Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't turn on Windows Security Center Service, Microsoft Security Essentials is also off


  • This topic is locked This topic is locked
21 replies to this topic

#1 digvoo

digvoo

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 19 December 2012 - 08:10 AM

Problems:
While googling it redirects me to sites -
"http://directagain.net/in.php?source=7777&q=&suid=1101&rnd=3xz%2B1mgzFz9AZ7RtJ0%2Bx2w%3D%3D"
and
"http://www.ihavenet.com/?search=&n=1355828587"
(there are some more redirections, but at the moment these are the most frequent)
After copying "http://www.ihavenet.com/" from address bar or search bar it pastes "google.com" (I'm using Firefox atm).

Bigger problems:
Microsoft Security Essentials starts only for the moment on the boot-up and after that is gone.
I can't turn on Windows Security Center Service.

I tried:
Starting WSCS from services.msc and setting it to "Automatic (Delayed)" and after restarting PC..same.
Reinstalling MSE didn't work.
I used CCleaner. And please tell me is cleanpcguide.com valid site?
Did the scan with AdwCleaner and deleted all the threats.
Did the scan with Malwarebytes Anti-Malware and deleted all the threats.
Did the scan with TDSSKiller and deleted all the threats.
I've made "Windows Defender Offline" Bootable USB and did the scan. It only found keygen that I've never used. Deleted it.

I did a little "house cleaning" (nice, yeah) but the problem is still there!

If someone have an idea what's the problem, please help. Thanks in advance.
Sorry for this big post, and I appreciate for you time.

BC AdBot (Login to Remove)

 


#2 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 19 December 2012 - 07:46 PM

[delete this post]

Edited by digvoo, 19 December 2012 - 08:19 PM.


#3 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 19 December 2012 - 08:18 PM

Ok, I've read Forum Guidelines and here is the DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_37
Run by Dusan at 2:12:04 on 2012-12-20
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4077.2393 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\ModLEDKey.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Last.fm\LastFM.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: ToolbarBHO Class: {9519AF7E-638D-4933-BAD6-D33D23C79FE5} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: RAW Thumbnail Viewer: {F301665A-12F8-4331-804A-5BCBD379668C} - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\EXIFToolBar.dll
uRun: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [AdobeBridge] <no file>
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
StartupFolder: C:\Users\Dusan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Dusan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\Users\Dusan\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Winamp.lnk - C:\Program Files (x86)\Winamp\winamp.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\THEJOU~1.LNK - C:\Program Files (x86)\DavidRM Software\The Journal 4\Journal4.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Read EXIF - C:\Program Files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
TCP: NameServer = 89.216.1.30 192.168.0.1
TCP: Interfaces\{BB2EA79C-78E8-4706-95D7-38A79FB27C97} : DHCPNameServer = 89.216.1.30 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\y3w8rehd.default\
FF - component: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn\components\WCFirefox3Extn.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-25 22:56; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
============= SERVICES / DRIVERS ===============
.
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-9-22 283200]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2012-1-24 21992]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-10-15 2656280]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-7-12 32344]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-10-15 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 DbusAudio;DbusAudio;C:\Windows\System32\drivers\DbusAudio.sys [2012-10-12 34088]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\Windows\System32\drivers\ManyCam_x64.sys [2008-3-13 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-17 19456]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2012-11-15 40712]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2012-12-17 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-12-17 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-17 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
.
=============== Created Last 30 ================
.
2012-12-19 21:39:28 -------- d-----w- C:\Users\Dusan\AppData\Roaming\SUPERAntiSpyware.com
2012-12-19 21:39:23 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2012-12-19 21:39:23 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2012-12-19 09:36:04 -------- d-----w- C:\Windows\Microsoft Antimalware
2012-12-18 19:10:26 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-12-18 19:10:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-12-18 11:53:44 -------- d-----w- C:\Users\Dusan\AppData\Roaming\Malwarebytes
2012-12-18 11:53:32 -------- d-----w- C:\ProgramData\Malwarebytes
2012-12-18 00:26:53 -------- d-----w- C:\Program Files (x86)\Enigma Software Group
2012-12-18 00:24:39 -------- d-----w- C:\Windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2012-12-18 00:13:48 -------- d-----w- C:\Windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-17 23:24:35 -------- d-----w- C:\Users\Dusan\AppData\Roaming\SpeedyPC Software
2012-12-17 23:24:35 -------- d-----w- C:\Users\Dusan\AppData\Roaming\DriverCure
2012-12-17 23:24:21 -------- d-----w- C:\ProgramData\SpeedyPC Software
2012-12-17 21:31:05 9728 ----a-w- C:\Windows\System32\Wdfres.dll
2012-12-17 21:31:05 785512 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys
2012-12-17 21:31:05 54376 ----a-w- C:\Windows\System32\drivers\WdfLdr.sys
2012-12-17 21:31:05 2560 ----a-w- C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2012-12-17 21:29:01 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-12-17 21:27:15 751104 ----a-w- C:\Windows\System32\win32spl.dll
2012-12-17 21:27:15 559104 ----a-w- C:\Windows\System32\spoolsv.exe
2012-12-17 21:27:15 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
2012-12-17 21:27:14 67072 ----a-w- C:\Windows\splwow64.exe
2012-12-13 13:30:28 5955856 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-12-12 16:39:08 110592 --sha-r- C:\Windows\SysWow64\drtprov1.dll
2012-12-05 23:07:49 96224 ----a-w- C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
.
==================== Find3M ====================
.
2012-12-17 23:56:30 6656 ----a-w- C:\Windows\System32\lpcio.dll
2012-11-22 03:26:40 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-15 01:38:20 40712 ----a-w- C:\Windows\System32\drivers\taphss6.sys
2012-11-15 01:33:20 42248 ----a-w- C:\Windows\System32\drivers\hssdrv6.sys
2012-11-14 06:11:44 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-11-13 14:00:49 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-13 14:00:49 697272 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-11-09 05:45:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-11-09 04:42:49 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-11-05 21:35:16 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-11-05 20:41:32 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-11-05 20:32:16 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-11-05 20:32:09 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-11-02 05:59:11 478208 ----a-w- C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31 376832 ----a-w- C:\Windows\SysWow64\dpnet.dll
2012-10-16 08:38:37 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52 561664 ----a-w- C:\Windows\apppatch\AcLayers.dll
2012-10-10 20:22:54 2428776 ----a-w- C:\Windows\SysWow64\nvapi.dll
2012-10-10 20:22:52 26331496 ----a-w- C:\Windows\System32\nvoglv64.dll
2012-10-10 20:22:52 1760104 ----a-w- C:\Windows\System32\nvdispco64.dll
2012-10-10 20:22:32 15309160 ----a-w- C:\Windows\SysWow64\nvd3dum.dll
2012-10-10 20:22:26 2747240 ----a-w- C:\Windows\System32\nvcuvid.dll
2012-10-10 20:22:24 19906920 ----a-w- C:\Windows\SysWow64\nvoglv32.dll
2012-10-10 20:22:18 13443944 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2012-10-10 20:22:14 17559912 ----a-w- C:\Windows\SysWow64\nvcompiler.dll
2012-10-09 18:17:13 55296 ----a-w- C:\Windows\System32\dhcpcsvc6.dll
2012-10-09 18:17:13 226816 ----a-w- C:\Windows\System32\dhcpcore6.dll
2012-10-09 17:40:31 44032 ----a-w- C:\Windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40:31 193536 ----a-w- C:\Windows\SysWow64\dhcpcore6.dll
2012-10-04 17:46:16 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-10-04 17:46:15 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-10-04 17:46:15 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-10-04 17:45:55 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-10-04 17:43:28 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-10-04 17:41:16 424960 ----a-w- C:\Windows\System32\KernelBase.dll
2012-10-04 16:47:41 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-10-04 16:47:41 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-10-04 15:21:55 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-10-04 14:46:46 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-10-04 14:46:46 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-10-04 14:46:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-10-04 14:46:43 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-10-04 14:41:50 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-10-03 17:56:54 1914248 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-10-03 17:44:21 70656 ----a-w- C:\Windows\System32\nlaapi.dll
2012-10-03 17:44:21 303104 ----a-w- C:\Windows\System32\nlasvc.dll
2012-10-03 17:44:17 246272 ----a-w- C:\Windows\System32\netcorehc.dll
2012-10-03 17:44:17 18944 ----a-w- C:\Windows\System32\netevent.dll
2012-10-03 17:44:16 216576 ----a-w- C:\Windows\System32\ncsi.dll
2012-10-03 17:42:16 569344 ----a-w- C:\Windows\System32\iphlpsvc.dll
2012-10-03 16:42:24 18944 ----a-w- C:\Windows\SysWow64\netevent.dll
2012-10-03 16:42:24 175104 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2012-10-03 16:42:23 156672 ----a-w- C:\Windows\SysWow64\ncsi.dll
2012-10-03 16:07:26 45568 ----a-w- C:\Windows\System32\drivers\tcpipreg.sys
2012-09-25 22:47:43 78336 ----a-w- C:\Windows\SysWow64\synceng.dll
2012-09-25 22:46:17 95744 ----a-w- C:\Windows\System32\synceng.dll
2012-09-24 13:32:24 477168 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2012-09-24 13:32:20 473072 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-09-22 16:39:37 283200 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
.
============= FINISH: 2:12:30.69 ===============

I've attached Attach.txt.

Attached Files



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 19 December 2012 - 10:35 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 20 December 2012 - 04:31 PM

Hello Gringo, I'm glad for your response and looking forward to solving this problem. :)

Checked all the NOTE: lines.

As requested:

-Security Check-

Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.65.0.1400
Java™ 6 Update 37
Java version out of Date!
Adobe Flash Player 11.5.502.110
Mozilla Firefox (17.0.1)
Mozilla Thunderbird (17.0.)
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````


My comment: I can't open Microsoft Security Essentials.


-AdwCleaner-

# AdwCleaner v2.101 - Logfile created 12/20/2012 at 22:10:33
# Updated 16/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Dusan - DUSAN-PC
# Boot Mode : Normal
# Running from : C:\Users\Dusan\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

Profile name : default
File : C:\Users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\y3w8rehd.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\edewhr39.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Dusan\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [979 octets] - [20/12/2012 22:10:33]

########## EOF - C:\AdwCleaner[S1].txt - [1038 octets] ##########


--RogueKiller--

RogueKiller V8.4.0 [Dec 20 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Dusan [Admin rights]
Mode : Remove -- Date : 12/20/2012 22:23:55

¤¤¤ Bad processes : 2 ¤¤¤
[SUSP PATH] UnsignedThemesSvc.exe -- C:\Windows\UnsignedThemesSvc.exe -> KILLED [TermProc]
[SUSP PATH] ModLEDKey.exe -- C:\Windows\ModLEDKey.exe -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[TASK][SUSP PATH] MODLED : C:\Windows\ModLEDKey.exe -> DELETED
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ SMENU] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST31000524AS ATA Device +++++
--- User ---
[MBR] bc59d4f5c29b81bafbcdd7a994959514
[BSP] ab0b2233792f88e4aa48426f110aa7e8 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 307099 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 629153595 | Size: 646663 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_12202012_02d2223.txt >>
RKreport[1]_S_12202012_02d2223.txt ; RKreport[2]_D_12202012_02d2223.txt

#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 20 December 2012 - 05:39 PM

Hello digvoo

I Would like you to do the following.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 20 December 2012 - 08:19 PM

Here is the content of the log:

ComboFix 12-12-20.02 - Dusan 21-Dec-12 1:34.1.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4077.2596 [GMT 1:00]
Running from: c:\users\Dusan\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Dusan\AppData\Roaming\.#
c:\users\Dusan\AppData\Roaming\.#\MBX@A94@661B38.###
c:\windows\7Loader.TAG
.
----- File Replicators -----
.
c:\program files (x86)\Git\bin\git.exe
c:\program files (x86)\Git\libexec\git-core\git-add.exe
c:\program files (x86)\Git\libexec\git-core\git-annotate.exe
c:\program files (x86)\Git\libexec\git-core\git-apply.exe
c:\program files (x86)\Git\libexec\git-core\git-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\Git\libexec\git-core\git-blame.exe
c:\program files (x86)\Git\libexec\git-core\git-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-bundle.exe
c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe
c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry.exe
c:\program files (x86)\Git\libexec\git-core\git-clean.exe
c:\program files (x86)\Git\libexec\git-core\git-clone.exe
c:\program files (x86)\Git\libexec\git-core\git-column.exe
c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-commit.exe
c:\program files (x86)\Git\libexec\git-core\git-config.exe
c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-credential.exe
c:\program files (x86)\Git\libexec\git-core\git-describe.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-diff.exe
c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch.exe
c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck.exe
c:\program files (x86)\Git\libexec\git-core\git-gc.exe
c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\Git\libexec\git-core\git-grep.exe
c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe
c:\program files (x86)\Git\libexec\git-core\git-help.exe
c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-init-db.exe
c:\program files (x86)\Git\libexec\git-core\git-init.exe
c:\program files (x86)\Git\libexec\git-core\git-log.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge.exe
c:\program files (x86)\Git\libexec\git-core\git-mktag.exe
c:\program files (x86)\Git\libexec\git-core\git-mktree.exe
c:\program files (x86)\Git\libexec\git-core\git-mv.exe
c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe
c:\program files (x86)\Git\libexec\git-core\git-notes.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe
c:\program files (x86)\Git\libexec\git-core\git-peek-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\Git\libexec\git-core\git-prune.exe
c:\program files (x86)\Git\libexec\git-core\git-push.exe
c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-reflog.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\Git\libexec\git-core\git-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-replace.exe
c:\program files (x86)\Git\libexec\git-core\git-repo-config.exe
c:\program files (x86)\Git\libexec\git-core\git-rerere.exe
c:\program files (x86)\Git\libexec\git-core\git-reset.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\Git\libexec\git-core\git-revert.exe
c:\program files (x86)\Git\libexec\git-core\git-rm.exe
c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe
c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-show.exe
c:\program files (x86)\Git\libexec\git-core\git-stage.exe
c:\program files (x86)\Git\libexec\git-core\git-status.exe
c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe
c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-tar-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-update-index.exe
c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-var.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe
c:\program files (x86)\Git\libexec\git-core\git.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 00:39 . 2012-12-21 00:39 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-21 00:24 . 2012-12-21 00:24 -------- d-----w- c:\windows\PCHEALTH
2012-12-20 19:57 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-12-20 19:57 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-12-20 19:57 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-12-20 19:57 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-12-20 19:57 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2012-12-20 19:57 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-12-20 19:57 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-12-20 19:57 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-12-20 19:57 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-12-20 19:57 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-12-20 19:57 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2012-12-20 19:49 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 19:49 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 19:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 19:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-20 14:42 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-12-20 14:42 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-12-20 14:42 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-12-20 14:42 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-12-20 14:42 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-12-20 14:42 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-12-20 14:42 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-12-20 12:44 . 2012-12-20 10:57 -------- d-----w- c:\windows\Panther
2012-12-20 12:34 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-20 12:34 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-20 12:34 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-20 12:34 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-20 12:33 . 2012-12-20 04:22 -------- d-----w- C:\$WINDOWS.~Q
2012-12-20 12:32 . 2012-11-28 14:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-20 12:28 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-20 12:28 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-20 12:28 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-20 12:28 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-20 12:28 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-20 12:28 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-20 12:28 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-20 12:28 . 2012-12-20 12:30 -------- d-----w- C:\$INPLACE.~TR
2012-12-20 12:27 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-20 12:27 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-20 12:27 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-20 12:27 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-20 12:27 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-20 11:37 . 2012-12-20 11:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-20 11:37 . 2012-09-07 16:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-20 11:25 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-12-20 11:25 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2012-12-20 11:25 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-12-20 11:25 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-12-20 11:25 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-12-20 11:25 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-12-20 11:25 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-12-20 11:25 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-12-20 11:25 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-12-20 11:25 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-12-20 11:23 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-12-20 11:23 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-12-20 11:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-12-20 11:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-12-20 11:21 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2012-12-20 11:20 . 2012-10-04 17:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-20 11:19 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-12-20 11:18 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-12-20 11:17 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-12-20 11:17 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-12-20 04:40 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-12-20 04:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-12-20 04:40 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-12-20 04:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-20 04:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-20 04:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-12-20 04:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-12-20 04:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-12-20 04:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-12-20 04:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-12-20 04:36 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-20 04:36 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-12-20 04:12 . 2012-12-20 04:12 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-12-20 04:12 . 2012-12-20 04:12 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-12-20 03:49 . 2012-12-20 10:57 -------- d-----w- c:\users\Dusan
2012-12-20 03:49 . 2012-12-20 04:34 -------- d-----w- c:\users\UpdatusUser
2012-12-20 03:49 . 2012-12-20 04:07 -------- d-----w- c:\users\Administrator
2012-12-20 03:48 . 2012-12-21 00:28 -------- d-----w- c:\programdata\NVIDIA
2012-12-20 03:48 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-20 03:48 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-20 03:48 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-20 03:48 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-20 03:48 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-20 03:48 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-20 03:48 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\program files\Realtek
2012-12-20 02:42 . 2012-12-20 03:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-12-20 02:42 . 2012-12-20 03:52 -------- d-----w- c:\program files\Microsoft Silverlight
2012-12-20 01:50 . 2012-12-20 03:51 -------- d-----w- c:\program files\7-Zip
2012-12-19 21:39 . 2012-12-20 04:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-12-19 21:39 . 2012-12-20 03:52 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-12-19 09:36 . 2012-12-20 04:00 -------- d-----w- c:\windows\Microsoft Antimalware
2012-12-18 11:53 . 2012-12-20 03:59 -------- d-----w- c:\programdata\Malwarebytes
2012-12-18 00:26 . 2012-12-20 03:54 -------- d-----w- c:\program files (x86)\Enigma Software Group
2012-12-18 00:24 . 2012-12-20 04:00 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2012-12-18 00:13 . 2012-12-20 04:00 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-17 23:24 . 2012-12-20 04:00 -------- d-----w- c:\programdata\SpeedyPC Software
2012-12-12 16:39 . 2012-12-12 16:39 110592 --sha-r- c:\windows\SysWow64\drtprov1.dll
2012-11-28 19:15 . 2012-12-20 03:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 11:00 . 2012-09-22 16:39 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-17 23:56 . 2011-10-15 12:56 6656 ----a-w- c:\windows\system32\lpcio.dll
2012-11-15 01:38 . 2012-11-15 01:38 40712 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-15 01:33 . 2012-11-15 01:33 42248 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-11-13 14:00 . 2012-03-31 18:59 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 14:00 . 2011-10-17 06:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-12-20 11:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-20 11:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-20 11:24 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 20:23 . 2012-10-10 20:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 20:23 . 2012-10-10 20:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-10 20:23 . 2012-10-10 20:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-10 20:23 . 2012-10-10 20:23 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-04 16:40 . 2012-12-20 11:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-09-24 13:32 . 2012-07-03 21:32 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 13:32 . 2011-10-16 18:34 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
.
c:\users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-17 29428448]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-11-4 41160]
Winamp.lnk - c:\program files (x86)\Winamp\winamp.exe [2012-6-28 2206888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
The Journal 4.lnk - c:\program files (x86)\DavidRM Software\The Journal 4\Journal4.exe [2012-1-17 7935272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 DbusAudio;DbusAudio;c:\windows\system32\drivers\DbusAudio.sys [2012-06-05 34088]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-12 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-12 30568]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-20 283200]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-26 00:18]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-26 00:18]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3521969070-1576761210-3835582670-1000Core.job
- c:\users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 21:15]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3521969070-1576761210-3835582670-1000UA.job
- c:\users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 21:15]
.
2012-12-21 c:\windows\Tasks\Rybobzip.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-03-20 6468712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Read EXIF - c:\program files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: raiffeisenbank.rs\rol
TCP: DhcpNameServer = 89.216.1.30 192.168.0.1
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
FF - ProfilePath - c:\users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\y3w8rehd.default\
FF - ExtSQL: 2012-10-25 22:56; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bwf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cel"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.flc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fli"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ico"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-3521969070-1576761210-3835582670-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m15"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m1a"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m2a"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m75"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mpv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pics"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qcp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qtpf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-3521969070-1576761210-3835582670-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sdv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sfil"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sml"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.swa"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ulw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.vfw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-21 01:40:16
ComboFix-quarantined-files.txt 2012-12-21 00:40
.
Pre-Run: 153,149,124,608 bytes free
Post-Run: 153,169,215,488 bytes free
.
- - End Of File - - 34C4BAC3CFDDFFCBEA21AF304EE8644C


Additional information:

I couldn't disable Microsoft Security Essentials from services.msc (when in properties of service I couldn't access to any of the option buttons - all was grayed).
I uninstalled MSE, disabled Windows Firewall and restarted PC.

Afterwards I've run Combofix and it showed me the warning box -> http://i46.tinypic.com/olbp4.jpg
Then I tried to find MSE service or in add/remove programs, it wasn't there. Clicked OK -> http://i46.tinypic.com/11bptl5.jpg and OK again.

When googling it still redirects me from time to time and "The Windows Security Center Service can't be started".

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 20 December 2012 - 08:42 PM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

File::
c:\windows\Tasks\Rybobzip.job
c:\windows\SysWow64\drtprov1.dll

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 20 December 2012 - 10:44 PM

report from Combofix:

ComboFix 12-12-20.02 - Dusan 21-Dec-12 4:13.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4077.2760 [GMT 1:00]
Running from: c:\users\Dusan\Desktop\ComboFix.exe
Command switches used :: c:\users\Dusan\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
FILE ::
"c:\windows\SysWow64\drtprov1.dll"
"c:\windows\Tasks\Rybobzip.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\drtprov1.dll
c:\windows\Tasks\Rybobzip.job
.
.
((((((((((((((((((((((((( Files Created from 2012-11-21 to 2012-12-21 )))))))))))))))))))))))))))))))
.
.
2012-12-21 03:16 . 2012-12-21 03:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-12-21 00:24 . 2012-12-21 00:24 -------- d-----w- c:\windows\PCHEALTH
2012-12-20 19:57 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-12-20 19:57 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-12-20 19:57 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-12-20 19:57 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-12-20 19:57 . 2011-03-11 04:37 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2012-12-20 19:57 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-12-20 19:57 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-12-20 19:57 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-12-20 19:57 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-12-20 19:57 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-12-20 19:57 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2012-12-20 19:49 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-20 19:49 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-20 19:49 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-20 19:49 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-20 14:42 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2012-12-20 14:42 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2012-12-20 14:42 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2012-12-20 14:42 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2012-12-20 14:42 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2012-12-20 14:42 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2012-12-20 14:42 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2012-12-20 12:44 . 2012-12-20 10:57 -------- d-----w- c:\windows\Panther
2012-12-20 12:34 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-20 12:34 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-20 12:34 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
2012-12-20 12:34 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-20 12:33 . 2012-12-20 04:22 -------- d-----w- C:\$WINDOWS.~Q
2012-12-20 12:32 . 2012-11-28 14:58 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-20 12:28 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-12-20 12:28 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-12-20 12:28 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-12-20 12:28 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-12-20 12:28 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2012-12-20 12:28 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2012-12-20 12:28 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-12-20 12:28 . 2012-12-20 12:30 -------- d-----w- C:\$INPLACE.~TR
2012-12-20 12:27 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-12-20 12:27 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-12-20 12:27 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-12-20 12:27 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-12-20 12:27 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-12-20 11:37 . 2012-12-20 11:37 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-20 11:37 . 2012-09-07 16:04 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-20 11:25 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.exe
2012-12-20 11:25 . 2011-02-25 05:30 2616320 ----a-w- c:\windows\SysWow64\explorer.exe
2012-12-20 11:25 . 2012-01-04 10:44 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-12-20 11:25 . 2012-01-04 08:58 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-12-20 11:25 . 2012-08-31 18:19 1659760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-12-20 11:25 . 2011-06-16 05:49 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-12-20 11:25 . 2012-10-09 18:17 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-12-20 11:25 . 2012-10-09 18:17 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-12-20 11:25 . 2012-10-09 17:40 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-12-20 11:25 . 2012-10-09 17:40 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
2012-12-20 11:23 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-12-20 11:23 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-12-20 11:23 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2012-12-20 11:23 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2012-12-20 11:21 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2012-12-20 11:20 . 2012-10-04 17:38 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-12-20 11:19 . 2011-12-28 03:59 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-12-20 11:18 . 2011-10-15 06:31 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-12-20 11:17 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-12-20 11:17 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-12-20 04:40 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-12-20 04:40 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-12-20 04:40 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-12-20 04:36 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-12-20 04:36 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-12-20 04:36 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2012-12-20 04:36 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-12-20 04:36 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2012-12-20 04:36 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-12-20 04:36 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-12-20 04:36 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-12-20 04:36 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-12-20 04:12 . 2012-12-20 04:12 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-12-20 04:12 . 2012-12-20 04:12 -------- d-----w- c:\users\Default\AppData\Local\Google
2012-12-20 03:49 . 2012-12-20 10:57 -------- d-----w- c:\users\Dusan
2012-12-20 03:49 . 2012-12-20 04:34 -------- d-----w- c:\users\UpdatusUser
2012-12-20 03:49 . 2012-12-20 04:07 -------- d-----w- c:\users\Administrator
2012-12-20 03:48 . 2012-12-21 00:49 -------- d-----w- c:\programdata\NVIDIA
2012-12-20 03:48 . 2012-10-02 19:51 3536817 ----a-w- c:\windows\system32\nvcoproc.bin
2012-12-20 03:48 . 2012-10-02 19:51 3293544 ----a-w- c:\windows\system32\nvsvc64.dll
2012-12-20 03:48 . 2012-10-02 19:51 6200680 ----a-w- c:\windows\system32\nvcpl.dll
2012-12-20 03:48 . 2012-10-02 19:50 891240 ----a-w- c:\windows\system32\nvvsvc.exe
2012-12-20 03:48 . 2012-10-02 19:50 63336 ----a-w- c:\windows\system32\nvshext.dll
2012-12-20 03:48 . 2012-10-02 19:50 2557800 ----a-w- c:\windows\system32\nvsvcr.dll
2012-12-20 03:48 . 2012-10-02 19:50 118120 ----a-w- c:\windows\system32\nvmctray.dll
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:55 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:52 -------- d-----w- c:\program files\NVIDIA Corporation
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-12-20 03:47 . 2012-12-20 03:47 -------- d-----w- c:\program files\Realtek
2012-12-20 02:42 . 2012-12-20 03:55 -------- d-----w- c:\program files (x86)\Microsoft Silverlight
2012-12-20 02:42 . 2012-12-20 03:52 -------- d-----w- c:\program files\Microsoft Silverlight
2012-12-20 01:50 . 2012-12-20 03:51 -------- d-----w- c:\program files\7-Zip
2012-12-19 21:39 . 2012-12-20 04:00 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-12-19 21:39 . 2012-12-20 03:52 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-12-19 09:36 . 2012-12-20 04:00 -------- d-----w- c:\windows\Microsoft Antimalware
2012-12-18 11:53 . 2012-12-20 03:59 -------- d-----w- c:\programdata\Malwarebytes
2012-12-18 00:26 . 2012-12-20 03:54 -------- d-----w- c:\program files (x86)\Enigma Software Group
2012-12-18 00:24 . 2012-12-20 04:00 -------- d-----w- c:\windows\4FC9DA9DF608454E8191D7EFFDCC5726.TMP
2012-12-18 00:13 . 2012-12-20 04:00 -------- d-----w- c:\windows\83B952C7F8F34CA3B4C533C85B24E478.TMP
2012-12-17 23:24 . 2012-12-20 04:00 -------- d-----w- c:\programdata\SpeedyPC Software
2012-11-28 19:15 . 2012-12-20 03:54 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 11:00 . 2012-09-22 16:39 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-12-17 23:56 . 2011-10-15 12:56 6656 ----a-w- c:\windows\system32\lpcio.dll
2012-11-15 01:38 . 2012-11-15 01:38 40712 ----a-w- c:\windows\system32\drivers\taphss6.sys
2012-11-15 01:33 . 2012-11-15 01:33 42248 ----a-w- c:\windows\system32\drivers\hssdrv6.sys
2012-11-13 14:00 . 2012-03-31 18:59 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-13 14:00 . 2011-10-17 06:18 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-16 08:38 . 2012-12-20 11:24 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-20 11:24 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-20 11:24 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-10 20:23 . 2012-10-10 20:23 247144 ----a-w- c:\windows\system32\nvinitx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1867112 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 18252136 ----a-w- c:\windows\system32\nvd3dumx.dll
2012-10-10 20:23 . 2012-10-10 20:23 1482600 ----a-w- c:\windows\system32\nvdispgenco64.dll
2012-10-10 20:23 . 2012-10-10 20:23 6127464 ----a-w- c:\windows\SysWow64\nvopencl.dll
2012-10-10 20:23 . 2012-10-10 20:23 2574696 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2012-10-10 20:23 . 2012-10-10 20:23 25256296 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-10 20:23 . 2012-10-10 20:23 831848 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2012-10-10 20:23 . 2012-10-10 20:23 202600 ----a-w- c:\windows\SysWow64\nvinit.dll
2012-10-10 20:23 . 2012-10-10 20:23 7414632 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-10 20:23 . 2012-10-10 20:23 2731880 ----a-w- c:\windows\system32\nvapi64.dll
2012-10-10 20:23 . 2012-10-10 20:23 973672 ----a-w- c:\windows\system32\nvumdshimx.dll
2012-10-10 20:23 . 2012-10-10 20:23 14922600 ----a-w- c:\windows\system32\nvwgf2umx.dll
2012-10-10 20:23 . 2012-10-10 20:23 9146728 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 7697768 ----a-w- c:\windows\SysWow64\nvcuda.dll
2012-10-10 20:23 . 2012-10-10 20:23 2218344 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-10 20:23 . 2012-10-10 20:23 12501352 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2012-10-10 20:22 . 2012-10-10 20:22 2428776 ----a-w- c:\windows\SysWow64\nvapi.dll
2012-10-10 20:22 . 2012-10-10 20:22 26331496 ----a-w- c:\windows\system32\nvoglv64.dll
2012-10-10 20:22 . 2012-10-10 20:22 1760104 ----a-w- c:\windows\system32\nvdispco64.dll
2012-10-10 20:22 . 2012-10-10 20:22 15309160 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2012-10-10 20:22 . 2012-10-10 20:22 2747240 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-10 20:22 . 2012-10-10 20:22 19906920 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2012-10-10 20:22 . 2012-10-10 20:22 13443944 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-10 20:22 . 2012-10-10 20:22 17559912 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2012-10-04 16:40 . 2012-12-20 11:21 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-09-24 13:32 . 2012-07-03 21:32 477168 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2012-09-24 13:32 . 2011-10-16 18:34 473072 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-08-28 3671904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-09-17 254896]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
.
c:\users\Dusan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-12-17 29428448]
Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-11-4 41160]
Winamp.lnk - c:\program files (x86)\Winamp\winamp.exe [2012-6-28 2206888]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
The Journal 4.lnk - c:\program files (x86)\DavidRM Software\The Journal 4\Journal4.exe [2012-1-17 7935272]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 DbusAudio;DbusAudio;c:\windows\system32\drivers\DbusAudio.sys [2012-06-05 34088]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\DRIVERS\ManyCam_x64.sys [2008-03-13 27136]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys [2012-11-15 40712]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 29696]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-06-05 147288]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-06-05 224088]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-06-05 130904]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-12-27 21992]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-22 2656280]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe [2009-07-12 24168]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys [2009-07-12 30568]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-12-20 283200]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2011-02-10 82432]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2011-02-10 181760]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-26 00:18]
.
2012-12-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-26 00:18]
.
2012-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3521969070-1576761210-3835582670-1000Core.job
- c:\users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 21:15]
.
2012-12-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3521969070-1576761210-3835582670-1000UA.job
- c:\users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-16 21:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-11-08 15:58 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-03-20 6468712]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Read EXIF - c:\program files (x86)\ArcSoft\RAW Thumbnail Viewer\ArcEXIFM.htm
IE: Se&nd to OneNote - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
Trusted Zone: raiffeisenbank.rs\rol
TCP: DhcpNameServer = 89.216.1.30 192.168.0.1
DPF: {73848533-39E1-49F1-9363-28054268C094} - hxxps://rol.raiffeisenbank.rs/RetailDLL/FSINT9.dll
DPF: {F6FFAC18-CAD4-4054-9D49-D610286CE323} - hxxps://rol.raiffeisenbank.rs/RetailDLL/EBCSCC2a.dll
FF - ProfilePath - c:\users\Dusan\AppData\Roaming\Mozilla\Firefox\Profiles\y3w8rehd.default\
FF - ExtSQL: 2012-10-25 22:56; {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}; c:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.032"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.abr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ani"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.apd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.arw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bay"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.bwf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cel\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cel"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cr2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.crw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cs1"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.cur"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dcx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dib"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.djvu"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.dng"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.emf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.eps"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.erf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.flc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fli"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.fpx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.gif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.hdr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icl"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.icn"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ico\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ico"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (S-1-5-21-3521969070-1576761210-3835582670-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.iff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ilbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.int"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.inta"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.iw4"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2c"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.j2k"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jbr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jfif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jp2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpe"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpeg"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpg"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpk"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.jpx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.kdc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.lbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m15"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m1a"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m2a"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.m75"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mos"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mpv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.mrw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.nrw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.orf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pbr"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pct"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pcx"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pef"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pgm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pic"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pics"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pict"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pix"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.png"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ppm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psd"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.psp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspbrush"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.pspimage"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qcp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.qtpf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.raf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ras"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (S-1-5-21-3521969070-1576761210-3835582670-1000)
@Denied: (2) (LocalSystem)
"Progid"="Winamp.File.raw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgb"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rgba"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rle"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rsb"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rw2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.rwl"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sdv"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sfil"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sgi"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.smf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sml"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.sr2"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.srw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.swa"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tga"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.thm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.tiff"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttc"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ttf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.ulw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50po"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50pp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v50ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.v50ppf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.vfw"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wbmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.wmf"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xbm"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xif"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xmp"
.
[HKEY_USERS\S-1-5-21-3521969070-1576761210-3835582670-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 5.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9e.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9e.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-12-21 04:18:08
ComboFix-quarantined-files.txt 2012-12-21 03:18
.
Pre-Run: 153,632,423,936 bytes free
Post-Run: 153,567,494,144 bytes free
.
- - End Of File - - 808B22FD0C74F1BD8ED15AFB2FDEB0A2





Additional information:

MSE is still uninstalled, I disabled Windows Firewall and run Combofix with CFScript.txt.

Shortly after, it showed me (again) the warning box -> http://i46.tinypic.com/olbp4.jpg
Clicked OK -> http://i46.tinypic.com/11bptl5.jpg and OK again.

I didn't see redirections while googling this time (maybe I'm lucky at the moment or didn't use browser long enough) but "The Windows Security Center Service can't be started" problem stills.

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 20 December 2012 - 11:00 PM

Greetings

I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 21 December 2012 - 07:10 AM

TDSSKiller log:


12:39:05.0376 1048 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:39:05.0875 1048 ============================================================
12:39:05.0875 1048 Current date / time: 2012/12/21 12:39:05.0875
12:39:05.0875 1048 SystemInfo:
12:39:05.0875 1048
12:39:05.0875 1048 OS Version: 6.1.7601 ServicePack: 1.0
12:39:05.0875 1048 Product type: Workstation
12:39:05.0875 1048 ComputerName: DUSAN-PC
12:39:05.0875 1048 UserName: Dusan
12:39:05.0875 1048 Windows directory: C:\Windows
12:39:05.0875 1048 System windows directory: C:\Windows
12:39:05.0875 1048 Running under WOW64
12:39:05.0875 1048 Processor architecture: Intel x64
12:39:05.0875 1048 Number of processors: 4
12:39:05.0875 1048 Page size: 0x1000
12:39:05.0875 1048 Boot type: Normal boot
12:39:05.0875 1048 ============================================================
12:39:19.0962 1048 BG loaded
12:39:20.0399 1048 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:39:20.0414 1048 ============================================================
12:39:20.0414 1048 \Device\Harddisk0\DR0:
12:39:20.0430 1048 MBR partitions:
12:39:20.0430 1048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:39:20.0430 1048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x257CD800
12:39:20.0461 1048 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x25801F7A, BlocksNum 0x257FE03B
12:39:20.0508 1048 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x4AFFFFF4, BlocksNum 0x297059CD
12:39:20.0508 1048 ============================================================
12:39:20.0617 1048 C: <-> \Device\Harddisk0\DR0\Partition2
12:39:20.0648 1048 D: <-> \Device\Harddisk0\DR0\Partition3
12:39:20.0695 1048 E: <-> \Device\Harddisk0\DR0\Partition4
12:39:20.0695 1048 ============================================================
12:39:20.0695 1048 Initialize success
12:39:20.0695 1048 ============================================================
12:40:36.0692 4708 ============================================================
12:40:36.0692 4708 Scan started
12:40:36.0692 4708 Mode: Manual; SigCheck; TDLFS;
12:40:36.0692 4708 ============================================================
12:40:38.0018 4708 ================ Scan system memory ========================
12:40:38.0018 4708 System memory - ok
12:40:38.0018 4708 ================ Scan services =============================
12:40:38.0112 4708 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:40:38.0143 4708 !SASCORE - ok
12:40:38.0284 4708 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:40:38.0315 4708 1394ohci - ok
12:40:38.0393 4708 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:40:38.0424 4708 ACDaemon - ok
12:40:38.0440 4708 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:40:38.0471 4708 ACPI - ok
12:40:38.0471 4708 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:40:38.0533 4708 AcpiPmi - ok
12:40:38.0627 4708 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:40:38.0642 4708 AdobeARMservice - ok
12:40:38.0658 4708 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:40:38.0674 4708 adp94xx - ok
12:40:38.0689 4708 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:40:38.0689 4708 adpahci - ok
12:40:38.0689 4708 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:40:38.0705 4708 adpu320 - ok
12:40:38.0752 4708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:40:38.0861 4708 AeLookupSvc - ok
12:40:38.0892 4708 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:40:38.0939 4708 AFD - ok
12:40:38.0954 4708 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:40:38.0970 4708 agp440 - ok
12:40:38.0970 4708 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:40:39.0001 4708 ALG - ok
12:40:39.0001 4708 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:40:39.0001 4708 aliide - ok
12:40:39.0001 4708 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:40:39.0017 4708 amdide - ok
12:40:39.0017 4708 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:40:39.0032 4708 AmdK8 - ok
12:40:39.0048 4708 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:40:39.0048 4708 AmdPPM - ok
12:40:39.0079 4708 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:40:39.0095 4708 amdsata - ok
12:40:39.0095 4708 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:40:39.0110 4708 amdsbs - ok
12:40:39.0126 4708 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:40:39.0126 4708 amdxata - ok
12:40:39.0142 4708 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:40:39.0266 4708 AppID - ok
12:40:39.0282 4708 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:40:39.0313 4708 AppIDSvc - ok
12:40:39.0329 4708 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
12:40:39.0376 4708 Appinfo - ok
12:40:39.0407 4708 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
12:40:39.0438 4708 AppMgmt - ok
12:40:39.0438 4708 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
12:40:39.0454 4708 arc - ok
12:40:39.0469 4708 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:40:39.0485 4708 arcsas - ok
12:40:39.0500 4708 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:40:39.0547 4708 AsyncMac - ok
12:40:39.0578 4708 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:40:39.0594 4708 atapi - ok
12:40:39.0610 4708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:40:39.0672 4708 AudioEndpointBuilder - ok
12:40:39.0672 4708 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:40:39.0703 4708 AudioSrv - ok
12:40:39.0703 4708 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:40:39.0734 4708 AxInstSV - ok
12:40:39.0781 4708 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:40:39.0812 4708 b06bdrv - ok
12:40:39.0859 4708 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:40:39.0875 4708 b57nd60a - ok
12:40:39.0890 4708 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:40:39.0937 4708 BDESVC - ok
12:40:39.0937 4708 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:40:40.0000 4708 Beep - ok
12:40:40.0062 4708 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:40:40.0093 4708 BFE - ok
12:40:40.0124 4708 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:40:40.0171 4708 BITS - ok
12:40:40.0171 4708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:40:40.0187 4708 blbdrive - ok
12:40:40.0218 4708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:40:40.0249 4708 bowser - ok
12:40:40.0249 4708 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:40:40.0265 4708 BrFiltLo - ok
12:40:40.0265 4708 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:40:40.0265 4708 BrFiltUp - ok
12:40:40.0312 4708 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:40:40.0358 4708 BridgeMP - ok
12:40:40.0405 4708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:40:40.0421 4708 Browser - ok
12:40:40.0421 4708 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:40:40.0468 4708 Brserid - ok
12:40:40.0468 4708 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:40:40.0483 4708 BrSerWdm - ok
12:40:40.0483 4708 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:40:40.0499 4708 BrUsbMdm - ok
12:40:40.0499 4708 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:40:40.0514 4708 BrUsbSer - ok
12:40:40.0514 4708 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:40:40.0546 4708 BTHMODEM - ok
12:40:40.0577 4708 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:40:40.0624 4708 bthserv - ok
12:40:40.0655 4708 catchme - ok
12:40:40.0655 4708 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:40:40.0670 4708 cdfs - ok
12:40:40.0686 4708 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:40:40.0702 4708 cdrom - ok
12:40:40.0717 4708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:40:40.0780 4708 CertPropSvc - ok
12:40:40.0780 4708 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
12:40:40.0780 4708 circlass - ok
12:40:40.0811 4708 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:40:40.0826 4708 CLFS - ok
12:40:40.0904 4708 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:40:40.0920 4708 clr_optimization_v2.0.50727_32 - ok
12:40:40.0951 4708 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:40:40.0967 4708 clr_optimization_v2.0.50727_64 - ok
12:40:41.0014 4708 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:40:41.0029 4708 clr_optimization_v4.0.30319_32 - ok
12:40:41.0045 4708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:40:41.0076 4708 clr_optimization_v4.0.30319_64 - ok
12:40:41.0092 4708 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:40:41.0107 4708 CmBatt - ok
12:40:41.0107 4708 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:40:41.0123 4708 cmdide - ok
12:40:41.0154 4708 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
12:40:41.0170 4708 CNG - ok
12:40:41.0185 4708 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:40:41.0185 4708 Compbatt - ok
12:40:41.0201 4708 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:40:41.0216 4708 CompositeBus - ok
12:40:41.0216 4708 COMSysApp - ok
12:40:41.0232 4708 [ 76355D5EAFDFA3E9B7580B9153DE1F30 ] cpuz135 C:\Windows\system32\drivers\cpuz135_x64.sys
12:40:41.0232 4708 cpuz135 - ok
12:40:41.0248 4708 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:40:41.0248 4708 crcdisk - ok
12:40:41.0279 4708 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:40:41.0341 4708 CryptSvc - ok
12:40:41.0372 4708 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
12:40:41.0419 4708 CSC - ok
12:40:41.0435 4708 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
12:40:41.0482 4708 CscService - ok
12:40:41.0497 4708 [ F0CCE4FFD537A0A5743997DF0A46A864 ] DbusAudio C:\Windows\system32\drivers\DbusAudio.sys
12:40:41.0513 4708 DbusAudio - ok
12:40:41.0560 4708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:40:41.0622 4708 DcomLaunch - ok
12:40:41.0669 4708 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:40:41.0700 4708 defragsvc - ok
12:40:41.0716 4708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:40:41.0747 4708 DfsC - ok
12:40:41.0778 4708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:40:41.0825 4708 Dhcp - ok
12:40:41.0840 4708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:40:41.0872 4708 discache - ok
12:40:41.0903 4708 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
12:40:41.0918 4708 Disk - ok
12:40:41.0934 4708 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:40:41.0981 4708 dmvsc - ok
12:40:41.0996 4708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:40:42.0028 4708 Dnscache - ok
12:40:42.0043 4708 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:40:42.0074 4708 dot3svc - ok
12:40:42.0090 4708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:40:42.0121 4708 DPS - ok
12:40:42.0152 4708 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:40:42.0152 4708 drmkaud - ok
12:40:42.0199 4708 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
12:40:42.0215 4708 dtsoftbus01 - ok
12:40:42.0246 4708 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:40:42.0277 4708 DXGKrnl - ok
12:40:42.0293 4708 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:40:42.0340 4708 EapHost - ok
12:40:42.0402 4708 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:40:42.0480 4708 ebdrv - ok
12:40:42.0511 4708 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:40:42.0542 4708 EFS - ok
12:40:42.0620 4708 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:40:42.0652 4708 ehRecvr - ok
12:40:42.0652 4708 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:40:42.0652 4708 ehSched - ok
12:40:42.0667 4708 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:40:42.0683 4708 elxstor - ok
12:40:42.0714 4708 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:40:42.0730 4708 ErrDev - ok
12:40:42.0761 4708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:40:42.0808 4708 EventSystem - ok
12:40:42.0808 4708 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:40:42.0839 4708 exfat - ok
12:40:42.0839 4708 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:40:42.0870 4708 fastfat - ok
12:40:42.0886 4708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:40:42.0917 4708 Fax - ok
12:40:42.0932 4708 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
12:40:42.0948 4708 fdc - ok
12:40:42.0964 4708 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:40:42.0979 4708 fdPHost - ok
12:40:43.0010 4708 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:40:43.0042 4708 FDResPub - ok
12:40:43.0042 4708 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:40:43.0042 4708 FileInfo - ok
12:40:43.0042 4708 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:40:43.0073 4708 Filetrace - ok
12:40:43.0073 4708 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:40:43.0088 4708 flpydisk - ok
12:40:43.0088 4708 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:40:43.0088 4708 FltMgr - ok
12:40:43.0120 4708 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
12:40:43.0166 4708 FontCache - ok
12:40:43.0213 4708 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:40:43.0229 4708 FontCache3.0.0.0 - ok
12:40:43.0229 4708 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:40:43.0244 4708 FsDepends - ok
12:40:43.0260 4708 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:40:43.0276 4708 Fs_Rec - ok
12:40:43.0276 4708 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:40:43.0307 4708 fvevol - ok
12:40:43.0322 4708 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:40:43.0322 4708 gagp30kx - ok
12:40:43.0354 4708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:40:43.0385 4708 gpsvc - ok
12:40:43.0447 4708 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:40:43.0447 4708 gupdate - ok
12:40:43.0463 4708 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:40:43.0463 4708 gupdatem - ok
12:40:43.0494 4708 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:40:43.0510 4708 hcw85cir - ok
12:40:43.0525 4708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:40:43.0556 4708 HDAudBus - ok
12:40:43.0556 4708 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:40:43.0588 4708 HidBatt - ok
12:40:43.0603 4708 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:40:43.0619 4708 HidBth - ok
12:40:43.0634 4708 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
12:40:43.0650 4708 HidIr - ok
12:40:43.0650 4708 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:40:43.0712 4708 hidserv - ok
12:40:43.0712 4708 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:40:43.0728 4708 HidUsb - ok
12:40:43.0744 4708 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:40:43.0806 4708 hkmsvc - ok
12:40:43.0822 4708 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:40:43.0837 4708 HomeGroupListener - ok
12:40:43.0868 4708 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:40:43.0884 4708 HomeGroupProvider - ok
12:40:43.0915 4708 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:40:43.0915 4708 HpSAMD - ok
12:40:43.0946 4708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:40:44.0009 4708 HTTP - ok
12:40:44.0024 4708 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:40:44.0024 4708 hwpolicy - ok
12:40:44.0024 4708 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:40:44.0040 4708 i8042prt - ok
12:40:44.0071 4708 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:40:44.0087 4708 iaStorV - ok
12:40:44.0149 4708 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:40:44.0180 4708 idsvc - ok
12:40:44.0180 4708 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:40:44.0196 4708 iirsp - ok
12:40:44.0227 4708 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:40:44.0290 4708 IKEEXT - ok
12:40:44.0383 4708 [ 5F6A3EA5BD7CA861863A3A06CECC115C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:40:44.0430 4708 IntcAzAudAddService - ok
12:40:44.0446 4708 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:40:44.0446 4708 intelide - ok
12:40:44.0461 4708 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:40:44.0492 4708 intelppm - ok
12:40:44.0492 4708 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:40:44.0524 4708 IPBusEnum - ok
12:40:44.0555 4708 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:40:44.0570 4708 IpFilterDriver - ok
12:40:44.0602 4708 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:40:44.0664 4708 iphlpsvc - ok
12:40:44.0680 4708 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:40:44.0695 4708 IPMIDRV - ok
12:40:44.0695 4708 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:40:44.0742 4708 IPNAT - ok
12:40:44.0742 4708 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:40:44.0758 4708 IRENUM - ok
12:40:44.0758 4708 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:40:44.0773 4708 isapnp - ok
12:40:44.0773 4708 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:40:44.0789 4708 iScsiPrt - ok
12:40:44.0789 4708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:40:44.0789 4708 kbdclass - ok
12:40:44.0789 4708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:40:44.0804 4708 kbdhid - ok
12:40:44.0820 4708 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:40:44.0820 4708 KeyIso - ok
12:40:44.0836 4708 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:40:44.0851 4708 KSecDD - ok
12:40:44.0882 4708 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:40:44.0882 4708 KSecPkg - ok
12:40:44.0898 4708 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:40:44.0929 4708 ksthunk - ok
12:40:44.0960 4708 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:40:45.0007 4708 KtmRm - ok
12:40:45.0054 4708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:40:45.0085 4708 LanmanServer - ok
12:40:45.0116 4708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:40:45.0163 4708 LanmanWorkstation - ok
12:40:45.0179 4708 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:40:45.0226 4708 lltdio - ok
12:40:45.0241 4708 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:40:45.0272 4708 lltdsvc - ok
12:40:45.0288 4708 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:40:45.0319 4708 lmhosts - ok
12:40:45.0350 4708 [ E7859BA062DB5E23C6DD34AD66B09F50 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:40:45.0366 4708 LMS - ok
12:40:45.0382 4708 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:40:45.0397 4708 LSI_FC - ok
12:40:45.0397 4708 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:40:45.0413 4708 LSI_SAS - ok
12:40:45.0413 4708 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:40:45.0428 4708 LSI_SAS2 - ok
12:40:45.0428 4708 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:40:45.0428 4708 LSI_SCSI - ok
12:40:45.0444 4708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:40:45.0475 4708 luafv - ok
12:40:45.0506 4708 [ D33E2B74CF8B3A652BF0A9FBD068E87A ] ManyCam C:\Windows\system32\DRIVERS\ManyCam_x64.sys
12:40:45.0538 4708 ManyCam - ok
12:40:45.0569 4708 [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:40:45.0569 4708 MBAMProtector - ok
12:40:45.0600 4708 [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:40:45.0616 4708 MBAMScheduler - ok
12:40:45.0631 4708 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:40:45.0647 4708 MBAMService - ok
12:40:45.0678 4708 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
12:40:45.0694 4708 MBfilt - ok
12:40:45.0709 4708 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:40:45.0725 4708 Mcx2Svc - ok
12:40:45.0725 4708 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
12:40:45.0740 4708 megasas - ok
12:40:45.0740 4708 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:40:45.0756 4708 MegaSR - ok
12:40:45.0787 4708 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:40:45.0787 4708 MEIx64 - ok
12:40:45.0834 4708 Microsoft SharePoint Workspace Audit Service - ok
12:40:45.0865 4708 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:40:45.0912 4708 MMCSS - ok
12:40:45.0928 4708 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:40:45.0959 4708 Modem - ok
12:40:45.0959 4708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:40:45.0974 4708 monitor - ok
12:40:45.0974 4708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
12:40:45.0974 4708 mouclass - ok
12:40:45.0990 4708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:40:46.0021 4708 mouhid - ok
12:40:46.0037 4708 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:40:46.0037 4708 mountmgr - ok
12:40:46.0099 4708 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:40:46.0115 4708 MozillaMaintenance - ok
12:40:46.0115 4708 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:40:46.0130 4708 mpio - ok
12:40:46.0146 4708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:40:46.0177 4708 mpsdrv - ok
12:40:46.0177 4708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:40:46.0208 4708 MpsSvc - ok
12:40:46.0240 4708 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:40:46.0255 4708 MRxDAV - ok
12:40:46.0286 4708 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:40:46.0302 4708 mrxsmb - ok
12:40:46.0318 4708 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:40:46.0333 4708 mrxsmb10 - ok
12:40:46.0349 4708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:40:46.0364 4708 mrxsmb20 - ok
12:40:46.0364 4708 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:40:46.0380 4708 msahci - ok
12:40:46.0380 4708 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:40:46.0396 4708 msdsm - ok
12:40:46.0411 4708 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:40:46.0411 4708 MSDTC - ok
12:40:46.0427 4708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:40:46.0442 4708 Msfs - ok
12:40:46.0458 4708 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:40:46.0489 4708 mshidkmdf - ok
12:40:46.0489 4708 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:40:46.0489 4708 msisadrv - ok
12:40:46.0520 4708 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:40:46.0567 4708 MSiSCSI - ok
12:40:46.0567 4708 msiserver - ok
12:40:46.0614 4708 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:40:46.0630 4708 MSKSSRV - ok
12:40:46.0630 4708 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:40:46.0661 4708 MSPCLOCK - ok
12:40:46.0676 4708 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:40:46.0723 4708 MSPQM - ok
12:40:46.0723 4708 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:40:46.0739 4708 MsRPC - ok
12:40:46.0739 4708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:40:46.0739 4708 mssmbios - ok
12:40:46.0754 4708 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:40:46.0786 4708 MSTEE - ok
12:40:46.0786 4708 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:40:46.0786 4708 MTConfig - ok
12:40:46.0786 4708 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:40:46.0801 4708 Mup - ok
12:40:46.0832 4708 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:40:46.0879 4708 napagent - ok
12:40:46.0910 4708 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:40:46.0942 4708 NativeWifiP - ok
12:40:46.0973 4708 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:40:47.0004 4708 NDIS - ok
12:40:47.0051 4708 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:40:47.0082 4708 NdisCap - ok
12:40:47.0082 4708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:40:47.0098 4708 NdisTapi - ok
12:40:47.0098 4708 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:40:47.0129 4708 Ndisuio - ok
12:40:47.0129 4708 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:40:47.0160 4708 NdisWan - ok
12:40:47.0160 4708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:40:47.0191 4708 NDProxy - ok
12:40:47.0191 4708 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:40:47.0222 4708 NetBIOS - ok
12:40:47.0238 4708 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:40:47.0254 4708 NetBT - ok
12:40:47.0269 4708 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:40:47.0269 4708 Netlogon - ok
12:40:47.0300 4708 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:40:47.0332 4708 Netman - ok
12:40:47.0378 4708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:40:47.0441 4708 netprofm - ok
12:40:47.0472 4708 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:40:47.0488 4708 NetTcpPortSharing - ok
12:40:47.0503 4708 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:40:47.0519 4708 nfrd960 - ok
12:40:47.0550 4708 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:40:47.0566 4708 NlaSvc - ok
12:40:47.0566 4708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:40:47.0597 4708 Npfs - ok
12:40:47.0612 4708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:40:47.0644 4708 nsi - ok
12:40:47.0644 4708 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:40:47.0675 4708 nsiproxy - ok
12:40:47.0737 4708 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:40:47.0784 4708 Ntfs - ok
12:40:47.0800 4708 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:40:47.0815 4708 Null - ok
12:40:47.0862 4708 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
12:40:47.0893 4708 nusb3hub - ok
12:40:47.0909 4708 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
12:40:47.0940 4708 nusb3xhc - ok
12:40:47.0971 4708 [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:40:47.0987 4708 NVHDA - ok
12:40:48.0205 4708 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:40:48.0346 4708 nvlddmkm - ok
12:40:48.0377 4708 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:40:48.0392 4708 nvraid - ok
12:40:48.0392 4708 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:40:48.0408 4708 nvstor - ok
12:40:48.0439 4708 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
12:40:48.0455 4708 nvsvc - ok
12:40:48.0548 4708 [ 4E5C5D88EB0A8D21824D5A3EB7327E69 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:40:48.0595 4708 nvUpdatusService - ok
12:40:48.0611 4708 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:40:48.0626 4708 nv_agp - ok
12:40:48.0658 4708 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:40:48.0658 4708 ohci1394 - ok
12:40:48.0736 4708 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:40:48.0736 4708 ose - ok
12:40:48.0876 4708 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:40:48.0985 4708 osppsvc - ok
12:40:49.0016 4708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:40:49.0079 4708 p2pimsvc - ok
12:40:49.0110 4708 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:40:49.0110 4708 p2psvc - ok
12:40:49.0141 4708 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:40:49.0141 4708 Parport - ok
12:40:49.0157 4708 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:40:49.0172 4708 partmgr - ok
12:40:49.0172 4708 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:40:49.0204 4708 PcaSvc - ok
12:40:49.0204 4708 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:40:49.0219 4708 pci - ok
12:40:49.0235 4708 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:40:49.0235 4708 pciide - ok
12:40:49.0250 4708 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:40:49.0266 4708 pcmcia - ok
12:40:49.0266 4708 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:40:49.0282 4708 pcw - ok
12:40:49.0282 4708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:40:49.0313 4708 PEAUTH - ok
12:40:49.0360 4708 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:40:49.0422 4708 PeerDistSvc - ok
12:40:49.0531 4708 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:40:49.0547 4708 PerfHost - ok
12:40:49.0578 4708 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:40:49.0672 4708 pla - ok
12:40:49.0718 4708 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:40:49.0734 4708 PlugPlay - ok
12:40:49.0765 4708 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:40:49.0781 4708 PNRPAutoReg - ok
12:40:49.0812 4708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:40:49.0828 4708 PNRPsvc - ok
12:40:49.0859 4708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:40:49.0906 4708 PolicyAgent - ok
12:40:49.0906 4708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:40:49.0952 4708 Power - ok
12:40:50.0015 4708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:40:50.0077 4708 PptpMiniport - ok
12:40:50.0093 4708 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
12:40:50.0124 4708 Processor - ok
12:40:50.0171 4708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:40:50.0218 4708 ProfSvc - ok
12:40:50.0233 4708 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:40:50.0249 4708 ProtectedStorage - ok
12:40:50.0296 4708 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:40:50.0327 4708 Psched - ok
12:40:50.0405 4708 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:40:50.0483 4708 ql2300 - ok
12:40:50.0514 4708 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:40:50.0514 4708 ql40xx - ok
12:40:50.0561 4708 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:40:50.0576 4708 QWAVE - ok
12:40:50.0608 4708 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:40:50.0608 4708 QWAVEdrv - ok
12:40:50.0623 4708 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:40:50.0686 4708 RasAcd - ok
12:40:50.0732 4708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:40:50.0748 4708 RasAgileVpn - ok
12:40:50.0810 4708 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:40:50.0857 4708 RasAuto - ok
12:40:50.0857 4708 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:40:50.0904 4708 Rasl2tp - ok
12:40:50.0935 4708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:40:50.0982 4708 RasMan - ok
12:40:50.0982 4708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:40:51.0076 4708 RasPppoe - ok
12:40:51.0091 4708 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:40:51.0122 4708 RasSstp - ok
12:40:51.0154 4708 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:40:51.0169 4708 rdbss - ok
12:40:51.0185 4708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:40:51.0200 4708 rdpbus - ok
12:40:51.0200 4708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:40:51.0247 4708 RDPCDD - ok
12:40:51.0294 4708 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:40:51.0325 4708 RDPDR - ok
12:40:51.0372 4708 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:40:51.0419 4708 RDPENCDD - ok
12:40:51.0466 4708 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:40:51.0497 4708 RDPREFMP - ok
12:40:51.0544 4708 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:40:51.0606 4708 RdpVideoMiniport - ok
12:40:51.0653 4708 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:40:51.0700 4708 RDPWD - ok
12:40:51.0715 4708 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:40:51.0746 4708 rdyboost - ok
12:40:51.0793 4708 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:40:51.0824 4708 RemoteAccess - ok
12:40:51.0856 4708 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:40:51.0902 4708 RemoteRegistry - ok
12:40:51.0918 4708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:40:51.0949 4708 RpcEptMapper - ok
12:40:51.0965 4708 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:40:51.0980 4708 RpcLocator - ok
12:40:52.0012 4708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
12:40:52.0027 4708 RpcSs - ok
12:40:52.0027 4708 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:40:52.0058 4708 rspndr - ok
12:40:52.0105 4708 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:40:52.0121 4708 RTL8167 - ok
12:40:52.0168 4708 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:40:52.0183 4708 s3cap - ok
12:40:52.0199 4708 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:40:52.0214 4708 SamSs - ok
12:40:52.0261 4708 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:40:52.0261 4708 SASDIFSV - ok
12:40:52.0261 4708 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:40:52.0277 4708 SASKUTIL - ok
12:40:52.0277 4708 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:40:52.0292 4708 sbp2port - ok
12:40:52.0308 4708 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:40:52.0339 4708 SCardSvr - ok
12:40:52.0355 4708 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:40:52.0386 4708 scfilter - ok
12:40:52.0417 4708 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:40:52.0480 4708 Schedule - ok
12:40:52.0495 4708 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:40:52.0511 4708 SCPolicySvc - ok
12:40:52.0542 4708 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:40:52.0558 4708 SDRSVC - ok
12:40:52.0573 4708 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:40:52.0636 4708 secdrv - ok
12:40:52.0651 4708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:40:52.0667 4708 seclogon - ok
12:40:52.0698 4708 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:40:52.0760 4708 SENS - ok
12:40:52.0776 4708 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:40:52.0807 4708 SensrSvc - ok
12:40:52.0854 4708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:40:52.0885 4708 Serenum - ok
12:40:52.0932 4708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:40:52.0948 4708 Serial - ok
12:40:52.0994 4708 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:40:53.0166 4708 sermouse - ok
12:40:53.0244 4708 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:40:53.0322 4708 SessionEnv - ok
12:40:53.0338 4708 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:40:53.0338 4708 sffdisk - ok
12:40:53.0338 4708 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:40:53.0369 4708 sffp_mmc - ok
12:40:53.0369 4708 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:40:53.0384 4708 sffp_sd - ok
12:40:53.0400 4708 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:40:53.0416 4708 sfloppy - ok
12:40:53.0821 4708 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:40:53.0852 4708 SharedAccess - ok
12:40:53.0868 4708 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:40:53.0899 4708 ShellHWDetection - ok
12:40:53.0915 4708 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:40:53.0946 4708 SiSRaid2 - ok
12:40:53.0962 4708 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:40:53.0977 4708 SiSRaid4 - ok
12:40:54.0196 4708 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:40:54.0227 4708 Skype C2C Service - ok
12:40:54.0289 4708 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:40:54.0305 4708 SkypeUpdate - ok
12:40:54.0336 4708 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:40:54.0398 4708 Smb - ok
12:40:54.0476 4708 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:40:54.0508 4708 SNMPTRAP - ok
12:40:54.0523 4708 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:40:54.0539 4708 spldr - ok
12:40:54.0632 4708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:40:54.0664 4708 Spooler - ok
12:40:54.0820 4708 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:40:54.0882 4708 sppsvc - ok
12:40:54.0898 4708 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:40:54.0929 4708 sppuinotify - ok
12:40:54.0960 4708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:40:55.0007 4708 srv - ok
12:40:55.0054 4708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:40:55.0085 4708 srv2 - ok
12:40:55.0116 4708 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:40:55.0132 4708 srvnet - ok
12:40:55.0210 4708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:40:55.0241 4708 SSDPSRV - ok
12:40:55.0272 4708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:40:55.0288 4708 SstpSvc - ok
12:40:55.0303 4708 Steam Client Service - ok
12:40:55.0412 4708 [ FC0A58529A02B1EED55DDC58696B7908 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:40:55.0428 4708 Stereo Service - ok
12:40:55.0490 4708 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:40:55.0506 4708 stexstor - ok
12:40:55.0584 4708 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:40:55.0615 4708 stisvc - ok
12:40:55.0646 4708 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:40:55.0646 4708 storflt - ok
12:40:55.0678 4708 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:40:55.0693 4708 storvsc - ok
12:40:55.0724 4708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:40:55.0740 4708 swenum - ok
12:40:55.0771 4708 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:40:55.0849 4708 swprv - ok
12:40:55.0865 4708 [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc C:\Windows\system32\drivers\synth3dvsc.sys
12:40:55.0880 4708 Synth3dVsc - ok
12:40:55.0958 4708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:40:56.0021 4708 SysMain - ok
12:40:56.0036 4708 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:40:56.0068 4708 TabletInputService - ok
12:40:56.0099 4708 [ B70DF208E97536CA9F29289E609F5B16 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
12:40:56.0099 4708 taphss - ok
12:40:56.0146 4708 [ 8B9FD32C71F29DF235A27CE9FF4F19DC ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
12:40:56.0161 4708 taphss6 - ok
12:40:56.0192 4708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:40:56.0239 4708 TapiSrv - ok
12:40:56.0270 4708 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:40:56.0286 4708 TBS - ok
12:40:56.0411 4708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:40:56.0489 4708 Tcpip - ok
12:40:56.0551 4708 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:40:56.0598 4708 TCPIP6 - ok
12:40:56.0629 4708 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:40:56.0645 4708 tcpipreg - ok
12:40:56.0676 4708 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:40:56.0738 4708 TDPIPE - ok
12:40:56.0801 4708 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:40:56.0832 4708 TDTCP - ok
12:40:56.0894 4708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:40:56.0926 4708 tdx - ok
12:40:56.0941 4708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:40:56.0941 4708 TermDD - ok
12:40:56.0988 4708 [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt C:\Windows\system32\drivers\terminpt.sys
12:40:57.0035 4708 terminpt - ok
12:40:57.0113 4708 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:40:57.0160 4708 TermService - ok
12:40:57.0191 4708 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:40:57.0222 4708 Themes - ok
12:40:57.0269 4708 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:40:57.0316 4708 THREADORDER - ok
12:40:57.0331 4708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:40:57.0378 4708 TrkWks - ok
12:40:57.0456 4708 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:40:57.0503 4708 TrustedInstaller - ok
12:40:57.0518 4708 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:40:57.0581 4708 tssecsrv - ok
12:40:57.0596 4708 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:40:57.0643 4708 TsUsbFlt - ok
12:40:57.0690 4708 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:40:57.0706 4708 TsUsbGD - ok
12:40:57.0752 4708 [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
12:40:57.0784 4708 tsusbhub - ok
12:40:57.0846 4708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:40:57.0893 4708 tunnel - ok
12:40:57.0908 4708 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:40:57.0924 4708 uagp35 - ok
12:40:57.0971 4708 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:40:58.0049 4708 udfs - ok
12:40:58.0080 4708 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:40:58.0111 4708 UI0Detect - ok
12:40:58.0174 4708 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:40:58.0189 4708 uliagpkx - ok
12:40:58.0205 4708 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:40:58.0220 4708 umbus - ok
12:40:58.0236 4708 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
12:40:58.0236 4708 UmPass - ok
12:40:58.0283 4708 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
12:40:58.0314 4708 UmRdpService - ok
12:40:58.0454 4708 [ E91F8AFBD7FB96C94B266579D6BFA77A ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:40:58.0486 4708 UNS - ok
12:40:58.0532 4708 [ 8F387A1CC015A3F5020700C657A0FC85 ] UnsignedThemes C:\Windows\UnsignedThemesSvc.exe
12:40:58.0548 4708 UnsignedThemes - ok
12:40:58.0610 4708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:40:58.0657 4708 upnphost - ok
12:40:58.0704 4708 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:40:58.0751 4708 usbaudio - ok
12:40:58.0798 4708 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:40:58.0844 4708 usbccgp - ok
12:40:58.0876 4708 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:40:58.0922 4708 usbcir - ok
12:40:58.0969 4708 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:40:59.0000 4708 usbehci - ok
12:40:59.0047 4708 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:40:59.0078 4708 usbhub - ok
12:40:59.0141 4708 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:40:59.0188 4708 usbohci - ok
12:40:59.0219 4708 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:40:59.0266 4708 usbprint - ok
12:40:59.0281 4708 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
12:40:59.0359 4708 USBSTOR - ok
12:40:59.0406 4708 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:40:59.0437 4708 usbuhci - ok
12:40:59.0500 4708 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] uxpatch C:\Windows\system32\drivers\uxpatch.sys
12:40:59.0515 4708 uxpatch - ok
12:40:59.0546 4708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:40:59.0624 4708 UxSms - ok
12:40:59.0640 4708 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:40:59.0640 4708 VaultSvc - ok
12:40:59.0687 4708 [ ED492636EE26EC43DAA4BAA7EF0DA7AD ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
12:40:59.0702 4708 VBoxDrv - ok
12:40:59.0734 4708 [ 58E2365E7FD880624F648C63C5D22009 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
12:40:59.0749 4708 VBoxNetAdp - ok
12:40:59.0796 4708 [ 99906A079A6C24D4B8B0DBED02B7869B ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
12:40:59.0812 4708 VBoxUSBMon - ok
12:40:59.0858 4708 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:40:59.0890 4708 vdrvroot - ok
12:40:59.0921 4708 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:40:59.0983 4708 vds - ok
12:41:00.0046 4708 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:41:00.0077 4708 vga - ok
