32\drivers\videoprt.sys - ok
13:51:51.0522 4940 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
13:51:51.0522 4940 C:\Windows\System32\drivers\watchdog.sys - ok
13:51:51.0525 4940 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
13:51:51.0525 4940 C:\Windows\System32\drivers\afd.sys - ok
13:51:51.0528 4940 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
13:51:51.0528 4940 C:\Windows\System32\drivers\msfs.sys - ok
13:51:51.0530 4940 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
13:51:51.0530 4940 C:\Windows\System32\drivers\npfs.sys - ok
13:51:51.0533 4940 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
13:51:51.0533 4940 C:\Windows\System32\drivers\tdi.sys - ok
13:51:51.0536 4940 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
13:51:51.0536 4940 C:\Windows\System32\drivers\tdx.sys - ok
13:51:51.0539 4940 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
13:51:51.0540 4940 C:\Windows\System32\drivers\netbt.sys - ok
13:51:51.0542 4940 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
13:51:51.0542 4940 C:\Windows\System32\drivers\wfplwf.sys - ok
13:51:51.0545 4940 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
13:51:51.0545 4940 C:\Windows\System32\drivers\netbios.sys - ok
13:51:51.0547 4940 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
13:51:51.0547 4940 C:\Windows\System32\drivers\pacer.sys - ok
13:51:51.0550 4940 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
13:51:51.0550 4940 C:\Windows\System32\drivers\termdd.sys - ok
13:51:51.0553 4940 [ 262198EFB734012BFCD17E7479AE4A09 ] C:\Windows\System32\drivers\tmtdi.sys
13:51:51.0554 4940 C:\Windows\System32\drivers\tmtdi.sys - ok
13:51:51.0557 4940 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
13:51:51.0557 4940 C:\Windows\System32\drivers\vwififlt.sys - ok
13:51:51.0559 4940 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
13:51:51.0559 4940 C:\Windows\System32\drivers\wanarp.sys - ok
13:51:51.0562 4940 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
13:51:51.0562 4940 C:\Windows\System32\drivers\mssmbios.sys - ok
13:51:51.0565 4940 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
13:51:51.0565 4940 C:\Windows\System32\drivers\nsiproxy.sys - ok
13:51:51.0567 4940 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
13:51:51.0567 4940 C:\Windows\System32\drivers\rdbss.sys - ok
13:51:51.0571 4940 [ 1F7238A37389ED92E9D8EEE975CABD54 ] C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
13:51:51.0571 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - ok
13:51:51.0574 4940 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
13:51:51.0574 4940 C:\Windows\System32\drivers\blbdrive.sys - ok
13:51:51.0577 4940 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
13:51:51.0577 4940 C:\Windows\System32\drivers\dfsc.sys - ok
13:51:51.0580 4940 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
13:51:51.0580 4940 C:\Windows\System32\drivers\discache.sys - ok
13:51:51.0583 4940 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
13:51:51.0583 4940 C:\Windows\System32\drivers\tunnel.sys - ok
13:51:51.0585 4940 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
13:51:51.0585 4940 C:\Windows\System32\smss.exe - ok
13:51:51.0589 4940 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
13:51:51.0589 4940 C:\Windows\System32\autochk.exe - ok
13:51:51.0592 4940 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
13:51:51.0592 4940 C:\Windows\System32\ntdll.dll - ok
13:51:51.0594 4940 [ BA0B4889C40380A01ECDF84C227A89C9 ] C:\Windows\System32\drivers\nvlddmkm.sys
13:51:51.0594 4940 C:\Windows\System32\drivers\nvlddmkm.sys - ok
13:51:51.0597 4940 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
13:51:51.0597 4940 C:\Windows\System32\drivers\dxgkrnl.sys - ok
13:51:51.0600 4940 [ 3FE24C63DCAA851F95252C64B37CC3CE ] C:\Windows\System32\drivers\nvBridge.kmd
13:51:51.0600 4940 C:\Windows\System32\drivers\nvBridge.kmd - ok
13:51:51.0603 4940 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
13:51:51.0603 4940 C:\Windows\System32\drivers\dxgmms1.sys - ok
13:51:51.0606 4940 [ EFE5A0AF39A8E179624117C521F1E012 ] C:\Windows\System32\drivers\igdkmd64.sys
13:51:51.0606 4940 C:\Windows\System32\drivers\igdkmd64.sys - ok
13:51:51.0609 4940 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
13:51:51.0609 4940 C:\Windows\System32\drivers\HECIx64.sys - ok
13:51:51.0612 4940 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
13:51:51.0612 4940 C:\Windows\System32\drivers\hdaudbus.sys - ok
13:51:51.0615 4940 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
13:51:51.0615 4940 C:\Windows\System32\drivers\usbehci.sys - ok
13:51:51.0617 4940 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
13:51:51.0617 4940 C:\Windows\System32\drivers\usbport.sys - ok
13:51:51.0621 4940 [ B4174564AD5834A1680610572477878C ] C:\Windows\System32\drivers\athrx.sys
13:51:51.0621 4940 C:\Windows\System32\drivers\athrx.sys - ok
13:51:51.0624 4940 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
13:51:51.0624 4940 C:\Windows\System32\drivers\vwifibus.sys - ok
13:51:51.0627 4940 [ 10B5AB16C34D4E316EDB825386F57DA6 ] C:\Windows\System32\drivers\FLxHCIc.sys
13:51:51.0627 4940 C:\Windows\System32\drivers\FLxHCIc.sys - ok
13:51:51.0630 4940 [ ED5873F7DFB2F96D37F13322211B6BDC ] C:\Windows\System32\drivers\Rt64win7.sys
13:51:51.0630 4940 C:\Windows\System32\drivers\Rt64win7.sys - ok
13:51:51.0632 4940 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
13:51:51.0632 4940 C:\Windows\System32\gdi32.dll - ok
13:51:51.0635 4940 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] C:\Windows\System32\drivers\ETD.sys
13:51:51.0635 4940 C:\Windows\System32\drivers\ETD.sys - ok
13:51:51.0639 4940 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
13:51:51.0639 4940 C:\Windows\System32\drivers\i8042prt.sys - ok
13:51:51.0642 4940 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
13:51:51.0642 4940 C:\Windows\System32\drivers\mouclass.sys - ok
13:51:51.0645 4940 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
13:51:51.0645 4940 C:\Windows\System32\drivers\CmBatt.sys - ok
13:51:51.0647 4940 [ E403AACF8C7BB11375122D2464560311 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
13:51:51.0647 4940 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
13:51:51.0650 4940 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
13:51:51.0650 4940 C:\Windows\System32\drivers\intelppm.sys - ok
13:51:51.0654 4940 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
13:51:51.0654 4940 C:\Windows\System32\drivers\kbdclass.sys - ok
13:51:51.0657 4940 [ E63EF8C3271D014F14E2469CE75FECB4 ] C:\Windows\System32\drivers\kbfiltr.sys
13:51:51.0658 4940 C:\Windows\System32\drivers\kbfiltr.sys - ok
13:51:51.0660 4940 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
13:51:51.0660 4940 C:\Windows\System32\drivers\wmiacpi.sys - ok
13:51:51.0663 4940 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
13:51:51.0663 4940 C:\Windows\System32\drivers\agilevpn.sys - ok
13:51:51.0666 4940 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
13:51:51.0666 4940 C:\Windows\System32\drivers\CompositeBus.sys - ok
13:51:51.0669 4940 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
13:51:51.0669 4940 C:\Windows\System32\drivers\ndistapi.sys - ok
13:51:51.0672 4940 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
13:51:51.0673 4940 C:\Windows\System32\drivers\ndiswan.sys - ok
13:51:51.0675 4940 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
13:51:51.0675 4940 C:\Windows\System32\drivers\rasl2tp.sys - ok
13:51:51.0677 4940 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
13:51:51.0677 4940 C:\Windows\System32\drivers\raspppoe.sys - ok
13:51:51.0680 4940 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
13:51:51.0680 4940 C:\Windows\System32\drivers\raspptp.sys - ok
13:51:51.0683 4940 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
13:51:51.0683 4940 C:\Windows\System32\drivers\rassstp.sys - ok
13:51:51.0685 4940 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] C:\Windows\System32\drivers\btath_bus.sys
13:51:51.0685 4940 C:\Windows\System32\drivers\btath_bus.sys - ok
13:51:51.0689 4940 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
13:51:51.0689 4940 C:\Windows\System32\drivers\ks.sys - ok
13:51:51.0692 4940 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
13:51:51.0692 4940 C:\Windows\System32\drivers\swenum.sys - ok
13:51:51.0695 4940 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
13:51:51.0695 4940 C:\Windows\System32\drivers\umbus.sys - ok
13:51:51.0697 4940 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
13:51:51.0697 4940 C:\Windows\System32\drivers\usbhub.sys - ok
13:51:51.0700 4940 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
13:51:51.0700 4940 C:\Windows\System32\shell32.dll - ok
13:51:51.0703 4940 [ E10A0704318A6F7E52787D09717D7C2C ] C:\Windows\System32\iertutil.dll
13:51:51.0703 4940 C:\Windows\System32\iertutil.dll - ok
13:51:51.0706 4940 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
13:51:51.0706 4940 C:\Windows\System32\comdlg32.dll - ok
13:51:51.0709 4940 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
13:51:51.0709 4940 C:\Windows\System32\imm32.dll - ok
13:51:51.0712 4940 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
13:51:51.0712 4940 C:\Windows\System32\kernel32.dll - ok
13:51:51.0714 4940 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
13:51:51.0714 4940 C:\Windows\System32\msctf.dll - ok
13:51:51.0717 4940 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
13:51:51.0717 4940 C:\Windows\System32\oleaut32.dll - ok
13:51:51.0720 4940 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
13:51:51.0720 4940 C:\Windows\System32\rpcrt4.dll - ok
13:51:51.0723 4940 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
13:51:51.0723 4940 C:\Windows\System32\difxapi.dll - ok
13:51:51.0726 4940 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
13:51:51.0726 4940 C:\Windows\System32\normaliz.dll - ok
13:51:51.0728 4940 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
13:51:51.0728 4940 C:\Windows\System32\Wldap32.dll - ok
13:51:51.0731 4940 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
13:51:51.0731 4940 C:\Windows\System32\usp10.dll - ok
13:51:51.0733 4940 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
13:51:51.0733 4940 C:\Windows\System32\clbcatq.dll - ok
13:51:51.0737 4940 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
13:51:51.0737 4940 C:\Windows\System32\psapi.dll - ok
13:51:51.0737 4940 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
13:51:51.0737 4940 C:\Windows\System32\sechost.dll - ok
13:51:51.0737 4940 [ 7F7FE11DF2D67B36DFE5013881619A94 ] C:\Windows\System32\urlmon.dll
13:51:51.0737 4940 C:\Windows\System32\urlmon.dll - ok
13:51:51.0737 4940 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
13:51:51.0737 4940 C:\Windows\System32\msvcrt.dll - ok
13:51:51.0737 4940 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
13:51:51.0737 4940 C:\Windows\System32\lpk.dll - ok
13:51:51.0737 4940 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
13:51:51.0737 4940 C:\Windows\System32\user32.dll - ok
13:51:51.0737 4940 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
13:51:51.0737 4940 C:\Windows\System32\advapi32.dll - ok
13:51:51.0752 4940 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
13:51:51.0752 4940 C:\Windows\System32\nsi.dll - ok
13:51:51.0752 4940 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
13:51:51.0752 4940 C:\Windows\System32\drivers\ndproxy.sys - ok
13:51:51.0752 4940 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
13:51:51.0752 4940 C:\Windows\System32\drivers\drmk.sys - ok
13:51:51.0752 4940 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
13:51:51.0752 4940 C:\Windows\System32\drivers\portcls.sys - ok
13:51:51.0752 4940 [ 177B4E48C7A288E70779B42AB81D2D06 ] C:\Windows\System32\drivers\RTKVHD64.sys
13:51:51.0752 4940 C:\Windows\System32\drivers\RTKVHD64.sys - ok
13:51:51.0768 4940 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
13:51:51.0768 4940 C:\Windows\System32\drivers\ksthunk.sys - ok
13:51:51.0768 4940 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
13:51:51.0768 4940 C:\Windows\System32\drivers\IntcDAud.sys - ok
13:51:51.0768 4940 [ 66DE264C2DEFE746CB2E71F3A5EB5C2C ] C:\Windows\System32\drivers\FLxHCIh.sys
13:51:51.0768 4940 C:\Windows\System32\drivers\FLxHCIh.sys - ok
13:51:51.0768 4940 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
13:51:51.0768 4940 C:\Windows\System32\ole32.dll - ok
13:51:51.0768 4940 [ AA0F5AFCF077C5246589B32ECEEAE566 ] C:\Windows\System32\drivers\btfilter.sys
13:51:51.0768 4940 C:\Windows\System32\drivers\btfilter.sys - ok
13:51:51.0784 4940 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
13:51:51.0784 4940 C:\Windows\System32\drivers\bthport.sys - ok
13:51:51.0784 4940 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
13:51:51.0784 4940 C:\Windows\System32\drivers\BTHUSB.SYS - ok
13:51:51.0784 4940 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
13:51:51.0784 4940 C:\Windows\System32\drivers\usbd.sys - ok
13:51:51.0784 4940 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
13:51:51.0784 4940 C:\Windows\System32\drivers\usbccgp.sys - ok
13:51:51.0784 4940 [ 3D35D7F8A91FA5127EE052BE41BD87D3 ] C:\Windows\System32\drivers\sncduvc.sys
13:51:51.0784 4940 C:\Windows\System32\drivers\sncduvc.sys - ok
13:51:51.0784 4940 [ 001CC10FA5E71AE1119115E126C8750D ] C:\Windows\System32\drivers\stream.sys
13:51:51.0784 4940 C:\Windows\System32\drivers\stream.sys - ok
13:51:51.0799 4940 [ C98375D19F9E9966F6201BAE65FB3728 ] C:\Windows\System32\drivers\snp2uvc.sys
13:51:51.0799 4940 C:\Windows\System32\drivers\snp2uvc.sys - ok
13:51:51.0799 4940 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
13:51:51.0799 4940 C:\Windows\System32\drivers\bthenum.sys - ok
13:51:51.0799 4940 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
13:51:51.0799 4940 C:\Windows\System32\drivers\bthpan.sys - ok
13:51:51.0799 4940 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
13:51:51.0799 4940 C:\Windows\System32\drivers\rfcomm.sys - ok
13:51:51.0799 4940 [ FE70889A85C57A9268101B2DB0474509 ] C:\Windows\System32\drivers\btath_a2dp.sys
13:51:51.0799 4940 C:\Windows\System32\drivers\btath_a2dp.sys - ok
13:51:51.0815 4940 [ C864FF85EE16D61C2BDD5EF76824625F ] C:\Windows\System32\drivers\btath_hcrp.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\btath_hcrp.sys - ok
13:51:51.0815 4940 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] C:\Windows\System32\drivers\btath_rcp.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\btath_rcp.sys - ok
13:51:51.0815 4940 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\hidclass.sys - ok
13:51:51.0815 4940 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\hidparse.sys - ok
13:51:51.0815 4940 [ CBE61B4494165F458BD87E37181EE934 ] C:\Windows\System32\drivers\btath_flt.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\btath_flt.sys - ok
13:51:51.0815 4940 [ 0DEA505EFB5D771826D177EF8B8A208F ] C:\Windows\System32\drivers\btath_lwflt.sys
13:51:51.0815 4940 C:\Windows\System32\drivers\btath_lwflt.sys - ok
13:51:51.0830 4940 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
13:51:51.0830 4940 C:\Windows\System32\shlwapi.dll - ok
13:51:51.0830 4940 [ 8EA68FD3780DDDD5072F8CB830B3CB3D ] C:\Windows\System32\wininet.dll
13:51:51.0830 4940 C:\Windows\System32\wininet.dll - ok
13:51:51.0830 4940 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
13:51:51.0830 4940 C:\Windows\System32\setupapi.dll - ok
13:51:51.0830 4940 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
13:51:51.0830 4940 C:\Windows\System32\imagehlp.dll - ok
13:51:51.0830 4940 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
13:51:51.0830 4940 C:\Windows\System32\ws2_32.dll - ok
13:51:51.0830 4940 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
13:51:51.0830 4940 C:\Windows\System32\cfgmgr32.dll - ok
13:51:51.0846 4940 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
13:51:51.0846 4940 C:\Windows\System32\KernelBase.dll - ok
13:51:51.0846 4940 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
13:51:51.0846 4940 C:\Windows\System32\wintrust.dll - ok
13:51:51.0846 4940 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
13:51:51.0846 4940 C:\Windows\System32\crypt32.dll - ok
13:51:51.0846 4940 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
13:51:51.0846 4940 C:\Windows\System32\comctl32.dll - ok
13:51:51.0846 4940 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
13:51:51.0846 4940 C:\Windows\System32\devobj.dll - ok
13:51:51.0846 4940 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
13:51:51.0846 4940 C:\Windows\System32\msasn1.dll - ok
13:51:51.0862 4940 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
13:51:51.0862 4940 C:\Windows\SysWOW64\normaliz.dll - ok
13:51:51.0862 4940 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
13:51:51.0862 4940 C:\Windows\System32\drivers\dxapi.sys - ok
13:51:51.0862 4940 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
13:51:51.0862 4940 C:\Windows\System32\win32k.sys - ok
13:51:51.0862 4940 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
13:51:51.0862 4940 C:\Windows\System32\basesrv.dll - ok
13:51:51.0862 4940 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
13:51:51.0862 4940 C:\Windows\System32\csrsrv.dll - ok
13:51:51.0862 4940 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
13:51:51.0862 4940 C:\Windows\System32\csrss.exe - ok
13:51:51.0877 4940 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
13:51:51.0877 4940 C:\Windows\System32\winsrv.dll - ok
13:51:51.0877 4940 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
13:51:51.0877 4940 C:\Windows\System32\drivers\monitor.sys - ok

