Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

btsearch and search.openmediasoft.com - webpage redirect


  • This topic is locked This topic is locked
91 replies to this topic

#1 pkseelam

pkseelam

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 06 December 2012 - 01:36 PM

I'm seeing that for the past few weeks my Internet Explorer (IE - not Chrome) is getting directed to a webpage search.openmediasoft.com. I've tried running malwarebytes and removing some trojans,etc. I've also removed the search.openmediasoft.com from the search options (it removes it but puts it back on once I'm out of the window). I'm seeing that this search engine is also in the Chrome browser. I've run the ComboFix and below is the log - PLEASE HELPPPPPPPPPP!!!!!!!!!!!!!


---------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------
ComboFix 12-11-29.02 - pseelam 11/29/2012 23:50:01.3.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8073.5691 [GMT -5:00]
Running from: c:\users\Pseelam\Desktop\bc\ComboFix.exe
AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\users\Pseelam\AppData\Local\assembly\tmp
c:\users\Pseelam\AppData\Roaming\Microsoft Corporation\2007 Microsoft Office system
c:\users\Pseelam\AppData\Roaming\Microsoft Corporation\2007 Microsoft Office system\12.0.6654.5003\QDToolbars.xml
c:\users\Pseelam\AppData\Roaming\Microsoft Corporation\2007 Microsoft Office system\12.0.6661.5000\QDToolbars.xml
c:\users\Pseelam\AppData\Roaming\Microsoft\AddIns\BiShared07AddinShim.dll
c:\users\Pseelam\g2mdlhlpx.exe
c:\windows\COUPon~1.ocx
c:\windows\Readme.txt
.
.
((((((((((((((((((((((((( Files Created from 2012-10-28 to 2012-11-30 )))))))))))))))))))))))))))))))
.
.
2012-11-30 05:00 . 2012-11-30 05:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-30 05:00 . 2012-11-30 05:00 -------- d-----w- c:\users\deploy\AppData\Local\temp
2012-11-30 05:00 . 2012-11-30 05:00 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-11-29 22:36 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{738CA60C-C14A-419F-B608-054FFD7C9899}\gapaengine.dll
2012-11-29 16:20 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{43BB72A5-E494-40F0-8923-1023FF7BD6D1}\mpengine.dll
2012-11-29 14:22 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-11-29 02:48 . 2012-11-29 02:48 -------- d-----w- c:\users\Pseelam\Lync Recordings
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync Information Dashboard
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\ConversationTranslator
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\Applications
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:28 -------- d-----w- c:\program files (x86)\OCSetup
2012-11-28 20:35 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-28 19:14 . 2012-11-28 19:14 -------- d-----w- c:\users\Pseelam\AppData\Roaming\SUPERAntiSpyware.com
2012-11-28 19:13 . 2012-11-28 19:14 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-11-28 19:13 . 2012-11-28 19:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-11-28 17:44 . 2012-11-28 17:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\SpeedyPC Software
2012-11-28 17:44 . 2012-11-28 17:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\DriverCure
2012-11-28 17:44 . 2012-11-28 17:47 -------- d-----w- c:\programdata\SpeedyPC Software
2012-11-28 17:15 . 2012-11-28 17:15 -------- d-----w- c:\users\Pseelam\AppData\Roaming\Anvisoft
2012-11-28 17:10 . 2012-11-07 07:16 17232 ----a-w- c:\windows\system32\drivers\asdws.sys
2012-11-28 17:10 . 2012-11-07 07:16 23376 ----a-w- c:\windows\system32\drivers\asdrs.sys
2012-11-28 17:10 . 2012-11-07 07:16 18768 ----a-w- c:\windows\system32\drivers\asdrm.sys
2012-11-28 17:10 . 2012-11-28 17:10 -------- d-----w- c:\programdata\Anvisoft
2012-11-28 17:10 . 2012-11-28 19:14 -------- d-----w- c:\program files (x86)\Anvi Smart Defender
2012-11-28 17:00 . 2012-11-28 17:00 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\users\Pseelam\AppData\Local\Evernote
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\program files (x86)\Evernote
2012-11-19 15:48 . 2012-11-19 15:48 -------- d-----w- c:\program files\Office Tab
2012-11-19 15:42 . 2012-11-19 15:48 -------- d-----w- c:\programdata\Licenses
2012-11-19 15:42 . 2012-11-19 15:42 -------- d-----w- c:\program files (x86)\Kutools for Excel
2012-11-19 15:28 . 2012-11-19 15:28 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
2012-11-17 19:32 . 2012-11-17 19:33 -------- d-----w- c:\program files (x86)\Photo to Cartoon
2012-11-11 13:32 . 2012-11-11 13:32 -------- d-----w- c:\program files (x86)\kidkeylock
2012-11-10 02:45 . 2012-11-10 02:45 -------- d-----w- c:\users\Pseelam\.pdfsam
2012-11-10 02:42 . 2012-11-10 02:42 -------- d-----w- c:\program files (x86)\neeviaPDF.com
2012-11-10 02:42 . 2012-11-10 02:42 -------- d-----w- c:\program files (x86)\PDFmerge
2012-11-10 02:17 . 2012-11-10 02:18 -------- d-----w- c:\users\Pseelam\AppData\Roaming\vlc
2012-11-10 02:17 . 2012-11-10 02:17 -------- d-----w- c:\program files (x86)\VideoLAN
2012-11-10 02:12 . 2012-11-11 20:52 -------- d-----w- c:\program files (x86)\YouTube Downloader
2012-11-10 02:08 . 2012-11-06 04:40 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2012-11-10 02:08 . 2012-11-06 04:39 47616 ----a-w- c:\windows\SysWow64\ff_acm.acm
2012-11-10 02:08 . 2012-11-10 02:08 -------- d-----w- c:\program files (x86)\ffdshow
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-12 14:17 . 2012-06-29 19:04 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-12 14:17 . 2012-03-20 02:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 23:54 . 2012-05-21 00:25 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-25 03:16 . 2012-10-20 15:04 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-19 14:02 . 2012-09-19 14:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 14:02 . 2012-09-19 14:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-17 20:50 . 2012-06-30 23:09 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-17 20:50 . 2012-02-10 03:07 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
2012-11-06 17:56 446464 ----a-w- c:\progra~2\YOUTUB~1\YouTube Downloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cisco Unified Personal Communicator"="c:\progra~2\CISCOS~1\CISCOU~1\CUPCK9.exe" [2010-01-13 10551296]
"googletalk"="c:\users\Pseelam\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Client Access Service"="c:\program files (x86)\IBM\Client Access\cwbsvstr.exe" [2010-04-12 14848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Everything"="c:\program files (x86)\Everything\Everything.exe" [2009-03-13 602624]
"YouTube Downloader_Helper"="c:\program files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe" [2012-11-06 1434112]
"Anvi Smart Defender"="c:\program files (x86)\Anvi Smart Defender\ASDTray.exe" [2012-11-15 1437464]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2010-10-22 11937552]
"DameWare MRC Agent"="c:\windows\SysWOW64\DWRCST.exe" [2010-08-06 85528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Microsoft Security Client"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
c:\users\Pseelam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-26 1017184]
Kid-Key-Lock.lnk - c:\program files (x86)\kidkeylock\bin\kidkeylock.exe [2012-11-11 1773568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-8-18 8709632]
CrashPlan Tray.lnk - c:\program files\CrashPlan\CrashPlanTray.exe [N/A]
Online plug-in.lnk - c:\windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2012-6-18 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"disablecad"= 1 (0x1)
"LogonType"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
"DontSetAutoplayCheckbox"= 1 (0x1)
"NoPublishingWizard"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2012-02-08 43888]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2012-02-08 74984]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-11-07 18768]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]
S1 dwvkbd;DameWare Virtual Keyboard 64 bit Driver;c:\windows\system32\DRIVERS\dwvkbd64.sys [2007-02-15 30720]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [2010-06-09 46392]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-08-18 8704]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-02-08 89600]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-11-07 23376]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvi Smart Defender\ASDSrv.exe [2012-11-15 701720]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-11-07 17232]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-11-10 73144]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2011-02-23 2061728]
S2 PfFilter;PfFilter;c:\program files (x86)\Protected Folder\pffilter.sys [2012-01-09 36792]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2012-02-08 292864]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2012-02-08 38440]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-08 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys [2012-02-08 72808]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2012-02-08 83560]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-29 14:17]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-11-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514Core.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
2012-11-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514UA.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-06-20 608112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-08 1128448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-08 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-08 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-08 419096]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-08-18 393216]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://btsearch.name
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: cloudapp.net\ConversationTranslator
Trusted Zone: crmondemand.com
Trusted Zone: dawnfoods.com
Trusted Zone: dawnfoods.com\teamsites
Trusted Zone: dell.com
Trusted Zone: dell.com\*.support
Trusted Zone: mastercard.com\sdol
Trusted Zone: microsoft.com
Trusted Zone: millerheiman.com
Trusted Zone: msu.edu\login
Trusted Zone: mysap.com\tcs
Trusted Zone: oracle.com
Trusted Zone: oracleoutsourcing.com
Trusted Zone: saleswebserver.net
Trusted Zone: sap-ag.de
Trusted Zone: sap-ag.de\websmp101
Trusted Zone: sap.com\mywts
Trusted Zone: sap.com\mywtstrainingphl
Trusted Zone: timelogweb
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-ADBlocker - c:\program files (x86)\Anvi Smart Defender\toolbox\adblocker\ADBlockerTray.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{031AFB00-725A-4EDE-9D27-A2B5FAC89E9A} - (no file)
AddRemove-Cisco Unified Presenter Add-in 6x5 - c:\users\Pseelam\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\ciscounifiedaddin6x5\ciscounifiedaddin6x5 -uninstall
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-30 00:03:24
ComboFix-quarantined-files.txt 2012-11-30 05:03
.
Pre-Run: 248,723,877,888 bytes free
Post-Run: 257,267,580,928 bytes free
.
- - End Of File - - 7EBC7B0BA0B9AECF9245EC7F7CCF3F7F
---------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------

Edit: Moved topic from Am I infected? What do I do? to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 06 December 2012 - 08:45 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 09 December 2012 - 02:21 PM

Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 10 December 2012 - 12:05 AM

Thank you so much. I didnot have the notification setup so didnt see your response. Please be patient as I navigate your steps and reply back....thanks.

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 10 December 2012 - 12:14 AM

No problem and see you soon



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 10 December 2012 - 10:42 PM

Hi,

I've completed the mentioned steps. Below are the log files (I know you didn't mention the other two log files but I've appended them anyway, just in case).

CHECKUP.TXT
-----------------------------------
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Forefront Endpoint Protection
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.1.1000
foundation.javalibs.classes-4.0-core-nu
cvom.java-4.0-en-nu
crystalreports.boe.sdkplugins.java.managedreports-4.0-core-nu
foundation.bcm.java.classes-4.0-core-nu
olap.oda.bpc.java-4.0-core-nu
crystalreports.boe.sdkplugins.java-4.0-core-nu
olap.oda.xmla_core.java-4.0-core-nu
platform.sdk.boe.java.jdedwards-4.0-core-nu
connectivity.connectionserver.client.cpp.java-4.0-core-nu
platform.sdk.boe.java.peoplesoft-4.0-core-nu
tp.apache.commons.java.classes-3.1-core-nu
tp.antlr.java-3.1.1-core-nu
crystalreports.partner.shared.java.siebel-4.0-core-nu
platform.sdk.boe.java.bundles-4.0-core-nu
JavaFX 2.1.1
crystalreports.designers.java.javadesigner-4.0-core-32
platform.sdk.boe.java.sap-4.0-core-nu
connectivity.boe.ccis.java-4.0-core-nu
tp.ibm.icu.java-3.8.1-core-nu
crystalreports.designers.java.documentation.designer-4.0-en-32
olap.oda.ea.java-4.0-core-nu
olap.oda.core.java-4.0-core-nu
platform.services.ras21.clientsdk.java-4.0-core-nu
foundation.javalibs-4.0-core-nu
Java 7 Update 9
product.crystalreportsjava.langpackproperty-4.0-en-nu
olap.oda.xmla_core.java-4.0-en-nu
platform.services.search.sdk.shared.java-4.0-core-nu
tp.json.java-1.0_sap.1-core-nu
connectivity.connectionserver.client.inproc.java-4.0-core-nu
repoaccess.extensions.ds_excel.java-4.0-core-nu
crystalreports.sdk.java.sdkcommon-4.0-core-nu
olap.oda.ssas2005.java-4.0-core-nu
olap.oda.pcm.java-4.0-core-nu
connectivity.connectionserver.client.java.cpp-4.0-core-32
repoaccess.cdztools.java-4.0-core-nu
foundation.bcm.java-4.0-core-nu
repoaccess.javasdk_repoaccess-4.0-core-nu
cvom.java.ui_helpers-4.0-core-nu
tp.apache.xerces.java-2.9.1-core-nu
informationengine.qt.drivers.javabean-4.0-core-nu
tp.apache.commons.java-3.1-core-nu
product.crystalreportsjava.eula-4.0-core-32
sdkbase.framework.java-4.0-core-nu
tp.apache.xerces.java-2.6.2-core-nu
crystalreports.partner.shared.java.jde-4.0-core-nu
repoaccess.container_plugins.java-4.0-core-nu
crystalreports.boe.sdkplugins.java.crlov-4.0-core-nu
repoaccess.repo_proxy.java-4.0-core-nu
crystalreports.designers.java.javaviewer-4.0-core-32
cvom.java.classes-4.0-en-nu
tp.apache.poi.java-3.5.0-core-nu
platform.sdk.boe.java.siebel.plugins_bundle-4.0-core-nu
repoaccess.repo_proxy_jni.java-4.0-core-nu
connectivity.connectionserver.drivers.javabean-4.0-core-nu
cvom.java.classes-4.0-core-nu
tools.astools.java-4.0-core-nu
tp.apache.xalan.java-2.5.2-core-nu
webi.cdp.cdsframework_dp.java-4.0-core-nu
crystalreports.designers.java.javaviewer-4.0-en-32
crystalreports.designers.java.launcher-4.0-core-32
datafederator.boe.client.java-4.0-en-nu
crystalreports.designers.java.documentation.viewer-4.0-en-32
connectivity.connectionserver.drivers.javabean-4.0-en-nu
webi.cdzsrv.lib.java-4.0-core-nu
platform.sdk.boe.java.pbds_full-4.0-core-nu
connectivity.connectionserver.ddk.java-4.0-core-nu
olap.oda.ssas2005.java-4.0-en-nu
tp.rsa.crypto.java-4.1-core-nu
platform.webservices.cons.dsws.javasdk-4.0-core-nu
olap.oda.api_services.java-4.0-core-nu
repoaccess.ctplugin.java.shared_classes-4.0-core-nu
tp.ooc.java-4.0.5-core-nu
connectivity.boe.connectsrv.authentication.java-4.0-core-nu
platform.sdk.boe.java.classes-4.0-core-nu
platform.services.ras21.clientsdk.java.pbd-4.0-core-nu
tp.apache.xalan.java.classes-2.5.2-core-nu
tp.ibm.icu.java.classes-3.8.1-core-nu
repoaccess.extensions_cvom.java-4.0-core-nu
tp.rsa.crypto.java.classes-4.1-core-nu
crystalreports.dataaccess.driver.javabeans-4.0-en-32
olap.oda.bicsprovider.java-4.0-en-nu
tp.ooc.java.bundle-4.0.5-core-nu
platform.sdk.boe.java.oracle-4.0-core-nu
platform.sdk.boe.java.pbds-4.0-core-nu
olap.oda.tom.java-4.0-core-nu
olap.oda.core.java-4.0-en-nu
platform.sdk.boe.java.oracle.plugins_bundle-4.0-core-nu
platform.library.common.authentication.jdedwards.java-4.0-core-nu
foundation.bcm.java.bundle-4.0-core-nu
connectivity.connectionserver.helpers.java-4.0-core-nu
repoaccess.container.java.shared_classes-4.0-core-nu
connectivity.connectionserver.client.extended.java-4.0-core-nu
connectivity.foundation.java-4.0-core-nu
tp.ooc.java.classes-4.0.5-core-nu
datafederator.boe.client.java-4.0-core-nu
repoaccess.container.java-4.0-core-nu
olap.oda.api.java-4.0-en-nu
repoaccess.container.admintool.java-4.0-core-nu
crystalreports.designers.java.javadesigner-4.0-en-32
foundation.javalibs.bundle-4.0-core-nu
platform.sdk.boe.java.jdedwards.plugins_bundle-4.0-core-nu
platform.sdk.boe.java.sap.plugins_bundle-4.0-core-nu
platform.sdk.boe.java-4.0-core-nu
crystalreports.dataaccess.driver.java-4.0-core-nu
foundation.tracelog.java.classes-4.0-core-nu
platform.sdk.boe.java.siebel-4.0-core-nu
crystalreports.boe.sdkplugins.java-4.0-en-nu
repoaccess.jnitools.java.shared_classes-4.0-core-nu
cvom.java-4.0-core-nu
datafederator.sourcedefiner.java-4.0-core-nu
tp.apache.xerces.java.classes-2.6.2-core-nu
repoaccess.repositoryproxyinterface.java-4.0-core-nu
foundation.tracelog.java-4.0-core-nu
informationengine.ieplugin.java-4.0-core-nu
crystalreports.sdk.java.repository-4.0-core-nu
product.crystalreportsjava.arp.icon-4.0-core-32
tp.sap.jco.java-3.0.8-core-nu
connectivity.boe.connectsrv.client.corba.java-4.0-core-nu
dsl.slproxy.slproxybridge.java-4.0-core-nu
platform.library.common.authentication.siebel.java-4.0-core-nu
tools.boe.wstk.java-4.0-core-nu
crystalreports.designers.java.launcher-4.0-core-32
Adobe Flash Player 11.4.402.287 Flash Player out of Date!
Adobe Reader 10.1.2 Adobe Reader out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Anvi Smart Defender ASDSrv.exe
Anvi Smart Defender ASDTray.exe
Common Files Microsoft Shared Microsoft Online Services MSOIDSVC.EXE
Common Files Microsoft Shared Microsoft Online Services MSOIDSvcm.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````







ADWCLEANER[S4].TXT
-----------------------------
# AdwCleaner v2.100 - Logfile created 12/10/2012 at 21:31:28
# Updated 09/12/2012 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (64 bits)
# User : pseelam - DAWNUSWX011438L
# Boot Mode : Normal
# Running from : C:\Users\Pseelam\Desktop\bc\New folder\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16450

[OK] Registry is clean.

-\\ Google Chrome v23.0.1271.95

File : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\Pseelam\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1243 octets] - [28/11/2012 14:12:41]
AdwCleaner[S4].txt - [857 octets] - [10/12/2012 21:31:28]

########## EOF - C:\AdwCleaner[S4].txt - [916 octets] ##########









RKreport[2]_D_12102012_02d2142
---------------------------------------------
RogueKiller V8.3.2 [Dec 10 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : pseelam [Admin rights]
Mode : Remove -- Date : 12/10/2012 21:42:40

Bad processes : 0

Registry Entries : 5
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


MBR Check:

+++++ PhysicalDrive0: ST9500423AS +++++
--- User ---
[MBR] cbb9d4d8f4b94b83d09e5b2a973a0bb8
[BSP] 33f945e72a3db296163e7bdd239f5727 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 476938 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12102012_02d2142.txt >>
RKreport[1]_S_12102012_02d2142.txt ; RKreport[2]_D_12102012_02d2142.txt






I checked the IE and it still redirects to btsearch/openmediasoft.com. Thanks in advance!!!

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 11 December 2012 - 01:19 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 11 December 2012 - 09:30 PM

I ran the Combofix but the first two times I ran it, it seemed to be stuck on the scan (in the blue screen at around stage 32 and 42), so I restarted the system and re-ran combofix to completion. Below is the log. It does not look like the problem is fixed - I'm still seeing the redirection to btsearch/openmediasoft.com. Please help me!!


COMBOFIX.TXT
--------------------------------------------------------
ComboFix 12-12-10.01 - pseelam 12/11/2012 21:14:55.5.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8073.6060 [GMT -5:00]
Running from: c:\users\Pseelam\Desktop\bc\New folder\ComboFix.exe
AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 02:22 . 2012-12-12 02:22 -------- d-----w- c:\users\deploy\AppData\Local\temp
2012-12-12 02:22 . 2012-12-12 02:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 02:22 . 2012-12-12 02:22 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-11 18:11 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3499AA1-3B03-4703-B53A-CD57D7919614}\gapaengine.dll
2012-12-11 18:03 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5D76C8FC-7824-4267-A714-5709CFB4C13D}\mpengine.dll
2012-12-11 14:25 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-10 05:13 . 2012-12-10 05:13 -------- d-----w- c:\program files (x86)\Photo to Cartoon
2012-12-06 01:44 . 2012-12-06 01:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\OfficeTab
2012-11-29 02:48 . 2012-11-29 02:48 -------- d-----w- c:\users\Pseelam\Lync Recordings
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync Information Dashboard
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\ConversationTranslator
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\Applications
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:28 -------- d-----w- c:\program files (x86)\OCSetup
2012-11-28 20:35 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-28 19:14 . 2012-11-28 19:14 -------- d-----w- c:\users\Pseelam\AppData\Roaming\SUPERAntiSpyware.com
2012-11-28 19:13 . 2012-11-28 19:14 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-11-28 19:13 . 2012-11-28 19:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-11-28 17:44 . 2012-11-28 17:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\SpeedyPC Software
2012-11-28 17:44 . 2012-11-28 17:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\DriverCure
2012-11-28 17:44 . 2012-11-28 17:47 -------- d-----w- c:\programdata\SpeedyPC Software
2012-11-28 17:15 . 2012-11-28 17:15 -------- d-----w- c:\users\Pseelam\AppData\Roaming\Anvisoft
2012-11-28 17:10 . 2012-11-07 07:16 17232 ----a-w- c:\windows\system32\drivers\asdws.sys
2012-11-28 17:10 . 2012-11-07 07:16 23376 ----a-w- c:\windows\system32\drivers\asdrs.sys
2012-11-28 17:10 . 2012-11-07 07:16 18768 ----a-w- c:\windows\system32\drivers\asdrm.sys
2012-11-28 17:10 . 2012-11-28 17:10 -------- d-----w- c:\programdata\Anvisoft
2012-11-28 17:10 . 2012-11-28 19:14 -------- d-----w- c:\program files (x86)\Anvi Smart Defender
2012-11-28 17:00 . 2012-11-28 17:00 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\users\Pseelam\AppData\Local\Evernote
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\program files (x86)\Evernote
2012-11-19 15:42 . 2012-11-19 15:48 -------- d-----w- c:\programdata\Licenses
2012-11-19 15:42 . 2012-11-19 15:42 -------- d-----w- c:\program files (x86)\Kutools for Excel
2012-11-19 15:28 . 2012-11-19 15:28 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-06 04:40 . 2012-11-10 02:08 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2012-11-06 04:39 . 2012-11-10 02:08 47616 ----a-w- c:\windows\SysWow64\ff_acm.acm
2012-10-12 14:17 . 2012-06-29 19:04 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-12 14:17 . 2012-03-20 02:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 23:54 . 2012-05-21 00:25 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-25 03:16 . 2012-10-20 15:04 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-19 14:02 . 2012-09-19 14:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 14:02 . 2012-09-19 14:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-17 20:50 . 2012-06-30 23:09 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-17 20:50 . 2012-02-10 03:07 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
2012-11-06 17:56 446464 ----a-w- c:\progra~2\YOUTUB~1\YouTube Downloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Pseelam\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Client Access Service"="c:\program files (x86)\IBM\Client Access\cwbsvstr.exe" [2010-04-12 14848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Everything"="c:\program files (x86)\Everything\Everything.exe" [2009-03-13 602624]
"YouTube Downloader_Helper"="c:\program files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe" [2012-11-06 1434112]
"Anvi Smart Defender"="c:\program files (x86)\Anvi Smart Defender\ASDTray.exe" [2012-11-15 1437464]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2010-10-22 11937552]
"DameWare MRC Agent"="c:\windows\SysWOW64\DWRCST.exe" [2010-08-06 85528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Microsoft Security Client"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
c:\users\Pseelam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-26 1017184]
Kid-Key-Lock.lnk - c:\program files (x86)\kidkeylock\bin\kidkeylock.exe [2012-11-11 1773568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Online plug-in.lnk - c:\windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2012-6-18 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"disablecad"= 1 (0x1)
"LogonType"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
"DontSetAutoplayCheckbox"= 1 (0x1)
"NoPublishingWizard"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2012-02-08 43888]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2012-02-08 74984]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-11-07 18768]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]
S1 dwvkbd;DameWare Virtual Keyboard 64 bit Driver;c:\windows\system32\DRIVERS\dwvkbd64.sys [2007-02-15 30720]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [2010-06-09 46392]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-08-18 8704]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-02-08 89600]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-11-07 23376]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvi Smart Defender\ASDSrv.exe [2012-11-15 701720]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-11-07 17232]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-11-10 73144]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2011-02-23 2061728]
S2 PfFilter;PfFilter;c:\program files (x86)\Protected Folder\pffilter.sys [2012-01-09 36792]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2012-02-08 292864]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2012-02-08 38440]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-08 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys [2012-02-08 72808]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2012-02-08 83560]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-29 14:17]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514Core.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514UA.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-06-20 608112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-08 1128448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-08 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-08 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-08 419096]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://btsearch.name
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: cloudapp.net\ConversationTranslator
Trusted Zone: crmondemand.com
Trusted Zone: dawnfoods.com
Trusted Zone: dawnfoods.com\teamsites
Trusted Zone: dell.com
Trusted Zone: dell.com\*.support
Trusted Zone: mastercard.com\sdol
Trusted Zone: microsoft.com
Trusted Zone: millerheiman.com
Trusted Zone: msu.edu\login
Trusted Zone: mysap.com\tcs
Trusted Zone: oracle.com
Trusted Zone: oracleoutsourcing.com
Trusted Zone: saleswebserver.net
Trusted Zone: sap-ag.de
Trusted Zone: sap-ag.de\websmp101
Trusted Zone: sap.com\mywts
Trusted Zone: sap.com\mywtstrainingphl
Trusted Zone: timelogweb
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{031AFB00-725A-4EDE-9D27-A2B5FAC89E9A} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-11 21:25:20
ComboFix-quarantined-files.txt 2012-12-12 02:25
ComboFix2.txt 2012-11-30 05:03
.
Pre-Run: 260,134,371,328 bytes free
Post-Run: 259,834,761,216 bytes free
.
- - End Of File - - 118C1A9996B6878AFAA8D01366D5CF33

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 11 December 2012 - 09:39 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 11 December 2012 - 11:16 PM

It says "Your post was too long. Please go back and shorten it a little." for the TDSSKiller log. So, I split it into three parts below.

I'm able to attach the aswMBR log in one go here.....

================================
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-11 22:33:45
-----------------------------
22:33:45.606 OS Version: Windows x64 6.1.7601 Service Pack 1
22:33:45.606 Number of processors: 4 586 0x2A07
22:33:45.606 ComputerName: DAWNUSWX011438L UserName: pseelam
22:33:49.647 Initialize success
22:36:06.043 AVAST engine defs: 12121101
22:37:06.135 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:37:06.135 Disk 0 Vendor: ST950042 0002 Size: 476940MB BusType: 3
22:37:06.166 Disk 0 MBR read successfully
22:37:06.166 Disk 0 MBR scan
22:37:06.181 Disk 0 Windows 7 default MBR code
22:37:06.181 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476938 MB offset 2048
22:37:06.259 Disk 0 scanning C:\Windows\system32\drivers
22:37:21.440 Service scanning
22:37:52.342 Modules scanning
22:37:52.358 Disk 0 trace - called modules:
22:37:52.374 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
22:37:52.379 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800937a060]
22:37:52.384 3 CLASSPNP.SYS[fffff88001a3d43f] -> nt!IofCallDriver -> [0xfffffa8007428e40]
22:37:52.719 5 ACPI.sys[fffff88000f2f7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800742b050]
22:37:54.125 AVAST engine scan C:\Windows
22:38:03.796 AVAST engine scan C:\Windows\system32
22:41:57.886 AVAST engine scan C:\Windows\system32\drivers
22:42:16.356 AVAST engine scan C:\Users\Pseelam
23:01:30.211 File: C:\Users\Pseelam\Downloads\Lotto Books, Lotto Programs and bunch of Poker and Blackjack Books\Lottery Programs\Lotto.Pro.2009.v7.50.Cracked-DJiNN\Crack\lotpro2000.exe **INFECTED** Win32:Malware-gen
23:02:07.977 AVAST engine scan C:\ProgramData
23:05:41.741 Scan finished successfully
23:09:02.732 Disk 0 MBR has been saved successfully to "C:\Users\Pseelam\Desktop\bc\New folder\MBR.dat"
23:09:02.785 The log file has been saved successfully to "C:\Users\Pseelam\Desktop\bc\New folder\aswMBR.txt"

Edited by pkseelam, 11 December 2012 - 11:28 PM.


#11 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 11 December 2012 - 11:24 PM