12:41:00.0077 4708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:41:00.0124 4708 VgaSave - ok
12:41:00.0124 4708 VGPU - ok
12:41:00.0139 4708 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:41:00.0155 4708 vhdmp - ok
12:41:00.0186 4708 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:41:00.0202 4708 viaide - ok
12:41:00.0233 4708 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:41:00.0264 4708 vmbus - ok
12:41:00.0264 4708 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:41:00.0295 4708 VMBusHID - ok
12:41:00.0342 4708 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:41:00.0358 4708 volmgr - ok
12:41:00.0373 4708 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:41:00.0404 4708 volmgrx - ok
12:41:00.0420 4708 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:41:00.0451 4708 volsnap - ok
12:41:00.0498 4708 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:41:00.0514 4708 vsmraid - ok
12:41:00.0623 4708 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:41:00.0716 4708 VSS - ok
12:41:00.0748 4708 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:41:00.0779 4708 vwifibus - ok
12:41:00.0826 4708 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:41:00.0872 4708 W32Time - ok
12:41:00.0888 4708 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:41:00.0904 4708 WacomPen - ok
12:41:00.0935 4708 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:41:00.0966 4708 WANARP - ok
12:41:00.0966 4708 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:41:00.0997 4708 Wanarpv6 - ok
12:41:01.0028 4708 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:41:01.0122 4708 wbengine - ok
12:41:01.0153 4708 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:41:01.0184 4708 WbioSrvc - ok
12:41:01.0231 4708 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:41:01.0278 4708 wcncsvc - ok
12:41:01.0309 4708 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:41:01.0356 4708 WcsPlugInService - ok
12:41:01.0372 4708 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
12:41:01.0387 4708 Wd - ok
12:41:01.0465 4708 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:41:01.0512 4708 Wdf01000 - ok
12:41:01.0543 4708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:41:01.0949 4708 WdiServiceHost - ok
12:41:01.0949 4708 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:41:01.0980 4708 WdiSystemHost - ok
12:41:02.0027 4708 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:41:02.0074 4708 WebClient - ok
12:41:02.0105 4708 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:41:02.0183 4708 Wecsvc - ok
12:41:02.0214 4708 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:41:02.0261 4708 wercplsupport - ok
12:41:02.0308 4708 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:41:02.0354 4708 WerSvc - ok
12:41:02.0370 4708 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:41:02.0386 4708 WfpLwf - ok
12:41:02.0417 4708 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:41:02.0417 4708 WIMMount - ok
12:41:02.0432 4708 WinDefend - ok
12:41:02.0432 4708 WinHttpAutoProxySvc - ok
12:41:02.0542 4708 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:41:02.0588 4708 Winmgmt - ok
12:41:02.0729 4708 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:41:02.0822 4708 WinRM - ok
12:41:02.0885 4708 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:41:02.0932 4708 Wlansvc - ok
12:41:03.0134 4708 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:03.0166 4708 wlidsvc - ok
12:41:03.0181 4708 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:41:03.0197 4708 WmiAcpi - ok
12:41:03.0228 4708 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:41:03.0244 4708 wmiApSrv - ok
12:41:03.0322 4708 WMPNetworkSvc - ok
12:41:03.0368 4708 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:41:03.0400 4708 WPCSvc - ok
12:41:03.0431 4708 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:41:03.0446 4708 WPDBusEnum - ok
12:41:03.0478 4708 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:41:03.0524 4708 ws2ifsl - ok
12:41:03.0571 4708 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:41:03.0602 4708 wscsvc - ok
12:41:03.0602 4708 WSearch - ok
12:41:03.0712 4708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:41:03.0743 4708 wuauserv - ok
12:41:03.0774 4708 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:41:03.0821 4708 WudfPf - ok
12:41:03.0868 4708 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:41:03.0899 4708 wudfsvc - ok
12:41:03.0946 4708 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
12:41:03.0977 4708 WwanSvc - ok
12:41:03.0992 4708 ================ Scan global ===============================
12:41:04.0024 4708 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:41:04.0070 4708 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:41:04.0070 4708 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
12:41:04.0102 4708 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:41:04.0164 4708 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:41:04.0164 4708 [Global] - ok
12:41:04.0180 4708 ================ Scan MBR ==================================
12:41:04.0180 4708 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:41:04.0819 4708 \Device\Harddisk0\DR0 - ok
12:41:04.0819 4708 ================ Scan VBR ==================================
12:41:04.0866 4708 [ 386F482C6740AA8018F3C4233DE50813 ] \Device\Harddisk0\DR0\Partition1
12:41:04.0866 4708 \Device\Harddisk0\DR0\Partition1 - ok
12:41:04.0882 4708 [ 8129434A1BDC9C038608CF47CBB598AB ] \Device\Harddisk0\DR0\Partition2
12:41:04.0913 4708 \Device\Harddisk0\DR0\Partition2 - ok
12:41:04.0928 4708 [ A2167A3AAAA50DE073A02947DE8FA71C ] \Device\Harddisk0\DR0\Partition3
12:41:04.0928 4708 \Device\Harddisk0\DR0\Partition3 - ok
12:41:04.0960 4708 [ DC02BA7DB62A528D67DCAE605941CFB0 ] \Device\Harddisk0\DR0\Partition4
12:41:04.0991 4708 \Device\Harddisk0\DR0\Partition4 - ok
12:41:04.0991 4708 ================ Scan active images ========================
12:41:05.0006 4708 [ 02062C0B390B7729EDC9E69C680A6F3C ] C:\Windows\System32\drivers\atapi.sys
12:41:05.0006 4708 C:\Windows\System32\drivers\atapi.sys - ok
12:41:05.0006 4708 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
12:41:05.0006 4708 C:\Windows\System32\drivers\crashdmp.sys - ok
12:41:05.0006 4708 [ 839B5FE3D48E9F35B22C21A3D5103F6C ] C:\Windows\System32\drivers\Dumpata.sys
12:41:05.0006 4708 C:\Windows\System32\drivers\Dumpata.sys - ok
12:41:05.0006 4708 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
12:41:05.0006 4708 C:\Windows\System32\drivers\dumpfve.sys - ok
12:41:05.0022 4708 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\cdrom.sys - ok
12:41:05.0022 4708 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\null.sys - ok
12:41:05.0022 4708 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\afd.sys - ok
12:41:05.0022 4708 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\beep.sys - ok
12:41:05.0022 4708 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\msfs.sys - ok
12:41:05.0022 4708 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
12:41:05.0022 4708 C:\Windows\System32\drivers\npfs.sys - ok
12:41:05.0038 4708 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
12:41:05.0038 4708 C:\Windows\System32\drivers\RDPCDD.sys - ok
12:41:05.0038 4708 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
12:41:05.0038 4708 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:41:05.0038 4708 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
12:41:05.0038 4708 C:\Windows\System32\drivers\RDPREFMP.sys - ok
12:41:05.0038 4708 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
12:41:05.0038 4708 C:\Windows\System32\drivers\tdi.sys - ok
12:41:05.0038 4708 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
12:41:05.0038 4708 C:\Windows\System32\drivers\tdx.sys - ok
12:41:05.0053 4708 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
12:41:05.0053 4708 C:\Windows\System32\drivers\vga.sys - ok
12:41:05.0053 4708 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
12:41:05.0053 4708 C:\Windows\System32\drivers\videoprt.sys - ok
12:41:05.0053 4708 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
12:41:05.0053 4708 C:\Windows\System32\drivers\watchdog.sys - ok
12:41:05.0053 4708 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
12:41:05.0053 4708 C:\Windows\System32\drivers\netbt.sys - ok
12:41:05.0053 4708 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
12:41:05.0053 4708 C:\Windows\System32\drivers\netbios.sys - ok
12:41:05.0069 4708 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
12:41:05.0069 4708 C:\Windows\System32\drivers\pacer.sys - ok
12:41:05.0069 4708 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
12:41:05.0069 4708 C:\Windows\System32\drivers\wfplwf.sys - ok
12:41:05.0069 4708 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
12:41:05.0069 4708 C:\Windows\System32\drivers\ws2ifsl.sys - ok
12:41:05.0069 4708 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
12:41:05.0069 4708 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
12:41:05.0069 4708 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
12:41:05.0069 4708 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
12:41:05.0069 4708 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
12:41:05.0069 4708 C:\Windows\System32\drivers\rdbss.sys - ok
12:41:05.0084 4708 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
12:41:05.0084 4708 C:\Windows\System32\drivers\serial.sys - ok
12:41:05.0084 4708 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
12:41:05.0084 4708 C:\Windows\System32\drivers\termdd.sys - ok
12:41:05.0084 4708 [ ED492636EE26EC43DAA4BAA7EF0DA7AD ] C:\Windows\System32\drivers\VBoxDrv.sys
12:41:05.0084 4708 C:\Windows\System32\drivers\VBoxDrv.sys - ok
12:41:05.0084 4708 [ 99906A079A6C24D4B8B0DBED02B7869B ] C:\Windows\System32\drivers\VBoxUSBMon.sys
12:41:05.0084 4708 C:\Windows\System32\drivers\VBoxUSBMon.sys - ok
12:41:05.0084 4708 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
12:41:05.0084 4708 C:\Windows\System32\drivers\wanarp.sys - ok
12:41:05.0100 4708 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\discache.sys - ok
12:41:05.0100 4708 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\mssmbios.sys - ok
12:41:05.0100 4708 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:41:05.0100 4708 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\blbdrive.sys - ok
12:41:05.0100 4708 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\csc.sys - ok
12:41:05.0100 4708 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
12:41:05.0100 4708 C:\Windows\System32\drivers\dfsc.sys - ok
12:41:05.0116 4708 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
12:41:05.0116 4708 C:\Windows\System32\drivers\tunnel.sys - ok
12:41:05.0116 4708 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
12:41:05.0116 4708 C:\Windows\System32\ntdll.dll - ok
12:41:05.0116 4708 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
12:41:05.0116 4708 C:\Windows\System32\smss.exe - ok
12:41:05.0116 4708 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
12:41:05.0116 4708 C:\Windows\System32\autochk.exe - ok
12:41:05.0116 4708 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
12:41:05.0116 4708 C:\Windows\System32\drivers\nvlddmkm.sys - ok
12:41:05.0116 4708 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
12:41:05.0116 4708 C:\Windows\System32\drivers\dxgkrnl.sys - ok
12:41:05.0116 4708 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
12:41:05.0116 4708 C:\Windows\System32\drivers\dxgmms1.sys - ok
12:41:05.0116 4708 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
12:41:05.0116 4708 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:41:05.0131 4708 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\HECIx64.sys - ok
12:41:05.0131 4708 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\usbehci.sys - ok
12:41:05.0131 4708 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\usbport.sys - ok
12:41:05.0131 4708 [ 7BDEC000D56D485021D9C1E63C2F81CA ] C:\Windows\System32\drivers\nusb3xhc.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\nusb3xhc.sys - ok
12:41:05.0131 4708 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\usbd.sys - ok
12:41:05.0131 4708 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\parport.sys - ok
12:41:05.0131 4708 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] C:\Windows\System32\drivers\Rt64win7.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\Rt64win7.sys - ok
12:41:05.0131 4708 [ CB624C0035412AF0DEBEC78C41F5CA1B ] C:\Windows\System32\drivers\serenum.sys
12:41:05.0131 4708 C:\Windows\System32\drivers\serenum.sys - ok
12:41:05.0147 4708 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:41:05.0147 4708 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\intelppm.sys - ok
12:41:05.0147 4708 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\agilevpn.sys - ok
12:41:05.0147 4708 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\ndistapi.sys - ok
12:41:05.0147 4708 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:41:05.0147 4708 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\ndiswan.sys - ok
12:41:05.0147 4708 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\raspppoe.sys - ok
12:41:05.0147 4708 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\raspptp.sys - ok
12:41:05.0147 4708 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
12:41:05.0147 4708 C:\Windows\System32\drivers\rassstp.sys - ok
12:41:05.0162 4708 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\kbdclass.sys - ok
12:41:05.0162 4708 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\rdpbus.sys - ok
12:41:05.0162 4708 [ 58E2365E7FD880624F648C63C5D22009 ] C:\Windows\System32\drivers\VBoxNetAdp.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\VBoxNetAdp.sys - ok
12:41:05.0162 4708 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\mouclass.sys - ok
12:41:05.0162 4708 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\ks.sys - ok
12:41:05.0162 4708 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\swenum.sys - ok
12:41:05.0162 4708 [ 46571ED73AE84469DCA53081D33CF3C8 ] C:\Windows\System32\drivers\dtsoftbus01.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
12:41:05.0162 4708 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
12:41:05.0162 4708 C:\Windows\System32\drivers\umbus.sys - ok
12:41:05.0178 4708 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
12:41:05.0178 4708 C:\Windows\System32\drivers\usbhub.sys - ok
12:41:05.0178 4708 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
12:41:05.0178 4708 C:\Windows\System32\psapi.dll - ok
12:41:05.0178 4708 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
12:41:05.0178 4708 C:\Windows\System32\msctf.dll - ok
12:41:05.0178 4708 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
12:41:05.0178 4708 C:\Windows\System32\normaliz.dll - ok
12:41:05.0178 4708 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
12:41:05.0178 4708 C:\Windows\System32\ws2_32.dll - ok
12:41:05.0178 4708 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
12:41:05.0178 4708 C:\Windows\System32\setupapi.dll - ok
12:41:05.0178 4708 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
12:41:05.0178 4708 C:\Windows\System32\usp10.dll - ok
12:41:05.0178 4708 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] C:\Windows\System32\drivers\nusb3hub.sys
12:41:05.0178 4708 C:\Windows\System32\drivers\nusb3hub.sys - ok
12:41:05.0194 4708 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\ndproxy.sys - ok
12:41:05.0194 4708 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\drmk.sys - ok
12:41:05.0194 4708 [ 960E39A54E525DF58CB29193147DFFA1 ] C:\Windows\System32\drivers\nvhda64v.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\nvhda64v.sys - ok
12:41:05.0194 4708 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\portcls.sys - ok
12:41:05.0194 4708 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\ksthunk.sys - ok
12:41:05.0194 4708 [ 5F6A3EA5BD7CA861863A3A06CECC115C ] C:\Windows\System32\drivers\RTKVHD64.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\RTKVHD64.sys - ok
12:41:05.0194 4708 [ 8FF2D95CBA49B405C5DE27039FF0BF35 ] C:\Windows\System32\drivers\MBfilt64.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\MBfilt64.sys - ok
12:41:05.0194 4708 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
12:41:05.0194 4708 C:\Windows\System32\msvcrt.dll - ok
12:41:05.0194 4708 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
12:41:05.0194 4708 C:\Windows\System32\drivers\usbccgp.sys - ok
12:41:05.0209 4708 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
12:41:05.0209 4708 C:\Windows\System32\drivers\USBAUDIO.sys - ok
12:41:05.0209 4708 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
12:41:05.0209 4708 C:\Windows\System32\drivers\hidclass.sys - ok
12:41:05.0209 4708 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
12:41:05.0209 4708 C:\Windows\System32\drivers\hidparse.sys - ok
12:41:05.0209 4708 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
12:41:05.0209 4708 C:\Windows\System32\drivers\hidusb.sys - ok
12:41:05.0209 4708 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
12:41:05.0209 4708 C:\Windows\System32\oleaut32.dll - ok
12:41:05.0209 4708 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
12:41:05.0209 4708 C:\Windows\System32\advapi32.dll - ok
12:41:05.0209 4708 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
12:41:05.0209 4708 C:\Windows\System32\comdlg32.dll - ok
12:41:05.0225 4708 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
12:41:05.0225 4708 C:\Windows\System32\clbcatq.dll - ok
12:41:05.0225 4708 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
12:41:05.0225 4708 C:\Windows\System32\imagehlp.dll - ok
12:41:05.0225 4708 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
12:41:05.0225 4708 C:\Windows\System32\sechost.dll - ok
12:41:05.0225 4708 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
12:41:05.0225 4708 C:\Windows\System32\user32.dll - ok
12:41:05.0225 4708 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
12:41:05.0225 4708 C:\Windows\System32\iertutil.dll - ok
12:41:05.0225 4708 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
12:41:05.0225 4708 C:\Windows\System32\lpk.dll - ok
12:41:05.0225 4708 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
12:41:05.0225 4708 C:\Windows\System32\kernel32.dll - ok
12:41:05.0225 4708 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
12:41:05.0225 4708 C:\Windows\System32\nsi.dll - ok
12:41:05.0240 4708 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
12:41:05.0240 4708 C:\Windows\System32\ole32.dll - ok
12:41:05.0240 4708 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
12:41:05.0240 4708 C:\Windows\System32\shell32.dll - ok
12:41:05.0240 4708 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
12:41:05.0240 4708 C:\Windows\System32\urlmon.dll - ok
12:41:05.0240 4708 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
12:41:05.0240 4708 C:\Windows\System32\wininet.dll - ok
12:41:05.0240 4708 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
12:41:05.0240 4708 C:\Windows\System32\imm32.dll - ok
12:41:05.0240 4708 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
12:41:05.0240 4708 C:\Windows\System32\difxapi.dll - ok
12:41:05.0240 4708 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
12:41:05.0240 4708 C:\Windows\System32\shlwapi.dll - ok
12:41:05.0240 4708 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
12:41:05.0240 4708 C:\Windows\System32\Wldap32.dll - ok
12:41:05.0240 4708 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
12:41:05.0240 4708 C:\Windows\System32\gdi32.dll - ok
12:41:05.0256 4708 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
12:41:05.0256 4708 C:\Windows\System32\rpcrt4.dll - ok
12:41:05.0256 4708 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
12:41:05.0256 4708 C:\Windows\System32\KernelBase.dll - ok
12:41:05.0256 4708 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
12:41:05.0256 4708 C:\Windows\System32\drivers\kbdhid.sys - ok
12:41:05.0256 4708 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
12:41:05.0256 4708 C:\Windows\System32\crypt32.dll - ok
12:41:05.0256 4708 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
12:41:05.0256 4708 C:\Windows\System32\comctl32.dll - ok
12:41:05.0256 4708 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
12:41:05.0256 4708 C:\Windows\System32\wintrust.dll - ok
12:41:05.0256 4708 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
12:41:05.0256 4708 C:\Windows\System32\cfgmgr32.dll - ok
12:41:05.0256 4708 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
12:41:05.0256 4708 C:\Windows\System32\devobj.dll - ok
12:41:05.0272 4708 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
12:41:05.0272 4708 C:\Windows\System32\msasn1.dll - ok
12:41:05.0272 4708 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
12:41:05.0272 4708 C:\Windows\System32\drivers\mouhid.sys - ok
12:41:05.0272 4708 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
12:41:05.0272 4708 C:\Windows\SysWOW64\normaliz.dll - ok
12:41:05.0272 4708 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
12:41:05.0272 4708 C:\Windows\System32\drivers\dxapi.sys - ok
12:41:05.0272 4708 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
12:41:05.0272 4708 C:\Windows\System32\win32k.sys - ok
12:41:05.0272 4708 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
12:41:05.0272 4708 C:\Windows\System32\csrsrv.dll - ok
12:41:05.0272 4708 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
12:41:05.0272 4708 C:\Windows\System32\csrss.exe - ok
12:41:05.0272 4708 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
12:41:05.0272 4708 C:\Windows\System32\basesrv.dll - ok
12:41:05.0272 4708 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
12:41:05.0272 4708 C:\Windows\System32\winsrv.dll - ok
12:41:05.0287 4708 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
12:41:05.0287 4708 C:\Windows\System32\drivers\monitor.sys - ok
12:41:05.0287 4708 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
12:41:05.0287 4708 C:\Windows\System32\tsddd.dll - ok
12:41:05.0287 4708 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
12:41:05.0287 4708 C:\Windows\System32\sxssrv.dll - ok
12:41:05.0287 4708 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
12:41:05.0287 4708 C:\Windows\System32\wininit.exe - ok
12:41:05.0287 4708 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
12:41:05.0287 4708 C:\Windows\System32\profapi.dll - ok
12:41:05.0287 4708 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
12:41:05.0287 4708 C:\Windows\System32\RpcRtRemote.dll - ok
12:41:05.0287 4708 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
12:41:05.0287 4708 C:\Windows\System32\cdd.dll - ok
12:41:05.0303 4708 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
12:41:05.0303 4708 C:\Windows\System32\KBDUS.DLL - ok
12:41:05.0303 4708 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
12:41:05.0303 4708 C:\Windows\System32\winlogon.exe - ok
12:41:05.0303 4708 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
12:41:05.0303 4708 C:\Windows\System32\winsta.dll - ok
12:41:05.0303 4708 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
12:41:05.0303 4708 C:\Windows\System32\WlS0WndH.dll - ok
12:41:05.0303 4708 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
12:41:05.0303 4708 C:\Windows\System32\sxs.dll - ok
12:41:05.0303 4708 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
12:41:05.0303 4708 C:\Windows\System32\cryptbase.dll - ok
12:41:05.0303 4708 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
12:41:05.0303 4708 C:\Windows\System32\apphelp.dll - ok
12:41:05.0303 4708 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
12:41:05.0303 4708 C:\Windows\System32\lsass.exe - ok
12:41:05.0318 4708 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
12:41:05.0318 4708 C:\Windows\System32\services.exe - ok
12:41:05.0318 4708 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
12:41:05.0318 4708 C:\Windows\System32\scext.dll - ok
12:41:05.0318 4708 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
12:41:05.0318 4708 C:\Windows\System32\sspicli.dll - ok
12:41:05.0318 4708 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
12:41:05.0318 4708 C:\Windows\System32\secur32.dll - ok
12:41:05.0318 4708 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
12:41:05.0318 4708 C:\Windows\System32\lsm.exe - ok
12:41:05.0318 4708 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
12:41:05.0318 4708 C:\Windows\System32\sspisrv.dll - ok
12:41:05.0318 4708 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
12:41:05.0318 4708 C:\Windows\System32\sysntfy.dll - ok
12:41:05.0318 4708 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
12:41:05.0318 4708 C:\Windows\System32\wmsgapi.dll - ok
12:41:05.0334 4708 [ 685527DA09EBFB681E98C515978BDEE2 ] C:\Windows\System32\lsasrv.dll
12:41:05.0334 4708 C:\Windows\System32\lsasrv.dll - ok
12:41:05.0334 4708 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
12:41:05.0334 4708 C:\Windows\System32\scesrv.dll - ok
12:41:05.0334 4708 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
12:41:05.0334 4708 C:\Windows\System32\srvcli.dll - ok
12:41:05.0334 4708 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
12:41:05.0334 4708 C:\Windows\System32\samsrv.dll - ok
12:41:05.0334 4708 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
12:41:05.0334 4708 C:\Windows\System32\cryptdll.dll - ok
12:41:05.0334 4708 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
12:41:05.0334 4708 C:\Windows\System32\wevtapi.dll - ok
12:41:05.0334 4708 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
12:41:05.0334 4708 C:\Windows\System32\authz.dll - ok
12:41:05.0334 4708 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
12:41:05.0334 4708 C:\Windows\System32\cngaudit.dll - ok
12:41:05.0334 4708 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
12:41:05.0334 4708 C:\Windows\System32\bcrypt.dll - ok
12:41:05.0350 4708 [ 9B3718651DDE8A75FC4E8D6542A250D8 ] C:\Windows\System32\ncrypt.dll
12:41:05.0350 4708 C:\Windows\System32\ncrypt.dll - ok
12:41:05.0350 4708 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
12:41:05.0350 4708 C:\Windows\System32\msprivs.dll - ok
12:41:05.0350 4708 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
12:41:05.0350 4708 C:\Windows\System32\netjoin.dll - ok
12:41:05.0350 4708 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
12:41:05.0350 4708 C:\Windows\System32\kerberos.dll - ok
12:41:05.0350 4708 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
12:41:05.0350 4708 C:\Windows\System32\negoexts.dll - ok
12:41:05.0350 4708 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
12:41:05.0350 4708 C:\Windows\System32\atmfd.dll - ok
12:41:05.0350 4708 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
12:41:05.0350 4708 C:\Windows\System32\cryptsp.dll - ok
12:41:05.0350 4708 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
12:41:05.0350 4708 C:\Windows\System32\mswsock.dll - ok
12:41:05.0365 4708 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
12:41:05.0365 4708 C:\Windows\System32\wship6.dll - ok
12:41:05.0365 4708 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
12:41:05.0365 4708 C:\Windows\System32\msv1_0.dll - ok
12:41:05.0365 4708 [ E1748D04AE40118B62BC18AC86032192 ] C:\Windows\System32\drivers\tsusbhub.sys
12:41:05.0365 4708 C:\Windows\System32\drivers\tsusbhub.sys - ok
12:41:05.0365 4708 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
12:41:05.0365 4708 C:\Windows\System32\netlogon.dll - ok
12:41:05.0365 4708 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
12:41:05.0365 4708 C:\Windows\System32\dnsapi.dll - ok
12:41:05.0365 4708 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
12:41:05.0365 4708 C:\Windows\System32\logoncli.dll - ok
12:41:05.0365 4708 [ B7D42CB36C08FA017E73FF2433CD7287 ] C:\Windows\System32\schannel.dll
12:41:05.0365 4708 C:\Windows\System32\schannel.dll - ok
12:41:05.0365 4708 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
12:41:05.0365 4708 C:\Windows\System32\wdigest.dll - ok
12:41:05.0381 4708 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
12:41:05.0381 4708 C:\Windows\System32\rsaenh.dll - ok
12:41:05.0381 4708 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
12:41:05.0381 4708 C:\Windows\System32\TSpkg.dll - ok
12:41:05.0381 4708 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
12:41:05.0381 4708 C:\Windows\System32\pku2u.dll - ok
12:41:05.0381 4708 [ 94AA2DFFF94DF789AAA0081333A6CADA ] C:\Windows\System32\LIVESSP.DLL
12:41:05.0381 4708 C:\Windows\System32\LIVESSP.DLL - ok
12:41:05.0381 4708 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
12:41:05.0381 4708 C:\Windows\System32\bcryptprimitives.dll - ok
12:41:05.0381 4708 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
12:41:05.0381 4708 C:\Windows\System32\credssp.dll - ok
12:41:05.0381 4708 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
12:41:05.0381 4708 C:\Windows\System32\efslsaext.dll - ok
12:41:05.0381 4708 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
12:41:05.0381 4708 C:\Windows\System32\scecli.dll - ok
12:41:05.0381 4708 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
12:41:05.0396 4708 C:\Windows\System32\ubpm.dll - ok
12:41:05.0396 4708 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
12:41:05.0396 4708 C:\Windows\System32\svchost.exe - ok
12:41:05.0396 4708 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
12:41:05.0396 4708 C:\Windows\System32\umpnpmgr.dll - ok
12:41:05.0396 4708 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
12:41:05.0396 4708 C:\Windows\System32\SPInf.dll - ok
12:41:05.0396 4708 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
12:41:05.0396 4708 C:\Windows\System32\devrtl.dll - ok
12:41:05.0396 4708 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
12:41:05.0396 4708 C:\Windows\System32\userenv.dll - ok
12:41:05.0396 4708 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
12:41:05.0396 4708 C:\Windows\System32\gpapi.dll - ok
12:41:05.0396 4708 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
12:41:05.0396 4708 C:\Windows\System32\umpo.dll - ok
12:41:05.0396 4708 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
12:41:05.0396 4708 C:\Windows\System32\pcwum.dll - ok
12:41:05.0412 4708 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
12:41:05.0412 4708 C:\Windows\System32\powrprof.dll - ok
12:41:05.0412 4708 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
12:41:05.0412 4708 C:\Windows\System32\drivers\luafv.sys - ok
12:41:05.0412 4708 [ B9FC4CCE5758B816F27DD4D1EED11841 ] C:\Windows\System32\drivers\mbam.sys
12:41:05.0412 4708 C:\Windows\System32\drivers\mbam.sys - ok
12:41:05.0412 4708 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] C:\Windows\System32\nvvsvc.exe
12:41:05.0412 4708 C:\Windows\System32\nvvsvc.exe - ok
12:41:05.0412 4708 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
12:41:05.0412 4708 C:\Windows\System32\wtsapi32.dll - ok
12:41:05.0412 4708 [ FC0A58529A02B1EED55DDC58696B7908 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:41:05.0412 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
12:41:05.0412 4708 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
12:41:05.0412 4708 C:\Windows\SysWOW64\ntdll.dll - ok
12:41:05.0412 4708 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
12:41:05.0412 4708 C:\Windows\System32\wow64.dll - ok
12:41:05.0428 4708 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
12:41:05.0428 4708 C:\Windows\System32\wow64cpu.dll - ok
12:41:05.0428 4708 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
12:41:05.0428 4708 C:\Windows\System32\wow64win.dll - ok
12:41:05.0428 4708 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\kernel32.dll - ok
12:41:05.0428 4708 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\KernelBase.dll - ok
12:41:05.0428 4708 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\msvcrt.dll - ok
12:41:05.0428 4708 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\version.dll - ok
12:41:05.0428 4708 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\setupapi.dll - ok
12:41:05.0428 4708 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:41:05.0428 4708 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
12:41:05.0428 4708 C:\Windows\SysWOW64\rpcrt4.dll - ok
12:41:05.0443 4708 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\advapi32.dll - ok
12:41:05.0443 4708 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\cryptbase.dll - ok
12:41:05.0443 4708 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\gdi32.dll - ok
12:41:05.0443 4708 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\sechost.dll - ok
12:41:05.0443 4708 [ BFB26890612FB8AE8B0463EBEBE84B7E ] C:\Windows\SysWOW64\sspicli.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\sspicli.dll - ok
12:41:05.0443 4708 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\user32.dll - ok
12:41:05.0443 4708 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\lpk.dll - ok
12:41:05.0443 4708 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
12:41:05.0443 4708 C:\Windows\SysWOW64\oleaut32.dll - ok
12:41:05.0459 4708 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
12:41:05.0459 4708 C:\Windows\SysWOW64\usp10.dll - ok
12:41:05.0459 4708 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
12:41:05.0459 4708 C:\Windows\SysWOW64\ole32.dll - ok
12:41:05.0459 4708 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
12:41:05.0459 4708 C:\Windows\SysWOW64\devobj.dll - ok
12:41:05.0459 4708 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
12:41:05.0459 4708 C:\Windows\SysWOW64\imm32.dll - ok
12:41:05.0459 4708 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
12:41:05.0459 4708 C:\Windows\SysWOW64\winspool.drv - ok
12:41:05.0459 4708 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
12:41:05.0459 4708 C:\Windows\SysWOW64\msctf.dll - ok
12:41:05.0459 4708 [ F36021CB57F049C0F0F65179C45A9154 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
12:41:05.0459 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
12:41:05.0459 4708 [ 56BA19679504A030AC37C0FCDCCB4E4C ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
12:41:05.0459 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
12:41:05.0474 4708 [ 297EE9C666FC8BB96A232DB0DDBA1E49 ] C:\Windows\System32\drivers\uxpatch.sys
12:41:05.0474 4708 C:\Windows\System32\drivers\uxpatch.sys - ok
12:41:05.0474 4708 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
12:41:05.0474 4708 C:\Windows\System32\RpcEpMap.dll - ok
12:41:05.0474 4708 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
12:41:05.0474 4708 C:\Windows\System32\rpcss.dll - ok
12:41:05.0474 4708 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
12:41:05.0474 4708 C:\Windows\SysWOW64\crypt32.dll - ok
12:41:05.0474 4708 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
12:41:05.0474 4708 C:\Windows\SysWOW64\wintrust.dll - ok
12:41:05.0474 4708 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
12:41:05.0474 4708 C:\Windows\System32\WSHTCPIP.DLL - ok
12:41:05.0474 4708 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
12:41:05.0474 4708 C:\Windows\SysWOW64\msasn1.dll - ok
12:41:05.0474 4708 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
12:41:05.0474 4708 C:\Windows\SysWOW64\ntmarta.dll - ok
12:41:05.0474 4708 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
12:41:05.0474 4708 C:\Windows\SysWOW64\Wldap32.dll - ok
12:41:05.0490 4708 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
12:41:05.0490 4708 C:\Windows\System32\wshqos.dll - ok
12:41:05.0490 4708 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
12:41:05.0490 4708 C:\Windows\System32\FirewallAPI.dll - ok
12:41:05.0490 4708 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
12:41:05.0490 4708 C:\Windows\System32\LogonUI.exe - ok
12:41:05.0490 4708 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
12:41:05.0490 4708 C:\Windows\System32\version.dll - ok
12:41:05.0490 4708 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
12:41:05.0490 4708 C:\Windows\System32\wevtsvc.dll - ok
12:41:05.0490 4708 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
12:41:05.0490 4708 C:\Windows\SysWOW64\devrtl.dll - ok
12:41:05.0490 4708 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\SysWOW64\SPInf.dll
12:41:05.0490 4708 C:\Windows\SysWOW64\SPInf.dll - ok
12:41:05.0506 4708 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
12:41:05.0506 4708 C:\Windows\System32\authui.dll - ok
12:41:05.0506 4708 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
12:41:05.0506 4708 C:\Windows\System32\audiosrv.dll - ok
12:41:05.0506 4708 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
12:41:05.0506 4708 C:\Windows\System32\avrt.dll - ok
12:41:05.0506 4708 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
12:41:05.0506 4708 C:\Windows\System32\mmcss.dll - ok
12:41:05.0506 4708 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
12:41:05.0506 4708 C:\Windows\System32\dhcpcore6.dll - ok
12:41:05.0506 4708 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
12:41:05.0506 4708 C:\Windows\System32\cryptui.dll - ok
12:41:05.0506 4708 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:41:05.0506 4708 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:41:05.0506 4708 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
12:41:05.0506 4708 C:\Windows\System32\samlib.dll - ok
12:41:05.0506 4708 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
12:41:05.0506 4708 C:\Windows\System32\shacct.dll - ok
12:41:05.0521 4708 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
12:41:05.0521 4708 C:\Windows\System32\propsys.dll - ok
12:41:05.0521 4708 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
12:41:05.0521 4708 C:\Windows\System32\uxtheme.dll - ok
12:41:05.0521 4708 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
12:41:05.0521 4708 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
12:41:05.0521 4708 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
12:41:05.0521 4708 C:\Windows\System32\dui70.dll - ok
12:41:05.0521 4708 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
12:41:05.0521 4708 C:\Windows\System32\duser.dll - ok
12:41:05.0521 4708 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
12:41:05.0521 4708 C:\Windows\System32\SndVolSSO.dll - ok
12:41:05.0521 4708 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
12:41:05.0521 4708 C:\Windows\System32\hid.dll - ok
12:41:05.0521 4708 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
12:41:05.0521 4708 C:\Windows\System32\MMDevAPI.dll - ok
12:41:05.0537 4708 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
12:41:05.0537 4708 C:\Windows\System32\dwmapi.dll - ok
12:41:05.0537 4708 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
12:41:05.0537 4708 C:\Windows\System32\xmllite.dll - ok
12:41:05.0537 4708 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
12:41:05.0537 4708 C:\Windows\System32\WindowsCodecs.dll - ok
12:41:05.0537 4708 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
12:41:05.0537 4708 C:\Windows\System32\winbrand.dll - ok
12:41:05.0537 4708 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
12:41:05.0537 4708 C:\Windows\System32\VaultCredProvider.dll - ok
12:41:05.0537 4708 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:41:05.0537 4708 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:41:05.0537 4708 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
12:41:05.0537 4708 C:\Windows\System32\BioCredProv.dll - ok
12:41:05.0537 4708 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
12:41:05.0552 4708 C:\Windows\System32\winbio.dll - ok
12:41:05.0552 4708 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
12:41:05.0552 4708 C:\Windows\System32\credui.dll - ok
12:41:05.0552 4708 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
12:41:05.0552 4708 C:\Windows\System32\netapi32.dll - ok
12:41:05.0552 4708 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
12:41:05.0552 4708 C:\Windows\System32\vaultcli.dll - ok
12:41:05.0552 4708 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
12:41:05.0552 4708 C:\Windows\System32\netutils.dll - ok
12:41:05.0552 4708 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
12:41:05.0552 4708 C:\Windows\System32\wkscli.dll - ok
12:41:05.0552 4708 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
12:41:05.0552 4708 C:\Windows\System32\samcli.dll - ok
12:41:05.0552 4708 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
12:41:05.0552 4708 C:\Windows\System32\certCredProvider.dll - ok
12:41:05.0568 4708 [ 1ECB3FFBF22B8A7C958CCF8F96119FC0 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
12:41:05.0568 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
12:41:05.0568 4708 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
12:41:05.0568 4708 C:\Windows\System32\rasapi32.dll - ok
12:41:05.0568 4708 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
12:41:05.0568 4708 C:\Windows\System32\rasplap.dll - ok
12:41:05.0568 4708 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
12:41:05.0568 4708 C:\Windows\System32\rasman.dll - ok
12:41:05.0568 4708 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
12:41:05.0568 4708 C:\Windows\System32\rtutils.dll - ok
12:41:05.0568 4708 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
12:41:05.0568 4708 C:\Windows\System32\ntmarta.dll - ok
12:41:05.0568 4708 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
12:41:05.0568 4708 C:\Windows\System32\profsvc.dll - ok
12:41:05.0568 4708 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
12:41:05.0568 4708 C:\Windows\System32\dhcpcore.dll - ok