13:51:51.0877 4940 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
13:51:51.0877 4940 C:\Windows\System32\tsddd.dll - ok
13:51:51.0877 4940 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
13:51:51.0877 4940 C:\Windows\System32\sxssrv.dll - ok
13:51:51.0877 4940 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
13:51:51.0877 4940 C:\Windows\System32\wininit.exe - ok
13:51:51.0877 4940 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
13:51:51.0877 4940 C:\Windows\System32\cdd.dll - ok
13:51:51.0893 4940 [ EF8979B2B8802D7372F37529C4C1A094 ] C:\Windows\System32\nvinitx.dll
13:51:51.0893 4940 C:\Windows\System32\nvinitx.dll - ok
13:51:51.0893 4940 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
13:51:51.0893 4940 C:\Windows\System32\profapi.dll - ok
13:51:51.0893 4940 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
13:51:51.0893 4940 C:\Windows\System32\KBDUS.DLL - ok
13:51:51.0893 4940 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
13:51:51.0893 4940 C:\Windows\System32\RpcRtRemote.dll - ok
13:51:51.0893 4940 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
13:51:51.0893 4940 C:\Windows\System32\sxs.dll - ok
13:51:51.0893 4940 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
13:51:51.0908 4940 C:\Windows\System32\WlS0WndH.dll - ok
13:51:51.0908 4940 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
13:51:51.0908 4940 C:\Windows\System32\cryptbase.dll - ok
13:51:51.0908 4940 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
13:51:51.0908 4940 C:\Windows\System32\apphelp.dll - ok
13:51:51.0908 4940 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
13:51:51.0908 4940 C:\Windows\System32\lsasrv.dll - ok
13:51:51.0908 4940 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
13:51:51.0908 4940 C:\Windows\System32\lsass.exe - ok
13:51:51.0908 4940 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
13:51:51.0908 4940 C:\Windows\System32\lsm.exe - ok
13:51:51.0908 4940 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
13:51:51.0908 4940 C:\Windows\System32\services.exe - ok
13:51:51.0924 4940 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
13:51:51.0924 4940 C:\Windows\System32\sspisrv.dll - ok
13:51:51.0924 4940 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
13:51:51.0924 4940 C:\Windows\System32\sspicli.dll - ok
13:51:51.0924 4940 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
13:51:51.0924 4940 C:\Windows\System32\sysntfy.dll - ok
13:51:51.0924 4940 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
13:51:51.0924 4940 C:\Windows\System32\wmsgapi.dll - ok
13:51:51.0924 4940 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
13:51:51.0924 4940 C:\Windows\System32\samsrv.dll - ok
13:51:51.0924 4940 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
13:51:51.0924 4940 C:\Windows\System32\scesrv.dll - ok
13:51:51.0940 4940 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
13:51:51.0940 4940 C:\Windows\System32\scext.dll - ok
13:51:51.0940 4940 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
13:51:51.0940 4940 C:\Windows\System32\secur32.dll - ok
13:51:51.0940 4940 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
13:51:51.0940 4940 C:\Windows\System32\winlogon.exe - ok
13:51:51.0940 4940 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
13:51:51.0940 4940 C:\Windows\System32\winsta.dll - ok
13:51:51.0940 4940 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
13:51:51.0940 4940 C:\Windows\System32\srvcli.dll - ok
13:51:51.0955 4940 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
13:51:51.0955 4940 C:\Windows\System32\cryptdll.dll - ok
13:51:51.0955 4940 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
13:51:51.0955 4940 C:\Windows\System32\wevtapi.dll - ok
13:51:51.0955 4940 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
13:51:51.0955 4940 C:\Windows\System32\authz.dll - ok
13:51:51.0955 4940 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
13:51:51.0955 4940 C:\Windows\System32\cngaudit.dll - ok
13:51:51.0955 4940 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
13:51:51.0955 4940 C:\Windows\System32\ncrypt.dll - ok
13:51:51.0971 4940 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
13:51:51.0971 4940 C:\Windows\System32\bcrypt.dll - ok
13:51:51.0971 4940 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
13:51:51.0971 4940 C:\Windows\System32\msprivs.dll - ok
13:51:51.0971 4940 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
13:51:51.0971 4940 C:\Windows\System32\netjoin.dll - ok
13:51:51.0971 4940 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
13:51:51.0971 4940 C:\Windows\System32\kerberos.dll - ok
13:51:51.0971 4940 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
13:51:51.0971 4940 C:\Windows\System32\negoexts.dll - ok
13:51:51.0971 4940 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
13:51:51.0971 4940 C:\Windows\System32\cryptsp.dll - ok
13:51:51.0986 4940 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
13:51:51.0986 4940 C:\Windows\System32\mswsock.dll - ok
13:51:51.0986 4940 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
13:51:51.0986 4940 C:\Windows\System32\version.dll - ok
13:51:51.0986 4940 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
13:51:51.0986 4940 C:\Windows\System32\msv1_0.dll - ok
13:51:51.0986 4940 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
13:51:51.0986 4940 C:\Windows\System32\netlogon.dll - ok
13:51:51.0986 4940 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
13:51:51.0986 4940 C:\Windows\System32\wship6.dll - ok
13:51:51.0986 4940 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
13:51:51.0986 4940 C:\Windows\System32\dnsapi.dll - ok
13:51:52.0002 4940 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
13:51:52.0002 4940 C:\Windows\System32\logoncli.dll - ok
13:51:52.0002 4940 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
13:51:52.0002 4940 C:\Windows\System32\schannel.dll - ok
13:51:52.0002 4940 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
13:51:52.0002 4940 C:\Windows\System32\wdigest.dll - ok
13:51:52.0002 4940 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
13:51:52.0002 4940 C:\Windows\System32\pku2u.dll - ok
13:51:52.0002 4940 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
13:51:52.0002 4940 C:\Windows\System32\rsaenh.dll - ok
13:51:52.0018 4940 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
13:51:52.0018 4940 C:\Windows\System32\TSpkg.dll - ok
13:51:52.0018 4940 [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
13:51:52.0018 4940 C:\Windows\System32\LIVESSP.DLL - ok
13:51:52.0018 4940 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
13:51:52.0018 4940 C:\Windows\System32\bcryptprimitives.dll - ok
13:51:52.0018 4940 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
13:51:52.0018 4940 C:\Windows\System32\efslsaext.dll - ok
13:51:52.0018 4940 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
13:51:52.0018 4940 C:\Windows\System32\credssp.dll - ok
13:51:52.0033 4940 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
13:51:52.0033 4940 C:\Windows\System32\scecli.dll - ok
13:51:52.0033 4940 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
13:51:52.0033 4940 C:\Windows\System32\ubpm.dll - ok
13:51:52.0033 4940 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
13:51:52.0033 4940 C:\Windows\System32\svchost.exe - ok
13:51:52.0033 4940 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
13:51:52.0033 4940 C:\Windows\System32\umpnpmgr.dll - ok
13:51:52.0033 4940 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
13:51:52.0033 4940 C:\Windows\System32\devrtl.dll - ok
13:51:52.0033 4940 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
13:51:52.0033 4940 C:\Windows\System32\SPInf.dll - ok
13:51:52.0049 4940 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
13:51:52.0049 4940 C:\Windows\System32\gpapi.dll - ok
13:51:52.0049 4940 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
13:51:52.0049 4940 C:\Windows\System32\pcwum.dll - ok
13:51:52.0049 4940 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
13:51:52.0049 4940 C:\Windows\System32\umpo.dll - ok
13:51:52.0049 4940 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
13:51:52.0049 4940 C:\Windows\System32\userenv.dll - ok
13:51:52.0049 4940 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
13:51:52.0049 4940 C:\Windows\System32\powrprof.dll - ok
13:51:52.0064 4940 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
13:51:52.0064 4940 C:\Windows\System32\drivers\luafv.sys - ok
13:51:52.0064 4940 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
13:51:52.0064 4940 C:\Windows\System32\drivers\WUDFPf.sys - ok
13:51:52.0064 4940 [ 06633CF95BEA62164C3BFCA24BCE6B11 ] C:\Windows\System32\nvvsvc.exe
13:51:52.0064 4940 C:\Windows\System32\nvvsvc.exe - ok
13:51:52.0064 4940 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
13:51:52.0064 4940 C:\Windows\System32\rpcss.dll - ok
13:51:52.0064 4940 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
13:51:52.0064 4940 C:\Windows\System32\wtsapi32.dll - ok
13:51:52.0080 4940 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
13:51:52.0080 4940 C:\Windows\System32\RpcEpMap.dll - ok
13:51:52.0080 4940 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
13:51:52.0080 4940 C:\Windows\System32\wshqos.dll - ok
13:51:52.0080 4940 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
13:51:52.0080 4940 C:\Windows\System32\WSHTCPIP.DLL - ok
13:51:52.0080 4940 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
13:51:52.0080 4940 C:\Windows\System32\FirewallAPI.dll - ok
13:51:52.0080 4940 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
13:51:52.0080 4940 C:\Windows\System32\LogonUI.exe - ok
13:51:52.0080 4940 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
13:51:52.0080 4940 C:\Windows\System32\authui.dll - ok
13:51:52.0096 4940 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
13:51:52.0096 4940 C:\Windows\System32\wevtsvc.dll - ok
13:51:52.0096 4940 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
13:51:52.0096 4940 C:\Windows\System32\cryptui.dll - ok
13:51:52.0096 4940 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
13:51:52.0096 4940 C:\Windows\System32\audiosrv.dll - ok
13:51:52.0096 4940 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
13:51:52.0096 4940 C:\Windows\System32\mmcss.dll - ok
13:51:52.0096 4940 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
13:51:52.0096 4940 C:\Windows\System32\netprofm.dll - ok
13:51:52.0111 4940 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
13:51:52.0111 4940 C:\Windows\System32\avrt.dll - ok
13:51:52.0111 4940 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
13:51:52.0111 4940 C:\Windows\System32\adtschema.dll - ok
13:51:52.0111 4940 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
13:51:52.0111 4940 C:\Windows\System32\MMDevAPI.dll - ok
13:51:52.0111 4940 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
13:51:52.0111 4940 C:\Windows\System32\propsys.dll - ok
13:51:52.0111 4940 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
13:51:52.0111 4940 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
13:51:52.0111 4940 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
13:51:52.0111 4940 C:\Windows\System32\audiodg.exe - ok
13:51:52.0127 4940 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
13:51:52.0127 4940 C:\Windows\System32\ntmarta.dll - ok
13:51:52.0127 4940 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
13:51:52.0127 4940 C:\Windows\System32\samlib.dll - ok
13:51:52.0127 4940 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
13:51:52.0127 4940 C:\Windows\System32\shacct.dll - ok
13:51:52.0127 4940 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
13:51:52.0127 4940 C:\Windows\System32\gpsvc.dll - ok
13:51:52.0127 4940 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
13:51:52.0127 4940 C:\Windows\System32\uxtheme.dll - ok
13:51:52.0127 4940 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
13:51:52.0127 4940 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
13:51:52.0142 4940 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
13:51:52.0142 4940 C:\Windows\System32\nlaapi.dll - ok
13:51:52.0142 4940 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
13:51:52.0142 4940 C:\Windows\System32\profsvc.dll - ok
13:51:52.0142 4940 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
13:51:52.0142 4940 C:\Windows\System32\themeservice.dll - ok
13:51:52.0142 4940 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
13:51:52.0142 4940 C:\Windows\System32\atl.dll - ok
13:51:52.0142 4940 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
13:51:52.0142 4940 C:\Windows\System32\dsrole.dll - ok
13:51:52.0158 4940 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
13:51:52.0158 4940 C:\Windows\System32\es.dll - ok
13:51:52.0158 4940 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
13:51:52.0158 4940 C:\Windows\System32\slc.dll - ok
13:51:52.0158 4940 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
13:51:52.0158 4940 C:\Windows\System32\dui70.dll - ok
13:51:52.0158 4940 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
13:51:52.0158 4940 C:\Windows\System32\comres.dll - ok
13:51:52.0158 4940 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
13:51:52.0158 4940 C:\Windows\System32\Sens.dll - ok
13:51:52.0158 4940 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
13:51:52.0158 4940 C:\Windows\System32\uxsms.dll - ok
13:51:52.0174 4940 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
13:51:52.0174 4940 C:\Windows\System32\WUDFPlatform.dll - ok
13:51:52.0174 4940 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
13:51:52.0174 4940 C:\Windows\System32\WUDFSvc.dll - ok
13:51:52.0174 4940 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
13:51:52.0174 4940 C:\Windows\System32\drivers\lltdio.sys - ok
13:51:52.0174 4940 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
13:51:52.0174 4940 C:\Windows\System32\drivers\ndisuio.sys - ok
13:51:52.0174 4940 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
13:51:52.0174 4940 C:\Windows\System32\drivers\nwifi.sys - ok
13:51:52.0174 4940 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
13:51:52.0174 4940 C:\Windows\System32\drivers\rspndr.sys - ok
13:51:52.0189 4940 [ FD24F98D2898BE093FE926604BE7DB99 ] C:\Windows\System32\drivers\TurboB.sys
13:51:52.0189 4940 C:\Windows\System32\drivers\TurboB.sys - ok
13:51:52.0189 4940 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
13:51:52.0189 4940 C:\Windows\System32\IPHLPAPI.DLL - ok
13:51:52.0189 4940 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
13:51:52.0189 4940 C:\Windows\System32\lmhsvc.dll - ok
13:51:52.0189 4940 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
13:51:52.0189 4940 C:\Windows\System32\nsisvc.dll - ok
13:51:52.0189 4940 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
13:51:52.0189 4940 C:\Windows\System32\duser.dll - ok
13:51:52.0189 4940 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
13:51:52.0189 4940 C:\Windows\System32\dhcpcore.dll - ok
13:51:52.0205 4940 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
13:51:52.0205 4940 C:\Windows\System32\dnsrslvr.dll - ok
13:51:52.0205 4940 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
13:51:52.0205 4940 C:\Windows\System32\eapphost.dll - ok
13:51:52.0205 4940 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
13:51:52.0205 4940 C:\Windows\System32\eapsvc.dll - ok
13:51:52.0205 4940 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
13:51:52.0205 4940 C:\Windows\System32\keyiso.dll - ok
13:51:52.0205 4940 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
13:51:52.0205 4940 C:\Windows\System32\nrpsrv.dll - ok
13:51:52.0205 4940 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
13:51:52.0205 4940 C:\Windows\System32\winnsi.dll - ok
13:51:52.0220 4940 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
13:51:52.0220 4940 C:\Windows\System32\dhcpcore6.dll - ok
13:51:52.0220 4940 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
13:51:52.0220 4940 C:\Windows\System32\FWPUCLNT.DLL - ok
13:51:52.0220 4940 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
13:51:52.0220 4940 C:\Windows\System32\winmm.dll - ok
13:51:52.0220 4940 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
13:51:52.0220 4940 C:\Windows\System32\umb.dll - ok
13:51:52.0220 4940 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
13:51:52.0220 4940 C:\Windows\System32\wlansvc.dll - ok
13:51:52.0220 4940 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
13:51:52.0220 4940 C:\Windows\System32\SndVolSSO.dll - ok
13:51:52.0236 4940 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
13:51:52.0236 4940 C:\Windows\System32\dhcpcsvc.dll - ok
13:51:52.0236 4940 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
13:51:52.0236 4940 C:\Windows\System32\dhcpcsvc6.dll - ok
13:51:52.0236 4940 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
13:51:52.0236 4940 C:\Windows\System32\dnsext.dll - ok
13:51:52.0236 4940 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
13:51:52.0236 4940 C:\Windows\System32\hid.dll - ok
13:51:52.0236 4940 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
13:51:52.0236 4940 C:\Windows\System32\wdmaud.drv - ok
13:51:52.0252 4940 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
13:51:52.0252 4940 C:\Windows\System32\wlanmsm.dll - ok
13:51:52.0252 4940 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
13:51:52.0252 4940 C:\Windows\System32\wlansec.dll - ok
13:51:52.0252 4940 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
13:51:52.0252 4940 C:\Windows\System32\dwmapi.dll - ok
13:51:52.0252 4940 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
13:51:52.0252 4940 C:\Windows\System32\ksuser.dll - ok
13:51:52.0252 4940 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
13:51:52.0252 4940 C:\Windows\System32\xmllite.dll - ok
13:51:52.0252 4940 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
13:51:52.0252 4940 C:\Windows\System32\AudioSes.dll - ok
13:51:52.0267 4940 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
13:51:52.0267 4940 C:\Windows\System32\onex.dll - ok
13:51:52.0267 4940 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
13:51:52.0267 4940 C:\Windows\System32\eappcfg.dll - ok
13:51:52.0267 4940 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
13:51:52.0267 4940 C:\Windows\System32\eappprxy.dll - ok
13:51:52.0267 4940 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
13:51:52.0267 4940 C:\Windows\System32\midimap.dll - ok
13:51:52.0267 4940 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
13:51:52.0267 4940 C:\Windows\System32\msacm32.dll - ok
13:51:52.0283 4940 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
13:51:52.0283 4940 C:\Windows\System32\msacm32.drv - ok
13:51:52.0283 4940 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
13:51:52.0283 4940 C:\Windows\System32\wlgpclnt.dll - ok
13:51:52.0283 4940 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
13:51:52.0283 4940 C:\Windows\System32\AudioEng.dll - ok
13:51:52.0283 4940 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
13:51:52.0283 4940 C:\Windows\System32\l2gpstore.dll - ok
13:51:52.0283 4940 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
13:51:52.0283 4940 C:\Windows\System32\WindowsCodecs.dll - ok
13:51:52.0283 4940 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
13:51:52.0283 4940 C:\Windows\System32\WinSCard.dll - ok
13:51:52.0298 4940 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
13:51:52.0298 4940 C:\Windows\System32\wlanutil.dll - ok
13:51:52.0298 4940 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
13:51:52.0298 4940 C:\Windows\System32\AUDIOKSE.dll - ok
13:51:52.0298 4940 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
13:51:52.0298 4940 C:\Windows\System32\msxml6.dll - ok
13:51:52.0298 4940 [ 447FEBE57700621E277E7C8FDE866084 ] C:\Windows\System32\RtkAPO64.dll
13:51:52.0298 4940 C:\Windows\System32\RtkAPO64.dll - ok
13:51:52.0298 4940 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
13:51:52.0298 4940 C:\Windows\System32\winbrand.dll - ok
13:51:52.0314 4940 [ 6EE34F5A962FC2B9124EC1BEF9BE82B8 ] C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll
13:51:52.0314 4940 C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll - ok
13:51:52.0314 4940 [ 6E79A119B0CE418FE44E0C824BF3F039 ] C:\Windows\System32\FBAgent.exe
13:51:52.0314 4940 C:\Windows\System32\FBAgent.exe - ok
13:51:52.0314 4940 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
13:51:52.0314 4940 C:\Windows\System32\netapi32.dll - ok
13:51:52.0314 4940 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
13:51:52.0314 4940 C:\Windows\System32\netutils.dll - ok
13:51:52.0314 4940 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
13:51:52.0314 4940 C:\Windows\System32\wkscli.dll - ok
13:51:52.0314 4940 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
13:51:52.0314 4940 C:\Windows\System32\samcli.dll - ok
13:51:52.0330 4940 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
13:51:52.0330 4940 C:\Windows\System32\VaultCredProvider.dll - ok
13:51:52.0330 4940 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
13:51:52.0330 4940 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
13:51:52.0330 4940 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
13:51:52.0330 4940 C:\Windows\System32\msi.dll - ok
13:51:52.0330 4940 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
13:51:52.0330 4940 C:\Windows\System32\netcfgx.dll - ok
13:51:52.0330 4940 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
13:51:52.0330 4940 C:\Windows\System32\BioCredProv.dll - ok
13:51:52.0345 4940 [ D1DF74B41B2B0D76B832972D07CCACD6 ] C:\Windows\System32\SFAPO64.dll
13:51:52.0345 4940 C:\Windows\System32\SFAPO64.dll - ok
13:51:52.0345 4940 [ 24827B761D21FCEC4114EEC1320483F9 ] C:\Windows\System32\SFCOM64.dll
13:51:52.0345 4940 C:\Windows\System32\SFCOM64.dll - ok
13:51:52.0345 4940 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
13:51:52.0345 4940 C:\Windows\System32\winbio.dll - ok
13:51:52.0345 4940 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
13:51:52.0345 4940 C:\Windows\System32\credui.dll - ok
13:51:52.0345 4940 [ AFF64AE0550FFD82DB4B6D0D913FB652 ] C:\Windows\System32\SFNHK64.dll
13:51:52.0345 4940 C:\Windows\System32\SFNHK64.dll - ok
13:51:52.0361 4940 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
13:51:52.0361 4940 C:\Windows\System32\vaultcli.dll - ok
13:51:52.0361 4940 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
13:51:52.0361 4940 C:\Windows\System32\certCredProvider.dll - ok
13:51:52.0361 4940 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
13:51:52.0361 4940 C:\Windows\System32\WMALFXGFXDSP.dll - ok
13:51:52.0361 4940 [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
13:51:52.0361 4940 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
13:51:52.0361 4940 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
13:51:52.0361 4940 C:\Windows\System32\rasplap.dll - ok
13:51:52.0361 4940 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
13:51:52.0361 4940 C:\Windows\System32\rasapi32.dll - ok
13:51:52.0376 4940 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
13:51:52.0376 4940 C:\Windows\System32\rasman.dll - ok
13:51:52.0376 4940 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
13:51:52.0376 4940 C:\Windows\System32\rtutils.dll - ok
13:51:52.0376 4940 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
13:51:52.0376 4940 C:\Windows\System32\mfplat.dll - ok
13:51:52.0376 4940 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
13:51:52.0376 4940 C:\Windows\System32\UXInit.dll - ok
13:51:52.0376 4940 [ 278D494931E554F78FFAFFC6D629AB03 ] C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
13:51:52.0376 4940 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe - ok
13:51:52.0376 4940 [ E54DA80C33EF737EDFA53C95BAE91C3C ] C:\Windows\System32\nvsvc64.dll
13:51:52.0376 4940 C:\Windows\System32\nvsvc64.dll - ok
13:51:52.0392 4940 [ 7EDF1E16ED4DD5B7CD397E994BEBF2AC ] C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll
13:51:52.0392 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll - ok
13:51:52.0392 4940 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
13:51:52.0392 4940 C:\Windows\System32\mscms.dll - ok
13:51:52.0392 4940 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
13:51:52.0392 4940 C:\Windows\System32\pdh.dll - ok
13:51:52.0392 4940 [ 18E5C2F937F9DEB8C282DF66A3761925 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
13:51:52.0392 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
13:51:52.0392 4940 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
13:51:52.0392 4940 C:\Windows\SysWOW64\ntdll.dll - ok
13:51:52.0408 4940 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
13:51:52.0408 4940 C:\Windows\System32\wow64.dll - ok
13:51:52.0408 4940 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
13:51:52.0408 4940 C:\Windows\System32\wow64win.dll - ok
13:51:52.0408 4940 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
13:51:52.0408 4940 C:\Windows\System32\wow64cpu.dll - ok
13:51:52.0408 4940 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
13:51:52.0408 4940 C:\Windows\SysWOW64\kernel32.dll - ok
13:51:52.0408 4940 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
13:51:52.0408 4940 C:\Windows\SysWOW64\KernelBase.dll - ok
13:51:52.0408 4940 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
13:51:52.0408 4940 C:\Windows\SysWOW64\wtsapi32.dll - ok
13:51:52.0423 4940 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
13:51:52.0423 4940 C:\Windows\SysWOW64\msvcrt.dll - ok
13:51:52.0423 4940 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
13:51:52.0423 4940 C:\Windows\SysWOW64\rpcrt4.dll - ok
13:51:52.0423 4940 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
13:51:52.0423 4940 C:\Windows\SysWOW64\userenv.dll - ok
13:51:52.0423 4940 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
13:51:52.0423 4940 C:\Windows\System32\perfos.dll - ok
13:51:52.0423 4940 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
13:51:52.0423 4940 C:\Windows\System32\oleacc.dll - ok
13:51:52.0439 4940 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
13:51:52.0439 4940 C:\Windows\System32\UIAutomationCore.dll - ok
13:51:52.0439 4940 [ E4B976BBA2661E8FCA283FC48F7EFBEE ] C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
13:51:52.0439 4940 C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe - ok
13:51:52.0439 4940 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
13:51:52.0439 4940 C:\Windows\SysWOW64\user32.dll - ok
13:51:52.0439 4940 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
13:51:52.0439 4940 C:\Windows\SysWOW64\gdi32.dll - ok
13:51:52.0439 4940 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
13:51:52.0439 4940 C:\Windows\SysWOW64\lpk.dll - ok
13:51:52.0439 4940 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
13:51:52.0439 4940 C:\Windows\SysWOW64\usp10.dll - ok
13:51:52.0454 4940 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
13:51:52.0454 4940 C:\Windows\SysWOW64\advapi32.dll - ok
13:51:52.0454 4940 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
13:51:52.0454 4940 C:\Windows\SysWOW64\sechost.dll - ok
13:51:52.0454 4940 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
13:51:52.0454 4940 C:\Windows\System32\msimg32.dll - ok
13:51:52.0454 4940 [ E8193D02C73F61CDE7BF7B6D653CD68F ] C:\Windows\System32\nvapi64.dll
13:51:52.0454 4940 C:\Windows\System32\nvapi64.dll - ok
13:51:52.0470 4940 [ 0519803D97951F7E77DE12DDC7FBC731 ] C:\Windows\System32\nvsvcr.dll
13:51:52.0470 4940 C:\Windows\System32\nvsvcr.dll - ok
13:51:52.0474 4940 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
13:51:52.0474 4940 C:\Windows\System32\imageres.dll - ok
13:51:52.0478 4940 [ F89AA2BBF3F764D8B69E47CC34E47939 ] C:\Windows\System32\nvcpl.dll
13:51:52.0478 4940 C:\Windows\System32\nvcpl.dll - ok
13:51:52.0481 4940 [ 27880148EEACAD3C92CB0C0B0E5C10E3 ] C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll
13:51:52.0481 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll - ok
13:51:52.0484 4940 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
13:51:52.0484 4940 C:\Windows\SysWOW64\comdlg32.dll - ok
13:51:52.0487 4940 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
13:51:52.0487 4940 C:\Windows\SysWOW64\cryptbase.dll - ok
13:51:52.0491 4940 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
13:51:52.0491 4940 C:\Windows\SysWOW64\imm32.dll - ok
13:51:52.0495 4940 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
13:51:52.0495 4940 C:\Windows\SysWOW64\msimg32.dll - ok
13:51:52.0497 4940 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
13:51:52.0497 4940 C:\Windows\SysWOW64\profapi.dll - ok
13:51:52.0500 4940 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
13:51:52.0500 4940 C:\Windows\SysWOW64\sspicli.dll - ok
13:51:52.0502 4940 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
13:51:52.0502 4940 C:\Windows\SysWOW64\msctf.dll - ok
13:51:52.0506 4940 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
13:51:52.0506 4940 C:\Windows\SysWOW64\shlwapi.dll - ok
13:51:52.0510 4940 [ 04911DEC4691D4F14952610CC2F63BFF ] C:\Windows\SysWOW64\nvinit.dll
13:51:52.0510 4940 C:\Windows\SysWOW64\nvinit.dll - ok
13:51:52.0513 4940 [ 4C016FD76ED5C05E84CA8CAB77993961 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
13:51:52.0513 4940 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
13:51:52.0516 4940 [ 7910158929571214A959D5A6D16DD9C0 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
13:51:52.0516 4940 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
13:51:52.0519 4940 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
13:51:52.0519 4940 C:\Windows\SysWOW64\winsta.dll - ok
13:51:52.0522 4940 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
13:51:52.0523 4940 C:\Windows\System32\shsvcs.dll - ok
13:51:52.0527 4940 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
13:51:52.0527 4940 C:\Windows\System32\schedsvc.dll - ok
13:51:52.0531 4940 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
13:51:52.0531 4940 C:\Windows\System32\ktmw32.dll - ok
13:51:52.0533 4940 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
13:51:52.0533 4940 C:\Windows\System32\fveapi.dll - ok
13:51:52.0536 4940 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
13:51:52.0536 4940 C:\Windows\System32\fvecerts.dll - ok
13:51:52.0539 4940 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
13:51:52.0539 4940 C:\Windows\System32\tbs.dll - ok
13:51:52.0542 4940 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
13:51:52.0542 4940 C:\Windows\System32\wiarpc.dll - ok
13:51:52.0545 4940 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
13:51:52.0545 4940 C:\Windows\System32\taskcomp.dll - ok
13:51:52.0548 4940 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
13:51:52.0548 4940 C:\Windows\System32\drivers\http.sys - ok
13:51:52.0550 4940 [ B8FD1C5E3943EA2DD0FDBB46E2F275DE ] C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll
13:51:52.0551 4940 C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll - ok
13:51:52.0553 4940 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
13:51:52.0553 4940 C:\Windows\System32\MPSSVC.dll - ok