TDSS Killer - log part 1
-----------------------

[size="6"][size="1"]22:28:24.0639 4008 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:28:25.0188 4008 ============================================================
22:28:25.0188 4008 Current date / time: 2012/12/11 22:28:25.0188
22:28:25.0188 4008 SystemInfo:
22:28:25.0188 4008
22:28:25.0188 4008 OS Version: 6.1.7601 ServicePack: 1.0
22:28:25.0189 4008 Product type: Workstation
22:28:25.0189 4008 ComputerName: DAWNUSWX011438L
22:28:25.0189 4008 UserName: pseelam
22:28:25.0189 4008 Windows directory: C:\Windows
22:28:25.0189 4008 System windows directory: C:\Windows
22:28:25.0189 4008 Running under WOW64
22:28:25.0189 4008 Processor architecture: Intel x64
22:28:25.0189 4008 Number of processors: 4
22:28:25.0189 4008 Page size: 0x1000
22:28:25.0189 4008 Boot type: Normal boot
22:28:25.0189 4008 ============================================================
22:28:25.0601 4008 BG loaded
22:28:25.0888 4008 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:28:25.0904 4008 ============================================================
22:28:25.0904 4008 \Device\Harddisk0\DR0:
22:28:25.0904 4008 MBR partitions:
22:28:25.0904 4008 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
22:28:25.0904 4008 ============================================================
22:28:25.0935 4008 C: <-> \Device\Harddisk0\DR0\Partition1
22:28:25.0935 4008 ============================================================
22:28:25.0935 4008 Initialize success
22:28:25.0935 4008 ============================================================
22:28:33.0392 2548 ============================================================
22:28:33.0392 2548 Scan started
22:28:33.0392 2548 Mode: Manual; SigCheck; TDLFS;
22:28:33.0392 2548 ============================================================
22:28:33.0532 2548 ================ Scan system memory ========================
22:28:33.0532 2548 System memory - ok
22:28:33.0532 2548 ================ Scan services =============================
22:28:33.0641 2548 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
22:28:33.0704 2548 !SASCORE - ok
22:28:33.0797 2548 [ EC39F1D7AEE1F9C5ED803283196F8691 ] #UpdateService C:\Program Files\Box Sync\UpdateService.exe
22:28:33.0813 2548 #UpdateService ( UnsignedFile.Multi.Generic ) - warning
22:28:33.0813 2548 #UpdateService - detected UnsignedFile.Multi.Generic (1)
22:28:34.0016 2548 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
22:28:34.0031 2548 1394ohci - ok
22:28:34.0047 2548 [ 3E58933198689F24CFA6ED4B93A80DEB ] Acceler C:\Windows\system32\drivers\Accelern.sys
22:28:34.0062 2548 Acceler - ok
22:28:34.0094 2548 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:28:34.0094 2548 ACPI - ok
22:28:34.0109 2548 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
22:28:34.0125 2548 AcpiPmi - ok
22:28:34.0218 2548 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:28:34.0234 2548 AdobeARMservice - ok
22:28:34.0312 2548 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:28:34.0343 2548 AdobeFlashPlayerUpdateSvc - ok
22:28:34.0390 2548 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:28:34.0406 2548 adp94xx - ok
22:28:34.0437 2548 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:28:34.0452 2548 adpahci - ok
22:28:34.0484 2548 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:28:34.0484 2548 adpu320 - ok
22:28:34.0515 2548 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:28:34.0546 2548 AeLookupSvc - ok
22:28:34.0577 2548 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
22:28:34.0608 2548 AESTFilters - ok
22:28:34.0655 2548 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
22:28:34.0671 2548 AFD - ok
22:28:34.0702 2548 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:28:34.0702 2548 agp440 - ok
22:28:34.0733 2548 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:28:34.0733 2548 ALG - ok
22:28:34.0764 2548 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
22:28:34.0764 2548 aliide - ok
22:28:34.0780 2548 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
22:28:34.0796 2548 amdide - ok
22:28:34.0811 2548 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
22:28:34.0827 2548 AmdK8 - ok
22:28:34.0842 2548 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
22:28:34.0858 2548 AmdPPM - ok
22:28:34.0874 2548 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:28:34.0889 2548 amdsata - ok
22:28:34.0905 2548 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:28:34.0905 2548 amdsbs - ok
22:28:34.0920 2548 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:28:34.0936 2548 amdxata - ok
22:28:34.0967 2548 [ E4F6A272A696B6442E5C84EC470E3676 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:28:34.0967 2548 ApfiltrService - ok
22:28:34.0998 2548 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
22:28:35.0014 2548 AppID - ok
22:28:35.0045 2548 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:28:35.0076 2548 AppIDSvc - ok
22:28:35.0108 2548 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
22:28:35.0139 2548 Appinfo - ok
22:28:35.0170 2548 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
22:28:35.0186 2548 AppMgmt - ok
22:28:35.0201 2548 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
22:28:35.0201 2548 arc - ok
22:28:35.0217 2548 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:28:35.0232 2548 arcsas - ok
22:28:35.0310 2548 [ 44837F1CB5BD166A7BD8869F9E86E907 ] asdrm C:\Windows\system32\DRIVERS\asdrm.sys
22:28:35.0326 2548 asdrm - ok
22:28:35.0342 2548 [ 88390FE440DCC3F10556AE41F4EDFCA1 ] asdrs C:\Windows\system32\DRIVERS\asdrs.sys
22:28:35.0357 2548 asdrs - ok
22:28:35.0435 2548 [ 86D4ABC1B01D39C810E14D54C2D6AEE1 ] asdsrv C:\Program Files (x86)\Anvi Smart Defender\ASDSrv.exe
22:28:35.0466 2548 asdsrv - ok
22:28:35.0466 2548 [ 2D6D1BCBE6B7D0688681CE71C4A4C828 ] asdws C:\Windows\system32\DRIVERS\asdws.sys
22:28:35.0482 2548 asdws - ok
22:28:35.0810 2548 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:28:35.0825 2548 aspnet_state - ok
22:28:35.0856 2548 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:28:35.0888 2548 AsyncMac - ok
22:28:35.0919 2548 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
22:28:35.0934 2548 atapi - ok
22:28:35.0950 2548 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:28:35.0981 2548 AudioEndpointBuilder - ok
22:28:35.0997 2548 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:28:36.0028 2548 AudioSrv - ok
22:28:36.0075 2548 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:28:36.0106 2548 AxInstSV - ok
22:28:36.0137 2548 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:28:36.0153 2548 b06bdrv - ok
22:28:36.0200 2548 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:28:36.0231 2548 b57nd60a - ok
22:28:36.0262 2548 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:28:36.0262 2548 BDESVC - ok
22:28:36.0278 2548 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:28:36.0293 2548 Beep - ok
22:28:36.0324 2548 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
22:28:36.0356 2548 BFE - ok
22:28:36.0387 2548 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
22:28:36.0418 2548 BITS - ok
22:28:36.0418 2548 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:28:36.0434 2548 blbdrive - ok
22:28:36.0449 2548 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:28:36.0449 2548 bowser - ok
22:28:36.0480 2548 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
22:28:36.0496 2548 BrFiltLo - ok
22:28:36.0496 2548 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
22:28:36.0512 2548 BrFiltUp - ok
22:28:36.0558 2548 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
22:28:36.0621 2548 BridgeMP - ok
22:28:36.0746 2548 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
22:28:36.0777 2548 Browser - ok
22:28:36.0808 2548 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:28:36.0824 2548 Brserid - ok
22:28:36.0839 2548 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:28:36.0855 2548 BrSerWdm - ok
22:28:36.0870 2548 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:28:36.0886 2548 BrUsbMdm - ok
22:28:36.0902 2548 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:28:36.0917 2548 BrUsbSer - ok
22:28:36.0948 2548 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
22:28:36.0964 2548 BthEnum - ok
22:28:36.0980 2548 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
22:28:36.0995 2548 BTHMODEM - ok
22:28:37.0011 2548 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:28:37.0026 2548 BthPan - ok
22:28:37.0058 2548 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:28:37.0089 2548 BTHPORT - ok
22:28:37.0104 2548 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:28:37.0151 2548 bthserv - ok
22:28:37.0151 2548 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:28:37.0167 2548 BTHUSB - ok
22:28:37.0198 2548 [ 3DEF2370E414B4E299673558BA171A51 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
22:28:37.0198 2548 btwavdt - ok
22:28:37.0214 2548 [ 9937E0E4DFC0030560A6DFE9D3A94B39 ] btwrchid C:\Windows\system32\drivers\btwrchid.sys
22:28:37.0229 2548 btwrchid - ok
22:28:37.0370 2548 catchme - ok
22:28:37.0401 2548 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] CAXHWAZL C:\Windows\system32\DRIVERS\CAXHWAZL.sys
22:28:37.0416 2548 CAXHWAZL - ok
22:28:37.0463 2548 [ A454A9BAA25B8C8E76735DD86BD4B017 ] CcmExec C:\Windows\SysWOW64\CCM\CcmExec.exe
22:28:37.0494 2548 CcmExec - ok
22:28:37.0510 2548 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:28:37.0541 2548 cdfs - ok
22:28:37.0572 2548 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:28:37.0572 2548 cdrom - ok
22:28:37.0604 2548 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
22:28:37.0619 2548 CertPropSvc - ok
22:28:37.0635 2548 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
22:28:37.0650 2548 circlass - ok
22:28:37.0666 2548 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:28:37.0682 2548 CLFS - ok
22:28:37.0822 2548 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:28:37.0838 2548 clr_optimization_v2.0.50727_32 - ok
22:28:37.0947 2548 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:28:37.0978 2548 clr_optimization_v2.0.50727_64 - ok
22:28:38.0009 2548 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:28:38.0025 2548 clr_optimization_v4.0.30319_32 - ok
22:28:38.0321 2548 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:28:38.0337 2548 clr_optimization_v4.0.30319_64 - ok
22:28:38.0368 2548 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:28:38.0384 2548 CmBatt - ok
22:28:38.0399 2548 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
22:28:38.0399 2548 cmdide - ok
22:28:38.0446 2548 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
22:28:38.0477 2548 CNG - ok
22:28:38.0508 2548 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
22:28:38.0508 2548 Compbatt - ok
22:28:38.0540 2548 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:28:38.0540 2548 CompositeBus - ok
22:28:38.0555 2548 COMSysApp - ok
22:28:38.0571 2548 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
22:28:38.0586 2548 crcdisk - ok
22:28:38.0633 2548 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:28:38.0633 2548 CryptSvc - ok
22:28:38.0649 2548 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
22:28:38.0649 2548 CSC - ok
22:28:38.0680 2548 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
22:28:38.0696 2548 CscService - ok
22:28:38.0742 2548 [ EB7439918F3E04B51CD8822FD8C8E018 ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
22:28:38.0774 2548 ctxusbm - ok
22:28:38.0789 2548 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
22:28:38.0805 2548 CVirtA - ok
22:28:38.0883 2548 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
22:28:38.0930 2548 CVPND - ok
22:28:38.0976 2548 [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
22:28:38.0992 2548 CVPNDRVA - ok
22:28:39.0023 2548 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
22:28:39.0023 2548 cvusbdrv - ok
22:28:39.0054 2548 [ 80A594258A275D22A2379713161E5457 ] Cwbrxd C:\Windows\cwbrxd.exe
22:28:39.0054 2548 Cwbrxd ( UnsignedFile.Multi.Generic ) - warning
22:28:39.0054 2548 Cwbrxd - detected UnsignedFile.Multi.Generic (1)
22:28:39.0086 2548 [ C7259495924D21F1AFA26467D9F4DAE0 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
22:28:39.0101 2548 dc3d - ok
22:28:39.0148 2548 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:28:39.0164 2548 DcomLaunch - ok
22:28:39.0195 2548 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:28:39.0226 2548 defragsvc - ok
22:28:39.0242 2548 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:28:39.0257 2548 DfsC - ok
22:28:39.0304 2548 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:28:39.0304 2548 dg_ssudbus - ok
22:28:39.0335 2548 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
22:28:39.0351 2548 Dhcp - ok
22:28:39.0366 2548 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:28:39.0398 2548 discache - ok
22:28:39.0429 2548 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
22:28:39.0444 2548 Disk - ok
22:28:39.0460 2548 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
22:28:39.0476 2548 dmvsc - ok
22:28:39.0507 2548 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
22:28:39.0507 2548 DNE - ok
22:28:39.0522 2548 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:28:39.0538 2548 Dnscache - ok
22:28:39.0554 2548 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
22:28:39.0585 2548 dot3svc - ok
22:28:39.0585 2548 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
22:28:39.0616 2548 DPS - ok
22:28:39.0647 2548 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:28:39.0647 2548 drmkaud - ok
22:28:39.0694 2548 [ 0040A0132AAC1004E50055F8FBB14C08 ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
22:28:39.0694 2548 dsNcAdpt - ok
22:28:39.0756 2548 [ F383B60E7468D613990F8ACA59269573 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
22:28:39.0788 2548 dsNcService - ok
22:28:39.0819 2548 DWMRCS - ok
22:28:39.0834 2548 [ FAAE299FBF42029E55657F61F55533D3 ] dwvkbd C:\Windows\system32\DRIVERS\dwvkbd64.sys
22:28:39.0850 2548 dwvkbd - ok
22:28:39.0881 2548 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:28:39.0912 2548 DXGKrnl - ok
22:28:39.0944 2548 [ 60633132A929C09FE78FAB16541F9E71 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
22:28:39.0944 2548 e1cexpress - ok
22:28:39.0975 2548 [ 1FE13464B5544A0276FCC9EEF626FFDB ] E1G60 C:\Windows\system32\DRIVERS\e1g6032e.sys
22:28:39.0990 2548 E1G60 - ok
22:28:40.0037 2548 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:28:40.0053 2548 EapHost - ok
22:28:40.0131 2548 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:28:40.0162 2548 ebdrv - ok
22:28:40.0209 2548 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
22:28:40.0240 2548 EFS - ok
22:28:40.0287 2548 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:28:40.0318 2548 ehRecvr - ok
22:28:40.0334 2548 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:28:40.0349 2548 ehSched - ok
22:28:40.0380 2548 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
22:28:40.0396 2548 elxstor - ok
22:28:40.0412 2548 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
22:28:40.0427 2548 ErrDev - ok
22:28:40.0458 2548 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:28:40.0505 2548 EventSystem - ok
22:28:40.0521 2548 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:28:40.0552 2548 exfat - ok
22:28:40.0568 2548 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:28:40.0599 2548 fastfat - ok
22:28:40.0630 2548 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
22:28:40.0646 2548 Fax - ok
22:28:40.0646 2548 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
22:28:40.0661 2548 fdc - ok
22:28:40.0692 2548 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:28:40.0708 2548 fdPHost - ok
22:28:40.0724 2548 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:28:40.0739 2548 FDResPub - ok
22:28:40.0770 2548 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:28:40.0786 2548 FileInfo - ok
22:28:40.0786 2548 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:28:40.0802 2548 Filetrace - ok
22:28:40.0833 2548 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
22:28:40.0833 2548 flpydisk - ok
22:28:40.0848 2548 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:28:40.0864 2548 FltMgr - ok
22:28:40.0895 2548 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
22:28:40.0911 2548 FontCache - ok
22:28:40.0942 2548 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:28:40.0942 2548 FontCache3.0.0.0 - ok
22:28:40.0958 2548 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:28:40.0958 2548 FsDepends - ok
22:28:41.0004 2548 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
22:28:41.0004 2548 fssfltr - ok
22:28:41.0067 2548 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:28:41.0114 2548 fsssvc - ok
22:28:41.0145 2548 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:28:41.0160 2548 Fs_Rec - ok
22:28:41.0192 2548 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:28:41.0192 2548 fvevol - ok
22:28:41.0207 2548 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:28:41.0223 2548 gagp30kx - ok
22:28:41.0254 2548 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
22:28:41.0285 2548 gpsvc - ok
22:28:41.0332 2548 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:28:41.0348 2548 gupdate - ok
22:28:41.0363 2548 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:28:41.0379 2548 gupdatem - ok
22:28:41.0394 2548 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:28:41.0410 2548 hcw85cir - ok
22:28:41.0441 2548 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:28:41.0472 2548 HdAudAddService - ok
22:28:41.0488 2548 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:28:41.0504 2548 HDAudBus - ok
22:28:41.0519 2548 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
22:28:41.0535 2548 HidBatt - ok
22:28:41.0550 2548 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
22:28:41.0566 2548 HidBth - ok
22:28:41.0582 2548 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
22:28:41.0597 2548 HidIr - ok
22:28:41.0613 2548 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
22:28:41.0644 2548 hidserv - ok
22:28:41.0660 2548 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:28:41.0675 2548 HidUsb - ok
22:28:41.0691 2548 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:28:41.0706 2548 hkmsvc - ok
22:28:41.0722 2548 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:28:41.0738 2548 HomeGroupListener - ok
22:28:41.0753 2548 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:28:41.0769 2548 HomeGroupProvider - ok
22:28:41.0800 2548 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:28:41.0816 2548 HpSAMD - ok
22:28:41.0847 2548 [ 447256D1C026654C5CD3CC17E7B20631 ] HsfXAudioService C:\Windows\SysWOW64\XAudio64.dll
22:28:41.0847 2548 HsfXAudioService - ok
22:28:41.0894 2548 [ 26C5D00321937E49B6BC91029947D094 ] HSF_DPV C:\Windows\system32\DRIVERS\CAX_DPV.sys
22:28:41.0940 2548 HSF_DPV - ok
22:28:41.0972 2548 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:28:42.0018 2548 HTTP - ok
22:28:42.0034 2548 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:28:42.0050 2548 hwpolicy - ok
22:28:42.0065 2548 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:28:42.0081 2548 i8042prt - ok
22:28:42.0096 2548 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\drivers\iaStor.sys
22:28:42.0112 2548 iaStor - ok
22:28:42.0143 2548 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:28:42.0143 2548 iaStorV - ok
22:28:42.0206 2548 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:28:42.0237 2548 idsvc - ok
22:28:42.0455 2548 [ 370C2A8629B30F910F740387795DDC6F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:28:42.0549 2548 igfx - ok
22:28:42.0564 2548 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:28:42.0580 2548 iirsp - ok
22:28:42.0611 2548 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
22:28:42.0658 2548 IKEEXT - ok
22:28:42.0689 2548 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:28:42.0689 2548 IntcDAud - ok
22:28:42.0720 2548 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
22:28:42.0720 2548 intelide - ok
22:28:42.0752 2548 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:28:42.0752 2548 intelppm - ok
22:28:42.0767 2548 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:28:42.0798 2548 IPBusEnum - ok
22:28:42.0814 2548 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:28:42.0830 2548 IpFilterDriver - ok
22:28:42.0876 2548 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:28:42.0939 2548 iphlpsvc - ok
22:28:42.0970 2548 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
22:28:43.0001 2548 IPMIDRV - ok
22:28:43.0017 2548 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:28:43.0064 2548 IPNAT - ok
22:28:43.0110 2548 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:28:43.0126 2548 IRENUM - ok
22:28:43.0126 2548 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:28:43.0142 2548 isapnp - ok
22:28:43.0157 2548 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
22:28:43.0157 2548 iScsiPrt - ok
22:28:43.0204 2548 [ E1478A46C23800101ABE17A8FA5E6C51 ] Jasmio.MediaCenter.Service C:\Program Files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe
22:28:43.0204 2548 Jasmio.MediaCenter.Service - ok
22:28:43.0235 2548 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:28:43.0235 2548 kbdclass - ok
22:28:43.0266 2548 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:28:43.0298 2548 kbdhid - ok
22:28:43.0298 2548 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
22:28:43.0313 2548 KeyIso - ok
22:28:43.0344 2548 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:28:43.0360 2548 KSecDD - ok
22:28:43.0391 2548 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:28:43.0391 2548 KSecPkg - ok
22:28:43.0422 2548 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:28:43.0454 2548 ksthunk - ok
22:28:43.0469 2548 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:28:43.0500 2548 KtmRm - ok
22:28:43.0532 2548 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
22:28:43.0563 2548 LanmanServer - ok
22:28:43.0578 2548 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:28:43.0610 2548 LanmanWorkstation - ok
22:28:43.0641 2548 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:28:43.0656 2548 lltdio - ok
22:28:43.0688 2548 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:28:43.0703 2548 lltdsvc - ok
22:28:43.0734 2548 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:28:43.0750 2548 lmhosts - ok
22:28:43.0766 2548 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
22:28:43.0781 2548 LSI_FC - ok
22:28:43.0797 2548 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:28:43.0797 2548 LSI_SAS - ok
22:28:43.0812 2548 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:28:43.0828 2548 LSI_SAS2 - ok
22:28:43.0844 2548 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:28:43.0844 2548 LSI_SCSI - ok
22:28:43.0875 2548 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:28:43.0890 2548 luafv - ok
22:28:43.0953 2548 [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:28:43.0968 2548 MBAMProtector - ok
22:28:44.0046 2548 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:28:44.0078 2548 MBAMScheduler - ok
22:28:44.0124 2548 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:28:44.0140 2548 MBAMService - ok
22:28:44.0171 2548 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:28:44.0187 2548 Mcx2Svc - ok
22:28:44.0202 2548 [ E4F44EC214B3E381E1FC844A02926666 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
22:28:44.0218 2548 mdmxsdk - ok
22:28:44.0218 2548 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
22:28:44.0234 2548 megasas - ok
22:28:44.0265 2548 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:28:44.0265 2548 MegaSR - ok
22:28:44.0312 2548 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:28:44.0343 2548 MMCSS - ok
22:28:44.0358 2548 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:28:44.0374 2548 Modem - ok
22:28:44.0390 2548 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:28:44.0405 2548 monitor - ok
22:28:44.0436 2548 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:28:44.0452 2548 mouclass - ok
22:28:44.0483 2548 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:28:44.0499 2548 mouhid - ok
22:28:44.0514 2548 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:28:44.0530 2548 mountmgr - ok
22:28:44.0561 2548 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
22:28:44.0592 2548 MpFilter - ok
22:28:44.0592 2548 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
22:28:44.0608 2548 mpio - ok
22:28:44.0624 2548 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:28:44.0655 2548 mpsdrv - ok
22:28:44.0686 2548 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:28:44.0748 2548 MpsSvc - ok
22:28:44.0764 2548 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:28:44.0780 2548 MRxDAV - ok
22:28:44.0795 2548 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:28:44.0811 2548 mrxsmb - ok
22:28:44.0811 2548 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:28:44.0826 2548 mrxsmb10 - ok
22:28:44.0842 2548 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:28:44.0858 2548 mrxsmb20 - ok
22:28:44.0873 2548 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
22:28:44.0873 2548 msahci - ok
22:28:44.0889 2548 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
22:28:44.0889 2548 msdsm - ok
22:28:44.0920 2548 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:28:44.0920 2548 MSDTC - ok
22:28:44.0951 2548 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:28:44.0982 2548 Msfs - ok
22:28:44.0982 2548 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:28:45.0014 2548 mshidkmdf - ok
22:28:45.0029 2548 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:28:45.0029 2548 msisadrv - ok
22:28:45.0060 2548 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:28:45.0092 2548 MSiSCSI - ok
22:28:45.0092 2548 msiserver - ok
22:28:45.0123 2548 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:28:45.0138 2548 MSKSSRV - ok
22:28:45.0201 2548 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:28:45.0232 2548 MsMpSvc - ok
22:28:45.0294 2548 [ 45D52B439F95E221BA74562E58BECCB6 ] msoidsvc C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
22:28:45.0341 2548 msoidsvc - ok
22:28:45.0357 2548 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:28:45.0388 2548 MSPCLOCK - ok
22:28:45.0388 2548 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:28:45.0419 2548 MSPQM - ok
22:28:45.0435 2548 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:28:45.0450 2548 MsRPC - ok
22:28:45.0466 2548 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:28:45.0482 2548 mssmbios - ok
22:28:45.0497 2548 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:28:45.0513 2548 MSTEE - ok
22:28:45.0528 2548 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
22:28:45.0528 2548 MTConfig - ok
22:28:45.0575 2548 [ 85CD16B4FE05A26E1CBD546C168C4820 ] Multi-user Cleanup Service C:\Lotus\Notes\ntmulti.exe
22:28:45.0575 2548 Multi-user Cleanup Service ( UnsignedFile.Multi.Generic ) - warning
22:28:45.0575 2548 Multi-user Cleanup Service - detected UnsignedFile.Multi.Generic (1)
22:28:45.0591 2548 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:28:45.0606 2548 Mup - ok
22:28:45.0622 2548 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
22:28:45.0653 2548 napagent - ok
22:28:45.0684 2548 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:28:45.0731 2548 NativeWifiP - ok
22:28:45.0794 2548 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
22:28:45.0825 2548 NDIS - ok
22:28:45.0856 2548 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:28:45.0903 2548 NdisCap - ok
22:28:45.0918 2548 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:28:45.0950 2548 NdisTapi - ok
22:28:45.0965 2548 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:28:45.0981 2548 Ndisuio - ok
22:28:45.0996 2548 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:46.0028 2548 NdisWan - ok
22:28:46.0028 2548 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:28:46.0059 2548 NDProxy - ok
22:28:46.0074 2548 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:28:46.0106 2548 NetBIOS - ok
22:28:46.0106 2548 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:28:46.0137 2548 NetBT - ok
22:28:46.0152 2548 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
22:28:46.0168 2548 Netlogon - ok
22:28:46.0184 2548 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:28:46.0215 2548 Netman - ok
22:28:46.0527 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:28:46.0542 2548 NetMsmqActivator - ok
22:28:46.0558 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:28:46.0574 2548 NetPipeActivator - ok
22:28:46.0589 2548 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:28:46.0620 2548 netprofm - ok
22:28:46.0636 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:28:46.0652 2548 NetTcpActivator - ok
22:28:46.0652 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:28:46.0652 2548 NetTcpPortSharing - ok
22:28:46.0808 2548 [ 5D262402B0634C998F8CBCEAD7DD8676 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
22:28:46.0870 2548 NETwNs64 - ok
22:28:46.0901 2548 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:28:46.0917 2548 nfrd960 - ok
22:28:46.0932 2548 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
22:28:46.0932 2548 NisDrv - ok
22:28:46.0995 2548 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
22:28:47.0026 2548 NisSrv - ok
22:28:47.0073 2548 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:28:47.0104 2548 NlaSvc - ok
22:28:47.0166 2548 [ F554C5FD7BD1EFA4DA5CFE2EED86391F ] nm3 C:\Windows\system32\DRIVERS\nm3.sys
22:28:47.0198 2548 nm3 - ok
22:28:47.0198 2548 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:28:47.0229 2548 Npfs - ok
22:28:47.0229 2548 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:28:47.0260 2548 nsi - ok
22:28:47.0276 2548 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:28:47.0291 2548 nsiproxy - ok
22:28:47.0338 2548 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:28:47.0354 2548 Ntfs - ok
22:28:47.0369 2548 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:28:47.0385 2548 Null - ok
22:28:47.0400 2548 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:28:47.0416 2548 nvraid - ok
22:28:47.0447 2548 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:28:47.0447 2548 nvstor - ok
22:28:47.0478 2548 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:28:47.0478 2548 nv_agp - ok
22:28:47.0510 2548 [ 4E37455DB16AEC75862B1D0BC35B589E ] O2FLASH C:\Windows\system32\DRIVERS\o2flash.exe
22:28:47.0525 2548 O2FLASH - ok
22:28:47.0541 2548 [ 6172DB160FC566CF24307941C0E94D8E ] O2MDFRDR C:\Windows\system32\DRIVERS\O2MDFw7x64.sys
22:28:47.0541 2548 O2MDFRDR - ok
22:28:47.0556 2548 [ 8ED738ABA394BBF6D7802698BE453112 ] O2MDRRDR C:\Windows\system32\drivers\O2MDRw7x64.sys
22:28:47.0572 2548 O2MDRRDR - ok
22:28:47.0588 2548 [ A9C1E6B7C134FAD124338B7944FA996D ] O2SDJRDR C:\Windows\system32\DRIVERS\o2sdjw7x64.sys
22:28:47.0588 2548 O2SDJRDR - ok
22:28:47.0681 2548 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:28:47.0712 2548 odserv - ok
22:28:47.0744 2548 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
22:28:47.0759 2548 ohci1394 - ok
22:28:47.0790 2548 [ 99BF0B1BCADF83102CBBBEA4D0D22732 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:28:47.0790 2548 ose - ok
22:28:47.0822 2548 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:28:47.0837 2548 p2pimsvc - ok
22:28:47.0853 2548 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:28:47.0884 2548 p2psvc - ok
22:28:47.0915 2548 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:28:47.0931 2548 Parport - ok
22:28:47.0962 2548 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:28:47.0978 2548 partmgr - ok
22:28:47.0993 2548 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:28:48.0009 2548 PcaSvc - ok
22:28:48.0024 2548 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
22:28:48.0040 2548 pci - ok
22:28:48.0056 2548 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
22:28:48.0056 2548 pciide - ok
22:28:48.0087 2548 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:28:48.0087 2548 pcmcia - ok
22:28:48.0102 2548 PCTINDIS5X64 - ok
22:28:48.0118 2548 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:28:48.0118 2548 pcw - ok
22:28:48.0134 2548 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:28:48.0165 2548 PEAUTH - ok
22:28:48.0196 2548 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
22:28:48.0212 2548 PeerDistSvc - ok
22:28:48.0274 2548 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:28:48.0305 2548 PerfHost - ok
22:28:48.0399 2548 [ 42702862AE950D8E66FE1A7631C2E1E9 ] PfFilter C:\Program Files (x86)\Protected Folder\pffilter.sys
22:28:48.0414 2548 PfFilter - ok
22:28:48.0446 2548 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
22:28:48.0508 2548 pla - ok
22:28:48.0539 2548 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:28:48.0570 2548 PlugPlay - ok
22:28:48.0586 2548 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:28:48.0602 2548 PNRPAutoReg - ok
22:28:48.0617 2548 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:28:48.0633 2548 PNRPsvc - ok
22:28:48.0680 2548 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64 C:\Windows\system32\DRIVERS\point64.sys
22:28:48.0695 2548 Point64 - ok
22:28:48.0726 2548 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:28:48.0789 2548 PolicyAgent - ok
22:28:48.0820 2548 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:28:48.0851 2548 Power - ok
22:28:48.0882 2548 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:28:48.0898 2548 PptpMiniport - ok
22:28:48.0945 2548 [ 3A603DD6466569970BD99DFB4C63BBC7 ] prepdrvr C:\Windows\SysWOW64\CCM\prepdrv.sys
22:28:48.0960 2548 prepdrvr - ok
22:28:48.0976 2548 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
22:28:48.0992 2548 Processor - ok
22:28:49.0023 2548 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:28:49.0038 2548 ProfSvc - ok
22:28:49.0054 2548 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:28:49.0070 2548 ProtectedStorage - ok
22:28:49.0085 2548 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:28:49.0116 2548 Psched - ok
22:28:49.0163 2548 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
22:28:49.0179 2548 ql2300 - ok
22:28:49.0194 2548 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
22:28:49.0210 2548 ql40xx - ok
22:28:49.0226 2548 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:28:49.0241 2548 QWAVE - ok
22:28:49.0241 2548 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:28:49.0257 2548 QWAVEdrv - ok
22:28:49.0272 2548 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:28:49.0304 2548 RasAcd - ok
22:28:49.0319 2548 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:28:49.0350 2548 RasAgileVpn - ok
22:28:49.0350 2548 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:28:49.0382 2548 RasAuto - ok
22:28:49.0397 2548 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:28:49.0428 2548 Rasl2tp - ok
22:28:49.0428 2548 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
22:28:49.0460 2548 RasMan - ok
22:28:49.0475 2548 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:28:49.0491 2548 RasPppoe - ok
22:28:49.0522 2548 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:28:49.0538 2548 RasSstp - ok
22:28:49.0553 2548 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:28:49.0584 2548 rdbss - ok
22:28:49.0584 2548 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:28:49.0600 2548 rdpbus - ok
22:28:49.0616 2548 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:28:49.0647 2548 RDPCDD - ok
22:28:49.0662 2548 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:28:49.0662 2548 RDPDR - ok
22:28:49.0694 2548 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:28:49.0709 2548 RDPENCDD - ok
22:28:49.0740 2548 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:28:49.0756 2548 RDPREFMP - ok
22:28:49.0803 2548 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:28:49.0803 2548 RdpVideoMiniport - ok
22:28:49.0834 2548 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:28:49.0881 2548 RDPWD - ok
22:28:49.0896 2548 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:28:49.0912 2548 rdyboost - ok
22:28:49.0928 2548 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:28:49.0959 2548 RemoteAccess - ok
22:28:49.0990 2548 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:28:50.0021 2548 RemoteRegistry - ok
22:28:50.0052 2548 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
22:28:50.0068 2548 RFCOMM - ok
22:28:50.0084 2548 [ C903D49655B4AAE46673F0AAA6BE0F58 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
22:28:50.0099 2548 RimVSerPort - ok
22:28:50.0115 2548 [ 388D3DD1A6457280F3BADBA9F3ACD6B1 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
22:28:50.0146 2548 ROOTMODEM - ok
22:28:50.0162 2548 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:28:50.0193 2548 RpcEptMapper - ok
22:28:50.0208 2548 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:28:50.0224 2548 RpcLocator - ok
22:28:50.0240 2548 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
22:28:50.0271 2548 RpcSs - ok
22:28:50.0286 2548 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:28:50.0318 2548 rspndr - ok
22:28:50.0333 2548 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
22:28:50.0349 2548 s3cap - ok
22:28:50.0349 2548 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
22:28:50.0364 2548 SamSs - ok
22:28:50.0396 2548 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
22:28:50.0411 2548 SASDIFSV - ok
22:28:50.0427 2548 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
22:28:50.0427 2548 SASKUTIL - ok
22:28:50.0458 2548 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:28:50.0458 2548 sbp2port - ok
22:28:50.0489 2548 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:28:50.0520 2548 SCardSvr - ok
22:28:50.0520 2548 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:28:50.0552 2548 scfilter - ok
22:28:50.0567 2548 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
22:28:50.0598 2548 Schedule - ok
22:28:50.0614 2548 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:28:50.0645 2548 SCPolicySvc - ok
22:28:50.0645 2548 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:28:50.0661 2548 SDRSVC - ok
22:28:50.0692 2548 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:28:50.0708 2548 secdrv - ok
22:28:50.0723 2548 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
22:28:50.0754 2548 seclogon - ok
22:28:50.0754 2548 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
22:28:50.0786 2548 SENS - ok
22:28:50.0801 2548 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:28:50.0801 2548 SensrSvc - ok
22:28:50.0832 2548 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
22:28:50.0848 2548 Serenum - ok
22:28:50.0879 2548 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
22:28:50.0879 2548 Serial - ok
22:28:50.0926 2548 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
22:28:50.0957 2548 sermouse - ok
22:28:50.0988 2548 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
22:28:51.0020 2548 SessionEnv - ok
22:28:51.0035 2548 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:28:51.0035 2548 sffdisk - ok
22:28:51.0051 2548 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:28:51.0066 2548 sffp_mmc - ok
22:28:51.0082 2548 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:28:51.0082 2548 sffp_sd - ok
22:28:51.0113 2548 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
22:28:51.0113 2548 sfloppy - ok
22:28:51.0144 2548 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:28:51.0176 2548 SharedAccess - ok
22:28:51.0191 2548 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:28:51.0207 2548 ShellHWDetection - ok
22:28:51.0238 2548 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:28:51.0254 2548 SiSRaid2 - ok
22:28:51.0254 2548 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:28:51.0269 2548 SiSRaid4 - ok
22:28:51.0316 2548 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:28:51.0347 2548 SkypeUpdate - ok
22:28:51.0363 2548 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:28:51.0394 2548 Smb - ok
22:28:51.0394 2548 smstsmgr - ok
22:28:51.0425 2548 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:28:51.0441 2548 SNMPTRAP - ok
22:28:51.0456 2548 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:28:51.0472 2548 spldr - ok
22:28:51.0503 2548 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
22:28:51.0519 2548 Spooler - ok
22:28:51.0566 2548 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
22:28:51.0612 2548 sppsvc - ok
22:28:51.0644 2548 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:28:51.0675 2548 sppuinotify - ok
22:28:51.0690 2548 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
22:28:51.0706 2548 srv - ok
22:28:51.0722 2548 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:28:51.0722 2548 srv2 - ok
22:28:51.0737 2548 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:28:51.0753 2548 srvnet - ok
22:28:51.0768 2548 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:28:51.0800 2548 SSDPSRV - ok
22:28:51.0800 2548 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:28:51.0831 2548 SstpSvc - ok
22:28:51.0862 2548 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:28:51.0878 2548 ssudmdm - ok
22:28:51.0909 2548 [ E82994866A370A480607637F28B82835 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
22:28:51.0940 2548 STacSV - ok
22:28:51.0940 2548 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:28:51.0956 2548 stexstor - ok
22:28:51.0971 2548 [ 3AD0ED8B19CD76D2254DE5FB298E3C26 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
22:28:51.0987 2548 STHDA - ok
22:28:52.0018 2548 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
22:28:52.0034 2548 stisvc - ok
22:28:52.0049 2548 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:28:52.0049 2548 storflt - ok
22:28:52.0065 2548 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
22:28:52.0080 2548 StorSvc - ok
22:28:52.0112 2548 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:28:52.0112 2548 storvsc - ok
22:28:52.0127 2548 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:28:52.0143 2548 swenum - ok
22:28:52.0158 2548 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:28:52.0190 2548 swprv - ok
22:28:52.0221 2548 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
22:28:52.0236 2548 SysMain - ok
22:28:52.0252 2548 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:28:52.0268 2548 TabletInputService - ok
22:28:52.0283 2548 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:28:52.0314 2548 TapiSrv - ok
22:28:52.0314 2548 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:28:52.0346 2548 TBS - ok
22:28:52.0408 2548 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:28:52.0455 2548 Tcpip - ok
22:28:52.0486 2548 [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:28:52.0517 2548 TCPIP6 - ok
22:28:52.0548 2548 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:28:52.0580 2548 tcpipreg - ok
22:28:52.0595 2548 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:28:52.0595 2548 TDPIPE - ok
22:28:52.0626 2548 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:28:52.0658 2548 TDTCP - ok
22:28:52.0673 2548 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:28:52.0736 2548 tdx - ok
22:28:52.0860 2548 [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:28:52.0954 2548 TeamViewer7 - ok
22:28:52.0970 2548 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:28:52.0985 2548 TermDD - ok
22:28:53.0016 2548 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
22:28:53.0079 2548 TermService - ok
22:28:53.0094 2548 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:28:53.0110 2548 Themes - ok
22:28:53.0126 2548 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:28:53.0157 2548 THREADORDER - ok
22:28:53.0172 2548 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:28:53.0204 2548 TrkWks - ok
22:28:53.0250 2548 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:28:53.0266 2548 TrustedInstaller - ok
22:28:53.0282 2548 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:28:53.0297 2548 tssecsrv - ok
22:28:53.0344 2548 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:28:53.0344 2548 TsUsbFlt - ok
22:28:53.0360 2548 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
22:28:53.0375 2548 TsUsbGD - ok
22:28:53.0391 2548 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:28:53.0422 2548 tunnel - ok
22:28:53.0422 2548 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:28:53.0438 2548 uagp35 - ok
22:28:53.0453 2548 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:28:53.0484 2548 udfs - ok
22:28:53.0500 2548 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:28:53.0516 2548 UI0Detect - ok
22:28:53.0531 2548 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:28:53.0547 2548 uliagpkx - ok
22:28:53.0547 2548 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:28:53.0562 2548 umbus - ok
22:28:53.0578 2548 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
22:28:53.0578 2548 UmPass - ok
22:28:53.0594 2548 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
22:28:53.0609 2548 UmRdpService - ok
22:28:53.0640 2548 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:28:53.0656 2548 upnphost - ok
22:28:53.0703 2548 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:28:53.0718 2548 usbaudio - ok
22:28:53.0765 2548 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:53.0781 2548 usbccgp - ok
22:28:53.0796 2548 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
22:28:53.0812 2548 usbcir - ok
22:28:53.0828 2548 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:28:53.0843 2548 usbehci - ok
22:28:53.0859 2548 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:28:53.0874 2548 usbhub - ok
22:28:53.0890 2548 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
22:28:53.0890 2548 usbohci - ok
22:28:53.0906 2548 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
22:28:53.0921 2548 usbprint - ok
22:28:53.0937 2548 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:53.0937 2548 USBSTOR - ok
22:28:53.0952 2548 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
22:28:53.0968 2548 usbuhci - ok
22:28:53.0999 2548 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
22:28:54.0015 2548 usbvideo - ok
22:28:54.0030 2548 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:28:54.0062 2548 UxSms - ok
22:28:54.0077 2548 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
22:28:54.0077 2548 VaultSvc - ok
22:28:54.0108 2548 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:28:54.0124 2548 vdrvroot - ok
22:28:54.0140 2548 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
22:28:54.0171 2548 vds - ok
22:28:54.0186 2548 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:28:54.0186 2548 vga - ok
22:28:54.0202 2548 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:28:54.0218 2548 VgaSave - ok
22:28:54.0233 2548 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
22:28:54.0249 2548 vhdmp - ok
22:28:54.0264 2548 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
22:28:54.0264 2548 viaide - ok
22:28:54.0296 2548 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:28:54.0296 2548 vmbus - ok
22:28:54.0311 2548 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
22:28:54.0327 2548 VMBusHID - ok
22:28:54.0327 2548 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:28:54.0342 2548 volmgr - ok
22:28:54.0358 2548 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:28:54.0358 2548 volmgrx - ok
22:28:54.0374 2548 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:28:54.0374 2548 volsnap - ok
22:28:54.0405 2548 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:28:54.0405 2548 vsmraid - ok
22:28:54.0452 2548 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
22:28:54.0483 2548 VSS - ok
22:28:54.0498 2548 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
22:28:54.0514 2548 vwifibus - ok
22:28:54.0530 2548 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:28:54.0530 2548 vwififlt - ok
22:28:54.0545 2548 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:28:54.0561 2548 vwifimp - ok
22:28:54.0592 2548 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:28:54.0623 2548 W32Time - ok
22:28:54.0639 2548 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
22:28:54.0654 2548 WacomPen - ok
22:28:54.0670 2548 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:28:54.0701 2548 WANARP - ok
22:28:54.0717 2548 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:28:54.0748 2548 Wanarpv6 - ok
22:28:54.0810 2548 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
22:28:54.0857 2548 WatAdminSvc - ok
22:28:54.0904 2548 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
22:28:54.0920 2548 wbengine - ok
22:28:54.0935 2548 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:28:54.0951 2548 WbioSrvc - ok
22:28:54.0951 2548 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:28:54.0966 2548 wcncsvc - ok
22:28:54.0982 2548 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:28:54.0982 2548 WcsPlugInService - ok
22:28:54.0998 2548 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
22:28:55.0013 2548 Wd - ok
22:28:55.0029 2548 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:28:55.0044 2548 Wdf01000 - ok
22:28:55.0060 2548 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:28:55.0076 2548 WdiServiceHost - ok
22:28:55.0076 2548 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:28:55.0091 2548 WdiSystemHost - ok
22:28:55.0107 2548 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
22:28:55.0122 2548 WebClient - ok
22:28:55.0138 2548 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:28:55.0154 2548 Wecsvc - ok
22:28:55.0169 2548 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:28:55.0200 2548 wercplsupport - ok
22:28:55.0216 2548 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:28:55.0232 2548 WerSvc - ok
22:28:55.0263 2548 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:28:55.0310 2548 WfpLwf - ok
22:28:55.0325 2548 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:28:55.0341 2548 WIMMount - ok
22:28:55.0372 2548 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] winachsf C:\Windows\system32\DRIVERS\CAX_CNXT.sys
22:28:55.0388 2548 winachsf - ok
22:28:55.0388 2548 WinDefend - ok
22:28:55.0403 2548 WinHttpAutoProxySvc - ok
22:28:55.0450 2548 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:28:55.0512 2548 Winmgmt - ok
22:28:55.0575 2548 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
22:28:55.0622 2548 WinRM - ok
22:28:55.0637 2548 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
22:28:55.0653 2548 WinUsb - ok
22:28:55.0668 2548 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:28:55.0684 2548 Wlansvc - ok
22:28:55.0746 2548 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:28:55.0762 2548 wlcrasvc - ok
22:28:55.0871 2548 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:28:55.0902 2548 wlidsvc - ok
22:28:55.0949 2548 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:28:55.0965 2548 WmiAcpi - ok
22:28:55.0980 2548 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:28:55.0996 2548 wmiApSrv - ok
22:28:56.0012 2548 WMPNetworkSvc - ok
22:28:56.0043 2548 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:28:56.0058 2548 WPCSvc - ok
22:28:56.0074 2548 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:28:56.0074 2548 WPDBusEnum - ok
22:28:56.0090 2548 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:28:56.0121 2548 ws2ifsl - ok
22:28:56.0136 2548 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
22:28:56.0152 2548 wscsvc - ok
22:28:56.0152 2548 WSearch - ok
22:28:56.0230 2548 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:28:56.0277 2548 wuauserv - ok
22:28:56.0308 2548 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:28:56.0324 2548 WudfPf - ok
22:28:56.0339 2548 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:28:56.0370 2548 WUDFRd - ok
22:28:56.0386 2548 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:28:56.0402 2548 wudfsvc - ok
22:28:56.0433 2548 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:28:56.0448 2548 WwanSvc - ok
22:28:56.0448 2548 [ E8F3FA126A06F8E7088F63757112A186 ] XAudio C:\Windows\system32\DRIVERS\XAudio64.sys
22:28:56.0464 2548 XAudio - ok
22:28:56.0480 2548 ================ Scan global ===============================
22:28:56.0495 2548 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:28:56.0511 2548 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:28:56.0511 2548 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
22:28:56.0526 2548 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:28:56.0542 2548 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:28:56.0558 2548 [Global] - ok
22:28:56.0558 2548 ================ Scan MBR ==================================
22:28:56.0573 2548 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:28:56.0979 2548 \Device\Harddisk0\DR0 - ok
22:28:56.0979 2548 ================ Scan VBR ==================================
22:28:56.0979 2548 [ C33BD03598AD71AB2874B6C84B303574 ] \Device\Harddisk0\DR0\Partition1
22:28:56.0979 2548 \Device\Harddisk0\DR0\Partition1 - ok
22:28:56.0979 2548 ================ Scan active images ========================
22:28:56.0994 2548 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
22:28:56.0994 2548 C:\Windows\System32\drivers\crashdmp.sys - ok
22:28:56.0994 2548 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
22:28:56.0994 2548 C:\Windows\System32\drivers\dumpfve.sys - ok
22:28:57.0010 2548 [ D7921D5A870B11CC1ADAB198A519D50A ] C:\Windows\System32\drivers\iaStor.sys
22:28:57.0010 2548 C:\Windows\System32\drivers\iaStor.sys - ok
22:28:57.0010 2548 [ 44837F1CB5BD166A7BD8869F9E86E907 ] C:\Windows\System32\drivers\asdrm.sys
22:28:57.0010 2548 C:\Windows\System32\drivers\asdrm.sys - ok
22:28:57.0010 2548 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
22:28:57.0010 2548 C:\Windows\System32\drivers\beep.sys - ok
22:28:57.0010 2548 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
22:28:57.0010 2548 C:\Windows\System32\drivers\cdrom.sys - ok
22:28:57.0026 2548 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
22:28:57.0026 2548 C:\Windows\System32\drivers\null.sys - ok
22:28:57.0026 2548 [ FAAE299FBF42029E55657F61F55533D3 ] C:\Windows\System32\drivers\dwvkbd64.sys
22:28:57.0026 2548 C:\Windows\System32\drivers\dwvkbd64.sys - ok
22:28:57.0026 2548 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
22:28:57.0026 2548 C:\Windows\System32\drivers\RDPCDD.sys - ok
22:28:57.0026 2548 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
22:28:57.0026 2548 C:\Windows\System32\drivers\RDPENCDD.sys - ok
22:28:57.0026 2548 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
22:28:57.0026 2548 C:\Windows\System32\drivers\RDPREFMP.sys - ok
22:28:57.0041 2548 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\vga.sys - ok
22:28:57.0041 2548 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\videoprt.sys - ok
22:28:57.0041 2548 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\watchdog.sys - ok
22:28:57.0041 2548 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\msfs.sys - ok
22:28:57.0041 2548 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\npfs.sys - ok
22:28:57.0041 2548 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
22:28:57.0041 2548 C:\Windows\System32\drivers\afd.sys - ok
22:28:57.0057 2548 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\tdi.sys - ok
22:28:57.0057 2548 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\tdx.sys - ok
22:28:57.0057 2548 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\netbt.sys - ok
22:28:57.0057 2548 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\ws2ifsl.sys - ok
22:28:57.0057 2548 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\pacer.sys - ok
22:28:57.0057 2548 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\wfplwf.sys - ok
22:28:57.0057 2548 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
22:28:57.0057 2548 C:\Windows\System32\drivers\vwififlt.sys - ok
22:28:57.0072 2548 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
22:28:57.0072 2548 C:\Windows\System32\drivers\netbios.sys - ok
22:28:57.0072 2548 [ F554C5FD7BD1EFA4DA5CFE2EED86391F ] C:\Windows\System32\drivers\nm3.sys
22:28:57.0072 2548 C:\Windows\System32\drivers\nm3.sys - ok
22:28:57.0072 2548 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
22:28:57.0072 2548 C:\Windows\System32\drivers\wanarp.sys - ok
22:28:57.0072 2548 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
22:28:57.0072 2548 C:\Windows\System32\drivers\termdd.sys - ok
22:28:57.0072 2548 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
22:28:57.0072 2548 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
22:28:57.0072 2548 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
22:28:57.0072 2548 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
22:28:57.0088 2548 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\rdbss.sys - ok
22:28:57.0088 2548 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\discache.sys - ok
22:28:57.0088 2548 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\mssmbios.sys - ok
22:28:57.0088 2548 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\nsiproxy.sys - ok
22:28:57.0088 2548 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\dfsc.sys - ok
22:28:57.0088 2548 [ EB7439918F3E04B51CD8822FD8C8E018 ] C:\Windows\System32\drivers\ctxusbm.sys
22:28:57.0088 2548 C:\Windows\System32\drivers\ctxusbm.sys - ok
22:28:57.0104 2548 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
22:28:57.0104 2548 C:\Windows\System32\drivers\blbdrive.sys - ok
22:28:57.0104 2548 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
22:28:57.0104 2548 C:\Windows\System32\drivers\tunnel.sys - ok
22:28:57.0104 2548 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
22:28:57.0104 2548 C:\Windows\System32\ntdll.dll - ok
22:28:57.0104 2548 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
22:28:57.0104 2548 C:\Windows\System32\smss.exe - ok
22:28:57.0104 2548 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
22:28:57.0104 2548 C:\Windows\System32\autochk.exe - ok
22:28:57.0104 2548 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
22:28:57.0104 2548 C:\Windows\System32\difxapi.dll - ok
22:28:57.0119 2548 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
22:28:57.0119 2548 C:\Windows\System32\lpk.dll - ok
22:28:57.0119 2548 [ 370C2A8629B30F910F740387795DDC6F ] C:\Windows\System32\drivers\igdkmd64.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\igdkmd64.sys - ok
22:28:57.0119 2548 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\dxgkrnl.sys - ok
22:28:57.0119 2548 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\dxgmms1.sys - ok
22:28:57.0119 2548 [ 60633132A929C09FE78FAB16541F9E71 ] C:\Windows\System32\drivers\e1c62x64.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\e1c62x64.sys - ok
22:28:57.0119 2548 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\usbehci.sys - ok
22:28:57.0119 2548 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
22:28:57.0119 2548 C:\Windows\System32\drivers\usbport.sys - ok
22:28:57.0135 2548 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\hdaudbus.sys - ok
22:28:57.0135 2548 [ 5D262402B0634C998F8CBCEAD7DD8676 ] C:\Windows\System32\drivers\NETwNs64.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\NETwNs64.sys - ok
22:28:57.0135 2548 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\vwifibus.sys - ok
22:28:57.0135 2548 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\i8042prt.sys - ok
22:28:57.0135 2548 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\kbdclass.sys - ok
22:28:57.0135 2548 [ 6172DB160FC566CF24307941C0E94D8E ] C:\Windows\System32\drivers\o2mdfw7x64.sys
22:28:57.0135 2548 C:\Windows\System32\drivers\o2mdfw7x64.sys - ok
22:28:57.0150 2548 [ A9C1E6B7C134FAD124338B7944FA996D ] C:\Windows\System32\drivers\o2sdjw7x64.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\o2sdjw7x64.sys - ok
22:28:57.0150 2548 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\parport.sys - ok
22:28:57.0150 2548 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\scsiport.sys - ok
22:28:57.0150 2548 [ E4F6A272A696B6442E5C84EC470E3676 ] C:\Windows\System32\drivers\Apfiltr.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\Apfiltr.sys - ok
22:28:57.0150 2548 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\mouclass.sys - ok
22:28:57.0150 2548 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
22:28:57.0150 2548 C:\Windows\System32\drivers\CmBatt.sys - ok
22:28:57.0166 2548 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\CompositeBus.sys - ok
22:28:57.0166 2548 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\intelppm.sys - ok
22:28:57.0166 2548 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\wmiacpi.sys - ok
22:28:57.0166 2548 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] C:\Windows\System32\drivers\dne64x.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\dne64x.sys - ok
22:28:57.0166 2548 [ 0040A0132AAC1004E50055F8FBB14C08 ] C:\Windows\System32\drivers\dsNcAdpt.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\dsNcAdpt.sys - ok
22:28:57.0166 2548 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
22:28:57.0166 2548 C:\Windows\System32\drivers\agilevpn.sys - ok
22:28:57.0182 2548 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\rasl2tp.sys - ok
22:28:57.0182 2548 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\ndistapi.sys - ok
22:28:57.0182 2548 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\ndiswan.sys - ok
22:28:57.0182 2548 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\raspppoe.sys - ok
22:28:57.0182 2548 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\raspptp.sys - ok
22:28:57.0182 2548 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\rassstp.sys - ok
22:28:57.0182 2548 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
22:28:57.0182 2548 C:\Windows\System32\drivers\rdpbus.sys - ok
22:28:57.0197 2548 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
22:28:57.0197 2548 C:\Windows\System32\drivers\ks.sys - ok
22:28:57.0197 2548 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
22:28:57.0197 2548 C:\Windows\System32\drivers\swenum.sys - ok
22:28:57.0197 2548 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
22:28:57.0197 2548 C:\Windows\System32\drivers\umbus.sys - ok
22:28:57.0197 2548 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
22:28:57.0197 2548 C:\Windows\System32\clbcatq.dll - ok
22:28:57.0197 2548 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
22:28:57.0197 2548 C:\Windows\System32\ws2_32.dll - ok
22:28:57.0197 2548 [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
22:28:57.0197 2548 C:\Windows\System32\kernel32.dll - ok
22:28:57.0213 2548 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
22:28:57.0213 2548 C:\Windows\System32\nsi.dll - ok
22:28:57.0213 2548 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
22:28:57.0213 2548 C:\Windows\System32\msvcrt.dll - ok
22:28:57.0213 2548 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
22:28:57.0213 2548 C:\Windows\System32\shlwapi.dll - ok
22:28:57.0213 2548 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
22:28:57.0213 2548 C:\Windows\System32\user32.dll - ok
22:28:57.0213 2548 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
22:28:57.0213 2548 C:\Windows\System32\gdi32.dll - ok
22:28:57.0213 2548 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
22:28:57.0213 2548 C:\Windows\System32\shell32.dll - ok
22:28:57.0213 2548 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
22:28:57.0213 2548 C:\Windows\System32\advapi32.dll - ok
22:28:57.0228 2548 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
22:28:57.0228 2548 C:\Windows\System32\normaliz.dll - ok
22:28:57.0228 2548 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
22:28:57.0228 2548 C:\Windows\System32\setupapi.dll - ok
22:28:57.0228 2548 [ 3D165C53E40236A68B7102D1A622D4E0 ] C:\Windows\System32\wininet.dll
22:28:57.0228 2548 C:\Windows\System32\wininet.dll - ok
22:28:57.0228 2548 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
22:28:57.0228 2548 C:\Windows\System32\imm32.dll - ok
22:28:57.0228 2548 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
22:28:57.0228 2548 C:\Windows\System32\drivers\usbhub.sys - ok
22:28:57.0228 2548 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
22:28:57.0228 2548 C:\Windows\System32\msctf.dll - ok
22:28:57.0228 2548 [ 2885A3C3148F725CDA0B4C593BA8F7CE ] C:\Windows\System32\urlmon.dll
22:28:57.0228 2548 C:\Windows\System32\urlmon.dll - ok
22:28:57.0244 2548 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
22:28:57.0244 2548 C:\Windows\System32\Wldap32.dll - ok
22:28:57.0244 2548 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
22:28:57.0244 2548 C:\Windows\System32\rpcrt4.dll - ok
22:28:57.0244 2548 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
22:28:57.0244 2548 C:\Windows\System32\comdlg32.dll - ok
22:28:57.0244 2548 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
22:28:57.0244 2548 C:\Windows\System32\imagehlp.dll - ok
22:28:57.0244 2548 [ D841F7629505EE542E26E5F0A4D20101 ] C:\Windows\System32\iertutil.dll
22:28:57.0244 2548 C:\Windows\System32\iertutil.dll - ok
22:28:57.0244 2548 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
22:28:57.0244 2548 C:\Windows\System32\oleaut32.dll - ok
22:28:57.0244 2548 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
22:28:57.0260 2548 C:\Windows\System32\psapi.dll - ok
22:28:57.0260 2548 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
22:28:57.0260 2548 C:\Windows\System32\usp10.dll - ok
22:28:57.0260 2548 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
22:28:57.0260 2548 C:\Windows\System32\ole32.dll - ok
22:28:57.0260 2548 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
22:28:57.0260 2548 C:\Windows\System32\sechost.dll - ok
22:28:57.0260 2548 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
22:28:57.0260 2548 C:\Windows\System32\drivers\ndproxy.sys - ok
22:28:57.0260 2548 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
22:28:57.0260 2548 C:\Windows\System32\comctl32.dll - ok
22:28:57.0260 2548 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
22:28:57.0260 2548 C:\Windows\System32\cfgmgr32.dll - ok
22:28:57.0275 2548 [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
22:28:57.0275 2548 C:\Windows\System32\crypt32.dll - ok
22:28:57.0275 2548 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
22:28:57.0275 2548 C:\Windows\System32\devobj.dll - ok
22:28:57.0275 2548 [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
22:28:57.0275 2548 C:\Windows\System32\KernelBase.dll - ok
22:28:57.0275 2548 [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
22:28:57.0275 2548 C:\Windows\System32\wintrust.dll - ok
22:28:57.0275 2548 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
22:28:57.0275 2548 C:\Windows\System32\msasn1.dll - ok
22:28:57.0275 2548 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
22:28:57.0275 2548 C:\Windows\System32\drivers\drmk.sys - ok
22:28:57.0275 2548 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
22:28:57.0275 2548 C:\Windows\System32\drivers\ksthunk.sys - ok
22:28:57.0291 2548 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\portcls.sys - ok
22:28:57.0291 2548 [ 3AD0ED8B19CD76D2254DE5FB298E3C26 ] C:\Windows\System32\drivers\stwrt64.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\stwrt64.sys - ok
22:28:57.0291 2548 [ D1787E11C6A0078DDEAF8CF3EE2AB293 ] C:\Windows\System32\drivers\CAXHWAZL.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\CAXHWAZL.sys - ok
22:28:57.0291 2548 [ 26C5D00321937E49B6BC91029947D094 ] C:\Windows\System32\drivers\CAX_DPV.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\CAX_DPV.sys - ok
22:28:57.0291 2548 [ A6EA7A3FC4B00F48535B506DB1E86EFD ] C:\Windows\System32\drivers\CAX_CNXT.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\CAX_CNXT.sys - ok
22:28:57.0291 2548 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
22:28:57.0291 2548 C:\Windows\System32\drivers\modem.sys - ok
22:28:57.0306 2548 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
22:28:57.0306 2548 C:\Windows\System32\drivers\IntcDAud.sys - ok
22:28:57.0306 2548 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
22:28:57.0306 2548 C:\Windows\SysWOW64\normaliz.dll - ok
22:28:57.0306 2548 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
22:28:57.0306 2548 C:\Windows\System32\drivers\dxapi.sys - ok
22:28:57.0306 2548 [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
22:28:57.0306 2548 C:\Windows\System32\win32k.sys - ok
22:28:57.0306 2548 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
22:28:57.0306 2548 C:\Windows\System32\csrsrv.dll - ok
22:28:57.0306 2548 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
22:28:57.0306 2548 C:\Windows\System32\csrss.exe - ok
22:28:57.0322 2548 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
22:28:57.0322 2548 C:\Windows\System32\basesrv.dll - ok
22:28:57.0322 2548 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
22:28:57.0322 2548 C:\Windows\System32\winsrv.dll - ok
22:28:57.0322 2548 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
22:28:57.0322 2548 C:\Windows\System32\drivers\bthport.sys - ok
22:28:57.0322 2548 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
22:28:57.0322 2548 C:\Windows\System32\drivers\usbd.sys - ok
22:28:57.0322 2548 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
22:28:57.0322 2548 C:\Windows\System32\drivers\BTHUSB.SYS - ok
22:28:57.0322 2548 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
22:28:57.0322 2548 C:\Windows\System32\drivers\bthenum.sys - ok
22:28:57.0338 2548 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\bthpan.sys - ok
22:28:57.0338 2548 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\rfcomm.sys - ok
22:28:57.0338 2548 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\hidparse.sys - ok
22:28:57.0338 2548 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\usbccgp.sys - ok
22:28:57.0338 2548 [ C7259495924D21F1AFA26467D9F4DAE0 ] C:\Windows\System32\drivers\dc3d.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\dc3d.sys - ok
22:28:57.0338 2548 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
22:28:57.0338 2548 C:\Windows\System32\drivers\hidclass.sys - ok
22:28:57.0338 2548 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\hidusb.sys - ok
22:28:57.0353 2548 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\kbdhid.sys - ok
22:28:57.0353 2548 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\mouhid.sys - ok
22:28:57.0353 2548 [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] C:\Windows\System32\drivers\point64.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\point64.sys - ok
22:28:57.0353 2548 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\usbvideo.sys - ok
22:28:57.0353 2548 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\monitor.sys - ok
22:28:57.0353 2548 [ A84CAAE89B487931200B969D94018AFA ] C:\Windows\System32\drivers\cvusbdrv.sys
22:28:57.0353 2548 C:\Windows\System32\drivers\cvusbdrv.sys - ok
22:28:57.0369 2548 [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
22:28:57.0369 2548 C:\Windows\System32\drivers\winusb.sys - ok
22:28:57.0369 2548 [ CF8D590BE3373029D57AF80914190682 ] C:\Windows\System32\drivers\WUDFRd.sys
22:28:57.0369 2548 C:\Windows\System32\drivers\WUDFRd.sys - ok
22:28:57.0369 2548 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
22:28:57.0369 2548 C:\Windows\System32\sxssrv.dll - ok
22:28:57.0369 2548 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
22:28:57.0369 2548 C:\Windows\System32\tsddd.dll - ok
22:28:57.0369 2548 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
22:28:57.0369 2548 C:\Windows\System32\wininit.exe - ok
22:28:57.0369 2548 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
22:28:57.0369 2548 C:\Windows\System32\KBDUS.DLL - ok
22:28:57.0384 2548 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
22:28:57.0384 2548 C:\Windows\System32\profapi.dll - ok
22:28:57.0384 2548 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
22:28:57.0384 2548 C:\Windows\System32\RpcRtRemote.dll - ok
22:28:57.0384 2548 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
22:28:57.0384 2548 C:\Windows\System32\cdd.dll - ok
22:28:57.0384 2548 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
22:28:57.0384 2548 C:\Windows\System32\WlS0WndH.dll - ok
22:28:57.0384 2548 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
22:28:57.0384 2548 C:\Windows\System32\sxs.dll - ok
22:28:57.0384 2548 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
22:28:57.0384 2548 C:\Windows\System32\cryptbase.dll - ok
22:28:57.0384 2548 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
22:28:57.0384 2548 C:\Windows\System32\apphelp.dll - ok
22:28:57.0400 2548 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
22:28:57.0400 2548 C:\Windows\System32\lsasrv.dll - ok
22:28:57.0400 2548 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
22:28:57.0400 2548 C:\Windows\System32\lsass.exe - ok
22:28:57.0400 2548 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
22:28:57.0400 2548 C:\Windows\System32\lsm.exe - ok
22:28:57.0400 2548 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
22:28:57.0400 2548 C:\Windows\System32\services.exe - ok
22:28:57.0400 2548 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
22:28:57.0400 2548 C:\Windows\System32\sspicli.dll - ok
22:28:57.0400 2548 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
22:28:57.0400 2548 C:\Windows\System32\sspisrv.dll - ok
22:28:57.0416 2548 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
22:28:57.0416 2548 C:\Windows\System32\sysntfy.dll - ok
22:28:57.0416 2548 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
22:28:57.0416 2548 C:\Windows\System32\wmsgapi.dll - ok
22:28:57.0416 2548 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
22:28:57.0416 2548 C:\Windows\System32\scesrv.dll - ok
22:28:57.0416 2548 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
22:28:57.0416 2548 C:\Windows\System32\scext.dll - ok
22:28:57.0416 2548 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
22:28:57.0416 2548 C:\Windows\System32\secur32.dll - ok
22:28:57.0431 2548 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
22:28:57.0431 2548 C:\Windows\System32\samsrv.dll - ok
22:28:57.0431 2548 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
22:28:57.0431 2548 C:\Windows\System32\srvcli.dll - ok
22:28:57.0431 2548 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
22:28:57.0431 2548 C:\Windows\System32\cryptdll.dll - ok
22:28:57.0431 2548 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
22:28:57.0431 2548 C:\Windows\System32\wevtapi.dll - ok
22:28:57.0431 2548 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
22:28:57.0431 2548 C:\Windows\System32\authz.dll - ok
22:28:57.0431 2548 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
22:28:57.0431 2548 C:\Windows\System32\cngaudit.dll - ok
22:28:57.0431 2548 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
22:28:57.0431 2548 C:\Windows\System32\ncrypt.dll - ok
22:28:57.0447 2548 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
22:28:57.0447 2548 C:\Windows\System32\bcrypt.dll - ok
22:28:57.0447 2548 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
22:28:57.0447 2548 C:\Windows\System32\msprivs.dll - ok
22:28:57.0447 2548 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
22:28:57.0447 2548 C:\Windows\System32\netjoin.dll - ok
22:28:57.0447 2548 [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
22:28:57.0447 2548 C:\Windows\System32\kerberos.dll - ok
22:28:57.0447 2548 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
22:28:57.0447 2548 C:\Windows\System32\negoexts.dll - ok
22:28:57.0447 2548 [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
22:28:57.0447 2548 C:\Windows\System32\atmfd.dll - ok
22:28:57.0462 2548 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
22:28:57.0462 2548 C:\Windows\System32\cryptsp.dll - ok
22:28:57.0462 2548 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
22:28:57.0462 2548 C:\Windows\System32\mswsock.dll - ok
22:28:57.0462 2548 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
22:28:57.0462 2548 C:\Windows\System32\msv1_0.dll - ok
22:28:57.0462 2548 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
22:28:57.0462 2548 C:\Windows\System32\wship6.dll - ok
22:28:57.0462 2548 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
22:28:57.0462 2548 C:\Windows\System32\netlogon.dll - ok
22:28:57.0462 2548 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
22:28:57.0462 2548 C:\Windows\System32\winlogon.exe - ok
22:28:57.0462 2548 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
22:28:57.0478 2548 C:\Windows\System32\winsta.dll - ok
22:28:57.0478 2548 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
22:28:57.0478 2548 C:\Windows\System32\dnsapi.dll - ok
22:28:57.0478 2548 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
22:28:57.0478 2548 C:\Windows\System32\logoncli.dll - ok
22:28:57.0478 2548 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
22:28:57.0478 2548 C:\Windows\System32\schannel.dll - ok
22:28:57.0478 2548 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
22:28:57.0478 2548 C:\Windows\System32\wdigest.dll - ok
22:28:57.0478 2548 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
22:28:57.0478 2548 C:\Windows\System32\rsaenh.dll - ok
22:28:57.0478 2548 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
22:28:57.0478 2548 C:\Windows\System32\TSpkg.dll - ok
22:28:57.0494 2548 [ 6B0F8C639F5C42F2AAB0A02CC810691F ] C:\Windows\System32\MSOIDSSP.DLL
22:28:57.0494 2548 C:\Windows\System32\MSOIDSSP.DLL - ok
22:28:57.0494 2548 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
22:28:57.0494 2548 C:\Windows\System32\pku2u.dll - ok
22:28:57.0494 2548 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
22:28:57.0494 2548 C:\Windows\System32\LIVESSP.DLL - ok
22:28:57.0494 2548 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
22:28:57.0494 2548 C:\Windows\System32\bcryptprimitives.dll - ok
22:28:57.0494 2548 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
22:28:57.0494 2548 C:\Windows\System32\credssp.dll - ok
22:28:57.0494 2548 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
22:28:57.0494 2548 C:\Windows\System32\efslsaext.dll - ok
22:28:57.0494 2548 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
22:28:57.0494 2548 C:\Windows\System32\netutils.dll - ok
22:28:57.0509 2548 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
22:28:57.0509 2548 C:\Windows\System32\scecli.dll - ok
22:28:57.0509 2548 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
22:28:57.0509 2548 C:\Windows\System32\ubpm.dll - ok
22:28:57.0509 2548 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
22:28:57.0509 2548 C:\Windows\System32\svchost.exe - ok
22:28:57.0509 2548 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
22:28:57.0509 2548 C:\Windows\System32\umpnpmgr.dll - ok
22:28:57.0509 2548 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
22:28:57.0509 2548 C:\Windows\System32\SPInf.dll - ok
22:28:57.0509 2548 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
22:28:57.0509 2548 C:\Windows\System32\devrtl.dll - ok
22:28:57.0509 2548 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
22:28:57.0509 2548 C:\Windows\System32\gpapi.dll - ok
22:28:57.0525 2548 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
22:28:57.0525 2548 C:\Windows\System32\userenv.dll - ok
22:28:57.0525 2548 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
22:28:57.0525 2548 C:\Windows\System32\pcwum.dll - ok
22:28:57.0525 2548 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
22:28:57.0525 2548 C:\Windows\System32\umpo.dll - ok
22:28:57.0525 2548 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
22:28:57.0525 2548 C:\Windows\System32\powrprof.dll - ok
22:28:57.0525 2548 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
22:28:57.0525 2548 C:\Windows\System32\drivers\luafv.sys - ok
22:28:57.0525 2548 [ 42702862AE950D8E66FE1A7631C2E1E9 ] C:\Program Files (x86)\Protected Folder\pffilter.sys
22:28:57.0525 2548 C:\Program Files (x86)\Protected Folder\pffilter.sys - ok
22:28:57.0540 2548 [ A8FE8F2783B2929B56F5370A89356CE9 ] C:\Windows\System32\drivers\mbam.sys
22:28:57.0540 2548 C:\Windows\System32\drivers\mbam.sys - ok
22:28:57.0540 2548 [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
22:28:57.0540 2548 C:\Windows\System32\drivers\WUDFPf.sys - ok
22:28:57.0540 2548 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
22:28:57.0540 2548 C:\Windows\System32\rpcss.dll - ok
22:28:57.0540 2548 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
22:28:57.0540 2548 C:\Windows\System32\RpcEpMap.dll - ok
22:28:57.0540 2548 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
22:28:57.0540 2548 C:\Windows\System32\wshqos.dll - ok
22:28:57.0540 2548 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
22:28:57.0540 2548 C:\Windows\System32\WSHTCPIP.DLL - ok
22:28:57.0556 2548 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
22:28:57.0556 2548 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
22:28:57.0556 2548 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:28:57.0556 2548 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
22:28:57.0556 2548 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
22:28:57.0556 2548 C:\Windows\System32\FirewallAPI.dll - ok
22:28:57.0556 2548 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
22:28:57.0556 2548 C:\Windows\System32\authui.dll - ok
22:28:57.0556 2548 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
22:28:57.0556 2548 C:\Windows\System32\LogonUI.exe - ok
22:28:57.0556 2548 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
22:28:57.0556 2548 C:\Windows\System32\ntmarta.dll - ok
22:28:57.0572 2548 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
22:28:57.0572 2548 C:\Windows\System32\version.dll - ok
22:28:57.0572 2548 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
22:28:57.0572 2548 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
22:28:57.0572 2548 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
22:28:57.0572 2548 C:\Windows\System32\wtsapi32.dll - ok
22:28:57.0572 2548 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
22:28:57.0572 2548 C:\Windows\System32\cryptui.dll - ok
22:28:57.0572 2548 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
22:28:57.0572 2548 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
22:28:57.0572 2548 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
22:28:57.0572 2548 C:\Windows\System32\uxtheme.dll - ok
22:28:57.0587 2548 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
22:28:57.0587 2548 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
22:28:57.0587 2548 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
22:28:57.0587 2548 C:\Windows\System32\dui70.dll - ok
22:28:57.0587 2548 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
22:28:57.0587 2548 C:\Windows\System32\duser.dll - ok
22:28:57.0587 2548 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
22:28:57.0587 2548 C:\Windows\System32\SndVolSSO.dll - ok
22:28:57.0587 2548 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
22:28:57.0587 2548 C:\Windows\System32\hid.dll - ok
22:28:57.0587 2548 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
22:28:57.0587 2548 C:\Windows\System32\MMDevAPI.dll - ok
22:28:57.0603 2548 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
22:28:57.0603 2548 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
22:28:57.0603 2548 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
22:28:57.0603 2548 C:\Windows\System32\propsys.dll - ok
22:28:57.0603 2548 [ 40DA7B4B1E89B095E15273F0390D6843 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
22:28:57.0603 2548 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
22:28:57.0603 2548 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
22:28:57.0603 2548 C:\Windows\System32\wevtsvc.dll - ok
22:28:57.0603 2548 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
22:28:57.0603 2548 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
22:28:57.0603 2548 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
22:28:57.0603 2548 C:\Windows\System32\fltLib.dll - ok
22:28:57.0618 2548 [ 0476A8C105932312A17CA43FEDC6D3B6 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
22:28:57.0618 2548 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
22:28:57.0618 2548 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
22:28:57.0618 2548 C:\Windows\System32\drivers\MpFilter.sys - ok
22:28:57.0618 2548 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
22:28:57.0618 2548 C:\Windows\System32\dwmapi.dll - ok
22:28:57.0618 2548 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
22:28:57.0618 2548 C:\Windows\System32\xmllite.dll - ok
22:28:57.0618 2548 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
22:28:57.0618 2548 C:\Windows\System32\WindowsCodecs.dll - ok
22:28:57.0618 2548 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
22:28:57.0618 2548 C:\Windows\System32\audiosrv.dll - ok
22:28:57.0618 2548 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
22:28:57.0618 2548 C:\Windows\System32\avrt.dll - ok
22:28:57.0634 2548 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
22:28:57.0634 2548 C:\Windows\System32\mmcss.dll - ok
22:28:57.0634 2548 [ E82994866A370A480607637F28B82835 ] C:\Program Files\IDT\WDM\stacsv64.exe
22:28:57.0634 2548 C:\Program Files\IDT\WDM\stacsv64.exe - ok
22:28:57.0634 2548 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
22:28:57.0634 2548 C:\Windows\System32\atl.dll - ok
22:28:57.0634 2548 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{66438C09-7E9B-4E0A-83E6-287CA033DC9A}\mpengine.dll
22:28:57.0634 2548 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{66438C09-7E9B-4E0A-83E6-287CA033DC9A}\mpengine.dll - ok
22:28:57.0634 2548 [ CFD0D6A31062E83F5BF846E4825D70A5 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL
22:28:57.0634 2548 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL - ok
22:28:57.0634 2548 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
22:28:57.0634 2548 C:\Windows\System32\winbrand.dll - ok
22:28:57.0650 2548 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
22:28:57.0650 2548 C:\Windows\System32\credui.dll - ok
22:28:57.0650 2548 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
22:28:57.0650 2548 C:\Windows\System32\VaultCredProvider.dll - ok
22:28:57.0650 2548 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
22:28:57.0650 2548 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
22:28:57.0650 2548 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
22:28:57.0650 2548 C:\Windows\System32\BioCredProv.dll - ok
22:28:57.0650 2548 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
22:28:57.0650 2548 C:\Windows\System32\netapi32.dll - ok
22:28:57.0650 2548 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
22:28:57.0650 2548 C:\Windows\System32\vaultcli.dll - ok
22:28:57.0650 2548 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
22:28:57.0650 2548 C:\Windows\System32\winbio.dll - ok
22:28:57.0665 2548 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
22:28:57.0665 2548 C:\Windows\System32\samcli.dll - ok
22:28:57.0665 2548 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
22:28:57.0665 2548 C:\Windows\System32\wkscli.dll - ok
22:28:57.0665 2548 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
22:28:57.0665 2548 C:\Windows\System32\certCredProvider.dll - ok
22:28:57.0665 2548 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
22:28:57.0665 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
22:28:57.0665 2548 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
22:28:57.0665 2548 C:\Windows\System32\rasplap.dll - ok
22:28:57.0665 2548 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
22:28:57.0665 2548 C:\Windows\System32\rasapi32.dll - ok
22:28:57.0681 2548 [ 833711E042E86AD5FBD7E783765F880F ] C:\Windows\System32\dsNcSmartCardProv.dll
22:28:57.0681 2548 C:\Windows\System32\dsNcSmartCardProv.dll - ok
22:28:57.0681 2548 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
22:28:57.0681 2548 C:\Windows\System32\rasman.dll - ok
22:28:57.0681 2548 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
22:28:57.0681 2548 C:\Windows\System32\rtutils.dll - ok
22:28:57.0681 2548 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
22:28:57.0681 2548 C:\Windows\System32\rasdlg.dll - ok
22:28:57.0681 2548 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
22:28:57.0681 2548 C:\Windows\System32\WinSCard.dll - ok
22:28:57.0681 2548 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
22:28:57.0681 2548 C:\Windows\System32\mprapi.dll - ok
22:28:57.0696 2548 [ F53C1BF3780FA3066194B8E5FBECDD9C ] C:\Windows\System32\dsNcCredProv.dll
22:28:57.0696 2548 C:\Windows\System32\dsNcCredProv.dll - ok
22:28:57.0696 2548 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
22:28:57.0696 2548 C:\Windows\System32\dsound.dll - ok
22:28:57.0696 2548 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
22:28:57.0696 2548 C:\Windows\System32\winmm.dll - ok
22:28:57.0696 2548 [ E63B2CA126FE5ADF9873F4074AD8C973 ] C:\Windows\System32\stapi64.dll
22:28:57.0696 2548 C:\Windows\System32\stapi64.dll - ok
22:28:57.0696 2548 [ 5F9479B2BD3575E789F06F4DEB86C9E0 ] C:\Program Files\IDT\WDM\AESTCo64.dll
22:28:57.0696 2548 C:\Program Files\IDT\WDM\AESTCo64.dll - ok
22:28:57.0696 2548 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
22:28:57.0696 2548 C:\Windows\System32\audiodg.exe - ok
22:28:57.0696 2548 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
22:28:57.0696 2548 C:\Windows\System32\AudioSes.dll - ok
22:28:57.0712 2548 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
22:28:57.0712 2548 C:\Windows\System32\wdmaud.drv - ok
22:28:57.0712 2548 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
22:28:57.0712 2548 C:\Windows\System32\ksuser.dll - ok
22:28:57.0712 2548 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
22:28:57.0712 2548 C:\Windows\System32\wlansvc.dll - ok
22:28:57.0712 2548 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
22:28:57.0712 2548 C:\Windows\System32\AudioEng.dll - ok
22:28:57.0712 2548 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
22:28:57.0712 2548 C:\Windows\System32\AUDIOKSE.dll - ok
22:28:57.0712 2548 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
22:28:57.0712 2548 C:\Windows\System32\msacm32.drv - ok
22:28:57.0728 2548 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
22:28:57.0728 2548 C:\Windows\System32\msacm32.dll - ok
22:28:57.0728 2548 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
22:28:57.0728 2548 C:\Windows\System32\midimap.dll - ok
22:28:57.0728 2548 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
22:28:57.0728 2548 C:\Windows\System32\adtschema.dll - ok
22:28:57.0728 2548 [ 7C8C03AAE445A5FF1C35E1483BC8ABD4 ] C:\Windows\System32\stapo64.dll
22:28:57.0728 2548 C:\Windows\System32\stapo64.dll - ok
22:28:57.0728 2548 [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
22:28:57.0728 2548 C:\Windows\System32\w32time.dll - ok
22:28:57.0728 2548 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
22:28:57.0728 2548 C:\Windows\System32\netprofm.dll - ok
22:28:57.0743 2548 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
22:28:57.0743 2548 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
22:28:57.0743 2548 [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
22:28:57.0743 2548 C:\Windows\System32\WUDFPlatform.dll - ok
22:28:57.0743 2548 [ FFA1A0DD5C18130DABE0F68D6F1EBFBA ] C:\Windows\System32\AESTAC64.dll
22:28:57.0743 2548 C:\Windows\System32\AESTAC64.dll - ok
22:28:57.0743 2548 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
22:28:57.0743 2548 C:\Windows\System32\MPSSVC.dll - ok
22:28:57.0743 2548 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
22:28:57.0743 2548 C:\Windows\System32\WMALFXGFXDSP.dll - ok
22:28:57.0743 2548 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
22:28:57.0743 2548 C:\Windows\System32\drivers\fltMgr.sys - ok
22:28:57.0743 2548 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
22:28:57.0743 2548 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
22:28:57.0759 2548 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
22:28:57.0759 2548 C:\Windows\System32\PSHED.DLL - ok
22:28:57.0759 2548 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
22:28:57.0759 2548 C:\Windows\System32\mfplat.dll - ok
22:28:57.0759 2548 [ C469893743E18BA547DB3C7ED98B32F5 ] C:\Windows\System32\AESTAR64.dll
22:28:57.0759 2548 C:\Windows\System32\AESTAR64.dll - ok
22:28:57.0759 2548 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
22:28:57.0759 2548 C:\Windows\System32\gpsvc.dll - ok
22:28:57.0759 2548 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
22:28:57.0759 2548 C:\Windows\System32\profsvc.dll - ok
22:28:57.0759 2548 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
22:28:57.0759 2548 C:\Windows\System32\themeservice.dll - ok
22:28:57.0774 2548 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
22:28:57.0774 2548 C:\Windows\System32\dsrole.dll - ok
22:28:57.0774 2548 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
22:28:57.0774 2548 C:\Windows\System32\es.dll - ok
22:28:57.0774 2548 [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
22:28:57.0774 2548 C:\Windows\System32\nlaapi.dll - ok
22:28:57.0774 2548 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
22:28:57.0774 2548 C:\Windows\System32\slc.dll - ok
22:28:57.0774 2548 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
22:28:57.0774 2548 C:\Windows\System32\UXInit.dll - ok
22:28:57.0774 2548 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
22:28:57.0774 2548 C:\Windows\System32\comres.dll - ok
22:28:57.0774 2548 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
22:28:57.0774 2548 C:\Windows\System32\Sens.dll - ok
22:28:57.0790 2548 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
22:28:57.0790 2548 C:\Windows\System32\uxsms.dll - ok
22:28:57.0790 2548 [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
22:28:57.0790 2548 C:\Windows\System32\WUDFSvc.dll - ok
22:28:57.0790 2548 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
22:28:57.0790 2548 C:\Windows\System32\drivers\scfilter.sys - ok
22:28:57.0790 2548 [ D0FF1CA89D013B94768A289023958F6B ] C:\Windows\System32\WUDFHost.exe
22:28:57.0790 2548 C:\Windows\System32\WUDFHost.exe - ok
22:28:57.0790 2548 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
22:28:57.0790 2548 C:\Windows\System32\samlib.dll - ok
22:28:57.0790 2548 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
22:28:57.0790 2548 C:\Windows\System32\winusb.dll - ok
22:28:57.0806 2548 [ 1950B1C38AED4154BA79F77E36494D8A ] C:\Windows\System32\WUDFx.dll
22:28:57.0806 2548 C:\Windows\System32\WUDFx.dll - ok
22:28:57.0806 2548 [ 8691A502CFF70D360372A86434A8C723 ] C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll
22:28:57.0806 2548 C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll - ok
22:28:57.0806 2548 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
22:28:57.0806 2548 C:\Windows\System32\shacct.dll - ok
22:28:57.0806 2548 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
22:28:57.0806 2548 C:\Windows\System32\imageres.dll - ok
22:28:57.0806 2548 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
22:28:57.0806 2548 C:\Windows\System32\drivers\lltdio.sys - ok
22:28:57.0806 2548 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
22:28:57.0806 2548 C:\Windows\System32\drivers\nwifi.sys - ok
22:28:57.0821 2548 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
22:28:57.0821 2548 C:\Windows\System32\drivers\ndisuio.sys - ok
22:28:57.0821 2548 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
22:28:57.0821 2548 C:\Windows\System32\drivers\rspndr.sys - ok
22:28:57.0821 2548 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
22:28:57.0821 2548 C:\Windows\System32\IPHLPAPI.DLL - ok
22:28:57.0821 2548 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
22:28:57.0821 2548 C:\Windows\System32\lmhsvc.dll - ok
22:28:57.0821 2548 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
22:28:57.0821 2548 C:\Windows\System32\nsisvc.dll - ok
22:28:57.0821 2548 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
22:28:57.0821 2548 C:\Windows\System32\winnsi.dll - ok
22:28:57.0821 2548 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
22:28:57.0821 2548 C:\Windows\System32\dnsrslvr.dll - ok
22:28:57.0837 2548 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
22:28:57.0837 2548 C:\Windows\System32\eapphost.dll - ok
22:28:57.0837 2548 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
22:28:57.0837 2548 C:\Windows\System32\eapsvc.dll - ok
22:28:57.0837 2548 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
22:28:57.0837 2548 C:\Windows\System32\keyiso.dll - ok
22:28:57.0837 2548 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
22:28:57.0837 2548 C:\Windows\System32\FWPUCLNT.DLL - ok
22:28:57.0837 2548 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
22:28:57.0837 2548 C:\Windows\System32\dnsext.dll - ok
22:28:57.0837 2548 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
22:28:57.0837 2548 C:\Windows\System32\dhcpcsvc.dll - ok
22:28:57.0852 2548 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
22:28:57.0852 2548 C:\Windows\System32\umb.dll - ok
22:28:57.0852 2548 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
22:28:57.0852 2548 C:\Windows\System32\wlanmsm.dll - ok
22:28:57.0852 2548 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
22:28:57.0852 2548 C:\Windows\System32\wlansec.dll - ok
22:28:57.0852 2548 [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
22:28:57.0852 2548 C:\Windows\System32\dhcpcsvc6.dll - ok
22:28:57.0852 2548 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
22:28:57.0852 2548 C:\Windows\System32\onex.dll - ok
22:28:57.0852 2548 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
22:28:57.0852 2548 C:\Windows\System32\eappcfg.dll - ok
22:28:57.0852 2548 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
22:28:57.0852 2548 C:\Windows\System32\eappprxy.dll - ok
22:28:57.0868 2548 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
22:28:57.0868 2548 C:\Windows\System32\l2gpstore.dll - ok
22:28:57.0868 2548 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
22:28:57.0868 2548 C:\Windows\System32\wlgpclnt.dll - ok
22:28:57.0868 2548 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
22:28:57.0868 2548 C:\Windows\System32\dhcpcore.dll - ok
22:28:57.0868 2548 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
22:28:57.0868 2548 C:\Windows\System32\nrpsrv.dll - ok
22:28:57.0868 2548 [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
22:28:57.0868 2548 C:\Windows\System32\dhcpcore6.dll - ok
22:28:57.0868 2548 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
22:28:57.0868 2548 C:\Windows\System32\wlanutil.dll - ok
22:28:57.0884 2548 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
22:28:57.0884 2548 C:\Windows\System32\msxml6.dll - ok
22:28:57.0884 2548 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
22:28:57.0884 2548 C:\Windows\System32\shsvcs.dll - ok
22:28:57.0884 2548 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
22:28:57.0884 2548 C:\Windows\System32\schedsvc.dll - ok
22:28:57.0884 2548 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
22:28:57.0884 2548 C:\Windows\System32\ktmw32.dll - ok
22:28:57.0884 2548 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
22:28:57.0884 2548 C:\Windows\System32\taskcomp.dll - ok
22:28:57.0884 2548 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
22:28:57.0884 2548 C:\Windows\System32\fveapi.dll - ok
22:28:57.0884 2548 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
22:28:57.0884 2548 C:\Windows\System32\fvecerts.dll - ok
22:28:57.0899 2548 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
22:28:57.0899 2548 C:\Windows\System32\tbs.dll - ok
22:28:57.0899 2548 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
22:28:57.0899 2548 C:\Windows\System32\wiarpc.dll - ok
22:28:57.0899 2548 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
22:28:57.0899 2548 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
22:28:57.0899 2548 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
22:28:57.0899 2548 C:\Windows\System32\drivers\http.sys - ok
22:28:57.0899 2548 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
22:28:57.0899 2548 C:\Windows\System32\netcfgx.dll - ok
22:28:57.0899 2548 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
22:28:57.0899 2548 C:\Windows\System32\drivers\vwifimp.sys - ok
22:28:57.0899 2548 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
22:28:57.0915 2548 C:\Windows\System32\spoolsv.exe - ok
22:28:57.0915 2548 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
22:28:57.0915 2548 C:\Windows\System32\actxprxy.dll - ok
22:28:57.0915 2548 [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
22:28:57.0915 2548 C:\Windows\System32\SCardSvr.dll - ok
22:28:57.0915 2548 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
22:28:57.0915 2548 C:\Windows\System32\BFE.DLL - ok
22:28:57.0915 2548 [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
22:28:57.0915 2548 C:\Windows\System32\polstore.dll - ok
22:28:57.0915 2548 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
22:28:57.0915 2548 C:\Windows\System32\drivers\bowser.sys - ok
22:28:57.0915 2548 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
22:28:57.0915 2548 C:\Windows\System32\drivers\mpsdrv.sys - ok
22:28:57.0930 2548 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
22:28:57.0930 2548 C:\Windows\System32\drivers\mrxsmb.sys - ok
22:28:57.0930 2548 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
22:28:57.0930 2548 C:\Windows\System32\drivers\mrxsmb10.sys - ok
22:28:57.0930 2548 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
22:28:57.0930 2548 C:\Windows\System32\drivers\mrxsmb20.sys - ok
22:28:57.0930 2548 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
22:28:57.0930 2548 C:\Windows\System32\wfapigp.dll - ok
22:28:57.0930 2548 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
22:28:57.0930 2548 C:\Windows\System32\wkssvc.dll - ok
22:28:57.0930 2548 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
22:28:57.0930 2548 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
22:28:57.0946 2548 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
22:28:57.0946 2548 C:\Windows\System32\mscms.dll - ok
22:28:57.0946 2548 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
22:28:57.0946 2548 C:\Windows\System32\pcasvc.dll - ok
22:28:57.0946 2548 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
22:28:57.0946 2548 C:\Windows\System32\snmptrap.exe - ok
22:28:57.0946 2548 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
22:28:57.0946 2548 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
22:28:57.0946 2548 [ EC39F1D7AEE1F9C5ED803283196F8691 ] C:\Program Files\Box Sync\UpdateService.exe
22:28:57.0946 2548 C:\Program Files\Box Sync\UpdateService.exe - ok
22:28:57.0946 2548 [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
22:28:57.0946 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
22:28:57.0962 2548 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
22:28:57.0962 2548 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
22:28:57.0962 2548 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
22:28:57.0962 2548 C:\Windows\System32\wscapi.dll - ok
22:28:57.0962 2548 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
22:28:57.0962 2548 C:\Windows\System32\mscoree.dll - ok
22:28:57.0962 2548 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
22:28:57.0962 2548 C:\Windows\System32\PeerDistSh.dll - ok
22:28:57.0962 2548 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
22:28:57.0962 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
22:28:57.0962 2548 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
22:28:57.0962 2548 C:\Windows\System32\sstpsvc.dll - ok
22:28:57.0977 2548 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
22:28:57.0977 2548 C:\Windows\System32\provsvc.dll - ok
22:28:57.0977 2548 [ A05C0003E8D7CEA359A439690554F8BB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
22:28:57.0977 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
22:28:57.0977 2548 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
22:28:57.0977 2548 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
22:28:57.0977 2548 [ 76CDA84DCB30EBDEF0D86051A72E0C0F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
22:28:57.0977 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
22:28:57.0977 2548 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
22:28:57.0977 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
22:28:57.0977 2548 [ BA48FCD5653B8A62F39AAF2663EC5D10 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
22:28:57.0977 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
22:28:57.0993 2548 [ F6F21358DD6BBC65BA45CA595E557611 ] C:\Windows\System32\gpscript.exe
22:28:57.0993 2548 C:\Windows\System32\gpscript.exe - ok
22:28:57.0993 2548 [ 87204B04A63E684D3FD02A7BC10741CD ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll
22:28:57.0993 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\f71d2f65d0f149c75ac7a569dbcc8500\System.ServiceProcess.ni.dll - ok
22:28:57.0993 2548 [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:28:57.0993 2548 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
22:28:57.0993 2548 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
22:28:57.0993 2548 C:\Windows\SysWOW64\ntdll.dll - ok
22:28:57.0993 2548 [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
22:28:57.0993 2548 C:\Windows\System32\wow64.dll - ok
22:28:57.0993 2548 [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
22:28:57.0993 2548 C:\Windows\System32\wow64win.dll - ok
22:28:58.0008 2548 [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
22:28:58.0008 2548 C:\Windows\System32\wow64cpu.dll - ok
22:28:58.0008 2548 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\kernel32.dll - ok
22:28:58.0008 2548 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\KernelBase.dll - ok
22:28:58.0008 2548 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\user32.dll - ok
22:28:58.0008 2548 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\gdi32.dll - ok
22:28:58.0008 2548 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\lpk.dll - ok
22:28:58.0008 2548 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
22:28:58.0008 2548 C:\Windows\SysWOW64\usp10.dll - ok
22:28:58.0024 2548 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\msvcrt.dll - ok
22:28:58.0024 2548 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\advapi32.dll - ok
22:28:58.0024 2548 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\rpcrt4.dll - ok
22:28:58.0024 2548 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\sechost.dll - ok
22:28:58.0024 2548 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\cryptbase.dll - ok
22:28:58.0024 2548 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
22:28:58.0024 2548 C:\Windows\SysWOW64\shell32.dll - ok
22:28:58.0040 2548 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\sspicli.dll - ok
22:28:58.0040 2548 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\shlwapi.dll - ok
22:28:58.0040 2548 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\ole32.dll - ok
22:28:58.0040 2548 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\oleaut32.dll - ok
22:28:58.0040 2548 [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\crypt32.dll - ok
22:28:58.0040 2548 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\msasn1.dll - ok
22:28:58.0040 2548 [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
22:28:58.0040 2548 C:\Windows\SysWOW64\wintrust.dll - ok
22:28:58.0055 2548 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
22:28:58.0055 2548 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
22:28:58.0055 2548 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
22:28:58.0055 2548 C:\Windows\SysWOW64\imm32.dll - ok
22:28:58.0055 2548 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
22:28:58.0055 2548 C:\Windows\SysWOW64\msctf.dll - ok
22:28:58.0055 2548 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Program Files\IDT\WDM\AESTSr64.exe
22:28:58.0055 2548 C:\Program Files\IDT\WDM\AESTSr64.exe - ok
22:28:58.0055 2548 [ CD23F93E1ADDD0D1C41982C4942CCBC0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\UpdaterNew\260a1091470158bab758fe03bab077d6\UpdaterNew.ni.dll
22:28:58.0055 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\UpdaterNew\260a1091470158bab758fe03bab077d6\UpdaterNew.ni.dll - ok
22:28:58.0055 2548 [ 255D35EEC5B107405DF0F75195D9D155 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxUtils\f180ce1739a677d362ec608b8039d8af\BoxUtils.ni.dll
22:28:58.0055 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxUtils\f180ce1739a677d362ec608b8039d8af\BoxUtils.ni.dll - ok
22:28:58.0071 2548 [ F61380DB943CB9D1976FF65612CC9A74 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\ZetaLongPaths\94f192dc18aa649d7bdebce21e5597cd\ZetaLongPaths.ni.dll
22:28:58.0071 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\ZetaLongPaths\94f192dc18aa649d7bdebce21e5597cd\ZetaLongPaths.ni.dll - ok
22:28:58.0071 2548 [ 5D0461D6EAD823ACE5C91445354B2124 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxSync\6d80dd36900bd78d35a0200ba9a50c79\BoxSync.ni.exe
22:28:58.0071 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxSync\6d80dd36900bd78d35a0200ba9a50c79\BoxSync.ni.exe - ok
22:28:58.0071 2548 [ 272237F72E7EEFC962F9E9D569CD5958 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Python.Runtime\96358806bf9a137e4e3f0d7500cabcbd\Python.Runtime.ni.dll
22:28:58.0071 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\Python.Runtime\96358806bf9a137e4e3f0d7500cabcbd\Python.Runtime.ni.dll - ok
22:28:58.0071 2548 [ A9DA8CC5E02FF594E11A78D86D5B6A5B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll
22:28:58.0071 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\2a02b172fa4cf3d93ce7388b67b2a199\System.Runtime.Remoting.ni.dll - ok
22:28:58.0071 2548 [ 88390FE440DCC3F10556AE41F4EDFCA1 ] C:\Windows\System32\drivers\asdrs.sys
22:28:58.0071 2548 C:\Windows\System32\drivers\asdrs.sys - ok
22:28:58.0071 2548 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
22:28:58.0071 2548 C:\Program Files\Windows Defender\MpClient.dll - ok
22:28:58.0086 2548 [ 86D4ABC1B01D39C810E14D54C2D6AEE1 ] C:\Program Files (x86)\Anvi Smart Defender\ASDSrv.exe
22:28:58.0086 2548 C:\Program Files (x86)\Anvi Smart Defender\ASDSrv.exe - ok
22:28:58.0086 2548 [ E0AE816D41F326F37EDFFC1CB0D462B1 ] C:\Program Files (x86)\Anvi Smart Defender\sqlite3.dll
22:28:58.0086 2548 C:\Program Files (x86)\Anvi Smart Defender\sqlite3.dll - ok
22:28:58.0086 2548 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
22:28:58.0086 2548 C:\Windows\SysWOW64\fltLib.dll - ok
22:28:58.0086 2548 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
22:28:58.0086 2548 C:\Windows\SysWOW64\psapi.dll - ok
22:28:58.0086 2548 [ 6775931D9F2E203126251A28D6E7E0EC ] C:\Program Files (x86)\Anvi Smart Defender\Swordfish.dll
22:28:58.0086 2548 C:\Program Files (x86)\Anvi Smart Defender\Swordfish.dll - ok
22:28:58.0086 2548 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
22:28:58.0086 2548 C:\Windows\SysWOW64\version.dll - ok
22:28:58.0102 2548 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
22:28:58.0102 2548 C:\Windows\SysWOW64\dbghelp.dll - ok
22:28:58.0102 2548 [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
22:28:58.0102 2548 C:\Windows\System32\certprop.dll - ok
22:28:58.0102 2548 [ 2D6D1BCBE6B7D0688681CE71C4A4C828 ] C:\Windows\System32\drivers\asdws.sys
22:28:58.0102 2548 C:\Windows\System32\drivers\asdws.sys - ok
22:28:58.0102 2548 [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
22:28:58.0102 2548 C:\Windows\System32\cryptsvc.dll - ok
22:28:58.0102 2548 [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
22:28:58.0102 2548 C:\Windows\System32\cryptnet.dll - ok
22:28:58.0102 2548 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
22:28:58.0102 2548 C:\Windows\System32\vssapi.dll - ok
22:28:58.0118 2548 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
22:28:58.0118 2548 C:\Windows\SysWOW64\profapi.dll - ok
22:28:58.0118 2548 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
22:28:58.0118 2548 C:\Windows\System32\vsstrace.dll - ok
22:28:58.0118 2548 [ 66257CB4E4FB69887CDDC71663741435 ] C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
22:28:58.0118 2548 C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe - ok
22:28:58.0118 2548 [ B7E663FF6F235820BCA06BA925335AE3 ] C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
22:28:58.0118 2548 C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll - ok
22:28:58.0118 2548 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
22:28:58.0118 2548 C:\Windows\SysWOW64\nsi.dll - ok
22:28:58.0118 2548 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
22:28:58.0118 2548 C:\Windows\SysWOW64\rasapi32.dll - ok
22:28:58.0118 2548 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
22:28:58.0118 2548 C:\Windows\SysWOW64\ws2_32.dll - ok
22:28:58.0133 2548 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\wsock32.dll - ok
22:28:58.0133 2548 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\rasman.dll - ok
22:28:58.0133 2548 [ 5553611E2F9EA6F613079177F1233068 ] C:\Windows\SysWOW64\wininet.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\wininet.dll - ok
22:28:58.0133 2548 [ EB8A00E8E9931A7EC04F920B09D880D8 ] C:\Windows\SysWOW64\iertutil.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\iertutil.dll - ok
22:28:58.0133 2548 [ 9FAC0F6D5F3D922DB294E30CD3F62369 ] C:\Windows\SysWOW64\urlmon.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\urlmon.dll - ok
22:28:58.0133 2548 [ 126B75D50756FE204283D418AE1A66DF ] C:\Windows\SysWOW64\msvcirt.dll
22:28:58.0133 2548 C:\Windows\SysWOW64\msvcirt.dll - ok
22:28:58.0149 2548 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
22:28:58.0149 2548 C:\Windows\SysWOW64\msvcp60.dll - ok
22:28:58.0149 2548 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
22:28:58.0149 2548 C:\Windows\SysWOW64\mfc42.dll - ok
22:28:58.0149 2548 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
22:28:58.0149 2548 C:\Windows\SysWOW64\odbc32.dll - ok
22:28:58.0149 2548 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
22:28:58.0149 2548 C:\Windows\SysWOW64\odbcint.dll - ok
22:28:58.0149 2548 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
22:28:58.0149 2548 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
22:28:58.0149 2548 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
22:28:58.0149 2548 C:\Windows\System32\dps.dll - ok
22:28:58.0149 2548 [ F383B60E7468D613990F8ACA59269573 ] C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
22:28:58.0149 2548 C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe - ok
22:28:58.0164 2548 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
22:28:58.0164 2548 C:\Windows\System32\taskschd.dll - ok
22:28:58.0164 2548 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
22:28:58.0164 2548 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
22:28:58.0164 2548 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
22:28:58.0164 2548 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
22:28:58.0164 2548 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
22:28:58.0164 2548 C:\Windows\SysWOW64\setupapi.dll - ok
22:28:58.0164 2548 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
22:28:58.0164 2548 C:\Windows\SysWOW64\winnsi.dll - ok
22:28:58.0164 2548 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
22:28:58.0164 2548 C:\Windows\SysWOW64\cfgmgr32.dll - ok
22:28:58.0180 2548 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
22:28:58.0180 2548 C:\Windows\SysWOW64\devobj.dll - ok
22:28:58.0180 2548 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
22:28:58.0180 2548 C:\Windows\SysWOW64\ntmarta.dll - ok
22:28:58.0180 2548 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
22:28:58.0180 2548 C:\Windows\SysWOW64\Wldap32.dll - ok
22:28:58.0180 2548 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
22:28:58.0180 2548 C:\Windows\SysWOW64\mswsock.dll - ok
22:28:58.0180 2548 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
22:28:58.0180 2548 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
22:28:58.0180 2548 [ 2ACF358B3F2050DF3E6772C8CAA20493 ] C:\Windows\SysWOW64\DWRCS.exe
22:28:58.0180 2548 C:\Windows\SysWOW64\DWRCS.exe - ok
22:28:58.0196 2548 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
22:28:58.0196 2548 C:\Windows\SysWOW64\mpr.dll - ok
22:28:58.0196 2548 [ 554C488CCED72812A8559115F2734164 ] C:\Windows\SysWOW64\DWRCSET.dll
22:28:58.0196 2548 C:\Windows\SysWOW64\DWRCSET.dll - ok
22:28:58.0196 2548 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
22:28:58.0196 2548 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
22:28:58.0196 2548 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
22:28:58.0196 2548 C:\Windows\System32\efscore.dll - ok
22:28:58.0196 2548 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
22:28:58.0196 2548 C:\Windows\System32\efssvc.dll - ok
22:28:58.0196 2548 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
22:28:58.0196 2548 C:\Windows\System32\FDResPub.dll - ok
22:28:58.0196 2548 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\SysWOW64\svchost.exe
22:28:58.0196 2548 C:\Windows\SysWOW64\svchost.exe - ok