12:41:05.0568 4708 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
12:41:05.0568 4708 C:\Windows\System32\oleacc.dll - ok
12:41:05.0584 4708 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
12:41:05.0584 4708 C:\Windows\System32\UIAutomationCore.dll - ok
12:41:05.0584 4708 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
12:41:05.0584 4708 C:\Windows\System32\adtschema.dll - ok
12:41:05.0584 4708 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
12:41:05.0584 4708 C:\Windows\System32\netprofm.dll - ok
12:41:05.0584 4708 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
12:41:05.0584 4708 C:\Windows\System32\radardt.dll - ok
12:41:05.0584 4708 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
12:41:05.0584 4708 C:\Windows\System32\MPSSVC.dll - ok
12:41:05.0584 4708 [ 8F387A1CC015A3F5020700C657A0FC85 ] C:\Windows\UnsignedThemesSvc.exe
12:41:05.0584 4708 C:\Windows\UnsignedThemesSvc.exe - ok
12:41:05.0584 4708 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
12:41:05.0584 4708 C:\Windows\System32\dbghelp.dll - ok
12:41:05.0584 4708 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:41:05.0584 4708 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:41:05.0599 4708 [ FE05D03B73000CFF476E1D29109F3A84 ] C:\Program Files\Windows Defender\MpEvMsg.dll
12:41:05.0599 4708 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
12:41:05.0599 4708 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
12:41:05.0599 4708 C:\Windows\System32\drivers\fltMgr.sys - ok
12:41:05.0599 4708 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:41:05.0599 4708 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:41:05.0599 4708 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
12:41:05.0599 4708 C:\Windows\System32\PSHED.DLL - ok
12:41:05.0599 4708 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
12:41:05.0599 4708 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
12:41:05.0599 4708 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
12:41:05.0599 4708 C:\Windows\System32\audiodg.exe - ok
12:41:05.0599 4708 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
12:41:05.0599 4708 C:\Windows\System32\themeservice.dll - ok
12:41:05.0599 4708 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
12:41:05.0599 4708 C:\Windows\System32\themeui.dll - ok
12:41:05.0615 4708 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
12:41:05.0615 4708 C:\Windows\System32\cscsvc.dll - ok
12:41:05.0615 4708 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
12:41:05.0615 4708 C:\Windows\System32\slc.dll - ok
12:41:05.0615 4708 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
12:41:05.0615 4708 C:\Windows\System32\atl.dll - ok
12:41:05.0615 4708 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
12:41:05.0615 4708 C:\Windows\System32\PeerDist.dll - ok
12:41:05.0615 4708 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
12:41:05.0615 4708 C:\Windows\System32\es.dll - ok
12:41:05.0615 4708 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
12:41:05.0615 4708 C:\Windows\System32\comres.dll - ok
12:41:05.0615 4708 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
12:41:05.0615 4708 C:\Windows\System32\Sens.dll - ok
12:41:05.0615 4708 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
12:41:05.0615 4708 C:\Windows\System32\gpsvc.dll - ok
12:41:05.0630 4708 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
12:41:05.0630 4708 C:\Windows\System32\winmm.dll - ok
12:41:05.0630 4708 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
12:41:05.0630 4708 C:\Windows\System32\dsrole.dll - ok
12:41:05.0630 4708 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
12:41:05.0630 4708 C:\Windows\System32\nlaapi.dll - ok
12:41:05.0630 4708 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
12:41:05.0630 4708 C:\Windows\System32\taskschd.dll - ok
12:41:05.0630 4708 [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
12:41:05.0630 4708 C:\Windows\System32\mstask.dll - ok
12:41:05.0630 4708 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
12:41:05.0630 4708 C:\Windows\System32\drivers\lltdio.sys - ok
12:41:05.0630 4708 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
12:41:05.0630 4708 C:\Windows\System32\uxsms.dll - ok
12:41:05.0630 4708 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
12:41:05.0630 4708 C:\Windows\System32\dhcpcsvc6.dll - ok
12:41:05.0646 4708 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
12:41:05.0646 4708 C:\Windows\System32\dnsrslvr.dll - ok
12:41:05.0646 4708 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
12:41:05.0646 4708 C:\Windows\System32\drivers\rspndr.sys - ok
12:41:05.0646 4708 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
12:41:05.0646 4708 C:\Windows\System32\FWPUCLNT.DLL - ok
12:41:05.0646 4708 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
12:41:05.0646 4708 C:\Windows\System32\IPHLPAPI.DLL - ok
12:41:05.0646 4708 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
12:41:05.0646 4708 C:\Windows\System32\lmhsvc.dll - ok
12:41:05.0646 4708 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
12:41:05.0646 4708 C:\Windows\System32\nrpsrv.dll - ok
12:41:05.0646 4708 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
12:41:05.0646 4708 C:\Windows\System32\nsisvc.dll - ok
12:41:05.0646 4708 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
12:41:05.0646 4708 C:\Windows\System32\winnsi.dll - ok
12:41:05.0646 4708 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
12:41:05.0646 4708 C:\Windows\System32\dnsext.dll - ok
12:41:05.0662 4708 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
12:41:05.0662 4708 C:\Windows\System32\shsvcs.dll - ok
12:41:05.0662 4708 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
12:41:05.0662 4708 C:\Windows\System32\schedsvc.dll - ok
12:41:05.0662 4708 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
12:41:05.0662 4708 C:\Windows\System32\wdmaud.drv - ok
12:41:05.0662 4708 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
12:41:05.0662 4708 C:\Windows\System32\ksuser.dll - ok
12:41:05.0662 4708 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
12:41:05.0662 4708 C:\Windows\System32\UXInit.dll - ok
12:41:05.0662 4708 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
12:41:05.0662 4708 C:\Windows\System32\dhcpcsvc.dll - ok
12:41:05.0662 4708 [ DF3E3167B03804F32AD274C33F77B308 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
12:41:05.0662 4708 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
12:41:05.0662 4708 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
12:41:05.0662 4708 C:\Windows\System32\ktmw32.dll - ok
12:41:05.0677 4708 [ 4CE5C4F80620D6DBBB054003EAD71F95 ] C:\Windows\System32\nvsvc64.dll
12:41:05.0677 4708 C:\Windows\System32\nvsvc64.dll - ok
12:41:05.0677 4708 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
12:41:05.0677 4708 C:\Windows\System32\mscms.dll - ok
12:41:05.0677 4708 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
12:41:05.0677 4708 C:\Windows\System32\msimg32.dll - ok
12:41:05.0677 4708 [ E6E9DC01812ABA16DBAE5EFA4EF63E57 ] C:\Windows\System32\nvapi64.dll
12:41:05.0677 4708 C:\Windows\System32\nvapi64.dll - ok
12:41:05.0677 4708 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
12:41:05.0677 4708 C:\Windows\System32\AudioSes.dll - ok
12:41:05.0677 4708 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
12:41:05.0677 4708 C:\Windows\System32\msacm32.dll - ok
12:41:05.0677 4708 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
12:41:05.0677 4708 C:\Windows\System32\msacm32.drv - ok
12:41:05.0677 4708 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
12:41:05.0677 4708 C:\Windows\System32\midimap.dll - ok
12:41:05.0677 4708 [ 11205381BBBF98F0CA1C672056808B8F ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
12:41:05.0677 4708 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
12:41:05.0693 4708 [ D7CA52F89A7F4520610FF3682F0E42EE ] C:\Windows\System32\nvsvcr.dll
12:41:05.0693 4708 C:\Windows\System32\nvsvcr.dll - ok
12:41:05.0693 4708 [ 40965B72A0A33DDB8423B85F93E4C136 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
12:41:05.0693 4708 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
12:41:05.0693 4708 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
12:41:05.0693 4708 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
12:41:05.0693 4708 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
12:41:05.0693 4708 C:\Windows\System32\winspool.drv - ok
12:41:05.0693 4708 [ C946428303FDBD85D6F17C9F104938D7 ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
12:41:05.0693 4708 C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
12:41:05.0693 4708 [ 47B8B745BFE0A0CB70120C8D08E2492F ] C:\Windows\System32\nvumdshimx.dll
12:41:05.0693 4708 C:\Windows\System32\nvumdshimx.dll - ok
12:41:05.0693 4708 [ C765A8406048E3094501ED8F17BFA4D6 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
12:41:05.0693 4708 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
12:41:05.0708 4708 [ 3B3DE5C189F896A7961A12BA74851BCB ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
12:41:05.0708 4708 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
12:41:05.0708 4708 [ BC2A18841494B3756894627FF279C65E ] C:\Windows\System32\nvcpl.dll
12:41:05.0708 4708 C:\Windows\System32\nvcpl.dll - ok
12:41:05.0708 4708 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
12:41:05.0708 4708 C:\Windows\System32\fveapi.dll - ok
12:41:05.0708 4708 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
12:41:05.0708 4708 C:\Windows\System32\fvecerts.dll - ok
12:41:05.0708 4708 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
12:41:05.0708 4708 C:\Windows\System32\tbs.dll - ok
12:41:05.0708 4708 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
12:41:05.0708 4708 C:\Windows\System32\taskcomp.dll - ok
12:41:05.0708 4708 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
12:41:05.0708 4708 C:\Windows\System32\imageres.dll - ok
12:41:05.0708 4708 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
12:41:05.0708 4708 C:\Windows\System32\wiarpc.dll - ok
12:41:05.0708 4708 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
12:41:05.0708 4708 C:\Windows\System32\drivers\http.sys - ok
12:41:05.0724 4708 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
12:41:05.0724 4708 C:\Windows\System32\spoolsv.exe - ok
12:41:05.0724 4708 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
12:41:05.0724 4708 C:\Windows\System32\BFE.DLL - ok
12:41:05.0724 4708 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
12:41:05.0724 4708 C:\Windows\System32\drivers\bowser.sys - ok
12:41:05.0724 4708 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
12:41:05.0724 4708 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:41:05.0724 4708 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
12:41:05.0724 4708 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:41:05.0724 4708 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
12:41:05.0724 4708 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:41:05.0724 4708 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
12:41:05.0724 4708 C:\Windows\System32\wfapigp.dll - ok
12:41:05.0724 4708 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
12:41:05.0724 4708 C:\Windows\System32\taskeng.exe - ok
12:41:05.0740 4708 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
12:41:05.0740 4708 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
12:41:05.0740 4708 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
12:41:05.0740 4708 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:41:05.0740 4708 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
12:41:05.0740 4708 C:\Windows\System32\pcasvc.dll - ok
12:41:05.0740 4708 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
12:41:05.0740 4708 C:\Windows\System32\rundll32.exe - ok
12:41:05.0740 4708 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
12:41:05.0740 4708 C:\Windows\System32\TSChannel.dll - ok
12:41:05.0740 4708 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
12:41:05.0740 4708 C:\Windows\System32\wkssvc.dll - ok
12:41:05.0740 4708 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
12:41:05.0740 4708 C:\Windows\System32\snmptrap.exe - ok
12:41:05.0740 4708 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
12:41:05.0740 4708 C:\Windows\System32\sstpsvc.dll - ok
12:41:05.0740 4708 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
12:41:05.0740 4708 C:\Windows\System32\provsvc.dll - ok
12:41:05.0755 4708 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
12:41:05.0755 4708 C:\Windows\System32\AudioEng.dll - ok
12:41:05.0755 4708 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
12:41:05.0755 4708 C:\Windows\System32\AUDIOKSE.dll - ok
12:41:05.0755 4708 [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
12:41:05.0755 4708 C:\Windows\System32\WMALFXGFXDSP.dll - ok
12:41:05.0755 4708 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
12:41:05.0755 4708 C:\Windows\System32\mfplat.dll - ok
12:41:05.0755 4708 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
12:41:05.0755 4708 C:\Windows\System32\PeerDistSh.dll - ok
12:41:05.0755 4708 [ E9A0777DCA9148157E0EF9B71D7DE353 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:41:05.0755 4708 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:41:05.0755 4708 [ ADC420616C501B45D26C0FD3EF1E54E4 ] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
12:41:05.0755 4708 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe - ok
12:41:05.0755 4708 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
12:41:05.0755 4708 C:\Windows\SysWOW64\shlwapi.dll - ok
12:41:05.0771 4708 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\shell32.dll - ok
12:41:05.0771 4708 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\profapi.dll - ok
12:41:05.0771 4708 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\psapi.dll - ok
12:41:05.0771 4708 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\userenv.dll - ok
12:41:05.0771 4708 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:41:05.0771 4708 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
12:41:05.0771 4708 [ 7548C242D95CBFF76908360AD629C09F ] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
12:41:05.0771 4708 C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll - ok
12:41:05.0771 4708 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\urlmon.dll - ok
12:41:05.0771 4708 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\iertutil.dll - ok
12:41:05.0771 4708 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
12:41:05.0771 4708 C:\Windows\SysWOW64\wininet.dll - ok
12:41:05.0786 4708 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
12:41:05.0786 4708 C:\Windows\SysWOW64\msi.dll - ok
12:41:05.0786 4708 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
12:41:05.0786 4708 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
12:41:05.0786 4708 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
12:41:05.0786 4708 C:\Windows\System32\cryptsvc.dll - ok
12:41:05.0786 4708 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
12:41:05.0786 4708 C:\Windows\System32\dps.dll - ok
12:41:05.0786 4708 [ 76355D5EAFDFA3E9B7580B9153DE1F30 ] C:\Windows\System32\drivers\cpuz135_x64.sys
12:41:05.0786 4708 C:\Windows\System32\drivers\cpuz135_x64.sys - ok
12:41:05.0786 4708 [ 0DCF16B1449811EFA47AB52CAC84093C ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:41:05.0786 4708 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
12:41:05.0786 4708 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
12:41:05.0786 4708 C:\Windows\System32\cryptnet.dll - ok
12:41:05.0786 4708 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
12:41:05.0786 4708 C:\Windows\System32\FDResPub.dll - ok
12:41:05.0802 4708 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
12:41:05.0802 4708 C:\Windows\System32\IKEEXT.DLL - ok
12:41:05.0802 4708 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
12:41:05.0802 4708 C:\Windows\System32\vssapi.dll - ok
12:41:05.0802 4708 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
12:41:05.0802 4708 C:\Windows\System32\WSDApi.dll - ok
12:41:05.0802 4708 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
12:41:05.0802 4708 C:\Windows\System32\webservices.dll - ok
12:41:05.0802 4708 [ 923BB61D913C37EAB1570F236CCDCE41 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
12:41:05.0802 4708 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
12:41:05.0802 4708 [ AEBDB652D9273AD61E10C5D8F51C86FB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
12:41:05.0802 4708 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
12:41:05.0802 4708 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
12:41:05.0802 4708 C:\Windows\System32\fundisc.dll - ok
12:41:05.0802 4708 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
12:41:05.0802 4708 C:\Windows\System32\vsstrace.dll - ok
12:41:05.0818 4708 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:41:05.0818 4708 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:41:05.0818 4708 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\nsi.dll - ok
12:41:05.0818 4708 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\winnsi.dll - ok
12:41:05.0818 4708 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\ws2_32.dll - ok
12:41:05.0818 4708 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\wtsapi32.dll - ok
12:41:05.0818 4708 [ 9EAABA4D601004BEA4DAA6E146E19A96 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:41:05.0818 4708 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
12:41:05.0818 4708 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\cryptsp.dll - ok
12:41:05.0818 4708 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
12:41:05.0818 4708 C:\Windows\SysWOW64\rsaenh.dll - ok
12:41:05.0833 4708 [ 420E9BF21339F51B31DF4194D5A0E12E ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
12:41:05.0833 4708 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
12:41:05.0833 4708 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
12:41:05.0833 4708 C:\Windows\System32\ncsi.dll - ok
12:41:05.0833 4708 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
12:41:05.0833 4708 C:\Windows\System32\netman.dll - ok
12:41:05.0833 4708 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
12:41:05.0833 4708 C:\Windows\System32\nlasvc.dll - ok
12:41:05.0833 4708 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
12:41:05.0833 4708 C:\Windows\System32\winhttp.dll - ok
12:41:05.0833 4708 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
12:41:05.0833 4708 C:\Windows\SysWOW64\mpr.dll - ok
12:41:05.0833 4708 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
12:41:05.0833 4708 C:\Windows\System32\webio.dll - ok
12:41:05.0833 4708 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
12:41:05.0833 4708 C:\Windows\System32\aepic.dll - ok
12:41:05.0849 4708 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
12:41:05.0849 4708 C:\Windows\System32\drivers\PEAuth.sys - ok
12:41:05.0849 4708 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
12:41:05.0849 4708 C:\Windows\System32\sfc.dll - ok
12:41:05.0849 4708 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
12:41:05.0849 4708 C:\Windows\System32\sfc_os.dll - ok
12:41:05.0849 4708 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
12:41:05.0849 4708 C:\Windows\System32\drivers\secdrv.sys - ok
12:41:05.0849 4708 [ 183F04C6742902F33039913A96F5B574 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
12:41:05.0849 4708 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
12:41:05.0849 4708 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
12:41:05.0849 4708 C:\Windows\System32\httpapi.dll - ok
12:41:05.0849 4708 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
12:41:05.0849 4708 C:\Windows\System32\msxml6.dll - ok
12:41:05.0849 4708 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
12:41:05.0849 4708 C:\Windows\System32\ssdpapi.dll - ok
12:41:05.0864 4708 [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
12:41:05.0864 4708 C:\Windows\System32\seclogon.dll - ok
12:41:05.0864 4708 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
12:41:05.0864 4708 C:\Windows\System32\vpnikeapi.dll - ok
12:41:05.0864 4708 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
12:41:05.0864 4708 C:\Windows\System32\aeevts.dll - ok
12:41:05.0864 4708 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
12:41:05.0864 4708 C:\Windows\SysWOW64\winhttp.dll - ok
12:41:05.0864 4708 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
12:41:05.0864 4708 C:\Windows\SysWOW64\webio.dll - ok
12:41:05.0864 4708 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
12:41:05.0864 4708 C:\Windows\SysWOW64\clbcatq.dll - ok
12:41:05.0864 4708 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:41:05.0864 4708 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:41:05.0864 4708 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] C:\Program Files (x86)\Skype\Updater\Updater.exe
12:41:05.0864 4708 C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
12:41:05.0864 4708 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
12:41:05.0864 4708 C:\Windows\System32\drivers\srvnet.sys - ok
12:41:05.0880 4708 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
12:41:05.0880 4708 C:\Windows\System32\sysmain.dll - ok
12:41:05.0880 4708 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
12:41:05.0880 4708 C:\Windows\System32\tapisrv.dll - ok
12:41:05.0880 4708 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
12:41:05.0880 4708 C:\Windows\System32\drivers\tcpipreg.sys - ok
12:41:05.0880 4708 [ 357CABBF155AFD1D3926E62539D2A3A7 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:41:05.0880 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
12:41:05.0880 4708 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
12:41:05.0880 4708 C:\Windows\System32\trkwks.dll - ok
12:41:05.0880 4708 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
12:41:05.0880 4708 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:41:05.0880 4708 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
12:41:05.0880 4708 C:\Program Files\Windows Defender\MpSvc.dll - ok
12:41:05.0880 4708 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
12:41:05.0880 4708 C:\Program Files\Windows Defender\MpClient.dll - ok
12:41:05.0896 4708 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
12:41:05.0896 4708 C:\Windows\System32\SensApi.dll - ok
12:41:05.0896 4708 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
12:41:05.0896 4708 C:\Windows\System32\esent.dll - ok
12:41:05.0896 4708 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
12:41:05.0896 4708 C:\Windows\System32\wbemcomn.dll - ok
12:41:05.0896 4708 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
12:41:05.0896 4708 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:41:05.0896 4708 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
12:41:05.0896 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
12:41:05.0896 4708 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
12:41:05.0896 4708 C:\Windows\System32\wer.dll - ok
12:41:05.0896 4708 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
12:41:05.0896 4708 C:\Windows\System32\WinSCard.dll - ok
12:41:05.0896 4708 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
12:41:05.0896 4708 C:\Windows\System32\iphlpsvc.dll - ok
12:41:05.0911 4708 [ 4FDFA3F219692D17011BF1B428857C1E ] C:\Program Files\Windows Defender\MpRTP.dll
12:41:05.0911 4708 C:\Program Files\Windows Defender\MpRTP.dll - ok
12:41:05.0911 4708 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
12:41:05.0911 4708 C:\Windows\System32\tdh.dll - ok
12:41:05.0911 4708 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpengine.dll
12:41:05.0911 4708 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpengine.dll - ok
12:41:05.0911 4708 [ B144A2223EF11ED42310124A7839258E ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpasbase.vdm
12:41:05.0911 4708 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpasbase.vdm - ok
12:41:05.0911 4708 [ 3AD3754D21038807238B96C455DFE165 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpasdlta.vdm
12:41:05.0911 4708 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F87D6DCA-14E5-4403-BC7F-286ED5D9C802}\mpasdlta.vdm - ok
12:41:05.0911 4708 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:41:05.0911 4708 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:41:05.0911 4708 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
12:41:05.0911 4708 C:\Windows\System32\wbem\fastprox.dll - ok
12:41:05.0911 4708 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
12:41:05.0911 4708 C:\Windows\System32\ntdsapi.dll - ok
12:41:05.0927 4708 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
12:41:05.0927 4708 C:\Windows\System32\wbem\wbemprox.dll - ok
12:41:05.0927 4708 [ 93BB66044FA76734E882C6F3E8EE1900 ] C:\Program Files\Windows Defender\MsMpLics.dll
12:41:05.0927 4708 C:\Program Files\Windows Defender\MsMpLics.dll - ok
12:41:05.0927 4708 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
12:41:05.0927 4708 C:\Windows\System32\wscapi.dll - ok
12:41:05.0927 4708 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
12:41:05.0927 4708 C:\Windows\System32\wscisvif.dll - ok
12:41:05.0927 4708 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
12:41:05.0927 4708 C:\Windows\System32\wscproxystub.dll - ok
12:41:05.0927 4708 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
12:41:05.0927 4708 C:\Windows\System32\sqmapi.dll - ok
12:41:05.0927 4708 [ FFDAE493D48DEFE7936C735A175ACB6D ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
12:41:05.0927 4708 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
12:41:05.0927 4708 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
12:41:05.0927 4708 C:\Windows\System32\msxml3.dll - ok
12:41:05.0927 4708 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
12:41:05.0927 4708 C:\Windows\System32\wdscore.dll - ok
12:41:05.0942 4708 [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
12:41:05.0942 4708 C:\Windows\System32\rasmans.dll - ok
12:41:05.0942 4708 [ D790CAFEFF0291D0AF8C76F5A1EE2E4E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
12:41:05.0942 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
12:41:05.0942 4708 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
12:41:05.0942 4708 C:\Windows\System32\eappprxy.dll - ok
12:41:05.0942 4708 [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
12:41:05.0942 4708 C:\Windows\System32\rastapi.dll - ok
12:41:05.0942 4708 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
12:41:05.0942 4708 C:\Windows\System32\netcfgx.dll - ok
12:41:05.0942 4708 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
12:41:05.0942 4708 C:\Windows\System32\tapi32.dll - ok
12:41:05.0942 4708 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
12:41:05.0942 4708 C:\Windows\System32\hnetcfg.dll - ok
12:41:05.0942 4708 [ AF528B4ECA925F63D437F76E87D8971D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
12:41:05.0942 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
12:41:05.0958 4708 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
12:41:05.0958 4708 C:\Windows\System32\nci.dll - ok
12:41:05.0958 4708 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
12:41:05.0958 4708 C:\Windows\System32\wbem\wbemcore.dll - ok
12:41:05.0958 4708 [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
12:41:05.0958 4708 C:\Windows\System32\unimdm.tsp - ok
12:41:05.0958 4708 [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
12:41:05.0958 4708 C:\Windows\System32\uniplat.dll - ok
12:41:05.0958 4708 [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
12:41:05.0958 4708 C:\Windows\System32\kmddsp.tsp - ok
12:41:05.0958 4708 [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
12:41:05.0958 4708 C:\Windows\System32\ndptsp.tsp - ok
12:41:05.0958 4708 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
12:41:05.0958 4708 C:\Windows\System32\wbem\esscli.dll - ok
12:41:05.0958 4708 [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
12:41:05.0958 4708 C:\Windows\System32\hidphone.tsp - ok
12:41:05.0974 4708 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
12:41:05.0974 4708 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:41:05.0974 4708 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
12:41:05.0974 4708 C:\Windows\System32\wbem\wmiutils.dll - ok
12:41:05.0974 4708 [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
12:41:05.0974 4708 C:\Windows\System32\rasppp.dll - ok
12:41:05.0974 4708 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
12:41:05.0974 4708 C:\Windows\System32\drivers\srv2.sys - ok
12:41:05.0974 4708 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
12:41:05.0974 4708 C:\Windows\System32\drivers\srv.sys - ok
12:41:05.0974 4708 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
12:41:05.0974 4708 C:\Windows\System32\eappcfg.dll - ok
12:41:05.0974 4708 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
12:41:05.0974 4708 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:41:05.0974 4708 [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
12:41:05.0974 4708 C:\Windows\System32\vpnike.dll - ok
12:41:05.0974 4708 [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
12:41:05.0974 4708 C:\Windows\System32\raschap.dll - ok
12:41:05.0989 4708 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
12:41:05.0989 4708 C:\Windows\System32\srvsvc.dll - ok
12:41:05.0989 4708 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
12:41:05.0989 4708 C:\Windows\System32\browser.dll - ok
12:41:05.0989 4708 [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
12:41:05.0989 4708 C:\Windows\System32\ipnathlp.dll - ok
12:41:05.0989 4708 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
12:41:05.0989 4708 C:\Windows\System32\mprapi.dll - ok
12:41:05.0989 4708 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
12:41:05.0989 4708 C:\Windows\System32\netshell.dll - ok
12:41:05.0989 4708 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
12:41:05.0989 4708 C:\Windows\System32\netmsg.dll - ok
12:41:05.0989 4708 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:41:05.0989 4708 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:41:05.0989 4708 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
12:41:05.0989 4708 C:\Windows\System32\ncobjapi.dll - ok
12:41:06.0005 4708 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
12:41:06.0005 4708 C:\Windows\System32\clusapi.dll - ok
12:41:06.0005 4708 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
12:41:06.0005 4708 C:\Windows\System32\sscore.dll - ok
12:41:06.0005 4708 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
12:41:06.0005 4708 C:\Windows\System32\resutils.dll - ok
12:41:06.0005 4708 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
12:41:06.0005 4708 C:\Windows\System32\wbem\wbemess.dll - ok
12:41:06.0005 4708 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
12:41:06.0005 4708 C:\Windows\System32\hidserv.dll - ok
12:41:06.0005 4708 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
12:41:06.0005 4708 C:\Windows\System32\npmproxy.dll - ok
12:41:06.0005 4708 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
12:41:06.0005 4708 C:\Windows\System32\qmgr.dll - ok
12:41:06.0005 4708 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
12:41:06.0005 4708 C:\Windows\System32\rasadhlp.dll - ok
12:41:06.0005 4708 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
12:41:06.0005 4708 C:\Windows\System32\wdi.dll - ok
12:41:06.0020 4708 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
12:41:06.0020 4708 C:\Windows\System32\wpdbusenum.dll - ok
12:41:06.0020 4708 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
12:41:06.0020 4708 C:\Windows\System32\diagperf.dll - ok
12:41:06.0020 4708 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
12:41:06.0020 4708 C:\Windows\System32\perftrack.dll - ok
12:41:06.0020 4708 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
12:41:06.0020 4708 C:\Windows\System32\PortableDeviceApi.dll - ok
12:41:06.0020 4708 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
12:41:06.0020 4708 C:\Windows\System32\bitsigd.dll - ok
12:41:06.0020 4708 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
12:41:06.0020 4708 C:\Windows\System32\bitsperf.dll - ok
12:41:06.0020 4708 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
12:41:06.0020 4708 C:\Windows\System32\upnp.dll - ok
12:41:06.0020 4708 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
12:41:06.0020 4708 C:\Windows\System32\ssdpsrv.dll - ok
12:41:06.0036 4708 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
12:41:06.0036 4708 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
12:41:06.0036 4708 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
12:41:06.0036 4708 C:\Windows\System32\NapiNSP.dll - ok
12:41:06.0036 4708 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
12:41:06.0036 4708 C:\Windows\System32\pnrpnsp.dll - ok
12:41:06.0036 4708 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
12:41:06.0036 4708 C:\Windows\System32\winrnr.dll - ok
12:41:06.0036 4708 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
12:41:06.0036 4708 C:\Windows\System32\Apphlpdm.dll - ok
12:41:06.0036 4708 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
12:41:06.0036 4708 C:\Windows\System32\pnpts.dll - ok
12:41:06.0036 4708 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
12:41:06.0036 4708 C:\Windows\System32\wdiasqmmodule.dll - ok
12:41:06.0036 4708 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
12:41:06.0036 4708 C:\Windows\System32\qmgrprxy.dll - ok
12:41:06.0036 4708 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
12:41:06.0036 4708 C:\Windows\SysWOW64\qmgrprxy.dll - ok
12:41:06.0052 4708 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
12:41:06.0052 4708 C:\Windows\System32\taskhost.exe - ok
12:41:06.0052 4708 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
12:41:06.0052 4708 C:\Windows\System32\IPSECSVC.DLL - ok
12:41:06.0052 4708 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
12:41:06.0052 4708 C:\Windows\System32\FwRemoteSvr.dll - ok
12:41:06.0052 4708 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
12:41:06.0052 4708 C:\Windows\System32\dimsjob.dll - ok
12:41:06.0052 4708 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
12:41:06.0052 4708 C:\Windows\System32\certcli.dll - ok
12:41:06.0052 4708 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
12:41:06.0052 4708 C:\Windows\System32\pautoenr.dll - ok
12:41:06.0052 4708 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
12:41:06.0052 4708 C:\Windows\System32\CertEnroll.dll - ok
12:41:06.0052 4708 [ 046AD878F246D3801B719700B543A6EE ] C:\Windows\System32\jscript.dll
12:41:06.0052 4708 C:\Windows\System32\jscript.dll - ok
12:41:06.0067 4708 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
12:41:06.0067 4708 C:\Windows\System32\dllhost.exe - ok
12:41:06.0067 4708 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
12:41:06.0067 4708 C:\Windows\System32\IDStore.dll - ok
12:41:06.0067 4708 [ 7623A2CF7C3665BD2993F2EE157F24EB ] C:\Windows\System32\KBDYCC.DLL
12:41:06.0067 4708 C:\Windows\System32\KBDYCC.DLL - ok
12:41:06.0067 4708 [ 5D2EBA32B47E194E08D9825FCBB35FCF ] C:\Windows\System32\KBDYCL.DLL
12:41:06.0067 4708 C:\Windows\System32\KBDYCL.DLL - ok
12:41:06.0067 4708 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:41:06.0067 4708 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
12:41:06.0067 4708 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
12:41:06.0067 4708 C:\Windows\System32\localspl.dll - ok
12:41:06.0067 4708 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
12:41:06.0067 4708 C:\Windows\System32\umb.dll - ok
12:41:06.0067 4708 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
12:41:06.0067 4708 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
12:41:06.0067 4708 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
12:41:06.0067 4708 C:\Windows\System32\spoolss.dll - ok
12:41:06.0083 4708 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
12:41:06.0083 4708 C:\Windows\SysWOW64\netapi32.dll - ok
12:41:06.0083 4708 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
12:41:06.0083 4708 C:\Windows\SysWOW64\netutils.dll - ok
12:41:06.0083 4708 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
12:41:06.0083 4708 C:\Windows\SysWOW64\srvcli.dll - ok
12:41:06.0083 4708 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
12:41:06.0083 4708 C:\Windows\SysWOW64\wkscli.dll - ok
12:41:06.0083 4708 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:41:06.0083 4708 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:41:06.0083 4708 [ D38E5A781E4F4763387AFE0B866DFEE2 ] C:\Windows\System32\AdobePDF.dll
12:41:06.0083 4708 C:\Windows\System32\AdobePDF.dll - ok
12:41:06.0083 4708 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
12:41:06.0083 4708 C:\Windows\System32\PrintIsolationProxy.dll - ok
12:41:06.0083 4708 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
12:41:06.0083 4708 C:\Windows\System32\AtBroker.exe - ok
12:41:06.0098 4708 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
12:41:06.0098 4708 C:\Windows\System32\FXSMON.dll - ok
12:41:06.0098 4708 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
12:41:06.0098 4708 C:\Windows\System32\mpr.dll - ok
12:41:06.0098 4708 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
12:41:06.0098 4708 C:\Windows\System32\PlaySndSrv.dll - ok
12:41:06.0098 4708 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
12:41:06.0098 4708 C:\Windows\System32\tcpmon.dll - ok
12:41:06.0098 4708 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
12:41:06.0098 4708 C:\Windows\System32\userinit.exe - ok
12:41:06.0098 4708 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
12:41:06.0098 4708 C:\Windows\System32\dwm.exe - ok
12:41:06.0098 4708 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
12:41:06.0098 4708 C:\Windows\System32\dwmredir.dll - ok
12:41:06.0098 4708 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
12:41:06.0098 4708 C:\Windows\System32\dwmcore.dll - ok
12:41:06.0098 4708 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
12:41:06.0098 4708 C:\Windows\System32\snmpapi.dll - ok
12:41:06.0114 4708 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
12:41:06.0114 4708 C:\Windows\System32\wsnmp32.dll - ok
12:41:06.0114 4708 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
12:41:06.0114 4708 C:\Windows\System32\dssenh.dll - ok
12:41:06.0114 4708 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
12:41:06.0114 4708 C:\Windows\System32\HotStartUserAgent.dll - ok
12:41:06.0114 4708 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
12:41:06.0114 4708 C:\Windows\System32\MsCtfMonitor.dll - ok
12:41:06.0114 4708 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
12:41:06.0114 4708 C:\Windows\System32\msutb.dll - ok
12:41:06.0114 4708 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
12:41:06.0114 4708 C:\Windows\System32\usbmon.dll - ok
12:41:06.0114 4708 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
12:41:06.0114 4708 C:\Windows\System32\WSDMon.dll - ok
12:41:06.0114 4708 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
12:41:06.0114 4708 C:\Windows\System32\fdPnp.dll - ok
12:41:06.0114 4708 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
12:41:06.0114 4708 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
12:41:06.0130 4708 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
12:41:06.0130 4708 C:\Windows\System32\win32spl.dll - ok
12:41:06.0130 4708 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
12:41:06.0130 4708 C:\Windows\SysWOW64\imagehlp.dll - ok
12:41:06.0130 4708 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
12:41:06.0130 4708 C:\Windows\SysWOW64\cscapi.dll - ok
12:41:06.0130 4708 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
12:41:06.0130 4708 C:\Windows\SysWOW64\dbghelp.dll - ok
12:41:06.0130 4708 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
12:41:06.0130 4708 C:\Windows\System32\d3d10_1.dll - ok
12:41:06.0130 4708 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
12:41:06.0130 4708 C:\Windows\System32\d3d10_1core.dll - ok
12:41:06.0130 4708 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
12:41:06.0130 4708 C:\Windows\System32\dxgi.dll - ok
12:41:06.0130 4708 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
12:41:06.0130 4708 C:\Windows\System32\inetpp.dll - ok
12:41:06.0130 4708 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
12:41:06.0145 4708 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
12:41:06.0145 4708 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
12:41:06.0145 4708 C:\Windows\explorer.exe - ok
12:41:06.0145 4708 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
12:41:06.0145 4708 C:\Windows\System32\cscapi.dll - ok
12:41:06.0145 4708 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
12:41:06.0145 4708 C:\Windows\SysWOW64\apphelp.dll - ok
12:41:06.0145 4708 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
12:41:06.0145 4708 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
12:41:06.0145 4708 [ 80ED288D61ABCBB9B2DD3FCDDBB71E1E ] C:\Windows\System32\nvwgf2umx.dll
12:41:06.0145 4708 C:\Windows\System32\nvwgf2umx.dll - ok
12:41:06.0145 4708 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
12:41:06.0145 4708 C:\Windows\SysWOW64\mstask.dll - ok
12:41:06.0145 4708 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
12:41:06.0145 4708 C:\Windows\System32\ExplorerFrame.dll - ok
12:41:06.0145 4708 [ 5877A3341AA7DF58789294CEBA38AE2B ] C:\Users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
12:41:06.0145 4708 C:\Users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll - ok
12:41:06.0161 4708 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
12:41:06.0161 4708 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
12:41:06.0161 4708 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
12:41:06.0161 4708 C:\Windows\System32\EhStorShell.dll - ok
12:41:06.0161 4708 [ 7979639731124E5BF730061E29B96F7F ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
12:41:06.0161 4708 C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
12:41:06.0161 4708 [ F1D2ABA7038E01F7465E36F2057E7C13 ] C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
12:41:06.0161 4708 C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL - ok
12:41:06.0161 4708 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
12:41:06.0161 4708 C:\Windows\System32\uDWM.dll - ok
12:41:06.0161 4708 [ 57AC86AC664CC774C861DAB2B1D1E978 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll
12:41:06.0161 4708 C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_0a1fd3a3a768b895\ATL90.dll - ok
12:41:06.0161 4708 [ 5ABAEB53E6ECF7878A5C4C4ABED92050 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
12:41:06.0161 4708 C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
12:41:06.0161 4708 [ 66E3C667D853DF349E310568F60B9B6A ] C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll
12:41:06.0161 4708 C:\PROGRA~1\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
12:41:06.0176 4708 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
12:41:06.0176 4708 C:\Windows\System32\IconCodecService.dll - ok
12:41:06.0176 4708 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
12:41:06.0176 4708 C:\Windows\System32\runonce.exe - ok
12:41:06.0176 4708 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
12:41:06.0176 4708 C:\Windows\SysWOW64\runonce.exe - ok
12:41:06.0176 4708 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
12:41:06.0176 4708 C:\Windows\SysWOW64\uxtheme.dll - ok
12:41:06.0176 4708 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
12:41:06.0176 4708 C:\Windows\SysWOW64\propsys.dll - ok
12:41:06.0176 4708 [ 660C8E78B94F483E44B0243A774A4746 ] C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
12:41:06.0176 4708 C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL - ok
12:41:06.0176 4708 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
12:41:06.0176 4708 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
12:41:06.0176 4708 [ 58A14C45A5CD2528F10A889E7B0C3FC2 ] C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll
12:41:06.0176 4708 C:\Windows\winsxs\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.dll - ok
12:41:06.0192 4708 [ E9901A7E569C4156FDA69F5C9356B8ED ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF
12:41:06.0192 4708 C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\OFFICE.ODF - ok
12:41:06.0192 4708 [ A113AFEED3159A1ED52D78CB0226006D ] C:\Windows\SysWOW64\secur32.dll
12:41:06.0192 4708 C:\Windows\SysWOW64\secur32.dll - ok
12:41:06.0192 4708 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
12:41:06.0192 4708 C:\Windows\SysWOW64\cmd.exe - ok
12:41:06.0192 4708 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
12:41:06.0192 4708 C:\Windows\System32\conhost.exe - ok
12:41:06.0192 4708 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
12:41:06.0192 4708 C:\Windows\System32\aelupsvc.dll - ok
12:41:06.0192 4708 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
12:41:06.0192 4708 C:\Windows\SysWOW64\winbrand.dll - ok
12:41:06.0192 4708 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
12:41:06.0192 4708 C:\Windows\SysWOW64\ieframe.dll - ok
12:41:06.0192 4708 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
12:41:06.0192 4708 C:\Windows\SysWOW64\oleacc.dll - ok
12:41:06.0208 4708 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\shdocvw.dll - ok
12:41:06.0208 4708 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Dusan\AppData\Local\Temp\9EE0A3FC-D2F5-4A67-AB8C-35B66FD04F89.exe
12:41:06.0208 4708 C:\Users\Dusan\AppData\Local\Temp\9EE0A3FC-D2F5-4A67-AB8C-35B66FD04F89.exe - ok
12:41:06.0208 4708 [ 859CFCE4A0F72916911BD9F6C6E84581 ] C:\Windows\SysWOW64\ncrypt.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\ncrypt.dll - ok
12:41:06.0208 4708 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\bcrypt.dll - ok
12:41:06.0208 4708 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
12:41:06.0208 4708 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\gpapi.dll - ok
12:41:06.0208 4708 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\cryptnet.dll - ok
12:41:06.0208 4708 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\SensApi.dll - ok
12:41:06.0208 4708 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
12:41:06.0208 4708 C:\Windows\SysWOW64\dwmapi.dll - ok
12:41:06.0223 4708 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
12:41:06.0223 4708 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
12:41:06.0223 4708 [ D1F4EF194A129726FBF30E2F514824AA ] C:\Users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
12:41:06.0223 4708 C:\Users\Dusan\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll - ok
12:41:06.0223 4708 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
12:41:06.0223 4708 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
12:41:06.0223 4708 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
12:41:06.0223 4708 C:\Windows\SysWOW64\EhStorShell.dll - ok
12:41:06.0223 4708 [ 676CCC08D9E9A3F4CA39CB04E97048DF ] C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll
12:41:06.0223 4708 C:\PROGRA~2\MICROS~2\Office14\1033\GrooveIntlResource.dll - ok
12:41:06.0223 4708 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
12:41:06.0223 4708 C:\Windows\SysWOW64\ntshrui.dll - ok
12:41:06.0223 4708 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
12:41:06.0223 4708 C:\Windows\SysWOW64\imageres.dll - ok
12:41:06.0223 4708 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
12:41:06.0223 4708 C:\Windows\SysWOW64\slc.dll - ok
12:41:06.0239 4708 [ A77BA10A0D610BBB6101AEA1E633ABE1 ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
12:41:06.0239 4708 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
12:41:06.0239 4708 [ 7C8624F994E362105FB959267C035EB0 ] C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdt.dll
12:41:06.0239 4708 C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdt.dll - ok
12:41:06.0239 4708 [ 3F7B1DDAC049A327F33A38C765470FFD ] C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdtr.dll
12:41:06.0239 4708 C:\Program Files\NVIDIA Corporation\NvUpdate\NvUpdtr.dll - ok
12:41:06.0239 4708 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
12:41:06.0239 4708 C:\Windows\SysWOW64\sfc.dll - ok
12:41:06.0239 4708 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
12:41:06.0239 4708 C:\Windows\SysWOW64\sfc_os.dll - ok
12:41:06.0239 4708 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
12:41:06.0239 4708 C:\Windows\System32\ie4uinit.exe - ok
12:41:06.0239 4708 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
12:41:06.0239 4708 C:\Windows\System32\iedkcs32.dll - ok
12:41:06.0239 4708 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
12:41:06.0239 4708 C:\Windows\System32\timedate.cpl - ok
12:41:06.0254 4708 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
12:41:06.0254 4708 C:\Windows\System32\actxprxy.dll - ok
12:41:06.0254 4708 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
12:41:06.0254 4708 C:\Windows\SysWOW64\credssp.dll - ok
12:41:06.0254 4708 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
12:41:06.0254 4708 C:\Windows\SysWOW64\mswsock.dll - ok
12:41:06.0254 4708 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:41:06.0254 4708 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:41:06.0254 4708 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
12:41:06.0254 4708 C:\Windows\SysWOW64\wship6.dll - ok
12:41:06.0254 4708 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
12:41:06.0254 4708 C:\Windows\SysWOW64\dnsapi.dll - ok
12:41:06.0254 4708 [ 4355CF8BD07B0E48C111FC3D2F36D313 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
12:41:06.0254 4708 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
12:41:06.0254 4708 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
12:41:06.0254 4708 C:\Windows\SysWOW64\rasadhlp.dll - ok
12:41:06.0270 4708 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
12:41:06.0270 4708 C:\Windows\System32\shdocvw.dll - ok
12:41:06.0270 4708 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
12:41:06.0270 4708 C:\Windows\System32\linkinfo.dll - ok
12:41:06.0270 4708 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:41:06.0270 4708 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:41:06.0270 4708 [ 459F120CEFB7E41FBFE3668C0234B0A5 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
12:41:06.0270 4708 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
12:41:06.0270 4708 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
12:41:06.0270 4708 C:\Windows\System32\msftedit.dll - ok
12:41:06.0270 4708 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
12:41:06.0270 4708 C:\Windows\System32\gameux.dll - ok
12:41:06.0270 4708 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
12:41:06.0270 4708 C:\Windows\System32\msls31.dll - ok
12:41:06.0270 4708 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:41:06.0270 4708 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:41:06.0270 4708 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
12:41:06.0270 4708 C:\Windows\System32\DeviceCenter.dll - ok
12:41:06.0286 4708 [ C3803F8E0FC107EFC1F9DE4FB7B7D797 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:41:06.0286 4708 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
12:41:06.0286 4708 [ E09EFDAE4A93765ECEA0D5A31FC242E3 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
12:41:06.0286 4708 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe - ok
12:41:06.0286 4708 [ B49A2BB966FDF28E8D8F8A275DB0A4DD ] C:\Program Files (x86)\DavidRM Software\The Journal 4\Journal4.exe
12:41:06.0286 4708 C:\Program Files (x86)\DavidRM Software\The Journal 4\Journal4.exe - ok
12:41:06.0286 4708 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
12:41:06.0286 4708 C:\Windows\System32\networkexplorer.dll - ok
12:41:06.0286 4708 [ 8FE651ACBA3344E645CFEB6286FFF6B8 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
12:41:06.0286 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok
12:41:06.0286 4708 [ 9D51EA92A612B37E76E5E4621650C50A ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
12:41:06.0286 4708 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe - ok
12:41:06.0286 4708 [ 1F36981C4DEEAA88858317C1642CE160 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
12:41:06.0286 4708 C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll - ok
12:41:06.0301 4708 [ B77081F8221968C7DAB794B0BA55C43E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
12:41:06.0301 4708 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
12:41:06.0301 4708 [ 3DF7AC30A381C57D0C70EAEFEE3C4EF2 ] C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
12:41:06.0301 4708 C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe - ok