13:51:52.0557 4940 [ 16C75B02658C372655E331E1699A9FC1 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
13:51:52.0557 4940 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
13:51:52.0560 4940 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
13:51:52.0560 4940 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
13:51:52.0563 4940 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
13:51:52.0563 4940 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
13:51:52.0566 4940 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
13:51:52.0566 4940 C:\Windows\System32\winspool.drv - ok
13:51:52.0569 4940 [ 687CCC6C9CD006EBF023CD06A9E93A2E ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
13:51:52.0569 4940 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
13:51:52.0571 4940 [ F5DCD55DB8C30B9BA6D91455F16AB3FF ] C:\Windows\System32\nvumdshimx.dll
13:51:52.0572 4940 C:\Windows\System32\nvumdshimx.dll - ok
13:51:52.0575 4940 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
13:51:52.0575 4940 C:\Windows\System32\dllhost.exe - ok
13:51:52.0578 4940 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
13:51:52.0578 4940 C:\Windows\System32\IDStore.dll - ok
13:51:52.0581 4940 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
13:51:52.0581 4940 C:\Windows\System32\spoolsv.exe - ok
13:51:52.0583 4940 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
13:51:52.0583 4940 C:\Windows\System32\mpr.dll - ok
13:51:52.0586 4940 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
13:51:52.0586 4940 C:\Windows\System32\userinit.exe - ok
13:51:52.0589 4940 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
13:51:52.0589 4940 C:\Windows\System32\dwm.exe - ok
13:51:52.0593 4940 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
13:51:52.0593 4940 C:\Windows\System32\dwmredir.dll - ok
13:51:52.0596 4940 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
13:51:52.0596 4940 C:\Windows\System32\dwmcore.dll - ok
13:51:52.0599 4940 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
13:51:52.0599 4940 C:\Windows\System32\d3d10_1.dll - ok
13:51:52.0602 4940 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
13:51:52.0602 4940 C:\Windows\System32\d3d10_1core.dll - ok
13:51:52.0604 4940 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
13:51:52.0604 4940 C:\Windows\System32\dxgi.dll - ok
13:51:52.0608 4940 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
13:51:52.0608 4940 C:\Windows\explorer.exe - ok
13:51:52.0612 4940 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
13:51:52.0612 4940 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
13:51:52.0615 4940 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
13:51:52.0615 4940 C:\Windows\System32\BFE.DLL - ok
13:51:52.0618 4940 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
13:51:52.0618 4940 C:\Windows\System32\taskeng.exe - ok
13:51:52.0621 4940 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
13:51:52.0621 4940 C:\Windows\System32\drivers\bowser.sys - ok
13:51:52.0625 4940 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
13:51:52.0625 4940 C:\Windows\System32\drivers\mpsdrv.sys - ok
13:51:52.0629 4940 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
13:51:52.0629 4940 C:\Windows\System32\drivers\mrxsmb.sys - ok
13:51:52.0632 4940 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
13:51:52.0632 4940 C:\Windows\System32\drivers\mrxsmb10.sys - ok
13:51:52.0635 4940 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
13:51:52.0635 4940 C:\Windows\System32\drivers\mrxsmb20.sys - ok
13:51:52.0638 4940 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
13:51:52.0638 4940 C:\Windows\System32\wkssvc.dll - ok
13:51:52.0642 4940 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
13:51:52.0642 4940 C:\Windows\System32\TSChannel.dll - ok
13:51:52.0645 4940 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
13:51:52.0646 4940 C:\Windows\System32\wfapigp.dll - ok
13:51:52.0649 4940 [ 360E61217D4E1E333583D0C721057F70 ] C:\Windows\System32\drivers\tmcomm.sys
13:51:52.0649 4940 C:\Windows\System32\drivers\tmcomm.sys - ok
13:51:52.0652 4940 [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:51:52.0652 4940 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
13:51:52.0657 4940 [ 699D34EB7C670139CA23A65372BD5743 ] C:\Windows\System32\drivers\tmevtmgr.sys
13:51:52.0657 4940 C:\Windows\System32\drivers\tmevtmgr.sys - ok
13:51:52.0662 4940 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
13:51:52.0662 4940 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
13:51:52.0667 4940 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
13:51:52.0667 4940 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
13:51:52.0670 4940 [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
13:51:52.0670 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
13:51:52.0676 4940 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
13:51:52.0676 4940 C:\Windows\SysWOW64\version.dll - ok
13:51:52.0681 4940 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
13:51:52.0681 4940 C:\Windows\System32\pcasvc.dll - ok
13:51:52.0685 4940 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
13:51:52.0685 4940 C:\Windows\System32\snmptrap.exe - ok
13:51:52.0689 4940 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
13:51:52.0689 4940 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
13:51:52.0694 4940 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
13:51:52.0694 4940 C:\Windows\System32\provsvc.dll - ok
13:51:52.0699 4940 [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
13:51:52.0699 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
13:51:52.0703 4940 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
13:51:52.0704 4940 C:\Windows\System32\sstpsvc.dll - ok
13:51:52.0707 4940 [ D3259D0DFC6A69AF54240A59A86F07BD ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
13:51:52.0707 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
13:51:52.0712 4940 [ 937136835AEF6B4382D7DF6C5FC099EE ] C:\Windows\AsPatch10430001.exe
13:51:52.0712 4940 C:\Windows\AsPatch10430001.exe - ok
13:51:52.0716 4940 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
13:51:52.0716 4940 C:\Windows\SysWOW64\shell32.dll - ok
13:51:52.0721 4940 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
13:51:52.0721 4940 C:\Windows\SysWOW64\ws2_32.dll - ok
13:51:52.0727 4940 [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
13:51:52.0727 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
13:51:52.0730 4940 [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
13:51:52.0731 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
13:51:52.0734 4940 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
13:51:52.0734 4940 C:\Windows\SysWOW64\nsi.dll - ok
13:51:52.0738 4940 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
13:51:52.0738 4940 C:\Windows\SysWOW64\winspool.drv - ok
13:51:52.0743 4940 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
13:51:52.0743 4940 C:\Windows\SysWOW64\wsock32.dll - ok
13:51:52.0743 4940 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
13:51:52.0743 4940 C:\Windows\SysWOW64\ole32.dll - ok
13:51:52.0743 4940 [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
13:51:52.0743 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
13:51:52.0743 4940 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
13:51:52.0743 4940 C:\Windows\SysWOW64\winmm.dll - ok
13:51:52.0759 4940 [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
13:51:52.0759 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
13:51:52.0759 4940 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
13:51:52.0759 4940 C:\Windows\SysWOW64\oleaut32.dll - ok
13:51:52.0759 4940 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
13:51:52.0759 4940 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
13:51:52.0759 4940 [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
13:51:52.0759 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
13:51:52.0774 4940 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
13:51:52.0774 4940 C:\Windows\SysWOW64\crypt32.dll - ok
13:51:52.0774 4940 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
13:51:52.0774 4940 C:\Windows\SysWOW64\netapi32.dll - ok
13:51:52.0774 4940 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
13:51:52.0774 4940 C:\Windows\SysWOW64\netutils.dll - ok
13:51:52.0774 4940 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
13:51:52.0774 4940 C:\Windows\SysWOW64\samcli.dll - ok
13:51:52.0774 4940 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
13:51:52.0774 4940 C:\Windows\SysWOW64\srvcli.dll - ok
13:51:52.0790 4940 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
13:51:52.0790 4940 C:\Windows\SysWOW64\wkscli.dll - ok
13:51:52.0790 4940 [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
13:51:52.0790 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
13:51:52.0790 4940 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
13:51:52.0790 4940 C:\Windows\SysWOW64\msasn1.dll - ok
13:51:52.0790 4940 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
13:51:52.0790 4940 C:\Windows\SysWOW64\uxtheme.dll - ok
13:51:52.0805 4940 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
13:51:52.0805 4940 C:\Windows\SysWOW64\clbcatq.dll - ok
13:51:52.0805 4940 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
13:51:52.0805 4940 C:\Windows\System32\ExplorerFrame.dll - ok
13:51:52.0805 4940 [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
13:51:52.0805 4940 C:\Windows\SysWOW64\quartz.dll - ok
13:51:52.0805 4940 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
13:51:52.0805 4940 C:\Windows\SysWOW64\dwmapi.dll - ok
13:51:52.0805 4940 [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
13:51:52.0821 4940 C:\Windows\SysWOW64\qcap.dll - ok
13:51:52.0821 4940 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
13:51:52.0821 4940 C:\Windows\SysWOW64\msvfw32.dll - ok
13:51:52.0821 4940 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
13:51:52.0821 4940 C:\Windows\SysWOW64\apphelp.dll - ok
13:51:52.0821 4940 [ 01F61F0F2B551EAEE2C12619B13B93D2 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
13:51:52.0821 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
13:51:52.0821 4940 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
13:51:52.0821 4940 C:\Windows\SysWOW64\setupapi.dll - ok
13:51:52.0837 4940 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
13:51:52.0837 4940 C:\Windows\SysWOW64\cfgmgr32.dll - ok
13:51:52.0837 4940 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
13:51:52.0837 4940 C:\Windows\SysWOW64\devobj.dll - ok
13:51:52.0837 4940 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
13:51:52.0837 4940 C:\Windows\SysWOW64\wintrust.dll - ok
13:51:52.0837 4940 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
13:51:52.0837 4940 C:\Windows\SysWOW64\MMDevAPI.dll - ok
13:51:52.0837 4940 [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
13:51:52.0837 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
13:51:52.0852 4940 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
13:51:52.0852 4940 C:\Windows\SysWOW64\propsys.dll - ok
13:51:52.0852 4940 [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
13:51:52.0852 4940 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
13:51:52.0852 4940 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
13:51:52.0852 4940 C:\Windows\SysWOW64\AudioSes.dll - ok
13:51:52.0852 4940 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
13:51:52.0852 4940 C:\Windows\SysWOW64\dnssd.dll - ok
13:51:52.0868 4940 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
13:51:52.0868 4940 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
13:51:52.0868 4940 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
13:51:52.0868 4940 C:\Windows\SysWOW64\wbemcomn.dll - ok
13:51:52.0868 4940 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
13:51:52.0868 4940 C:\Windows\SysWOW64\cryptsp.dll - ok
13:51:52.0868 4940 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
13:51:52.0868 4940 C:\Windows\SysWOW64\ntmarta.dll - ok
13:51:52.0868 4940 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
13:51:52.0868 4940 C:\Windows\SysWOW64\Wldap32.dll - ok
13:51:52.0883 4940 [ 4C4A576818EA028257C624AE36FF7A03 ] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:51:52.0883 4940 C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - ok
13:51:52.0883 4940 [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
13:51:52.0883 4940 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
13:51:52.0883 4940 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
13:51:52.0883 4940 C:\Windows\SysWOW64\mswsock.dll - ok
13:51:52.0883 4940 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
13:51:52.0883 4940 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
13:51:52.0899 4940 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
13:51:52.0899 4940 C:\Windows\SysWOW64\wlanapi.dll - ok
13:51:52.0899 4940 [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\SysWOW64\wininet.dll
13:51:52.0899 4940 C:\Windows\SysWOW64\wininet.dll - ok
13:51:52.0899 4940 [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\SysWOW64\iertutil.dll
13:51:52.0899 4940 C:\Windows\SysWOW64\iertutil.dll - ok
13:51:52.0899 4940 [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\SysWOW64\urlmon.dll
13:51:52.0899 4940 C:\Windows\SysWOW64\urlmon.dll - ok
13:51:52.0899 4940 [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
13:51:52.0899 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
13:51:52.0915 4940 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
13:51:52.0915 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
13:51:52.0915 4940 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
13:51:52.0915 4940 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
13:51:52.0915 4940 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
13:51:52.0915 4940 C:\Windows\SysWOW64\winnsi.dll - ok
13:51:52.0930 4940 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
13:51:52.0930 4940 C:\Windows\SysWOW64\bthprops.cpl - ok
13:51:52.0930 4940 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
13:51:52.0930 4940 C:\Windows\SysWOW64\wlanutil.dll - ok
13:51:52.0930 4940 [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
13:51:52.0930 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
13:51:52.0930 4940 [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
13:51:52.0930 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
13:51:52.0946 4940 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
13:51:52.0946 4940 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
13:51:52.0946 4940 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
13:51:52.0946 4940 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
13:51:52.0946 4940 [ 50D28F3F8B7C17056520C80A29EFE17C ] C:\Windows\System32\lpksetup.exe
13:51:52.0946 4940 C:\Windows\System32\lpksetup.exe - ok
13:51:52.0946 4940 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
13:51:52.0946 4940 C:\Windows\SysWOW64\mfc42.dll - ok
13:51:52.0946 4940 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
13:51:52.0946 4940 C:\Windows\SysWOW64\odbc32.dll - ok
13:51:52.0961 4940 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
13:51:52.0961 4940 C:\Windows\SysWOW64\odbcint.dll - ok
13:51:52.0961 4940 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
13:51:52.0961 4940 C:\Windows\System32\dpx.dll - ok
13:51:52.0961 4940 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
13:51:52.0961 4940 C:\Windows\System32\comsvcs.dll - ok
13:51:52.0961 4940 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
13:51:52.0961 4940 C:\Windows\System32\drivers\fltMgr.sys - ok
13:51:52.0977 4940 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
13:51:52.0977 4940 C:\Windows\System32\PSHED.DLL - ok
13:51:52.0977 4940 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
13:51:52.0977 4940 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
13:51:52.0977 4940 [ 21753130331188C4B474E1D3B396E629 ] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
13:51:52.0977 4940 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe - ok
13:51:52.0977 4940 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
13:51:52.0977 4940 C:\Windows\System32\bthprops.cpl - ok
13:51:52.0977 4940 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
13:51:52.0977 4940 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
13:51:52.0993 4940 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
13:51:52.0993 4940 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
13:51:52.0993 4940 [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
13:51:52.0993 4940 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
13:51:52.0993 4940 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
13:51:52.0993 4940 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
13:51:53.0008 4940 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
13:51:53.0008 4940 C:\Program Files\Bonjour\mDNSResponder.exe - ok
13:51:53.0008 4940 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
13:51:53.0008 4940 C:\Windows\System32\taskhost.exe - ok
13:51:53.0008 4940 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
13:51:53.0008 4940 C:\Windows\System32\aepic.dll - ok
13:51:53.0008 4940 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
13:51:53.0008 4940 C:\Windows\System32\FDResPub.dll - ok
13:51:53.0008 4940 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
13:51:53.0008 4940 C:\Windows\System32\PlaySndSrv.dll - ok
13:51:53.0024 4940 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
13:51:53.0024 4940 C:\Windows\System32\sfc.dll - ok
13:51:53.0024 4940 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
13:51:53.0024 4940 C:\Windows\System32\sfc_os.dll - ok
13:51:53.0024 4940 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
13:51:53.0024 4940 C:\Windows\System32\drivers\PEAuth.sys - ok
13:51:53.0024 4940 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
13:51:53.0024 4940 C:\Windows\System32\dps.dll - ok
13:51:53.0039 4940 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
13:51:53.0039 4940 C:\Windows\System32\cryptnet.dll - ok
13:51:53.0039 4940 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
13:51:53.0039 4940 C:\Windows\System32\cryptsvc.dll - ok
13:51:53.0039 4940 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
13:51:53.0039 4940 C:\Windows\System32\WSDApi.dll - ok
13:51:53.0039 4940 [ CC781378E7EDA615D2CDCA3B17829FA4 ] C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
13:51:53.0039 4940 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE - ok
13:51:53.0039 4940 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
13:51:53.0039 4940 C:\Windows\System32\aeevts.dll - ok
13:51:53.0055 4940 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
13:51:53.0055 4940 C:\Windows\SysWOW64\winhttp.dll - ok
13:51:53.0055 4940 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
13:51:53.0055 4940 C:\Windows\System32\taskschd.dll - ok
13:51:53.0055 4940 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
13:51:53.0055 4940 C:\Windows\System32\webservices.dll - ok
13:51:53.0055 4940 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
13:51:53.0055 4940 C:\Windows\System32\fundisc.dll - ok
13:51:53.0055 4940 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
13:51:53.0055 4940 C:\Windows\System32\winhttp.dll - ok
13:51:53.0071 4940 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
13:51:53.0071 4940 C:\Windows\SysWOW64\rsaenh.dll - ok
13:51:53.0071 4940 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
13:51:53.0071 4940 C:\Windows\System32\httpapi.dll - ok
13:51:53.0071 4940 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
13:51:53.0071 4940 C:\Windows\System32\webio.dll - ok
13:51:53.0071 4940 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
13:51:53.0071 4940 C:\Windows\SysWOW64\webio.dll - ok
13:51:53.0071 4940 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
13:51:53.0071 4940 C:\Windows\SysWOW64\SensApi.dll - ok
13:51:53.0086 4940 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
13:51:53.0086 4940 C:\Windows\SysWOW64\msxml6.dll - ok
13:51:53.0086 4940 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
13:51:53.0086 4940 C:\Windows\System32\drivers\secdrv.sys - ok
13:51:53.0086 4940 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
13:51:53.0086 4940 C:\Windows\System32\drivers\srvnet.sys - ok
13:51:53.0086 4940 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
13:51:53.0086 4940 C:\Windows\System32\drivers\tcpipreg.sys - ok
13:51:53.0102 4940 [ 69D76CE06BB629B69165C81D83A4B03E ] C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
13:51:53.0102 4940 C:\Program Files\Trend Micro\Titanium\TiMiniService.exe - ok
13:51:53.0102 4940 [ 7544263D5BEDD291399BD970AB055F6A ] C:\Program Files\Trend Micro\Titanium\TmDbgLog.dll
13:51:53.0102 4940 C:\Program Files\Trend Micro\Titanium\TmDbgLog.dll - ok
13:51:53.0102 4940 [ 0ADF410187B71C9B855721C8D59CEC7A ] C:\ExpressGateUtil\VAWinService.exe
13:51:53.0102 4940 C:\ExpressGateUtil\VAWinService.exe - ok
13:51:53.0102 4940 [ E852C399D73B84E682816F55C9F8ABB4 ] C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
13:51:53.0102 4940 C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe - ok
13:51:53.0102 4940 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
13:51:53.0102 4940 C:\Windows\System32\conhost.exe - ok
13:51:53.0102 4940 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
13:51:53.0102 4940 C:\Windows\System32\sysmain.dll - ok
13:51:53.0117 4940 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
13:51:53.0117 4940 C:\Windows\System32\trkwks.dll - ok
13:51:53.0117 4940 [ BFD472F623B53DBB23D9533502C5E088 ] C:\ExpressGateUtil\libexpat.dll
13:51:53.0117 4940 C:\ExpressGateUtil\libexpat.dll - ok
13:51:53.0117 4940 [ 9111AEDC276C8BB2D9CA568CD3EB92BA ] C:\Program Files\Trend Micro\Titanium\VizorUniclientLibrary.dll
13:51:53.0117 4940 C:\Program Files\Trend Micro\Titanium\VizorUniclientLibrary.dll - ok
13:51:53.0117 4940 [ 50A142496351756730CB683E00391562 ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
13:51:53.0117 4940 C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
13:51:53.0117 4940 [ 97902BF4AE575FD11D092616DB62E2C4 ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
13:51:53.0117 4940 C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll - ok
13:51:53.0133 4940 [ 8158913139DD41770A6A0DB62374A15A ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
13:51:53.0133 4940 C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll - ok
13:51:53.0133 4940 [ B9562B9088E56D01F04F72A2452018F9 ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
13:51:53.0133 4940 C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
13:51:53.0133 4940 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
13:51:53.0133 4940 C:\Windows\System32\nlasvc.dll - ok
13:51:53.0133 4940 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
13:51:53.0133 4940 C:\Windows\System32\ncsi.dll - ok
13:51:53.0133 4940 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
13:51:53.0133 4940 C:\Windows\System32\vssapi.dll - ok
13:51:53.0149 4940 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
13:51:53.0149 4940 C:\Windows\System32\ssdpapi.dll - ok
13:51:53.0149 4940 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
13:51:53.0149 4940 C:\Windows\System32\vsstrace.dll - ok
13:51:53.0149 4940 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
13:51:53.0149 4940 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
13:51:53.0149 4940 [ 205D43DD91BCD857BCA16FF16EF6DE20 ] C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll
13:51:53.0149 4940 C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll - ok
13:51:53.0149 4940 [ 717484C33B2993DEC02A3DEB44E74534 ] C:\Program Files\Trend Micro\AMSP\utilIPC.dll
13:51:53.0149 4940 C:\Program Files\Trend Micro\AMSP\utilIPC.dll - ok
13:51:53.0164 4940 [ 9423C9A80BFAE56CBACF82097AE17F78 ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
13:51:53.0164 4940 C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
13:51:53.0164 4940 [ 559BCDFE4F46B4AD2CAC0528A9BCB7AA ] C:\Program Files\Trend Micro\AMSP\utilRPC.dll
13:51:53.0164 4940 C:\Program Files\Trend Micro\AMSP\utilRPC.dll - ok
13:51:53.0164 4940 [ 6693F4D635561B765AC40CE754187AA8 ] C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll
13:51:53.0164 4940 C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll - ok
13:51:53.0164 4940 [ 85605784E07B17A6C3C69444BF8792DA ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
13:51:53.0164 4940 C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
13:51:53.0164 4940 [ DB62CB0840BF84E9DFD646F39B6EF742 ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
13:51:53.0164 4940 C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
13:51:53.0180 4940 [ EBE9542554DAF801DA24CFDBC6AA209E ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
13:51:53.0180 4940 C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
13:51:53.0180 4940 [ A6E2D1522F23C854611F272EBEB30948 ] C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll
13:51:53.0180 4940 C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll - ok
13:51:53.0180 4940 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
13:51:53.0180 4940 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
13:51:53.0180 4940 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
13:51:53.0180 4940 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
13:51:53.0180 4940 [ 7E3942EEF99B9A0AB7796910AE177A2B ] C:\ExpressGateUtil\netProfileDatabase.dll
13:51:53.0180 4940 C:\ExpressGateUtil\netProfileDatabase.dll - ok
13:51:53.0195 4940 [ EF51747440486C23BD466311048BD924 ] C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe
13:51:53.0195 4940 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe - ok
13:51:53.0195 4940 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
13:51:53.0195 4940 C:\Windows\SysWOW64\mscoree.dll - ok
13:51:53.0195 4940 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
13:51:53.0195 4940 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
13:51:53.0195 4940 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:51:53.0195 4940 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
13:51:53.0195 4940 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
13:51:53.0195 4940 C:\Windows\System32\wbem\WMIsvc.dll - ok
13:51:53.0211 4940 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
13:51:53.0211 4940 C:\Windows\System32\wbemcomn.dll - ok
13:51:53.0211 4940 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
13:51:53.0211 4940 C:\Windows\System32\wbem\wbemcore.dll - ok
13:51:53.0211 4940 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
13:51:53.0211 4940 C:\Windows\System32\wbem\WinMgmtR.dll - ok
13:51:53.0211 4940 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
13:51:53.0211 4940 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
13:51:53.0211 4940 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
13:51:53.0211 4940 C:\Windows\System32\wbem\fastprox.dll - ok
13:51:53.0227 4940 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
13:51:53.0227 4940 C:\Windows\System32\ntdsapi.dll - ok
13:51:53.0227 4940 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
13:51:53.0227 4940 C:\Windows\System32\wbem\wbemprox.dll - ok
13:51:53.0227 4940 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
13:51:53.0227 4940 C:\Windows\System32\wbem\esscli.dll - ok
13:51:53.0227 4940 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
13:51:53.0227 4940 C:\Windows\System32\wbem\wbemsvc.dll - ok
13:51:53.0227 4940 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
13:51:53.0227 4940 C:\Windows\System32\wbem\wmiutils.dll - ok
13:51:53.0242 4940 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
13:51:53.0242 4940 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
13:51:53.0242 4940 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
13:51:53.0242 4940 C:\Windows\System32\wbem\repdrvfs.dll - ok
13:51:53.0242 4940 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
13:51:53.0242 4940 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
13:51:53.0242 4940 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
13:51:53.0242 4940 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
13:51:53.0242 4940 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
13:51:53.0242 4940 C:\Windows\System32\SensApi.dll - ok
13:51:53.0258 4940 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
13:51:53.0258 4940 C:\Windows\System32\wer.dll - ok
13:51:53.0258 4940 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
13:51:53.0258 4940 C:\Windows\System32\iphlpsvc.dll - ok
13:51:53.0258 4940 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
13:51:53.0258 4940 C:\Windows\System32\drivers\srv2.sys - ok
13:51:53.0258 4940 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
13:51:53.0258 4940 C:\Windows\System32\sqmapi.dll - ok
13:51:53.0258 4940 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
13:51:53.0258 4940 C:\Windows\System32\wdscore.dll - ok
13:51:53.0273 4940 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
13:51:53.0273 4940 C:\Windows\System32\hnetcfg.dll - ok
13:51:53.0273 4940 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
13:51:53.0273 4940 C:\Windows\System32\drivers\srv.sys - ok
13:51:53.0273 4940 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
13:51:53.0273 4940 C:\Windows\System32\MsCtfMonitor.dll - ok
13:51:53.0273 4940 [ 4552F8F61A7975C2359D19673483604D ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
13:51:53.0273 4940 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
13:51:53.0289 4940 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
13:51:53.0289 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
13:51:53.0289 4940 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
13:51:53.0289 4940 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
13:51:53.0289 4940 [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
13:51:53.0289 4940 C:\Windows\System32\alg.exe - ok
13:51:53.0289 4940 [ E8494519BCB9E3B1B72E5604993A76E3 ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
13:51:53.0289 4940 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
13:51:53.0289 4940 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:51:53.0289 4940 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
13:51:53.0305 4940 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:51:53.0305 4940 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
13:51:53.0305 4940 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
13:51:53.0305 4940 C:\Windows\ehome\ehrecvr.exe - ok
13:51:53.0305 4940 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
13:51:53.0305 4940 C:\Windows\ehome\ehsched.exe - ok
13:51:53.0305 4940 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
13:51:53.0305 4940 C:\Windows\System32\FXSSVC.exe - ok
13:51:53.0305 4940 [ 715CFFF09131C968E1A72424D89D2627 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
13:51:53.0305 4940 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
13:51:53.0320 4940 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
13:51:53.0320 4940 C:\Windows\System32\msxml3.dll - ok