#12 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 11 December 2012 - 11:27 PM

TDSS Killer - log part 2
-----------------------------
22:28:58.0211 2548 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
22:28:58.0211 2548 C:\Windows\System32\efsutil.dll - ok
22:28:58.0211 2548 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
22:28:58.0211 2548 C:\Windows\System32\fdPHost.dll - ok
22:28:58.0211 2548 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
22:28:58.0211 2548 C:\Windows\System32\fdWSD.dll - ok
22:28:58.0211 2548 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
22:28:58.0211 2548 C:\Windows\SysWOW64\clbcatq.dll - ok
22:28:58.0211 2548 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
22:28:58.0211 2548 C:\Windows\System32\mlang.dll - ok
22:28:58.0211 2548 [ E1478A46C23800101ABE17A8FA5E6C51 ] C:\Program Files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe
22:28:58.0211 2548 C:\Program Files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe - ok
22:28:58.0227 2548 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
22:28:58.0227 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
22:28:58.0227 2548 [ 447256D1C026654C5CD3CC17E7B20631 ] C:\Windows\SysWOW64\XAudio64.dll
22:28:58.0227 2548 C:\Windows\SysWOW64\XAudio64.dll - ok
22:28:58.0227 2548 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
22:28:58.0227 2548 C:\Windows\System32\WSDApi.dll - ok
22:28:58.0227 2548 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
22:28:58.0227 2548 C:\Windows\System32\webservices.dll - ok
22:28:58.0227 2548 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
22:28:58.0227 2548 C:\Windows\System32\fundisc.dll - ok
22:28:58.0227 2548 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
22:28:58.0227 2548 C:\Windows\System32\winhttp.dll - ok
22:28:58.0242 2548 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
22:28:58.0242 2548 C:\Windows\System32\webio.dll - ok
22:28:58.0242 2548 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
22:28:58.0242 2548 C:\Windows\System32\fdSSDP.dll - ok
22:28:58.0242 2548 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
22:28:58.0242 2548 C:\Windows\System32\ssdpapi.dll - ok
22:28:58.0242 2548 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
22:28:58.0242 2548 C:\Windows\SysWOW64\FirewallAPI.dll - ok
22:28:58.0242 2548 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
22:28:58.0242 2548 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
22:28:58.0242 2548 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
22:28:58.0242 2548 C:\Windows\System32\riched20.dll - ok
22:28:58.0242 2548 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
22:28:58.0242 2548 C:\Windows\System32\httpapi.dll - ok
22:28:58.0258 2548 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
22:28:58.0258 2548 C:\Windows\System32\SensApi.dll - ok
22:28:58.0258 2548 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
22:28:58.0258 2548 C:\Windows\SysWOW64\NapiNSP.dll - ok
22:28:58.0258 2548 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
22:28:58.0258 2548 C:\Windows\SysWOW64\nlaapi.dll - ok
22:28:58.0258 2548 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
22:28:58.0258 2548 C:\Windows\SysWOW64\wtsapi32.dll - ok
22:28:58.0258 2548 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
22:28:58.0258 2548 C:\Windows\SysWOW64\dnsapi.dll - ok
22:28:58.0258 2548 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
22:28:58.0258 2548 C:\Windows\SysWOW64\pnrpnsp.dll - ok
22:28:58.0274 2548 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
22:28:58.0274 2548 C:\Windows\SysWOW64\winrnr.dll - ok
22:28:58.0274 2548 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
22:28:58.0274 2548 C:\Windows\SysWOW64\winsta.dll - ok
22:28:58.0274 2548 [ AC122407B29378FF9646F03404AC7C54 ] C:\Windows\SysWOW64\wshbth.dll
22:28:58.0274 2548 C:\Windows\SysWOW64\wshbth.dll - ok
22:28:58.0274 2548 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
22:28:58.0274 2548 C:\Windows\System32\IKEEXT.DLL - ok
22:28:58.0274 2548 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
22:28:58.0274 2548 C:\Windows\System32\vpnikeapi.dll - ok
22:28:58.0274 2548 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
22:28:58.0274 2548 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
22:28:58.0274 2548 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
22:28:58.0274 2548 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
22:28:58.0289 2548 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
22:28:58.0289 2548 C:\Windows\SysWOW64\rasadhlp.dll - ok
22:28:58.0289 2548 [ D7AB79F938470391FA31090A738B00BF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll
22:28:58.0289 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\a32734087cd0db5607d5744ca63235d7\System.Web.Services.ni.dll - ok
22:28:58.0289 2548 [ 37C813CF6B4E892E2CDA6FEF3B871AFC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll
22:28:58.0289 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\24d1b7ccbedaa3602bae6a6acea9929e\System.Xml.ni.dll - ok
22:28:58.0289 2548 [ 857F78A80A36BF9BE8B10D85E49CE2C4 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll
22:28:58.0289 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\193d03ca60573c92f92d9b07fa5bc243\System.Configuration.ni.dll - ok
22:28:58.0289 2548 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
22:28:58.0289 2548 C:\Windows\System32\esent.dll - ok
22:28:58.0305 2548 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
22:28:58.0305 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
22:28:58.0305 2548 [ E2107F227E1C174C20BEB7A51404BBAC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
22:28:58.0305 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
22:28:58.0305 2548 [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
22:28:58.0305 2548 C:\Windows\System32\conhost.exe - ok
22:28:58.0305 2548 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
22:28:58.0305 2548 C:\Windows\System32\ntdsapi.dll - ok
22:28:58.0305 2548 [ 17ED2224666F6F65F8054D84A3839E71 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
22:28:58.0305 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
22:28:58.0305 2548 [ EE338F7673C339D5497C97E86D1011A3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
22:28:58.0305 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
22:28:58.0320 2548 [ E3A4D59ED585226D381225521BF2A36D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
22:28:58.0320 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
22:28:58.0320 2548 [ 449F7C92A14B7F50B898FC67202A326C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
22:28:58.0320 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
22:28:58.0320 2548 [ 85B16A92B117A5A800032ECD904B86DB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:28:58.0320 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
22:28:58.0320 2548 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
22:28:58.0320 2548 C:\Windows\System32\shfolder.dll - ok
22:28:58.0320 2548 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
22:28:58.0320 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
22:28:58.0320 2548 [ C0F7C25EEFB1C5FD554AAA801201A83C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
22:28:58.0320 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
22:28:58.0336 2548 [ A8AD2773202A3913D1E1564BD5703183 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
22:28:58.0336 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
22:28:58.0336 2548 [ 20E2469DB709FC675E655CEAA11BE312 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:28:58.0336 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
22:28:58.0336 2548 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
22:28:58.0336 2548 C:\Windows\SysWOW64\userenv.dll - ok
22:28:58.0336 2548 [ D047D9A2B5AE074B1A1BFD22738548F8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll
22:28:58.0336 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\CustomMarshalers\b7916689137fd0bc9ba1ba5a27e2a38a\CustomMarshalers.ni.dll - ok
22:28:58.0336 2548 [ 8EB9DF4D405524D5EF69AE9ECB0EDD16 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
22:28:58.0336 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
22:28:58.0336 2548 [ E4F44EC214B3E381E1FC844A02926666 ] C:\Windows\System32\drivers\mdmxsdk.sys
22:28:58.0336 2548 C:\Windows\System32\drivers\mdmxsdk.sys - ok
22:28:58.0352 2548 [ 45D52B439F95E221BA74562E58BECCB6 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
22:28:58.0352 2548 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE - ok
22:28:58.0352 2548 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL
22:28:58.0352 2548 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL - ok
22:28:58.0352 2548 [ DDDD1CD093C3E4920497E4023436C7C5 ] C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll
22:28:58.0352 2548 C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll - ok
22:28:58.0352 2548 [ 85CD16B4FE05A26E1CBD546C168C4820 ] C:\Lotus\Notes\ntmulti.exe
22:28:58.0352 2548 C:\Lotus\Notes\ntmulti.exe - ok
22:28:58.0352 2548 [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
22:28:58.0352 2548 C:\Windows\System32\nlasvc.dll - ok
22:28:58.0352 2548 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
22:28:58.0352 2548 C:\Windows\SysWOW64\shfolder.dll - ok
22:28:58.0367 2548 [ 4E37455DB16AEC75862B1D0BC35B589E ] C:\Windows\System32\drivers\o2flash.exe
22:28:58.0367 2548 C:\Windows\System32\drivers\o2flash.exe - ok
22:28:58.0367 2548 [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
22:28:58.0367 2548 C:\Windows\System32\ncsi.dll - ok
22:28:58.0367 2548 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
22:28:58.0367 2548 C:\Windows\System32\netman.dll - ok
22:28:58.0367 2548 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
22:28:58.0367 2548 C:\Windows\System32\aepic.dll - ok
22:28:58.0367 2548 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
22:28:58.0367 2548 C:\Windows\System32\sfc.dll - ok
22:28:58.0367 2548 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
22:28:58.0367 2548 C:\Windows\System32\sfc_os.dll - ok
22:28:58.0367 2548 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
22:28:58.0367 2548 C:\Windows\System32\pnrpsvc.dll - ok
22:28:58.0383 2548 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
22:28:58.0383 2548 C:\Windows\System32\drivers\PEAuth.sys - ok
22:28:58.0383 2548 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
22:28:58.0383 2548 C:\Windows\System32\IPSECSVC.DLL - ok
22:28:58.0383 2548 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
22:28:58.0383 2548 C:\Windows\System32\drivers\secdrv.sys - ok
22:28:58.0383 2548 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
22:28:58.0383 2548 C:\Windows\System32\FwRemoteSvr.dll - ok
22:28:58.0383 2548 [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
22:28:58.0383 2548 C:\Windows\System32\regsvc.dll - ok
22:28:58.0383 2548 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
22:28:58.0383 2548 C:\Windows\System32\seclogon.dll - ok
22:28:58.0398 2548 [ F07AF60B152221472FBDB2FECEC4896D ] C:\Program Files (x86)\Skype\Updater\Updater.exe
22:28:58.0398 2548 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
22:28:58.0398 2548 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
22:28:58.0398 2548 C:\Windows\System32\drivers\srvnet.sys - ok
22:28:58.0398 2548 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
22:28:58.0398 2548 C:\Windows\SysWOW64\cryptsp.dll - ok
22:28:58.0398 2548 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
22:28:58.0398 2548 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
22:28:58.0398 2548 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
22:28:58.0398 2548 C:\Windows\SysWOW64\rsaenh.dll - ok
22:28:58.0398 2548 [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
22:28:58.0398 2548 C:\Windows\System32\drivers\tcpipreg.sys - ok
22:28:58.0398 2548 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
22:28:58.0398 2548 C:\Windows\System32\sysmain.dll - ok
22:28:58.0414 2548 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
22:28:58.0414 2548 C:\Windows\System32\tapisrv.dll - ok
22:28:58.0414 2548 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
22:28:58.0414 2548 C:\Windows\System32\wiaservc.dll - ok
22:28:58.0414 2548 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
22:28:58.0414 2548 C:\Windows\System32\wiatrace.dll - ok
22:28:58.0414 2548 [ 5E53CF8AD0FD33B35000C113656AB37B ] C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
22:28:58.0414 2548 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe - ok
22:28:58.0414 2548 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
22:28:58.0414 2548 C:\Windows\System32\msxml3.dll - ok
22:28:58.0414 2548 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
22:28:58.0414 2548 C:\Windows\SysWOW64\SensApi.dll - ok
22:28:58.0430 2548 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
22:28:58.0430 2548 C:\Windows\System32\trkwks.dll - ok
22:28:58.0430 2548 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
22:28:58.0430 2548 C:\Windows\SysWOW64\dwmapi.dll - ok
22:28:58.0430 2548 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
22:28:58.0430 2548 C:\Windows\SysWOW64\imagehlp.dll - ok
22:28:58.0430 2548 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
22:28:58.0430 2548 C:\Windows\SysWOW64\netapi32.dll - ok
22:28:58.0430 2548 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
22:28:58.0430 2548 C:\Windows\SysWOW64\netutils.dll - ok
22:28:58.0430 2548 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
22:28:58.0430 2548 C:\Windows\SysWOW64\secur32.dll - ok
22:28:58.0445 2548 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
22:28:58.0445 2548 C:\Windows\System32\aeevts.dll - ok
22:28:58.0445 2548 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
22:28:58.0445 2548 C:\Windows\SysWOW64\srvcli.dll - ok
22:28:58.0445 2548 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
22:28:58.0445 2548 C:\Windows\SysWOW64\wkscli.dll - ok
22:28:58.0445 2548 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
22:28:58.0445 2548 C:\Program Files\Windows Defender\MpSvc.dll - ok
22:28:58.0445 2548 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
22:28:58.0445 2548 C:\Windows\System32\wbem\WMIsvc.dll - ok
22:28:58.0445 2548 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:28:58.0445 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
22:28:58.0461 2548 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
22:28:58.0461 2548 C:\Windows\System32\wbemcomn.dll - ok
22:28:58.0461 2548 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
22:28:58.0461 2548 C:\Windows\System32\wbem\WinMgmtR.dll - ok
22:28:58.0461 2548 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
22:28:58.0461 2548 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
22:28:58.0461 2548 [ 6CF1294D60485D13524015C4656AD571 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
22:28:58.0461 2548 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE - ok
22:28:58.0461 2548 [ 53483A0B2DE3617E832F1DBAF9620F39 ] C:\Windows\SysWOW64\ntoskrnl.exe
22:28:58.0461 2548 C:\Windows\SysWOW64\ntoskrnl.exe - ok
22:28:58.0461 2548 [ 28D0AAEB2F5D05629B287E3534FCAFB3 ] C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
22:28:58.0461 2548 C:\Windows\assembly\GAC_64\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
22:28:58.0476 2548 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
22:28:58.0476 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
22:28:58.0476 2548 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
22:28:58.0476 2548 C:\Windows\System32\wer.dll - ok
22:28:58.0476 2548 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
22:28:58.0476 2548 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
22:28:58.0476 2548 [ E8F3FA126A06F8E7088F63757112A186 ] C:\Windows\System32\drivers\XAudio64.sys
22:28:58.0476 2548 C:\Windows\System32\drivers\XAudio64.sys - ok
22:28:58.0476 2548 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
22:28:58.0476 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
22:28:58.0476 2548 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
22:28:58.0476 2548 C:\Windows\SysWOW64\uxtheme.dll - ok
22:28:58.0492 2548 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
22:28:58.0492 2548 C:\Windows\System32\sqmapi.dll - ok
22:28:58.0492 2548 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
22:28:58.0492 2548 C:\Windows\System32\wbem\fastprox.dll - ok
22:28:58.0492 2548 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
22:28:58.0492 2548 C:\Windows\System32\p2pcollab.dll - ok
22:28:58.0492 2548 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
22:28:58.0492 2548 C:\Windows\System32\QAGENTRT.DLL - ok
22:28:58.0492 2548 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
22:28:58.0492 2548 C:\Windows\System32\fveui.dll - ok
22:28:58.0492 2548 [ A454A9BAA25B8C8E76735DD86BD4B017 ] C:\Windows\SysWOW64\CCM\CcmExec.exe
22:28:58.0492 2548 C:\Windows\SysWOW64\CCM\CcmExec.exe - ok
22:28:58.0492 2548 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
22:28:58.0492 2548 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
22:28:58.0508 2548 [ F3F571288CDE445881102E385BF3471F ] C:\Windows\SysWOW64\Magnification.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\Magnification.dll - ok
22:28:58.0508 2548 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\atl.dll - ok
22:28:58.0508 2548 [ 4B807127C4C627CF6F681688497054DC ] C:\Windows\SysWOW64\ccmcore.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\ccmcore.dll - ok
22:28:58.0508 2548 [ E697CD9824B583865E673A599B426E0B ] C:\Windows\SysWOW64\CCM\ccmperf.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\CCM\ccmperf.dll - ok
22:28:58.0508 2548 [ 645259875C31090345E41E57934BD442 ] C:\Windows\SysWOW64\xprslib.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\xprslib.dll - ok
22:28:58.0508 2548 [ 46C26E7B5CB1127E325CA4F540FA68F5 ] C:\Windows\SysWOW64\CCM\ccmgencert.dll
22:28:58.0508 2548 C:\Windows\SysWOW64\CCM\ccmgencert.dll - ok
22:28:58.0523 2548 [ 58DCDB557772641C7867FDB013A59E41 ] C:\Windows\SysWOW64\CCM\ccmutillib.dll
22:28:58.0523 2548 C:\Windows\SysWOW64\CCM\ccmutillib.dll - ok
22:28:58.0523 2548 [ CA8F0B71B0A8C36F96739AE947DF5E41 ] C:\Windows\SysWOW64\CCM\smscore.dll
22:28:58.0523 2548 C:\Windows\SysWOW64\CCM\smscore.dll - ok
22:28:58.0523 2548 [ 4E51CF7F1F1214A887BF0C3CD1859C91 ] C:\Windows\SysWOW64\CCM\CcmTask.dll
22:28:58.0523 2548 C:\Windows\SysWOW64\CCM\CcmTask.dll - ok
22:28:58.0523 2548 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
22:28:58.0523 2548 C:\Windows\System32\wbem\wbemprox.dll - ok
22:28:58.0523 2548 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
22:28:58.0523 2548 C:\Windows\System32\wbem\wbemcore.dll - ok
22:28:58.0523 2548 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
22:28:58.0523 2548 C:\Windows\System32\wbem\esscli.dll - ok
22:28:58.0539 2548 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
22:28:58.0539 2548 C:\Windows\System32\wbem\wbemsvc.dll - ok
22:28:58.0539 2548 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
22:28:58.0539 2548 C:\Windows\System32\wbem\wmiutils.dll - ok
22:28:58.0539 2548 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
22:28:58.0539 2548 C:\Windows\System32\wbem\repdrvfs.dll - ok
22:28:58.0539 2548 [ 122E10430A84328AD48C53429FADC937 ] C:\Windows\SysWOW64\CCM\ccmid.dll
22:28:58.0539 2548 C:\Windows\SysWOW64\CCM\ccmid.dll - ok
22:28:58.0539 2548 [ 9BECA9E04C47323F7A02ECC5F6168160 ] C:\Windows\SysWOW64\CCM\LSUtilities.dll
22:28:58.0539 2548 C:\Windows\SysWOW64\CCM\LSUtilities.dll - ok
22:28:58.0539 2548 [ 521B748A7F9923302CA18B7E6AA2EEAE ] C:\Windows\SysWOW64\activeds.dll
22:28:58.0539 2548 C:\Windows\SysWOW64\activeds.dll - ok
22:28:58.0554 2548 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
22:28:58.0554 2548 C:\Windows\SysWOW64\logoncli.dll - ok
22:28:58.0554 2548 [ 51F5CC1E7DA3D9C664C2D0D61F315E06 ] C:\Windows\SysWOW64\adsldpc.dll
22:28:58.0554 2548 C:\Windows\SysWOW64\adsldpc.dll - ok
22:28:58.0554 2548 [ E13B08415CD2ED9F74295170D1A0FC78 ] C:\Windows\SysWOW64\CCM\fsputillib.dll
22:28:58.0554 2548 C:\Windows\SysWOW64\CCM\fsputillib.dll - ok
22:28:58.0554 2548 [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
22:28:58.0554 2548 C:\Windows\System32\iphlpsvc.dll - ok
22:28:58.0554 2548 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
22:28:58.0554 2548 C:\Windows\System32\npmproxy.dll - ok
22:28:58.0554 2548 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
22:28:58.0554 2548 C:\Windows\System32\wdscore.dll - ok
22:28:58.0554 2548 [ E362FAA5E232D9A326F42D8F78AEA2D8 ] C:\Windows\SysWOW64\framedyn.dll
22:28:58.0554 2548 C:\Windows\SysWOW64\framedyn.dll - ok
22:28:58.0570 2548 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
22:28:58.0570 2548 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
22:28:58.0570 2548 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
22:28:58.0570 2548 C:\Windows\System32\rasmans.dll - ok
22:28:58.0570 2548 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
22:28:58.0570 2548 C:\Windows\System32\rastapi.dll - ok
22:28:58.0570 2548 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
22:28:58.0570 2548 C:\Windows\System32\tapi32.dll - ok
22:28:58.0570 2548 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
22:28:58.0570 2548 C:\Windows\System32\hnetcfg.dll - ok
22:28:58.0570 2548 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
22:28:58.0570 2548 C:\Windows\System32\unimdm.tsp - ok
22:28:58.0570 2548 [ 2472BDF30C62F3E81AE27A968C25608C ] C:\Windows\System32\unimdmat.dll
22:28:58.0586 2548 C:\Windows\System32\unimdmat.dll - ok
22:28:58.0586 2548 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
22:28:58.0586 2548 C:\Windows\System32\uniplat.dll - ok
22:28:58.0586 2548 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
22:28:58.0586 2548 C:\Windows\System32\drivers\srv2.sys - ok
22:28:58.0586 2548 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
22:28:58.0586 2548 C:\Windows\SysWOW64\wbemcomn.dll - ok
22:28:58.0586 2548 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
22:28:58.0586 2548 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
22:28:58.0586 2548 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
22:28:58.0586 2548 C:\Windows\SysWOW64\d3d9.dll - ok
22:28:58.0586 2548 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
22:28:58.0586 2548 C:\Windows\SysWOW64\d3d8thk.dll - ok
22:28:58.0601 2548 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
22:28:58.0601 2548 C:\Windows\System32\fdProxy.dll - ok
22:28:58.0601 2548 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
22:28:58.0601 2548 C:\Windows\SysWOW64\bcrypt.dll - ok
22:28:58.0601 2548 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
22:28:58.0601 2548 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
22:28:58.0601 2548 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll
22:28:58.0601 2548 C:\Windows\SysWOW64\ncrypt.dll - ok
22:28:58.0601 2548 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
22:28:58.0601 2548 C:\Windows\SysWOW64\gpapi.dll - ok
22:28:58.0601 2548 [ C1446A66BB89FC3AA2485C67562247DA ] C:\Windows\System32\modemui.dll
22:28:58.0601 2548 C:\Windows\System32\modemui.dll - ok
22:28:58.0601 2548 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
22:28:58.0601 2548 C:\Windows\System32\hidphone.tsp - ok
22:28:58.0617 2548 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
22:28:58.0617 2548 C:\Windows\System32\kmddsp.tsp - ok
22:28:58.0617 2548 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
22:28:58.0617 2548 C:\Windows\System32\ndptsp.tsp - ok
22:28:58.0617 2548 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
22:28:58.0617 2548 C:\Windows\System32\rasppp.dll - ok
22:28:58.0617 2548 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
22:28:58.0617 2548 C:\Windows\System32\vpnike.dll - ok
22:28:58.0617 2548 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
22:28:58.0617 2548 C:\Windows\System32\raschap.dll - ok
22:28:58.0617 2548 [ 893C44082C97F7AED3E7C180FA1F93D8 ] C:\Windows\System32\mpnotify.exe
22:28:58.0617 2548 C:\Windows\System32\mpnotify.exe - ok
22:28:58.0632 2548 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
22:28:58.0632 2548 C:\Windows\System32\P2PGraph.dll - ok
22:28:58.0632 2548 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
22:28:58.0632 2548 C:\Windows\System32\p2psvc.dll - ok
22:28:58.0632 2548 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
22:28:58.0632 2548 C:\Windows\System32\browser.dll - ok
22:28:58.0632 2548 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
22:28:58.0632 2548 C:\Windows\System32\drivers\srv.sys - ok
22:28:58.0632 2548 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
22:28:58.0632 2548 C:\Windows\System32\ipnathlp.dll - ok
22:28:58.0632 2548 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
22:28:58.0632 2548 C:\Windows\System32\srvsvc.dll - ok
22:28:58.0632 2548 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
22:28:58.0632 2548 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
22:28:58.0648 2548 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
22:28:58.0648 2548 C:\Windows\SysWOW64\ntdsapi.dll - ok
22:28:58.0648 2548 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
22:28:58.0648 2548 C:\Windows\System32\netshell.dll - ok
22:28:58.0648 2548 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
22:28:58.0648 2548 C:\Windows\System32\netmsg.dll - ok
22:28:58.0648 2548 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
22:28:58.0648 2548 C:\Windows\System32\clusapi.dll - ok
22:28:58.0648 2548 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
22:28:58.0648 2548 C:\Windows\System32\sscore.dll - ok
22:28:58.0648 2548 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
22:28:58.0648 2548 C:\Windows\System32\resutils.dll - ok
22:28:58.0664 2548 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
22:28:58.0664 2548 C:\Windows\System32\winspool.drv - ok
22:28:58.0664 2548 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
22:28:58.0664 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
22:28:58.0664 2548 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
22:28:58.0664 2548 C:\Windows\System32\localspl.dll - ok
22:28:58.0664 2548 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
22:28:58.0664 2548 C:\Windows\System32\rasadhlp.dll - ok
22:28:58.0664 2548 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
22:28:58.0664 2548 C:\Windows\System32\spoolss.dll - ok
22:28:58.0664 2548 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
22:28:58.0664 2548 C:\Windows\System32\PrintIsolationProxy.dll - ok
22:28:58.0679 2548 [ 12A0531ADED17176D6B0CBFE8F9B4326 ] C:\Windows\System32\cpwmon64.dll
22:28:58.0679 2548 C:\Windows\System32\cpwmon64.dll - ok
22:28:58.0679 2548 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
22:28:58.0679 2548 C:\Windows\System32\FXSMON.dll - ok
22:28:58.0679 2548 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
22:28:58.0679 2548 C:\Windows\System32\tcpmon.dll - ok
22:28:58.0679 2548 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
22:28:58.0679 2548 C:\Windows\System32\snmpapi.dll - ok
22:28:58.0679 2548 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
22:28:58.0679 2548 C:\Windows\System32\usbmon.dll - ok
22:28:58.0679 2548 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
22:28:58.0679 2548 C:\Windows\System32\WSDMon.dll - ok
22:28:58.0679 2548 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
22:28:58.0679 2548 C:\Windows\System32\wsnmp32.dll - ok
22:28:58.0695 2548 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
22:28:58.0695 2548 C:\Windows\System32\fdPnp.dll - ok
22:28:58.0695 2548 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
22:28:58.0695 2548 C:\Windows\System32\mpr.dll - ok
22:28:58.0695 2548 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
22:28:58.0695 2548 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
22:28:58.0695 2548 [ D5055AEA85C3C945F69CA2917F97E04D ] C:\Program Files (x86)\IBM\Client Access\Shared\cwbnetnt.dll
22:28:58.0695 2548 C:\Program Files (x86)\IBM\Client Access\Shared\cwbnetnt.dll - ok
22:28:58.0695 2548 [ 0385AC3323A55DEFFC07841C896DF4D8 ] C:\Windows\System32\spool\prtprocs\x64\LMPRTPRC.DLL
22:28:58.0695 2548 C:\Windows\System32\spool\prtprocs\x64\LMPRTPRC.DLL - ok
22:28:58.0695 2548 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
22:28:58.0695 2548 C:\Windows\System32\win32spl.dll - ok
22:28:58.0710 2548 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
22:28:58.0710 2548 C:\Windows\System32\inetpp.dll - ok
22:28:58.0710 2548 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
22:28:58.0710 2548 C:\Windows\System32\ListSvc.dll - ok
22:28:58.0710 2548 [ 01D6F94837FF920C3CC1CC7B32105D03 ] C:\Program Files (x86)\Citrix\ICA Client\x64\pnsson.dll
22:28:58.0710 2548 C:\Program Files (x86)\Citrix\ICA Client\x64\pnsson.dll - ok
22:28:58.0710 2548 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
22:28:58.0710 2548 C:\Windows\System32\IdListen.dll - ok
22:28:58.0710 2548 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
22:28:58.0710 2548 C:\Windows\System32\hgprint.dll - ok
22:28:58.0710 2548 [ 166EF24FE7E4D7F481826670196117C5 ] C:\Windows\System32\cwbcore.dll
22:28:58.0710 2548 C:\Windows\System32\cwbcore.dll - ok
22:28:58.0726 2548 [ 91E1B5DEE85CECB775F0EBB814260DB9 ] C:\Windows\System32\cwbunpls.dll
22:28:58.0726 2548 C:\Windows\System32\cwbunpls.dll - ok
22:28:58.0726 2548 [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
22:28:58.0726 2548 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
22:28:58.0726 2548 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
22:28:58.0726 2548 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
22:28:58.0726 2548 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
22:28:58.0726 2548 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
22:28:58.0726 2548 [ E8F504BFC6EFDFFCC7D199B41F505E5D ] C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbcfmsg.dll
22:28:58.0726 2548 C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbcfmsg.dll - ok
22:28:58.0726 2548 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
22:28:58.0726 2548 C:\Windows\System32\msi.dll - ok
22:28:58.0726 2548 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
22:28:58.0726 2548 C:\Windows\System32\msiltcfg.dll - ok
22:28:58.0742 2548 [ ECCB8C65A8A8DA51139E5645EE613B6A ] C:\Program Files (x86)\Citrix\ICA Client\x64\ssoncom.exe
22:28:58.0742 2548 C:\Program Files (x86)\Citrix\ICA Client\x64\ssoncom.exe - ok
22:28:58.0742 2548 [ 33B6A6B31E0DFC4A20CEB9EAE31F3272 ] C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe
22:28:58.0742 2548 C:\Program Files (x86)\Citrix\ICA Client\ssonsvr.exe - ok
22:28:58.0742 2548 [ 525DB7C8E64F8026BBFCEA2BF61652BF ] C:\Program Files (x86)\Citrix\ICA Client\x64\ssonstub.dll
22:28:58.0742 2548 C:\Program Files (x86)\Citrix\ICA Client\x64\ssonstub.dll - ok
22:28:58.0742 2548 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
22:28:58.0742 2548 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
22:28:58.0742 2548 [ 5F1F35F2F995FA8615438AB922B0BA7B ] C:\Program Files\Internet Explorer\ieproxy.dll
22:28:58.0742 2548 C:\Program Files\Internet Explorer\ieproxy.dll - ok
22:28:58.0742 2548 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
22:28:58.0742 2548 C:\Windows\System32\cscapi.dll - ok
22:28:58.0757 2548 [ 5AC3CB53406CB9AABB25D46B3385528F ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
22:28:58.0757 2548 C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
22:28:58.0757 2548 [ E81F5A2F6D52215C0E84F2849503EBA8 ] C:\Windows\System32\tcpmib.dll
22:28:58.0757 2548 C:\Windows\System32\tcpmib.dll - ok
22:28:58.0757 2548 [ EFEC3847B47CC9357D5C33BBAB59B7EB ] C:\Windows\System32\mgmtapi.dll
22:28:58.0757 2548 C:\Windows\System32\mgmtapi.dll - ok
22:28:58.0757 2548 [ 22F020C76E339EB2B2187BA73A7E4173 ] C:\Windows\System32\PrintIsolationHost.exe
22:28:58.0757 2548 C:\Windows\System32\PrintIsolationHost.exe - ok
22:28:58.0757 2548 [ ADE2BCD1FDE5C9669FCE1F4541AB46DD ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
22:28:58.0757 2548 C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
22:28:58.0757 2548 [ 6A92B7900281317265644AEC989C087E ] C:\Windows\System32\spool\drivers\x64\3\brci14ui.dll
22:28:58.0757 2548 C:\Windows\System32\spool\drivers\x64\3\brci14ui.dll - ok
22:28:58.0773 2548 [ 7E1CF52C347D8755E5CA5ED0E99B401E ] C:\Windows\System32\mfc42.dll
22:28:58.0773 2548 C:\Windows\System32\mfc42.dll - ok
22:28:58.0773 2548 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
22:28:58.0773 2548 C:\Windows\System32\P2P.dll - ok
22:28:58.0773 2548 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
22:28:58.0773 2548 C:\Windows\System32\pnrpnsp.dll - ok
22:28:58.0773 2548 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
22:28:58.0773 2548 C:\Windows\System32\dssenh.dll - ok
22:28:58.0773 2548 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
22:28:58.0773 2548 C:\Windows\System32\odbc32.dll - ok
22:28:58.0773 2548 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
22:28:58.0773 2548 C:\Windows\System32\odbcint.dll - ok
22:28:58.0788 2548 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
22:28:58.0788 2548 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
22:28:58.0788 2548 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
22:28:58.0788 2548 C:\Windows\System32\ncobjapi.dll - ok
22:28:58.0788 2548 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
22:28:58.0788 2548 C:\Windows\System32\wbem\wbemess.dll - ok
22:28:58.0788 2548 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
22:28:58.0788 2548 C:\Windows\SysWOW64\msi.dll - ok
22:28:58.0788 2548 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
22:28:58.0788 2548 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
22:28:58.0788 2548 [ 1F59B386F652A0484A3CC0B680B1132B ] C:\Windows\SysWOW64\msimsg.dll
22:28:58.0788 2548 C:\Windows\SysWOW64\msimsg.dll - ok
22:28:58.0804 2548 [ EEE470F2A771FC0B543BDEEF74FCECA0 ] C:\Windows\SysWOW64\msiexec.exe
22:28:58.0804 2548 C:\Windows\SysWOW64\msiexec.exe - ok
22:28:58.0804 2548 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
22:28:58.0804 2548 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
22:28:58.0804 2548 [ B28BD86791468F427321458985F6A0E3 ] C:\Windows\SysWOW64\drvinst.exe
22:28:58.0804 2548 C:\Windows\SysWOW64\drvinst.exe - ok
22:28:58.0804 2548 [ A190DA6546501CB4146BBCC0B6A3F48B ] C:\Windows\System32\msiexec.exe
22:28:58.0804 2548 C:\Windows\System32\msiexec.exe - ok
22:28:58.0804 2548 [ 2DBA1472BDF847EAE358A4B9FA9AB0C1 ] C:\Windows\System32\drvinst.exe
22:28:58.0804 2548 C:\Windows\System32\drvinst.exe - ok
22:28:58.0804 2548 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
22:28:58.0804 2548 C:\Windows\System32\wbem\cimwin32.dll - ok
22:28:58.0820 2548 [ 7467E3677E07C5926CCE031866DF5E2E ] C:\Windows\AppPatch\AppPatch64\AcLayers.dll
22:28:58.0820 2548 C:\Windows\AppPatch\AppPatch64\AcLayers.dll - ok
22:28:58.0820 2548 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
22:28:58.0820 2548 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
22:28:58.0820 2548 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
22:28:58.0820 2548 C:\Windows\System32\framedynos.dll - ok
22:28:58.0820 2548 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
22:28:58.0820 2548 C:\Windows\System32\NapiNSP.dll - ok
22:28:58.0820 2548 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
22:28:58.0820 2548 C:\Windows\System32\security.dll - ok
22:28:58.0820 2548 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
22:28:58.0820 2548 C:\Windows\System32\winrnr.dll - ok
22:28:58.0820 2548 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
22:28:58.0820 2548 C:\Windows\System32\wshbth.dll - ok
22:28:58.0835 2548 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
22:28:58.0835 2548 C:\Windows\System32\browcli.dll - ok
22:28:58.0835 2548 [ CC8E52DAA9826064BA464DBE531F2BB5 ] C:\Windows\System32\drivers\CVPNDRVA.sys
22:28:58.0835 2548 C:\Windows\System32\drivers\CVPNDRVA.sys - ok
22:28:58.0835 2548 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
22:28:58.0835 2548 C:\Windows\System32\drttransport.dll - ok
22:28:58.0835 2548 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
22:28:58.0835 2548 C:\Windows\System32\schedcli.dll - ok
22:28:58.0835 2548 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
22:28:58.0835 2548 C:\Windows\System32\ssdpsrv.dll - ok
22:28:58.0835 2548 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
22:28:58.0835 2548 C:\Windows\System32\wdi.dll - ok
22:28:58.0851 2548 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
22:28:58.0851 2548 C:\Windows\SysWOW64\apphelp.dll - ok
22:28:58.0851 2548 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
22:28:58.0851 2548 C:\Windows\System32\drt.dll - ok
22:28:58.0851 2548 [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
22:28:58.0851 2548 C:\Windows\System32\termsrv.dll - ok
22:28:58.0851 2548 [ 7961AAD46149CD5510DD405FA5DE1D3F ] C:\Windows\System32\vmictimeprovider.dll
22:28:58.0851 2548 C:\Windows\System32\vmictimeprovider.dll - ok
22:28:58.0851 2548 [ 7E236CC26FF0C2513819FA453E2C5371 ] C:\Windows\System32\icaapi.dll
22:28:58.0851 2548 C:\Windows\System32\icaapi.dll - ok
22:28:58.0851 2548 [ 988121D083B7AB61D4A7E244290BAAB0 ] C:\Windows\System32\lsmproxy.dll
22:28:58.0851 2548 C:\Windows\System32\lsmproxy.dll - ok
22:28:58.0851 2548 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
22:28:58.0851 2548 C:\Windows\SysWOW64\mscoree.dll - ok
22:28:58.0866 2548 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
22:28:58.0866 2548 C:\Windows\SysWOW64\sxs.dll - ok
22:28:58.0866 2548 [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
22:28:58.0866 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
22:28:58.0866 2548 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
22:28:58.0866 2548 C:\Windows\System32\bthserv.dll - ok
22:28:58.0866 2548 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
22:28:58.0866 2548 C:\Windows\System32\diagperf.dll - ok
22:28:58.0866 2548 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
22:28:58.0866 2548 C:\Windows\System32\hidserv.dll - ok
22:28:58.0866 2548 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
22:28:58.0866 2548 C:\Windows\System32\perftrack.dll - ok
22:28:58.0882 2548 [ E377BBA01F34E4183C32E5BBD688CE83 ] C:\Windows\System32\regapi.dll
22:28:58.0882 2548 C:\Windows\System32\regapi.dll - ok
22:28:58.0882 2548 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
22:28:58.0882 2548 C:\Windows\System32\wpdbusenum.dll - ok
22:28:58.0882 2548 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
22:28:58.0882 2548 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
22:28:58.0882 2548 [ 6C69EA6A0C308A0FB81992CAC9F39C59 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll
22:28:58.0882 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\fusion.dll - ok
22:28:58.0882 2548 [ 8F69EE5E0EB0779DC3E90DFD8D8E8683 ] C:\Windows\System32\rdpcorets.dll
22:28:58.0882 2548 C:\Windows\System32\rdpcorets.dll - ok
22:28:58.0882 2548 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
22:28:58.0882 2548 C:\Windows\System32\Apphlpdm.dll - ok
22:28:58.0898 2548 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
22:28:58.0898 2548 C:\Windows\System32\PortableDeviceApi.dll - ok
22:28:58.0898 2548 [ 6A1B51F414E2F83ECC2B9AFA0121FEF6 ] C:\Windows\System32\sysclass.dll
22:28:58.0898 2548 C:\Windows\System32\sysclass.dll - ok
22:28:58.0898 2548 [ AE84ED6A560CBC4942D0A38C51FC8B8F ] C:\Windows\SysWOW64\CCM\PolicyAgent.dll
22:28:58.0898 2548 C:\Windows\SysWOW64\CCM\PolicyAgent.dll - ok
22:28:58.0898 2548 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
22:28:58.0898 2548 C:\Windows\System32\spfileq.dll - ok
22:28:58.0898 2548 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
22:28:58.0898 2548 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
22:28:58.0898 2548 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
22:28:58.0898 2548 C:\Windows\SysWOW64\propsys.dll - ok
22:28:58.0898 2548 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
22:28:58.0898 2548 C:\Windows\SysWOW64\ncobjapi.dll - ok
22:28:58.0913 2548 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
22:28:58.0913 2548 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
22:28:58.0913 2548 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
22:28:58.0913 2548 C:\Windows\System32\wmi.dll - ok
22:28:58.0913 2548 [ 471CFD948321711B5420817250D61CB6 ] C:\Windows\SysWOW64\CCM\PolicyAgentProvider.dll
22:28:58.0913 2548 C:\Windows\SysWOW64\CCM\PolicyAgentProvider.dll - ok
22:28:58.0913 2548 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
22:28:58.0913 2548 C:\Windows\System32\pnpts.dll - ok
22:28:58.0913 2548 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
22:28:58.0913 2548 C:\Windows\System32\wdiasqmmodule.dll - ok
22:28:58.0913 2548 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\SysWOW64\wbem\esscli.dll
22:28:58.0929 2548 C:\Windows\SysWOW64\wbem\esscli.dll - ok
22:28:58.0929 2548 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
22:28:58.0929 2548 C:\Windows\System32\wbem\NCProv.dll - ok
22:28:58.0929 2548 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
22:28:58.0929 2548 C:\Windows\System32\radardt.dll - ok
22:28:58.0929 2548 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
22:28:58.0929 2548 C:\Windows\SysWOW64\powrprof.dll - ok
22:28:58.0929 2548 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
22:28:58.0929 2548 C:\Windows\System32\d3d9.dll - ok
22:28:58.0929 2548 [ 1B4A711265FEA91259553D7B4E83394B ] C:\Windows\System32\tlscsp.dll
22:28:58.0929 2548 C:\Windows\System32\tlscsp.dll - ok
22:28:58.0929 2548 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
22:28:58.0929 2548 C:\Windows\System32\d3d8thk.dll - ok
22:28:58.0944 2548 [ 5B236296E233CAA6BF86BE0C6501A224 ] C:\Windows\System32\rdpcorekmts.dll
22:28:58.0944 2548 C:\Windows\System32\rdpcorekmts.dll - ok
22:28:58.0944 2548 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
22:28:58.0944 2548 C:\Windows\SysWOW64\pdh.dll - ok
22:28:58.0944 2548 [ E6410546E86DC2C8068DCA88065BD7AB ] C:\Windows\SysWOW64\wbem\WmiPerfClass.dll
22:28:58.0944 2548 C:\Windows\SysWOW64\wbem\WmiPerfClass.dll - ok
22:28:58.0944 2548 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
22:28:58.0944 2548 C:\Windows\SysWOW64\wevtapi.dll - ok
22:28:58.0944 2548 [ 1B6163C503398B23FF8B939C67747683 ] C:\Windows\System32\drivers\rdpdr.sys
22:28:58.0944 2548 C:\Windows\System32\drivers\rdpdr.sys - ok
22:28:58.0944 2548 [ 6D5DCC1579B3961D791ABDE286A1CB5E ] C:\Windows\System32\rdpwsx.dll
22:28:58.0944 2548 C:\Windows\System32\rdpwsx.dll - ok
22:28:58.0960 2548 [ A293DCD756D04D8492A750D03B9A297C ] C:\Windows\System32\umrdp.dll
22:28:58.0960 2548 C:\Windows\System32\umrdp.dll - ok
22:28:58.0960 2548 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] C:\Windows\System32\drivers\tdtcp.sys
22:28:58.0960 2548 C:\Windows\System32\drivers\tdtcp.sys - ok
22:28:58.0960 2548 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
22:28:58.0960 2548 C:\Windows\System32\drivers\tssecsrv.sys - ok
22:28:58.0960 2548 [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
22:28:58.0960 2548 C:\Windows\System32\SessEnv.dll - ok
22:28:58.0960 2548 [ E61608AA35E98999AF9AAEEEA6114B0A ] C:\Windows\System32\drivers\rdpwd.sys
22:28:58.0960 2548 C:\Windows\System32\drivers\rdpwd.sys - ok
22:28:58.0960 2548 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
22:28:58.0960 2548 C:\Windows\SysWOW64\rundll32.exe - ok
22:28:58.0976 2548 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
22:28:58.0976 2548 C:\Windows\System32\ndiscapCfg.dll - ok
22:28:58.0976 2548 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
22:28:58.0976 2548 C:\Windows\System32\rascfg.dll - ok
22:28:58.0976 2548 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
22:28:58.0976 2548 C:\Windows\System32\mprmsg.dll - ok
22:28:58.0976 2548 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
22:28:58.0976 2548 C:\Windows\System32\tcpipcfg.dll - ok
22:28:58.0976 2548 [ C02F50BBC064689FE3FCD89348C884EB ] C:\Windows\SysWOW64\netfxperf.dll
22:28:58.0976 2548 C:\Windows\SysWOW64\netfxperf.dll - ok
22:28:58.0976 2548 [ 257147843B66B67CB72AE8197DD479CD ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
22:28:58.0976 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
22:28:58.0991 2548 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
22:28:58.0991 2548 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
22:28:58.0991 2548 [ DC3078BA1B58562416C843582A42284C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
22:28:58.0991 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
22:28:58.0991 2548 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
22:28:58.0991 2548 C:\Windows\System32\taskhost.exe - ok
22:28:58.0991 2548 [ F4E9693F449600A30088A0B16079F3CD ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
22:28:58.0991 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
22:28:58.0991 2548 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
22:28:58.0991 2548 C:\Windows\System32\nci.dll - ok
22:28:58.0991 2548 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
22:28:58.0991 2548 C:\Windows\System32\wlaninst.dll - ok
22:28:59.0007 2548 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
22:28:59.0007 2548 C:\Windows\System32\wwaninst.dll - ok
22:28:59.0007 2548 [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\Windows\SysWOW64\aspnet_counters.dll
22:28:59.0007 2548 C:\Windows\SysWOW64\aspnet_counters.dll - ok
22:28:59.0007 2548 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\SysWOW64\bitsperf.dll
22:28:59.0007 2548 C:\Windows\SysWOW64\bitsperf.dll - ok
22:28:59.0007 2548 [ E697CD9824B583865E673A599B426E0B ] C:\Windows\SysWOW64\ccmperf.dll
22:28:59.0007 2548 C:\Windows\SysWOW64\ccmperf.dll - ok
22:28:59.0007 2548 [ DA61EF0B5AE0B97CF2764CE54F565DC4 ] C:\Windows\SysWOW64\FrameworkPerf.dll
22:28:59.0007 2548 C:\Windows\SysWOW64\FrameworkPerf.dll - ok
22:28:59.0007 2548 [ 8C9179609935F84202028849112D355A ] C:\Windows\SysWOW64\esentprf.dll
22:28:59.0007 2548 C:\Windows\SysWOW64\esentprf.dll - ok
22:28:59.0022 2548 [ E991956ACE9E57BFB9F8BB077D11B34E ] C:\Windows\SysWOW64\msdtcuiu.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\msdtcuiu.dll - ok
22:28:59.0022 2548 [ 19B8C44BC54C7859E57E0EC1312D5B92 ] C:\Windows\SysWOW64\msdtcprx.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\msdtcprx.dll - ok
22:28:59.0022 2548 [ 8483DD8F87DBE86AAB55BBF95C207061 ] C:\Windows\SysWOW64\mtxclu.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\mtxclu.dll - ok
22:28:59.0022 2548 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\SysWOW64\clusapi.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\clusapi.dll - ok
22:28:59.0022 2548 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\cryptdll.dll - ok
22:28:59.0022 2548 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\SysWOW64\ktmw32.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\ktmw32.dll - ok
22:28:59.0022 2548 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\SysWOW64\resutils.dll
22:28:59.0022 2548 C:\Windows\SysWOW64\resutils.dll - ok
22:28:59.0038 2548 [ CAB80174DB12D06E4CEFCDAD6A8A2015 ] C:\PROGRA~2\MICROS~2\Office12\OLMAPI32.DLL
22:28:59.0038 2548 C:\PROGRA~2\MICROS~2\Office12\OLMAPI32.DLL - ok
22:28:59.0038 2548 [ 2DC6285EC4F902BE08E7C5FA6D3FD017 ] C:\Windows\SysWOW64\msscntrs.dll
22:28:59.0038 2548 C:\Windows\SysWOW64\msscntrs.dll - ok
22:28:59.0038 2548 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
22:28:59.0038 2548 C:\Windows\System32\dimsjob.dll - ok
22:28:59.0038 2548 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
22:28:59.0038 2548 C:\Windows\System32\certcli.dll - ok
22:28:59.0038 2548 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
22:28:59.0038 2548 C:\Windows\System32\pautoenr.dll - ok
22:28:59.0038 2548 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
22:28:59.0038 2548 C:\Windows\System32\CertEnroll.dll - ok
22:28:59.0054 2548 [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
22:28:59.0054 2548 C:\Windows\SysWOW64\perfdisk.dll - ok
22:28:59.0054 2548 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
22:28:59.0054 2548 C:\Windows\SysWOW64\dllhost.exe - ok
22:28:59.0054 2548 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
22:28:59.0054 2548 C:\Windows\System32\dllhost.exe - ok
22:28:59.0054 2548 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
22:28:59.0054 2548 C:\Windows\SysWOW64\browcli.dll - ok
22:28:59.0054 2548 [ 1ACC2484F3F111D577ABE4FFB1CAF2A5 ] C:\Windows\SysWOW64\perfnet.dll
22:28:59.0054 2548 C:\Windows\SysWOW64\perfnet.dll - ok
22:28:59.0054 2548 [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
22:28:59.0054 2548 C:\Windows\SysWOW64\perfos.dll - ok
22:28:59.0054 2548 [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
22:28:59.0054 2548 C:\Windows\SysWOW64\perfproc.dll - ok
22:28:59.0069 2548 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
22:28:59.0069 2548 C:\Windows\System32\IDStore.dll - ok
22:28:59.0069 2548 [ 6E608664EBEEAB5A03BA32324016695B ] C:\Windows\SysWOW64\rasctrs.dll
22:28:59.0069 2548 C:\Windows\SysWOW64\rasctrs.dll - ok
22:28:59.0069 2548 [ BA32509D9B340162327B341013DE6522 ] C:\Windows\SysWOW64\tapi32.dll
22:28:59.0069 2548 C:\Windows\SysWOW64\tapi32.dll - ok
22:28:59.0069 2548 [ 5BBD1F824741AA1FDA9A9DFD3A9D5416 ] C:\Windows\SysWOW64\tapiperf.dll
22:28:59.0069 2548 C:\Windows\SysWOW64\tapiperf.dll - ok
22:28:59.0069 2548 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
22:28:59.0069 2548 C:\Windows\SysWOW64\winspool.drv - ok
22:28:59.0069 2548 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
22:28:59.0069 2548 C:\Windows\System32\drprov.dll - ok
22:28:59.0085 2548 [ EDD2AD141DEBD425D74A52A4D7BE6AC4 ] C:\Windows\SysWOW64\perfctrs.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\perfctrs.dll - ok