12:41:06.0301 4708 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
12:41:06.0301 4708 C:\Windows\System32\drprov.dll - ok
12:41:06.0301 4708 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
12:41:06.0301 4708 C:\Windows\System32\ntlanman.dll - ok
12:41:06.0301 4708 [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll
12:41:06.0301 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok
12:41:06.0301 4708 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
12:41:06.0301 4708 C:\Windows\System32\davclnt.dll - ok
12:41:06.0301 4708 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
12:41:06.0301 4708 C:\Windows\System32\davhlpr.dll - ok
12:41:06.0317 4708 [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
12:41:06.0317 4708 C:\Windows\System32\SearchFolder.dll - ok
12:41:06.0317 4708 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\msvcp100.dll - ok
12:41:06.0317 4708 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\winmm.dll - ok
12:41:06.0317 4708 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\NapiNSP.dll - ok
12:41:06.0317 4708 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\nlaapi.dll - ok
12:41:06.0317 4708 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\msvcr100.dll - ok
12:41:06.0317 4708 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\pnrpnsp.dll - ok
12:41:06.0317 4708 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\winrnr.dll - ok
12:41:06.0317 4708 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
12:41:06.0317 4708 C:\Windows\SysWOW64\riched20.dll - ok
12:41:06.0332 4708 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
12:41:06.0332 4708 C:\Windows\System32\msiltcfg.dll - ok
12:41:06.0332 4708 [ 1511A4E8FFACFF9CEBBB02E20E5054F1 ] C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll
12:41:06.0332 4708 C:\Program Files (x86)\DAEMON Tools Lite\DTCommonRes.dll - ok
12:41:06.0332 4708 [ 5596CB8E20CEC08A1307274A02356C70 ] C:\Users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe
12:41:06.0332 4708 C:\Users\Dusan\AppData\Roaming\Dropbox\bin\Dropbox.exe - ok
12:41:06.0332 4708 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
12:41:06.0332 4708 C:\Windows\System32\msi.dll - ok
12:41:06.0332 4708 [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll
12:41:06.0332 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok
12:41:06.0332 4708 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
12:41:06.0332 4708 C:\Windows\SysWOW64\PeerDist.dll - ok
12:41:06.0332 4708 [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll
12:41:06.0332 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok
12:41:06.0348 4708 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
12:41:06.0348 4708 C:\Windows\SysWOW64\authz.dll - ok
12:41:06.0348 4708 [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll
12:41:06.0348 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok
12:41:06.0348 4708 [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll
12:41:06.0348 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok
12:41:06.0348 4708 [ 4823DFE702BAE876CB31F58573D7EB55 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll
12:41:06.0348 4708 C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok
12:41:06.0348 4708 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
12:41:06.0348 4708 C:\Windows\System32\dsound.dll - ok
12:41:06.0348 4708 [ E1DCEE9E3EC0522DF24397BE1A64E449 ] C:\Windows\System32\dfshim.dll
12:41:06.0348 4708 C:\Windows\System32\dfshim.dll - ok
12:41:06.0348 4708 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
12:41:06.0348 4708 C:\Windows\SysWOW64\rasapi32.dll - ok
12:41:06.0348 4708 [ 0805289E121F3E3C458C970B08314EB2 ] C:\Windows\System32\RtkCfg64.dll
12:41:06.0348 4708 C:\Windows\System32\RtkCfg64.dll - ok
12:41:06.0364 4708 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\msxml3.dll - ok
12:41:06.0364 4708 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\rasman.dll - ok
12:41:06.0364 4708 [ 75BF98A1AFFFBF49229580811BCD86D2 ] C:\Windows\System32\RtkAPO64.dll
12:41:06.0364 4708 C:\Windows\System32\RtkAPO64.dll - ok
12:41:06.0364 4708 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\rtutils.dll - ok
12:41:06.0364 4708 [ 8E38CE628D4817D949DD31D77A7F21CD ] C:\Windows\SysWOW64\jsproxy.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\jsproxy.dll - ok
12:41:06.0364 4708 [ 0A866897039E42DF8080BE5DD83BC8E0 ] C:\Windows\SysWOW64\jscript.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\jscript.dll - ok
12:41:06.0364 4708 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\comdlg32.dll - ok
12:41:06.0364 4708 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\msimg32.dll - ok
12:41:06.0364 4708 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
12:41:06.0364 4708 C:\Windows\SysWOW64\oledlg.dll - ok
12:41:06.0379 4708 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
12:41:06.0379 4708 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
12:41:06.0379 4708 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
12:41:06.0379 4708 C:\Windows\SysWOW64\wsock32.dll - ok
12:41:06.0379 4708 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
12:41:06.0379 4708 C:\Windows\System32\mscoree.dll - ok
12:41:06.0379 4708 [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
12:41:06.0379 4708 C:\Windows\SysWOW64\olepro32.dll - ok
12:41:06.0379 4708 [ AF78F66116814FDD6677CEBD73035CDD ] C:\Windows\SysWOW64\schannel.dll
12:41:06.0379 4708 C:\Windows\SysWOW64\schannel.dll - ok
12:41:06.0379 4708 [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
12:41:06.0379 4708 C:\Windows\System32\StructuredQuery.dll - ok
12:41:06.0379 4708 [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
12:41:06.0379 4708 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
12:41:06.0379 4708 [ 4F73C6528397A014D5620AED041533CF ] C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll
12:41:06.0379 4708 C:\Program Files (x86)\DAEMON Tools Lite\Engine.dll - ok
12:41:06.0395 4708 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
12:41:06.0395 4708 C:\Windows\System32\stobject.dll - ok
12:41:06.0395 4708 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
12:41:06.0395 4708 C:\Windows\System32\batmeter.dll - ok
12:41:06.0395 4708 [ 20437681A7678D440BBEE38C0453B852 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll
12:41:06.0395 4708 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfdll.dll - ok
12:41:06.0395 4708 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
12:41:06.0395 4708 C:\Windows\SysWOW64\credui.dll - ok
12:41:06.0395 4708 [ 3DBEAEE8645FAF1232CE464C2CAC12EF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
12:41:06.0395 4708 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
12:41:06.0395 4708 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\SysWOW64\authui.dll
12:41:06.0395 4708 C:\Windows\SysWOW64\authui.dll - ok
12:41:06.0395 4708 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
12:41:06.0395 4708 C:\Windows\SysWOW64\cryptui.dll - ok
12:41:06.0395 4708 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
12:41:06.0395 4708 C:\Windows\SysWOW64\dui70.dll - ok
12:41:06.0410 4708 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\duser.dll - ok
12:41:06.0410 4708 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll
12:41:06.0410 4708 C:\Program Files (x86)\DAEMON Tools Lite\imgengine.dll - ok
12:41:06.0410 4708 [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\xmllite.dll - ok
12:41:06.0410 4708 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\SmartcardCredentialProvider.dll - ok
12:41:06.0410 4708 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\SysWOW64\BioCredProv.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\BioCredProv.dll - ok
12:41:06.0410 4708 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\SysWOW64\winbio.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\winbio.dll - ok
12:41:06.0410 4708 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\SysWOW64\vaultcli.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\vaultcli.dll - ok
12:41:06.0410 4708 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\samcli.dll - ok
12:41:06.0410 4708 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\SysWOW64\certCredProvider.dll
12:41:06.0410 4708 C:\Windows\SysWOW64\certCredProvider.dll - ok
12:41:06.0426 4708 [ F598DCBF5B7171362A2418E27D73276B ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
12:41:06.0426 4708 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
12:41:06.0426 4708 [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
12:41:06.0426 4708 C:\Windows\SysWOW64\hhctrl.ocx - ok
12:41:06.0426 4708 [ BBD351CB2E5455F0E96FE4460EC05F52 ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
12:41:06.0426 4708 C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
12:41:06.0426 4708 [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
12:41:06.0426 4708 C:\Windows\System32\msvcr100_clr0400.dll - ok
12:41:06.0426 4708 [ 2809F6A69068C6C56860E6B8B8DB4AFB ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
12:41:06.0426 4708 C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
12:41:06.0426 4708 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
12:41:06.0426 4708 C:\Windows\SysWOW64\security.dll - ok
12:41:06.0426 4708 [ 618501A12F3B0715FCC187DE222DBFB7 ] C:\Program Files\Rainmeter\Rainmeter.exe
12:41:06.0426 4708 C:\Program Files\Rainmeter\Rainmeter.exe - ok
12:41:06.0426 4708 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
12:41:06.0426 4708 C:\Windows\SysWOW64\ntdsapi.dll - ok
12:41:06.0442 4708 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
12:41:06.0442 4708 C:\Windows\System32\prnfldr.dll - ok
12:41:06.0442 4708 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
12:41:06.0442 4708 C:\Windows\SysWOW64\logoncli.dll - ok
12:41:06.0442 4708 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
12:41:06.0442 4708 C:\Windows\System32\msvcr100.dll - ok
12:41:06.0442 4708 [ FF0729002E081668620A681182D63FE6 ] C:\Windows\System32\wuapp.exe
12:41:06.0442 4708 C:\Windows\System32\wuapp.exe - ok
12:41:06.0442 4708 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
12:41:06.0442 4708 C:\Windows\System32\fdProxy.dll - ok
12:41:06.0442 4708 [ 00197054B96DEBC2729D8B16E67A5D8F ] C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\PlugIns\IDE_ACDStd.apl
12:41:06.0442 4708 C:\Program Files (x86)\ACD Systems\ACDSee Pro\5.0\PlugIns\IDE_ACDStd.apl - ok
12:41:06.0442 4708 [ 2E87CB333884E9AED6F4C3B057A3650F ] C:\Program Files (x86)\Winamp\winamp.exe
12:41:06.0442 4708 C:\Program Files (x86)\Winamp\winamp.exe - ok
12:41:06.0442 4708 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
12:41:06.0442 4708 C:\Windows\System32\DXP.dll - ok
12:41:06.0457 4708 [ A0CD39E8C108FD433090CD178EDE7BD4 ] C:\Program Files\Rainmeter\Rainmeter.dll
12:41:06.0457 4708 C:\Program Files\Rainmeter\Rainmeter.dll - ok
12:41:06.0457 4708 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
12:41:06.0457 4708 C:\Windows\System32\Syncreg.dll - ok
12:41:06.0457 4708 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
12:41:06.0457 4708 C:\Windows\ehome\ehSSO.dll - ok
12:41:06.0457 4708 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
12:41:06.0457 4708 C:\Windows\System32\msvcp100.dll - ok
12:41:06.0457 4708 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
12:41:06.0457 4708 C:\Windows\System32\thumbcache.dll - ok
12:41:06.0457 4708 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
12:41:06.0457 4708 C:\Windows\System32\AltTab.dll - ok
12:41:06.0457 4708 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
12:41:06.0457 4708 C:\Windows\System32\WPDShServiceObj.dll - ok
12:41:06.0457 4708 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
12:41:06.0457 4708 C:\Windows\System32\pnidui.dll - ok
12:41:06.0473 4708 [ B3DD214F23037E3D3C27D6C9447B40B5 ] C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe
12:41:06.0473 4708 C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe - ok
12:41:06.0473 4708 [ 553FDFFC34CD4C2D6F0B13769A4897D8 ] C:\Program Files (x86)\Winamp\nsutil.dll
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\nsutil.dll - ok
12:41:06.0473 4708 [ 9A5157D6FD94DAF5BEF57F3AA3B369B3 ] C:\Program Files (x86)\Winamp\nde.dll
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\nde.dll - ok
12:41:06.0473 4708 [ 04FF53489E18B206ABE6E9578A446F06 ] C:\Program Files (x86)\Winamp\System\albumart.w5s
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\System\albumart.w5s - ok
12:41:06.0473 4708 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
12:41:06.0473 4708 C:\Windows\System32\QUTIL.DLL - ok
12:41:06.0473 4708 [ 6813AB921362AF94A6C25401C1F9561D ] C:\Program Files (x86)\Winamp\System\auth.w5s
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\System\auth.w5s - ok
12:41:06.0473 4708 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
12:41:06.0473 4708 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:41:06.0473 4708 [ A70326CC23A56A8D7697419C18D580C2 ] C:\Program Files (x86)\Winamp\System\bmp.w5s
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\System\bmp.w5s - ok
12:41:06.0473 4708 [ 15DEC66530171B665BA1FD30F19EC5DD ] C:\Program Files (x86)\Winamp\zlib.dll
12:41:06.0473 4708 C:\Program Files (x86)\Winamp\zlib.dll - ok
12:41:06.0488 4708 [ 1D296F090ED401967B30BD2B970DC306 ] C:\Windows\System32\icm32.dll
12:41:06.0488 4708 C:\Windows\System32\icm32.dll - ok
12:41:06.0488 4708 [ E5FA6160E37D8F9F394FA88C9DC1B111 ] C:\Program Files (x86)\Winamp\System\devices.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\devices.w5s - ok
12:41:06.0488 4708 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
12:41:06.0488 4708 C:\Windows\System32\ActionCenter.dll - ok
12:41:06.0488 4708 [ B847F546023EAE84A144C34FA3E9A188 ] C:\Program Files (x86)\Winamp\System\dlmgr.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\dlmgr.w5s - ok
12:41:06.0488 4708 [ 9AD6F0809771F4AA9A2EBC113FFE580D ] C:\Program Files (x86)\Winamp\System\filereader.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\filereader.w5s - ok
12:41:06.0488 4708 [ 6A2D476CF683E214E35158852C84191E ] C:\Program Files (x86)\Winamp\System\gif.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\gif.w5s - ok
12:41:06.0488 4708 [ 1F9B6CFD4CA6D9E6FCFAA5A20951E120 ] C:\Program Files (x86)\Winamp\System\gracenote.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\gracenote.w5s - ok
12:41:06.0488 4708 [ 378B7A94ABE9F26DB89A7D1228163950 ] C:\Program Files (x86)\Winamp\System\jnetlib.w5s
12:41:06.0488 4708 C:\Program Files (x86)\Winamp\System\jnetlib.w5s - ok
12:41:06.0504 4708 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
12:41:06.0504 4708 C:\Windows\System32\FXSST.dll - ok
12:41:06.0504 4708 [ A00DEABC66107527977170BF2DBA1E5D ] C:\Program Files (x86)\Winamp\System\jpeg.w5s
12:41:06.0504 4708 C:\Program Files (x86)\Winamp\System\jpeg.w5s - ok
12:41:06.0504 4708 [ 15D14F7BCEF1DBB9F531432F0A280793 ] C:\Program Files (x86)\Winamp\System\ombrowser.w5s
12:41:06.0504 4708 C:\Program Files (x86)\Winamp\System\ombrowser.w5s - ok
12:41:06.0504 4708 [ 220DEEA6617C48C16FEF964BDA9580D0 ] C:\Program Files\Rainmeter\Plugins\WebParser.dll
12:41:06.0504 4708 C:\Program Files\Rainmeter\Plugins\WebParser.dll - ok
12:41:06.0504 4708 [ 8E4A9AE9571837EBE5CC26266D8487DD ] C:\Program Files (x86)\Winamp\System\playlist.w5s
12:41:06.0504 4708 C:\Program Files (x86)\Winamp\System\playlist.w5s - ok
12:41:06.0504 4708 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\28543979.sys
12:41:06.0504 4708 C:\Windows\System32\drivers\28543979.sys - ok
12:41:06.0504 4708 [ 5672C07414B81A77F42501CCDF8DE53C ] C:\Program Files (x86)\Winamp\System\png.w5s
12:41:06.0504 4708 C:\Program Files (x86)\Winamp\System\png.w5s - ok
12:41:06.0504 4708 [ FDFD3A62D8AC5C51CC96B6C62BC1E2FE ] C:\Program Files (x86)\Winamp\System\primo.w5s
12:41:06.0504 4708 C:\Program Files (x86)\Winamp\System\primo.w5s - ok
12:41:06.0520 4708 [ 6D5CAEA7543B268AB226BC2267A34FE5 ] C:\Program Files (x86)\Winamp\System\tagz.w5s
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\System\tagz.w5s - ok
12:41:06.0520 4708 [ 4A53A88AD2CB8E617352890465369FD7 ] C:\Program Files (x86)\Winamp\System\timer.w5s
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\System\timer.w5s - ok
12:41:06.0520 4708 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
12:41:06.0520 4708 C:\Windows\System32\FXSAPI.dll - ok
12:41:06.0520 4708 [ C06F62979C1ADF71E3C8002F98135C7B ] C:\Program Files (x86)\Winamp\System\xml.w5s
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\System\xml.w5s - ok
12:41:06.0520 4708 [ 474A7B40210E10C61E414943B941FADF ] C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll - ok
12:41:06.0520 4708 [ 78E41CAC68CAB91794D031B7EB0C97F5 ] C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\Plugins\in_flac.dll - ok
12:41:06.0520 4708 [ F2C7C26AB89D0E270A6CF14890549823 ] C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\Plugins\in_linein.dll - ok
12:41:06.0520 4708 [ 05EE84554430B4DD22BF6BEE551CB8FE ] C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
12:41:06.0520 4708 C:\Program Files (x86)\Winamp\Plugins\in_midi.dll - ok
12:41:06.0535 4708 [ 8106A04FB9C0B53FB63727834E59C574 ] C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
12:41:06.0535 4708 C:\Program Files (x86)\Winamp\Plugins\in_mod.dll - ok
12:41:06.0535 4708 [ 064072A151EFA70F6FE2B228715521AB ] C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
12:41:06.0535 4708 C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll - ok
12:41:06.0535 4708 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
12:41:06.0535 4708 C:\Windows\System32\FXSRESM.dll - ok
12:41:06.0535 4708 [ 2817076584A0893546EAAE96DFACD67A ] C:\Program Files\Rainmeter\Plugins\InputText.dll
12:41:06.0535 4708 C:\Program Files\Rainmeter\Plugins\InputText.dll - ok
12:41:06.0535 4708 [ 768822E86DA7F12426E6460C0B78D24D ] C:\Program Files (x86)\GRETECH\GomPlayer\Icon.dll
12:41:06.0535 4708 C:\Program Files (x86)\GRETECH\GomPlayer\Icon.dll - ok
12:41:06.0535 4708 [ 321845F6797BB73B0C5297BC25B0FFF2 ] C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
12:41:06.0535 4708 C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll - ok
12:41:06.0535 4708 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
12:41:06.0535 4708 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
12:41:06.0535 4708 [ 3F50200237961034FACE602373838980 ] C:\Windows\SysWOW64\FirewallAPI.dll
12:41:06.0535 4708 C:\Windows\SysWOW64\FirewallAPI.dll - ok
12:41:06.0551 4708 [ 758981424813940E2C6D8E9B616779B3 ] C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
12:41:06.0551 4708 C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll - ok
12:41:06.0551 4708 [ 41FADCBD3DE00D8491BF3666599398FF ] C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
12:41:06.0551 4708 C:\Program Files (x86)\Winamp\Plugins\in_wave.dll - ok
12:41:06.0551 4708 [ AAC3EA63A5026AF7BDD807D4C82DC612 ] C:\Program Files (x86)\Winamp\libsndfile.dll
12:41:06.0551 4708 C:\Program Files (x86)\Winamp\libsndfile.dll - ok
12:41:06.0551 4708 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:41:06.0551 4708 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:41:06.0551 4708 [ 21F26110DFE7257A3AF5959BED3B6B42 ] C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
12:41:06.0551 4708 C:\Program Files (x86)\Winamp\Plugins\in_wm.dll - ok
12:41:06.0551 4708 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
12:41:06.0551 4708 C:\Windows\System32\cscui.dll - ok
12:41:06.0551 4708 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
12:41:06.0551 4708 C:\Windows\SysWOW64\sxs.dll - ok
12:41:06.0551 4708 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
12:41:06.0551 4708 C:\Windows\SysWOW64\MMDevAPI.dll - ok
12:41:06.0566 4708 [ ADA23DCD5DD87CA957AAF1DE9D6CE292 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOHEVI.DLL
12:41:06.0566 4708 C:\Program Files (x86)\Microsoft Office\Office14\MSOHEVI.DLL - ok
12:41:06.0566 4708 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
12:41:06.0566 4708 C:\Windows\SysWOW64\wdmaud.drv - ok
12:41:06.0566 4708 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
12:41:06.0566 4708 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
12:41:06.0566 4708 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
12:41:06.0566 4708 C:\Windows\System32\cscdll.dll - ok
12:41:06.0566 4708 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
12:41:06.0566 4708 C:\Windows\System32\bthprops.cpl - ok
12:41:06.0566 4708 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
12:41:06.0566 4708 C:\Windows\SysWOW64\avrt.dll - ok
12:41:06.0566 4708 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
12:41:06.0566 4708 C:\Windows\SysWOW64\ksuser.dll - ok
12:41:06.0566 4708 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
12:41:06.0566 4708 C:\Windows\SysWOW64\AudioSes.dll - ok
12:41:06.0566 4708 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
12:41:06.0566 4708 C:\Windows\SysWOW64\msacm32.drv - ok
12:41:06.0582 4708 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
12:41:06.0582 4708 C:\Windows\SysWOW64\midimap.dll - ok
12:41:06.0582 4708 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
12:41:06.0582 4708 C:\Windows\SysWOW64\msacm32.dll - ok
12:41:06.0582 4708 [ 8BBCD9E980B3DC50F7603388B46439A4 ] C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
12:41:06.0582 4708 C:\Program Files (x86)\Winamp\Plugins\out_disk.dll - ok
12:41:06.0582 4708 [ 717F2AB4D6544B06BF4DBFA7F26143BB ] C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
12:41:06.0582 4708 C:\Program Files (x86)\Winamp\Plugins\out_ds.dll - ok
12:41:06.0582 4708 [ CC87B4F33B32FC3310840BEF0A8B798F ] C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
12:41:06.0582 4708 C:\Program Files (x86)\Winamp\Plugins\out_wave.dll - ok
12:41:06.0582 4708 [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
12:41:06.0582 4708 C:\Windows\System32\cscobj.dll - ok
12:41:06.0582 4708 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
12:41:06.0582 4708 C:\Windows\SysWOW64\actxprxy.dll - ok
12:41:06.0582 4708 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
12:41:06.0582 4708 C:\Windows\System32\ntshrui.dll - ok
12:41:06.0598 4708 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
12:41:06.0598 4708 C:\Windows\System32\ieframe.dll - ok
12:41:06.0598 4708 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:41:06.0598 4708 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:41:06.0598 4708 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
12:41:06.0598 4708 C:\Windows\System32\wbem\NCProv.dll - ok
12:41:06.0598 4708 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
12:41:06.0598 4708 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
12:41:06.0598 4708 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
12:41:06.0598 4708 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
12:41:06.0598 4708 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
12:41:06.0598 4708 C:\Windows\System32\UIAnimation.dll - ok
12:41:06.0598 4708 [ 33BF6AC5DE3914EEB9FB63E2B63B2CE0 ] C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
12:41:06.0598 4708 C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll - ok
12:41:06.0598 4708 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
12:41:06.0598 4708 C:\Windows\System32\srchadmin.dll - ok
12:41:06.0613 4708 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
12:41:06.0613 4708 C:\Windows\System32\FXSSVC.exe - ok
12:41:06.0613 4708 [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
12:41:06.0613 4708 C:\Windows\System32\SearchIndexer.exe - ok
12:41:06.0613 4708 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
12:41:06.0613 4708 C:\Windows\System32\rasdlg.dll - ok
12:41:06.0613 4708 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
12:41:06.0613 4708 C:\Windows\System32\tquery.dll - ok
12:41:06.0613 4708 [ 3222BBCC4F3F71E1C82A1E3AA1CC7722 ] C:\Program Files (x86)\Winamp\tataki.dll
12:41:06.0613 4708 C:\Program Files (x86)\Winamp\tataki.dll - ok
12:41:06.0613 4708 [ EC1059996AA07439D92EC53A0C315B54 ] C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
12:41:06.0613 4708 C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac - ok
12:41:06.0613 4708 [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
12:41:06.0613 4708 C:\Windows\System32\mssrch.dll - ok
12:41:06.0613 4708 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
12:41:06.0613 4708 C:\Windows\System32\msidle.dll - ok
12:41:06.0629 4708 [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
12:41:06.0629 4708 C:\Windows\System32\mssprxy.dll - ok
12:41:06.0629 4708 [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
12:41:06.0629 4708 C:\Windows\System32\en-US\tquery.dll.mui - ok
12:41:06.0629 4708 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
12:41:06.0629 4708 C:\Windows\System32\dot3api.dll - ok
12:41:06.0629 4708 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
12:41:06.0629 4708 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
12:41:06.0629 4708 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
12:41:06.0629 4708 C:\Windows\System32\wlanhlp.dll - ok
12:41:06.0629 4708 [ 7C74C407EEFE30A423B49E2D10850281 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
12:41:06.0629 4708 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
12:41:06.0629 4708 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
12:41:06.0629 4708 C:\Windows\System32\wlanapi.dll - ok
12:41:06.0629 4708 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
12:41:06.0629 4708 C:\Windows\System32\wlanutil.dll - ok
12:41:06.0644 4708 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
12:41:06.0644 4708 C:\Windows\System32\onex.dll - ok
12:41:06.0644 4708 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:41:06.0644 4708 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:41:06.0644 4708 [ 715BFF236158F61C042928A53C0D5AA8 ] C:\Program Files\Windows NT\Accessories\wordpad.exe
12:41:06.0644 4708 C:\Program Files\Windows NT\Accessories\wordpad.exe - ok
12:41:06.0644 4708 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:41:06.0644 4708 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:41:06.0644 4708 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
12:41:06.0644 4708 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
12:41:06.0644 4708 [ 03D8EB2286C86F8F58D5721A7797FA33 ] C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
12:41:06.0644 4708 C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll - ok
12:41:06.0644 4708 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
12:41:06.0644 4708 C:\Windows\System32\wsock32.dll - ok
12:41:06.0644 4708 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
12:41:06.0644 4708 C:\Windows\System32\drmv2clt.dll - ok
12:41:06.0644 4708 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
12:41:06.0660 4708 C:\Windows\System32\wmdrmdev.dll - ok
12:41:06.0660 4708 [ 7A03A97CED9A1A431E641F521BA5BEE2 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
12:41:06.0660 4708 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
12:41:06.0660 4708 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
12:41:06.0660 4708 C:\Windows\System32\WWanAPI.dll - ok
12:41:06.0660 4708 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
12:41:06.0660 4708 C:\Windows\System32\wwapi.dll - ok
12:41:06.0660 4708 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
12:41:06.0660 4708 C:\Windows\System32\QAGENT.DLL - ok
12:41:06.0660 4708 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
12:41:06.0660 4708 C:\Windows\System32\wmp.dll - ok
12:41:06.0660 4708 [ 8446819BE4275FD7C3653146A9CE3F4F ] C:\Program Files\CCleaner\CCleaner64.exe
12:41:06.0660 4708 C:\Program Files\CCleaner\CCleaner64.exe - ok
12:41:06.0660 4708 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
12:41:06.0660 4708 C:\Windows\System32\wersvc.dll - ok
12:41:06.0660 4708 [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
12:41:06.0660 4708 C:\Windows\System32\SearchProtocolHost.exe - ok
12:41:06.0676 4708 [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
12:41:06.0676 4708 C:\Windows\System32\msshooks.dll - ok
12:41:06.0676 4708 [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
12:41:06.0676 4708 C:\Windows\System32\SearchFilterHost.exe - ok
12:41:06.0676 4708 [ 48041BAEB60CE5F34F13CC2A1361E49C ] C:\Windows\System32\mssph.dll
12:41:06.0676 4708 C:\Windows\System32\mssph.dll - ok
12:41:06.0676 4708 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
12:41:06.0676 4708 C:\Windows\System32\mapi32.dll - ok
12:41:06.0676 4708 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
12:41:06.0676 4708 C:\Windows\System32\webcheck.dll - ok
12:41:06.0676 4708 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
12:41:06.0676 4708 C:\Windows\System32\mlang.dll - ok
12:41:06.0676 4708 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
12:41:06.0676 4708 C:\Windows\System32\SyncCenter.dll - ok
12:41:06.0676 4708 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
12:41:06.0676 4708 C:\Windows\System32\imapi2.dll - ok
12:41:06.0676 4708 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
12:41:06.0676 4708 C:\Windows\System32\wmploc.DLL - ok
12:41:06.0691 4708 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
12:41:06.0691 4708 C:\Windows\System32\hgcpl.dll - ok
12:41:06.0691 4708 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
12:41:06.0691 4708 C:\Windows\System32\fdPHost.dll - ok
12:41:06.0691 4708 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
12:41:06.0691 4708 C:\Windows\System32\fdWSD.dll - ok
12:41:06.0691 4708 [ 31525BC38F219E3E17D8AF11DA0FAE3E ] C:\Windows\System32\jsproxy.dll
12:41:06.0691 4708 C:\Windows\System32\jsproxy.dll - ok
12:41:06.0691 4708 [ D9286026518AB23029EE2B4A8002C640 ] C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.dll
12:41:06.0691 4708 C:\Program Files\Rainmeter\Plugins\Win7AudioPlugin.dll - ok
12:41:06.0691 4708 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
12:41:06.0691 4708 C:\Windows\System32\fdSSDP.dll - ok
12:41:06.0691 4708 [ 2F9FFBD9559EB74E82503B5BD2EC4334 ] C:\Program Files\Rainmeter\Plugins\NowPlaying.dll
12:41:06.0691 4708 C:\Program Files\Rainmeter\Plugins\NowPlaying.dll - ok
12:41:06.0691 4708 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
12:41:06.0691 4708 C:\Windows\System32\ListSvc.dll - ok
12:41:06.0707 4708 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
12:41:06.0707 4708 C:\Windows\System32\P2P.dll - ok
12:41:06.0707 4708 [ 53A3DE22A97A40469FC6AEB54A151A61 ] C:\Windows\System32\atl100.dll
12:41:06.0707 4708 C:\Windows\System32\atl100.dll - ok
12:41:06.0707 4708 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
12:41:06.0707 4708 C:\Windows\System32\IdListen.dll - ok
12:41:06.0707 4708 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
12:41:06.0707 4708 C:\Windows\System32\p2pcollab.dll - ok
12:41:06.0707 4708 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
12:41:06.0707 4708 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:41:06.0707 4708 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
12:41:06.0707 4708 C:\Windows\System32\hgprint.dll - ok
12:41:06.0707 4708 [ A245E0769F8CCA876519FC4D25FAD6F3 ] C:\Program Files\Rainmeter\Plugins\Process.dll
12:41:06.0707 4708 C:\Program Files\Rainmeter\Plugins\Process.dll - ok
12:41:06.0707 4708 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
12:41:06.0707 4708 C:\Windows\System32\pnrpsvc.dll - ok
12:41:06.0707 4708 [ 5BD4ADE0CA7E75DCC830F6929EFA92E3 ] C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
12:41:06.0707 4708 C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll - ok
12:41:06.0722 4708 [ 1B73F0C89291850DFC00CBEFECE9321E ] C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
12:41:06.0722 4708 C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll - ok
12:41:06.0722 4708 [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
12:41:06.0722 4708 C:\Windows\System32\CertPolEng.dll - ok
12:41:06.0722 4708 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
12:41:06.0722 4708 C:\Windows\System32\QAGENTRT.DLL - ok
12:41:06.0722 4708 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
12:41:06.0722 4708 C:\Windows\SysWOW64\powrprof.dll - ok
12:41:06.0722 4708 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
12:41:06.0722 4708 C:\Windows\System32\fveui.dll - ok
12:41:06.0722 4708 [ 306B855FD6EA1D1935902EAD5F7F1FA5 ] C:\eclipse\eclipse.exe
12:41:06.0722 4708 C:\eclipse\eclipse.exe - ok
12:41:06.0722 4708 [ 47E275362B212C90500A578CA0A634CA ] C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
12:41:06.0722 4708 C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll - ok
12:41:06.0722 4708 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
12:41:06.0722 4708 C:\Windows\System32\p2psvc.dll - ok
12:41:06.0738 4708 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
12:41:06.0738 4708 C:\Windows\System32\P2PGraph.dll - ok
12:41:06.0738 4708 [ 79A24CAAFAA951BDCE3A50B27F379072 ] C:\Program Files (x86)\Winamp\Plugins\ml_nowplaying.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_nowplaying.dll - ok
12:41:06.0738 4708 [ 2C4F5368A856457D04812BF1D536D6E5 ] C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_local.dll - ok
12:41:06.0738 4708 [ DFCE0B5F594734D337D37D9CECCE77CD ] C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll - ok
12:41:06.0738 4708 [ 21E64001A24FBD086DF36737B15FD39E ] C:\Program Files (x86)\Winamp\Plugins\ml_addons.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_addons.dll - ok
12:41:06.0738 4708 [ 79541C88C2195552AA0F532A9915FCC8 ] C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll - ok
12:41:06.0738 4708 [ 592DBE83AE55D3F6B13DF30EB173358F ] C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
12:41:06.0738 4708 C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll - ok
12:41:06.0738 4708 [ 00000000000000000000000000000000 ] C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
12:41:06.0738 4708 C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe - ok
12:41:06.0754 4708 [ D0B90B5DC9376354B16A2701E6398CDC ] C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll - ok
12:41:06.0754 4708 [ 298D8660BC0915E80019F6AC815A1717 ] C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll - ok
12:41:06.0754 4708 [ F7136AF33703A14AE58CD29773A6C0C5 ] C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_history.dll - ok
12:41:06.0754 4708 [ BE81FBBD72FC0811E182FFB19BEF645C ] C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll - ok
12:41:06.0754 4708 [ ADF45CFB8C4D3CE912AE9DC05E87A730 ] C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll - ok
12:41:06.0754 4708 [ 2C09A7F1A0978CC44D3B0A5F33EBAD33 ] C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll - ok
12:41:06.0754 4708 [ B4B8FF9288ACF96C9362DD6E4F27D0D5 ] C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
12:41:06.0754 4708 C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll - ok
12:41:06.0769 4708 [ 595E22687E17DC66671C672375ECCDB8 ] C:\Program Files (x86)\Winamp\Plugins\ml_wa2_scrobbler.dll
12:41:06.0769 4708 C:\Program Files (x86)\Winamp\Plugins\ml_wa2_scrobbler.dll - ok
12:41:06.0769 4708 [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
12:41:06.0769 4708 C:\Windows\SysWOW64\wpdshext.dll - ok
12:41:06.0769 4708 [ 6C12BD722FFC94584348DD34F4059FC5 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
12:41:06.0769 4708 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
12:41:06.0769 4708 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
12:41:06.0769 4708 C:\Windows\System32\wmpps.dll - ok
12:41:06.0769 4708 [ F149E8CAE538DBF7059B00326673F602 ] C:\Windows\System32\wmpmde.dll
12:41:06.0769 4708 C:\Windows\System32\wmpmde.dll - ok
12:41:06.0769 4708 [ 021287C2050FD5DB4A8B084E2C38139C ] C:\Windows\System32\WinSATAPI.dll
12:41:06.0769 4708 C:\Windows\System32\WinSATAPI.dll - ok
12:41:06.0769 4708 [ FC7C9B4EEAF26B4F59D2AD455FD039B2 ] C:\Program Files (x86)\Last.fm\LastFM.exe
12:41:06.0769 4708 C:\Program Files (x86)\Last.fm\LastFM.exe - ok
12:41:06.0769 4708 [ 1993CE128485180A4BCB1E43C8049A56 ] C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
12:41:06.0769 4708 C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll - ok
12:41:06.0785 4708 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
12:41:06.0785 4708 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
12:41:06.0785 4708 [ 28A7D7C7E2FDD1D55F12F750CD6331EC ] C:\Windows\System32\MSMPEG2ENC.DLL
12:41:06.0785 4708 C:\Windows\System32\MSMPEG2ENC.DLL - ok
12:41:06.0785 4708 [ 46767946E7B559D981C1DC04EC0AB36F ] C:\Windows\System32\devenum.dll
12:41:06.0785 4708 C:\Windows\System32\devenum.dll - ok
12:41:06.0785 4708 [ 55D9803FD821C293D97614C39E6603D4 ] C:\Windows\SysWOW64\imapi.dll
12:41:06.0785 4708 C:\Windows\SysWOW64\imapi.dll - ok
12:41:06.0785 4708 [ 558C42D165DB5799B4072DC0A9C27C0B ] C:\Windows\System32\msdmo.dll
12:41:06.0785 4708 C:\Windows\System32\msdmo.dll - ok
12:41:06.0785 4708 [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
12:41:06.0785 4708 C:\Windows\System32\upnphost.dll - ok
12:41:06.0785 4708 [ 5A05A1ECF70753039C99B6D0BC266D41 ] C:\Program Files (x86)\Last.fm\Moose1.dll
12:41:06.0785 4708 C:\Program Files (x86)\Last.fm\Moose1.dll - ok
12:41:06.0785 4708 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\SysWOW64\imapi2.dll
12:41:06.0785 4708 C:\Windows\SysWOW64\imapi2.dll - ok
12:41:06.0785 4708 [ 8807743FC85506CD8486E94E9D0E958C ] C:\Program Files (x86)\Last.fm\LastFmTools1.dll
12:41:06.0785 4708 C:\Program Files (x86)\Last.fm\LastFmTools1.dll - ok
12:41:06.0800 4708 [ 7A82634C75F5CD12EFCF43897A2E28CE ] C:\Windows\SysWOW64\imapi2fs.dll
12:41:06.0800 4708 C:\Windows\SysWOW64\imapi2fs.dll - ok
12:41:06.0800 4708 [ 0DACD51C27D8ECC279479A3354EB7D42 ] C:\Program Files (x86)\Last.fm\QtSql4.dll
12:41:06.0800 4708 C:\Program Files (x86)\Last.fm\QtSql4.dll - ok
12:41:06.0800 4708 [ BBD5F81C6BBC1FB47EC1BE6CD03807D2 ] C:\Program Files (x86)\Last.fm\QtCore4.dll
12:41:06.0800 4708 C:\Program Files (x86)\Last.fm\QtCore4.dll - ok
12:41:06.0800 4708 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:41:06.0800 4708 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:41:06.0800 4708 [ 46A6BA9274D075A2C30025C4E96D875A ] C:\Windows\SysWOW64\msvcp60.dll
12:41:06.0800 4708 C:\Windows\SysWOW64\msvcp60.dll - ok
12:41:06.0800 4708 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\Program Files (x86)\Last.fm\Microsoft.VC80.CRT\msvcp80.dll
12:41:06.0800 4708 C:\Program Files (x86)\Last.fm\Microsoft.VC80.CRT\msvcp80.dll - ok
12:41:06.0800 4708 [ 1FCDA65915E15A4410AC7912F1F93E03 ] C:\Windows\SysWOW64\mcicda.dll
12:41:06.0800 4708 C:\Windows\SysWOW64\mcicda.dll - ok
12:41:06.0800 4708 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\Program Files (x86)\Last.fm\Microsoft.VC80.CRT\msvcr80.dll
12:41:06.0800 4708 C:\Program Files (x86)\Last.fm\Microsoft.VC80.CRT\msvcr80.dll - ok
12:41:06.0816 4708 [ ABF7AC83769D1396CACF2659F4FB0F85 ] C:\Program Files (x86)\Last.fm\QtXml4.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\QtXml4.dll - ok
12:41:06.0816 4708 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
12:41:06.0816 4708 C:\Windows\System32\wbem\wmiprov.dll - ok
12:41:06.0816 4708 [ 99474AEE8CA74EF85EC77E446A5D4AB4 ] C:\Program Files (x86)\Last.fm\QtGui4.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\QtGui4.dll - ok
12:41:06.0816 4708 [ F151E8E0C8371DD88C9BFC9F469470ED ] C:\Program Files (x86)\Last.fm\QtNetwork4.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\QtNetwork4.dll - ok
12:41:06.0816 4708 [ 98A3FB2D0A924B5241F321EF2714AFC5 ] C:\Program Files (x86)\Last.fm\breakpad.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\breakpad.dll - ok
12:41:06.0816 4708 [ 15C4EB66091F69F112AE5439CF712669 ] C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll - ok
12:41:06.0816 4708 [ 9B24EF636D2DEA8F55DBD443251BDECF ] C:\Program Files (x86)\Last.fm\libfftw3f-3.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\libfftw3f-3.dll - ok
12:41:06.0816 4708 [ 4EFAA53C545F4FFB1EE0ED1709C15EA7 ] C:\Program Files (x86)\Last.fm\zlibwapi.dll
12:41:06.0816 4708 C:\Program Files (x86)\Last.fm\zlibwapi.dll - ok
12:41:06.0832 4708 [ FCC8F25A5F5A4D6BD57D917DB7A00D78 ] C:\Windows\SysWOW64\crtdll.dll
12:41:06.0832 4708 C:\Windows\SysWOW64\crtdll.dll - ok
12:41:06.0832 4708 [ 71E68F2443A80BD4DA89181889C457EA ] C:\Windows\System32\udhisapi.dll
12:41:06.0832 4708 C:\Windows\System32\udhisapi.dll - ok
12:41:06.0832 4708 [ 259123EFD0AEB9F1BB6B745C3D905D23 ] C:\Program Files (x86)\Last.fm\srv_httpinput.dll
12:41:06.0832 4708 C:\Program Files (x86)\Last.fm\srv_httpinput.dll - ok
12:41:06.0832 4708 [ 821DF1B74A3D830A71D7A9911B470A13 ] C:\Program Files (x86)\Last.fm\srv_madtranscode.dll
12:41:06.0832 4708 C:\Program Files (x86)\Last.fm\srv_madtranscode.dll - ok
12:41:06.0832 4708 [ 0229DAB63A47E85FEF94185D714BBF0F ] C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll
12:41:06.0832 4708 C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll - ok
12:41:06.0832 4708 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
12:41:06.0832 4708 C:\Windows\SysWOW64\dsound.dll - ok
12:41:06.0832 4708 [ A4C3B8774098CE432EEDD70D9B4A4C62 ] C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll
12:41:06.0832 4708 C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll - ok
12:41:06.0832 4708 [ 304D8A289D246822DCE4CE15DA2F6F4C ] C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll
12:41:06.0832 4708 C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll - ok
12:41:06.0847 4708 [ EFCE9D5F818531680289356155E97AB2 ] C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll
12:41:06.0847 4708 C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll - ok
12:41:06.0847 4708 [ 21BF88F06536261B7F19CA15C152D911 ] C:\Program Files (x86)\Last.fm\ext_messengernotify.dll
12:41:06.0847 4708 C:\Program Files (x86)\Last.fm\ext_messengernotify.dll - ok
12:41:06.0847 4708 [ 24F992235686F7D86F0DCC72169DB801 ] C:\Program Files (x86)\Last.fm\ext_skypenotify.dll
12:41:06.0847 4708 C:\Program Files (x86)\Last.fm\ext_skypenotify.dll - ok
12:41:06.0847 4708 [ 893EDB1636EAC10F93115B68DF3EC41D ] C:\Program Files (x86)\foobar2000\foobar2000.exe
12:41:06.0847 4708 C:\Program Files (x86)\foobar2000\foobar2000.exe - ok
12:41:06.0847 4708 [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
12:41:06.0847 4708 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
12:41:06.0847 4708 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
12:41:06.0847 4708 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
12:41:06.0847 4708 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
12:41:06.0847 4708 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
12:41:06.0847 4708 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
12:41:06.0847 4708 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
12:41:06.0863 4708 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
12:41:06.0863 4708 [ 4D8CAE21D3617DBC539F0A7ACEB66FAD ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
12:41:06.0863 4708 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
12:41:06.0863 4708 [ 0206166F245BE09DC9C1550AFB2C0B8D ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
12:41:06.0863 4708 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
12:41:06.0863 4708 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
12:41:06.0863 4708 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
12:41:06.0863 4708 [ 9F135327116E63D522BFEF39F37CB2E6 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
12:41:06.0863 4708 C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
12:41:06.0878 4708 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
12:41:06.0878 4708 [ A38B82A306CDDA0BB141225F92FC9F85 ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
12:41:06.0878 4708 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
12:41:06.0878 4708 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
12:41:06.0878 4708 [ 4D774B94671141D491CFCB4CA3650EBF ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
12:41:06.0878 4708 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
12:41:06.0878 4708 C:\Windows\SysWOW64\DWrite.dll - ok
12:41:06.0878 4708 [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
12:41:06.0878 4708 C:\Windows\System32\FntCache.dll - ok
12:41:06.0878 4708 [ 520B9EF148145FDE39E4FB77E0C7FC48 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
12:41:06.0878 4708 C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
12:41:06.0894 4708 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\wshqos.dll - ok
12:41:06.0894 4708 [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\d3d10_1.dll - ok
12:41:06.0894 4708 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\d3d10_1core.dll - ok
12:41:06.0894 4708 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\dxgi.dll - ok
12:41:06.0894 4708 [ 38A8A45A82340D1383E260AC36D67EB0 ] C:\Windows\SysWOW64\nvwgf2um.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\nvwgf2um.dll - ok
12:41:06.0894 4708 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
12:41:06.0894 4708 C:\Windows\System32\drttransport.dll - ok
12:41:06.0894 4708 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
12:41:06.0894 4708 C:\Windows\System32\drt.dll - ok
12:41:06.0894 4708 [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\d2d1.dll - ok
12:41:06.0894 4708 [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
12:41:06.0894 4708 C:\Windows\SysWOW64\d3d10.dll - ok
12:41:06.0910 4708 [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
12:41:06.0910 4708 C:\Windows\SysWOW64\d3d10core.dll - ok
12:41:06.0910 4708 [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
12:41:06.0910 4708 C:\Windows\SysWOW64\feclient.dll - ok
12:41:06.0910 4708 [ 9662E514A77389EB6F7E846DB8B44C4D ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
12:41:06.0910 4708 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
12:41:06.0910 4708 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
12:41:06.0910 4708 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
12:41:06.0910 4708 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
12:41:06.0910 4708 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
12:41:06.0910 4708 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
12:41:06.0910 4708 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
12:41:06.0910 4708 [ 9B301B3FAE10015350B96B58AB24F046 ] C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
12:41:06.0910 4708 C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
12:41:06.0910 4708 [ E54631B36DB25082B7998AE7538BA8C8 ] C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
12:41:06.0910 4708 C:\Users\Dusan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
12:41:06.0925 4708 [ 2A0DD9961ED969EB10781DBC57EBA9CC ] C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe
12:41:06.0925 4708 C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe - ok
12:41:06.0925 4708 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
12:41:06.0925 4708 C:\Windows\SysWOW64\mscms.dll - ok
12:41:06.0925 4708 [ 2A78BDFFC82BE8D610EE50975F6396B5 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
12:41:06.0925 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll - ok
12:41:06.0925 4708 [ 3FDC5B918B767DAB2963B1AA60ECF1AE ] C:\Windows\SysWOW64\nvapi.dll
12:41:06.0925 4708 C:\Windows\SysWOW64\nvapi.dll - ok
12:41:06.0925 4708 [ 94BE31CD7FDBC1BF680DAFA8B865186E ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
12:41:06.0925 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll - ok
12:41:06.0925 4708 [ 39FEC70EC5A92087D0A3977B80316E00 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
12:41:06.0925 4708 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
12:41:06.0925 4708 [ 365E96584583C9FAE85953BD1A2D9850 ] C:\Windows\SysWOW64\nvd3dum.dll
12:41:06.0925 4708 C:\Windows\SysWOW64\nvd3dum.dll - ok
12:41:06.0925 4708 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
12:41:06.0925 4708 C:\Windows\System32\keyiso.dll - ok
12:41:06.0941 4708 [ D44A4D4D5CEF651EC5840ABF9AAC113E ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
12:41:06.0941 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
12:41:06.0941 4708 [ 031528298BDE0FE7CBB2EAAF2C3761FD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
12:41:06.0941 4708 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
12:41:06.0941 4708 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:41:06.0941 4708 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
12:41:06.0941 4708 [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
12:41:06.0941 4708 C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
12:41:06.0941 4708 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe
12:41:06.0941 4708 C:\Users\Dusan\AppData\Local\Google\Update\GoogleUpdate.exe - ok
12:41:06.0941 4708 [ E4024CCF225A936207294DE50925D4F6 ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll
12:41:06.0941 4708 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdateres_en.dll - ok
12:41:06.0941 4708 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
12:41:06.0941 4708 C:\Windows\SysWOW64\mscoree.dll - ok
12:41:06.0941 4708 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
12:41:06.0941 4708 C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
12:41:06.0956 4708 [ 7425C32BA15AFD9ECE75029B00843F64 ] C:\Program Files (x86)\Google\Update\1.3.21.123\psmachine.dll
12:41:06.0956 4708 C:\Program Files (x86)\Google\Update\1.3.21.123\psmachine.dll - ok
12:41:06.0956 4708 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
12:41:06.0956 4708 C:\Windows\SysWOW64\winsta.dll - ok
12:41:06.0956 4708 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
12:41:06.0956 4708 C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok
12:41:06.0956 4708 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:41:06.0956 4708 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
12:41:06.0956 4708 [ 111A198395B36E99497CCF492564D3A5 ] C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\psuser.dll
12:41:06.0956 4708 C:\Users\Dusan\AppData\Local\Google\Update\1.3.21.123\psuser.dll - ok
12:41:06.0956 4708 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:41:06.0956 4708 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:41:06.0956 4708 [ E7859BA062DB5E23C6DD34AD66B09F50 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:41:06.0956 4708 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
12:41:06.0972 4708 [ 4E5C5D88EB0A8D21824D5A3EB7327E69 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
12:41:06.0972 4708 C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe - ok
12:41:06.0972 4708 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
12:41:06.0972 4708 C:\Windows\System32\sppsvc.exe - ok
12:41:06.0972 4708 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
12:41:06.0972 4708 C:\Windows\System32\drivers\spsys.sys - ok
12:41:06.0972 4708 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
12:41:06.0972 4708 C:\Windows\System32\wscsvc.dll - ok
12:41:06.0972 4708 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
12:41:06.0972 4708 C:\Windows\System32\wuaueng.dll - ok
12:41:06.0972 4708 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
12:41:06.0972 4708 C:\Windows\System32\cabinet.dll - ok
12:41:06.0972 4708 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
12:41:06.0972 4708 C:\Windows\System32\mspatcha.dll - ok
12:41:06.0972 4708 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
12:41:06.0972 4708 C:\Windows\System32\wuapi.dll - ok
12:41:06.0972 4708 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
12:41:06.0972 4708 C:\Windows\System32\wups.dll - ok
12:41:06.0988 4708 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
12:41:06.0988 4708 C:\Windows\System32\sppwinob.dll - ok
12:41:06.0988 4708 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
12:41:06.0988 4708 C:\Windows\System32\wups2.dll - ok
12:41:06.0988 4708 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
12:41:06.0988 4708 C:\Windows\System32\sppobjs.dll - ok
12:41:06.0988 4708 [ E91F8AFBD7FB96C94B266579D6BFA77A ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:41:06.0988 4708 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
12:41:06.0988 4708 [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
12:41:06.0988 4708 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
12:41:06.0988 4708 [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
12:41:06.0988 4708 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
12:41:06.0988 4708 ============================================================
12:41:06.0988 4708 Scan finished
12:41:06.0988 4708 ============================================================
12:41:07.0003 4700 Detected object count: 0
12:41:07.0003 4700 Actual detected object count: 0
12:42:15.0154 0420 Deinitialize success