13:51:53.0320 4940 [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
13:51:53.0320 4940 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
13:51:53.0320 4940 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
13:51:53.0320 4940 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
13:51:53.0320 4940 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
13:51:53.0320 4940 C:\Windows\System32\ncobjapi.dll - ok
13:51:53.0336 4940 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
13:51:53.0336 4940 C:\Windows\System32\srvsvc.dll - ok
13:51:53.0336 4940 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
13:51:53.0336 4940 C:\Windows\System32\browser.dll - ok
13:51:53.0336 4940 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
13:51:53.0336 4940 C:\Windows\System32\netmsg.dll - ok
13:51:53.0336 4940 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
13:51:53.0336 4940 C:\Windows\System32\sscore.dll - ok
13:51:53.0351 4940 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
13:51:53.0351 4940 C:\Windows\System32\clusapi.dll - ok
13:51:53.0351 4940 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
13:51:53.0351 4940 C:\Windows\System32\resutils.dll - ok
13:51:53.0351 4940 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
13:51:53.0351 4940 C:\Windows\System32\wbem\wbemess.dll - ok
13:51:53.0367 4940 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:51:53.0367 4940 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
13:51:53.0367 4940 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
13:51:53.0367 4940 C:\Windows\System32\msutb.dll - ok
13:51:53.0367 4940 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
13:51:53.0367 4940 C:\Windows\System32\HotStartUserAgent.dll - ok
13:51:53.0367 4940 [ F4DCD4912B185C3AAEB92A7040832AD1 ] C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
13:51:53.0367 4940 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe - ok
13:51:53.0367 4940 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
13:51:53.0367 4940 C:\Windows\System32\dssenh.dll - ok
13:51:53.0383 4940 [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
13:51:53.0383 4940 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
13:51:53.0383 4940 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
13:51:53.0383 4940 C:\Windows\System32\wdi.dll - ok
13:51:53.0383 4940 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
13:51:53.0383 4940 C:\Windows\System32\appinfo.dll - ok
13:51:53.0383 4940 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
13:51:53.0383 4940 C:\Program Files\Bonjour\mdnsNSP.dll - ok
13:51:53.0383 4940 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
13:51:53.0383 4940 C:\Windows\System32\rasadhlp.dll - ok
13:51:53.0398 4940 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
13:51:53.0398 4940 C:\Windows\System32\bthserv.dll - ok
13:51:53.0398 4940 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
13:51:53.0398 4940 C:\Windows\System32\NapiNSP.dll - ok
13:51:53.0398 4940 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
13:51:53.0398 4940 C:\Windows\System32\npmproxy.dll - ok
13:51:53.0398 4940 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
13:51:53.0398 4940 C:\Windows\System32\pnrpnsp.dll - ok
13:51:53.0398 4940 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
13:51:53.0398 4940 C:\Windows\System32\winrnr.dll - ok
13:51:53.0398 4940 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
13:51:53.0398 4940 C:\Windows\System32\wpdbusenum.dll - ok
13:51:53.0414 4940 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
13:51:53.0414 4940 C:\Windows\System32\wshbth.dll - ok
13:51:53.0414 4940 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
13:51:53.0414 4940 C:\Windows\System32\shfolder.dll - ok
13:51:53.0414 4940 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
13:51:53.0414 4940 C:\Windows\System32\diagperf.dll - ok
13:51:53.0414 4940 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
13:51:53.0414 4940 C:\Windows\System32\hidserv.dll - ok
13:51:53.0414 4940 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
13:51:53.0414 4940 C:\Windows\System32\perftrack.dll - ok
13:51:53.0429 4940 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
13:51:53.0429 4940 C:\Windows\System32\PortableDeviceApi.dll - ok
13:51:53.0429 4940 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
13:51:53.0429 4940 C:\Windows\System32\pnpts.dll - ok
13:51:53.0429 4940 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
13:51:53.0429 4940 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
13:51:53.0429 4940 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
13:51:53.0429 4940 C:\Windows\System32\radardt.dll - ok
13:51:53.0429 4940 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
13:51:53.0429 4940 C:\Windows\System32\Apphlpdm.dll - ok
13:51:53.0429 4940 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
13:51:53.0429 4940 C:\Windows\System32\p2pcollab.dll - ok
13:51:53.0445 4940 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
13:51:53.0445 4940 C:\Windows\System32\wdiasqmmodule.dll - ok
13:51:53.0445 4940 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
13:51:53.0445 4940 C:\Windows\System32\QAGENTRT.DLL - ok
13:51:53.0445 4940 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
13:51:53.0445 4940 C:\Windows\System32\fveui.dll - ok
13:51:53.0445 4940 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
13:51:53.0445 4940 C:\Windows\System32\IPSECSVC.DLL - ok
13:51:53.0445 4940 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
13:51:53.0445 4940 C:\Windows\System32\FwRemoteSvr.dll - ok
13:51:53.0461 4940 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
13:51:53.0461 4940 C:\Windows\System32\dimsjob.dll - ok
13:51:53.0461 4940 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
13:51:53.0461 4940 C:\Windows\System32\pautoenr.dll - ok
13:51:53.0461 4940 [ 8CF4B0337B06CCC624C20EE4C934767E ] C:\Windows\System32\lpksetupproxyserv.dll
13:51:53.0461 4940 C:\Windows\System32\lpksetupproxyserv.dll - ok
13:51:53.0461 4940 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
13:51:53.0461 4940 C:\Windows\servicing\TrustedInstaller.exe - ok
13:51:53.0461 4940 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
13:51:53.0461 4940 C:\Windows\System32\dbghelp.dll - ok
13:51:53.0461 4940 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
13:51:53.0461 4940 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
13:51:53.0476 4940 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
13:51:53.0476 4940 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
13:51:53.0476 4940 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll
13:51:53.0476 4940 C:\Program Files (x86)\Google\Update\1.3.21.115\goopdate.dll - ok
13:51:53.0476 4940 [ 47BBD40D59B4242866E5AB7CE1F4F493 ] C:\Program Files\P4G\BatteryLife.exe
13:51:53.0476 4940 C:\Program Files\P4G\BatteryLife.exe - ok
13:51:53.0476 4940 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
13:51:53.0476 4940 C:\Windows\System32\mprapi.dll - ok
13:51:53.0476 4940 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
13:51:53.0476 4940 C:\Windows\System32\ndiscapCfg.dll - ok
13:51:53.0492 4940 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
13:51:53.0492 4940 C:\Windows\System32\rascfg.dll - ok
13:51:53.0492 4940 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
13:51:53.0492 4940 C:\Windows\System32\mprmsg.dll - ok
13:51:53.0492 4940 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
13:51:53.0492 4940 C:\Windows\System32\tcpipcfg.dll - ok
13:51:53.0492 4940 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
13:51:53.0492 4940 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
13:51:53.0492 4940 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
13:51:53.0492 4940 C:\Windows\System32\spp.dll - ok
13:51:53.0492 4940 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
13:51:53.0492 4940 C:\Windows\System32\srclient.dll - ok
13:51:53.0507 4940 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
13:51:53.0507 4940 C:\Windows\System32\sxsstore.dll - ok
13:51:53.0507 4940 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
13:51:53.0507 4940 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
13:51:53.0507 4940 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
13:51:53.0507 4940 C:\Windows\System32\tdh.dll - ok
13:51:53.0507 4940 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
13:51:53.0507 4940 C:\Windows\System32\pnidui.dll - ok
13:51:53.0507 4940 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
13:51:53.0507 4940 C:\Windows\System32\wmp.dll - ok
13:51:53.0507 4940 [ 7E5F5E64C91FEDFE72E4C1728094BA69 ] C:\Program Files\P4G\DevMng.dll
13:51:53.0507 4940 C:\Program Files\P4G\DevMng.dll - ok
13:51:53.0523 4940 [ 50E6288786474CC1275108D33FCC9488 ] C:\Program Files\P4G\OvrClk.dll
13:51:53.0523 4940 C:\Program Files\P4G\OvrClk.dll - ok
13:51:53.0523 4940 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
13:51:53.0523 4940 C:\Windows\SysWOW64\imagehlp.dll - ok
13:51:53.0523 4940 [ BC3DA234CDA880578526DAB028F40268 ] C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
13:51:53.0523 4940 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe - ok
13:51:53.0523 4940 [ CE291A12090CBB2A4BCB1F7A547DEC37 ] C:\Windows\System32\igd10umd64.dll
13:51:53.0523 4940 C:\Windows\System32\igd10umd64.dll - ok
13:51:53.0523 4940 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
13:51:53.0523 4940 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
13:51:53.0523 4940 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
13:51:53.0523 4940 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
13:51:53.0539 4940 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
13:51:53.0539 4940 C:\Windows\SysWOW64\ntdsapi.dll - ok
13:51:53.0539 4940 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
13:51:53.0539 4940 C:\Windows\System32\certcli.dll - ok
13:51:53.0539 4940 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
13:51:53.0539 4940 C:\Windows\SysWOW64\mfc42u.dll - ok
13:51:53.0539 4940 [ 3ACABCA6A8DB71B7F19C8A7523AE1846 ] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
13:51:53.0539 4940 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe - ok
13:51:53.0539 4940 [ 5368DAC1D13B2331A4F6E7530EBCDBE8 ] C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
13:51:53.0539 4940 C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll - ok
13:51:53.0539 4940 [ 9AB802C4321BA2BD6D5F41CCCE6CDB9E ] C:\Program Files (x86)\ASUS\Splendid\OVS.dll
13:51:53.0539 4940 C:\Program Files (x86)\ASUS\Splendid\OVS.dll - ok
13:51:53.0554 4940 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
13:51:53.0554 4940 C:\Windows\servicing\CbsApi.dll - ok
13:51:53.0554 4940 [ DB70FE36AC8F594E9E69479C076BADB8 ] C:\Windows\System32\HelpPaneProxy.dll
13:51:53.0554 4940 C:\Windows\System32\HelpPaneProxy.dll - ok
13:51:53.0554 4940 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
13:51:53.0554 4940 C:\Windows\System32\CertEnroll.dll - ok
13:51:53.0554 4940 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
13:51:53.0554 4940 C:\Windows\SysWOW64\msi.dll - ok
13:51:53.0554 4940 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
13:51:53.0554 4940 C:\Windows\SysWOW64\cscapi.dll - ok
13:51:53.0570 4940 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
13:51:53.0570 4940 C:\Windows\SysWOW64\dbghelp.dll - ok
13:51:53.0570 4940 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
13:51:53.0570 4940 C:\Windows\System32\nci.dll - ok
13:51:53.0570 4940 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
13:51:53.0570 4940 C:\Windows\System32\wlaninst.dll - ok
13:51:53.0570 4940 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
13:51:53.0570 4940 C:\Windows\System32\wwaninst.dll - ok
13:51:53.0570 4940 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
13:51:53.0570 4940 C:\Windows\System32\rundll32.exe - ok
13:51:53.0570 4940 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
13:51:53.0570 4940 C:\Windows\System32\wbem\cimwin32.dll - ok
13:51:53.0585 4940 [ 0F3698E52A5D45E05FC8B8C22296FD35 ] C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll
13:51:53.0585 4940 C:\Program Files (x86)\ASUS\Splendid\Chameleon.dll - ok
13:51:53.0585 4940 [ BC4AE105062D913F5D8FBA5E7840E1BA ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
13:51:53.0585 4940 C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll - ok
13:51:53.0585 4940 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
13:51:53.0585 4940 C:\Windows\System32\EhStorShell.dll - ok
13:51:53.0585 4940 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
13:51:53.0585 4940 C:\Windows\System32\ntshrui.dll - ok
13:51:53.0585 4940 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
13:51:53.0585 4940 C:\Windows\System32\cscapi.dll - ok
13:51:53.0585 4940 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
13:51:53.0585 4940 C:\Windows\System32\IconCodecService.dll - ok
13:51:53.0601 4940 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
13:51:53.0601 4940 C:\Windows\System32\runonce.exe - ok
13:51:53.0601 4940 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
13:51:53.0601 4940 C:\Windows\SysWOW64\runonce.exe - ok
13:51:53.0601 4940 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
13:51:53.0601 4940 C:\Windows\System32\spfileq.dll - ok
13:51:53.0601 4940 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
13:51:53.0601 4940 C:\Windows\SysWOW64\secur32.dll - ok
13:51:53.0617 4940 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
13:51:53.0617 4940 C:\Windows\SysWOW64\cmd.exe - ok
13:51:53.0617 4940 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
13:51:53.0617 4940 C:\Windows\SysWOW64\winbrand.dll - ok
13:51:53.0617 4940 [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\SysWOW64\ieframe.dll
13:51:53.0617 4940 C:\Windows\SysWOW64\ieframe.dll - ok
13:51:53.0617 4940 [ 5BB1F77C8AF725A15EC9366498D275BB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
13:51:53.0617 4940 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
13:51:53.0617 4940 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
13:51:53.0617 4940 C:\Windows\SysWOW64\psapi.dll - ok
13:51:53.0632 4940 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
13:51:53.0632 4940 C:\Windows\SysWOW64\oleacc.dll - ok
13:51:53.0632 4940 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
13:51:53.0632 4940 C:\Windows\System32\aelupsvc.dll - ok
13:51:53.0632 4940 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
13:51:53.0632 4940 C:\Windows\System32\uDWM.dll - ok
13:51:53.0632 4940 [ 41A5048E49372F091B2AE5A5B705B72D ] C:\Windows\SysWOW64\ACEngSvr.exe
13:51:53.0632 4940 C:\Windows\SysWOW64\ACEngSvr.exe - ok
13:51:53.0632 4940 [ 93F29E6964BAEF31E53D203992B0AFD4 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
13:51:53.0632 4940 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok
13:51:53.0632 4940 [ C282F4A84FDA6EF4376996542F7A1249 ] C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
13:51:53.0632 4940 C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe - ok
13:51:53.0648 4940 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
13:51:53.0648 4940 C:\Windows\SysWOW64\mstask.dll - ok
13:51:53.0648 4940 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
13:51:53.0648 4940 C:\Windows\SysWOW64\taskschd.dll - ok
13:51:53.0648 4940 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
13:51:53.0648 4940 C:\Windows\SysWOW64\xmllite.dll - ok
13:51:53.0648 4940 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
13:51:53.0648 4940 C:\Windows\SysWOW64\shdocvw.dll - ok
13:51:53.0648 4940 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\Users\Austin\AppData\Local\Temp\6CC4D103-0449-41FF-AB58-C593A1592C04.exe
13:51:53.0648 4940 C:\Users\Austin\AppData\Local\Temp\6CC4D103-0449-41FF-AB58-C593A1592C04.exe - ok
13:51:53.0663 4940 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
13:51:53.0663 4940 C:\Windows\System32\linkinfo.dll - ok
13:51:53.0663 4940 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:51:53.0663 4940 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
13:51:53.0663 4940 [ A9AB99EE7D39725EAFEC82732D2B3271 ] C:\Program Files\iPod\bin\iPodService.exe
13:51:53.0663 4940 C:\Program Files\iPod\bin\iPodService.exe - ok
13:51:53.0663 4940 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] C:\Windows\System32\msdtc.exe
13:51:53.0663 4940 C:\Windows\System32\msdtc.exe - ok
13:51:53.0663 4940 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
13:51:53.0663 4940 C:\Windows\System32\msiexec.exe - ok
13:51:53.0663 4940 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
13:51:53.0663 4940 C:\Windows\System32\framedynos.dll - ok
13:51:53.0679 4940 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
13:51:53.0679 4940 C:\Windows\System32\wmi.dll - ok
13:51:53.0679 4940 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
13:51:53.0679 4940 C:\Windows\System32\wbem\wmiprov.dll - ok
13:51:53.0679 4940 [ 4F72C8B661DEC62F4DF0F15D33106372 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll
13:51:53.0679 4940 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\AGFNEX64.dll - ok
13:51:53.0679 4940 [ 58BC9B644E6B252C8337AD501B04692A ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
13:51:53.0679 4940 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
13:51:53.0679 4940 [ 7FD0D355941B67162BFB70773D948F88 ] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe
13:51:53.0679 4940 C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe - ok
13:51:53.0695 4940 [ 8B123B4EA20E18758482000149FEF3B4 ] C:\Windows\System32\igfxtray.exe
13:51:53.0695 4940 C:\Windows\System32\igfxtray.exe - ok
13:51:53.0695 4940 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
13:51:53.0695 4940 C:\Windows\System32\dciman32.dll - ok
13:51:53.0695 4940 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
13:51:53.0695 4940 C:\Windows\System32\ddraw.dll - ok
13:51:53.0695 4940 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
13:51:53.0695 4940 C:\Windows\System32\actxprxy.dll - ok
13:51:53.0695 4940 [ 679E82F9D5BE28F5B05064A2F46CE4F2 ] C:\Windows\System32\wbem\mofd.dll
13:51:53.0695 4940 C:\Windows\System32\wbem\mofd.dll - ok
13:51:53.0710 4940 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
13:51:53.0710 4940 C:\Windows\System32\wbem\NCProv.dll - ok
13:51:53.0710 4940 [ 149126216A694E6BA84E92ECA77AAE3B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
13:51:53.0710 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
13:51:53.0710 4940 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
13:51:53.0710 4940 C:\Windows\SysWOW64\ncrypt.dll - ok
13:51:53.0710 4940 [ 1917BE7C440DC7CF04304F0AFD7FDD16 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe
13:51:53.0710 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe - ok
13:51:53.0710 4940 [ AA11E1368EEB237DD100BAC6AFFE1C57 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
13:51:53.0710 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
13:51:53.0726 4940 [ C0DB4A84B7D465BCFEE32A1764B22399 ] C:\Program Files\Elantech\ETDApi.dll
13:51:53.0726 4940 C:\Program Files\Elantech\ETDApi.dll - ok
13:51:53.0726 4940 [ A7B4F5886745246DE4CA4C3A7DC1EA1D ] C:\Windows\System32\hkcmd.exe
13:51:53.0726 4940 C:\Windows\System32\hkcmd.exe - ok
13:51:53.0726 4940 [ 3433C7D4EA35E9709430CA126C979AFE ] C:\Windows\System32\igfxpers.exe
13:51:53.0726 4940 C:\Windows\System32\igfxpers.exe - ok
13:51:53.0726 4940 [ 0E6C6542856BBD380356983179F859E7 ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
13:51:53.0726 4940 C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe - ok
13:51:53.0726 4940 [ 5594A7B4923CF543AC4B9F21FADCAF98 ] C:\Program Files\Elantech\ETDCtrl.exe
13:51:53.0726 4940 C:\Program Files\Elantech\ETDCtrl.exe - ok
13:51:53.0741 4940 [ 4A7C441D99D86704D194E7678873B95D ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
13:51:53.0741 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
13:51:53.0741 4940 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
13:51:53.0741 4940 C:\Windows\SysWOW64\hid.dll - ok
13:51:53.0741 4940 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
13:51:53.0741 4940 C:\Windows\SysWOW64\bcrypt.dll - ok
13:51:53.0741 4940 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
13:51:53.0741 4940 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
13:51:53.0741 4940 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
13:51:53.0741 4940 C:\Windows\SysWOW64\gpapi.dll - ok
13:51:53.0741 4940 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
13:51:53.0741 4940 C:\Windows\SysWOW64\cryptnet.dll - ok
13:51:53.0757 4940 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
13:51:53.0757 4940 C:\Windows\SysWOW64\credssp.dll - ok
13:51:53.0757 4940 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
13:51:53.0757 4940 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
13:51:53.0757 4940 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
13:51:53.0757 4940 C:\Windows\SysWOW64\wship6.dll - ok
13:51:53.0757 4940 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
13:51:53.0757 4940 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
13:51:53.0757 4940 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
13:51:53.0757 4940 C:\Windows\SysWOW64\dnsapi.dll - ok
13:51:53.0773 4940 [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
13:51:53.0773 4940 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
13:51:53.0773 4940 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
13:51:53.0773 4940 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
13:51:53.0773 4940 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
13:51:53.0773 4940 C:\Windows\SysWOW64\rasadhlp.dll - ok
13:51:53.0773 4940 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
13:51:53.0773 4940 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
13:51:53.0773 4940 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
13:51:53.0773 4940 C:\Windows\SysWOW64\cabinet.dll - ok
13:51:53.0788 4940 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
13:51:53.0788 4940 C:\Windows\SysWOW64\devrtl.dll - ok
13:51:53.0788 4940 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
13:51:53.0788 4940 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
13:51:53.0788 4940 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
13:51:53.0788 4940 C:\Windows\SysWOW64\EhStorShell.dll - ok
13:51:53.0788 4940 [ 61BFFB5F57AD12F83AB64B7181829B34 ] C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:51:53.0788 4940 C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE - ok
13:51:53.0804 4940 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
13:51:53.0804 4940 C:\Windows\SysWOW64\ntshrui.dll - ok
13:51:53.0804 4940 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
13:51:53.0804 4940 C:\Windows\SysWOW64\slc.dll - ok
13:51:53.0804 4940 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
13:51:53.0804 4940 C:\Windows\SysWOW64\imageres.dll - ok
13:51:53.0804 4940 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
13:51:53.0804 4940 C:\Windows\System32\Locator.exe - ok
13:51:53.0804 4940 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
13:51:53.0804 4940 C:\Windows\System32\sppsvc.exe - ok
13:51:53.0819 4940 [ 7586ACA6DBFBDCD5EBC1776486D53AA4 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:51:53.0819 4940 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
13:51:53.0819 4940 [ A5299DCA34A86268F3A635CDCF6E8F57 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:51:53.0819 4940 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - ok