22:28:59.0085 2548 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
22:28:59.0085 2548 C:\Windows\System32\ntlanman.dll - ok
22:28:59.0085 2548 [ FB1BA42D1A1440E99C6B8667E141CFB1 ] C:\Windows\SysWOW64\perfts.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\perfts.dll - ok
22:28:59.0085 2548 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\samcli.dll - ok
22:28:59.0085 2548 [ D25958B2A71EF488959272878EF934BE ] C:\Windows\SysWOW64\utildll.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\utildll.dll - ok
22:28:59.0085 2548 [ 109007869CB95CBD9B92FDF35B96D7B5 ] C:\Windows\SysWOW64\usbperf.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\usbperf.dll - ok
22:28:59.0085 2548 [ 91429E9A7458899034952047B2B58842 ] C:\Windows\SysWOW64\wbem\WmiApRpl.dll
22:28:59.0085 2548 C:\Windows\SysWOW64\wbem\WmiApRpl.dll - ok
22:28:59.0100 2548 [ E553B9F299C8562371E94B9039A8E09A ] C:\DawnUpdates\Software\CutePDF28\CuteWriter.exe
22:28:59.0100 2548 C:\DawnUpdates\Software\CutePDF28\CuteWriter.exe - ok
22:28:59.0100 2548 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
22:28:59.0100 2548 C:\Windows\System32\davclnt.dll - ok
22:28:59.0100 2548 [ 529879612A7FAE235914E3AA6A9A669C ] C:\Windows\SysWOW64\loadperf.dll
22:28:59.0100 2548 C:\Windows\SysWOW64\loadperf.dll - ok
22:28:59.0100 2548 [ 5B8580B819BE32EEC18CE1FEC52A4BCE ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
22:28:59.0100 2548 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
22:28:59.0100 2548 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
22:28:59.0100 2548 C:\Windows\System32\davhlpr.dll - ok
22:28:59.0100 2548 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
22:28:59.0100 2548 C:\Windows\System32\loadperf.dll - ok
22:28:59.0100 2548 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
22:28:59.0116 2548 C:\Windows\System32\wbem\WmiApSrv.exe - ok
22:28:59.0116 2548 [ 79E80B10FE8F6662E0C9162A68C43444 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
22:28:59.0116 2548 C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
22:28:59.0116 2548 [ 5FEAB868CAEDBBD1B7A145CA8261E4AA ] C:\Windows\SysWOW64\WerFault.exe
22:28:59.0116 2548 C:\Windows\SysWOW64\WerFault.exe - ok
22:28:59.0116 2548 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\SysWOW64\wininit.exe
22:28:59.0116 2548 C:\Windows\SysWOW64\wininit.exe - ok
22:28:59.0116 2548 [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
22:28:59.0116 2548 C:\Windows\SysWOW64\tquery.dll - ok
22:28:59.0116 2548 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
22:28:59.0116 2548 C:\Windows\System32\wbem\wmiprov.dll - ok
22:28:59.0116 2548 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
22:28:59.0116 2548 C:\Windows\explorer.exe - ok
22:28:59.0132 2548 [ 2D53C5F71653EF94E7829846405D4ED2 ] C:\Program Files\Internet Explorer\iexplore.exe
22:28:59.0132 2548 C:\Program Files\Internet Explorer\iexplore.exe - ok
22:28:59.0132 2548 [ 22CC6CDBA678790046693654C3B212E4 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
22:28:59.0132 2548 C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
22:28:59.0132 2548 [ 4F2659160AFCCA990305816946F69407 ] C:\Windows\SysWOW64\taskeng.exe
22:28:59.0132 2548 C:\Windows\SysWOW64\taskeng.exe - ok
22:28:59.0132 2548 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\SysWOW64\userinit.exe
22:28:59.0132 2548 C:\Windows\SysWOW64\userinit.exe - ok
22:28:59.0132 2548 [ 845F52CF096DA9F16C12E4E70ECB1D68 ] C:\Program Files\IDT\WDM\sttray64.exe
22:28:59.0132 2548 C:\Program Files\IDT\WDM\sttray64.exe - ok
22:28:59.0132 2548 [ 5B72629C8144D1A96490D4C090D28DA1 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
22:28:59.0132 2548 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
22:28:59.0147 2548 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\SysWOW64\pcwum.dll
22:28:59.0147 2548 C:\Windows\SysWOW64\pcwum.dll - ok
22:28:59.0147 2548 [ FA81B95B307595A52DB63A83E0A6A42F ] C:\Program Files\Box Sync\BoxSync.exe
22:28:59.0147 2548 C:\Program Files\Box Sync\BoxSync.exe - ok
22:28:59.0147 2548 [ DC5EFA49EBFE8C3FF20B12552FF14CF8 ] C:\Program Files\Box Sync\BoxSyncHelper.exe
22:28:59.0147 2548 C:\Program Files\Box Sync\BoxSyncHelper.exe - ok
22:28:59.0147 2548 [ 7605271997CAB7E91549F343A83E622D ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
22:28:59.0147 2548 C:\Program Files (x86)\Citrix\ICA Client\concentr.exe - ok
22:28:59.0147 2548 [ C635FA01A2C1D3FE1175557BD9B95AE3 ] C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
22:28:59.0147 2548 C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe - ok
22:28:59.0147 2548 [ 12E33DD823D74680DE6F33BFA359EFB3 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
22:28:59.0147 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
22:28:59.0163 2548 [ FD74E0F1916D818E575895AA4AE67DAB ] C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe
22:28:59.0163 2548 C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\AfterFX.exe - ok
22:28:59.0163 2548 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\SysWOW64\ie4uinit.exe
22:28:59.0163 2548 C:\Windows\SysWOW64\ie4uinit.exe - ok
22:28:59.0163 2548 [ 952B780921ACE3CA17D73E8F61A85648 ] C:\Program Files\DellTPad\Apoint.exe
22:28:59.0163 2548 C:\Program Files\DellTPad\Apoint.exe - ok
22:28:59.0163 2548 [ B03F39264477EC8A979C67C789A7B62A ] C:\Program Files\DellTPad\ApMsgFwd.exe
22:28:59.0163 2548 C:\Program Files\DellTPad\ApMsgFwd.exe - ok
22:28:59.0163 2548 [ 1E70071E1753E43983B1202CE98AEC6F ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
22:28:59.0163 2548 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
22:28:59.0163 2548 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
22:28:59.0163 2548 C:\Program Files\Microsoft Security Client\msseces.exe - ok
22:28:59.0178 2548 [ A16195753E7C603FB732C53FE08C64BF ] C:\Windows\SysWOW64\wbem\WmiPerfInst.dll
22:28:59.0178 2548 C:\Windows\SysWOW64\wbem\WmiPerfInst.dll - ok
22:28:59.0178 2548 [ 0464F693C59CC02CF261DE7E4D33E5B7 ] C:\Windows\System32\wbem\WmiPerfClass.dll
22:28:59.0178 2548 C:\Windows\System32\wbem\WmiPerfClass.dll - ok
22:28:59.0178 2548 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
22:28:59.0178 2548 C:\Windows\System32\pdh.dll - ok
22:28:59.0178 2548 [ 0F02C3FF97EAB0D8295854D6C4F82BEE ] C:\Windows\System32\netfxperf.dll
22:28:59.0178 2548 C:\Windows\System32\netfxperf.dll - ok
22:28:59.0178 2548 [ 60A12C094689484B7556ED9BF930E0B8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll
22:28:59.0178 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll - ok
22:28:59.0178 2548 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
22:28:59.0178 2548 C:\Windows\System32\msvcr100_clr0400.dll - ok
22:28:59.0194 2548 [ C5C3575BD6D6F9BF6BF8C1714AD18FA5 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll
22:28:59.0194 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\CORPerfMonExt.dll - ok
22:28:59.0194 2548 [ 413801C6C7FE1AAD4E946BD1BCEBCBC8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Aspnet_perf.dll
22:28:59.0194 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\Aspnet_perf.dll - ok
22:28:59.0194 2548 [ B2D08488A32EAFCECF8BD19B5BD1294F ] C:\Windows\System32\aspnet_counters.dll
22:28:59.0194 2548 C:\Windows\System32\aspnet_counters.dll - ok
22:28:59.0194 2548 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
22:28:59.0194 2548 C:\Windows\System32\bitsperf.dll - ok
22:28:59.0194 2548 [ BFCCB94CBCE9A3CE51F8F4B7E15EC7D7 ] C:\Windows\System32\esentprf.dll
22:28:59.0194 2548 C:\Windows\System32\esentprf.dll - ok
22:28:59.0194 2548 [ 5E0943036CB6C0779E17E21BF19EE6AB ] C:\Windows\System32\msdtcuiu.dll
22:28:59.0194 2548 C:\Windows\System32\msdtcuiu.dll - ok
22:28:59.0210 2548 [ 60A92D87B1473294574C331F9D0E8C20 ] C:\Windows\System32\msdtcprx.dll
22:28:59.0210 2548 C:\Windows\System32\msdtcprx.dll - ok
22:28:59.0210 2548 [ ACB4F32174EB5066D4684369CEA925E9 ] C:\Windows\System32\mtxclu.dll
22:28:59.0210 2548 C:\Windows\System32\mtxclu.dll - ok
22:28:59.0210 2548 [ 093747DAE1C1A7F6DEA8D16E26D4F648 ] C:\Windows\System32\msscntrs.dll
22:28:59.0210 2548 C:\Windows\System32\msscntrs.dll - ok
22:28:59.0210 2548 [ 807EB11BD87CD9026906FB79015414CE ] C:\Windows\System32\perfdisk.dll
22:28:59.0210 2548 C:\Windows\System32\perfdisk.dll - ok
22:28:59.0210 2548 [ 00499168B9CC556647590707E6701ADB ] C:\Windows\System32\perfnet.dll
22:28:59.0210 2548 C:\Windows\System32\perfnet.dll - ok
22:28:59.0210 2548 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
22:28:59.0210 2548 C:\Windows\System32\perfos.dll - ok
22:28:59.0210 2548 [ B466E673B5E219520A12B40F1289E455 ] C:\Windows\System32\perfproc.dll
22:28:59.0210 2548 C:\Windows\System32\perfproc.dll - ok
22:28:59.0225 2548 [ 40BF963CBE064A1A72C3230C22C6D352 ] C:\Windows\System32\rasctrs.dll
22:28:59.0225 2548 C:\Windows\System32\rasctrs.dll - ok
22:28:59.0225 2548 [ 8056A3E51B569C3F437A5026A0ABE66D ] C:\Windows\System32\perfctrs.dll
22:28:59.0225 2548 C:\Windows\System32\perfctrs.dll - ok
22:28:59.0225 2548 [ C6238A6D6663567576D1624463864F3C ] C:\Windows\System32\tapiperf.dll
22:28:59.0225 2548 C:\Windows\System32\tapiperf.dll - ok
22:28:59.0225 2548 [ E1A20227B09B3A7BCC523294ED9BBA69 ] C:\Windows\System32\perfts.dll
22:28:59.0225 2548 C:\Windows\System32\perfts.dll - ok
22:28:59.0225 2548 [ B3BA3CB8515B27110A4791DCE9EEF402 ] C:\Windows\System32\usbperf.dll
22:28:59.0225 2548 C:\Windows\System32\usbperf.dll - ok
22:28:59.0225 2548 [ BAFBBD9D6A9FF4085036C25D060A754C ] C:\Windows\System32\utildll.dll
22:28:59.0225 2548 C:\Windows\System32\utildll.dll - ok
22:28:59.0241 2548 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
22:28:59.0241 2548 C:\Windows\System32\tquery.dll - ok
22:28:59.0241 2548 [ 677CCEADE829839BB8979190A251B09C ] C:\Windows\System32\wbem\WmiApRpl.dll
22:28:59.0241 2548 C:\Windows\System32\wbem\WmiApRpl.dll - ok
22:28:59.0241 2548 [ D82A57E67A690E0FC4A09508BA239FD2 ] C:\Program Files (x86)\SmartSync Software\SmartSync Pro\SmartSync.exe
22:28:59.0241 2548 C:\Program Files (x86)\SmartSync Software\SmartSync Pro\SmartSync.exe - ok
22:28:59.0241 2548 [ 320681DF28D82CDCA7E3EED0846625DB ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
22:28:59.0241 2548 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok
22:28:59.0241 2548 [ 53462E1398B9655AA87685AED062D781 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxSyncHelper\46066c6aefed9dc13672549faf8ec3c2\BoxSyncHelper.ni.exe
22:28:59.0241 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\BoxSyncHelper\46066c6aefed9dc13672549faf8ec3c2\BoxSyncHelper.ni.exe - ok
22:28:59.0241 2548 [ B8E421C0890356CD4A793D8A346D9096 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:28:59.0241 2548 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
22:28:59.0256 2548 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
22:28:59.0256 2548 C:\Windows\System32\PlaySndSrv.dll - ok
22:28:59.0256 2548 [ 3CA2BB895E204478C7A4C9BAF70970CE ] C:\Windows\SysWOW64\AtBroker.exe
22:28:59.0256 2548 C:\Windows\SysWOW64\AtBroker.exe - ok
22:28:59.0256 2548 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
22:28:59.0256 2548 C:\Windows\System32\AtBroker.exe - ok
22:28:59.0256 2548 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
22:28:59.0256 2548 C:\Windows\System32\HotStartUserAgent.dll - ok
22:28:59.0256 2548 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
22:28:59.0256 2548 C:\Windows\System32\MsCtfMonitor.dll - ok
22:28:59.0256 2548 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
22:28:59.0256 2548 C:\Windows\System32\msutb.dll - ok
22:28:59.0272 2548 [ 750FB30CA84831F996E163E17CB4F96F ] C:\Windows\SysWOW64\DWRCST.exe
22:28:59.0272 2548 C:\Windows\SysWOW64\DWRCST.exe - ok
22:28:59.0272 2548 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
22:28:59.0272 2548 C:\Windows\SysWOW64\winmm.dll - ok
22:28:59.0272 2548 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
22:28:59.0272 2548 C:\Windows\SysWOW64\drprov.dll - ok
22:28:59.0272 2548 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
22:28:59.0272 2548 C:\Windows\SysWOW64\ntlanman.dll - ok
22:28:59.0272 2548 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
22:28:59.0272 2548 C:\Windows\SysWOW64\davclnt.dll - ok
22:28:59.0272 2548 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
22:28:59.0272 2548 C:\Windows\SysWOW64\davhlpr.dll - ok
22:28:59.0272 2548 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\SysWOW64\autochk.exe
22:28:59.0272 2548 C:\Windows\SysWOW64\autochk.exe - ok
22:28:59.0288 2548 [ B0590AE25C847A74A644F3D6E22A4BE1 ] C:\Windows\SysWOW64\gpscript.exe
22:28:59.0288 2548 C:\Windows\SysWOW64\gpscript.exe - ok
22:28:59.0288 2548 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:28:59.0288 2548 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
22:28:59.0288 2548 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:28:59.0288 2548 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
22:28:59.0288 2548 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
22:28:59.0288 2548 C:\Windows\SysWOW64\winhttp.dll - ok
22:28:59.0288 2548 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
22:28:59.0288 2548 C:\Windows\SysWOW64\webio.dll - ok
22:28:59.0288 2548 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
22:28:59.0288 2548 C:\Windows\SysWOW64\credssp.dll - ok
22:28:59.0303 2548 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
22:28:59.0303 2548 C:\Windows\SysWOW64\wship6.dll - ok
22:28:59.0303 2548 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
22:28:59.0303 2548 C:\Windows\System32\userinit.exe - ok
22:28:59.0303 2548 [ 2F03490092C032392FB6FF635222B9B2 ] C:\Windows\SysWOW64\apisetschema.dll
22:28:59.0303 2548 C:\Windows\SysWOW64\apisetschema.dll - ok
22:28:59.0303 2548 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
22:28:59.0303 2548 C:\Windows\System32\dwm.exe - ok
22:28:59.0303 2548 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
22:28:59.0303 2548 C:\Windows\System32\dwmredir.dll - ok
22:28:59.0303 2548 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\SysWOW64\dwmcore.dll
22:28:59.0303 2548 C:\Windows\SysWOW64\dwmcore.dll - ok
22:28:59.0319 2548 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
22:28:59.0319 2548 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
22:28:59.0319 2548 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
22:28:59.0319 2548 C:\Windows\SysWOW64\d3d10_1.dll - ok
22:28:59.0319 2548 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
22:28:59.0319 2548 C:\Windows\SysWOW64\d3d10_1core.dll - ok
22:28:59.0319 2548 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
22:28:59.0319 2548 C:\Windows\SysWOW64\dxgi.dll - ok
22:28:59.0319 2548 [ F5138EEC090C296CF6FB6C6C19BE1D9E ] C:\Windows\System32\igd10umd64.dll
22:28:59.0319 2548 C:\Windows\System32\igd10umd64.dll - ok
22:28:59.0319 2548 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
22:28:59.0319 2548 C:\Windows\System32\uDWM.dll - ok
22:28:59.0319 2548 [ AF038A51B94E53B7F11A06EA9B69EA0C ] C:\Windows\Resources\Themes\Aero\aero.msstyles
22:28:59.0334 2548 C:\Windows\Resources\Themes\Aero\aero.msstyles - ok
22:28:59.0334 2548 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
22:28:59.0334 2548 C:\Windows\SysWOW64\slc.dll - ok
22:28:59.0334 2548 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
22:28:59.0334 2548 C:\Windows\System32\taskeng.exe - ok
22:28:59.0334 2548 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\SysWOW64\dssenh.dll
22:28:59.0334 2548 C:\Windows\SysWOW64\dssenh.dll - ok
22:28:59.0334 2548 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
22:28:59.0334 2548 C:\Windows\System32\dwmcore.dll - ok
22:28:59.0334 2548 [ 659E04E74135927CA6D7BC5E75C84417 ] C:\Windows\SysWOW64\TSChannel.dll
22:28:59.0334 2548 C:\Windows\SysWOW64\TSChannel.dll - ok
22:28:59.0334 2548 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
22:28:59.0334 2548 C:\Windows\SysWOW64\xmllite.dll - ok
22:28:59.0350 2548 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
22:28:59.0350 2548 C:\Windows\System32\d3d10_1.dll - ok
22:28:59.0350 2548 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
22:28:59.0350 2548 C:\Windows\System32\d3d10_1core.dll - ok
22:28:59.0350 2548 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
22:28:59.0350 2548 C:\Windows\System32\dxgi.dll - ok
22:28:59.0350 2548 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe
22:28:59.0350 2548 C:\Users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe - ok
22:28:59.0350 2548 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
22:28:59.0350 2548 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
22:28:59.0350 2548 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
22:28:59.0350 2548 C:\Windows\System32\TSChannel.dll - ok
22:28:59.0366 2548 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
22:28:59.0366 2548 C:\Windows\SysWOW64\duser.dll - ok
22:28:59.0366 2548 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
22:28:59.0366 2548 C:\Windows\SysWOW64\dui70.dll - ok
22:28:59.0366 2548 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
22:28:59.0366 2548 C:\Windows\SysWOW64\msimg32.dll - ok
22:28:59.0366 2548 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
22:28:59.0366 2548 C:\Windows\SysWOW64\comdlg32.dll - ok
22:28:59.0366 2548 [ FD6DB4D8CAE17FA4E75202EA5D445D7E ] C:\Windows\SysWOW64\en-US\KernelBase.dll.mui
22:28:59.0366 2548 C:\Windows\SysWOW64\en-US\KernelBase.dll.mui - ok
22:28:59.0366 2548 [ E284497B16DB214B1B118157352394A2 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorrc.dll
22:28:59.0366 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorrc.dll - ok
22:28:59.0366 2548 [ 2CB202890996C68BCD538E29645BA87C ] C:\Program Files\Box Sync\BoxIconOverlayHandler.dll
22:28:59.0366 2548 C:\Program Files\Box Sync\BoxIconOverlayHandler.dll - ok
22:28:59.0381 2548 [ 5B6FA6E78EF0F0EF0659483151D8C281 ] C:\Program Files\Box Sync\BoxUtils.dll
22:28:59.0381 2548 C:\Program Files\Box Sync\BoxUtils.dll - ok
22:28:59.0381 2548 [ 5B3FA17E1CD6FBBDF41AC34DAEECC256 ] C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
22:28:59.0381 2548 C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll - ok
22:28:59.0381 2548 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
22:28:59.0381 2548 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
22:28:59.0381 2548 [ 47A65753EE82949D01364105AD85D29E ] C:\Windows\SysWOW64\tzres.dll
22:28:59.0381 2548 C:\Windows\SysWOW64\tzres.dll - ok
22:28:59.0381 2548 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
22:28:59.0381 2548 C:\Windows\SysWOW64\schannel.dll - ok
22:28:59.0381 2548 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
22:28:59.0381 2548 C:\Windows\SysWOW64\cscapi.dll - ok
22:28:59.0397 2548 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
22:28:59.0397 2548 C:\Windows\SysWOW64\EhStorShell.dll - ok
22:28:59.0397 2548 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
22:28:59.0397 2548 C:\Windows\System32\cscui.dll - ok
22:28:59.0397 2548 [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
22:28:59.0397 2548 C:\Windows\SysWOW64\cryptnet.dll - ok
22:28:59.0397 2548 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\SysWOW64\cscdll.dll
22:28:59.0397 2548 C:\Windows\SysWOW64\cscdll.dll - ok
22:28:59.0397 2548 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
22:28:59.0397 2548 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
22:28:59.0397 2548 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
22:28:59.0397 2548 C:\Windows\SysWOW64\ntshrui.dll - ok
22:28:59.0412 2548 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
22:28:59.0412 2548 C:\Windows\SysWOW64\imageres.dll - ok
22:28:59.0412 2548 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\SysWOW64\IconCodecService.dll
22:28:59.0412 2548 C:\Windows\SysWOW64\IconCodecService.dll - ok
22:28:59.0412 2548 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
22:28:59.0412 2548 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
22:28:59.0412 2548 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\SysWOW64\iedkcs32.dll
22:28:59.0412 2548 C:\Windows\SysWOW64\iedkcs32.dll - ok
22:28:59.0412 2548 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\SysWOW64\SndVolSSO.dll
22:28:59.0412 2548 C:\Windows\SysWOW64\SndVolSSO.dll - ok
22:28:59.0412 2548 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
22:28:59.0412 2548 C:\Windows\SysWOW64\hid.dll - ok
22:28:59.0412 2548 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
22:28:59.0412 2548 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
22:28:59.0428 2548 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
22:28:59.0428 2548 C:\Windows\SysWOW64\MMDevAPI.dll - ok
22:28:59.0428 2548 [ 7E9917D5309A90E7576653BFE39F80D8 ] C:\Windows\SysWOW64\timedate.cpl
22:28:59.0428 2548 C:\Windows\SysWOW64\timedate.cpl - ok
22:28:59.0428 2548 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
22:28:59.0428 2548 C:\Windows\SysWOW64\mstask.dll - ok
22:28:59.0428 2548 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
22:28:59.0428 2548 C:\Windows\System32\dbghelp.dll - ok
22:28:59.0428 2548 [ 87E5117D11667B8BA763C61F2647B9F6 ] C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_en-us_106f9be843a9b4e3\comctl32.dll.mui
22:28:59.0428 2548 C:\Windows\winsxs\amd64_microsoft.windows.c..-controls.resources_6595b64144ccf1df_6.0.7600.16385_en-us_106f9be843a9b4e3\comctl32.dll.mui - ok
22:28:59.0428 2548 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
22:28:59.0444 2548 C:\Windows\SysWOW64\actxprxy.dll - ok
22:28:59.0444 2548 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
22:28:59.0444 2548 C:\Windows\SysWOW64\shdocvw.dll - ok
22:28:59.0444 2548 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
22:28:59.0444 2548 C:\Windows\SysWOW64\linkinfo.dll - ok
22:28:59.0444 2548 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\SysWOW64\msiltcfg.dll
22:28:59.0444 2548 C:\Windows\SysWOW64\msiltcfg.dll - ok
22:28:59.0444 2548 [ E6DD15E668DAF0A02470CF551B0A0105 ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
22:28:59.0444 2548 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
22:28:59.0444 2548 [ EB7368D501B9D22E777F6011F72F60FE ] C:\Program Files (x86)\Windows Live\Messenger\en\msgslang.dll.mui
22:28:59.0444 2548 C:\Program Files (x86)\Windows Live\Messenger\en\msgslang.dll.mui - ok
22:28:59.0444 2548 [ 1E59A02A8C6F49E61C5880971D560EEE ] C:\Windows\Resources\Themes\Aero\Shell\NormalColor\shellstyle.dll
22:28:59.0459 2548 C:\Windows\Resources\Themes\Aero\Shell\NormalColor\shellstyle.dll - ok
22:28:59.0459 2548 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
22:28:59.0459 2548 C:\Windows\SysWOW64\msftedit.dll - ok
22:28:59.0459 2548 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
22:28:59.0459 2548 C:\Windows\SysWOW64\msls31.dll - ok
22:28:59.0459 2548 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
22:28:59.0459 2548 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
22:28:59.0459 2548 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
22:28:59.0459 2548 C:\Windows\SysWOW64\authui.dll - ok
22:28:59.0459 2548 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
22:28:59.0459 2548 C:\Windows\SysWOW64\cryptui.dll - ok
22:28:59.0459 2548 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\SysWOW64\DeviceCenter.dll
22:28:59.0459 2548 C:\Windows\SysWOW64\DeviceCenter.dll - ok
22:28:59.0475 2548 [ CDB4DFA93177D9FCF3DF4DC6D72232B8 ] C:\Windows\SysWOW64\en-US\DeviceCenter.dll.mui
22:28:59.0475 2548 C:\Windows\SysWOW64\en-US\DeviceCenter.dll.mui - ok
22:28:59.0475 2548 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
22:28:59.0475 2548 C:\Windows\SysWOW64\thumbcache.dll - ok
22:28:59.0475 2548 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
22:28:59.0475 2548 C:\Windows\SysWOW64\networkexplorer.dll - ok
22:28:59.0475 2548 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
22:28:59.0475 2548 C:\Windows\SysWOW64\wdmaud.drv - ok
22:28:59.0475 2548 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
22:28:59.0475 2548 C:\Windows\SysWOW64\ksuser.dll - ok
22:28:59.0475 2548 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
22:28:59.0475 2548 C:\Windows\SysWOW64\AudioSes.dll - ok
22:28:59.0490 2548 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
22:28:59.0490 2548 C:\Windows\SysWOW64\avrt.dll - ok
22:28:59.0490 2548 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
22:28:59.0490 2548 C:\Windows\SysWOW64\msacm32.dll - ok
22:28:59.0490 2548 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
22:28:59.0490 2548 C:\Windows\SysWOW64\msacm32.drv - ok
22:28:59.0490 2548 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
22:28:59.0490 2548 C:\Windows\SysWOW64\midimap.dll - ok
22:28:59.0490 2548 [ FEC4610F1174136B1D3DB2AE37924CE8 ] C:\Program Files (x86)\Citrix\ICA Client\MFC80KOR.dll
22:28:59.0490 2548 C:\Program Files (x86)\Citrix\ICA Client\MFC80KOR.dll - ok
22:28:59.0490 2548 [ 7E14F1832783225866AAD6477F8FA573 ] C:\Windows\System32\igfxress.dll
22:28:59.0490 2548 C:\Windows\System32\igfxress.dll - ok
22:28:59.0506 2548 [ BCD9CBF0621F9A6767276A2E0BF1DD15 ] C:\Users\Pseelam\AppData\Roaming\Google\Google Talk\googletalk.exe
22:28:59.0506 2548 C:\Users\Pseelam\AppData\Roaming\Google\Google Talk\googletalk.exe - ok
22:28:59.0506 2548 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\sfc.dll - ok
22:28:59.0506 2548 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\sfc_os.dll - ok
22:28:59.0506 2548 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\SysWOW64\gameux.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\gameux.dll - ok
22:28:59.0506 2548 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\SysWOW64\wer.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\wer.dll - ok
22:28:59.0506 2548 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\SysWOW64\stobject.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\stobject.dll - ok
22:28:59.0506 2548 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\SysWOW64\batmeter.dll
22:28:59.0506 2548 C:\Windows\SysWOW64\batmeter.dll - ok
22:28:59.0522 2548 [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
22:28:59.0522 2548 C:\Windows\SysWOW64\msisip.dll - ok
22:28:59.0522 2548 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
22:28:59.0522 2548 C:\Windows\System32\ExplorerFrame.dll - ok
22:28:59.0522 2548 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
22:28:59.0522 2548 C:\Windows\System32\cscdll.dll - ok
22:28:59.0522 2548 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
22:28:59.0522 2548 C:\Windows\System32\EhStorShell.dll - ok
22:28:59.0522 2548 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
22:28:59.0522 2548 C:\Windows\System32\ntshrui.dll - ok
22:28:59.0522 2548 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
22:28:59.0522 2548 C:\Windows\System32\IconCodecService.dll - ok
22:28:59.0537 2548 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
22:28:59.0537 2548 C:\Windows\System32\appinfo.dll - ok
22:28:59.0537 2548 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\SysWOW64\shacct.dll
22:28:59.0537 2548 C:\Windows\SysWOW64\shacct.dll - ok
22:28:59.0537 2548 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\SysWOW64\IDStore.dll
22:28:59.0537 2548 C:\Windows\SysWOW64\IDStore.dll - ok
22:28:59.0537 2548 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
22:28:59.0537 2548 C:\Windows\SysWOW64\runonce.exe - ok
22:28:59.0537 2548 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
22:28:59.0537 2548 C:\Windows\System32\runonce.exe - ok
22:28:59.0537 2548 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
22:28:59.0537 2548 C:\Windows\SysWOW64\cmd.exe - ok
22:28:59.0553 2548 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
22:28:59.0553 2548 C:\Windows\SysWOW64\winbrand.dll - ok
22:28:59.0553 2548 [ 0BA3F31E2B4D8D99DF8DD19E81155374 ] C:\Windows\SysWOW64\ieframe.dll
22:28:59.0553 2548 C:\Windows\SysWOW64\ieframe.dll - ok
22:28:59.0553 2548 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
22:28:59.0553 2548 C:\Windows\System32\aelupsvc.dll - ok
22:28:59.0553 2548 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
22:28:59.0553 2548 C:\Windows\SysWOW64\oleacc.dll - ok
22:28:59.0553 2548 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Pseelam\AppData\Local\Temp\FB51CFFF-E2D1-47AC-A6D3-1BE3824D182B.exe
22:28:59.0553 2548 C:\Users\Pseelam\AppData\Local\Temp\FB51CFFF-E2D1-47AC-A6D3-1BE3824D182B.exe - ok
22:28:59.0553 2548 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\SysWOW64\netshell.dll
22:28:59.0553 2548 C:\Windows\SysWOW64\netshell.dll - ok
22:28:59.0553 2548 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\SysWOW64\rasdlg.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\rasdlg.dll - ok
22:28:59.0568 2548 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\SysWOW64\mprapi.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\mprapi.dll - ok
22:28:59.0568 2548 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\rtutils.dll - ok
22:28:59.0568 2548 [ 96C450ECE93C0C84BFA83555EBEA157F ] C:\Windows\SysWOW64\CCM\SrcUpdateMgr.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\CCM\SrcUpdateMgr.dll - ok
22:28:59.0568 2548 [ 91CD4D7AAE98150CE63DCC38EE6D0C60 ] C:\Windows\SysWOW64\CCM\CcmDTS.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\CCM\CcmDTS.dll - ok
22:28:59.0568 2548 [ 3603471788B0BCA891845A91C14B50EB ] C:\Windows\SysWOW64\CCM\CcmCTMNotification.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\CCM\CcmCTMNotification.dll - ok
22:28:59.0568 2548 [ FF4047C964F5E2019513AEEE54782D70 ] C:\Windows\SysWOW64\CCM\smssha.dll
22:28:59.0568 2548 C:\Windows\SysWOW64\CCM\smssha.dll - ok
22:28:59.0584 2548 [ F931798C3A94478BEE548EC47EA0955A ] C:\Windows\SysWOW64\CCM\UpdatesDeployment.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\CCM\UpdatesDeployment.dll - ok
22:28:59.0584 2548 [ D4E1CA768B9741B3C6143112C3EDF72F ] C:\Windows\SysWOW64\CCM\ScanAgent.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\CCM\ScanAgent.dll - ok
22:28:59.0584 2548 [ 3954E070B94CBD04D5E775D5611F8066 ] C:\Windows\SysWOW64\CCM\Sched.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\CCM\Sched.dll - ok
22:28:59.0584 2548 [ 8080F8DFF9E332825E7E605843A2F390 ] C:\Windows\SysWOW64\CCM\rebootcoord.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\CCM\rebootcoord.dll - ok
22:28:59.0584 2548 [ 734113B929E18C20F7978B103B2CF479 ] C:\Windows\SysWOW64\CCM\RTConfiguration.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\CCM\RTConfiguration.dll - ok
22:28:59.0584 2548 [ A6154A954F08E99D27CEA4D3B9563172 ] C:\Windows\SysWOW64\newdev.dll
22:28:59.0584 2548 C:\Windows\SysWOW64\newdev.dll - ok
22:28:59.0600 2548 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\devrtl.dll - ok
22:28:59.0600 2548 [ 98D2D549F4B4A97AB628109AB6F0F19C ] C:\Windows\SysWOW64\CCM\UpdatesStore.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\CCM\UpdatesStore.dll - ok
22:28:59.0600 2548 [ FA962A229F7E129F853CFE0712790A64 ] C:\Windows\SysWOW64\CCM\ContentAccess.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\CCM\ContentAccess.dll - ok
22:28:59.0600 2548 [ 1A8C189F1BE65D44C7F816D9C521E08D ] C:\Windows\SysWOW64\CCM\CPApplet.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\CCM\CPApplet.dll - ok
22:28:59.0600 2548 [ 769AD58D16C6E7314D252BDDA3B13157 ] C:\Windows\SysWOW64\CCM\CcmCTM.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\CCM\CcmCTM.dll - ok
22:28:59.0600 2548 [ 44CF581237948F2742987C87E7C28E5B ] C:\Windows\SysWOW64\CCM\librdc.dll
22:28:59.0600 2548 C:\Windows\SysWOW64\CCM\librdc.dll - ok
22:28:59.0615 2548 [ DAD9E1739A0A3E86F6AD40E4A662ADFF ] C:\Windows\SysWOW64\CCM\execmgr.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\CCM\execmgr.dll - ok
22:28:59.0615 2548 [ 9AA842F64141BA16947706B5C7CBC925 ] C:\Windows\SysWOW64\CCM\VAppLaunchMgr.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\CCM\VAppLaunchMgr.dll - ok
22:28:59.0615 2548 [ 99EBE5D789796C952B0E86879B3EA501 ] C:\Windows\SysWOW64\CCM\SrvWinMgr.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\CCM\SrvWinMgr.dll - ok
22:28:59.0615 2548 [ 1F1F60D2D5D29A8C342182EBB88E3B43 ] C:\Windows\SysWOW64\wbem\stdprov.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\wbem\stdprov.dll - ok
22:28:59.0615 2548 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\SysWOW64\es.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\es.dll - ok
22:28:59.0615 2548 [ EFEFBEED50EFB289FA877C9AF275A813 ] C:\Windows\SysWOW64\CCM\StatusAgent.dll
22:28:59.0615 2548 C:\Windows\SysWOW64\CCM\StatusAgent.dll - ok
22:28:59.0615 2548 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\SysWOW64\wbem\WmiDcPrv.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\wbem\WmiDcPrv.dll - ok
22:28:59.0631 2548 [ D4C5FCB080357C2D181D144BDF6F10F1 ] C:\Windows\SysWOW64\CCM\StatusAgentProxy.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\CCM\StatusAgentProxy.dll - ok
22:28:59.0631 2548 [ 21F3490AA2B7429820712A91DB2964E5 ] C:\Windows\SysWOW64\CCM\smsclient.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\CCM\smsclient.dll - ok
22:28:59.0631 2548 [ 5F865E727F969A91F69FB40AC1949742 ] C:\Windows\SysWOW64\CCM\RTEndPoint.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\CCM\RTEndPoint.dll - ok
22:28:59.0631 2548 [ 2E0338E9FAA15A82FC4444AEF405311E ] C:\Windows\SysWOW64\CCM\ccmident.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\CCM\ccmident.dll - ok
22:28:59.0631 2548 [ 62821D9C90F2B3C7B4D1204CCD3AA881 ] C:\Windows\SysWOW64\CCM\RCConfigRes.dll
22:28:59.0631 2548 C:\Windows\SysWOW64\CCM\RCConfigRes.dll - ok
22:28:59.0631 2548 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
22:28:59.0631 2548 C:\Windows\System32\ie4uinit.exe - ok
22:28:59.0646 2548 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
22:28:59.0646 2548 C:\Windows\System32\iedkcs32.dll - ok
22:28:59.0646 2548 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
22:28:59.0646 2548 C:\Windows\SysWOW64\samlib.dll - ok
22:28:59.0646 2548 [ F4CB9FF6AA4F0D3FBE707BE54BB05768 ] C:\Windows\SysWOW64\gpedit.dll
22:28:59.0646 2548 C:\Windows\SysWOW64\gpedit.dll - ok
22:28:59.0646 2548 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
22:28:59.0646 2548 C:\Windows\System32\timedate.cpl - ok
22:28:59.0646 2548 [ 918379B6C94AA59F567E06FB4E0E5E1B ] C:\Windows\SysWOW64\dsuiext.dll
22:28:59.0646 2548 C:\Windows\SysWOW64\dsuiext.dll - ok
22:28:59.0646 2548 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\SysWOW64\dsrole.dll
22:28:59.0646 2548 C:\Windows\SysWOW64\dsrole.dll - ok
22:28:59.0662 2548 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
22:28:59.0662 2548 C:\Windows\System32\shdocvw.dll - ok
22:28:59.0662 2548 [ 7FAEB58D3AEA4C0A6764060A08C67579 ] C:\Windows\SysWOW64\dssec.dll
22:28:59.0662 2548 C:\Windows\SysWOW64\dssec.dll - ok
22:28:59.0662 2548 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
22:28:59.0662 2548 C:\Windows\System32\linkinfo.dll - ok
22:28:59.0662 2548 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
22:28:59.0662 2548 C:\Windows\SysWOW64\authz.dll - ok
22:28:59.0662 2548 [ 7AA994D0757EF3FDB4F3F7656E1E4D60 ] C:\Windows\SysWOW64\dfscli.dll
22:28:59.0662 2548 C:\Windows\SysWOW64\dfscli.dll - ok
22:28:59.0662 2548 [ C08C86256696441E95C7E50B4CE48B2D ] C:\Program Files (x86)\Cisco Systems\VPN Client\ipsecdialer.exe
22:28:59.0662 2548 C:\Program Files (x86)\Cisco Systems\VPN Client\ipsecdialer.exe - ok
22:28:59.0678 2548 [ D0481FB85BEEDD30A0884BE327880F80 ] C:\Windows\SysWOW64\framedynos.dll
22:28:59.0678 2548 C:\Windows\SysWOW64\framedynos.dll - ok
22:28:59.0678 2548 [ BECEEE04AAB6388B66D1FCBD2A9F19A1 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
22:28:59.0678 2548 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe - ok
22:28:59.0678 2548 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
22:28:59.0678 2548 C:\Windows\System32\msftedit.dll - ok
22:28:59.0678 2548 [ 2D08AC1443FFA7FBED9A5EA5FD49AEB3 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
22:28:59.0678 2548 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
22:28:59.0678 2548 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
22:28:59.0678 2548 C:\Windows\System32\msls31.dll - ok
22:28:59.0678 2548 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
22:28:59.0678 2548 C:\Windows\System32\DeviceCenter.dll - ok
22:28:59.0693 2548 [ AA1BB3E3EBDA0640711F8C5886A3CFEC ] C:\Windows\SysWOW64\RCAgent.exe
22:28:59.0693 2548 C:\Windows\SysWOW64\RCAgent.exe - ok
22:28:59.0693 2548 [ EC79BE98DA3FA1C6E373547F6F8B28E9 ] C:\Windows\SysWOW64\CCM\CCMAuthMessageHook.dll
22:28:59.0693 2548 C:\Windows\SysWOW64\CCM\CCMAuthMessageHook.dll - ok
22:28:59.0693 2548 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
22:28:59.0693 2548 C:\Windows\System32\gameux.dll - ok
22:28:59.0693 2548 [ DC1B064033D506F6EA285D79CFE52E59 ] C:\Windows\SysWOW64\CCM\clicomp\RemCtrl\RCServer.exe
22:28:59.0693 2548 C:\Windows\SysWOW64\CCM\clicomp\RemCtrl\RCServer.exe - ok
22:28:59.0693 2548 [ BC547A33D2FE37252A52EB3C747C26D5 ] C:\Windows\SysWOW64\CCM\LSInterface.dll
22:28:59.0693 2548 C:\Windows\SysWOW64\CCM\LSInterface.dll - ok
22:28:59.0693 2548 [ 993F16F20CF32DD55B8894338BF88537 ] C:\Program Files\DellTPad\Apoint.dll
22:28:59.0693 2548 C:\Program Files\DellTPad\Apoint.dll - ok
22:28:59.0709 2548 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
22:28:59.0709 2548 C:\Windows\System32\thumbcache.dll - ok
22:28:59.0709 2548 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
22:28:59.0709 2548 C:\Windows\System32\networkexplorer.dll - ok
22:28:59.0709 2548 [ E937B2952DF62B980E8B0028D00BB4C2 ] C:\Windows\System32\Vxdif.dll
22:28:59.0709 2548 C:\Windows\System32\Vxdif.dll - ok
22:28:59.0709 2548 [ 67611DEA70471375E1913A4CFC6A6575 ] C:\Program Files\DellTPad\EzAuto.dll
22:28:59.0709 2548 C:\Program Files\DellTPad\EzAuto.dll - ok
22:28:59.0709 2548 [ 3E709F7BFA217CD3B6FC338780465E20 ] C:\Windows\SysWOW64\adsldp.dll
22:28:59.0709 2548 C:\Windows\SysWOW64\adsldp.dll - ok
22:28:59.0709 2548 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
22:28:59.0709 2548 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
22:28:59.0724 2548 [ AD44FCFA5600C8B546E9F768C1E234C0 ] C:\Windows\System32\igfxtray.exe
22:28:59.0724 2548 C:\Windows\System32\igfxtray.exe - ok
22:28:59.0724 2548 [ 24CAEDCD73B5B0E22226283B7B2468C7 ] C:\Windows\SysWOW64\mfc42u.dll
22:28:59.0724 2548 C:\Windows\SysWOW64\mfc42u.dll - ok
22:28:59.0724 2548 [ 92D65E5A207C81F15DC546C0365A1753 ] C:\Windows\System32\hccutils.dll
22:28:59.0724 2548 C:\Windows\System32\hccutils.dll - ok
22:28:59.0724 2548 [ 70560902732B0E9DFFCD137ACC04AD67 ] C:\Windows\System32\hkcmd.exe
22:28:59.0724 2548 C:\Windows\System32\hkcmd.exe - ok
22:28:59.0724 2548 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
22:28:59.0724 2548 C:\Windows\System32\consent.exe - ok
22:28:59.0724 2548 [ 63FF023CE8C1221B51311937261D54E8 ] C:\Windows\System32\igfxpers.exe
22:28:59.0724 2548 C:\Windows\System32\igfxpers.exe - ok
22:28:59.0724 2548 [ 2D18C5C48F4EADFAA4F8D67D990A4CED ] C:\Program Files\IDT\WDM\stlang64.dll
22:28:59.0724 2548 C:\Program Files\IDT\WDM\stlang64.dll - ok
22:28:59.0740 2548 [ 5B51847B076D38BD65028BC0C357CC5E ] C:\Windows\System32\igfxsrvc.exe
22:28:59.0740 2548 C:\Windows\System32\igfxsrvc.exe - ok
22:28:59.0740 2548 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
22:28:59.0740 2548 C:\Windows\System32\mfc42u.dll - ok
22:28:59.0740 2548 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\SysWOW64\wmsgapi.dll
22:28:59.0740 2548 C:\Windows\SysWOW64\wmsgapi.dll - ok
22:28:59.0740 2548 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\SysWOW64\MsCtfMonitor.dll
22:28:59.0740 2548 C:\Windows\SysWOW64\MsCtfMonitor.dll - ok
22:28:59.0740 2548 [ C90DF97E0434BDB9BA1B53DAA0613E88 ] C:\Windows\System32\igfxsrvc.dll
22:28:59.0740 2548 C:\Windows\System32\igfxsrvc.dll - ok
22:28:59.0740 2548 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\SysWOW64\msutb.dll
22:28:59.0740 2548 C:\Windows\SysWOW64\msutb.dll - ok
22:28:59.0756 2548 [ 381AAB4EEDDB57D77D2619874649B709 ] C:\Windows\System32\igfxdev.dll
22:28:59.0756 2548 C:\Windows\System32\igfxdev.dll - ok
22:28:59.0756 2548 [ 3CDC9975457E78EE6A9D64599DBB76DD ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
22:28:59.0756 2548 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
22:28:59.0756 2548 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
22:28:59.0756 2548 C:\Windows\System32\oleacc.dll - ok
22:28:59.0756 2548 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
22:28:59.0756 2548 C:\Program Files\Windows Sidebar\sidebar.exe - ok
22:28:59.0756 2548 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
22:28:59.0756 2548 C:\Windows\SysWOW64\riched20.dll - ok
22:28:59.0756 2548 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
22:28:59.0756 2548 C:\Windows\SysWOW64\msxml3.dll - ok
22:28:59.0771 2548 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
22:28:59.0771 2548 C:\Windows\SysWOW64\credui.dll - ok
22:28:59.0771 2548 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
22:28:59.0771 2548 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
22:28:59.0771 2548 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
22:28:59.0771 2548 C:\Windows\System32\msimg32.dll - ok
22:28:59.0771 2548 [ 75EB974222F293159427F9A77A5F3C6A ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll
22:28:59.0771 2548 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\msoshext.dll - ok
22:28:59.0771 2548 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\SysWOW64\taskschd.dll
22:28:59.0771 2548 C:\Windows\SysWOW64\taskschd.dll - ok
22:28:59.0771 2548 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
22:28:59.0771 2548 C:\Windows\System32\wsock32.dll - ok
22:28:59.0787 2548 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
22:28:59.0787 2548 C:\Windows\System32\stobject.dll - ok
22:28:59.0787 2548 [ E1A4E83428A43374BE5CE1130AE502E2 ] C:\Windows\System32\igfxrenu.lrc
22:28:59.0787 2548 C:\Windows\System32\igfxrenu.lrc - ok
22:28:59.0787 2548 [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
22:28:59.0787 2548 C:\Windows\SysWOW64\netbios.dll - ok
22:28:59.0787 2548 [ B0DB4C35C028CCC350069AA8297847F2 ] C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
22:28:59.0787 2548 C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE - ok
22:28:59.0787 2548 [ 6C12BD722FFC94584348DD34F4059FC5 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
22:28:59.0787 2548 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
22:28:59.0787 2548 [ 774E7700F36EAA59DCDE831FAE1A4204 ] C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE
22:28:59.0787 2548 C:\Program Files (x86)\Microsoft Office\Office12\MSPUB.EXE - ok
22:28:59.0802 2548 [ 14EA21DC02906EB7E0CCF0D47B9F6A89 ] C:\Program Files (x86)\Microsoft Office\Office12\VISIO.EXE
22:28:59.0802 2548 C:\Program Files (x86)\Microsoft Office\Office12\VISIO.EXE - ok
22:28:59.0802 2548 [ 3494C165F17A9C417E47552D40E99A88 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
22:28:59.0802 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
22:28:59.0802 2548 [ 34EBD4FF6A24D86BB4716D6AFCC1A89B ] C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
22:28:59.0802 2548 C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe - ok
22:28:59.0802 2548 [ A225009FD9119B599076ABB43B0EB06A ] C:\Program Files (x86)\Photo to Cartoon\Photo to Cartoon.exe
22:28:59.0802 2548 C:\Program Files (x86)\Photo to Cartoon\Photo to Cartoon.exe - ok
22:28:59.0802 2548 [ D91C7F4A0A9D7A86F2A9D5E8CB19C53E ] C:\Program Files (x86)\Cisco Systems\VPN Client\SetMTU.exe
22:28:59.0802 2548 C:\Program Files (x86)\Cisco Systems\VPN Client\SetMTU.exe - ok
22:28:59.0802 2548 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
22:28:59.0802 2548 C:\Windows\System32\batmeter.dll - ok
22:28:59.0818 2548 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
22:28:59.0818 2548 C:\Windows\SysWOW64\wshqos.dll - ok
22:28:59.0818 2548 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\51437847.sys
22:28:59.0818 2548 C:\Windows\System32\drivers\51437847.sys - ok
22:28:59.0818 2548 [ F7606EA5B7DE23483520415DD9165695 ] C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe
22:28:59.0818 2548 C:\Program Files (x86)\Citrix\ICA Client\pnagent.exe - ok
22:28:59.0818 2548 [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
22:28:59.0818 2548 C:\Windows\System32\IccLibDll_x64.dll - ok
22:28:59.0818 2548 [ 4ECE12D296ED94CA2C7DD6C383A5AB66 ] C:\Windows\System32\ieframe.dll
22:28:59.0818 2548 C:\Windows\System32\ieframe.dll - ok
22:28:59.0818 2548 [ ABB1B50F36CCBEF119FBEF8FDF14AD61 ] C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
22:28:59.0818 2548 C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL - ok
22:28:59.0834 2548 [ 84087AA3632938FF72E4A4F20C576FF1 ] C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe
22:28:59.0834 2548 C:\Program Files (x86)\IBM\Client Access\cwbsvstr.exe - ok
22:28:59.0834 2548 [ 93041736961E33317C5005684D9F2105 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll
22:28:59.0834 2548 C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll - ok
22:28:59.0834 2548 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
22:28:59.0834 2548 C:\Windows\SysWOW64\mlang.dll - ok
22:28:59.0834 2548 [ 4086E0D06C46691F1D9BAB33F4140BBD ] C:\Program Files (x86)\Microsoft Lync\ocpubmgr.exe
22:28:59.0834 2548 C:\Program Files (x86)\Microsoft Lync\ocpubmgr.exe - ok
22:28:59.0834 2548 [ 7915DFE088D34E88C1BAD725DBACC580 ] C:\Windows\SysWOW64\cwbcore.dll
22:28:59.0834 2548 C:\Windows\SysWOW64\cwbcore.dll - ok
22:28:59.0834 2548 [ CA32754112408E8D6A12C83D2FA1DFAF ] C:\Program Files\Microsoft IntelliPoint\DPLaunch.exe
22:28:59.0834 2548 C:\Program Files\Microsoft IntelliPoint\DPLaunch.exe - ok
22:28:59.0849 2548 [ 61BC5F2AE00B24DD37BFFDCD104F587B ] C:\Program Files\Microsoft IntelliPoint\qs.exe
22:28:59.0849 2548 C:\Program Files\Microsoft IntelliPoint\qs.exe - ok
22:28:59.0849 2548 [ BB197F54A8F69EEA8356B7F70E6D3A20 ] C:\Windows\SysWOW64\mshtml.dll
22:28:59.0849 2548 C:\Windows\SysWOW64\mshtml.dll - ok
22:28:59.0849 2548 [ C9815BF2727A4C32202347F22B275A7D ] C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE
22:28:59.0849 2548 C:\Program Files (x86)\Microsoft Office\Office12\MSACCESS.EXE - ok
22:28:59.0849 2548 [ E73C8DAA1F0ABE5E10F584DF12E4A334 ] C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE
22:28:59.0849 2548 C:\Program Files (x86)\Microsoft Office\Office12\INFOPATH.EXE - ok
22:28:59.0849 2548 [ 3E790F627FF9D5FA610BD2ACF66016B3 ] C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
22:28:59.0849 2548 C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE - ok
22:28:59.0849 2548 [ 196506408EEBAAE7A50AEC996BA875FD ] C:\Program Files (x86)\Microsoft Office\Office12\MSTORE.EXE
22:28:59.0849 2548 C:\Program Files (x86)\Microsoft Office\Office12\MSTORE.EXE - ok
22:28:59.0865 2548 [ 9E7C3FA7B1A462A09D4153CED41FEB61 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE
22:28:59.0865 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OFFDIAG.EXE - ok
22:28:59.0865 2548 [ 602F7A721C4E684CA16629CC4587FF9D ] C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE
22:28:59.0865 2548 C:\Program Files (x86)\Microsoft Office\Office12\OIS.EXE - ok
22:28:59.0865 2548 [ 9FD4833BE2F3B718886EDA110AA08FB6 ] C:\Windows\SysWOW64\cwbunpls.dll
22:28:59.0865 2548 C:\Windows\SysWOW64\cwbunpls.dll - ok
22:28:59.0865 2548 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:28:59.0865 2548 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
22:28:59.0865 2548 [ 115CAA21C6A8F4DAB011F034887854F5 ] C:\Program Files (x86)\QuickTime\PictureViewer.exe
22:28:59.0865 2548 C:\Program Files (x86)\QuickTime\PictureViewer.exe - ok
22:28:59.0865 2548 [ F244DA6DD2C365ABAFD076222C22C2BE ] C:\Windows\System32\mshtml.dll
22:28:59.0865 2548 C:\Windows\System32\mshtml.dll - ok
22:28:59.0865 2548 [ F0FC175B34A1FD44FEE3CB0C08F4E667 ] C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
22:28:59.0865 2548 C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll - ok
22:28:59.0880 2548 [ E2C48CD0132D4D1DC7D0DF9A6BEF686A ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll
22:28:59.0880 2548 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80u.dll - ok
22:28:59.0880 2548 [ B79515AFF098E5A56DFBD316152534DE ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
22:28:59.0880 2548 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL - ok
22:28:59.0880 2548 [ AB1F1374CE30F0679263A05EF40AFDDC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
22:28:59.0880 2548 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
22:28:59.0880 2548 [ 916A2C4EB028604783FD5EA169236C1D ] C:\Program Files (x86)\QuickTime\QTTask.exe
22:28:59.0880 2548 C:\Program Files (x86)\QuickTime\QTTask.exe - ok
22:28:59.0880 2548 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
22:28:59.0880 2548 C:\Windows\System32\mstask.dll - ok
22:28:59.0880 2548 [ 3A75EA40B301BAAD2A159D728D5A00BE ] C:\Program Files (x86)\Snagit 10\SnagitEditor.exe
22:28:59.0880 2548 C:\Program Files (x86)\Snagit 10\SnagitEditor.exe - ok
22:28:59.0896 2548 [ C8841EF9357DD13468CDAFC28BFBC86F ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
22:28:59.0896 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
22:28:59.0896 2548 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\SysWOW64\prnfldr.dll
22:28:59.0896 2548 C:\Windows\SysWOW64\prnfldr.dll - ok
22:28:59.0896 2548 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
22:28:59.0896 2548 C:\Windows\SysWOW64\msxml6.dll - ok
22:28:59.0896 2548 [ 5C60CEF7BF63700423978EE2D2889672 ] C:\Program Files (x86)\Snagit 10\Snagit32.exe
22:28:59.0896 2548 C:\Program Files (x86)\Snagit 10\Snagit32.exe - ok
22:28:59.0896 2548 [ 6DCFADDA4F2A6D3396D13F0554D672E8 ] C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
22:28:59.0896 2548 C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe - ok
22:28:59.0896 2548 [ 2921E6D5902AFD180C180503706A091A ] C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
22:28:59.0896 2548 C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll - ok