aswMBR log:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-12-21 12:46:22
-----------------------------
12:46:22.399 OS Version: Windows x64 6.1.7601 Service Pack 1
12:46:22.399 Number of processors: 4 586 0x2A07
12:46:22.399 ComputerName: DUSAN-PC UserName: Dusan
12:46:27.875 Initialize success
12:47:39.067 AVAST engine defs: 12122100
12:49:22.012 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
12:49:22.012 Disk 0 Vendor: ST31000524AS JC4B Size: 953869MB BusType: 3
12:49:22.043 Disk 0 MBR read successfully
12:49:22.043 Disk 0 MBR scan
12:49:22.043 Disk 0 Windows 7 default MBR code
12:49:22.059 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
12:49:22.059 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 307099 MB offset 206848
12:49:22.075 Disk 0 Partition - 00 0F Extended LBA 646663 MB offset 629153595
12:49:22.090 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 307196 MB offset 629153658
12:49:22.090 Disk 0 Partition - 00 05 Extended 339467 MB offset 1258291125
12:49:22.121 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 339467 MB offset 1258291188
12:49:22.153 Disk 0 scanning C:\Windows\system32\drivers
12:49:28.455 Service scanning
12:49:44.133 Modules scanning
12:49:44.133 Disk 0 trace - called modules:
12:49:44.164 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
12:49:44.164 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d1b060]
12:49:44.180 3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa800471b520]
12:49:44.180 5 ACPI.sys[fffff880011af7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa8004712060]
12:49:59.811 AVAST engine scan C:\Windows
12:50:02.323 AVAST engine scan C:\Windows\system32
12:51:52.871 AVAST engine scan C:\Windows\system32\drivers
12:52:00.246 AVAST engine scan C:\Users\Dusan
13:00:21.388 AVAST engine scan C:\ProgramData
13:01:35.845 Scan finished successfully
13:01:51.221 Disk 0 MBR has been saved successfully to "C:\Users\Dusan\Desktop\MBR.dat"
13:01:51.223 The log file has been saved successfully to "C:\Users\Dusan\Desktop\aswMBR.txt"