13:51:53.0819 4940 [ A1D17BD52F1A2E387EEE1C6543AC2671 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
13:51:53.0819 4940 C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - ok
13:51:53.0819 4940 [ 8886E0697B0A93C521F99099EF643450 ] C:\Windows\System32\wscript.exe
13:51:53.0819 4940 C:\Windows\System32\wscript.exe - ok
13:51:53.0819 4940 [ 792E0A111F9B44953DF42CBAAA17790E ] C:\Windows\System32\igdumd64.dll
13:51:53.0819 4940 C:\Windows\System32\igdumd64.dll - ok
13:51:53.0835 4940 [ 987464EF36FA99E4BA55B1845BD9AAD9 ] C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe
13:51:53.0835 4940 C:\Program Files (x86)\ASUS\Splendid\ACOVS.exe - ok
13:51:53.0835 4940 [ E07EDC6D4E2F9FD44189D2886010B32F ] C:\Program Files\P4G\IntlDPST.exe
13:51:53.0835 4940 C:\Program Files\P4G\IntlDPST.exe - ok
13:51:53.0835 4940 [ 600B406A04D90F577FEA8A88D7379F08 ] C:\Program Files\Intel\TurboBoost\TurboBoost.exe
13:51:53.0835 4940 C:\Program Files\Intel\TurboBoost\TurboBoost.exe - ok
13:51:53.0835 4940 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
13:51:53.0835 4940 C:\Windows\System32\UI0Detect.exe - ok
13:51:53.0835 4940 [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
13:51:53.0835 4940 C:\Windows\System32\vds.exe - ok
13:51:53.0851 4940 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
13:51:53.0851 4940 C:\Windows\System32\VSSVC.exe - ok
13:51:53.0851 4940 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] C:\Windows\System32\Wat\WatAdminSvc.exe
13:51:53.0851 4940 C:\Windows\System32\Wat\WatAdminSvc.exe - ok
13:51:53.0851 4940 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
13:51:53.0851 4940 C:\Windows\System32\wbengine.exe - ok
13:51:53.0851 4940 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:51:53.0851 4940 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
13:51:53.0851 4940 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
13:51:53.0851 4940 C:\Windows\System32\wbem\WmiApSrv.exe - ok
13:51:53.0866 4940 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
13:51:53.0866 4940 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
13:51:53.0866 4940 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
13:51:53.0866 4940 C:\Windows\System32\SearchIndexer.exe - ok
13:51:53.0866 4940 [ 616F6E52CAE254727A886BA8EDA1BEEA ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
13:51:53.0866 4940 C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
13:51:53.0866 4940 [ FDC350CF5DED51A1C9C1F3A83FF03453 ] C:\Windows\System32\igfxext.exe
13:51:53.0866 4940 C:\Windows\System32\igfxext.exe - ok
13:51:53.0866 4940 [ 5BFB1C4FC930C5B4F076BDBB7FE8EAEC ] C:\Windows\System32\igfxsrvc.exe
13:51:53.0866 4940 C:\Windows\System32\igfxsrvc.exe - ok
13:51:53.0882 4940 [ 385C96439C95672F01C3EECDFB92FC96 ] C:\Windows\System32\igfxdev.dll
13:51:53.0882 4940 C:\Windows\System32\igfxdev.dll - ok
13:51:53.0882 4940 [ 4EDAB955D60E7204B550786D7CB40A84 ] C:\Windows\System32\igfxsrvc.dll
13:51:53.0882 4940 C:\Windows\System32\igfxsrvc.dll - ok
13:51:53.0882 4940 [ 42FD3C31AFB38796DA3EA0771C53252B ] C:\Windows\System32\igfxexps.dll
13:51:53.0882 4940 C:\Windows\System32\igfxexps.dll - ok
13:51:53.0882 4940 [ FB0C84565474C1A39E3CCCCA9ACD634B ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
13:51:53.0882 4940 C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
13:51:53.0882 4940 [ AC673018A17C72221BCE15F2E75F7392 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
13:51:53.0882 4940 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
13:51:53.0897 4940 [ 18A2B81F39EA0720478C7DAD3A98B3D9 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
13:51:53.0897 4940 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
13:51:53.0897 4940 [ 4B647E5D4F27D7288BE3CBD26ECF990A ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
13:51:53.0897 4940 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
13:51:53.0897 4940 [ 836F670266DFB1B2BD531A059B358D25 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
13:51:53.0897 4940 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
13:51:53.0897 4940 [ 09C1D09B5B270FB39845D4EE89699D7D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:51:53.0897 4940 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
13:51:53.0913 4940 [ E20D1C0E5231C91E9341E74839867E85 ] C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe
13:51:53.0913 4940 C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe - ok
13:51:53.0913 4940 [ 37DEB76A2CF005841C4E45DE2B94D84F ] C:\Windows\AsScrPro.exe
13:51:53.0913 4940 C:\Windows\AsScrPro.exe - ok
13:51:53.0913 4940 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
13:51:53.0913 4940 C:\Windows\SysWOW64\powrprof.dll - ok
13:51:53.0913 4940 [ 09CC3CB9B87DD31A6EBFE5F9B99FDD4C ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_271.ocx
13:51:53.0913 4940 C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_3_300_271.ocx - ok
13:51:53.0913 4940 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
13:51:53.0913 4940 C:\Windows\SysWOW64\regsvr32.exe - ok
13:51:53.0929 4940 [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
13:51:53.0929 4940 C:\Windows\AppPatch\AcGenral.dll - ok
13:51:53.0929 4940 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
13:51:53.0929 4940 C:\Windows\SysWOW64\mpr.dll - ok
13:51:53.0929 4940 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
13:51:53.0929 4940 C:\Windows\SysWOW64\msacm32.dll - ok
13:51:53.0929 4940 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
13:51:53.0929 4940 C:\Windows\SysWOW64\sfc.dll - ok
13:51:53.0944 4940 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
13:51:53.0944 4940 C:\Windows\SysWOW64\sfc_os.dll - ok
13:51:53.0944 4940 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
13:51:53.0944 4940 C:\Windows\SysWOW64\dsound.dll - ok
13:51:53.0944 4940 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
13:51:53.0944 4940 C:\Windows\SysWOW64\mscms.dll - ok
13:51:53.0944 4940 [ C759FF2C5880DE29284A53A5FF976B0C ] C:\Windows\System32\pcadm.dll
13:51:53.0944 4940 C:\Windows\System32\pcadm.dll - ok
13:51:53.0960 4940 [ 57B4D34232852BFE4453BE571DF90D21 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:51:53.0960 4940 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe - ok
13:51:53.0960 4940 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
13:51:53.0960 4940 C:\Windows\System32\dsound.dll - ok
13:51:53.0960 4940 [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
13:51:53.0960 4940 C:\Windows\System32\opengl32.dll - ok
13:51:53.0960 4940 [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
13:51:53.0960 4940 C:\Windows\System32\glu32.dll - ok
13:51:53.0975 4940 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
13:51:53.0975 4940 C:\Windows\System32\oledlg.dll - ok
13:51:53.0975 4940 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
13:51:53.0975 4940 C:\Windows\System32\RtkCfg64.dll - ok
13:51:53.0975 4940 [ 8AE19C0C6FD69184AD35EED997BF5863 ] C:\Windows\System32\SFComm64.dll
13:51:53.0975 4940 C:\Windows\System32\SFComm64.dll - ok
13:51:53.0975 4940 [ C3A5FFD57C2563204CD9351F0C7A0DEA ] C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll
13:51:53.0975 4940 C:\Program Files (x86)\CyberLink\Power2Go\msvcp71.dll - ok
13:51:53.0975 4940 [ A1A6FC56A1D0DADC164637FE43C40605 ] C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll
13:51:53.0975 4940 C:\Program Files (x86)\CyberLink\Power2Go\msvcr71.dll - ok
13:51:53.0975 4940 [ 6A5D0ED8F280AB8E312A4252472A14A4 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
13:51:53.0975 4940 C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll - ok
13:51:53.0991 4940 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\SysWOW64\wmp.dll
13:51:53.0991 4940 C:\Windows\SysWOW64\wmp.dll - ok
13:51:53.0991 4940 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\SysWOW64\wmploc.DLL
13:51:53.0991 4940 C:\Windows\SysWOW64\wmploc.DLL - ok
13:51:53.0991 4940 [ 2168E61B9E3B06EEB8B3EACDFDC4699B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
13:51:53.0991 4940 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll - ok
13:51:53.0991 4940 [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
13:51:53.0991 4940 C:\Windows\System32\drivers\fastfat.sys - ok
13:51:53.0991 4940 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
13:51:53.0991 4940 C:\Windows\System32\ie4uinit.exe - ok
13:51:54.0007 4940 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
13:51:54.0007 4940 C:\Windows\System32\iedkcs32.dll - ok
13:51:54.0007 4940 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
13:51:54.0007 4940 C:\Windows\System32\themeui.dll - ok
13:51:54.0007 4940 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
13:51:54.0007 4940 C:\Windows\System32\timedate.cpl - ok
13:51:54.0007 4940 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
13:51:54.0007 4940 C:\Windows\System32\shdocvw.dll - ok
13:51:54.0007 4940 [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
13:51:54.0007 4940 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
13:51:54.0022 4940 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
13:51:54.0022 4940 C:\Windows\System32\gameux.dll - ok
13:51:54.0022 4940 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
13:51:54.0022 4940 C:\Windows\System32\msftedit.dll - ok
13:51:54.0022 4940 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
13:51:54.0022 4940 C:\Windows\System32\msls31.dll - ok
13:51:54.0022 4940 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
13:51:54.0022 4940 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
13:51:54.0022 4940 [ 98A5AA92664BF679A6A36DDA8948F504 ] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe
13:51:54.0022 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe - ok
13:51:54.0022 4940 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
13:51:54.0022 4940 C:\Windows\System32\DeviceCenter.dll - ok
13:51:54.0038 4940 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
13:51:54.0038 4940 C:\Windows\System32\thumbcache.dll - ok
13:51:54.0038 4940 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
13:51:54.0038 4940 C:\Windows\System32\msiltcfg.dll - ok
13:51:54.0038 4940 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
13:51:54.0038 4940 C:\Windows\System32\networkexplorer.dll - ok
13:51:54.0038 4940 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\02997745.sys
13:51:54.0038 4940 C:\Windows\System32\drivers\02997745.sys - ok
13:51:54.0038 4940 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
13:51:54.0038 4940 C:\Windows\SysWOW64\riched20.dll - ok
13:51:54.0053 4940 [ B2A2E2CC6D175AF8A1DEF377AA9691DC ] C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll
13:51:54.0053 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\libcef.dll - ok
13:51:54.0053 4940 [ 947668826E32E4502CEFF9B2D06431B2 ] C:\Windows\System32\hccutils.dll
13:51:54.0053 4940 C:\Windows\System32\hccutils.dll - ok
13:51:54.0053 4940 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
13:51:54.0053 4940 C:\Windows\System32\drprov.dll - ok
13:51:54.0053 4940 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
13:51:54.0053 4940 C:\Windows\System32\ntlanman.dll - ok
13:51:54.0053 4940 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
13:51:54.0053 4940 C:\Windows\System32\davclnt.dll - ok
13:51:54.0069 4940 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
13:51:54.0069 4940 C:\Windows\System32\davhlpr.dll - ok
13:51:54.0069 4940 [ A61CABBF31ECBE3ECF8F228E334D6983 ] C:\Windows\System32\igfxrenu.lrc
13:51:54.0069 4940 C:\Windows\System32\igfxrenu.lrc - ok
13:51:54.0069 4940 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
13:51:54.0069 4940 C:\Windows\System32\UIAnimation.dll - ok
13:51:54.0069 4940 [ 6F4E7BCCD81E3106466701489CA95308 ] C:\Windows\System32\igfxress.dll
13:51:54.0069 4940 C:\Windows\System32\igfxress.dll - ok
13:51:54.0069 4940 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
13:51:54.0069 4940 C:\Windows\System32\IccLibDll_x64.dll - ok
13:51:54.0085 4940 [ D5C19842C2271327CA20511C30FFEED3 ] C:\Windows\vsnp2uvc.exe
13:51:54.0085 4940 C:\Windows\vsnp2uvc.exe - ok
13:51:54.0085 4940 [ 60A24CA5E2D760F4F619F1D1FE62FB27 ] C:\Program Files (x86)\Steam\Steam.exe
13:51:54.0085 4940 C:\Program Files (x86)\Steam\Steam.exe - ok
13:51:54.0085 4940 [ DDC0B23D7EB77356E8D32FFE05718C6E ] C:\Windows\System32\vbscript.dll
13:51:54.0085 4940 C:\Windows\System32\vbscript.dll - ok
13:51:54.0085 4940 [ 55A1496058ED1805F11BB90D7C3249D5 ] C:\Program Files (x86)\AIM\aim.exe
13:51:54.0085 4940 C:\Program Files (x86)\AIM\aim.exe - ok
13:51:54.0085 4940 [ B7E073E3150FCF200A3B79C3401670B4 ] C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE
13:51:54.0085 4940 C:\PROGRA~2\ASUS\AsusVibe\ASUSVI~2.EXE - ok
13:51:54.0085 4940 [ 0D15C35B7FF95A4E4900587112901A8B ] C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe
13:51:54.0085 4940 C:\Program Files (x86)\ASUS\FancyStart\FancyStart.exe - ok
13:51:54.0100 4940 [ FDDFE3E2636779B6F059E2B83E3194DA ] C:\PROGRA~1\Intel\TURBOB~1\SIGNAL~1.EXE
13:51:54.0100 4940 C:\PROGRA~1\Intel\TURBOB~1\SIGNAL~1.EXE - ok
13:51:54.0100 4940 [ 6477C69FC49D97C7BF406D27E81FC17F ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
13:51:54.0100 4940 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll - ok
13:51:54.0100 4940 [ 6964F8A9B7E0C9499C12648F95606C3A ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
13:51:54.0100 4940 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll - ok
13:51:54.0100 4940 [ 3269E1B7B57C6C129A4BAB1371D30C51 ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
13:51:54.0100 4940 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll - ok
13:51:54.0100 4940 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
13:51:54.0100 4940 C:\Windows\AppPatch\AcLayers.dll - ok
13:51:54.0116 4940 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
13:51:54.0116 4940 C:\Windows\System32\msisip.dll - ok
13:51:54.0116 4940 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
13:51:54.0116 4940 C:\Windows\System32\wshext.dll - ok
13:51:54.0116 4940 [ 757A595F75E7840A7132EC11E6E6188A ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe
13:51:54.0116 4940 C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe - ok
13:51:54.0116 4940 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
13:51:54.0116 4940 C:\Windows\System32\mscoree.dll - ok
13:51:54.0116 4940 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
13:51:54.0116 4940 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
13:51:54.0131 4940 [ BD87D5F5D68AC07243010A6F5176F897 ] C:\Program Files (x86)\ASUS\APRP\aprp.exe
13:51:54.0131 4940 C:\Program Files (x86)\ASUS\APRP\aprp.exe - ok
13:51:54.0131 4940 [ D4BB77CD47EEDCDB08DF418136B4BC9A ] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
13:51:54.0131 4940 C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll - ok
13:51:54.0131 4940 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
13:51:54.0131 4940 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
13:51:54.0131 4940 [ 67CE7A83CF4AA78A05EA26D4443CE5F3 ] C:\Windows\System32\scrobj.dll
13:51:54.0131 4940 C:\Windows\System32\scrobj.dll - ok
13:51:54.0131 4940 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
13:51:54.0131 4940 C:\Windows\SysWOW64\oledlg.dll - ok
13:51:54.0147 4940 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
13:51:54.0147 4940 C:\Windows\System32\wbem\wbemdisp.dll - ok
13:51:54.0147 4940 [ 603986B2AA74E710381CF0E0849BD6FC ] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\EregRes_eng.dll
13:51:54.0147 4940 C:\Program Files (x86)\Nuance\PDF Reader\Ereg\EregRes_eng.dll - ok
13:51:54.0147 4940 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
13:51:54.0147 4940 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
13:51:54.0147 4940 [ E70D869892084DEAE2769329F649FCD8 ] C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe
13:51:54.0147 4940 C:\Program Files (x86)\ASUS\AsusVibe\AsusVibe2.0.exe - ok
13:51:54.0147 4940 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
13:51:54.0147 4940 C:\Windows\SysWOW64\samlib.dll - ok
13:51:54.0163 4940 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
13:51:54.0163 4940 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
13:51:54.0163 4940 [ E68481CC1FC46DE4362D2C0030C69AB1 ] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
13:51:54.0163 4940 C:\Program Files (x86)\Bluetooth Suite\Sync.dll - ok
13:51:54.0163 4940 [ 7668FBBBA67E30D65F101D7877F31DD9 ] C:\Program Files (x86)\Bluetooth Suite\goep_single.dll
13:51:54.0163 4940 C:\Program Files (x86)\Bluetooth Suite\goep_single.dll - ok
13:51:54.0163 4940 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll
13:51:54.0163 4940 C:\Windows\System32\wbem\stdprov.dll - ok
13:51:54.0163 4940 [ 249AD0695853F0F00CC0F490047FB4B8 ] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
13:51:54.0163 4940 C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll - ok
13:51:54.0178 4940 [ BBE8B2B11C5903995802B2565DF4947B ] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe
13:51:54.0178 4940 C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe - ok
13:51:54.0178 4940 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
13:51:54.0178 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
13:51:54.0178 4940 [ D1BBE227367ED791D5FCF08E132D2956 ] C:\Windows\SysWOW64\opengl32.dll
13:51:54.0178 4940 C:\Windows\SysWOW64\opengl32.dll - ok
13:51:54.0178 4940 [ 7EE22E13DEC8A6D18F4643C1EA34B0F0 ] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
13:51:54.0178 4940 C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe - ok
13:51:54.0178 4940 [ F3702F8AFEE44F75B90074306F1D303E ] C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll
13:51:54.0178 4940 C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll - ok
13:51:54.0194 4940 [ 5AEBF6FA9805C9101220AA4FB4FA17E7 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
13:51:54.0194 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
13:51:54.0194 4940 [ 79A3B950988F8D2B81906D0C0473158B ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
13:51:54.0194 4940 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
13:51:54.0194 4940 [ 7E7C0EB0F46307C18A5C46C346F549D4 ] C:\ExpressGateUtil\VAWinAgent.exe
13:51:54.0194 4940 C:\ExpressGateUtil\VAWinAgent.exe - ok
13:51:54.0194 4940 [ FD22B00049F775E952371E9C3DAC631B ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
13:51:54.0194 4940 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe - ok
13:51:54.0194 4940 [ 22EC0852DBF032A93D8DA697065FA189 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
13:51:54.0194 4940 C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe - ok
13:51:54.0209 4940 [ 607FCAE0B447C1B917DADBF0BE9A83FE ] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
13:51:54.0209 4940 C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe - ok
13:51:54.0209 4940 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
13:51:54.0209 4940 C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe - ok
13:51:54.0209 4940 [ 4EFCDF3DB1BBA69C09622991280C4ACB ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
13:51:54.0209 4940 C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe - ok
13:51:54.0209 4940 [ 84DB35F319E5B67838A4877C11748866 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
13:51:54.0209 4940 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
13:51:54.0225 4940 [ 995BEB69AE5C50D354894354F5A6CD5A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:51:54.0225 4940 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
13:51:54.0225 4940 [ 2A9C0D826F68D2496AA4C43FB708AA80 ] C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll
13:51:54.0225 4940 C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll - ok
13:51:54.0225 4940 [ B45F2C4076ACFD9714037B7C69D90167 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:51:54.0225 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
13:51:54.0225 4940 [ 34086F1DBB4065047EA3671CB70505CC ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:51:54.0225 4940 C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
13:51:54.0225 4940 [ 504FF43F962DAB2B9D892C3FAF734C24 ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
13:51:54.0225 4940 C:\Program Files (x86)\AVG Secure Search\vprot.exe - ok
13:51:54.0241 4940 [ 86E3E5C69AF0354B9CC0ED86D1D17F11 ] C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
13:51:54.0241 4940 C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe - ok
13:51:54.0241 4940 [ 0008A81EC354071032C8E6DC4C1B9470 ] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
13:51:54.0241 4940 C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll - ok
13:51:54.0241 4940 [ 5E1CB70FB28661880C202AA0D5238C86 ] C:\Program Files (x86)\AIM\xprt6.dll
13:51:54.0241 4940 C:\Program Files (x86)\AIM\xprt6.dll - ok
13:51:54.0241 4940 [ C11DAF6B0338767400182EAE5D9CC2AE ] C:\Program Files (x86)\Bluetooth Suite\BPP.dll
13:51:54.0241 4940 C:\Program Files (x86)\Bluetooth Suite\BPP.dll - ok
13:51:54.0241 4940 [ 1555B01B45C6DE116F327212D35CD6FC ] C:\Program Files (x86)\Bluetooth Suite\goep_bpp.dll
13:51:54.0241 4940 C:\Program Files (x86)\Bluetooth Suite\goep_bpp.dll - ok
13:51:54.0256 4940 [ 49531A59899FB6C888D3AC76C908693D ] C:\Windows\System32\usbui.dll
13:51:54.0256 4940 C:\Windows\System32\usbui.dll - ok
13:51:54.0256 4940 [ B1CA4AA760FF0DDFA1C38E95D19CFEFB ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
13:51:54.0256 4940 C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
13:51:54.0256 4940 [ C1FDF1F9C00853225D87017B9D2F8596 ] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
13:51:54.0256 4940 C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll - ok
13:51:54.0256 4940 [ 628C28F3B0F227266573EFD19FAA9EB6 ] C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll
13:51:54.0256 4940 C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll - ok
13:51:54.0256 4940 [ 0654195051D1024C005E7BE135A6FEE7 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
13:51:54.0256 4940 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
13:51:54.0272 4940 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
13:51:54.0272 4940 C:\Windows\SysWOW64\shfolder.dll - ok
13:51:54.0272 4940 [ 54DEF38D41092658064C83783C55A90E ] C:\Program Files (x86)\AIM\AOLSvcMgr.dll
13:51:54.0272 4940 C:\Program Files (x86)\AIM\AOLSvcMgr.dll - ok
13:51:54.0272 4940 [ E7FE89F69C3CC65CAD3D1ADC5D6A9F41 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
13:51:54.0272 4940 C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
13:51:54.0272 4940 [ A543DD5857077214BF93AEDE450DE92D ] C:\Program Files (x86)\AIM\acccore.dll
13:51:54.0272 4940 C:\Program Files (x86)\AIM\acccore.dll - ok
13:51:54.0272 4940 [ FB665485B6C8EE16FED0619ADFF8B27A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
13:51:54.0272 4940 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
13:51:54.0287 4940 [ 2DE1B8DE10C95EB22453481B61CAD339 ] C:\Program Files (x86)\AIM\coolcore60.dll
13:51:54.0287 4940 C:\Program Files (x86)\AIM\coolcore60.dll - ok
13:51:54.0287 4940 [ 24744F14E76174927AA2BD4600709192 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
13:51:54.0287 4940 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
13:51:54.0287 4940 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
13:51:54.0287 4940 C:\Windows\SysWOW64\ddraw.dll - ok
13:51:54.0287 4940 [ DE3897365B04C4DA1CF8FF725577C082 ] C:\Windows\SysWOW64\glu32.dll
13:51:54.0287 4940 C:\Windows\SysWOW64\glu32.dll - ok