TDSS Killer - log part 3
----------------------------------------------

22:28:59.0912 2548 [ 4DAB37E8BEDA1F286F0C40B8AAB0D65C ] C:\Program Files (x86)\Everything\Everything.exe
22:28:59.0912 2548 C:\Program Files (x86)\Everything\Everything.exe - ok
22:28:59.0912 2548 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
22:28:59.0912 2548 C:\Windows\System32\prnfldr.dll - ok
22:28:59.0912 2548 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
22:28:59.0912 2548 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
22:28:59.0912 2548 [ 84A6DEF57832367A4C6462A5E67455B1 ] C:\Windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe
22:28:59.0912 2548 C:\Windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe - ok
22:28:59.0912 2548 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
22:28:59.0912 2548 C:\Windows\SysWOW64\hhctrl.ocx - ok
22:28:59.0912 2548 [ 99DFE302E5C5E4A64C2BEBE7ED16AB78 ] C:\Program Files (x86)\Citrix\ICA Client\SetIntegrityLevel.exe
22:28:59.0912 2548 C:\Program Files (x86)\Citrix\ICA Client\SetIntegrityLevel.exe - ok
22:28:59.0927 2548 [ FD97807051658AE27799BE3A557D3776 ] C:\Program Files\DellTPad\ApntEx.exe
22:28:59.0927 2548 C:\Program Files\DellTPad\ApntEx.exe - ok
22:28:59.0927 2548 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
22:28:59.0927 2548 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
22:28:59.0927 2548 [ C307189B3D5D5148A46ED38196869642 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll
22:28:59.0927 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll - ok
22:28:59.0927 2548 [ FB355B817AE641BBAE08607E58CB5CE2 ] C:\Windows\System32\hhctrl.ocx
22:28:59.0927 2548 C:\Windows\System32\hhctrl.ocx - ok
22:28:59.0927 2548 [ 1B0E5412AB8F30B8ED2AEAC2C530EB90 ] C:\Program Files\DellTPad\hidfind.exe
22:28:59.0927 2548 C:\Program Files\DellTPad\hidfind.exe - ok
22:28:59.0927 2548 [ A3139D286C8C358A7539F086688912D7 ] C:\Windows\SysWOW64\cwbad1.dll
22:28:59.0927 2548 C:\Windows\SysWOW64\cwbad1.dll - ok
22:28:59.0943 2548 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\SysWOW64\UIAnimation.dll
22:28:59.0943 2548 C:\Windows\SysWOW64\UIAnimation.dll - ok
22:28:59.0943 2548 [ 25D20AE0D45AF72FE22D65B87FC60410 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll
22:28:59.0943 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll - ok
22:28:59.0943 2548 [ 9D878D43C8B8D6EB4EF368CEB995E5EE ] C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe
22:28:59.0943 2548 C:\Program Files (x86)\Citrix\ICA Client\pnamain.exe - ok
22:28:59.0943 2548 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
22:28:59.0943 2548 C:\Windows\System32\UIAnimation.dll - ok
22:28:59.0943 2548 [ F79481D7C116F6EA593F9FDBC1BF0C32 ] C:\Windows\SysWOW64\cwbunpla.dll
22:28:59.0943 2548 C:\Windows\SysWOW64\cwbunpla.dll - ok
22:28:59.0943 2548 [ 36C727491F1F934EF3CAEE686C946DE5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
22:28:59.0943 2548 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe - ok
22:28:59.0958 2548 [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
22:28:59.0958 2548 C:\Windows\System32\msisip.dll - ok
22:28:59.0958 2548 [ DE5CBFF96E4A9E49281A61B67C3A8D99 ] C:\Windows\SysWOW64\CCM\MtrMgr.dll
22:28:59.0958 2548 C:\Windows\SysWOW64\CCM\MtrMgr.dll - ok
22:28:59.0958 2548 [ E8F6851E4600CD3674422487EE240941 ] C:\Windows\SysWOW64\wshext.dll
22:28:59.0958 2548 C:\Windows\SysWOW64\wshext.dll - ok
22:28:59.0958 2548 [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
22:28:59.0958 2548 C:\Windows\System32\wshext.dll - ok
22:28:59.0958 2548 [ A287C972B8A1A4C056A18031F6B74CDB ] C:\Windows\SysWOW64\cwbsof.dll
22:28:59.0958 2548 C:\Windows\SysWOW64\cwbsof.dll - ok
22:28:59.0958 2548 [ 08004F5322ACD10BBF77A724BE575B52 ] C:\Windows\SysWOW64\CCM\Prep.dll
22:28:59.0958 2548 C:\Windows\SysWOW64\CCM\Prep.dll - ok
22:28:59.0974 2548 [ 2875B386B45B8A77E2343C5E129AE50C ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll
22:28:59.0974 2548 C:\Windows\SysWOW64\WindowsPowerShell\v1.0\pwrshsip.dll - ok
22:28:59.0974 2548 [ 2B62B4A9FDA362CB81739208DD35A1D6 ] C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
22:28:59.0974 2548 C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll - ok
22:28:59.0974 2548 [ 06D938F476FEB52DB54FAA3EA1145A03 ] C:\Program Files (x86)\Anvi Smart Defender\ASDTray.exe
22:28:59.0974 2548 C:\Program Files (x86)\Anvi Smart Defender\ASDTray.exe - ok
22:28:59.0974 2548 [ A7AE077C9D0FF5DC2581E4594A8F48FC ] C:\Windows\SysWOW64\cwbrc.dll
22:28:59.0974 2548 C:\Windows\SysWOW64\cwbrc.dll - ok
22:28:59.0974 2548 [ 1908FFADF1D45F0EEB0FFA541B677AEB ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
22:28:59.0974 2548 C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
22:28:59.0974 2548 [ 3A603DD6466569970BD99DFB4C63BBC7 ] C:\Windows\SysWOW64\CCM\PrepDrv.sys
22:28:59.0974 2548 C:\Windows\SysWOW64\CCM\PrepDrv.sys - ok
22:28:59.0990 2548 [ A51876D47AF5EEAFB9C9E1347EAEDAA7 ] C:\Windows\SysWOW64\cwbunssl.dll
22:28:59.0990 2548 C:\Windows\SysWOW64\cwbunssl.dll - ok
22:28:59.0990 2548 [ 8FFDEE4480B990BF226352757E2ED874 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll
22:28:59.0990 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll - ok
22:28:59.0990 2548 [ BE6D50323EE3B9CEBA92917035D9B7E0 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
22:28:59.0990 2548 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
22:28:59.0990 2548 [ 8DCCA78E1FFB4D8B77CC228D876B8AF4 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\pnamaiUI.dll
22:28:59.0990 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\pnamaiUI.dll - ok
22:28:59.0990 2548 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
22:28:59.0990 2548 C:\Windows\System32\DXP.dll - ok
22:28:59.0990 2548 [ F178925CD346830FA8D1C20F3A91B721 ] C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
22:28:59.0990 2548 C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe - ok
22:29:00.0005 2548 [ 658EDBB6499D2C57C7A88FDF0631AB5D ] C:\Windows\SysWOW64\cwbsv.dll
22:29:00.0005 2548 C:\Windows\SysWOW64\cwbsv.dll - ok
22:29:00.0005 2548 [ 6A3391C47D8EEEE56459B81345F7A8A0 ] C:\ProgramData\WebEx\WebEx\1126\atmgr.exe
22:29:00.0005 2548 C:\ProgramData\WebEx\WebEx\1126\atmgr.exe - ok
22:29:00.0005 2548 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
22:29:00.0005 2548 C:\Windows\SysWOW64\security.dll - ok
22:29:00.0005 2548 [ 89B75C8278B29D558FAB281A624131FE ] C:\Windows\SysWOW64\cwbco.dll
22:29:00.0005 2548 C:\Windows\SysWOW64\cwbco.dll - ok
22:29:00.0005 2548 [ 0EA7833A4F2B5E69C2FDB51154EC502C ] C:\Program Files (x86)\SAP\Business Explorer\BI\BExQueryDesignerStarter.exe
22:29:00.0005 2548 C:\Program Files (x86)\SAP\Business Explorer\BI\BExQueryDesignerStarter.exe - ok
22:29:00.0005 2548 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\SysWOW64\Syncreg.dll
22:29:00.0005 2548 C:\Windows\SysWOW64\Syncreg.dll - ok
22:29:00.0005 2548 [ 79D3D4964629935C0E997891F14B57ED ] C:\Windows\SysWOW64\cwbad.dll
22:29:00.0005 2548 C:\Windows\SysWOW64\cwbad.dll - ok
22:29:00.0021 2548 [ 1F5AFD468EB5E09E9ED75A087529EAB5 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
22:29:00.0021 2548 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
22:29:00.0021 2548 [ 0355D810906CB61FA2C15005EF64B373 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiSharedAddinLauncher.exe
22:29:00.0021 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiSharedAddinLauncher.exe - ok
22:29:00.0021 2548 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
22:29:00.0021 2548 C:\Windows\System32\Syncreg.dll - ok
22:29:00.0021 2548 [ A42E7748BE906434C5FD17161D168C20 ] C:\Windows\SysWOW64\schedcli.dll
22:29:00.0021 2548 C:\Windows\SysWOW64\schedcli.dll - ok
22:29:00.0021 2548 [ E9E93172458AFE1733A920336E65C15D ] C:\Windows\SysWOW64\cwbnl.dll
22:29:00.0021 2548 C:\Windows\SysWOW64\cwbnl.dll - ok
22:29:00.0021 2548 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\SysWOW64\ActionCenter.dll
22:29:00.0021 2548 C:\Windows\SysWOW64\ActionCenter.dll - ok
22:29:00.0036 2548 [ 2DFD7030D11499E081F7B1ADEBF6BB0A ] C:\Windows\SysWOW64\cwbbsspi.dll
22:29:00.0036 2548 C:\Windows\SysWOW64\cwbbsspi.dll - ok
22:29:00.0036 2548 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
22:29:00.0036 2548 C:\Windows\SysWOW64\msimtf.dll - ok
22:29:00.0036 2548 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
22:29:00.0036 2548 C:\Windows\System32\msimtf.dll - ok
22:29:00.0036 2548 [ 27F140448E64204371BAFC46C176B6D3 ] C:\Windows\SysWOW64\cwbbspc.dll
22:29:00.0036 2548 C:\Windows\SysWOW64\cwbbspc.dll - ok
22:29:00.0036 2548 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
22:29:00.0036 2548 C:\Windows\System32\ActionCenter.dll - ok
22:29:00.0036 2548 [ 768782B9BB5ABB8C930FF455190ED589 ] C:\Windows\SysWOW64\CCM\WUAHandler.dll
22:29:00.0036 2548 C:\Windows\SysWOW64\CCM\WUAHandler.dll - ok
22:29:00.0052 2548 [ DCCD338C3CDF6C9723387F9CFBAB9D8F ] C:\Windows\SysWOW64\cwbrw.dll
22:29:00.0052 2548 C:\Windows\SysWOW64\cwbrw.dll - ok
22:29:00.0052 2548 [ 108587D858963AB6AA38B26F42479B94 ] C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll
22:29:00.0052 2548 C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll - ok
22:29:00.0052 2548 [ 9C32486B66D3B2C1DFB0D353708A8E2B ] C:\Windows\SysWOW64\CCM\UpdatesHandler.dll
22:29:00.0052 2548 C:\Windows\SysWOW64\CCM\UpdatesHandler.dll - ok
22:29:00.0052 2548 [ 28A09777D2D952122567A8A82F1A2C7B ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
22:29:00.0052 2548 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
22:29:00.0052 2548 [ 22A8A0BD8C1AB50448F53A6346D56F75 ] C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
22:29:00.0052 2548 C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll - ok
22:29:00.0052 2548 [ 714445FBC09B4D8A791FFCF8EA0E7320 ] C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
22:29:00.0052 2548 C:\Program Files (x86)\Evernote\Evernote\libxml2.dll - ok
22:29:00.0068 2548 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
22:29:00.0068 2548 C:\Windows\ehome\ehSSO.dll - ok
22:29:00.0068 2548 [ 394373142655ACCF49D64AAD466C86FF ] C:\Windows\SysWOW64\jscript9.dll
22:29:00.0068 2548 C:\Windows\SysWOW64\jscript9.dll - ok
22:29:00.0068 2548 [ C2750CC4599A85E15E1E82E38467BA62 ] C:\Windows\SysWOW64\cwbunplp.exe
22:29:00.0068 2548 C:\Windows\SysWOW64\cwbunplp.exe - ok
22:29:00.0068 2548 [ CD9C35F462D53514C2E86626ACFC2313 ] C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
22:29:00.0068 2548 C:\Program Files (x86)\Citrix\ICA Client\statuin.dll - ok
22:29:00.0068 2548 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
22:29:00.0068 2548 C:\Windows\System32\FXSST.dll - ok
22:29:00.0068 2548 [ 1A226FA611154D18638B696DDEF01E00 ] C:\Windows\SysWOW64\CCM\pdpagent.dll
22:29:00.0068 2548 C:\Windows\SysWOW64\CCM\pdpagent.dll - ok
22:29:00.0068 2548 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\SysWOW64\FXSAPI.dll
22:29:00.0068 2548 C:\Windows\SysWOW64\FXSAPI.dll - ok
22:29:00.0083 2548 [ 1D3FAF2E2305A75EBFE1C5F5F7A2CB25 ] C:\Windows\System32\jscript9.dll
22:29:00.0083 2548 C:\Windows\System32\jscript9.dll - ok
22:29:00.0083 2548 [ 1A0712F6681C543E2DD0F631B12D5FDA ] C:\Program Files (x86)\kidkeylock\bin\kidkeylock.exe
22:29:00.0083 2548 C:\Program Files (x86)\kidkeylock\bin\kidkeylock.exe - ok
22:29:00.0083 2548 [ DD177DF2DBD400E6B11375F83D6B6355 ] C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
22:29:00.0083 2548 C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll - ok
22:29:00.0083 2548 [ 677D27D2669BAB18F6809B505C80A865 ] C:\Windows\SysWOW64\CCM\PolicyAgentEndpoint.dll
22:29:00.0083 2548 C:\Windows\SysWOW64\CCM\PolicyAgentEndpoint.dll - ok
22:29:00.0083 2548 [ C5CDB29F9070C350E756FB777E019032 ] C:\Users\Pseelam\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\ciscounifiedaddin6x5\ciscounifiedaddin6x5.exe
22:29:00.0083 2548 C:\Users\Pseelam\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\ciscounifiedaddin6x5\ciscounifiedaddin6x5.exe - ok
22:29:00.0083 2548 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
22:29:00.0083 2548 C:\Windows\System32\FXSAPI.dll - ok
22:29:00.0099 2548 [ C26DC0312F8FA8E4E285598626EE2AF6 ] C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
22:29:00.0099 2548 C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll - ok
22:29:00.0099 2548 [ 566D1F57F5C422BE44C5E4A08D778901 ] C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll
22:29:00.0099 2548 C:\Program Files (x86)\Evernote\Evernote\encrashrep.dll - ok
22:29:00.0099 2548 [ E1A166CE77CD98BA410AD24681F0391C ] C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbsomri.dll
22:29:00.0099 2548 C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbsomri.dll - ok
22:29:00.0099 2548 [ 2DD574F00DC391B361FB0BC79C9C63DA ] C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE
22:29:00.0099 2548 C:\Program Files (x86)\Microsoft Office\Office12\CLVIEW.EXE - ok
22:29:00.0099 2548 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\SysWOW64\FXSRESM.dll
22:29:00.0099 2548 C:\Windows\SysWOW64\FXSRESM.dll - ok
22:29:00.0099 2548 [ BD4C1D83353BFB80F6BA019F6D0BA95B ] C:\Windows\ehome\ehshell.exe
22:29:00.0099 2548 C:\Windows\ehome\ehshell.exe - ok
22:29:00.0114 2548 [ 788D89672DC069789DE636C401D7D538 ] C:\Program Files (x86)\SAP BusinessObjects\Crystal Reports for Enterprise XI 4.0\CrystalReports.exe
22:29:00.0114 2548 C:\Program Files (x86)\SAP BusinessObjects\Crystal Reports for Enterprise XI 4.0\CrystalReports.exe - ok
22:29:00.0114 2548 [ 29C97C584402913FFEC724415E807163 ] C:\Program Files (x86)\Crystal Reports Viewer\Crystal Reports Viewer 2011\CrystalReportsViewer.exe
22:29:00.0114 2548 C:\Program Files (x86)\Crystal Reports Viewer\Crystal Reports Viewer 2011\CrystalReportsViewer.exe - ok
22:29:00.0114 2548 [ 35E0D55645F94C2E594DA1F1C2C6592B ] C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
22:29:00.0114 2548 C:\Program Files (x86)\Citrix\ICA Client\icafile.dll - ok
22:29:00.0114 2548 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
22:29:00.0114 2548 C:\Windows\System32\FXSRESM.dll - ok
22:29:00.0114 2548 [ 7C93A120A68DE45DA9794D5765C81F88 ] C:\Program Files (x86)\Evernote\Evernote\libpcre.dll
22:29:00.0114 2548 C:\Program Files (x86)\Evernote\Evernote\libpcre.dll - ok
22:29:00.0114 2548 [ BE3F2025B87338524FF4331B9D31D02D ] C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
22:29:00.0114 2548 C:\Program Files (x86)\Evernote\Evernote\libtidy.dll - ok
22:29:00.0130 2548 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\SysWOW64\AltTab.dll
22:29:00.0130 2548 C:\Windows\SysWOW64\AltTab.dll - ok
22:29:00.0130 2548 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
22:29:00.0130 2548 C:\Windows\System32\AltTab.dll - ok
22:29:00.0130 2548 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
22:29:00.0130 2548 C:\Windows\SysWOW64\d2d1.dll - ok
22:29:00.0130 2548 [ 8EF3E0120E08604C64DD16FF9E26C5E8 ] C:\Program Files (x86)\Citrix\ICA Client\cst.dll
22:29:00.0130 2548 C:\Program Files (x86)\Citrix\ICA Client\cst.dll - ok
22:29:00.0130 2548 [ 89545FD239730268131595D84BE3DD8E ] C:\Program Files (x86)\IBM\Client Access\cwbckver.exe
22:29:00.0130 2548 C:\Program Files (x86)\IBM\Client Access\cwbckver.exe - ok
22:29:00.0130 2548 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
22:29:00.0130 2548 C:\Windows\System32\d2d1.dll - ok
22:29:00.0146 2548 [ 920A6DAEF01C70ACC1181196EDA7062D ] C:\Program Files (x86)\IBM\Client Access\cwbwlwiz.exe
22:29:00.0146 2548 C:\Program Files (x86)\IBM\Client Access\cwbwlwiz.exe - ok
22:29:00.0146 2548 [ 35170ED2881F5BF6054BFE6FD86B135A ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll
22:29:00.0146 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll - ok
22:29:00.0146 2548 [ 11D654C50A4F46DE3984B2D771E2940F ] C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe
22:29:00.0146 2548 C:\Program Files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe - ok
22:29:00.0146 2548 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\SysWOW64\WPDShServiceObj.dll
22:29:00.0146 2548 C:\Windows\SysWOW64\WPDShServiceObj.dll - ok
22:29:00.0146 2548 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
22:29:00.0146 2548 C:\Windows\SysWOW64\DWrite.dll - ok
22:29:00.0146 2548 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
22:29:00.0146 2548 C:\Windows\System32\WPDShServiceObj.dll - ok
22:29:00.0161 2548 [ 7CCF4B7A1B93B243EF33643BED591E5B ] C:\Program Files\DellTPad\DellTouchpad.exe
22:29:00.0161 2548 C:\Program Files\DellTPad\DellTouchpad.exe - ok
22:29:00.0161 2548 [ ACB9C9364502B460C1C667EC4EEF3726 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\cstUI.dll
22:29:00.0161 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\cstUI.dll - ok
22:29:00.0161 2548 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\SysWOW64\pnidui.dll
22:29:00.0161 2548 C:\Windows\SysWOW64\pnidui.dll - ok
22:29:00.0161 2548 [ 9E15CAA7204A3C7D0685EFF7E4309462 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcssnd.exe
22:29:00.0161 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcssnd.exe - ok
22:29:00.0161 2548 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
22:29:00.0161 2548 C:\Windows\System32\DWrite.dll - ok
22:29:00.0161 2548 [ 9E118507AAF344EA054A01C674DF99D8 ] C:\Program Files (x86)\Canon\Digital Photo Professional\DPPEditor.exe
22:29:00.0161 2548 C:\Program Files (x86)\Canon\Digital Photo Professional\DPPEditor.exe - ok
22:29:00.0161 2548 [ 6049F3F550C879671C93FBF8E6AF516A ] C:\Program Files (x86)\Canon\Digital Photo Professional\DPPStamp.exe
22:29:00.0161 2548 C:\Program Files (x86)\Canon\Digital Photo Professional\DPPStamp.exe - ok
22:29:00.0177 2548 [ AB32F746494C08A6D21221AA41F8E08D ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll
22:29:00.0177 2548 C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll - ok
22:29:00.0177 2548 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
22:29:00.0177 2548 C:\Windows\SysWOW64\netprofm.dll - ok
22:29:00.0177 2548 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
22:29:00.0177 2548 C:\Windows\System32\pnidui.dll - ok
22:29:00.0177 2548 [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
22:29:00.0177 2548 C:\Program Files\DVD Maker\DVDMaker.exe - ok
22:29:00.0177 2548 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
22:29:00.0177 2548 C:\Windows\System32\FntCache.dll - ok
22:29:00.0177 2548 [ 12D1EEAD02D252BDC7ED282CAC2DF789 ] C:\Program Files (x86)\Microsoft Lync\communicator.exe
22:29:00.0177 2548 C:\Program Files (x86)\Microsoft Lync\communicator.exe - ok
22:29:00.0192 2548 [ B2F230F64F079A2EE2F7657E6DFAED0E ] C:\Program Files\FileLocator Lite\FileLocatorLite.exe
22:29:00.0192 2548 C:\Program Files\FileLocator Lite\FileLocatorLite.exe - ok
22:29:00.0192 2548 [ 93EDA589124E5413CFB28E1C74B0F45B ] C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe
22:29:00.0192 2548 C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mlauncher.exe - ok
22:29:00.0192 2548 [ 93EDA589124E5413CFB28E1C74B0F45B ] C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe
22:29:00.0192 2548 C:\Program Files (x86)\Citrix\GoToMeeting\880\g2mstart.exe - ok
22:29:00.0192 2548 [ 09377598DC76526F260DD164F305767D ] C:\Program Files (x86)\Citrix\GoToMeeting\978\g2mui.exe
22:29:00.0192 2548 C:\Program Files (x86)\Citrix\GoToMeeting\978\g2mui.exe - ok
22:29:00.0192 2548 [ 344930E55E9953D08D8DCE1EF11957E5 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\gnnex.exe
22:29:00.0192 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\gnnex.exe - ok
22:29:00.0208 2548 [ 38157A02DD6F7EAB7FF2E2C7AAB3385C ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcsw32x.dll
22:29:00.0208 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcsw32x.dll - ok
22:29:00.0208 2548 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
22:29:00.0208 2548 C:\Windows\SysWOW64\npmproxy.dll - ok
22:29:00.0208 2548 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
22:29:00.0208 2548 C:\Windows\SysWOW64\QUTIL.DLL - ok
22:29:00.0208 2548 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
22:29:00.0208 2548 C:\Windows\System32\QUTIL.DLL - ok
22:29:00.0208 2548 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\SysWOW64\PortableDeviceTypes.dll
22:29:00.0208 2548 C:\Windows\SysWOW64\PortableDeviceTypes.dll - ok
22:29:00.0208 2548 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
22:29:00.0208 2548 C:\Windows\System32\PortableDeviceTypes.dll - ok
22:29:00.0224 2548 [ B791CC3BD2C0ACE5A14A6E9A0FC4F81D ] C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe
22:29:00.0224 2548 C:\Program Files (x86)\Canon\ImageBrowser EX\ImageBrowserEX.exe - ok
22:29:00.0224 2548 [ 6934599C26554C54203B56216877DDB1 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcsulib.dll
22:29:00.0224 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcsulib.dll - ok
22:29:00.0224 2548 [ E4395C61860E028E3FF7106FEE015820 ] C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\InformationDesignTool.exe
22:29:00.0224 2548 C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\InformationDesignTool.exe - ok
22:29:00.0224 2548 [ 30B08F88A796212EA885CECA76B4999B ] C:\Windows\SysWOW64\cwbuiutl.dll
22:29:00.0224 2548 C:\Windows\SysWOW64\cwbuiutl.dll - ok
22:29:00.0224 2548 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
22:29:00.0224 2548 C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
22:29:00.0224 2548 [ 6C263E8DC9B1F9D97C243FE65A41C483 ] C:\Program Files (x86)\Anvi Smart Defender\libcurl.dll
22:29:00.0224 2548 C:\Program Files (x86)\Anvi Smart Defender\libcurl.dll - ok
22:29:00.0239 2548 [ 9DDA6587040497257FB78FAC099549E8 ] C:\Program Files (x86)\Microsoft Lync\Uc.dll
22:29:00.0239 2548 C:\Program Files (x86)\Microsoft Lync\Uc.dll - ok
22:29:00.0239 2548 [ 072D046EDBA5528868DB40328A8E56F5 ] C:\Program Files (x86)\IrfanView\i_view32.exe
22:29:00.0239 2548 C:\Program Files (x86)\IrfanView\i_view32.exe - ok
22:29:00.0239 2548 [ 236F286E103FD44BD85FDD93097FD5DD ] C:\Windows\SysWOW64\SearchIndexer.exe
22:29:00.0239 2548 C:\Windows\SysWOW64\SearchIndexer.exe - ok
22:29:00.0239 2548 [ AF20DA051DE39496C098F2F33B958E94 ] C:\Program Files (x86)\Java\jre7\bin\java.exe
22:29:00.0239 2548 C:\Program Files (x86)\Java\jre7\bin\java.exe - ok
22:29:00.0239 2548 [ 36BB463CFDC39FCE5B1A13FA29BAE1BB ] C:\Program Files\Java\jre6\bin\javaw.exe
22:29:00.0239 2548 C:\Program Files\Java\jre6\bin\javaw.exe - ok
22:29:00.0239 2548 [ 997E165ADEBE051477B9EC3037413BE2 ] C:\Users\Pseelam\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe
22:29:00.0239 2548 C:\Users\Pseelam\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe - ok
22:29:00.0255 2548 [ 82E53EC685889AD8CFB3AD812A906489 ] C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe
22:29:00.0255 2548 C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe - ok
22:29:00.0255 2548 [ 4EB60FA17F861203B89099FA8D1CFF4E ] C:\ProgramData\WebEx\WebEx\500\nbrplay.exe
22:29:00.0255 2548 C:\ProgramData\WebEx\WebEx\500\nbrplay.exe - ok
22:29:00.0255 2548 [ FA66783C3C9B185A9E529BA764522D97 ] C:\Program Files (x86)\SAP\NWBC\NWBC.exe
22:29:00.0255 2548 C:\Program Files (x86)\SAP\NWBC\NWBC.exe - ok
22:29:00.0255 2548 [ C4EFFE930649C758E208BDED65B408CB ] C:\Users\Pseelam\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
22:29:00.0255 2548 C:\Users\Pseelam\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe - ok
22:29:00.0255 2548 [ 4752E4846FE4269D8CB45BA059181CD2 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcsws.exe
22:29:00.0255 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcsws.exe - ok
22:29:00.0255 2548 [ 880EED3F4B12B1B913E496CDD50EFEC5 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe
22:29:00.0255 2548 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe - ok
22:29:00.0270 2548 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\SysWOW64\srchadmin.dll
22:29:00.0270 2548 C:\Windows\SysWOW64\srchadmin.dll - ok
22:29:00.0270 2548 [ F04F63A472098EF9E8E1F23868C19882 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcsmsg.dll
22:29:00.0270 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcsmsg.dll - ok
22:29:00.0270 2548 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
22:29:00.0270 2548 C:\Windows\System32\srchadmin.dll - ok
22:29:00.0270 2548 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
22:29:00.0270 2548 C:\Windows\System32\FXSSVC.exe - ok
22:29:00.0270 2548 [ 5D2C64963A28AE42671914B599F5C625 ] C:\Windows\SysWOW64\CCM\SdmAgent.dll
22:29:00.0270 2548 C:\Windows\SysWOW64\CCM\SdmAgent.dll - ok
22:29:00.0270 2548 [ 3E75D5E63B24ADB5107C8F7519DDF730 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcsclib.dll
22:29:00.0270 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcsclib.dll - ok
22:29:00.0286 2548 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
22:29:00.0286 2548 C:\Windows\System32\SearchIndexer.exe - ok
22:29:00.0286 2548 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\SysWOW64\bthprops.cpl
22:29:00.0286 2548 C:\Windows\SysWOW64\bthprops.cpl - ok
22:29:00.0286 2548 [ E389EA130C4A9A4DBA0F138222261056 ] C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe
22:29:00.0286 2548 C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe - ok
22:29:00.0286 2548 [ 2A2DB39F90BFD2AC0940D4ECED0805E4 ] C:\Program Files (x86)\kidkeylock\bin\kkl_dll.dll
22:29:00.0286 2548 C:\Program Files (x86)\kidkeylock\bin\kkl_dll.dll - ok
22:29:00.0286 2548 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
22:29:00.0286 2548 C:\Windows\SysWOW64\d3d10warp.dll - ok
22:29:00.0286 2548 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
22:29:00.0286 2548 C:\Windows\System32\bthprops.cpl - ok
22:29:00.0286 2548 [ B20AE6BF86871EDAD0AB2342E0C98F11 ] C:\Program Files (x86)\Microsoft Lync\psom.dll
22:29:00.0286 2548 C:\Program Files (x86)\Microsoft Lync\psom.dll - ok
22:29:00.0302 2548 [ 0A3B57FC727055D66EDD37EA2EE13D1A ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcspref.dll
22:29:00.0302 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcspref.dll - ok
22:29:00.0302 2548 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
22:29:00.0302 2548 C:\Windows\System32\d3d10warp.dll - ok
22:29:00.0302 2548 [ 5A9E05991504BD55BF4AD31897D937F5 ] C:\Windows\SysWOW64\CCM\ccm_caltrack.dll
22:29:00.0302 2548 C:\Windows\SysWOW64\CCM\ccm_caltrack.dll - ok
22:29:00.0302 2548 [ 85218271191D2B11D3E6B40C8D9257B3 ] C:\Program Files (x86)\Microsoft Lync\ocimport.dll
22:29:00.0302 2548 C:\Program Files (x86)\Microsoft Lync\ocimport.dll - ok
22:29:00.0302 2548 [ 0CCEA768E9644D0D1569EFB66F2357E8 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcswlib.dll
22:29:00.0302 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcswlib.dll - ok
22:29:00.0302 2548 [ 75EA62927355189876081EF863064982 ] C:\Windows\SysWOW64\ncsi.dll
22:29:00.0302 2548 C:\Windows\SysWOW64\ncsi.dll - ok
22:29:00.0317 2548 [ 0241CB16136B9A4939CA0395768AE286 ] C:\Windows\SysWOW64\mssrch.dll
22:29:00.0317 2548 C:\Windows\SysWOW64\mssrch.dll - ok
22:29:00.0317 2548 [ 5BCE7084ED2E1D5252DC0EEEC39C0216 ] C:\PDFZilla\PDFZilla.exe
22:29:00.0317 2548 C:\PDFZilla\PDFZilla.exe - ok
22:29:00.0317 2548 [ F0F6082335C4BEB06D67850495203EAD ] C:\Windows\System32\igdumd64.dll
22:29:00.0317 2548 C:\Windows\System32\igdumd64.dll - ok
22:29:00.0317 2548 [ C57FA43B4D924158AC7B48C017A693A8 ] C:\Windows\Installer\{CFFA9E25-4358-4E22-9A76-1A2B22C0034E}\CiscoUPC.exe1_CB8ABA35D1D9448AA56CEDA97FCE5892.exe
22:29:00.0317 2548 C:\Windows\Installer\{CFFA9E25-4358-4E22-9A76-1A2B22C0034E}\CiscoUPC.exe1_CB8ABA35D1D9448AA56CEDA97FCE5892.exe - ok
22:29:00.0317 2548 [ B8300DDC2F6E90566842460C257B74B9 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcssfx.dll
22:29:00.0317 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcssfx.dll - ok
22:29:00.0317 2548 [ B6C9F13BBF0EEE558F217869E0053165 ] C:\Windows\SysWOW64\CCM\CIAgent.dll
22:29:00.0317 2548 C:\Windows\SysWOW64\CCM\CIAgent.dll - ok
22:29:00.0333 2548 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
22:29:00.0333 2548 C:\Windows\System32\mssrch.dll - ok
22:29:00.0333 2548 [ E8B6A667BC9AE46CDF7BF19DFE6D74FE ] C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe
22:29:00.0333 2548 C:\Program Files (x86)\Canon\Picture Style Editor\PSEditor.exe - ok
22:29:00.0333 2548 [ 7D3755F626A5FDE62C7B2328032E4F57 ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcscdlg.dll
22:29:00.0333 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcscdlg.dll - ok
22:29:00.0333 2548 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
22:29:00.0333 2548 C:\Windows\SysWOW64\dsound.dll - ok
22:29:00.0333 2548 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\SysWOW64\hnetcfg.dll
22:29:00.0333 2548 C:\Windows\SysWOW64\hnetcfg.dll - ok
22:29:00.0333 2548 [ 42EF215ACC6273EB22D76D9CDFF89F5E ] C:\Program Files (x86)\IBM\Client Access\Emulator\pcshelp.dll
22:29:00.0333 2548 C:\Program Files (x86)\IBM\Client Access\Emulator\pcshelp.dll - ok
22:29:00.0348 2548 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\SysWOW64\dot3api.dll
22:29:00.0348 2548 C:\Windows\SysWOW64\dot3api.dll - ok
22:29:00.0348 2548 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\SysWOW64\netcfgx.dll
22:29:00.0348 2548 C:\Windows\SysWOW64\netcfgx.dll - ok
22:29:00.0348 2548 [ 8EE25DCD3139736ADD95BD53DD24A8F6 ] C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\QueryAsAWebServices.exe
22:29:00.0348 2548 C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\QueryAsAWebServices.exe - ok
22:29:00.0348 2548 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
22:29:00.0348 2548 C:\Windows\System32\dot3api.dll - ok
22:29:00.0348 2548 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\SysWOW64\ndiscapCfg.dll
22:29:00.0348 2548 C:\Windows\SysWOW64\ndiscapCfg.dll - ok
22:29:00.0348 2548 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\SysWOW64\wlanhlp.dll
22:29:00.0348 2548 C:\Windows\SysWOW64\wlanhlp.dll - ok
22:29:00.0364 2548 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\SysWOW64\rascfg.dll
22:29:00.0364 2548 C:\Windows\SysWOW64\rascfg.dll - ok
22:29:00.0364 2548 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
22:29:00.0364 2548 C:\Windows\System32\wlanhlp.dll - ok
22:29:00.0364 2548 [ B777C9CE5731407502B76AF1C0077233 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll
22:29:00.0364 2548 C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll - ok
22:29:00.0364 2548 [ 5C3F9DBA818CD93379D1A0F215270374 ] C:\Windows\SysWOW64\esent.dll
22:29:00.0364 2548 C:\Windows\SysWOW64\esent.dll - ok
22:29:00.0364 2548 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
22:29:00.0364 2548 C:\Windows\SysWOW64\wlanapi.dll - ok
22:29:00.0364 2548 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\SysWOW64\mprmsg.dll
22:29:00.0364 2548 C:\Windows\SysWOW64\mprmsg.dll - ok
22:29:00.0364 2548 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
22:29:00.0364 2548 C:\Windows\System32\wlanapi.dll - ok
22:29:00.0380 2548 [ 32CBF303CBD560E163EA9F223FF126D8 ] C:\Program Files (x86)\Microsoft Lync\UccApi.dll
22:29:00.0380 2548 C:\Program Files (x86)\Microsoft Lync\UccApi.dll - ok
22:29:00.0380 2548 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\SysWOW64\tcpipcfg.dll
22:29:00.0380 2548 C:\Windows\SysWOW64\tcpipcfg.dll - ok
22:29:00.0380 2548 [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
22:29:00.0380 2548 C:\Windows\SysWOW64\dxtrans.dll - ok
22:29:00.0380 2548 [ B90116192908CEA3940217554579FDF3 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll
22:29:00.0380 2548 C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll - ok
22:29:00.0380 2548 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
22:29:00.0380 2548 C:\Windows\System32\dxtrans.dll - ok
22:29:00.0380 2548 [ EC135FC63AC306A4FD8A8E3801C46D28 ] C:\Program Files (x86)\Microsoft Lync\ocrec.dll
22:29:00.0380 2548 C:\Program Files (x86)\Microsoft Lync\ocrec.dll - ok
22:29:00.0395 2548 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
22:29:00.0395 2548 C:\Windows\SysWOW64\QAGENT.DLL - ok
22:29:00.0395 2548 [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
22:29:00.0395 2548 C:\Windows\SysWOW64\ddrawex.dll - ok
22:29:00.0395 2548 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\SysWOW64\msidle.dll
22:29:00.0395 2548 C:\Windows\SysWOW64\msidle.dll - ok
22:29:00.0395 2548 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
22:29:00.0395 2548 C:\Windows\System32\ddrawex.dll - ok
22:29:00.0395 2548 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\SysWOW64\wlaninst.dll
22:29:00.0395 2548 C:\Windows\SysWOW64\wlaninst.dll - ok
22:29:00.0395 2548 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
22:29:00.0395 2548 C:\Windows\System32\msidle.dll - ok
22:29:00.0395 2548 [ 7633F554EEAFDE7F144B41C2FCAF5F63 ] C:\Windows\System32\SnippingTool.exe
22:29:00.0395 2548 C:\Windows\System32\SnippingTool.exe - ok
22:29:00.0411 2548 [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
22:29:00.0411 2548 C:\Windows\SysWOW64\ddraw.dll - ok
22:29:00.0411 2548 [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
22:29:00.0411 2548 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
22:29:00.0411 2548 [ 71C4F42DC8DB668E826DA79462EA741E ] C:\Windows\SysWOW64\KBDUS.DLL
22:29:00.0411 2548 C:\Windows\SysWOW64\KBDUS.DLL - ok
22:29:00.0411 2548 [ 4D0F5334BA82A04C150D03A7F4B46DBF ] C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbinres.dll
22:29:00.0411 2548 C:\Program Files (x86)\IBM\Client Access\Mri2924\cwbinres.dll - ok
22:29:00.0411 2548 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
22:29:00.0411 2548 C:\Windows\System32\ddraw.dll - ok
22:29:00.0411 2548 [ 21EF4BB2A6FF4116FD83FAEE52D4A416 ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
22:29:00.0411 2548 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
22:29:00.0426 2548 [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
22:29:00.0426 2548 C:\Windows\SysWOW64\dciman32.dll - ok
22:29:00.0426 2548 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
22:29:00.0426 2548 C:\Windows\System32\dciman32.dll - ok
22:29:00.0426 2548 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
22:29:00.0426 2548 C:\Windows\System32\rundll32.exe - ok
22:29:00.0426 2548 [ C0F4A57BA5E09A28AE3D2F67ED219EEA ] C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
22:29:00.0426 2548 C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe - ok
22:29:00.0426 2548 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
22:29:00.0426 2548 C:\Windows\System32\oleres.dll - ok
22:29:00.0442 2548 [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
22:29:00.0442 2548 C:\Windows\SysWOW64\dxtmsft.dll - ok
22:29:00.0442 2548 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
22:29:00.0442 2548 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
22:29:00.0442 2548 [ 81571F2FC5411F5D18187018EEC9BC21 ] C:\Program Files (x86)\SAP\Business Explorer\BI\BExAnalyzer.exe
22:29:00.0442 2548 C:\Program Files (x86)\SAP\Business Explorer\BI\BExAnalyzer.exe - ok
22:29:00.0442 2548 [ C4A363C8EA5BBB615FC60DCA786BC337 ] C:\Windows\SysWOW64\CCM\dcmagent.dll
22:29:00.0442 2548 C:\Windows\SysWOW64\CCM\dcmagent.dll - ok
22:29:00.0442 2548 [ 3BC854B4016F05BA53F1731D5E73C5CD ] C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
22:29:00.0442 2548 C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll - ok
22:29:00.0442 2548 [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
22:29:00.0442 2548 C:\Windows\System32\dxtmsft.dll - ok
22:29:00.0458 2548 [ 5AFA72D47F33FBFE03439DDD121094BF ] C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll
22:29:00.0458 2548 C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll - ok
22:29:00.0458 2548 [ E68DD1B43AF846BA4574D99849EECFC3 ] C:\Program Files (x86)\Free CraigsList Reader Pro from CraigsPal\craigspal-free-run_adm.exe
22:29:00.0458 2548 C:\Program Files (x86)\Free CraigsList Reader Pro from CraigsPal\craigspal-free-run_adm.exe - ok
22:29:00.0458 2548 [ F653372899B3DE04169CE7B39B1A4DC7 ] C:\Program Files\QlikView\Qv.exe
22:29:00.0458 2548 C:\Program Files\QlikView\Qv.exe - ok
22:29:00.0458 2548 [ 9B4DD5C7508F8F75803DDF3BAA4C5139 ] C:\Program Files\SUPERAntiSpyware\SASTask.exe
22:29:00.0458 2548 C:\Program Files\SUPERAntiSpyware\SASTask.exe - ok
22:29:00.0458 2548 [ 48044CE5D04D7B7815A9F398398EAD35 ] C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
22:29:00.0458 2548 C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE - ok
22:29:00.0458 2548 [ CF3D048A7975936877D6717D7513553D ] C:\Program Files\SUPERAntiSpyware\Uninstall.exe
22:29:00.0458 2548 C:\Program Files\SUPERAntiSpyware\Uninstall.exe - ok
22:29:00.0473 2548 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
22:29:00.0473 2548 C:\Windows\SysWOW64\mssprxy.dll - ok
22:29:00.0473 2548 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
22:29:00.0473 2548 C:\Windows\SysWOW64\WinSCard.dll - ok
22:29:00.0473 2548 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
22:29:00.0473 2548 C:\Windows\SysWOW64\wlanutil.dll - ok
22:29:00.0473 2548 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
22:29:00.0473 2548 C:\Windows\System32\mssprxy.dll - ok
22:29:00.0473 2548 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\erdnt\cache64\atapi.sys
22:29:00.0473 2548 C:\Windows\erdnt\cache64\atapi.sys - ok
22:29:00.0473 2548 [ 47452A48C32AAE0795DE5732EA4A32DC ] C:\Program Files (x86)\Anvi Smart Defender\ASD.exe
22:29:00.0473 2548 C:\Program Files (x86)\Anvi Smart Defender\ASD.exe - ok
22:29:00.0489 2548 [ 7ED0B3E000132961232BA55104B8CF4E ] C:\Windows\SysWOW64\CCM\PwrAgentEndpoint.dll
22:29:00.0489 2548 C:\Windows\SysWOW64\CCM\PwrAgentEndpoint.dll - ok
22:29:00.0489 2548 [ 27FC75229EEE367D4C0E643C108A90FA ] C:\Windows\SysWOW64\LocationApi.dll
22:29:00.0489 2548 C:\Windows\SysWOW64\LocationApi.dll - ok
22:29:00.0489 2548 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\SysWOW64\WWanAPI.dll
22:29:00.0489 2548 C:\Windows\SysWOW64\WWanAPI.dll - ok
22:29:00.0489 2548 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
22:29:00.0489 2548 C:\Windows\SysWOW64\cabinet.dll - ok
22:29:00.0489 2548 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
22:29:00.0489 2548 C:\Windows\System32\WWanAPI.dll - ok
22:29:00.0489 2548 [ 7538FCE6C13A6E0BFC6777D108E83FA6 ] C:\Windows\SysWOW64\CCM\PwrEventTask.dll
22:29:00.0489 2548 C:\Windows\SysWOW64\CCM\PwrEventTask.dll - ok
22:29:00.0489 2548 [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
22:29:00.0489 2548 C:\Windows\System32\LocationApi.dll - ok
22:29:00.0504 2548 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\SysWOW64\wwapi.dll
22:29:00.0504 2548 C:\Windows\SysWOW64\wwapi.dll - ok
22:29:00.0504 2548 [ 8D47D01378347889A662D54037A988CC ] C:\Windows\SysWOW64\tdh.dll
22:29:00.0504 2548 C:\Windows\SysWOW64\tdh.dll - ok
22:29:00.0504 2548 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
22:29:00.0504 2548 C:\Windows\System32\wwapi.dll - ok
22:29:00.0504 2548 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
22:29:00.0504 2548 C:\Windows\SysWOW64\devenum.dll - ok
22:29:00.0504 2548 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\SysWOW64\en-US\tquery.dll.mui
22:29:00.0504 2548 C:\Windows\SysWOW64\en-US\tquery.dll.mui - ok
22:29:00.0504 2548 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
22:29:00.0504 2548 C:\Windows\SysWOW64\msdmo.dll - ok
22:29:00.0520 2548 [ CEAB7E4608D2137E8252842D7FFB866D ] C:\Program Files (x86)\Advanced Pdf Merger Free\OfficeTool.exe
22:29:00.0520 2548 C:\Program Files (x86)\Advanced Pdf Merger Free\OfficeTool.exe - ok
22:29:00.0520 2548 [ DBBBE5B64E2FE1AF8BE76CCAA2B54DFC ] C:\Windows\SysWOW64\vbscript.dll
22:29:00.0520 2548 C:\Windows\SysWOW64\vbscript.dll - ok
22:29:00.0520 2548 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
22:29:00.0520 2548 C:\Windows\System32\en-US\tquery.dll.mui - ok
22:29:00.0520 2548 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\SysWOW64\SyncCenter.dll
22:29:00.0520 2548 C:\Windows\SysWOW64\SyncCenter.dll - ok
22:29:00.0520 2548 [ 086E816CCFD9E5F4CB64E582778B23E1 ] C:\Windows\SysWOW64\CCM\ccmhttp.dll
22:29:00.0520 2548 C:\Windows\SysWOW64\CCM\ccmhttp.dll - ok
22:29:00.0520 2548 [ F50F26E6DC3082D8334F2946CE9125FA ] C:\Windows\System32\vbscript.dll
22:29:00.0520 2548 C:\Windows\System32\vbscript.dll - ok
22:29:00.0536 2548 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
22:29:00.0536 2548 C:\Windows\System32\SyncCenter.dll - ok
22:29:00.0536 2548 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
22:29:00.0536 2548 C:\Windows\SysWOW64\avicap32.dll - ok
22:29:00.0536 2548 [ D6626C93BF7F557839C028D32247F910 ] C:\Windows\SysWOW64\SensorsApi.dll
22:29:00.0536 2548 C:\Windows\SysWOW64\SensorsApi.dll - ok
22:29:00.0536 2548 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
22:29:00.0536 2548 C:\Windows\SysWOW64\msvfw32.dll - ok
22:29:00.0536 2548 [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
22:29:00.0536 2548 C:\Windows\System32\SensorsApi.dll - ok
22:29:00.0536 2548 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
22:29:00.0536 2548 C:\Windows\SysWOW64\vfwwdm32.dll - ok
22:29:00.0536 2548 [ F1E15CD86AC3D1B8596F90C00965FA09 ] C:\Windows\SysWOW64\CCM\CcmProxy.dll
22:29:00.0536 2548 C:\Windows\SysWOW64\CCM\CcmProxy.dll - ok
22:29:00.0551 2548 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
22:29:00.0551 2548 C:\Windows\SysWOW64\wdscore.dll - ok
22:29:00.0551 2548 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
22:29:00.0551 2548 C:\Windows\SysWOW64\ksproxy.ax - ok
22:29:00.0551 2548 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
22:29:00.0551 2548 C:\Windows\SysWOW64\WinSATAPI.dll - ok
22:29:00.0551 2548 [ 9F275A078241E945B170A4ADE9B165E2 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplogon.exe
22:29:00.0551 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplogon.exe - ok
22:29:00.0551 2548 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
22:29:00.0551 2548 C:\Windows\SysWOW64\mscms.dll - ok
22:29:00.0551 2548 [ F83803BEF79046CB7220BAEB2990B6C6 ] C:\Windows\SysWOW64\CCM\StateMessage.dll
22:29:00.0551 2548 C:\Windows\SysWOW64\CCM\StateMessage.dll - ok
22:29:00.0567 2548 [ 1653C8B47040DB313DD183CE13943EEF ] C:\Program Files\SAP Visual Intelligence\Desktop\SAPVisualIntelligence.exe
22:29:00.0567 2548 C:\Program Files\SAP Visual Intelligence\Desktop\SAPVisualIntelligence.exe - ok
22:29:00.0567 2548 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
22:29:00.0567 2548 C:\Windows\System32\QAGENT.DLL - ok
22:29:00.0567 2548 [ 2424231BBD703A677D115C29983B4293 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL
22:29:00.0567 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL - ok
22:29:00.0567 2548 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
22:29:00.0567 2548 C:\Windows\SysWOW64\vidcap.ax - ok
22:29:00.0567 2548 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
22:29:00.0567 2548 C:\Windows\SysWOW64\Kswdmcap.ax - ok
22:29:00.0567 2548 [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
22:29:00.0567 2548 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
22:29:00.0582 2548 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
22:29:00.0582 2548 C:\Windows\SysWOW64\d3d10.dll - ok
22:29:00.0582 2548 [ 074215206D850106342890CA6464B6F7 ] C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
22:29:00.0582 2548 C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe - ok
22:29:00.0582 2548 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
22:29:00.0582 2548 C:\Windows\System32\d3d10.dll - ok
22:29:00.0582 2548 [ A8035AF5B9AA48AC9C311711E00448E8 ] C:\Program Files (x86)\SAP BusinessObjects\Xcelsius 4.0\Xcelsius.exe
22:29:00.0582 2548 C:\Program Files (x86)\SAP BusinessObjects\Xcelsius 4.0\Xcelsius.exe - ok
22:29:00.0582 2548 [ 679CA632BE3DC8FB52BCC430F5A2AF20 ] C:\Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\ssmsee.exe
22:29:00.0582 2548 C:\Program Files (x86)\Microsoft SQL Server\90\Tools\Binn\VSShell\Common7\IDE\ssmsee.exe - ok
22:29:00.0582 2548 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
22:29:00.0582 2548 C:\Windows\SysWOW64\d3d10core.dll - ok
22:29:00.0598 2548 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
22:29:00.0598 2548 C:\Windows\System32\d3d10core.dll - ok
22:29:00.0598 2548 [ E9B4000577983E0A865739074FD1A81A ] C:\Program Files (x86)\Canon\PhotoStitch\stitch.exe
22:29:00.0598 2548 C:\Program Files (x86)\Canon\PhotoStitch\stitch.exe - ok
22:29:00.0598 2548 [ 7D18C24F01723F00FD361A46AE42709A ] C:\Program Files (x86)\IBM\Client Access\cwbunnav.exe
22:29:00.0598 2548 C:\Program Files (x86)\IBM\Client Access\cwbunnav.exe - ok
22:29:00.0598 2548 [ 8FFD04D8E1B9BF2E617639C89207A05D ] C:\Program Files (x86)\Canon\PhotoStitch\STViewer.exe
22:29:00.0598 2548 C:\Program Files (x86)\Canon\PhotoStitch\STViewer.exe - ok
22:29:00.0598 2548 [ 826636BC87CCA3070E36F7530F4A05BF ] C:\Program Files (x86)\Microsoft Lync\sqmapi.dll
22:29:00.0598 2548 C:\Program Files (x86)\Microsoft Lync\sqmapi.dll - ok
22:29:00.0598 2548 [ D06F70B01524CE57AC1EE94D8E8595A1 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
22:29:00.0598 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE - ok
22:29:00.0614 2548 [ C87A4E16CE73E26406E4545C2436771B ] C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
22:29:00.0614 2548 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe - ok
22:29:00.0614 2548 [ F14308CC885480C3F1A5C8775BD996EE ] C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\TransMgr.exe
22:29:00.0614 2548 C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\TransMgr.exe - ok
22:29:00.0614 2548 [ 3CF232D623C41F864820A63EBF3C2A9D ] C:\Program Files (x86)\Snagit 10\TscHelp.exe
22:29:00.0614 2548 C:\Program Files (x86)\Snagit 10\TscHelp.exe - ok
22:29:00.0614 2548 [ 1ED5F37C2360BEF23D7DE901C12C18B7 ] C:\Program Files (x86)\Canon\Auto Update Service\UpdateChecker.exe
22:29:00.0614 2548 C:\Program Files (x86)\Canon\Auto Update Service\UpdateChecker.exe - ok
22:29:00.0614 2548 [ 2C1EF6485EEB834187FC69556A64EAFE ] C:\Program Files (x86)\uTorrent\uTorrent.exe
22:29:00.0614 2548 C:\Program Files (x86)\uTorrent\uTorrent.exe - ok
22:29:00.0614 2548 [ EE6F75859F882AAF96B4FA15C83DCC07 ] C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
22:29:00.0614 2548 C:\Program Files (x86)\VideoLAN\VLC\vlc.exe - ok
22:29:00.0629 2548 [ A763DC95B9FC813108E6CE66B9527714 ] C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe
22:29:00.0629 2548 C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe - ok
22:29:00.0629 2548 [ 95B937DB73A2D460A724E34320759230 ] C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\WebIRichClient.exe
22:29:00.0629 2548 C:\Program Files (x86)\SAP BusinessObjects\SAP BusinessObjects Enterprise XI 4.0\win32_x86\WebIRichClient.exe - ok
22:29:00.0629 2548 [ 1EC6B024D3D0633D15E0581418696B1D ] C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
22:29:00.0629 2548 C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe - ok
22:29:00.0629 2548 [ BD3165A325F222F642F743B6CF2937ED ] C:\Program Files (x86)\WinRAR\WinRAR.exe
22:29:00.0629 2548 C:\Program Files (x86)\WinRAR\WinRAR.exe - ok
22:29:00.0629 2548 [ 6DD675661470892FF09D2CE266DF26B2 ] C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe
22:29:00.0629 2548 C:\Program Files (x86)\Windows Live\Installer\wlsettings.exe - ok
22:29:00.0629 2548 [ 097AE247474811EECF9FF1809059C141 ] C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe
22:29:00.0629 2548 C:\Program Files (x86)\Windows Live\Installer\wlstartup.exe - ok
22:29:00.0645 2548 [ 9CB27AE21BF0553BF20F571DD9E2C3A0 ] C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
22:29:00.0645 2548 C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe - ok
22:29:00.0645 2548 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
22:29:00.0645 2548 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
22:29:00.0645 2548 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
22:29:00.0645 2548 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
22:29:00.0645 2548 [ 1D9D43579434380CC25DFBDA3BBD7780 ] C:\PDFZilla\zillapro.exe
22:29:00.0645 2548 C:\PDFZilla\zillapro.exe - ok
22:29:00.0645 2548 [ 1FB81A5E6F1EF87DD0EFD734E74F87F8 ] C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe
22:29:00.0645 2548 C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\ZoomBrowser.exe - ok
22:29:00.0645 2548 [ F924D18569D6E32F867C80F217A185E8 ] C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
22:29:00.0645 2548 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll - ok
22:29:00.0660 2548 [ 0FEC5F3C533DAE4B68C57EB8432E7881 ] C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll
22:29:00.0660 2548 C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll - ok
22:29:00.0660 2548 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
22:29:00.0660 2548 C:\Windows\AppPatch\AcLayers.dll - ok
22:29:00.0660 2548 [ 6D7DE520D8AA80A243347BECD401EB54 ] C:\Windows\AppPatch\acwow64.dll
22:29:00.0660 2548 C:\Windows\AppPatch\acwow64.dll - ok
22:29:00.0660 2548 [ 7043D485AEAE435312659FF1461F1491 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSO.DLL
22:29:00.0660 2548 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSO.DLL - ok
22:29:00.0660 2548 [ 67CB98C39E727C7A2A0D28E748F8F479 ] C:\Program Files (x86)\Snagit 10\DLLx64\SnagitBHO64.dll
22:29:00.0660 2548 C:\Program Files (x86)\Snagit 10\DLLx64\SnagitBHO64.dll - ok
22:29:00.0660 2548 [ 2986E481C57469902148D63C1D7FB284 ] C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL
22:29:00.0660 2548 C:\Program Files (x86)\Microsoft Office\Office12\STSLIST.DLL - ok
22:29:00.0676 2548 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
22:29:00.0676 2548 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
22:29:00.0676 2548 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
22:29:00.0676 2548 C:\Windows\SysWOW64\wpdshext.dll - ok
22:29:00.0676 2548 [ FEBDDF2E20DB88B4A6AAF70C9C0C8FF4 ] C:\Program Files (x86)\Microsoft Office\Office12\NAME.DLL
22:29:00.0676 2548 C:\Program Files (x86)\Microsoft Office\Office12\NAME.DLL - ok
22:29:00.0676 2548 [ D80C1289A285506E3FFFE67E936AA262 ] C:\Program Files (x86)\Microsoft Office\Office12\MSPST32.DLL
22:29:00.0676 2548 C:\Program Files (x86)\Microsoft Office\Office12\MSPST32.DLL - ok
22:29:00.0676 2548 [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
22:29:00.0676 2548 C:\Windows\System32\wpdshext.dll - ok
22:29:00.0676 2548 [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\SysWOW64\EhStorAPI.dll
22:29:00.0676 2548 C:\Windows\SysWOW64\EhStorAPI.dll - ok
22:29:00.0692 2548 [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
22:29:00.0692 2548 C:\Windows\System32\EhStorAPI.dll - ok
22:29:00.0692 2548 [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
22:29:00.0692 2548 C:\Windows\SysWOW64\StructuredQuery.dll - ok
22:29:00.0692 2548 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
22:29:00.0692 2548 C:\Windows\System32\StructuredQuery.dll - ok
22:29:00.0692 2548 [ 8BE4B6BF8F9C50E3FA0001393043F4F9 ] C:\Windows\SysWOW64\InkEd.dll
22:29:00.0692 2548 C:\Windows\SysWOW64\InkEd.dll - ok
22:29:00.0692 2548 [ ED27D1D75BF5E683AD3EDD9E3123520A ] C:\Windows\SysWOW64\inetcomm.dll
22:29:00.0692 2548 C:\Windows\SysWOW64\inetcomm.dll - ok
22:29:00.0692 2548 [ B7592E80772071D66336B3EC9B82101D ] C:\Windows\SysWOW64\msoert2.dll
22:29:00.0692 2548 C:\Windows\SysWOW64\msoert2.dll - ok
22:29:00.0692 2548 [ 9CB30A4E79BE55751312991DE827F6ED ] C:\Windows\SysWOW64\INETRES.dll
22:29:00.0692 2548 C:\Windows\SysWOW64\INETRES.dll - ok
22:29:00.0707 2548 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
22:29:00.0707 2548 C:\Windows\SysWOW64\msv1_0.dll - ok
22:29:00.0707 2548 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Pseelam\Desktop\bc\tdsskiller.exe
22:29:00.0707 2548 C:\Users\Pseelam\Desktop\bc\tdsskiller.exe - ok
22:29:00.0707 2548 [ C9A3B1AEBABCBA3DD2354E9B41360066 ] C:\Users\Pseelam\Desktop\bc\adwcleaner.exe
22:29:00.0707 2548 C:\Users\Pseelam\Desktop\bc\adwcleaner.exe - ok
22:29:00.0707 2548 [ 63CB27013C64D3002D449BAE1F5F1086 ] C:\Users\Pseelam\Desktop\bc\rkill.exe
22:29:00.0707 2548 C:\Users\Pseelam\Desktop\bc\rkill.exe - ok
22:29:00.0707 2548 [ 63CB27013C64D3002D449BAE1F5F1086 ] C:\Users\Pseelam\Desktop\bc\rkill.com
22:29:00.0707 2548 C:\Users\Pseelam\Desktop\bc\rkill.com - ok
22:29:00.0707 2548 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
22:29:00.0707 2548 C:\Windows\System32\notepad.exe - ok
22:29:00.0723 2548 [ D378BFFB70923139D6A4F546864AA61C ] C:\Windows\SysWOW64\notepad.exe
22:29:00.0723 2548 C:\Windows\SysWOW64\notepad.exe - ok
22:29:00.0723 2548 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:29:00.0723 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
22:29:00.0723 2548 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:29:00.0723 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
22:29:00.0723 2548 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
22:29:00.0723 2548 C:\Windows\System32\sppsvc.exe - ok
22:29:00.0723 2548 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
22:29:00.0723 2548 C:\Windows\System32\sppobjs.dll - ok
22:29:00.0723 2548 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
22:29:00.0723 2548 C:\Windows\System32\drivers\spsys.sys - ok
22:29:00.0738 2548 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
22:29:00.0738 2548 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
22:29:00.0738 2548 [ 56EE3B4D419E3D517F7571E80D94FDB8 ] C:\Users\Pseelam\Desktop\bc\MiniToolBox.exe
22:29:00.0738 2548 C:\Users\Pseelam\Desktop\bc\MiniToolBox.exe - ok
22:29:00.0738 2548 [ 63CB27013C64D3002D449BAE1F5F1086 ] C:\Users\Pseelam\Desktop\bc\iExplore.exe
22:29:00.0738 2548 C:\Users\Pseelam\Desktop\bc\iExplore.exe - ok
22:29:00.0738 2548 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\SysWOW64\upnphost.dll
22:29:00.0738 2548 C:\Windows\SysWOW64\upnphost.dll - ok
22:29:00.0738 2548 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\SysWOW64\ssdpapi.dll
22:29:00.0738 2548 C:\Windows\SysWOW64\ssdpapi.dll - ok
22:29:00.0738 2548 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
22:29:00.0738 2548 C:\Windows\System32\upnphost.dll - ok
22:29:00.0754 2548 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
22:29:00.0754 2548 C:\Windows\System32\wscsvc.dll - ok
22:29:00.0754 2548 [ 7D4DC95A1F5E0818E74A399960569EA1 ] C:\Windows\SysWOW64\wuapi.dll
22:29:00.0754 2548 C:\Windows\SysWOW64\wuapi.dll - ok
22:29:00.0754 2548 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
22:29:00.0754 2548 C:\Windows\System32\wuapi.dll - ok
22:29:00.0754 2548 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
22:29:00.0754 2548 C:\Windows\SysWOW64\vssapi.dll - ok
22:29:00.0754 2548 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
22:29:00.0754 2548 C:\Windows\System32\cabinet.dll - ok
22:29:00.0754 2548 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
22:29:00.0754 2548 C:\Windows\System32\sppwinob.dll - ok
22:29:00.0754 2548 [ FB633DCC8664E4CCACF562DB5BAE38CF ] C:\Windows\SysWOW64\wups.dll
22:29:00.0754 2548 C:\Windows\SysWOW64\wups.dll - ok
22:29:00.0770 2548 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
22:29:00.0770 2548 C:\Windows\SysWOW64\vsstrace.dll - ok
22:29:00.0770 2548 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
22:29:00.0770 2548 C:\Windows\System32\wups.dll - ok
22:29:00.0770 2548 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\SysWOW64\webcheck.dll
22:29:00.0770 2548 C:\Windows\SysWOW64\webcheck.dll - ok
22:29:00.0770 2548 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
22:29:00.0770 2548 C:\Windows\System32\webcheck.dll - ok
22:29:00.0770 2548 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
22:29:00.0770 2548 C:\Windows\System32\wuaueng.dll - ok
22:29:00.0770 2548 [ E1AC89F6C5252057E6062843E36A6701 ] C:\Windows\SysWOW64\SearchProtocolHost.exe
22:29:00.0770 2548 C:\Windows\SysWOW64\SearchProtocolHost.exe - ok
22:29:00.0785 2548 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
22:29:00.0785 2548 C:\Windows\SysWOW64\imapi2.dll - ok
22:29:00.0785 2548 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
22:29:00.0785 2548 C:\Windows\System32\imapi2.dll - ok
22:29:00.0785 2548 [ 387A8A473ECC5BA02CF453277C1F3274 ] C:\Windows\SysWOW64\mspatcha.dll
22:29:00.0785 2548 C:\Windows\SysWOW64\mspatcha.dll - ok
22:29:00.0785 2548 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
22:29:00.0785 2548 C:\Windows\System32\mspatcha.dll - ok
22:29:00.0785 2548 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
22:29:00.0785 2548 C:\Windows\System32\SearchProtocolHost.exe - ok
22:29:00.0785 2548 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\SysWOW64\msshooks.dll
22:29:00.0785 2548 C:\Windows\SysWOW64\msshooks.dll - ok
22:29:00.0801 2548 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
22:29:00.0801 2548 C:\Windows\System32\msshooks.dll - ok
22:29:00.0801 2548 [ A6CD6B3F71E13E2E45B727FB8A47EA87 ] C:\Windows\SysWOW64\SearchFilterHost.exe
22:29:00.0801 2548 C:\Windows\SysWOW64\SearchFilterHost.exe - ok
22:29:00.0801 2548 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\SysWOW64\hgcpl.dll
22:29:00.0801 2548 C:\Windows\SysWOW64\hgcpl.dll - ok
22:29:00.0801 2548 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
22:29:00.0801 2548 C:\Windows\System32\SearchFilterHost.exe - ok
22:29:00.0801 2548 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
22:29:00.0801 2548 C:\Windows\System32\hgcpl.dll - ok
22:29:00.0801 2548 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\SysWOW64\provsvc.dll
22:29:00.0801 2548 C:\Windows\SysWOW64\provsvc.dll - ok
22:29:00.0801 2548 [ DB67C7C62038BDE813CB6486581A7611 ] C:\Windows\SysWOW64\mssph.dll
22:29:00.0801 2548 C:\Windows\SysWOW64\mssph.dll - ok
22:29:00.0816 2548 [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
22:29:00.0816 2548 C:\Windows\SysWOW64\wscisvif.dll - ok
22:29:00.0816 2548 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
22:29:00.0816 2548 C:\Windows\System32\wscisvif.dll - ok
22:29:00.0816 2548 [ 7DF186D86CF8C571A12AAB788C777F84 ] C:\Windows\SysWOW64\wscproxystub.dll
22:29:00.0816 2548 C:\Windows\SysWOW64\wscproxystub.dll - ok
22:29:00.0816 2548 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
22:29:00.0816 2548 C:\Windows\System32\wscproxystub.dll - ok
22:29:00.0816 2548 [ 93499389D9075A6490F98FA4B2E742FF ] C:\Users\Pseelam\Desktop\bc\FSS.exe
22:29:00.0816 2548 C:\Users\Pseelam\Desktop\bc\FSS.exe - ok
22:29:00.0816 2548 [ AA1FFCCE383A227144FD62A019CD27CE ] C:\Users\Pseelam\Desktop\bc\esetsmartinstaller_enu.exe
22:29:00.0816 2548 C:\Users\Pseelam\Desktop\bc\esetsmartinstaller_enu.exe - ok
22:29:00.0832 2548 [ E0D857B9137DED6CB7F936857016CC8B ] C:\Windows\SysWOW64\CCM\StandardEventForwarder.dll
22:29:00.0832 2548 C:\Windows\SysWOW64\CCM\StandardEventForwarder.dll - ok
22:29:00.0832 2548 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
22:29:00.0832 2548 C:\Windows\System32\mssph.dll - ok
22:29:00.0832 2548 [ F1A71057323BA1560472F4091F1F664B ] C:\Users\Pseelam\Desktop\bc\ComboFix.exe
22:29:00.0832 2548 C:\Users\Pseelam\Desktop\bc\ComboFix.exe - ok
22:29:00.0832 2548 [ BE3AB4803C963BE0357541EC3B17D443 ] C:\Users\Pseelam\Desktop\bc\aswMBR.exe
22:29:00.0832 2548 C:\Users\Pseelam\Desktop\bc\aswMBR.exe - ok
22:29:00.0832 2548 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Pseelam\Desktop\bc\New folder\tdsskiller.exe
22:29:00.0832 2548 C:\Users\Pseelam\Desktop\bc\New folder\tdsskiller.exe - ok
22:29:00.0832 2548 [ CF0F0B551F95B46055EE39F767665672 ] C:\Users\Pseelam\Desktop\bc\New folder\adwcleaner.exe
22:29:00.0832 2548 C:\Users\Pseelam\Desktop\bc\New folder\adwcleaner.exe - ok
22:29:00.0848 2548 [ 31F3CF74759BE9196408EEBFE9E93626 ] C:\Users\Pseelam\Desktop\bc\New folder\SecurityCheck.exe
22:29:00.0848 2548 C:\Users\Pseelam\Desktop\bc\New folder\SecurityCheck.exe - ok
22:29:00.0848 2548 [ AE6CC866ACF5AF4FE7DB6E15A88A427A ] C:\Users\Pseelam\Desktop\bc\New folder\RogueKiller.exe
22:29:00.0848 2548 C:\Users\Pseelam\Desktop\bc\New folder\RogueKiller.exe - ok
22:29:00.0848 2548 [ A12685E4A95815B76CF9817EFD8FF6D0 ] C:\Users\Pseelam\Desktop\bc\New folder\ComboFix.exe
22:29:00.0848 2548 C:\Users\Pseelam\Desktop\bc\New folder\ComboFix.exe - ok
22:29:00.0848 2548 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
22:29:00.0848 2548 C:\Windows\SysWOW64\mapi32.dll - ok
22:29:00.0848 2548 [ 769765CE2CC62867468CEA93969B2242 ] C:\Windows\System32\drivers\asyncmac.sys
22:29:00.0848 2548 C:\Windows\System32\drivers\asyncmac.sys - ok
22:29:00.0848 2548 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
22:29:00.0848 2548 C:\Windows\System32\mapi32.dll - ok
22:29:00.0863 2548 [ 63B282FB2550893724647A359BA2323F ] C:\Windows\SysWOW64\Query.dll
22:29:00.0863 2548 C:\Windows\SysWOW64\Query.dll - ok
22:29:00.0863 2548 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
22:29:00.0863 2548 C:\Windows\System32\Query.dll - ok
22:29:00.0863 2548 [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
22:29:00.0863 2548 C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
22:29:00.0863 2548 [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
22:29:00.0863 2548 C:\Windows\System32\NaturalLanguage6.dll - ok
22:29:00.0863 2548 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
22:29:00.0863 2548 C:\Windows\System32\wups2.dll - ok
22:29:00.0863 2548 [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll
22:29:00.0863 2548 C:\Windows\SysWOW64\NlsData0009.dll - ok
22:29:00.0863 2548 [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
22:29:00.0863 2548 C:\Windows\System32\NlsData0009.dll - ok
22:29:00.0879 2548 [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll
22:29:00.0879 2548 C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
22:29:00.0879 2548 [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
22:29:00.0879 2548 C:\Windows\System32\NlsLexicons0009.dll - ok
22:29:00.0879 2548 [ 5B79D9AA3392BEA28E41DCE6AD28F235 ] C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
22:29:00.0879 2548 C:\Program Files (x86)\Microsoft Lync\UcMapi.exe - ok
22:29:00.0879 2548 [ 7801AFE8E9E15CC19065DD35D35D2680 ] C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL
22:29:00.0879 2548 C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSMAPI32.DLL - ok
22:29:00.0879 2548 [ A5240FFD1A470EA47F95DC34E065E249 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\MAPIR.DLL
22:29:00.0879 2548 C:\Program Files (x86)\Microsoft Office\Office12\1033\MAPIR.DLL - ok
22:29:00.0879 2548 [ 1A8B4857F2CAAED89E16B1ED1F24930D ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\RICHED20.DLL
22:29:00.0879 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\RICHED20.DLL - ok
22:29:00.0894 2548 [ 7606B8B56116BEDFBCFECD7107511ED6 ] C:\Program Files (x86)\Microsoft Office\Office12\CONTAB32.DLL
22:29:00.0894 2548 C:\Program Files (x86)\Microsoft Office\Office12\CONTAB32.DLL - ok
22:29:00.0894 2548 [ C3FEF3EFD693490792A0A2DD17BC1F65 ] C:\Program Files (x86)\Microsoft Office\Office12\EMSMDB32.DLL
22:29:00.0894 2548 C:\Program Files (x86)\Microsoft Office\Office12\EMSMDB32.DLL - ok
22:29:00.0894 2548 [ A2718532AFF3B0F9C73D3034A1511F50 ] C:\Windows\SysWOW64\rpchttp.dll
22:29:00.0894 2548 C:\Windows\SysWOW64\rpchttp.dll - ok
22:29:00.0894 2548 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
22:29:00.0894 2548 C:\Windows\System32\wbem\wmipcima.dll - ok
22:29:00.0894 2548 [ F175E53C7C3B25A9029A131FB578B155 ] C:\Windows\SysWOW64\wscinterop.dll
22:29:00.0894 2548 C:\Windows\SysWOW64\wscinterop.dll - ok
22:29:00.0894 2548 [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
22:29:00.0894 2548 C:\Windows\System32\wscinterop.dll - ok
22:29:00.0910 2548 [ 19F75D71E4256F5113D64CE2BB66B838 ] C:\Windows\SysWOW64\slwga.dll
22:29:00.0910 2548 C:\Windows\SysWOW64\slwga.dll - ok
22:29:00.0910 2548 [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
22:29:00.0910 2548 C:\Windows\SysWOW64\wscapi.dll - ok
22:29:00.0910 2548 [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
22:29:00.0910 2548 C:\Windows\System32\slwga.dll - ok
22:29:00.0910 2548 [ 8E4B58E12B3FA65ED1462846906E0B59 ] C:\Windows\SysWOW64\sppc.dll
22:29:00.0910 2548 C:\Windows\SysWOW64\sppc.dll - ok
22:29:00.0910 2548 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC ] C:\Windows\SysWOW64\wscui.cpl
22:29:00.0910 2548 C:\Windows\SysWOW64\wscui.cpl - ok
22:29:00.0910 2548 [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
22:29:00.0910 2548 C:\Windows\System32\wscui.cpl - ok
22:29:00.0926 2548 [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
22:29:00.0926 2548 C:\Windows\System32\sppc.dll - ok
22:29:00.0926 2548 [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
22:29:00.0926 2548 C:\Windows\System32\werconcpl.dll - ok
22:29:00.0926 2548 [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
22:29:00.0926 2548 C:\Windows\System32\wercplsupport.dll - ok
22:29:00.0926 2548 [ 57CE9D8350B1DD76EEC596C423C3C0BC ] C:\Windows\SysWOW64\hcproviders.dll
22:29:00.0926 2548 C:\Windows\SysWOW64\hcproviders.dll - ok
22:29:00.0926 2548 [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
22:29:00.0926 2548 C:\Windows\System32\hcproviders.dll - ok
22:29:00.0926 2548 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C ] C:\Windows\SysWOW64\wbem\WMIADAP.exe
22:29:00.0926 2548 C:\Windows\SysWOW64\wbem\WMIADAP.exe - ok
22:29:00.0926 2548 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
22:29:00.0926 2548 C:\Windows\System32\wbem\WMIADAP.exe - ok
22:29:00.0941 2548 [ 9217D874131AE6FF8F642F124F00A555 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:29:00.0941 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe - ok
22:29:00.0941 2548 [ D88040F816FDA31C3B466F0FA0918F29 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:29:00.0941 2548 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - ok
22:29:00.0941 2548 [ D1CEEA2B47CB998321C579651CE3E4F8 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:29:00.0941 2548 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe - ok
22:29:00.0941 2548 [ 80A594258A275D22A2379713161E5457 ] C:\Windows\cwbrxd.exe
22:29:00.0941 2548 C:\Windows\cwbrxd.exe - ok
22:29:00.0941 2548 [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
22:29:00.0941 2548 C:\Windows\ehome\ehrecvr.exe - ok
22:29:00.0941 2548 [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
22:29:00.0941 2548 C:\Windows\ehome\ehsched.exe - ok
22:29:00.0957 2548 [ 4FE6AA4422BEC5DC3995051C670FFB26 ] C:\Windows\SysWOW64\advpack.dll
22:29:00.0957 2548 C:\Windows\SysWOW64\advpack.dll - ok
22:29:00.0957 2548 [ 5FBD7BEC6CD3DCAA6A87A7F70CE8AF44 ] C:\Windows\System32\advpack.dll
22:29:00.0957 2548 C:\Windows\System32\advpack.dll - ok
22:29:00.0957 2548 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
22:29:00.0957 2548 C:\Windows\servicing\TrustedInstaller.exe - ok
22:29:00.0957 2548 [ 0C0DF0F05BAEA320FA301F34E256E08B ] C:\Windows\SysWOW64\dpx.dll
22:29:00.0957 2548 C:\Windows\SysWOW64\dpx.dll - ok
22:29:00.0957 2548 [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
22:29:00.0957 2548 C:\Windows\SysWOW64\srclient.dll - ok
22:29:00.0957 2548 [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
22:29:00.0957 2548 C:\Windows\SysWOW64\spp.dll - ok
22:29:00.0972 2548 [ BBED6A14692C48279F88B3127206A1BA ] C:\Windows\SysWOW64\sxsstore.dll
22:29:00.0972 2548 C:\Windows\SysWOW64\sxsstore.dll - ok
22:29:00.0972 2548 [ 288ADDED26C80FDC135CAB4340161686 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll
22:29:00.0972 2548 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\CbsCore.dll - ok
22:29:00.0972 2548 [ DA962E6301C2B887F545DA88BEB8D5D5 ] C:\Windows\servicing\CbsMsg.dll
22:29:00.0972 2548 C:\Windows\servicing\CbsMsg.dll - ok
22:29:00.0972 2548 [ 7957A194B8421BC070FABBF1C55DB68B ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll
22:29:00.0972 2548 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wcp.dll - ok
22:29:00.0972 2548 [ 9297F004FCE79FB7B26DAC6968FB5FEB ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll
22:29:00.0972 2548 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\DrUpdate.dll - ok
22:29:00.0972 2548 [ 943F48CC3A59169E52A054946C2F59B8 ] C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll
22:29:00.0972 2548 C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_672ce6c3de2cb17f\wrpint.dll - ok
22:29:00.0988 2548 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\SysWOW64\sqmapi.dll
22:29:00.0988 2548 C:\Windows\SysWOW64\sqmapi.dll - ok
22:29:00.0988 2548 [ D485D1BE97777617B186FC8095F58421 ] C:\Windows\servicing\CbsApi.dll
22:29:00.0988 2548 C:\Windows\servicing\CbsApi.dll - ok
22:29:00.0988 2548 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
22:29:00.0988 2548 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe - ok
22:29:00.0988 2548 [ 28DDEEEC44E988657B732CF404D504CB ] C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:29:00.0988 2548 C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe - ok
22:29:00.0988 2548 [ 6369F960C28A16F4502C480EEDE3652C ] C:\Windows\System32\dpx.dll
22:29:00.0988 2548 C:\Windows\System32\dpx.dll - ok
22:29:00.0988 2548 [ FC6C5D860CDB82411DA626821201BDF0 ] C:\Windows\System32\srclient.dll
22:29:00.0988 2548 C:\Windows\System32\srclient.dll - ok
22:29:01.0004 2548 [ B7AC66C1CCD87D7C49256B5451DED4FA ] C:\Windows\System32\spp.dll
22:29:01.0004 2548 C:\Windows\System32\spp.dll - ok
22:29:01.0004 2548 [ 6685DD5CC357D45EEE30FD089E8A111A ] C:\Windows\System32\sxsstore.dll
22:29:01.0004 2548 C:\Windows\System32\sxsstore.dll - ok
22:29:01.0004 2548 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:29:01.0004 2548 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe - ok
22:29:01.0004 2548 [ D22CD77D4F0D63D1169BB35911BFF12D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:29:01.0004 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe - ok
22:29:01.0004 2548 [ 785F487A64950F3CB8E9F16253BA3B7B ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE
22:29:01.0004 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\ODSERV.EXE - ok
22:29:01.0004 2548 [ 99BF0B1BCADF83102CBBBEA4D0D22732 ] C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
22:29:01.0004 2548 C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE - ok
22:29:01.0019 2548 [ E495E408C93141E8FC72DC0C6046DDFA ] C:\Windows\SysWOW64\perfhost.exe
22:29:01.0019 2548 C:\Windows\SysWOW64\perfhost.exe - ok
22:29:01.0019 2548 [ 77BD0166102F3B9BB9499B2952C3BCFA ] C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
22:29:01.0019 2548 C:\Program Files (x86)\Windows Live\Mail\wlmail.exe - ok
22:29:01.0019 2548 [ 0FBB8B956777D43D959FAF6FFA5EEEC3 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe
22:29:01.0019 2548 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelReg.exe - ok
22:29:01.0019 2548 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:29:01.0019 2548 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe - ok
22:29:01.0019 2548 [ A943D670747778C7597987A4B5B9A679 ] C:\Windows\System32\WFS.exe
22:29:01.0019 2548 C:\Windows\System32\WFS.exe - ok
22:29:01.0019 2548 [ 907281ED4AD35D41B29FFDC211EBAD80 ] C:\Windows\SysWOW64\wmi.dll
22:29:01.0019 2548 C:\Windows\SysWOW64\wmi.dll - ok
22:29:01.0035 2548 [ F1E9A22C1D4F5D3AC7BA555D4E95329C ] C:\Windows\SysWOW64\sud.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\sud.dll - ok
22:29:01.0035 2548 [ 8BCF1DCE05F4494C8891F33EEA450D0A ] C:\Windows\SysWOW64\wdc.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\wdc.dll - ok
22:29:01.0035 2548 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\SysWOW64\tbs.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\tbs.dll - ok
22:29:01.0035 2548 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\SysWOW64\wdi.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\wdi.dll - ok
22:29:01.0035 2548 [ 53DA0477158774940C7FB45AC70645AA ] C:\Windows\SysWOW64\clb.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\clb.dll - ok
22:29:01.0035 2548 [ 737AFC772243C75E6AD17A7A8E8E23F9 ] C:\Windows\SysWOW64\fms.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\fms.dll - ok
22:29:01.0035 2548 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\SysWOW64\nci.dll
22:29:01.0035 2548 C:\Windows\SysWOW64\nci.dll - ok
22:29:01.0050 2548 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\SysWOW64\Sens.dll
22:29:01.0050 2548 C:\Windows\SysWOW64\Sens.dll - ok
22:29:01.0050 2548 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\SysWOW64\upnp.dll
22:29:01.0050 2548 C:\Windows\SysWOW64\upnp.dll - ok
22:29:01.0050 2548 [ F93C84B307573327779AE0DA41115957 ] C:\Windows\SysWOW64\ulib.dll
22:29:01.0050 2548 C:\Windows\SysWOW64\ulib.dll - ok
22:29:01.0050 2548 [ 079D12BFED9E3E03D02A44BAF8FFA3A9 ] C:\Windows\SysWOW64\desk.cpl
22:29:01.0050 2548 C:\Windows\SysWOW64\desk.cpl - ok
22:29:01.0050 2548 [ 7D44EE5DBCC3A6E90EB60EDF72B66D99 ] C:\Windows\SysWOW64\apds.dll
22:29:01.0050 2548 C:\Windows\SysWOW64\apds.dll - ok
22:29:01.0050 2548 [ 21B62252D283FBF75A5F67849EBD9B2E ] C:\Windows\System32\WFSR.dll
22:29:01.0050 2548 C:\Windows\System32\WFSR.dll - ok
22:29:01.0066 2548 [ E8C2C855AADAEEA8CBB879246BFA7B9E ] C:\Windows\System32\batt.dll
22:29:01.0066 2548 C:\Windows\System32\batt.dll - ok
22:29:01.0066 2548 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\SysWOW64\onex.dll
22:29:01.0066 2548 C:\Windows\SysWOW64\onex.dll - ok
22:29:01.0066 2548 [ BA2B249CD7C8CE15E1A8D69ECAEE5FA3 ] C:\Windows\SysWOW64\main.cpl
22:29:01.0066 2548 C:\Windows\SysWOW64\main.cpl - ok
22:29:01.0066 2548 [ 2E2C17DF779AD51A7209754685B010A1 ] C:\Windows\SysWOW64\apss.dll
22:29:01.0066 2548 C:\Windows\SysWOW64\apss.dll - ok
22:29:01.0066 2548 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\SysWOW64\ubpm.dll
22:29:01.0066 2548 C:\Windows\SysWOW64\ubpm.dll - ok
22:29:01.0066 2548 [ 061CBB1058A10C0875D18CAFF835AE97 ] C:\Windows\SysWOW64\mshta.exe
22:29:01.0066 2548 C:\Windows\SysWOW64\mshta.exe - ok
22:29:01.0066 2548 [ 31DF8B79EF2B1985FFBB113D7A03B0AA ] C:\Windows\System32\bthci.dll
22:29:01.0066 2548 C:\Windows\System32\bthci.dll - ok
22:29:01.0082 2548 [ 53E054880ADBB856ECE6EB10EDBB8A32 ] C:\Windows\SysWOW64\mmsys.cpl
22:29:01.0082 2548 C:\Windows\SysWOW64\mmsys.cpl - ok
22:29:01.0082 2548 [ 1F4C97B6D0BD2515BCDF8B15DC65F2E3 ] C:\Windows\System32\sccls.dll
22:29:01.0082 2548 C:\Windows\System32\sccls.dll - ok
22:29:01.0082 2548 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\SysWOW64\TSpkg.dll
22:29:01.0082 2548 C:\Windows\SysWOW64\TSpkg.dll - ok
22:29:01.0082 2548 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
22:29:01.0082 2548 C:\Windows\SysWOW64\SPInf.dll - ok
22:29:01.0082 2548 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\SysWOW64\pku2u.dll
22:29:01.0082 2548 C:\Windows\SysWOW64\pku2u.dll - ok
22:29:01.0082 2548 [ DAB5808E0C26740577AE67878A87136E ] C:\Windows\SysWOW64\aclui.dll
22:29:01.0082 2548 C:\Windows\SysWOW64\aclui.dll - ok
22:29:01.0082 2548 [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0 ] C:\Windows\SysWOW64\twext.dll
22:29:01.0082 2548 C:\Windows\SysWOW64\twext.dll - ok
22:29:01.0097 2548 [ 25ECEE9FE6D1E638E3980F71E77DB32C ] C:\Windows\SysWOW64\wuapp.exe
22:29:01.0097 2548 C:\Windows\SysWOW64\wuapp.exe - ok
22:29:01.0097 2548 [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
22:29:01.0097 2548 C:\Windows\System32\sdcpl.dll - ok
22:29:01.0097 2548 [ 987323F0247D023AD1AE52195540ECE0 ] C:\Windows\SysWOW64\mssvp.dll
22:29:01.0097 2548 C:\Windows\SysWOW64\mssvp.dll - ok
22:29:01.0097 2548 [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
22:29:01.0097 2548 C:\Windows\System32\KMSVC.DLL - ok
22:29:01.0097 2548 [ EB7B4563D6D20FC663F15FE8581D0BF2 ] C:\Windows\SysWOW64\dmocx.dll
22:29:01.0097 2548 C:\Windows\SysWOW64\dmocx.dll - ok
22:29:01.0097 2548 [ A9D4140B8B843D5719F7C3EED8C0F9FD ] C:\Windows\SysWOW64\tsgqec.dll
22:29:01.0097 2548 C:\Windows\SysWOW64\tsgqec.dll - ok
22:29:01.0113 2548 [ 02A2ED8497F437EA200DF3ACED255AFE ] C:\Windows\SysWOW64\elslad.dll
22:29:01.0113 2548 C:\Windows\SysWOW64\elslad.dll - ok
22:29:01.0113 2548 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\SysWOW64\shsvcs.dll
22:29:01.0113 2548 C:\Windows\SysWOW64\shsvcs.dll - ok
22:29:01.0113 2548 [ BF6BF2F25C73CB4A5204DCC1924A8A14 ] C:\Windows\System32\sti_ci.dll
22:29:01.0113 2548 C:\Windows\System32\sti_ci.dll - ok
22:29:01.0113 2548 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\SysWOW64\keyiso.dll
22:29:01.0113 2548 C:\Windows\SysWOW64\keyiso.dll - ok
22:29:01.0113 2548 [ 01073F2BA36792C9BFD1BD622A6247B3 ] C:\Windows\System32\wpccpl.dll
22:29:01.0113 2548 C:\Windows\System32\wpccpl.dll - ok
22:29:01.0113 2548 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\SysWOW64\cscobj.dll
22:29:01.0113 2548 C:\Windows\SysWOW64\cscobj.dll - ok
22:29:01.0128 2548 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\SysWOW64\sscore.dll
22:29:01.0128 2548 C:\Windows\SysWOW64\sscore.dll - ok
22:29:01.0128 2548 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\SysWOW64\mfplat.dll
22:29:01.0128 2548 C:\Windows\SysWOW64\mfplat.dll - ok
22:29:01.0128 2548 [ F5F9CB23EDBF2C77AAE5A2A2FC4FC333 ] C:\Windows\SysWOW64\devmgr.dll
22:29:01.0128 2548 C:\Windows\SysWOW64\devmgr.dll - ok
22:29:01.0128 2548 [ F41831D2A3D6E2152525EA3F75316ACD ] C:\Windows\System32\wpd_ci.dll
22:29:01.0128 2548 C:\Windows\System32\wpd_ci.dll - ok
22:29:01.0128 2548 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
22:29:01.0128 2548 C:\Windows\SysWOW64\winbio.dll - ok
22:29:01.0128 2548 [ 69A1D7C29CFF256BECBD4E39E2159636 ] C:\Windows\SysWOW64\scrrun.dll
22:29:01.0128 2548 C:\Windows\SysWOW64\scrrun.dll - ok
22:29:01.0128 2548 [ 894611A2264EE383F14C67660CE1D0F2 ] C:\Windows\System32\dispci.dll
22:29:01.0128 2548 C:\Windows\System32\dispci.dll - ok
22:29:01.0144 2548 [ 2607A85B6466C0110EA8ABB9D8CC83FC ] C:\Windows\SysWOW64\regapi.dll
22:29:01.0144 2548 C:\Windows\SysWOW64\regapi.dll - ok
22:29:01.0144 2548 [ C9905EA4C326DAB778B9297BA5BD1889 ] C:\Windows\SysWOW64\wermgr.exe
22:29:01.0144 2548 C:\Windows\SysWOW64\wermgr.exe - ok
22:29:01.0144 2548 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\SysWOW64\comres.dll
22:29:01.0144 2548 C:\Windows\SysWOW64\comres.dll - ok
22:29:01.0144 2548 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\SysWOW64\scesrv.dll
22:29:01.0144 2548 C:\Windows\SysWOW64\scesrv.dll - ok
22:29:01.0144 2548 [ CFD8B8537036CF35F6254192997A4D8E ] C:\Windows\SysWOW64\shgina.dll
22:29:01.0144 2548 C:\Windows\SysWOW64\shgina.dll - ok
22:29:01.0144 2548 [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\SysWOW64\EAPQEC.DLL
22:29:01.0144 2548 C:\Windows\SysWOW64\EAPQEC.DLL - ok
22:29:01.0144 2548 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\SysWOW64\UXInit.dll
22:29:01.0144 2548 C:\Windows\SysWOW64\UXInit.dll - ok
22:29:01.0160 2548 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
22:29:01.0160 2548 C:\Windows\System32\cscsvc.dll - ok
22:29:01.0160 2548 [ 20A20A911CD79A6F6839167149A05668 ] C:\Windows\SysWOW64\syncui.dll
22:29:01.0160 2548 C:\Windows\SysWOW64\syncui.dll - ok
22:29:01.0160 2548 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\SysWOW64\scecli.dll
22:29:01.0160 2548 C:\Windows\SysWOW64\scecli.dll - ok
22:29:01.0160 2548 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\SysWOW64\netjoin.dll
22:29:01.0160 2548 C:\Windows\SysWOW64\netjoin.dll - ok
22:29:01.0160 2548 [ E34C4AAF1533648BC4B671C0F4D86F03 ] C:\Windows\SysWOW64\jscript.dll
22:29:01.0160 2548 C:\Windows\SysWOW64\jscript.dll - ok
22:29:01.0160 2548 [ 00D7AB9A8E5C9A84CFCA19AD9E583E6F ] C:\Windows\SysWOW64\mmcbase.dll
22:29:01.0160 2548 C:\Windows\SysWOW64\mmcbase.dll - ok
22:29:01.0175 2548 [ 04A8B2F67825380BC0C7C46D56776133 ] C:\Windows\SysWOW64\pngfilt.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\pngfilt.dll - ok
22:29:01.0175 2548 [ 14558D849EC14160AC3DACD8AC36E10A ] C:\Windows\SysWOW64\Display.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\Display.dll - ok
22:29:01.0175 2548 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] C:\Windows\SysWOW64\hidserv.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\hidserv.dll - ok
22:29:01.0175 2548 [ A205B7A5D8E4AE6E8DE7B313C7FC3FA4 ] C:\Windows\SysWOW64\mdminst.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\mdminst.dll - ok
22:29:01.0175 2548 [ 2BCF9DD935DAE5A34BACE0F76DD0B581 ] C:\Windows\SysWOW64\pmcsnap.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\pmcsnap.dll - ok
22:29:01.0175 2548 [ 82A9C6ADDCC4D392293AF15C09192DEC ] C:\Windows\SysWOW64\ifsutil.dll
22:29:01.0175 2548 C:\Windows\SysWOW64\ifsutil.dll - ok
22:29:01.0191 2548 [ 98ECA04A6B5319043583FE00FC3C22EE ] C:\Windows\SysWOW64\synceng.dll
22:29:01.0191 2548 C:\Windows\SysWOW64\synceng.dll - ok
22:29:01.0191 2548 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\SysWOW64\httpapi.dll
22:29:01.0191 2548 C:\Windows\SysWOW64\httpapi.dll - ok
22:29:01.0191 2548 [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll
22:29:01.0191 2548 C:\Windows\SysWOW64\imgutil.dll - ok
22:29:01.0191 2548 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\SysWOW64\wdigest.dll
22:29:01.0191 2548 C:\Windows\SysWOW64\wdigest.dll - ok
22:29:01.0191 2548 [ 909B0DC6134C1AF9E1E242F87008B5E1 ] C:\Windows\System32\McxDriv.dll
22:29:01.0191 2548 C:\Windows\System32\McxDriv.dll - ok
22:29:01.0191 2548 [ 69C81451DCE63069A036FBF646A86996 ] C:\Windows\SysWOW64\fontext.dll
22:29:01.0191 2548 C:\Windows\SysWOW64\fontext.dll - ok
22:29:01.0191 2548 [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\SysWOW64\DHCPQEC.DLL
22:29:01.0191 2548 C:\Windows\SysWOW64\DHCPQEC.DLL - ok
22:29:01.0206 2548 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\SysWOW64\eappcfg.dll
22:29:01.0206 2548 C:\Windows\SysWOW64\eappcfg.dll - ok
22:29:01.0206 2548 [ 4AE380F39A0032EAB7DD953030B26D28 ] C:\Windows\SysWOW64\SessEnv.dll
22:29:01.0206 2548 C:\Windows\SysWOW64\SessEnv.dll - ok
22:29:01.0206 2548 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\SysWOW64\dimsjob.dll
22:29:01.0206 2548 C:\Windows\SysWOW64\dimsjob.dll - ok
22:29:01.0206 2548 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\SysWOW64\certcli.dll
22:29:01.0206 2548 C:\Windows\SysWOW64\certcli.dll - ok
22:29:01.0206 2548 [ AB5CF8E2CCBA62388971AA296F92A2AC ] C:\Windows\IP2.exe
22:29:01.0206 2548 C:\Windows\IP2.exe - ok
22:29:01.0206 2548 [ 8444A7364D6877922049E99BF4B78C5C ] C:\Windows\SysWOW64\ELSCore.dll
22:29:01.0206 2548 C:\Windows\SysWOW64\ELSCore.dll - ok
22:29:01.0222 2548 [ 0297C72529807322B152F517FDB0A9FC ] C:\Windows\SWSC.exe
22:29:01.0222 2548 C:\Windows\SWSC.exe - ok
22:29:01.0222 2548 [ 5992A9DF57FD5E6960FDCC2DB69867F7 ] C:\Windows\SysWOW64\themeui.dll
22:29:01.0222 2548 C:\Windows\SysWOW64\themeui.dll - ok
22:29:01.0222 2548 [ DC50B0FE1C3F654AC25B5484BF3A458C ] C:\Windows\System32\DiagCpl.dll
22:29:01.0222 2548 C:\Windows\System32\DiagCpl.dll - ok
22:29:01.0222 2548 [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
22:29:01.0222 2548 C:\Windows\System32\MdSched.exe - ok
22:29:01.0222 2548 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\SysWOW64\rasplap.dll
22:29:01.0222 2548 C:\Windows\SysWOW64\rasplap.dll - ok
22:29:01.0222 2548 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
22:29:01.0222 2548 C:\Windows\System32\bitsigd.dll - ok
22:29:01.0222 2548 [ 83EDF12A090F0B66CDC9F7390A701521 ] C:\Windows\SysWOW64\fontsub.dll
22:29:01.0222 2548 C:\Windows\SysWOW64\fontsub.dll - ok
22:29:01.0238 2548 [ 370349F79315D4DB86CD992CACEFEE61 ] C:\Windows\SysWOW64\VAN.dll
22:29:01.0238 2548 C:\Windows\SysWOW64\VAN.dll - ok
22:29:01.0238 2548 [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
22:29:01.0238 2548 C:\Windows\SysWOW64\regsvr32.exe - ok
22:29:01.0238 2548 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\SysWOW64\negoexts.dll
22:29:01.0238 2548 C:\Windows\SysWOW64\negoexts.dll - ok
22:29:01.0238 2548 [ 53AF1750FD45DDD705C9B68C7DC58827 ] C:\Windows\SysWOW64\evr.dll
22:29:01.0238 2548 C:\Windows\SysWOW64\evr.dll - ok
22:29:01.0238 2548 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\SysWOW64\dhcpcore.dll
22:29:01.0238 2548 C:\Windows\SysWOW64\dhcpcore.dll - ok
22:29:01.0238 2548 [ 6435B29D2018CFAD173BD50AE8F8D5DD ] C:\Windows\SysWOW64\iscsicpl.exe
22:29:01.0238 2548 C:\Windows\SysWOW64\iscsicpl.exe - ok
22:29:01.0253 2548 [ A29E036A5A3B37C7530F3EA1CF385129 ] C:\Windows\SysWOW64\lsmproxy.dll
22:29:01.0253 2548 C:\Windows\SysWOW64\lsmproxy.dll - ok
22:29:01.0253 2548 [ 60B7C0FEAD45F2066E5B805A91F4F0FC ] C:\Windows\SysWOW64\calc.exe
22:29:01.0253 2548 C:\Windows\SysWOW64\calc.exe - ok
22:29:01.0253 2548 [ 4436B1A16BDC58D2B3A5263F042C09B3 ] C:\Windows\SysWOW64\chcp.com
22:29:01.0253 2548 C:\Windows\SysWOW64\chcp.com - ok
22:29:01.0253 2548 [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
22:29:01.0253 2548 C:\Windows\System32\swprv.dll - ok
22:29:01.0253 2548 [ 40FF6C636380A87DE3A99F4E348BFDCB ] C:\Windows\SysWOW64\mstsc.exe
22:29:01.0253 2548 C:\Windows\SysWOW64\mstsc.exe - ok
22:29:01.0253 2548 [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Windows\SysWOW64\javaw.exe
22:29:01.0253 2548 C:\Windows\SysWOW64\javaw.exe - ok
22:29:01.0253 2548 [ 27F3D44B29E14658EDE13D7D044E7420 ] C:\Windows\SysWOW64\RASMM.dll
22:29:01.0253 2548 C:\Windows\SysWOW64\RASMM.dll - ok
22:29:01.0269 2548 [ B350525D71B42CF9366AF7443BBA21E6 ] C:\Windows\SysWOW64\msdrm.dll
22:29:01.0269 2548 C:\Windows\SysWOW64\msdrm.dll - ok
22:29:01.0269 2548 [ 909C11946AC04EA54A98C97792DC3C18 ] C:\Windows\SysWOW64\puiobj.dll
22:29:01.0269 2548 C:\Windows\SysWOW64\puiobj.dll - ok
22:29:01.0269 2548 [ 5A8BF4E8810541C23F4067536FB48CA3 ] C:\Windows\SysWOW64\vss_ps.dll
22:29:01.0269 2548 C:\Windows\SysWOW64\vss_ps.dll - ok
22:29:01.0269 2548 [ 468F54D6890DF38CD254117C1DCF5D80 ] C:\Windows\SysWOW64\ff_acm.acm
22:29:01.0269 2548 C:\Windows\SysWOW64\ff_acm.acm - ok
22:29:01.0269 2548 [ 09DEF3ABB6A196749299359AC5578DD8 ] C:\Windows\SysWOW64\msxml4.dll
22:29:01.0269 2548 C:\Windows\SysWOW64\msxml4.dll - ok
22:29:01.0269 2548 [ 4B8441782918424827F2937CFB669136 ] C:\Windows\SysWOW64\WlanMM.dll
22:29:01.0269 2548 C:\Windows\SysWOW64\WlanMM.dll - ok
22:29:01.0284 2548 [ 2D542FEEEE1644365BCE3327E91A5798 ] C:\Windows\SysWOW64\scrobj.dll
22:29:01.0284 2548 C:\Windows\SysWOW64\scrobj.dll - ok
22:29:01.0284 2548 [ A99C4D1B5E7E794EC5779CF14F431932 ] C:\Windows\SysWOW64\msdart.dll
22:29:01.0284 2548 C:\Windows\SysWOW64\msdart.dll - ok
22:29:01.0284 2548 [ E96BC9A8B03B20E7BC6CD8A97D7C1C6B ] C:\Windows\SysWOW64\nlhtml.dll
22:29:01.0284 2548 C:\Windows\SysWOW64\nlhtml.dll - ok
22:29:01.0284 2548 [ 8EC00CCCBB3436D534FC8DA85FF943BF ] C:\Windows\SysWOW64\appwiz.cpl
22:29:01.0284 2548 C:\Windows\SysWOW64\appwiz.cpl - ok
22:29:01.0284 2548 [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll
22:29:01.0284 2548 C:\Windows\SysWOW64\comsvcs.dll - ok
22:29:01.0284 2548 [ 494E31F87662C486EF2F2048D599AC46 ] C:\Windows\SysWOW64\ACCTRES.dll
22:29:01.0284 2548 C:\Windows\SysWOW64\ACCTRES.dll - ok
22:29:01.0284 2548 [ 8EE566982477BC5886FE622CEBEE9C86 ] C:\Windows\SysWOW64\msadp32.acm
22:29:01.0284 2548 C:\Windows\SysWOW64\msadp32.acm - ok
22:29:01.0300 2548 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\SysWOW64\radardt.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\radardt.dll - ok
22:29:01.0300 2548 [ A9D880F97530D5B8FEE278923349929D ] C:\Windows\SysWOW64\WebClnt.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\WebClnt.dll - ok
22:29:01.0300 2548 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\snmpapi.dll - ok
22:29:01.0300 2548 [ 5BDF8B0B9A3EADE3A2A6F2ED8D44E36D ] C:\Windows\SysWOW64\mssphtb.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\mssphtb.dll - ok
22:29:01.0300 2548 [ B9ADA43CB3FFAF6669D34F432AA44A0F ] C:\Windows\SysWOW64\pstorec.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\pstorec.dll - ok
22:29:01.0300 2548 [ C9380B96A0D51B8109D19D13467ADA0B ] C:\Windows\SysWOW64\msjet40.dll
22:29:01.0300 2548 C:\Windows\SysWOW64\msjet40.dll - ok
22:29:01.0316 2548 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\SysWOW64\wlansec.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\wlansec.dll - ok
22:29:01.0316 2548 [ 18CAD99A32BA08C6E56E8702BAC1B7C7 ] C:\Windows\SysWOW64\SAPbtmp.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\SAPbtmp.dll - ok
22:29:01.0316 2548 [ 8A4883F5E7AC37444F23279239553878 ] C:\Windows\SysWOW64\regedit.exe
22:29:01.0316 2548 C:\Windows\SysWOW64\regedit.exe - ok
22:29:01.0316 2548 [ FA849121BF8384BC9F9F93710616B134 ] C:\Windows\SysWOW64\msident.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\msident.dll - ok
22:29:01.0316 2548 [ 6707E0DAC75C45BB543B9A783068B9CF ] C:\Windows\SysWOW64\msoeacct.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\msoeacct.dll - ok
22:29:01.0316 2548 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\SysWOW64\AudioEng.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\AudioEng.dll - ok
22:29:01.0316 2548 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
22:29:01.0316 2548 C:\Windows\SysWOW64\qmgrprxy.dll - ok
22:29:01.0331 2548 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\olepro32.dll - ok
22:29:01.0331 2548 [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\SysWOW64\audiodev.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\audiodev.dll - ok
22:29:01.0331 2548 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\SysWOW64\AUDIOKSE.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\AUDIOKSE.dll - ok
22:29:01.0331 2548 [ 1F55C7C1E338047DC5E329011A781FB3 ] C:\Windows\SysWOW64\mswstr10.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\mswstr10.dll - ok
22:29:01.0331 2548 [ 933421733C2C4BE8CB161D18E9652E69 ] C:\Windows\SysWOW64\igdumd32.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\igdumd32.dll - ok
22:29:01.0331 2548 [ 2943A430B6EC39E98038F7CFA35680D7 ] C:\Windows\SysWOW64\FXSEXT32.dll
22:29:01.0331 2548 C:\Windows\SysWOW64\FXSEXT32.dll - ok
22:29:01.0347 2548 [ 2F4348DC0D06A0EBA5F5C4CB435790C1 ] C:\Windows\SysWOW64\kerberos.dll
22:29:01.0347 2548 C:\Windows\SysWOW64\kerberos.dll - ok
22:29:01.0347 2548 [ 088CF5B6380FB9002F2A4246F812225D ] C:\Windows\SysWOW64\asycfilt.dll
22:29:01.0347 2548 C:\Windows\SysWOW64\asycfilt.dll - ok
22:29:01.0347 2548 [ 263E6A7A561C293926BC113E542A8C61 ] C:\Windows\System32\DWRCSh64.DLL
22:29:01.0347 2548 C:\Windows\System32\DWRCSh64.DLL - ok
22:29:01.0347 2548 [ 64B628C5258625129288F2D0C75268DA ] C:\Windows\SysWOW64\themecpl.dll
22:29:01.0347 2548 C:\Windows\SysWOW64\themecpl.dll - ok
22:29:01.0347 2548 [ 2B7DB3E2C6DC1BC4D3682838BDB1304C ] C:\Windows\SysWOW64\igdumdx32.dll
22:29:01.0347 2548 C:\Windows\SysWOW64\igdumdx32.dll - ok
22:29:01.0347 2548 [ 1AA571774936717EE776DBED51E9EDF4 ] C:\Windows\SysWOW64\d3dx10_41.dll
22:29:01.0347 2548 C:\Windows\SysWOW64\d3dx10_41.dll - ok
22:29:01.0362 2548 [ D0E2272A41640708F630258101E96E15 ] C:\Windows\SysWOW64\NlsData001d.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\NlsData001d.dll - ok
22:29:01.0362 2548 [ 8133EA1A6258D0F536EC51BE0A67855A ] C:\Windows\SysWOW64\NlsData0013.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\NlsData0013.dll - ok
22:29:01.0362 2548 [ 28CAAA8B3DAC4604B6871F311C6B9F49 ] C:\Windows\SysWOW64\NlsData0000.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\NlsData0000.dll - ok
22:29:01.0362 2548 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\SysWOW64\webservices.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\webservices.dll - ok
22:29:01.0362 2548 [ 816FA57475CE5032E063BF69BFCD4C85 ] C:\Windows\SysWOW64\NlsData0021.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\NlsData0021.dll - ok
22:29:01.0362 2548 [ 6F778263DEB34EDA9EA7156FF3ABB26B ] C:\Windows\SysWOW64\NlsData0007.dll
22:29:01.0362 2548 C:\Windows\SysWOW64\NlsData0007.dll - ok
22:29:01.0378 2548 [ 28C53E0F0BBC13EA7ACE9150E23A2B35 ] C:\Windows\SysWOW64\NlsData001a.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\NlsData001a.dll - ok
22:29:01.0378 2548 [ 3DE43BFDAF3F8979699650202AA18B12 ] C:\Windows\SysWOW64\msmpeg2vdec.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\msmpeg2vdec.dll - ok
22:29:01.0378 2548 [ 0BDF121EBD33DA510BD82051C795E199 ] C:\Windows\SysWOW64\NlsData0003.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\NlsData0003.dll - ok
22:29:01.0378 2548 [ A4D7E12EDCA8BDA7EECEE69BB8D32353 ] C:\Windows\SysWOW64\NlsData002a.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\NlsData002a.dll - ok
22:29:01.0378 2548 [ A79FFFBA93697FB09584F11BD09AB636 ] C:\Windows\SysWOW64\NlsData0018.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\NlsData0018.dll - ok
22:29:01.0378 2548 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\SearchFolder.dll - ok
22:29:01.0378 2548 [ AB87C54CA19675880B0CAE65B8AF140C ] C:\Windows\SysWOW64\npDeployJava1.dll
22:29:01.0378 2548 C:\Windows\SysWOW64\npDeployJava1.dll - ok