#12 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 21 December 2012 - 08:19 AM

One additional question.

Do you think that all/some of my passwords are compromised? (do you know if that's the thing this malware/virus is doing?)

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 21 December 2012 - 10:56 AM

Hello digvoo

Do you think that all/some of my passwords are compromised? - I don't think that they are but I would go ahead and change them just to be on the safe side

:P2P Warning!:

IMPORTANT I notice there are signs of one or more P2P (Person to Person) File Sharing Programs on your computer.

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. P2P programs form a direct conduit on to your computer, their security measures are easily circumvented and malware writers are increasingly exploiting them to spread their wares on to your computer. Further to that, if your P2P program is not configured correctly, your computer may be sharing more files than you realise. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to a file sharing network by a badly configured program.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
File sharing infects 500,000 computers
USAToday
infoworld


These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)

Programs to remove

µTorrent
Java™ 6 Update 37
Java™ 7 Update 1 (64-bit)
Java™ SE Development Kit 7 Update 1 (64-bit)
[/list]


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Install Java:

Please go here to install Java

  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Clean Out Temp Files

  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here http://www.ccleaner.com/

  • Run the installer to install the application.
  • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
  • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
  • Click Run Cleaner.
  • Close CCleaner.

: Malwarebytes' Anti-Malware :

  • I would like you to rerun MBAM
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
  • If you accidentally close it, the log file is saved here and will be named like this:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


Download HijackThis

If you have any problems running Hijackthis see NOTE** below (Host file not read, blank notepad ...)

  • Go Here to download HijackThis Installer
  • Save HijackThis Installer to your desktop.
  • Double-click on the HijackThis Installer icon on your desktop. (Vista and Win 7 right click and run as admin)
  • By default it will install to C:\Program Files\Trend Micro\HijackThis .
  • Click on Install.
  • It will create a HijackThis icon on the desktop.
  • Once installed it will launch Hijackthis.
  • Click on the Do a system scan and save a log file button. It will scan and the log should open in notepad.
  • Click on Edit > Select All then click on Edit > Copy to copy the entire contents of the log.
  • Come back here to this thread and Paste the log in your next reply.
  • DO NOT use the Analyze This button its findings are dangerous if misinterpreted.
  • DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

NOTE**
sometimes we have to run it like this To run HijackThis as an administrator, right-click HijackThis.exe
(located: C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe)<--32bit
(located: C:\Program Files(86)\Trend Micro\HiJackThis\HiJackThis.exe)<--64bit
and select to run as administrator

"information and logs"

  • In your next post I need the following

  • Log From MBAM
  • report from Hijackthis
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 digvoo

digvoo
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:18 PM

Posted 21 December 2012 - 01:12 PM

Hello Gringo, I have good news. :)

First of all, thank you for your help! Very much. :thumbup2:

1. I don't get redirections anymore.
2. The Security Center service (WSCSVC) is started, set to Automatic and more importantly - it does it's job! :)
It reminded me that I have no antivirus software, I installed Microsoft Security Essentials and MSE works well too! :)

I'd say everything is OK.

BUT, do you recommend doing all the steps from your previous post? Or this was the solution?
I'm waiting for your advise.

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:08:18 PM

Posted 21 December 2012 - 01:28 PM

Yes that is part of the cleanup and i would like you to complete it



gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users