13:51:54.0287 4940 [ E0CD5872CA4552056C4C705361A6BB5A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
13:51:54.0287 4940 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
13:51:54.0287 4940 [ F9BC89D6A79A2C8655DCEB51C6561BB9 ] C:\Windows\Installer\{15A7FE96-CEB7-2172-828D-037D61F2933C}\syshost.exe
13:51:54.0287 4940 C:\Windows\Installer\{15A7FE96-CEB7-2172-828D-037D61F2933C}\syshost.exe - ok
13:51:54.0303 4940 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
13:51:54.0303 4940 C:\Windows\SysWOW64\dciman32.dll - ok
13:51:54.0303 4940 [ 06B4C8D5D9708A7494AC7C02CD54650E ] C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll
13:51:54.0303 4940 C:\Program Files (x86)\ASUS\Wireless Console 3\inter_f2.dll - ok
13:51:54.0303 4940 [ 1879006B090AA947565E8BFF6C93A794 ] C:\Program Files (x86)\Bluetooth Suite\BtObexFt.dll
13:51:54.0303 4940 C:\Program Files (x86)\Bluetooth Suite\BtObexFt.dll - ok
13:51:54.0303 4940 [ FDDC4D6EC3B2BD3B5A04C22881305621 ] C:\Windows\SysWOW64\SFCOM.dll
13:51:54.0303 4940 C:\Windows\SysWOW64\SFCOM.dll - ok
13:51:54.0303 4940 [ 809A1EC7868924B5E92421F018587AC9 ] C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll
13:51:54.0303 4940 C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll - ok
13:51:54.0319 4940 [ 645F0DEC75EB9B16C11C0D6D5A514878 ] C:\Program Files\Elantech\ETDFavorite.dll
13:51:54.0319 4940 C:\Program Files\Elantech\ETDFavorite.dll - ok
13:51:54.0319 4940 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
13:51:54.0319 4940 C:\Windows\System32\stobject.dll - ok
13:51:54.0319 4940 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
13:51:54.0319 4940 C:\Windows\System32\batmeter.dll - ok
13:51:54.0319 4940 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
13:51:54.0319 4940 C:\Windows\SysWOW64\wdmaud.drv - ok
13:51:54.0319 4940 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
13:51:54.0319 4940 C:\Windows\SysWOW64\avrt.dll - ok
13:51:54.0334 4940 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
13:51:54.0334 4940 C:\Windows\SysWOW64\ksuser.dll - ok
13:51:54.0334 4940 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
13:51:54.0334 4940 C:\Windows\SysWOW64\midimap.dll - ok
13:51:54.0334 4940 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
13:51:54.0334 4940 C:\Windows\SysWOW64\msacm32.drv - ok
13:51:54.0334 4940 [ 388CE212A119271EEA68F42712F3F64F ] C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL
13:51:54.0334 4940 C:\Program Files (x86)\ASUS\Wireless Console 3\ATKWLIOC.DLL - ok
13:51:54.0334 4940 [ C165BCAA50B19F317736A0CFAA597D2A ] C:\Program Files (x86)\Bluetooth Suite\BtFileStore.dll
13:51:54.0334 4940 C:\Program Files (x86)\Bluetooth Suite\BtFileStore.dll - ok
13:51:54.0350 4940 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
13:51:54.0350 4940 C:\Windows\System32\wsock32.dll - ok
13:51:54.0350 4940 [ 8E5FD5CB6E5D9738BE96C70F1B7C6462 ] C:\Program Files (x86)\Bluetooth Suite\BTOBEXOP.dll
13:51:54.0350 4940 C:\Program Files (x86)\Bluetooth Suite\BTOBEXOP.dll - ok
13:51:54.0350 4940 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
13:51:54.0350 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
13:51:54.0350 4940 [ 1020C0C4BAC624DAF56712EA6D5865CE ] C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll
13:51:54.0350 4940 C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll - ok
13:51:54.0350 4940 [ 372A32D98022E2323D21C95900329A43 ] C:\Program Files\Elantech\ETDApix.dll
13:51:54.0350 4940 C:\Program Files\Elantech\ETDApix.dll - ok
13:51:54.0350 4940 [ BE6A2B0779CEBBF0A27DA15F502C6417 ] C:\Program Files (x86)\Bluetooth Suite\BtFileStoreOpp.dll
13:51:54.0350 4940 C:\Program Files (x86)\Bluetooth Suite\BtFileStoreOpp.dll - ok
13:51:54.0365 4940 [ 57E21170FC572174B0952C9FFD4FBC7D ] C:\Program Files (x86)\Bluetooth Suite\goep.dll
13:51:54.0365 4940 C:\Program Files (x86)\Bluetooth Suite\goep.dll - ok
13:51:54.0365 4940 [ D043032712A18E9EF923DB5C4FB21460 ] C:\Program Files\Elantech\ETDCmds.dll
13:51:54.0365 4940 C:\Program Files\Elantech\ETDCmds.dll - ok
13:51:54.0365 4940 [ 71F0E9FDE641E1565844B8DC365DFF4E ] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
13:51:54.0365 4940 C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll - ok
13:51:54.0365 4940 [ C81A97A261AE847AA6F9E57729A3E60A ] C:\Program Files\Trend Micro\Titanium\UIFramework\TmDbgLog.dll
13:51:54.0365 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\TmDbgLog.dll - ok
13:51:54.0365 4940 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
13:51:54.0365 4940 C:\Windows\SysWOW64\msxml3.dll - ok
13:51:54.0381 4940 [ E7C665D4AFAAB45A9086D02FFC87A4B4 ] C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll
13:51:54.0381 4940 C:\Program Files (x86)\ASUS\Wireless Console 3\SiSPkt.dll - ok
13:51:54.0381 4940 [ D955933A983C6E50275EDE2EADBD8EF7 ] C:\Program Files\Elantech\ETDCtrlHelper.exe
13:51:54.0381 4940 C:\Program Files\Elantech\ETDCtrlHelper.exe - ok
13:51:54.0381 4940 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
13:51:54.0381 4940 C:\Windows\System32\consent.exe - ok
13:51:54.0381 4940 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
13:51:54.0381 4940 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
13:51:54.0381 4940 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
13:51:54.0381 4940 C:\Windows\System32\prnfldr.dll - ok
13:51:54.0397 4940 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
13:51:54.0397 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
13:51:54.0397 4940 [ 01D585C95A0E752EFFB11EA899B0E387 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
13:51:54.0397 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll - ok
13:51:54.0397 4940 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
13:51:54.0397 4940 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
13:51:54.0397 4940 [ CFE8A3C5B38663F5E9F8BD742CB7624D ] C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll
13:51:54.0397 4940 C:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll - ok
13:51:54.0412 4940 [ ECC454E6AB61BB3AD00AFB9F5C081E2C ] C:\Program Files\Trend Micro\Titanium\UIFramework\VizorUniclientLibrary.dll
13:51:54.0412 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\VizorUniclientLibrary.dll - ok
13:51:54.0412 4940 [ 4CE1C9F944C5EC5B6B7F0C833A273DEA ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll
13:51:54.0412 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilDebugLog.dll - ok
13:51:54.0412 4940 [ D5369247B6C11EAE2C0650D8303E23B4 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
13:51:54.0412 4940 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
13:51:54.0412 4940 [ 7BDA9423415F7612454B91DF4FA11576 ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll
13:51:54.0412 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_thread-vc80-mt-1_36.dll - ok
13:51:54.0412 4940 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
13:51:54.0412 4940 C:\Windows\SysWOW64\duser.dll - ok
13:51:54.0428 4940 [ 50EE778BF4C4EE52CF1FB49E268710CD ] C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll
13:51:54.0428 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\boost_date_time-vc80-mt-1_36.dll - ok
13:51:54.0428 4940 [ ADE6A6FEBF1FC2B7080636B9051582EA ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll
13:51:54.0428 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilMsgBuffer.dll - ok
13:51:54.0428 4940 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
13:51:54.0428 4940 C:\Windows\System32\fdProxy.dll - ok
13:51:54.0428 4940 [ 5CB4174FB02E0BD4639B6EBDE31EC8E1 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
13:51:54.0428 4940 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
13:51:54.0428 4940 [ BFC43967D25EA76082B9369B619AE5A7 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
13:51:54.0428 4940 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
13:51:54.0443 4940 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
13:51:54.0443 4940 C:\Windows\SysWOW64\sxs.dll - ok
13:51:54.0443 4940 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
13:51:54.0443 4940 C:\Windows\System32\DXP.dll - ok
13:51:54.0443 4940 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
13:51:54.0443 4940 C:\Windows\System32\Syncreg.dll - ok
13:51:54.0443 4940 [ 4275701172E647D59623D42734E132AF ] C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll
13:51:54.0443 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\outer_AMSP_ClientLibrary.dll - ok
13:51:54.0443 4940 [ 96F8E8118661EC51D47719F037EBFD12 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll
13:51:54.0443 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilJsonHandle.dll - ok
13:51:54.0459 4940 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
13:51:54.0459 4940 C:\Windows\ehome\ehSSO.dll - ok
13:51:54.0459 4940 [ 7885F2F685205B6815CBBF853730A872 ] C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.0\avgdttbx.dll
13:51:54.0459 4940 C:\Program Files (x86)\Common Files\AVG Secure Search\DNTInstaller\12.2.0\avgdttbx.dll - ok
13:51:54.0459 4940 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
13:51:54.0459 4940 C:\Windows\System32\netshell.dll - ok
13:51:54.0459 4940 [ ACE195303472D15FA4B6BEE30F319657 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll
13:51:54.0459 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilIPC.dll - ok
13:51:54.0459 4940 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
13:51:54.0459 4940 C:\Windows\SysWOW64\dui70.dll - ok
13:51:54.0475 4940 [ 08875F073FD0AA75BD81EFC6AA955F20 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll
13:51:54.0475 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilThread.dll - ok
13:51:54.0475 4940 [ 794B73472A43C9E18DE264340096D58C ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll
13:51:54.0475 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilRPC.dll - ok
13:51:54.0475 4940 [ F9909B83C000A953F21B2358494C0E19 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilAccessControl.dll
13:51:54.0475 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilAccessControl.dll - ok
13:51:54.0475 4940 [ 57BBB3DB2D8D1949D11964FCE332D7CD ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll
13:51:54.0475 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilInstallation.dll - ok
13:51:54.0490 4940 [ C2F5DFC47BCA388DFAB8236FE1B38A98 ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll
13:51:54.0490 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilComponentInfo.dll - ok
13:51:54.0490 4940 [ F6FD82845D9A0D3DE9294CB8743FB1FE ] C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll
13:51:54.0490 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\utilGenericLoader.dll - ok
13:51:54.0490 4940 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
13:51:54.0490 4940 C:\Windows\System32\AltTab.dll - ok
13:51:54.0490 4940 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
13:51:54.0490 4940 C:\Windows\System32\WPDShServiceObj.dll - ok
13:51:54.0490 4940 [ 55E9701FB155B4C77358749A5AC83ECE ] C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll
13:51:54.0490 4940 C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\SiteSafety.dll - ok
13:51:54.0506 4940 [ 1578ED9A1C0AA2A32461072B2BC8123C ] C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll
13:51:54.0506 4940 C:\Program Files\Trend Micro\Titanium\UIFramework\instInstallationLibrary.dll - ok
13:51:54.0506 4940 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
13:51:54.0506 4940 C:\Windows\System32\PortableDeviceTypes.dll - ok
13:51:54.0506 4940 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
13:51:54.0506 4940 C:\Windows\System32\dxtrans.dll - ok
13:51:54.0506 4940 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
13:51:54.0506 4940 C:\Windows\SysWOW64\linkinfo.dll - ok
13:51:54.0521 4940 [ FD2031A7D5BBB95DC8A763D20B352A46 ] C:\Windows\System32\imgutil.dll
13:51:54.0521 4940 C:\Windows\System32\imgutil.dll - ok
13:51:54.0521 4940 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
13:51:54.0521 4940 C:\Windows\System32\ddrawex.dll - ok
13:51:54.0521 4940 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
13:51:54.0521 4940 C:\Windows\System32\QUTIL.DLL - ok
13:51:54.0521 4940 [ 2F31597DA72FE328E1F7FEBF8548759C ] C:\Windows\System32\pngfilt.dll
13:51:54.0521 4940 C:\Windows\System32\pngfilt.dll - ok
13:51:54.0521 4940 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
13:51:54.0521 4940 C:\Windows\System32\tquery.dll - ok
13:51:54.0537 4940 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
13:51:54.0537 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
13:51:54.0537 4940 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
13:51:54.0537 4940 C:\Windows\System32\srchadmin.dll - ok
13:51:54.0537 4940 [ 777F34146CD4126A2B8D6F2342F57536 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
13:51:54.0537 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll - ok
13:51:54.0537 4940 [ BD23077CBAD092A5EA5F77ED874F32A2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
13:51:54.0537 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll - ok
13:51:54.0553 4940 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
13:51:54.0553 4940 C:\Windows\System32\mssrch.dll - ok
13:51:54.0553 4940 [ 610FD9154F3C36E5BF419EE499FCDF2E ] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
13:51:54.0553 4940 C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll - ok
13:51:54.0553 4940 [ A2C5A505398A160AF30121E307AE996E ] C:\Windows\SysWOW64\jscript.dll
13:51:54.0553 4940 C:\Windows\SysWOW64\jscript.dll - ok
13:51:54.0553 4940 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
13:51:54.0553 4940 C:\Windows\SysWOW64\KBDUS.DLL - ok
13:51:54.0553 4940 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
13:51:54.0553 4940 C:\Windows\SysWOW64\msftedit.dll - ok
13:51:54.0568 4940 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
13:51:54.0568 4940 C:\Windows\SysWOW64\rasapi32.dll - ok
13:51:54.0568 4940 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
13:51:54.0568 4940 C:\Windows\System32\esent.dll - ok
13:51:54.0568 4940 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
13:51:54.0568 4940 C:\Windows\System32\FXSST.dll - ok
13:51:54.0568 4940 [ 57B786CD9FD32B4D7B3EBEAFD9196DD8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll
13:51:54.0568 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\1586ee919f86130df9771cf9b8d95d3a\Microsoft.VisualBasic.ni.dll - ok
13:51:54.0584 4940 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
13:51:54.0584 4940 C:\Windows\SysWOW64\rasman.dll - ok
13:51:54.0584 4940 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
13:51:54.0584 4940 C:\Windows\SysWOW64\rtutils.dll - ok
13:51:54.0584 4940 [ 02E185944CFA58DAD47D409E5655FB28 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
13:51:54.0584 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll - ok
13:51:54.0584 4940 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
13:51:54.0584 4940 C:\Windows\SysWOW64\nlaapi.dll - ok
13:51:54.0599 4940 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
13:51:54.0599 4940 C:\Windows\System32\FXSAPI.dll - ok
13:51:54.0599 4940 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
13:51:54.0599 4940 C:\Windows\System32\FXSRESM.dll - ok
13:51:54.0599 4940 [ F96E7E2F6E0FA294B4C117F53C8115D4 ] C:\Program Files (x86)\AIM\nss3.dll
13:51:54.0599 4940 C:\Program Files (x86)\AIM\nss3.dll - ok
13:51:54.0599 4940 [ 0EFB3626C2899955BC22C050842C1DB1 ] C:\Program Files (x86)\AIM\softokn3.dll
13:51:54.0599 4940 C:\Program Files (x86)\AIM\softokn3.dll - ok
13:51:54.0615 4940 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
13:51:54.0615 4940 C:\Windows\System32\netman.dll - ok
13:51:54.0615 4940 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
13:51:54.0615 4940 C:\Windows\System32\msidle.dll - ok
13:51:54.0615 4940 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
13:51:54.0615 4940 C:\Windows\System32\rasdlg.dll - ok
13:51:54.0631 4940 [ 60B8974FA964F568C25A55C19D59883A ] C:\Program Files (x86)\AIM\plc4.dll
13:51:54.0631 4940 C:\Program Files (x86)\AIM\plc4.dll - ok
13:51:54.0631 4940 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
13:51:54.0631 4940 C:\Windows\System32\mssprxy.dll - ok
13:51:54.0631 4940 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
13:51:54.0631 4940 C:\Windows\System32\dot3api.dll - ok
13:51:54.0631 4940 [ 537DBA28451A112EFECCBD850B8C961F ] C:\Program Files (x86)\AIM\nspr4.dll
13:51:54.0631 4940 C:\Program Files (x86)\AIM\nspr4.dll - ok
13:51:54.0646 4940 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
13:51:54.0646 4940 C:\Windows\System32\wlanhlp.dll - ok
13:51:54.0646 4940 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
13:51:54.0646 4940 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
13:51:54.0646 4940 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
13:51:54.0646 4940 C:\Windows\System32\wlanapi.dll - ok
13:51:54.0646 4940 [ 3BB617EF942280B0BE09D844BDE4AF56 ] C:\Program Files (x86)\AIM\plds4.dll
13:51:54.0646 4940 C:\Program Files (x86)\AIM\plds4.dll - ok
13:51:54.0646 4940 [ 31C79E69AAB3F66F84853B6A78DE8239 ] C:\Program Files (x86)\AIM\ssl3.dll
13:51:54.0646 4940 C:\Program Files (x86)\AIM\ssl3.dll - ok
13:51:54.0662 4940 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
13:51:54.0662 4940 C:\Windows\System32\en-US\tquery.dll.mui - ok
13:51:54.0662 4940 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
13:51:54.0662 4940 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
13:51:54.0662 4940 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
13:51:54.0662 4940 C:\Windows\System32\WWanAPI.dll - ok
13:51:54.0662 4940 [ B1DDF206A4B97C1ED89C3ABE2ECBE3EF ] C:\Program Files (x86)\AIM\smime3.dll
13:51:54.0662 4940 C:\Program Files (x86)\AIM\smime3.dll - ok
13:51:54.0662 4940 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
13:51:54.0662 4940 C:\Windows\System32\wwapi.dll - ok
13:51:54.0662 4940 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
13:51:54.0662 4940 C:\Windows\System32\QAGENT.DLL - ok
13:51:54.0677 4940 [ 68CE18072E9CDFE63DD2E083868C7433 ] C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
13:51:54.0677 4940 C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
13:51:54.0677 4940 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
13:51:54.0677 4940 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
13:51:54.0677 4940 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
13:51:54.0677 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
13:51:54.0677 4940 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
13:51:54.0677 4940 C:\Windows\System32\drmv2clt.dll - ok
13:51:54.0677 4940 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
13:51:54.0677 4940 C:\Windows\System32\wmdrmdev.dll - ok
13:51:54.0693 4940 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
13:51:54.0693 4940 C:\Windows\System32\wmploc.DLL - ok
13:51:54.0693 4940 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
13:51:54.0693 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
13:51:54.0693 4940 [ 64F5B182EE5E48FFA616F245042B7160 ] C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll
13:51:54.0693 4940 C:\Program Files (x86)\Bluetooth Suite\FileTransfer.dll - ok
13:51:54.0693 4940 [ B95F748C4F100DD0F6E8115CC0968670 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
13:51:54.0693 4940 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
13:51:54.0693 4940 [ E4993A704ACA876FC68E3FE2EF858E1E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll
13:51:54.0693 4940 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9b2f17fb61b7197f2a04108f5d1a1cc6\System.Management.ni.dll - ok
13:51:54.0693 4940 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
13:51:54.0693 4940 C:\Windows\System32\wersvc.dll - ok
13:51:54.0709 4940 [ 93DEB816C6985DD75D5A84AD5D266CAC ] C:\Program Files (x86)\AIM\nssckbi.dll
13:51:54.0709 4940 C:\Program Files (x86)\AIM\nssckbi.dll - ok
13:51:54.0709 4940 [ AEDDFD540E3E6BECDB14C30D1F12B78A ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
13:51:54.0709 4940 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
13:51:54.0709 4940 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
13:51:54.0709 4940 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
13:51:54.0709 4940 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
13:51:54.0709 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
13:51:54.0709 4940 [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
13:51:54.0709 4940 C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
13:51:54.0724 4940 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
13:51:54.0724 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
13:51:54.0724 4940 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
13:51:54.0724 4940 C:\Windows\System32\SyncCenter.dll - ok
13:51:54.0724 4940 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
13:51:54.0724 4940 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
13:51:54.0724 4940 [ DDFBFD8959F32AC0CF3947F36BAC3081 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
13:51:54.0724 4940 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
13:51:54.0724 4940 ============================================================
13:51:54.0724 4940 Scan finished
13:51:54.0724 4940 ============================================================
13:51:54.0740 4936 Detected object count: 255
13:51:54.0740 4936 Actual detected object count: 255
13:52:29.0556 4936 C:\Windows\system32\drivers\amdsata.sys - copied to quarantine
13:52:29.0556 4936 amdsata ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0587 4936 C:\Windows\system32\drivers\amdsbs.sys - copied to quarantine
13:52:29.0587 4936 amdsbs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0603 4936 C:\Windows\system32\drivers\amdxata.sys - copied to quarantine
13:52:29.0603 4936 amdxata ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0634 4936 C:\Windows\system32\drivers\arc.sys - copied to quarantine
13:52:29.0634 4936 arc ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0650 4936 C:\Windows\system32\drivers\arcsas.sys - copied to quarantine
13:52:29.0650 4936 arcsas ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0697 4936 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - copied to quarantine
13:52:29.0697 4936 ASMMAP64 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0728 4936 C:\Windows\system32\DRIVERS\asyncmac.sys - copied to quarantine
13:52:29.0728 4936 AsyncMac ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0759 4936 C:\Windows\system32\drivers\atapi.sys - copied to quarantine
13:52:29.0759 4936 atapi ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0775 4936 C:\Windows\system32\DRIVERS\btath_flt.sys - copied to quarantine
13:52:29.0775 4936 AthBTPort ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0880 4936 C:\Windows\system32\DRIVERS\athrx.sys - copied to quarantine
13:52:29.0881 4936 athr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0904 4936 C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys - copied to quarantine
13:52:29.0904 4936 ATKWMIACPIIO ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0930 4936 C:\Windows\system32\drivers\bxvbda.sys - copied to quarantine
13:52:29.0930 4936 b06bdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0957 4936 C:\Windows\system32\DRIVERS\b57nd60a.sys - copied to quarantine
13:52:29.0957 4936 b57nd60a ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0968 4936 C:\Windows\system32\drivers\Beep.sys - copied to quarantine