22:29:01.0394 2548 [ C891705194E9927F236B853B80EFD608 ] C:\Program Files\Box Sync\_sqlite3.pyd
22:29:01.0394 2548 C:\Program Files\Box Sync\_sqlite3.pyd - ok
22:29:01.0394 2548 [ 88DEA9BB0501708383A45B16173E3F95 ] C:\Windows\SysWOW64\NlsLexicons001b.dll
22:29:01.0394 2548 C:\Windows\SysWOW64\NlsLexicons001b.dll - ok
22:29:01.0394 2548 [ 5E09C2AB22939CB7A637B7F1C5AE7D4F ] C:\Windows\SysWOW64\NlsLexicons0007.dll
22:29:01.0394 2548 C:\Windows\SysWOW64\NlsLexicons0007.dll - ok
22:29:01.0394 2548 [ 6EA045EC6B2F1E9A6D4C32ABA82486C3 ] C:\Program Files (x86)\ffdshow\ffdshow.ax
22:29:01.0394 2548 C:\Program Files (x86)\ffdshow\ffdshow.ax - ok
22:29:01.0394 2548 [ 8C458DC9E7DC6EC0DC5F24C999AFA4C7 ] C:\Program Files (x86)\WinRAR\RarExt64.dll
22:29:01.0394 2548 C:\Program Files (x86)\WinRAR\RarExt64.dll - ok
22:29:01.0394 2548 [ AB11CEFE591909A85E98E27A230807C7 ] C:\Program Files\Windows Sidebar\sbdrop.dll
22:29:01.0394 2548 C:\Program Files\Windows Sidebar\sbdrop.dll - ok
22:29:01.0409 2548 [ C7794A997CEC29173A4401F3AE16C51F ] C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
22:29:01.0409 2548 C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll - ok
22:29:01.0409 2548 [ 2B913D06B1289149CFECD11D2EF5AD45 ] C:\Program Files\FileLocator Lite\ShellExt.dll
22:29:01.0409 2548 C:\Program Files\FileLocator Lite\ShellExt.dll - ok
22:29:01.0409 2548 [ EB47E405A9222CA595E5E763B4156529 ] C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
22:29:01.0409 2548 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll - ok
22:29:01.0409 2548 [ 1EDE62E047F4BB3D0398EBA367C16484 ] C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL
22:29:01.0409 2548 C:\Windows\System32\spool\drivers\x64\3\PS5UI.DLL - ok
22:29:01.0409 2548 [ 23CB1C9276CAA3B3F3C491E1E2621E4C ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\guixt.dll
22:29:01.0409 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\guixt.dll - ok
22:29:01.0409 2548 [ 5E4FF36923C37C80B537DCE6CAA755F9 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
22:29:01.0409 2548 C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
22:29:01.0425 2548 [ DC66DE5E52D8023366F5F42E02CAFDF6 ] C:\Program Files (x86)\Evernote\Evernote\Resource.dll
22:29:01.0425 2548 C:\Program Files (x86)\Evernote\Evernote\Resource.dll - ok
22:29:01.0425 2548 [ 0C7FBDACCCD5D64D31DACE7C15054A80 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTML.OCX
22:29:01.0425 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTML.OCX - ok
22:29:01.0425 2548 [ 4920F93804ACA8F68916D6FFFD7977A8 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\convlib.dll
22:29:01.0425 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\convlib.dll - ok
22:29:01.0425 2548 [ 623C9754952A35B018F2448AF8184075 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\dbghelp.dll
22:29:01.0425 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\dbghelp.dll - ok
22:29:01.0425 2548 [ DEE657948D6E4C37381064F5265F0F5C ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTTREE.OCX
22:29:01.0425 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTTREE.OCX - ok
22:29:01.0425 2548 [ C04FCB7EEBEB5097B30468828F20FB9E ] C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
22:29:01.0425 2548 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll - ok
22:29:01.0440 2548 [ 001D62060DF2B9F3E335639B8F4657B0 ] C:\Program Files (x86)\Kutools for Excel\ArmAccess.dll
22:29:01.0440 2548 C:\Program Files (x86)\Kutools for Excel\ArmAccess.dll - ok
22:29:01.0440 2548 [ 2F7480A40151EB2E483CF6524EDBA3F7 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll
22:29:01.0440 2548 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin.dll - ok
22:29:01.0440 2548 [ 7DA6FB202F4AE6A35DD21EBD33E7581D ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\wdkcalex.dll
22:29:01.0440 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\wdkcalex.dll - ok
22:29:01.0440 2548 [ AD4854EF92D6C3F2FCB3C10116438173 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewut.dll
22:29:01.0440 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewut.dll - ok
22:29:01.0440 2548 [ 7936937246CFF4841181FC69E25E20E0 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPImage.dll
22:29:01.0440 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPImage.dll - ok
22:29:01.0440 2548 [ E0AB8B603DD3776BB34B8443FE4E897E ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewui.dll
22:29:01.0440 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewui.dll - ok
22:29:01.0456 2548 [ 65DC7B1EDBD13FC41F8872366875BF99 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPawole.dll
22:29:01.0456 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPawole.dll - ok
22:29:01.0456 2548 [ DC8DA8E38DE0F2CB0D7CE329CA0E4593 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcb.dll
22:29:01.0456 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcb.dll - ok
22:29:01.0456 2548 [ 417C30BEFAE75EDFA532719B9559A4BA ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapdpams.dll
22:29:01.0456 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapdpams.dll - ok
22:29:01.0456 2548 [ 2DD3A6F7C06409326172B70F096B0976 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPpctxt.dll
22:29:01.0456 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPpctxt.dll - ok
22:29:01.0456 2548 [ BBFD6361D302EC6CC27161F86C0633A6 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\GridView.ocx
22:29:01.0456 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\GridView.ocx - ok
22:29:01.0456 2548 [ 1473171BC95B75D30A0553B412AE448A ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AGM.dll
22:29:01.0456 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AGM.dll - ok
22:29:01.0472 2548 [ 19824119C3E902D6ED8CF55214E9AF60 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgmgr.dll
22:29:01.0472 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgmgr.dll - ok
22:29:01.0472 2548 [ 6090FD86988518B12011E94851A2228C ] C:\Program Files (x86)\Evernote\Evernote\EvernoteOL.dll
22:29:01.0472 2548 C:\Program Files (x86)\Evernote\Evernote\EvernoteOL.dll - ok
22:29:01.0472 2548 [ AC378975EA2B0F1A2D06DBE29592ABCE ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewdr.dll
22:29:01.0472 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewdr.dll - ok
22:29:01.0472 2548 [ B1E455379AC1DD7A672A96191E0160D5 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfctrl.dll
22:29:01.0472 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfctrl.dll - ok
22:29:01.0472 2548 [ E6E069B999F1C936ED055C57D880C638 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTMCTRL.OCX
22:29:01.0472 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTMCTRL.OCX - ok
22:29:01.0472 2548 [ A980E1FCE8E7B4B3DAD824AEEE864DBB ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saptoolb.dll
22:29:01.0472 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saptoolb.dll - ok
22:29:01.0487 2548 [ 8717C932D324622B457668C975361B79 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgdll.dll
22:29:01.0487 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgdll.dll - ok
22:29:01.0487 2548 [ 00118837DADF5F78511EE6BB87CD3767 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPguilib.dll
22:29:01.0487 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPguilib.dll - ok
22:29:01.0487 2548 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
22:29:01.0487 2548 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
22:29:01.0487 2548 [ 8C0A13B1BAF46E6A81491B2A79582D47 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPmemmgt.dll
22:29:01.0487 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPmemmgt.dll - ok
22:29:01.0487 2548 [ 29F9D1A7D3D63FD2D10CE06901475888 ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll
22:29:01.0487 2548 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin5.dll - ok
22:29:01.0487 2548 [ 62CDCE7FFF1E0C442509E063161F6ACB ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapab4lex.dll
22:29:01.0487 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapab4lex.dll - ok
22:29:01.0503 2548 [ 11920FF108F7AFE3FDAA20D1A06CF976 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcls.dll
22:29:01.0503 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcls.dll - ok
22:29:01.0503 2548 [ 655577FA7B75A05E4D14CCBC8D82BAAC ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewnls.dll
22:29:01.0503 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewnls.dll - ok
22:29:01.0503 2548 [ 2D34839A17EF7BDA968332AF195FCC9D ] C:\Program Files (x86)\Common Files\System\ado\msadox.dll
22:29:01.0503 2548 C:\Program Files (x86)\Common Files\System\ado\msadox.dll - ok
22:29:01.0503 2548 [ EB713BA9BB1569B340D50205D1933396 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapab4edit.ocx
22:29:01.0503 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapab4edit.ocx - ok
22:29:01.0503 2548 [ EC37F6767E36479ABBFF4507D884F9F6 ] C:\Windows\System32\spool\drivers\x64\3\Cnp60409_D8E90.DLL
22:29:01.0503 2548 C:\Windows\System32\spool\drivers\x64\3\Cnp60409_D8E90.DLL - ok
22:29:01.0503 2548 [ 4C2374E9EE0972DF7CFFC7AADDEA7D02 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SapGuiFocus.dll
22:29:01.0503 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SapGuiFocus.dll - ok
22:29:01.0518 2548 [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
22:29:01.0518 2548 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
22:29:01.0518 2548 [ EBF7C51569144D0C9B47679BD519FE8A ] C:\Windows\System32\spool\drivers\x64\3\Cnp50MUI_DB5CE.DLL
22:29:01.0518 2548 C:\Windows\System32\spool\drivers\x64\3\Cnp50MUI_DB5CE.DLL - ok
22:29:01.0518 2548 [ C92D20A6E35E232004D83DC10A78878A ] C:\Program Files (x86)\Microsoft Office\Office12\USP10.DLL
22:29:01.0518 2548 C:\Program Files (x86)\Microsoft Office\Office12\USP10.DLL - ok
22:29:01.0518 2548 [ 14AA72EBAA5C2BA0314DD5804509C7F7 ] C:\Program Files (x86)\Microsoft Office\Office12\RTFHTML.DLL
22:29:01.0518 2548 C:\Program Files (x86)\Microsoft Office\Office12\RTFHTML.DLL - ok
22:29:01.0518 2548 [ DF106106D429C3CD935D1C91AA574CFD ] C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npatgpc.dll
22:29:01.0518 2548 C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npatgpc.dll - ok
22:29:01.0534 2548 [ 75DBB3561B38B0CFA88EE5ADAD88C336 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLRPC.DLL
22:29:01.0534 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLRPC.DLL - ok
22:29:01.0534 2548 [ 8163E23ED09D26E44D8F7E926DFEAC60 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
22:29:01.0534 2548 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
22:29:01.0534 2548 [ 87BA0576429722DF5B92FD43F55FAD77 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLFLTR.DLL
22:29:01.0534 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLFLTR.DLL - ok
22:29:01.0534 2548 [ A0F16CEF17666ADA3728544CCB7E72C3 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLACCT.DLL
22:29:01.0534 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLACCT.DLL - ok
22:29:01.0534 2548 [ BA19A768F067508EAF9C81900339014B ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\sapnco.dll
22:29:01.0534 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\sapnco.dll - ok
22:29:01.0534 2548 [ E332875EF423C70D65A858E71D022489 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiCore.dll
22:29:01.0534 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiCore.dll - ok
22:29:01.0550 2548 [ 6930DF1559A8A9A26497213155A964B4 ] C:\Program Files (x86)\Common Files\System\MSMAPI\MSNCON32.DLL
22:29:01.0550 2548 C:\Program Files (x86)\Common Files\System\MSMAPI\MSNCON32.DLL - ok
22:29:01.0550 2548 [ 8513A7BB078A669E75F2ADC3FB007B24 ] C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
22:29:01.0550 2548 C:\Program Files (x86)\Windows Live\Companion\companioncore.dll - ok
22:29:01.0550 2548 [ 8BA469072B5A692B659F856C7E97A230 ] C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
22:29:01.0550 2548 C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll - ok
22:29:01.0550 2548 [ 8082F66DC9C8167FF1AA548736F58457 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
22:29:01.0550 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - ok
22:29:01.0550 2548 [ 0794AE00CAAEB371E4A0FE51977B0F19 ] C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll
22:29:01.0550 2548 C:\Program Files (x86)\YouTube Downloader\YouTube Downloader.dll - ok
22:29:01.0550 2548 [ 3A9FBA6005BC10EF8D1E61B9FE589505 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSDATA0009.DLL
22:29:01.0550 2548 C:\Program Files (x86)\Microsoft Office\Office12\NLSDATA0009.DLL - ok
22:29:01.0565 2548 [ 531593113D46D525DC71900D146DA2F8 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiPptBase.dll
22:29:01.0565 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiPptBase.dll - ok
22:29:01.0565 2548 [ 2403A9F058DFDD337CE9A67AE1ECAD63 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXEV.DLL
22:29:01.0565 2548 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXEV.DLL - ok
22:29:01.0565 2548 [ 707F023159B541EAD5DD6ADB2E605443 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSMODELS0009.dll
22:29:01.0565 2548 C:\Program Files (x86)\Microsoft Office\Office12\NLSMODELS0009.dll - ok
22:29:01.0565 2548 [ EDF87FD6F0D69C4156E45126330A71CA ] C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSNCONR.DLL
22:29:01.0565 2548 C:\Program Files (x86)\Common Files\System\MSMAPI\1033\MSNCONR.DLL - ok
22:29:01.0565 2548 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll
22:29:01.0565 2548 C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll - ok
22:29:01.0565 2548 [ CDB7F82ED38219369D1DC9E04E4C7638 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\sapnco_utils.dll
22:29:01.0565 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\sapnco_utils.dll - ok
22:29:01.0581 2548 [ 4A1B8AF97E3B0AEF8BE1B8684277200B ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OGL.DLL
22:29:01.0581 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\OGL.DLL - ok
22:29:01.0581 2548 [ 0F2F2C982672FAD5D55450298E7E962C ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll
22:29:01.0581 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\pdf.dll - ok
22:29:01.0581 2548 [ 4683B599173E9C34680CF3D38ECA8C26 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiXllFunctions.dll
22:29:01.0581 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiXllFunctions.dll - ok
22:29:01.0581 2548 [ E1EEB7E26AB04075EECC7275239B20B3 ] C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll
22:29:01.0581 2548 C:\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll - ok
22:29:01.0581 2548 [ EAFEF8A6A14B024C5F97D00D0D501078 ] C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6.DLL
22:29:01.0581 2548 C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\VBE6.DLL - ok
22:29:01.0581 2548 [ 885FD19118BC7514590C5EEF31CD7D71 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\icudt.dll
22:29:01.0581 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\icudt.dll - ok
22:29:01.0596 2548 [ 1A514CA70E5FAF1CEC2F51CDAB1367A7 ] C:\Program Files (x86)\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll
22:29:01.0596 2548 C:\Program Files (x86)\Microsoft Office\Office12\NLSLEXICONS0009_SP.dll - ok
22:29:01.0596 2548 [ B00F9079E77BB1C310D520FC2D5DEF3E ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Core.dll
22:29:01.0596 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Core.dll - ok
22:29:01.0596 2548 [ 8FECD12803558FA84F63B7DDD16D89F1 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll
22:29:01.0596 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE11\msxml5.dll - ok
22:29:01.0596 2548 [ 00C348869469793FFF5225D29DF5E3D1 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\chrome.dll
22:29:01.0596 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\chrome.dll - ok
22:29:01.0596 2548 [ 28EE522EC405CC08A69F16A16921EF99 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll
22:29:01.0596 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\libegl.dll - ok
22:29:01.0612 2548 [ 9081051DEC43AE84E2B80279E05C0A42 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_oobelib.dll
22:29:01.0612 2548 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\P6\adobe_oobelib.dll - ok
22:29:01.0612 2548 [ 8A69C7EDB2F18C1EA851A5910185A904 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiConsumerServices.dll
22:29:01.0612 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiConsumerServices.dll - ok
22:29:01.0612 2548 [ 7B9151A533C810FB1D3DBAC95049A3F7 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\UmOutlookStrings.dll
22:29:01.0612 2548 C:\Program Files (x86)\Microsoft Office\Office12\1033\UmOutlookStrings.dll - ok
22:29:01.0612 2548 [ 8862D4B7722A3E631435C33A78BB7B20 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll
22:29:01.0612 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avutil-51.dll - ok
22:29:01.0612 2548 [ F37B4AEB402CE4DC7DDCC55AD0FD2EDF ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll
22:29:01.0612 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll - ok
22:29:01.0612 2548 [ 09E411E1DC92D813F49DFEEB4039CBCA ] C:\Users\Pseelam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
22:29:01.0612 2548 C:\Users\Pseelam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe - ok
22:29:01.0628 2548 [ 6A77A5EA879C3239250CBF35E80C6A1C ] C:\Users\Pseelam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll
22:29:01.0628 2548 C:\Users\Pseelam\AppData\Local\Google\Google Talk Plugin\googletalkplugin.dll - ok
22:29:01.0628 2548 [ 4C5D603A632023BFDB8EDD4436882ABF ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL
22:29:01.0628 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\1033\MSOINTL.DLL - ok
22:29:01.0628 2548 [ F9D83E16171C1D5268483F5FACA36D01 ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\nspr4.dll
22:29:01.0628 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\nspr4.dll - ok
22:29:01.0628 2548 [ 2B3081EED67A46F68464EEEF46593F2C ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\CUPCK9.EXE
22:29:01.0628 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\CUPCK9.EXE - ok
22:29:01.0628 2548 [ F00DA1A135FCA11D4426D9A5AB72CF0F ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
22:29:01.0628 2548 C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll - ok
22:29:01.0643 2548 [ D1B6326807D4FB1994B3AA38C20D2345 ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\AudioControl.dll
22:29:01.0643 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\AudioControl.dll - ok
22:29:01.0643 2548 [ 20F96530B774D20B8439B211A75DAAB9 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
22:29:01.0643 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll - ok
22:29:01.0643 2548 [ C2335D714EFAFFFB4C7A3C164F2024B1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
22:29:01.0643 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
22:29:01.0643 2548 [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
22:29:01.0643 2548 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
22:29:01.0643 2548 [ 1D109ED0D660654EA7FF1574558031C4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
22:29:01.0643 2548 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll - ok
22:29:01.0643 2548 [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
22:29:01.0643 2548 C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
22:29:01.0659 2548 [ 4DF1FC22D97CD905D5E046C06EE4B036 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll
22:29:01.0659 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\ea1848ec07c70f3d3c3445f4fbdae87a\System.Data.ni.dll - ok
22:29:01.0659 2548 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.1.7601.17514_none_0d584c7aa833ba19\alink.dll
22:29:01.0659 2548 C:\Windows\winsxs\x86_netfx-_vc_assembly_linker_dll_b03f5f7f11d50a3a_6.1.7601.17514_none_0d584c7aa833ba19\alink.dll - ok
22:29:01.0659 2548 [ 040CAD6E6600BCEF7A91AE9885C4158F ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
22:29:01.0659 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
22:29:01.0659 2548 [ 884258C8E81DA9D65EED846AD611CE3C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
22:29:01.0659 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll - ok
22:29:01.0659 2548 [ 4370B54FC11742DC5A88DC8602729459 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll
22:29:01.0659 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\fd4a8227569e64d657b80483da8ffe78\System.Management.ni.dll - ok
22:29:01.0659 2548 [ 1E8D1091011E1C51B44A94DE5EE89A6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
22:29:01.0659 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
22:29:01.0674 2548 [ 10307046E19C8EC964C792A798B32BB3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
22:29:01.0674 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll - ok
22:29:01.0674 2548 [ A490B22BD077D42E385581047801B6B2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll
22:29:01.0674 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll - ok
22:29:01.0674 2548 [ B9B8A6F6D8A6BD33021602D8AA88BAA1 ] C:\Windows\IP3.exe
22:29:01.0674 2548 C:\Windows\IP3.exe - ok
22:29:01.0674 2548 [ FDBA1DEC4F9BE4274A00B9B850C63484 ] C:\Windows\SysWOW64\mf.dll
22:29:01.0674 2548 C:\Windows\SysWOW64\mf.dll - ok
22:29:01.0674 2548 [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
22:29:01.0674 2548 C:\Windows\SysWOW64\Wpc.dll - ok
22:29:01.0674 2548 [ AF20DA051DE39496C098F2F33B958E94 ] C:\Windows\SysWOW64\java.exe
22:29:01.0674 2548 C:\Windows\SysWOW64\java.exe - ok
22:29:01.0690 2548 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
22:29:01.0690 2548 C:\Windows\System32\qmgr.dll - ok
22:29:01.0690 2548 [ 1F27643C4C626457FCE8F047AE1CD7E1 ] C:\Windows\SysWOW64\dxva2.dll
22:29:01.0690 2548 C:\Windows\SysWOW64\dxva2.dll - ok
22:29:01.0690 2548 [ D534F0C1E8B79AD05100BC6A17522AF8 ] C:\Windows\SysWOW64\idndl.dll
22:29:01.0690 2548 C:\Windows\SysWOW64\idndl.dll - ok
22:29:01.0690 2548 [ 565A30B70BE8A9B171839003F2D69683 ] C:\Windows\SysWOW64\hlink.dll
22:29:01.0690 2548 C:\Windows\SysWOW64\hlink.dll - ok
22:29:01.0690 2548 [ B5D4429FBBF86A05AC2E3A247E32E97F ] C:\Windows\SysWOW64\wshom.ocx
22:29:01.0690 2548 C:\Windows\SysWOW64\wshom.ocx - ok
22:29:01.0690 2548 [ EFF10B20A6F094BC75385791C526546D ] C:\Windows\SysWOW64\expsrv.dll
22:29:01.0690 2548 C:\Windows\SysWOW64\expsrv.dll - ok
22:29:01.0690 2548 [ 8E79090CB0987CA102E845341E052537 ] C:\Windows\SysWOW64\vdmdbg.dll
22:29:01.0690 2548 C:\Windows\SysWOW64\vdmdbg.dll - ok
22:29:01.0706 2548 [ 5D68F68E12B8BCD35ADE5A7B4FE5F456 ] C:\Windows\System32\wwanmm.dll
22:29:01.0706 2548 C:\Windows\System32\wwanmm.dll - ok
22:29:01.0706 2548 [ 18F02C555FBC9885DF9DB77754D6BB9B ] C:\Windows\SysWOW64\findstr.exe
22:29:01.0706 2548 C:\Windows\SysWOW64\findstr.exe - ok
22:29:01.0706 2548 [ FB798295E0483218BE8B4F6F17B5CDFE ] C:\Windows\SysWOW64\chtbrkr.dll
22:29:01.0706 2548 C:\Windows\SysWOW64\chtbrkr.dll - ok
22:29:01.0706 2548 [ 613BF4820361543956909043A265C6AC ] C:\Windows\SysWOW64\tapisrv.dll
22:29:01.0706 2548 C:\Windows\SysWOW64\tapisrv.dll - ok
22:29:01.0706 2548 [ 22A3336DD687B021E0214D1E002D2E22 ] C:\Windows\SysWOW64\DWRCW64.exe
22:29:01.0706 2548 C:\Windows\SysWOW64\DWRCW64.exe - ok
22:29:01.0706 2548 [ 9B596CA49A1576FCED41B4B0185CDDEC ] C:\Windows\System32\igfxpph.dll
22:29:01.0706 2548 C:\Windows\System32\igfxpph.dll - ok
22:29:01.0721 2548 [ BF7DDBE14FA4B68AAB6A3C78EF5C96B8 ] C:\Windows\SysWOW64\inetmib1.dll
22:29:01.0721 2548 C:\Windows\SysWOW64\inetmib1.dll - ok
22:29:01.0721 2548 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\SysWOW64\netlogon.dll
22:29:01.0721 2548 C:\Windows\SysWOW64\netlogon.dll - ok
22:29:01.0721 2548 [ 86E39E9161C3D930D93822F1563C280D ] C:\Windows\SysWOW64\D3DX9_43.dll
22:29:01.0721 2548 C:\Windows\SysWOW64\D3DX9_43.dll - ok
22:29:01.0721 2548 [ 0842FB9AC27460E2B0107F6B3A872FD5 ] C:\Windows\SysWOW64\raserver.exe
22:29:01.0721 2548 C:\Windows\SysWOW64\raserver.exe - ok
22:29:01.0721 2548 [ 06E771AA596B8761107AB57E99F128D7 ] C:\Windows\SysWOW64\cryptsvc.dll
22:29:01.0721 2548 C:\Windows\SysWOW64\cryptsvc.dll - ok
22:29:01.0721 2548 [ 027ABB12C83BC3239FC1ADE771282327 ] C:\Windows\SysWOW64\bitsprx4.dll
22:29:01.0721 2548 C:\Windows\SysWOW64\bitsprx4.dll - ok
22:29:01.0721 2548 [ 878E7E537FB94B133B4640C917E76EA7 ] C:\Windows\SysWOW64\bitsprx2.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\bitsprx2.dll - ok
22:29:01.0737 2548 [ 8480A31A479473023BD9C027EFFBB41D ] C:\Program Files\Box Sync\_ssl.pyd
22:29:01.0737 2548 C:\Program Files\Box Sync\_ssl.pyd - ok
22:29:01.0737 2548 [ 6687AF3B9617379577FFA53B84F562FC ] C:\Windows\SysWOW64\NlsData001b.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\NlsData001b.dll - ok
22:29:01.0737 2548 [ 420DB712B24607220C11FC08A9F9371C ] C:\Windows\SysWOW64\NlsData0416.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\NlsData0416.dll - ok
22:29:01.0737 2548 [ 61B33014F2D2A4F9553F6EF64FB82E31 ] C:\Windows\SysWOW64\NlsData000c.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\NlsData000c.dll - ok
22:29:01.0737 2548 [ D8F67CCCCF4DE5EBD0E1F79121AFA79E ] C:\Windows\SysWOW64\NlsData0010.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\NlsData0010.dll - ok
22:29:01.0737 2548 [ 5A72F87F75A5EA7B46DC3AD87302FE00 ] C:\Windows\SysWOW64\msjetoledb40.dll
22:29:01.0737 2548 C:\Windows\SysWOW64\msjetoledb40.dll - ok
22:29:01.0752 2548 [ 6234273C9298502899F4A06ADBB038EE ] C:\Program Files\Java\jre6\bin\ssv.dll
22:29:01.0752 2548 C:\Program Files\Java\jre6\bin\ssv.dll - ok
22:29:01.0752 2548 [ 1C9B45E87528B8BB8CFA884EA0099A85 ] C:\Windows\SysWOW64\D3DCompiler_43.dll
22:29:01.0752 2548 C:\Windows\SysWOW64\D3DCompiler_43.dll - ok
22:29:01.0752 2548 [ B9428437E0815EFCC2F5B7B321115C14 ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
22:29:01.0752 2548 C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
22:29:01.0752 2548 [ 090C7D0126C74874DC30B01F71A9EE47 ] C:\Program Files\Box Sync\pywintypes27.dll
22:29:01.0752 2548 C:\Program Files\Box Sync\pywintypes27.dll - ok
22:29:01.0752 2548 [ A7A6954E500715117B64B414AB81CB44 ] C:\Program Files (x86)\Java\jre7\bin\ssv.dll
22:29:01.0752 2548 C:\Program Files (x86)\Java\jre7\bin\ssv.dll - ok
22:29:01.0752 2548 [ 72BFF9BD70ACEBE4996EC7BEAEEBA1C7 ] C:\Program Files\Internet Explorer\IEShims.dll
22:29:01.0752 2548 C:\Program Files\Internet Explorer\IEShims.dll - ok
22:29:01.0768 2548 [ 7C95862C5A278F3738BC3A35BDFBF0A9 ] C:\Program Files (x86)\Microsoft Lync\ucaddin.dll
22:29:01.0768 2548 C:\Program Files (x86)\Microsoft Lync\ucaddin.dll - ok
22:29:01.0768 2548 [ F4B597DC5EF3B4C0306D5A032DFEB63D ] C:\Windows\System32\spool\drivers\x64\3\LXXLUI.DLL
22:29:01.0768 2548 C:\Windows\System32\spool\drivers\x64\3\LXXLUI.DLL - ok
22:29:01.0768 2548 [ 43A0AC7DBB7EE9BAF1A03472E3684275 ] C:\Program Files (x86)\Microsoft Lync\OCHelper.dll
22:29:01.0768 2548 C:\Program Files (x86)\Microsoft Lync\OCHelper.dll - ok
22:29:01.0768 2548 [ 01B36D692F6E8A71828929D50D74D47C ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\gngmb.dll
22:29:01.0768 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\gngmb.dll - ok
22:29:01.0768 2548 [ 1D6BF7C22A806DC652D2DCC1D5B07E60 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\ag7as.dll
22:29:01.0768 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\ag7as.dll - ok
22:29:01.0768 2548 [ 32E02DFD920CBE77F1978C8B0DCB3ABC ] C:\Program Files (x86)\Microsoft Lync\collabaddin.dll
22:29:01.0768 2548 C:\Program Files (x86)\Microsoft Lync\collabaddin.dll - ok
22:29:01.0784 2548 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
22:29:01.0784 2548 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
22:29:01.0784 2548 [ CCE0C659085258EEF9BB093F9A0235EF ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTAOCX.OCX
22:29:01.0784 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\WDTAOCX.OCX - ok
22:29:01.0784 2548 [ 5333741B07C9E3C7F45A9289CBB9518F ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\lprintg.dll
22:29:01.0784 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\lprintg.dll - ok
22:29:01.0784 2548 [ 18C66247EECE7EDFF3974A687A7241A1 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPguisv.ocx
22:29:01.0784 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPguisv.ocx - ok
22:29:01.0784 2548 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
22:29:01.0784 2548 C:\Windows\SysWOW64\WMASF.DLL - ok
22:29:01.0784 2548 [ 76B5A48D429D29F69485BD314B9866A6 ] C:\Windows\SysWOW64\odbcad32.exe
22:29:01.0784 2548 C:\Windows\SysWOW64\odbcad32.exe - ok
22:29:01.0799 2548 [ 44F5C1CF70AC8F7239F3B3667E58697A ] C:\Windows\SysWOW64\CertPolEng.dll
22:29:01.0799 2548 C:\Windows\SysWOW64\CertPolEng.dll - ok
22:29:01.0799 2548 [ A52F43CBED2C0B315E4EC2864391A583 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfront.dll
22:29:01.0799 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfront.dll - ok
22:29:01.0799 2548 [ D35C7F6F8265FD9A6A1C27F26F1DDB82 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\BIB.dll
22:29:01.0799 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\BIB.dll - ok
22:29:01.0799 2548 [ 73864567D09922D9DDE8923278025CC7 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\ACE.dll
22:29:01.0799 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\ACE.dll - ok
22:29:01.0799 2548 [ 6B1DD5D828BB234E1134635025AAF4AD ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapsplit.ocx
22:29:01.0799 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapsplit.ocx - ok
22:29:01.0799 2548 [ 412DA5E0E83E690F5323FC04AF809D78 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfhook.dll
22:29:01.0799 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfhook.dll - ok
22:29:01.0815 2548 [ 99F8CDBE09C58536D55C063332BA9F07 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfdraw.dll
22:29:01.0815 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapfdraw.dll - ok
22:29:01.0815 2548 [ 9891A657C9745F0A84968D7F683A9F73 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgnui.dll
22:29:01.0815 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\saplgnui.dll - ok
22:29:01.0815 2548 [ 10820B39D681276A02E51CFBC15528D7 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewtr.dll
22:29:01.0815 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewtr.dll - ok
22:29:01.0815 2548 [ CF758AC229C1F082F179B3F7D14EF78B ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll
22:29:01.0815 2548 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin4.dll - ok
22:29:01.0815 2548 [ BA2638E94FDBADA0A9377CAF82D9118B ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll
22:29:01.0815 2548 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin6.dll - ok
22:29:01.0815 2548 [ 60A2D488097BBF6A298F2E524D20226B ] C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll
22:29:01.0815 2548 C:\Program Files (x86)\QuickTime\Plugins\npqtplugin7.dll - ok
22:29:01.0830 2548 [ 4BD927E431CF424CB4A6DC1D27E25231 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapthmcust.dll
22:29:01.0830 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapthmcust.dll - ok
22:29:01.0830 2548 [ 92F44E405DB16AC55D97E3BFE3B132FA ] C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe
22:29:01.0830 2548 C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe - ok
22:29:01.0830 2548 [ 4114BD4969481F7713C188020B94BB2E ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapguirm32.dll
22:29:01.0830 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapguirm32.dll - ok
22:29:01.0830 2548 [ 4A988F76D0C221F549512CCB708C4A48 ] C:\Windows\System32\spool\drivers\x64\3\Cnp60MUI_D8E90.DLL
22:29:01.0830 2548 C:\Windows\System32\spool\drivers\x64\3\Cnp60MUI_D8E90.DLL - ok
22:29:01.0830 2548 [ 2ED95EEA3489E516FAA87FF49D29E7C8 ] C:\Program Files (x86)\Microsoft Office\Office12\WWLIB.DLL
22:29:01.0830 2548 C:\Program Files (x86)\Microsoft Office\Office12\WWLIB.DLL - ok
22:29:01.0846 2548 [ DEC1426BF15A07E4B26DC7F479EDAA60 ] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
22:29:01.0846 2548 C:\Program Files (x86)\Common Files\System\ado\msado15.dll - ok
22:29:01.0846 2548 [ 50F3F4F6FCC8759A0139FC4F2844CFBD ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLPH.DLL
22:29:01.0846 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLPH.DLL - ok
22:29:01.0846 2548 [ C8D0502F49F7163A525E39E954B19CDC ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.dll
22:29:01.0846 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.dll - ok
22:29:01.0846 2548 [ 75B59A6CC4299BA430E2BE18B1504F9C ] C:\Program Files (x86)\Microsoft Office\Office12\EXSEC32.DLL
22:29:01.0846 2548 C:\Program Files (x86)\Microsoft Office\Office12\EXSEC32.DLL - ok
22:29:01.0846 2548 [ E8749EF457F685B8919BB8398BC0EF91 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\UcAddinRes.dll
22:29:01.0846 2548 C:\Program Files (x86)\Microsoft Lync\MUI\0409\UcAddinRes.dll - ok
22:29:01.0846 2548 [ 8B077CF73E477A7D5B6330B69A09DE62 ] C:\Program Files (x86)\Microsoft Office\Office12\XLCALL32.DLL
22:29:01.0846 2548 C:\Program Files (x86)\Microsoft Office\Office12\XLCALL32.DLL - ok
22:29:01.0862 2548 [ BEF1EAD605CF791FDBB48ADD71075509 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\WWINTL.DLL
22:29:01.0862 2548 C:\Program Files (x86)\Microsoft Office\Office12\1033\WWINTL.DLL - ok
22:29:01.0862 2548 [ E54631B36DB25082B7998AE7538BA8C8 ] C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
22:29:01.0862 2548 C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
22:29:01.0862 2548 [ 18364F1FF426862074775D69415219D8 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiControls.dll
22:29:01.0862 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiControls.dll - ok
22:29:01.0862 2548 [ 4380EF35C118E071D1D5EE17F2FAF513 ] C:\Program Files (x86)\Microsoft Office\Office12\1033\OUTLLIBR.DLL
22:29:01.0862 2548 C:\Program Files (x86)\Microsoft Office\Office12\1033\OUTLLIBR.DLL - ok
22:29:01.0862 2548 [ A93419636AE5CBDCCBC466EB45AAC765 ] C:\MSOCache\All Users\microsoft.watson.watsonrc12.data\WatsonRC.dat
22:29:01.0862 2548 C:\MSOCache\All Users\microsoft.watson.watsonrc12.data\WatsonRC.dat - ok
22:29:01.0862 2548 [ CA38DF3C643EA9D46D2888BBF97C902C ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiExcelBase.dll
22:29:01.0862 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiExcelBase.dll - ok
22:29:01.0877 2548 [ 53FE2D34B143EFDB80685281E751B91C ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
22:29:01.0877 2548 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll - ok
22:29:01.0877 2548 [ 586FDC4E02623EE228EC35B9604AE5F2 ] C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
22:29:01.0877 2548 C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll - ok
22:29:01.0877 2548 [ 764C7AC49D8278A787FBE98DFD033706 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BaliRuntime.dll
22:29:01.0877 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BaliRuntime.dll - ok
22:29:01.0877 2548 [ DF7CBCD2DB89880A8A92EA134611B038 ] C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL
22:29:01.0877 2548 C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\OFFICE.DLL - ok
22:29:01.0877 2548 [ 3F56F5AE0E214ADA203C11464903F4E6 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BaliBicsImpl.dll
22:29:01.0877 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BaliBicsImpl.dll - ok
22:29:01.0877 2548 [ 89B315428170FA55544B6BF8406C5050 ] C:\Program Files (x86)\Google\Chrome\Application\plugins\npatgpc.dll
22:29:01.0877 2548 C:\Program Files (x86)\Google\Chrome\Application\plugins\npatgpc.dll - ok
22:29:01.0893 2548 [ 9B301B3FAE10015350B96B58AB24F046 ] C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
22:29:01.0893 2548 C:\Users\Pseelam\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
22:29:01.0893 2548 [ 91EAB4ED5089216952D2BD0CE07F8EF0 ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiShared07Addin.dll
22:29:01.0893 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiShared07Addin.dll - ok
22:29:01.0893 2548 [ F52634E7D7A363F2AB4AB2120E4A8ACE ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\chrome.dll
22:29:01.0893 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\chrome.dll - ok
22:29:01.0893 2548 [ 9461F39C6C954773C66C3D9AD1BE7DC2 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll
22:29:01.0893 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\chrome.dll - ok
22:29:01.0893 2548 [ BC280F34612D5B1D69503C5646D3E8AD ] C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\chrome.dll
22:29:01.0893 2548 C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.94\chrome.dll - ok
22:29:01.0908 2548 [ 8FA9A16022A664F536B616130B2EA866 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
22:29:01.0908 2548 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL - ok
22:29:01.0908 2548 [ E40C3A863DB71307198404FD9AA1BB83 ] C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
22:29:01.0908 2548 C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll - ok
22:29:01.0908 2548 [ 1769547AE86C549299FB4C3D9B9AAD0D ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
22:29:01.0908 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avformat-54.dll - ok
22:29:01.0908 2548 [ 92E76B2B0382A89E6A0C897D88065952 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll
22:29:01.0908 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.95\avformat-54.dll - ok
22:29:01.0908 2548 [ B64D8A3F75C4AB72242910D9F4BBEB75 ] C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1033\VBE6INTL.DLL
22:29:01.0908 2548 C:\Program Files (x86)\Common Files\microsoft shared\VBA\VBA6\1033\VBE6INTL.DLL - ok
22:29:01.0908 2548 [ 04A7796BDD18582F8DB198A4D2A64D96 ] C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
22:29:01.0908 2548 C:\Program Files (x86)\Google\Chrome\Application\plugins\npMozCouponPrinter.dll - ok
22:29:01.0924 2548 [ 8038D8F72DE4569A8FA2D758B50BCD2C ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Tools.Windows.dll
22:29:01.0924 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Tools.Windows.dll - ok
22:29:01.0924 2548 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\msvcp71.dll
22:29:01.0924 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\msvcp71.dll - ok
22:29:01.0924 2548 [ C80DA476BFBAD97D874A0EFE037D7113 ] C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
22:29:01.0924 2548 C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
22:29:01.0924 2548 [ EE357C17CBA7FBA222C308C132C9CB5B ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\CUPCOutlookAddIn.dll
22:29:01.0924 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\CUPCOutlookAddIn.dll - ok
22:29:01.0924 2548 [ 26A68554F95A344B62E5771AF598E0E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
22:29:01.0924 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
22:29:01.0924 2548 [ EC401349BFA64BD6232C746046AEC0B5 ] C:\Users\Pseelam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll
22:29:01.0924 2548 C:\Users\Pseelam\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll - ok
22:29:01.0940 2548 [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
22:29:01.0940 2548 C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
22:29:01.0940 2548 [ 2291D1FABC087E43D4122CACE1CA30F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
22:29:01.0940 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll - ok
22:29:01.0940 2548 [ 4A9249F1A654D243616C165FB1160840 ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\resources\1033\UnifiedClientRes.dll
22:29:01.0940 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\resources\1033\UnifiedClientRes.dll - ok
22:29:01.0940 2548 [ FAB18E11587305BF8039EA6F8F731207 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
22:29:01.0940 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll - ok
22:29:01.0940 2548 [ A3B86764F7D698995CFDF09D4A7E69A6 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll
22:29:01.0940 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\2ec98ab0193d64e95b7d09d094deed97\Accessibility.ni.dll - ok
22:29:01.0955 2548 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.1.7601.17514_none_fdc97e3a8e85f7b2\cscomp.dll
22:29:01.0955 2548 C:\Windows\winsxs\x86_netfx-csharp_compiler_cscomp_b03f5f7f11d50a3a_6.1.7601.17514_none_fdc97e3a8e85f7b2\cscomp.dll - ok
22:29:01.0955 2548 [ A30331358FA33B3C7FDB972D802F57C4 ] C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll
22:29:01.0955 2548 C:\Windows\assembly\GAC\Microsoft.Office.Interop.Excel\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Excel.dll - ok
22:29:01.0955 2548 [ 3B919CBDDE7AE3376ED296839846C3DD ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
22:29:01.0955 2548 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll - ok
22:29:01.0955 2548 [ 5C62BA3A0FEE2D763BB79F858204D09D ] C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
22:29:01.0955 2548 C:\Windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll - ok
22:29:01.0955 2548 [ 4E1C01D224EB450CA5103A2F959B75FF ] C:\Users\Pseelam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\npccch32.dll
22:29:01.0955 2548 C:\Users\Pseelam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\npccch32.dll - ok
22:29:01.0955 2548 [ 127AA81343A7C6F665C22CB1293B0A90 ] C:\Windows\splwow64.exe
22:29:01.0955 2548 C:\Windows\splwow64.exe - ok
22:29:01.0971 2548 [ F774DB03213C2014363DE8D22DD6BBEF ] C:\Windows\SysWOW64\msjtes40.dll
22:29:01.0971 2548 C:\Windows\SysWOW64\msjtes40.dll - ok
22:29:01.0971 2548 [ 629F13492DC755182771C0C0E2238006 ] C:\Windows\SysWOW64\librfc32.dll
22:29:01.0971 2548 C:\Windows\SysWOW64\librfc32.dll - ok
22:29:01.0971 2548 [ 73D1680C94C1B57F6D8E49B2AE8122ED ] C:\Windows\SysWOW64\vbajet32.dll
22:29:01.0971 2548 C:\Windows\SysWOW64\vbajet32.dll - ok
22:29:01.0971 2548 [ CCCD41DB1BFEF9FE46E4AEBBCA7699B4 ] C:\Windows\SysWOW64\NlsData000a.dll
22:29:01.0971 2548 C:\Windows\SysWOW64\NlsData000a.dll - ok
22:29:01.0971 2548 [ BA4E1A60BD20CA7978C76D79F19E37F0 ] C:\Windows\SysWOW64\DisplaySwitch.exe
22:29:01.0971 2548 C:\Windows\SysWOW64\DisplaySwitch.exe - ok
22:29:01.0971 2548 [ 254EEFA92A3438879E2A80BD76B0378F ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
22:29:01.0971 2548 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
22:29:01.0986 2548 [ CF96AE49A34CE525D735A2666FF53CD6 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
22:29:01.0986 2548 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
22:29:01.0986 2548 [ 0C38B472660CA061CE825EAC143FA47C ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcx.dll
22:29:01.0986 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPfewcx.dll - ok
22:29:01.0986 2548 [ AD8580BAD775E3DF6D983382B8E19DB0 ] C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapdpcts.ocx
22:29:01.0986 2548 C:\Program Files (x86)\SAP\FrontEnd\SAPgui\sapdpcts.ocx - ok
22:29:01.0986 2548 [ 8DF4C5F7269124FEE95304DD74F1A2AE ] C:\Program Files (x86)\Kutools for Excel\KTELoader32.dll
22:29:01.0986 2548 C:\Program Files (x86)\Kutools for Excel\KTELoader32.dll - ok
22:29:01.0986 2548 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
22:29:01.0986 2548 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
22:29:01.0986 2548 [ 877E890AA84FB4C06075A11714B743C6 ] C:\Program Files (x86)\Microsoft Office\Office12\OUTLMIME.DLL
22:29:01.0986 2548 C:\Program Files (x86)\Microsoft Office\Office12\OUTLMIME.DLL - ok
22:29:02.0002 2548 [ 19BC9EB77D3906282705E7B59C8210AB ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiManAggr07.dll
22:29:02.0002 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\BiManAggr07.dll - ok
22:29:02.0002 2548 [ 8C6E442DE4C5D7E3F3A8DFF646EB058E ] C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\mp4ol6d0.dll
22:29:02.0002 2548 C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\mp4ol6d0.dll - ok
22:29:02.0002 2548 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
22:29:02.0002 2548 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
22:29:02.0002 2548 [ BF3E77197E270EC5E60E4D0B0B599E04 ] C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
22:29:02.0002 2548 C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\avutil-51.dll - ok
22:29:02.0002 2548 [ 8A3BA48B5BE893E1D81BFAC17A3C1B1F ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
22:29:02.0002 2548 C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
22:29:02.0018 2548 [ D4271593C26F4B01AEA4104B77B4A83B ] C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Shared.Base.dll
22:29:02.0018 2548 C:\Program Files (x86)\SAP BusinessObjects\Analysis\Syncfusion.Shared.Base.dll - ok
22:29:02.0018 2548 [ E14E1EA267B4F39F713B65A57CE859BF ] C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\resources\1033\CUPCOutlookAddInRes.dll
22:29:02.0018 2548 C:\Program Files (x86)\Cisco Systems\Cisco Unified Personal Communicator\resources\1033\CUPCOutlookAddInRes.dll - ok
22:29:02.0018 2548 [ 67D98F9B2421E9F4AB2F5BB91D49D6F8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Newtonsoft.Json.Net#\04e882e8afe5cfdbb5ed6f56ecaac2f8\Newtonsoft.Json.Net20.ni.dll
22:29:02.0018 2548 C:\Windows\assembly\NativeImages_v2.0.50727_64\Newtonsoft.Json.Net#\04e882e8afe5cfdbb5ed6f56ecaac2f8\Newtonsoft.Json.Net20.ni.dll - ok
22:29:02.0018 2548 [ 1570F1E976E042C833F736E3CFE03D96 ] C:\Users\Pseelam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\npqscan.dll
22:29:02.0018 2548 C:\Users\Pseelam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\npqscan.dll - ok
22:29:02.0018 2548 [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
22:29:02.0018 2548 C:\Windows\System32\VSSVC.exe - ok
22:29:02.0018 2548 ============================================================
22:29:02.0018 2548 Scan finished
22:29:02.0018 2548 ============================================================
22:29:02.0033 3240 Detected object count: 3
22:29:02.0033 3240 Actual detected object count: 3
22:30:42.0607 3240 #UpdateService ( UnsignedFile.Multi.Generic ) - skipped by user
22:30:42.0607 3240 #UpdateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:30:42.0607 3240 Cwbrxd ( UnsignedFile.Multi.Generic ) - skipped by user
22:30:42.0607 3240 Cwbrxd ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:30:42.0607 3240 Multi-user Cleanup Service ( UnsignedFile.Multi.Generic ) - skipped by user
22:30:42.0607 3240 Multi-user Cleanup Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:30:44.0807 1332 Deinitialize success
[/size][/size]