3:52:29.0968 4936 Beep ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:29.0981 4936 C:\Windows\system32\DRIVERS\blbdrive.sys - copied to quarantine
13:52:29.0981 4936 blbdrive ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0012 4936 C:\Windows\system32\DRIVERS\bowser.sys - copied to quarantine
13:52:30.0013 4936 bowser ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0040 4936 C:\Windows\system32\drivers\BrFiltLo.sys - copied to quarantine
13:52:30.0041 4936 BrFiltLo ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0065 4936 C:\Windows\system32\drivers\BrFiltUp.sys - copied to quarantine
13:52:30.0065 4936 BrFiltUp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0082 4936 C:\Windows\System32\Drivers\Brserid.sys - copied to quarantine
13:52:30.0082 4936 Brserid ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0099 4936 C:\Windows\System32\Drivers\BrSerWdm.sys - copied to quarantine
13:52:30.0099 4936 BrSerWdm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0110 4936 C:\Windows\System32\Drivers\BrUsbMdm.sys - copied to quarantine
13:52:30.0110 4936 BrUsbMdm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0134 4936 C:\Windows\System32\Drivers\BrUsbSer.sys - copied to quarantine
13:52:30.0134 4936 BrUsbSer ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0156 4936 C:\Windows\system32\drivers\btath_a2dp.sys - copied to quarantine
13:52:30.0156 4936 BTATH_A2DP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0187 4936 C:\Windows\system32\DRIVERS\btath_bus.sys - copied to quarantine
13:52:30.0187 4936 BTATH_BUS ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0203 4936 C:\Windows\system32\DRIVERS\btath_hcrp.sys - copied to quarantine
13:52:30.0203 4936 BTATH_HCRP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0218 4936 C:\Windows\system32\DRIVERS\btath_lwflt.sys - copied to quarantine
13:52:30.0218 4936 BTATH_LWFLT ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0234 4936 C:\Windows\system32\DRIVERS\btath_rcp.sys - copied to quarantine
13:52:30.0234 4936 BTATH_RCP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0281 4936 C:\Windows\system32\DRIVERS\btfilter.sys - copied to quarantine
13:52:30.0281 4936 BtFilter ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0312 4936 C:\Windows\system32\drivers\BthEnum.sys - copied to quarantine
13:52:30.0312 4936 BthEnum ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0327 4936 C:\Windows\system32\drivers\bthmodem.sys - copied to quarantine
13:52:30.0327 4936 BTHMODEM ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0343 4936 C:\Windows\system32\DRIVERS\bthpan.sys - copied to quarantine
13:52:30.0343 4936 BthPan ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0359 4936 C:\Windows\System32\Drivers\BTHport.sys - copied to quarantine
13:52:30.0359 4936 BTHPORT ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0374 4936 C:\Windows\System32\Drivers\BTHUSB.sys - copied to quarantine
13:52:30.0374 4936 BTHUSB ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0390 4936 C:\Windows\system32\DRIVERS\cdfs.sys - copied to quarantine
13:52:30.0390 4936 cdfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0421 4936 C:\Windows\system32\DRIVERS\cdrom.sys - copied to quarantine
13:52:30.0421 4936 cdrom ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0437 4936 C:\Windows\system32\drivers\circlass.sys - copied to quarantine
13:52:30.0437 4936 circlass ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0468 4936 C:\Windows\system32\CLFS.sys - copied to quarantine
13:52:30.0468 4936 CLFS ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0483 4936 C:\Windows\system32\DRIVERS\CmBatt.sys - copied to quarantine
13:52:30.0483 4936 CmBatt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0499 4936 C:\Windows\system32\drivers\cmdide.sys - copied to quarantine
13:52:30.0499 4936 cmdide ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0561 4936 C:\Windows\system32\Drivers\cng.sys - copied to quarantine
13:52:30.0561 4936 CNG ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0577 4936 C:\Windows\system32\drivers\compbatt.sys - copied to quarantine
13:52:30.0577 4936 Compbatt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0608 4936 C:\Windows\system32\DRIVERS\CompositeBus.sys - copied to quarantine
13:52:30.0608 4936 CompositeBus ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0624 4936 C:\Windows\system32\drivers\crcdisk.sys - copied to quarantine
13:52:30.0624 4936 crcdisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0639 4936 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine
13:52:30.0639 4936 DfsC ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0655 4936 C:\Windows\system32\drivers\discache.sys - copied to quarantine
13:52:30.0655 4936 discache ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0671 4936 C:\Windows\system32\drivers\disk.sys - copied to quarantine
13:52:30.0671 4936 Disk ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0686 4936 C:\Windows\system32\drivers\drmkaud.sys - copied to quarantine
13:52:30.0686 4936 drmkaud ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0733 4936 C:\Windows\System32\drivers\dxgkrnl.sys - copied to quarantine
13:52:30.0733 4936 DXGKrnl ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0764 4936 C:\Windows\System32\Drivers\e3083e853d691545.sys - copied to quarantine
13:52:30.0764 4936 e3083e853d691545 ( Rootkit.Win32.Necurs.gen ) - User select action: Quarantine
13:52:30.0858 4936 C:\Windows\system32\drivers\evbda.sys - copied to quarantine
13:52:30.0858 4936 ebdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0916 4936 C:\Windows\system32\drivers\elxstor.sys - copied to quarantine
13:52:30.0916 4936 elxstor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0924 4936 C:\Windows\system32\drivers\errdev.sys - copied to quarantine
13:52:30.0924 4936 ErrDev ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0958 4936 C:\Windows\system32\DRIVERS\ETD.sys - copied to quarantine
13:52:30.0958 4936 ETD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:30.0983 4936 C:\Windows\system32\drivers\exfat.sys - copied to quarantine
13:52:30.0983 4936 exfat ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0001 4936 C:\Windows\system32\drivers\fastfat.sys - copied to quarantine
13:52:31.0001 4936 fastfat ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0020 4936 C:\Windows\system32\drivers\fdc.sys - copied to quarantine
13:52:31.0020 4936 fdc ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0039 4936 C:\Windows\system32\drivers\fileinfo.sys - copied to quarantine
13:52:31.0039 4936 FileInfo ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0058 4936 C:\Windows\system32\drivers\filetrace.sys - copied to quarantine
13:52:31.0058 4936 Filetrace ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0078 4936 C:\Windows\system32\drivers\flpydisk.sys - copied to quarantine
13:52:31.0078 4936 flpydisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0094 4936 C:\Windows\system32\drivers\fltmgr.sys - copied to quarantine
13:52:31.0094 4936 FltMgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0126 4936 C:\Windows\system32\DRIVERS\FLxHCIc.sys - copied to quarantine
13:52:31.0127 4936 FLxHCIc ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0140 4936 C:\Windows\system32\DRIVERS\FLxHCIh.sys - copied to quarantine
13:52:31.0140 4936 FLxHCIh ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0141 4936 C:\Windows\system32\drivers\FsDepends.sys - copied to quarantine
13:52:31.0141 4936 FsDepends ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0188 4936 C:\Windows\system32\DRIVERS\fssfltr.sys - copied to quarantine
13:52:31.0188 4936 fssfltr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0219 4936 C:\Windows\system32\drivers\Fs_Rec.sys - copied to quarantine
13:52:31.0219 4936 Fs_Rec ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0235 4936 C:\Windows\system32\DRIVERS\fvevol.sys - copied to quarantine
13:52:31.0235 4936 fvevol ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0251 4936 C:\Windows\system32\drivers\gagp30kx.sys - copied to quarantine
13:52:31.0251 4936 gagp30kx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0282 4936 C:\Windows\system32\DRIVERS\GEARAspiWDM.sys - copied to quarantine
13:52:31.0282 4936 GEARAspiWDM ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0297 4936 C:\Windows\system32\drivers\hcw85cir.sys - copied to quarantine
13:52:31.0297 4936 hcw85cir ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0329 4936 C:\Windows\system32\drivers\HdAudio.sys - copied to quarantine
13:52:31.0329 4936 HdAudAddService ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0329 4936 C:\Windows\system32\DRIVERS\HDAudBus.sys - copied to quarantine
13:52:31.0329 4936 HDAudBus ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0360 4936 C:\Windows\system32\drivers\HidBatt.sys - copied to quarantine
13:52:31.0360 4936 HidBatt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0360 4936 C:\Windows\system32\drivers\hidbth.sys - copied to quarantine
13:52:31.0360 4936 HidBth ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0375 4936 C:\Windows\system32\drivers\hidir.sys - copied to quarantine
13:52:31.0375 4936 HidIr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0391 4936 C:\Windows\system32\DRIVERS\hidusb.sys - copied to quarantine
13:52:31.0391 4936 HidUsb ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0407 4936 C:\Windows\system32\drivers\HpSAMD.sys - copied to quarantine
13:52:31.0407 4936 HpSAMD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0422 4936 C:\Windows\system32\drivers\HTTP.sys - copied to quarantine
13:52:31.0422 4936 HTTP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0438 4936 C:\Windows\system32\drivers\hwpolicy.sys - copied to quarantine
13:52:31.0438 4936 hwpolicy ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0453 4936 C:\Windows\system32\DRIVERS\i8042prt.sys - copied to quarantine
13:52:31.0453 4936 i8042prt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0485 4936 C:\Windows\system32\DRIVERS\iaStor.sys - copied to quarantine
13:52:31.0485 4936 iaStor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0547 4936 C:\Windows\system32\drivers\iaStorV.sys - copied to quarantine
13:52:31.0547 4936 iaStorV ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0828 4936 C:\Windows\system32\DRIVERS\igdkmd64.sys - copied to quarantine
13:52:31.0828 4936 igfx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0859 4936 C:\Windows\system32\drivers\iirsp.sys - copied to quarantine
13:52:31.0859 4936 iirsp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:31.0976 4936 C:\Windows\system32\drivers\RTKVHD64.sys - copied to quarantine
13:52:31.0977 4936 IntcAzAudAddService ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0044 4936 C:\Windows\system32\DRIVERS\IntcDAud.sys - copied to quarantine
13:52:32.0044 4936 IntcDAud ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0088 4936 C:\Windows\system32\drivers\intelide.sys - copied to quarantine
13:52:32.0088 4936 intelide ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0119 4936 C:\Windows\system32\DRIVERS\intelppm.sys - copied to quarantine
13:52:32.0119 4936 intelppm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0137 4936 C:\Windows\system32\DRIVERS\ipfltdrv.sys - copied to quarantine
13:52:32.0138 4936 IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0145 4936 C:\Windows\system32\drivers\IPMIDrv.sys - copied to quarantine
13:52:32.0145 4936 IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0160 4936 C:\Windows\system32\drivers\ipnat.sys - copied to quarantine
13:52:32.0160 4936 IPNAT ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0191 4936 C:\Windows\system32\drivers\irenum.sys - copied to quarantine
13:52:32.0191 4936 IRENUM ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0223 4936 C:\Windows\system32\drivers\isapnp.sys - copied to quarantine
13:52:32.0223 4936 isapnp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0254 4936 C:\Windows\system32\drivers\msiscsi.sys - copied to quarantine
13:52:32.0254 4936 iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0285 4936 C:\Windows\system32\DRIVERS\kbdclass.sys - copied to quarantine
13:52:32.0285 4936 kbdclass ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0332 4936 C:\Windows\system32\drivers\kbdhid.sys - copied to quarantine
13:52:32.0332 4936 kbdhid ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0363 4936 C:\Windows\system32\DRIVERS\kbfiltr.sys - copied to quarantine
13:52:32.0363 4936 kbfiltr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0410 4936 C:\Windows\system32\Drivers\ksecdd.sys - copied to quarantine
13:52:32.0410 4936 KSecDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0457 4936 C:\Windows\system32\Drivers\ksecpkg.sys - copied to quarantine
13:52:32.0457 4936 KSecPkg ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0503 4936 C:\Windows\system32\drivers\ksthunk.sys - copied to quarantine
13:52:32.0503 4936 ksthunk ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0535 4936 C:\Windows\system32\DRIVERS\L1C62x64.sys - copied to quarantine
13:52:32.0535 4936 L1C ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0566 4936 C:\Windows\system32\DRIVERS\lltdio.sys - copied to quarantine
13:52:32.0566 4936 lltdio ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0628 4936 C:\Windows\system32\drivers\lsi_fc.sys - copied to quarantine
13:52:32.0628 4936 LSI_FC ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0659 4936 C:\Windows\system32\drivers\lsi_sas.sys - copied to quarantine
13:52:32.0659 4936 LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0706 4936 C:\Windows\system32\drivers\lsi_sas2.sys - copied to quarantine
13:52:32.0706 4936 LSI_SAS2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0737 4936 C:\Windows\system32\drivers\lsi_scsi.sys - copied to quarantine
13:52:32.0737 4936 LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0800 4936 C:\Windows\system32\drivers\luafv.sys - copied to quarantine
13:52:32.0800 4936 luafv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0831 4936 C:\Windows\system32\drivers\megasas.sys - copied to quarantine
13:52:32.0831 4936 megasas ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0878 4936 C:\Windows\system32\drivers\MegaSR.sys - copied to quarantine
13:52:32.0878 4936 MegaSR ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0940 4936 C:\Windows\system32\DRIVERS\HECIx64.sys - copied to quarantine
13:52:32.0940 4936 MEIx64 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:32.0971 4936 C:\Windows\system32\drivers\modem.sys - copied to quarantine
13:52:32.0971 4936 Modem ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0034 4936 C:\Windows\system32\DRIVERS\monitor.sys - copied to quarantine
13:52:33.0034 4936 monitor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0065 4936 C:\Windows\system32\DRIVERS\mouclass.sys - copied to quarantine
13:52:33.0065 4936 mouclass ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0096 4936 C:\Windows\system32\DRIVERS\mouhid.sys - copied to quarantine
13:52:33.0096 4936 mouhid ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0127 4936 C:\Windows\system32\drivers\mountmgr.sys - copied to quarantine
13:52:33.0127 4936 mountmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0190 4936 C:\Windows\system32\drivers\mpio.sys - copied to quarantine
13:52:33.0190 4936 mpio ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0221 4936 C:\Windows\system32\drivers\mpsdrv.sys - copied to quarantine
13:52:33.0221 4936 mpsdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0252 4936 C:\Windows\system32\drivers\mrxdav.sys - copied to quarantine
13:52:33.0252 4936 MRxDAV ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0315 4936 C:\Windows\system32\DRIVERS\mrxsmb.sys - copied to quarantine
13:52:33.0315 4936 mrxsmb ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0361 4936 C:\Windows\system32\DRIVERS\mrxsmb10.sys - copied to quarantine
13:52:33.0361 4936 mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0408 4936 C:\Windows\system32\DRIVERS\mrxsmb20.sys - copied to quarantine
13:52:33.0408 4936 mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0455 4936 C:\Windows\system32\drivers\msahci.sys - copied to quarantine
13:52:33.0455 4936 msahci ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0486 4936 C:\Windows\system32\drivers\msdsm.sys - copied to quarantine
13:52:33.0486 4936 msdsm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0549 4936 C:\Windows\system32\drivers\Msfs.sys - copied to quarantine
13:52:33.0549 4936 Msfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0580 4936 C:\Windows\System32\drivers\mshidkmdf.sys - copied to quarantine
13:52:33.0580 4936 mshidkmdf ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0611 4936 C:\Windows\system32\drivers\msisadrv.sys - copied to quarantine
13:52:33.0611 4936 msisadrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0658 4936 C:\Windows\system32\drivers\MSKSSRV.sys - copied to quarantine
13:52:33.0658 4936 MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0689 4936 C:\Windows\system32\drivers\MSPCLOCK.sys - copied to quarantine
13:52:33.0689 4936 MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0736 4936 C:\Windows\system32\drivers\MSPQM.sys - copied to quarantine
13:52:33.0736 4936 MSPQM ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0767 4936 C:\Windows\system32\drivers\MsRPC.sys - copied to quarantine
13:52:33.0767 4936 MsRPC ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0814 4936 C:\Windows\system32\DRIVERS\mssmbios.sys - copied to quarantine
13:52:33.0814 4936 mssmbios ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0845 4936 C:\Windows\system32\drivers\MSTEE.sys - copied to quarantine
13:52:33.0845 4936 MSTEE ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0893 4936 C:\Windows\system32\drivers\MTConfig.sys - copied to quarantine
13:52:33.0893 4936 MTConfig ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:33.0927 4936 C:\Windows\system32\Drivers\mup.sys - copied to quarantine
13:52:33.0927 4936 Mup ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0306 4936 C:\Windows\system32\DRIVERS\nwifi.sys - copied to quarantine
13:52:34.0306 4936 NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0353 4936 C:\Windows\system32\drivers\ndis.sys - copied to quarantine
13:52:34.0353 4936 NDIS ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0400 4936 C:\Windows\system32\DRIVERS\ndiscap.sys - copied to quarantine
13:52:34.0400 4936 NdisCap ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0431 4936 C:\Windows\system32\DRIVERS\ndistapi.sys - copied to quarantine
13:52:34.0431 4936 NdisTapi ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0462 4936 C:\Windows\system32\DRIVERS\ndisuio.sys - copied to quarantine
13:52:34.0462 4936 Ndisuio ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0478 4936 C:\Windows\system32\DRIVERS\ndiswan.sys - copied to quarantine
13:52:34.0478 4936 NdisWan ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0525 4936 C:\Windows\system32\drivers\NDProxy.sys - copied to quarantine
13:52:34.0525 4936 NDProxy ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0556 4936 C:\Windows\system32\DRIVERS\netbios.sys - copied to quarantine
13:52:34.0556 4936 NetBIOS ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0587 4936 C:\Windows\system32\DRIVERS\netbt.sys - copied to quarantine
13:52:34.0587 4936 NetBT ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0618 4936 C:\Windows\system32\drivers\nfrd960.sys - copied to quarantine
13:52:34.0618 4936 nfrd960 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0649 4936 C:\Windows\system32\drivers\Npfs.sys - copied to quarantine
13:52:34.0649 4936 Npfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0681 4936 C:\Windows\system32\drivers\nsiproxy.sys - copied to quarantine
13:52:34.0681 4936 nsiproxy ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0743 4936 C:\Windows\system32\drivers\Ntfs.sys - copied to quarantine
13:52:34.0743 4936 Ntfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:34.0790 4936 C:\Windows\system32\drivers\Null.sys - copied to quarantine
13:52:34.0790 4936 Null ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0083 4936 C:\Windows\system32\DRIVERS\nvlddmkm.sys - copied to quarantine
13:52:35.0084 4936 nvlddmkm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0100 4936 C:\Windows\system32\DRIVERS\nvpciflt.sys - copied to quarantine
13:52:35.0100 4936 nvpciflt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0122 4936 C:\Windows\system32\drivers\nvraid.sys - copied to quarantine
13:52:35.0122 4936 nvraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0152 4936 C:\Windows\system32\drivers\nvstor.sys - copied to quarantine
13:52:35.0152 4936 nvstor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0200 4936 C:\Windows\system32\drivers\nv_agp.sys - copied to quarantine
13:52:35.0200 4936 nv_agp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0231 4936 C:\Windows\system32\drivers\ohci1394.sys - copied to quarantine
13:52:35.0231 4936 ohci1394 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0247 4936 C:\Windows\system32\drivers\parport.sys - copied to quarantine
13:52:35.0247 4936 Parport ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0278 4936 C:\Windows\system32\drivers\partmgr.sys - copied to quarantine
13:52:35.0278 4936 partmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0309 4936 C:\Windows\system32\drivers\pci.sys - copied to quarantine
13:52:35.0309 4936 pci ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0341 4936 C:\Windows\system32\drivers\pciide.sys - copied to quarantine
13:52:35.0341 4936 pciide ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0356 4936 C:\Windows\system32\drivers\pcmcia.sys - copied to quarantine
13:52:35.0356 4936 pcmcia ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0387 4936 C:\Windows\system32\drivers\pcw.sys - copied to quarantine
13:52:35.0387 4936 pcw ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0434 4936 C:\Windows\system32\drivers\peauth.sys - copied to quarantine
13:52:35.0434 4936 PEAUTH ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0450 4936 C:\Windows\system32\DRIVERS\raspptp.sys - copied to quarantine
13:52:35.0450 4936 PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0465 4936 C:\Windows\system32\drivers\processr.sys - copied to quarantine
13:52:35.0465 4936 Processor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0481 4936 C:\Windows\system32\DRIVERS\pacer.sys - copied to quarantine
13:52:35.0481 4936 Psched ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0528 4936 C:\Windows\system32\drivers\ql2300.sys - copied to quarantine
13:52:35.0528 4936 ql2300 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0543 4936 C:\Windows\system32\drivers\ql40xx.sys - copied to quarantine
13:52:35.0543 4936 ql40xx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0575 4936 C:\Windows\system32\drivers\qwavedrv.sys - copied to quarantine
13:52:35.0575 4936 QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0575 4936 C:\Windows\system32\DRIVERS\rasacd.sys - copied to quarantine
13:52:35.0575 4936 RasAcd ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0590 4936 C:\Windows\system32\DRIVERS\AgileVpn.sys - copied to quarantine
13:52:35.0590 4936 RasAgileVpn ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0606 4936 C:\Windows\system32\DRIVERS\rasl2tp.sys - copied to quarantine
13:52:35.0606 4936 Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0621 4936 C:\Windows\system32\DRIVERS\raspppoe.sys - copied to quarantine
13:52:35.0621 4936 RasPppoe ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0637 4936 C:\Windows\system32\DRIVERS\rassstp.sys - copied to quarantine
13:52:35.0637 4936 RasSstp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0653 4936 C:\Windows\system32\DRIVERS\rdbss.sys - copied to quarantine
13:52:35.0653 4936 rdbss ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0668 4936 C:\Windows\system32\drivers\rdpbus.sys - copied to quarantine
13:52:35.0668 4936 rdpbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0684 4936 C:\Windows\system32\DRIVERS\RDPCDD.sys - copied to quarantine
13:52:35.0684 4936 RDPCDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0684 4936 C:\Windows\system32\drivers\rdpencdd.sys - copied to quarantine
13:52:35.0684 4936 RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0699 4936 C:\Windows\system32\drivers\rdprefmp.sys - copied to quarantine
13:52:35.0699 4936 RDPREFMP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0715 4936 C:\Windows\system32\drivers\RDPWD.sys - copied to quarantine
13:52:35.0715 4936 RDPWD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0731 4936 C:\Windows\system32\drivers\rdyboost.sys - copied to quarantine
13:52:35.0731 4936 rdyboost ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0746 4936 C:\Windows\system32\DRIVERS\rfcomm.sys - copied to quarantine
13:52:35.0746 4936 RFCOMM ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0746 4936 C:\Windows\system32\DRIVERS\rspndr.sys - copied to quarantine
13:52:35.0746 4936 rspndr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0777 4936 C:\Windows\system32\DRIVERS\Rt64win7.sys - copied to quarantine
13:52:35.0777 4936 RTL8167 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0809 4936 C:\Windows\system32\drivers\sbp2port.sys - copied to quarantine
13:52:35.0809 4936 sbp2port ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0824 4936 C:\Windows\system32\DRIVERS\scfilter.sys - copied to quarantine
13:52:35.0824 4936 scfilter ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0855 4936 C:\Windows\system32\drivers\secdrv.sys - copied to quarantine
13:52:35.0855 4936 secdrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0871 4936 C:\Windows\system32\drivers\serenum.sys - copied to quarantine
13:52:35.0871 4936 Serenum ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0887 4936 C:\Windows\system32\drivers\serial.sys - copied to quarantine
13:52:35.0887 4936 Serial ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:35.0910 4936 C:\Windows\system32\drivers\sermouse.sys - copied to quarantine
13:52:35.0911 4936 sermouse ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0072 4936 C:\Windows\system32\drivers\sffdisk.sys - copied to quarantine
13:52:36.0072 4936 sffdisk ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0141 4936 C:\Windows\system32\drivers\sffp_mmc.sys - copied to quarantine
13:52:36.0141 4936 sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0147 4936 C:\Windows\system32\drivers\sffp_sd.sys - copied to quarantine
13:52:36.0147 4936 sffp_sd ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0168 4936 C:\Windows\system32\drivers\sfloppy.sys - copied to quarantine
13:52:36.0169 4936 sfloppy ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0173 4936 C:\Windows\system32\DRIVERS\SiSG664.sys - copied to quarantine
13:52:36.0173 4936 SiSGbeLH ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0189 4936 C:\Windows\system32\drivers\SiSRaid2.sys - copied to quarantine
13:52:36.0189 4936 SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0205 4936 C:\Windows\system32\drivers\sisraid4.sys - copied to quarantine
13:52:36.0205 4936 SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0220 4936 C:\Windows\system32\DRIVERS\smb.sys - copied to quarantine
13:52:36.0220 4936 Smb ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0267 4936 C:\Windows\system32\DRIVERS\snp2uvc.sys - copied to quarantine
13:52:36.0267 4936 SNP2UVC ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0283 4936 C:\Windows\system32\drivers\spldr.sys - copied to quarantine
13:52:36.0283 4936 spldr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0314 4936 C:\Windows\system32\DRIVERS\srv.sys - copied to quarantine
13:52:36.0314 4936 srv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0329 4936 C:\Windows\system32\DRIVERS\srv2.sys - copied to quarantine
13:52:36.0329 4936 srv2 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0345 4936 C:\Windows\system32\DRIVERS\srvnet.sys - copied to quarantine
13:52:36.0345 4936 srvnet ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0376 4936 C:\Windows\system32\drivers\stexstor.sys - copied to quarantine
13:52:36.0376 4936 stexstor ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0392 4936 C:\Windows\system32\DRIVERS\swenum.sys - copied to quarantine
13:52:36.0392 4936 swenum ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0454 4936 C:\Windows\system32\drivers\tcpip.sys - copied to quarantine
13:52:36.0454 4936 Tcpip ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0688 4936 C:\Windows\system32\DRIVERS\tcpip.sys - copied to quarantine
13:52:36.0688 4936 TCPIP6 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0719 4936 C:\Windows\system32\drivers\tcpipreg.sys - copied to quarantine
13:52:36.0719 4936 tcpipreg ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0735 4936 C:\Windows\system32\drivers\tdpipe.sys - copied to quarantine
13:52:36.0735 4936 TDPIPE ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0751 4936 C:\Windows\system32\drivers\tdtcp.sys - copied to quarantine
13:52:36.0751 4936 TDTCP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0766 4936 C:\Windows\system32\DRIVERS\tdx.sys - copied to quarantine
13:52:36.0766 4936 tdx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0782 4936 C:\Windows\system32\DRIVERS\termdd.sys - copied to quarantine
13:52:36.0782 4936 TermDD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0797 4936 C:\Windows\system32\DRIVERS\tmactmon.sys - copied to quarantine
13:52:36.0797 4936 tmactmon ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0829 4936 C:\Windows\system32\DRIVERS\tmcomm.sys - copied to quarantine
13:52:36.0829 4936 tmcomm ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0860 4936 C:\Windows\system32\DRIVERS\tmtdi.sys - copied to quarantine
13:52:36.0860 4936 tmtdi ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0875 4936 C:\Windows\system32\DRIVERS\tssecsrv.sys - copied to quarantine
13:52:36.0875 4936 tssecsrv ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0907 4936 C:\Windows\system32\drivers\tsusbflt.sys - copied to quarantine
13:52:36.0907 4936 TsUsbFlt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0943 4936 C:\Windows\system32\drivers\TsUsbGD.sys - copied to quarantine
13:52:36.0944 4936 TsUsbGD ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0958 4936 C:\Windows\system32\DRIVERS\tunnel.sys - copied to quarantine
13:52:36.0958 4936 tunnel ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:36.0986 4936 C:\Windows\system32\DRIVERS\TurboB.sys - copied to quarantine
13:52:36.0987 4936 TurboB ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0001 4936 C:\Windows\system32\drivers\uagp35.sys - copied to quarantine
13:52:37.0002 4936 uagp35 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0048 4936 C:\Windows\system32\DRIVERS\udfs.sys - copied to quarantine
13:52:37.0048 4936 udfs ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0070 4936 C:\Windows\system32\drivers\uliagpkx.sys - copied to quarantine
13:52:37.0071 4936 uliagpkx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0082 4936 C:\Windows\system32\DRIVERS\umbus.sys - copied to quarantine
13:52:37.0082 4936 umbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0094 4936 C:\Windows\system32\drivers\umpass.sys - copied to quarantine
13:52:37.0094 4936 UmPass ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0114 4936 C:\Windows\system32\DRIVERS\usbccgp.sys - copied to quarantine
13:52:37.0114 4936 usbccgp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0126 4936 C:\Windows\system32\drivers\usbcir.sys - copied to quarantine
13:52:37.0126 4936 usbcir ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0139 4936 C:\Windows\system32\drivers\usbehci.sys - copied to quarantine
13:52:37.0140 4936 usbehci ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0158 4936 C:\Windows\system32\DRIVERS\usbhub.sys - copied to quarantine
13:52:37.0158 4936 usbhub ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0175 4936 C:\Windows\system32\drivers\usbohci.sys - copied to quarantine
13:52:37.0175 4936 usbohci ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0190 4936 C:\Windows\system32\drivers\usbprint.sys - copied to quarantine
13:52:37.0190 4936 usbprint ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0206 4936 C:\Windows\system32\drivers\USBSTOR.SYS - copied to quarantine
13:52:37.0206 4936 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0221 4936 C:\Windows\system32\drivers\usbuhci.sys - copied to quarantine
13:52:37.0221 4936 usbuhci ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0237 4936 C:\Windows\system32\Drivers\usbvideo.sys - copied to quarantine
13:52:37.0237 4936 usbvideo ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0253 4936 C:\Windows\system32\drivers\vdrvroot.sys - copied to quarantine
13:52:37.0253 4936 vdrvroot ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0268 4936 C:\Windows\system32\DRIVERS\vgapnp.sys - copied to quarantine
13:52:37.0268 4936 vga ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0284 4936 C:\Windows\System32\drivers\vga.sys - copied to quarantine
13:52:37.0284 4936 VgaSave ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0315 4936 C:\Windows\system32\drivers\vhdmp.sys - copied to quarantine
13:52:37.0315 4936 vhdmp ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0315 4936 C:\Windows\system32\drivers\viaide.sys - copied to quarantine
13:52:37.0315 4936 viaide ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0346 4936 C:\ExpressGateUtil\VAWinService.exe - copied to quarantine
13:52:37.0346 4936 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0346 4936 C:\Windows\system32\drivers\volmgr.sys - copied to quarantine
13:52:37.0346 4936 volmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0362 4936 C:\Windows\system32\drivers\volmgrx.sys - copied to quarantine
13:52:37.0362 4936 volmgrx ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0409 4936 C:\Windows\system32\drivers\volsnap.sys - copied to quarantine
13:52:37.0409 4936 volsnap ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0455 4936 C:\Windows\system32\drivers\vsmraid.sys - copied to quarantine
13:52:37.0455 4936 vsmraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0487 4936 C:\Windows\system32\DRIVERS\vwifibus.sys - copied to quarantine
13:52:37.0487 4936 vwifibus ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0502 4936 C:\Windows\system32\DRIVERS\vwififlt.sys - copied to quarantine
13:52:37.0502 4936 vwififlt ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0533 4936 C:\Windows\system32\drivers\wacompen.sys - copied to quarantine
13:52:37.0533 4936 WacomPen ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0549 4936 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
13:52:37.0549 4936 WANARP ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0565 4936 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
13:52:37.0565 4936 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0596 4936 C:\Windows\system32\drivers\wd.sys - copied to quarantine
13:52:37.0596 4936 Wd ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0627 4936 C:\Windows\system32\drivers\Wdf01000.sys - copied to quarantine
13:52:37.0627 4936 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0643 4936 C:\Windows\system32\DRIVERS\wfplwf.sys - copied to quarantine
13:52:37.0643 4936 WfpLwf ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0658 4936 C:\Windows\system32\DRIVERS\wimfltr.sys - copied to quarantine
13:52:37.0658 4936 WimFltr ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0689 4936 C:\Windows\system32\drivers\wimmount.sys - copied to quarantine
13:52:37.0689 4936 WIMMount ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0689 4936 C:\Windows\system32\DRIVERS\wmiacpi.sys - copied to quarantine
13:52:37.0689 4936 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0705 4936 C:\Windows\system32\drivers\ws2ifsl.sys - copied to quarantine
13:52:37.0705 4936 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0736 4936 C:\Windows\system32\drivers\WudfPf.sys - copied to quarantine
13:52:37.0736 4936 WudfPf ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:52:37.0767 4936 C:\Windows\system32\DRIVERS\WUDFRd.sys - copied to quarantine
13:52:37.0767 4936 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Quarantine
13:56:37.0334 4028 Deinitialize success