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 12 December 2012 - 12:03 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache:: 

File::
C:\Users\Pseelam\Downloads\Lotto Books, Lotto Programs and bunch of Poker and Blackjack Books\Lottery Programs\Lotto.Pro.2009.v7.50.Cracked-DJiNN\Crack\lotpro2000.exe


Folder::
c:\users\Pseelam\AppData\Roaming\SpeedyPC Software
c:\users\Pseelam\AppData\Roaming\DriverCure
c:\programdata\SpeedyPC Software

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 pkseelam

pkseelam
  • Topic Starter

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:01:04 PM

Posted 12 December 2012 - 01:19 AM

Below is the combofix log. Like I had before, I again had problem with Combofix stalling. I restarted and it went through. Still see the btsearch redirection :-(

ComboFix 12-12-10.01 - pseelam 12/12/2012 0:38.7.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8073.5878 [GMT -5:00]
Running from: c:\users\Pseelam\Desktop\bc\New folder\ComboFix.exe
Command switches used :: c:\users\Pseelam\Desktop\bc\New folder\CFScript.txt
AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Pseelam\Downloads\Lotto Books, Lotto Programs and bunch of Poker and Blackjack Books\Lottery Programs\Lotto.Pro.2009.v7.50.Cracked-DJiNN\Crack\lotpro2000.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SpeedyPC Software
c:\users\Pseelam\AppData\Roaming\DriverCure
c:\users\Pseelam\AppData\Roaming\DriverCure\LogFile.txt
c:\users\Pseelam\AppData\Roaming\SpeedyPC Software
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-12 05:47 . 2012-12-12 05:47 -------- d-----w- c:\users\deploy\AppData\Local\temp
2012-12-12 05:47 . 2012-12-12 05:47 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-12 05:47 . 2012-12-12 05:47 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2012-12-12 02:33 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{66438C09-7E9B-4E0A-83E6-287CA033DC9A}\mpengine.dll
2012-12-11 18:11 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C3499AA1-3B03-4703-B53A-CD57D7919614}\gapaengine.dll
2012-12-11 14:25 . 2012-11-19 06:01 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-10 05:13 . 2012-12-10 05:13 -------- d-----w- c:\program files (x86)\Photo to Cartoon
2012-12-06 01:44 . 2012-12-06 01:44 -------- d-----w- c:\users\Pseelam\AppData\Roaming\OfficeTab
2012-11-29 02:48 . 2012-11-29 02:48 -------- d-----w- c:\users\Pseelam\Lync Recordings
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync Information Dashboard
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\ConversationTranslator
2012-11-28 21:29 . 2012-11-28 21:29 -------- d-----w- c:\programdata\Applications
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:29 -------- d-----w- c:\program files (x86)\Microsoft Lync
2012-11-28 21:28 . 2012-11-28 21:28 -------- d-----w- c:\program files (x86)\OCSetup
2012-11-28 20:35 . 2012-10-23 11:04 972264 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-28 19:14 . 2012-11-28 19:14 -------- d-----w- c:\users\Pseelam\AppData\Roaming\SUPERAntiSpyware.com
2012-11-28 19:13 . 2012-11-28 19:14 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-11-28 19:13 . 2012-11-28 19:13 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-11-28 17:15 . 2012-11-28 17:15 -------- d-----w- c:\users\Pseelam\AppData\Roaming\Anvisoft
2012-11-28 17:10 . 2012-11-07 07:16 17232 ----a-w- c:\windows\system32\drivers\asdws.sys
2012-11-28 17:10 . 2012-11-07 07:16 23376 ----a-w- c:\windows\system32\drivers\asdrs.sys
2012-11-28 17:10 . 2012-11-07 07:16 18768 ----a-w- c:\windows\system32\drivers\asdrm.sys
2012-11-28 17:10 . 2012-11-28 17:10 -------- d-----w- c:\programdata\Anvisoft
2012-11-28 17:10 . 2012-11-28 19:14 -------- d-----w- c:\program files (x86)\Anvi Smart Defender
2012-11-28 17:00 . 2012-11-28 17:00 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\users\Pseelam\AppData\Local\Evernote
2012-11-20 16:12 . 2012-11-20 16:12 -------- d-----w- c:\program files (x86)\Evernote
2012-11-19 15:42 . 2012-11-19 15:48 -------- d-----w- c:\programdata\Licenses
2012-11-19 15:42 . 2012-11-19 15:42 -------- d-----w- c:\program files (x86)\Kutools for Excel
2012-11-19 15:28 . 2012-11-19 15:28 231376 ----a-w- c:\windows\system32\drivers\truecrypt.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-06 04:40 . 2012-11-10 02:08 112640 ----a-w- c:\windows\SysWow64\ff_vfw.dll
2012-11-06 04:39 . 2012-11-10 02:08 47616 ----a-w- c:\windows\SysWow64\ff_acm.acm
2012-10-12 14:17 . 2012-06-29 19:04 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-12 14:17 . 2012-03-20 02:09 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-29 23:54 . 2012-05-21 00:25 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-25 03:16 . 2012-10-20 15:04 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-09-19 14:02 . 2012-09-19 14:02 102368 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2012-09-19 14:02 . 2012-09-19 14:02 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2012-09-17 20:50 . 2012-06-30 23:09 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-09-17 20:50 . 2012-02-10 03:07 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
2012-11-06 17:56 446464 ----a-w- c:\progra~2\YOUTUB~1\YouTube Downloader.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{031afb00-725a-4ede-9d27-a2b5fac89e9a}"= "c:\progra~2\YOUTUB~1\YouTube Downloader.dll" [2012-11-06 446464]
.
[HKEY_CLASSES_ROOT\clsid\{031afb00-725a-4ede-9d27-a2b5fac89e9a}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD.1]
[HKEY_CLASSES_ROOT\TypeLib\{942926A2-CC3B-4970-9AD6-D9056D197CE6}]
[HKEY_CLASSES_ROOT\ToolBarMFC.DeskBandImplD]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="c:\users\Pseelam\AppData\Roaming\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Client Access Service"="c:\program files (x86)\IBM\Client Access\cwbsvstr.exe" [2010-04-12 14848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2012-03-28 309184]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-19 421888]
"Everything"="c:\program files (x86)\Everything\Everything.exe" [2009-03-13 602624]
"YouTube Downloader_Helper"="c:\program files (x86)\YouTube Downloader\YouTube Downloader_Helper.exe" [2012-11-06 1434112]
"Anvi Smart Defender"="c:\program files (x86)\Anvi Smart Defender\ASDTray.exe" [2012-11-15 1437464]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2010-10-22 11937552]
"DameWare MRC Agent"="c:\windows\SysWOW64\DWRCST.exe" [2010-08-06 85528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Microsoft Security Client"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
c:\users\Pseelam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-10-26 1017184]
Kid-Key-Lock.lnk - c:\program files (x86)\kidkeylock\bin\kidkeylock.exe [2012-11-11 1773568]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Online plug-in.lnk - c:\windows\Installer\{913778D3-E1D8-4B55-9246-3308C54D3162}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe [2012-6-18 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"disablecad"= 1 (0x1)
"LogonType"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
"DontSetAutoplayCheckbox"= 1 (0x1)
"NoPublishingWizard"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u msoidssp livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Accelern.sys [2012-02-08 43888]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-31 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-13 368896]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7x64.sys [2012-02-08 74984]
R3 PCTINDIS5X64;PCTINDIS5X64 NDIS Protocol Driver;c:\windows\system32\PCTINDIS5X64.SYS [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-03-31 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 asdrm;asdrm;c:\windows\system32\DRIVERS\asdrm.sys [2012-11-07 18768]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2012-03-19 89536]
S1 dwvkbd;DameWare Virtual Keyboard 64 bit Driver;c:\windows\system32\DRIVERS\dwvkbd64.sys [2007-02-15 30720]
S1 nm3;Microsoft Network Monitor 3 Driver;c:\windows\system32\DRIVERS\nm3.sys [2010-06-09 46392]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-08-18 8704]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2012-02-08 89600]
S2 asdrs;AntiMalware Host-based Intrusion Prevention System;c:\windows\system32\DRIVERS\asdrs.sys [2012-11-07 23376]
S2 asdsrv;Anvi Smart Defender Realtime Guard Service;c:\program files (x86)\Anvi Smart Defender\ASDSrv.exe [2012-11-15 701720]
S2 asdws;AnviSmartDefender Web Guard;c:\windows\system32\DRIVERS\asdws.sys [2012-11-07 17232]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 Jasmio.MediaCenter.Service;Media Center Support Service;c:\program files (x86)\Jasmio\Media Center Support Service\Jasmio.MediaCenter.Service.exe [2009-11-10 73144]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-29 399432]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-29 676936]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2011-02-23 2061728]
S2 PfFilter;PfFilter;c:\program files (x86)\Protected Folder\pffilter.sys [2012-01-09 36792]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys [2012-02-08 292864]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2012-02-08 38440]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2012-06-25 52320]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2012-02-08 317440]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-29 25928]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\DRIVERS\O2MDFw7x64.sys [2012-02-08 72808]
S3 O2SDJRDR;O2SDJRDR;c:\windows\system32\DRIVERS\o2sdjw7x64.sys [2012-02-08 83560]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-29 14:17]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-08 16:33]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514Core.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3794533371-686513829-2852450909-76514UA.job
- c:\users\Pseelam\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2011-06-20 608112]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-02-08 1128448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-08 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-08 391960]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-08 419096]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-13 1289704]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://btsearch.name
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: cloudapp.net\ConversationTranslator
Trusted Zone: crmondemand.com
Trusted Zone: dawnfoods.com
Trusted Zone: dawnfoods.com\teamsites
Trusted Zone: dell.com
Trusted Zone: dell.com\*.support
Trusted Zone: mastercard.com\sdol
Trusted Zone: microsoft.com
Trusted Zone: millerheiman.com
Trusted Zone: msu.edu\login
Trusted Zone: mysap.com\tcs
Trusted Zone: oracle.com
Trusted Zone: oracleoutsourcing.com
Trusted Zone: saleswebserver.net
Trusted Zone: sap-ag.de
Trusted Zone: sap-ag.de\websmp101
Trusted Zone: sap.com\mywts
Trusted Zone: sap.com\mywtstrainingphl
Trusted Zone: timelogweb
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-94543776.sys
WebBrowser-{031AFB00-725A-4EDE-9D27-A2B5FAC89E9A} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,38,12,11,7f,11,
d0,78,5b,08,05,de,bb,01,03,dd,4c,30,54
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-12 00:49:59
ComboFix-quarantined-files.txt 2012-12-12 05:49
ComboFix2.txt 2012-12-12 02:25
ComboFix3.txt 2012-11-30 05:03
.
Pre-Run: 257,735,057,408 bytes free
Post-Run: 257,820,954,624 bytes free
.
- - End Of File - - 2118AB9962F07B31520699C1E70C9E33

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:02:04 PM

Posted 12 December 2012 - 01:52 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users