#4 Nitsua87

Nitsua87
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 September 2012 - 01:18 PM

Security Check Log:

Results of screen317's Security Check version 0.99.50
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Trend Micro Titanium Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 7 Update 5
Java version out of Date!
Adobe Flash Player 11.3.300.271 Flash Player out of Date!
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamgui.exe
Trend Micro Titanium TiMiniService.exe
Trend Micro Titanium TiResumeSrv.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


FSS Log

Farbar Service Scanner Version: 06-08-2012
Ran by Austin (administrator) on 08-09-2012 at 14:05:01
Running from "C:\Users\Austin\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys
[2009-07-13 19:21] - [2009-07-13 19:21] - 0024576 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\System32\drivers\nsiproxy.sys IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-08-17 05:35] - [2011-12-27 23:59] - 0498688 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\System32\drivers\afd.sys IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\drivers\tdx.sys
[2011-02-18 15:49] - [2010-11-20 05:21] - 0119296 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\System32\drivers\tdx.sys IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\Drivers\tcpip.sys
[2012-08-17 04:53] - [2012-03-30 07:35] - 1918320 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\System32\Drivers\tcpip.sys IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys
[2009-07-13 20:08] - [2009-07-13 20:08] - 0077312 ____A () D41D8CD98F00B204E9800998ECF8427E

ATTENTION!=====> C:\Windows\System32\drivers\mpsdrv.sys IS INFECTED AND SHOULD BE REPLACED.

C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

MiniToolBox Log

MiniToolBox by Farbar Version: 23-07-2012
Ran by Austin (administrator) on 08-09-2012 at 14:06:15
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9002WB-1NG Wireless Network Adapter = Wireless Network Connection (Connected)
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Austin-Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 14-DA-E9-0A-8D-16
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::400b:2409:ef01:9ea1%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.115(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 08, 2012 1:49:27 PM
Lease Expires . . . . . . . . . . : Sunday, September 09, 2012 1:49:27 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 336911081
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-BF-31-21-74-2F-68-38-23-1F
DNS Servers . . . . . . . . . . . : 205.152.37.23
205.152.150.23
NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Atheros AR9002WB-1NG Wireless Network Adapter
Physical Address. . . . . . . . . : 74-2F-68-38-23-1F
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::6cb5:9e2:bdd0:39c6%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.85(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, September 08, 2012 1:49:14 PM
Lease Expires . . . . . . . . . . : Sunday, September 09, 2012 1:49:15 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 242495336
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-BF-31-21-74-2F-68-38-23-1F
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{B7D89656-887F-4E9A-8CE1-39C62A5848B8}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.gateway.2wire.net:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : gateway.2wire.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:383a:264e:9dbd:28f7(Preferred)
Link-local IPv6 Address . . . . . : fe80::383a:264e:9dbd:28f7%15(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: dns.asm.bellsouth.net
Address: 205.152.37.23

Name: google.com
Addresses: 2001:4860:800a::64
74.125.134.100
74.125.134.101
74.125.134.102
74.125.134.113
74.125.134.138
74.125.134.139


Pinging google.com [74.125.130.139] with 32 bytes of data:
Reply from 74.125.130.139: bytes=32 time=20ms TTL=47
Reply from 74.125.130.139: bytes=32 time=19ms TTL=47

Ping statistics for 74.125.130.139:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 19ms, Maximum = 20ms, Average = 19ms
Server: dns.asm.bellsouth.net
Address: 205.152.37.23

Name: yahoo.com
Addresses: 72.30.38.140
98.138.253.109
98.139.183.24


Pinging yahoo.com [72.30.38.140] with 32 bytes of data:
Reply from 72.30.38.140: bytes=32 time=625ms TTL=50
Reply from 72.30.38.140: bytes=32 time=671ms TTL=50

Ping statistics for 72.30.38.140:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 625ms, Maximum = 671ms, Average = 648ms
Server: dns.asm.bellsouth.net
Address: 205.152.37.23

Name: bleepingcomputer.com
Address: 208.43.87.2


Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:
Reply from 208.43.87.2: Destination host unreachable.
Reply from 208.43.87.2: Destination host unreachable.

Ping statistics for 208.43.87.2:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...14 da e9 0a 8d 16 ......Realtek PCIe GBE Family Controller
11...74 2f 68 38 23 1f ......Atheros AR9002WB-1NG Wireless Network Adapter
1...........................Software Loopback Interface 1
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.85 25
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.115 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.85 281
192.168.1.0 255.255.255.0 On-link 192.168.1.115 276
192.168.1.85 255.255.255.255 On-link 192.168.1.85 281
192.168.1.115 255.255.255.255 On-link 192.168.1.115 276
192.168.1.255 255.255.255.255 On-link 192.168.1.85 281
192.168.1.255 255.255.255.255 On-link 192.168.1.115 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.115 276
224.0.0.0 240.0.0.0 On-link 192.168.1.85 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.115 276
255.255.255.255 255.255.255.255 On-link 192.168.1.85 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 58 ::/0 On-link
1 306 ::1/128 On-link
15 58 2001::/32 On-link
15 306 2001:0:9d38:953c:383a:264e:9dbd:28f7/128
On-link
12 276 fe80::/64 On-link
11 281 fe80::/64 On-link
15 306 fe80::/64 On-link
15 306 fe80::383a:264e:9dbd:28f7/128
On-link
12 276 fe80::400b:2409:ef01:9ea1/128
On-link
11 281 fe80::6cb5:9e2:bdd0:39c6/128
On-link
1 306 ff00::/8 On-link
15 306 ff00::/8 On-link
12 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/08/2012 02:04:23 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume OS (C:) was not defragmented because an error was encountered: Access is denied. (0x80070005)

Error: (09/08/2012 01:54:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmpnscfg.exe, version: 12.0.7600.16385, time stamp: 0x4a5bd026
Faulting module name: KERNELBASE.dll, version: 6.1.7601.17651, time stamp: 0x4e21213c
Exception code: 0xc06d007f
Fault offset: 0x000000000000cacd
Faulting process id: 0x1590
Faulting application start time: 0xwmpnscfg.exe0
Faulting application path: wmpnscfg.exe1
Faulting module path: wmpnscfg.exe2
Report Id: wmpnscfg.exe3

Error: (09/08/2012 01:51:51 PM) (Source: Software Protection Platform Service) (User: )
Description: The Software Protection service failed to start. 0xD0000022
6.1.7601.17514

Error: (09/08/2012 11:59:41 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (09/07/2012 02:58:30 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:30 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (09/08/2012 02:00:09 PM) (Source: Service Control Manager) (User: )
Description: The lvupdtio service failed to start due to the following error:
%%31

Error: (09/08/2012 02:00:08 PM) (Source: Service Control Manager) (User: )
Description: The lvupdtio service failed to start due to the following error:
%%31

Error: (09/08/2012 01:51:51 PM) (Source: Service Control Manager) (User: )
Description: The Software Protection service terminated with the following error:
%%5

Error: (09/08/2012 01:51:33 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%31

Error: (09/08/2012 01:51:33 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%31

Error: (09/08/2012 01:49:31 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avgtp

Error: (09/08/2012 01:49:19 PM) (Source: Service Control Manager) (User: )
Description: The tmactmon service depends on the tmevtmgr service which failed to start because of the following error:
%%31

Error: (09/08/2012 01:49:19 PM) (Source: Service Control Manager) (User: )
Description: The tmevtmgr service failed to start due to the following error:
%%31

Error: (09/08/2012 01:43:31 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053

Error: (09/08/2012 01:43:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.


Microsoft Office Sessions:
=========================
Error: (09/08/2012 02:04:23 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: OS (C:)Access is denied. (0x80070005)

Error: (09/08/2012 01:54:49 PM) (Source: Application Error)(User: )
Description: wmpnscfg.exe12.0.7600.163854a5bd026KERNELBASE.dll6.1.7601.176514e21213cc06d007f000000000000cacd159001cd8deb094c954dC:\Program Files\Windows Media Player\wmpnscfg.exeC:\Windows\system32\KERNELBASE.dll47d8e187-f9de-11e1-9dac-742f68352008

Error: (09/08/2012 01:51:51 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xD00000226.1.7601.17514

Error: (09/08/2012 11:59:41 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service)(User: )
Description: Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (09/07/2012 02:58:31 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (09/07/2012 02:58:30 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (09/07/2012 02:58:30 PM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog

Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


=========================== Installed Programs ============================

??????? Windows Live Mesh ActiveX ??(????) (Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (Version: 15.4.5722.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.271)
Adobe Flash Player 11 Plugin (Version: 11.3.300.271)
AIM 7
Alcor Micro USB Card Reader (Version: 1.8.17.26026)
Apple Application Support (Version: 2.1.9)
Apple Mobile Device Support (Version: 5.2.0.6)
Apple Software Update (Version: 2.1.3.127)
ASUS AI Recovery (Version: 1.0.13)
ASUS FancyStart (Version: 1.1.0)
ASUS LifeFrame3 (Version: 3.0.21)
ASUS Live Update (Version: 2.5.9)
ASUS Power4Gear Hybrid (Version: 1.1.44)
ASUS SmartLogon (Version: 1.0.0011)
ASUS Splendid Video Enhancement Technology (Version: 1.02.0031)
ASUS Video Magic (Version: 6.0.4710)
ASUS Virtual Camera (Version: 1.0.21)
ASUS WebStorage (Version: 3.0.84.161)
ASUS_Screensaver
AsusVibe2.0 (Version: 2.0.4.617)
Atheros Client Installation Program (Version: 7.0)
ATK Package (Version: 1.0.0008)
AVG Security Toolbar (Version: 12.2.0.5)
Bing Bar (Version: 7.0.610.0)
Bluetooth Win7 Suite (64) (Version: 7.2.0.65)
Bonjour (Version: 3.0.0.10)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (Version: 15.4.5722.2)
Control ActiveX de Windows Live Mesh para conexiones remotas (Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (Version: 15.4.5722.2)
CyberLink LabelPrint (Version: 2.5.1908)
CyberLink MediaEspresso (Version: 6.0.1123_32710)
CyberLink Power2Go (Version: 6.1.3602c)
CyberLink PowerDirector (Version: 8.0.3327)
CyberLink PowerDVD 10 (Version: 10.0.2312.52)
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Download Updater (AOL LLC)
ETDWare PS/2-x64 7.0.5.16_WHQL (Version: 7.0.5.16)
ExpressGate Cloud (Version: 2.1.88.405)
Fast Boot (Version: 1.0.9)
Fresco Logic USB3.0 Host Controller (Version: 3.0.116.3)
Funmoods Web Search
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922)
Galerie de photos Windows Live (Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (Version: 15.4.3502.0922)
Google Chrome (Version: 21.0.1180.83)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.115)
Intel® Control Center (Version: 1.2.1.1007)
Intel® Management Engine Components (Version: 7.0.0.1144)
Intel® Processor Graphics (Version: 8.15.10.2291)
Intel® Turbo Boost Technology Monitor 2.0 (Version: 2.1.23.0)
iTunes (Version: 10.6.3.25)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
JavaFX 2.1.1 (Version: 2.1.1)
Junk Mail filter update (Version: 15.4.3502.0922)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
MechWarrior Online (Version: 1.1.1.0)
Mesh Runtime (Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
Nuance PDF Reader (Version: 6.00.0041)
NVIDIA Control Panel 301.42 (Version: 301.42)
NVIDIA Graphics Driver 301.42 (Version: 301.42)
NVIDIA Install Application (Version: 2.1002.75.420)
NVIDIA Optimus 1.8.15 (Version: 1.8.15)
NVIDIA PhysX (Version: 9.12.0213)
NVIDIA PhysX System Software 9.12.0213 (Version: 9.12.0213)
NVIDIA Update 1.8.15 (Version: 1.8.15)
NVIDIA Update Components (Version: 1.8.15)
PDFlite 0.7 (Version: 0.7)
Realtek Ethernet Controller Driver (Version: 7.41.216.2011)
Realtek High Definition Audio Driver (Version: 6.0.1.6334)
RedMon - Redirection Port Monitor
SonicMaster (Version: 1.00.0000)
Steam (Version: 1.0.0.0)
syncables desktop SE (Version: 5.5.746.11492)
Team Fortress 2
Trend Micro Titanium Internet Security (Version: 3.0)
Trend Micro Titanium Internet Security (Version: 3.00)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
USB2.0 UVC 2M WebCam (Version: 5.8.55133.207)
VLC media player 2.0.3 (Version: 2.0.3)
Windows Live ??? (Version: 15.4.3502.0922)
Windows Live ???? (Version: 15.4.3502.0922)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3508.1109)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3508.1109)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
WinFlash (Version: 2.31.1)
WinRAR 4.20 (64-bit) (Version: 4.20.0)
Wireless Console 3 (Version: 3.0.19)
Yontoo 1.10.02 (Version: 1.10.02)

========================= Devices: ================================

Name: avgtp
Description: avgtp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avgtp
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: tmevtmgr
Description: tmevtmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tmevtmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 4007.08 MB
Available physical RAM: 2470.32 MB
Total Pagefile: 8012.35 MB
Available Pagefile: 6286.04 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.58 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:571.17 GB) (Free:489.87 GB) NTFS

========================= Users: ========================================

User accounts for \\AUSTIN-LAPTOP

Administrator Austin Guest
UpdatusUser

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================


**** End of log ****

#5 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:17 AM

Posted 08 September 2012 - 01:57 PM

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#6 Nitsua87

Nitsua87
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:07:17 PM

Posted 08 September 2012 - 02:21 PM

Started a new topic in Malware Removal. Thank you.

#7 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:12:17 AM

Posted 08 September 2012 - 02:52 PM

You're welcome. Good luck

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users