Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

System Slows and Overheats; Malware Unknown


  • This topic is locked This topic is locked
25 replies to this topic

#1 WearyGuy

WearyGuy

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 31 December 2012 - 01:24 PM

I need help please!

I'm running a pretty powerful laptop with an i7 CPU. For the past couple of months, it usually runs slowly doing the most simple things when I'm not really running anything, and it's been overheating and shutting down. Even at near rest, still the CPU is at 20% utilization. I've tried most of the virus checkers. Only Malwarebytes found some Trojans (20), but the problem remains. I'm a dev and have been for 25 years, so not new to computers. Doing anything real causes the CPU to get utilized much more than it seems it should and when I stop it takes forever to quiet down. I've disabled Windows Indexing and most other processes that could be slowing the system. I think there's something hijacking my system, but none of the tools I run to remove or fix things helps.

I know this is a little vague, but I've spent many days of time over the couple of months to try and figure it out. I never ask for help, but this time I'm stumped.

I would be really grateful for some assistance / guidance.

Thanks in advance,

WearyGuy

Attached is my dds.txt.

Attached Files

  • Attached File  dds.txt   34.37KB   3 downloads


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 31 December 2012 - 02:07 PM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your malware problems.

I do not know if this is going to be a malware issue or not but I will give the computer a good checkup to at least rule out maleware


I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.




These are the programs I would like you to run next, if you have any problems with these just skip it and run the next one.

-Security Check-

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

-AdwCleaner-

  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

--RogueKiller--

  • Download & SAVE to your Desktop RogueKiller or from here
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 01 January 2013 - 11:47 AM

Hi Gringo!

I really thank you for your quick response and offer to help. Since the forum notes said it may take 5 days for a response, I started a full scan with MalwareBytes about the time I posted. It's been running 21 hours so far. After running at least 4 other virus checkers, surprisingly it's found 300 infections! I think it's near to finishing. If things are not improved, I'll run the programs you recommended and give you the results. I'll let you know either way.

Again, thanks very much for your help.

WearyGuy

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 01 January 2013 - 03:13 PM

even a long scan should not take 21 hours



you should continue with the cleaning



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 02 January 2013 - 05:24 AM

Hi Gringo,

Sorry for the delay, but I appreciate your help. While running the MalwareBytes full scan, and trying to observe an online meeting, my system finally overheated and shut down, so all 300 infections it found were lost. So, I've performed the three steps. Here are the results...

From SecurityCheck...
Results of screen317's Security Check version 0.99.56
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Forefront Endpoint Protection
(On Access scanning disabled!)
Error obtaining update status for antivirus!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.70.0.1100
Java™ 6 Update 35
Visual Studio Extensions for Windows Library for JavaScript
Java version out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
Mozilla Firefox 15.0.1 Firefox out of Date!
Google Chrome 21.0.1180.83
Google Chrome 21.0.1180.89
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
Google Chrome 22.0.1229.94
Google Chrome 23.0.1271.64
Google Chrome 23.0.1271.91
Google Chrome 23.0.1271.95
Google Chrome 23.0.1271.97
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Common Files Microsoft Shared Microsoft Online Services smss.exe -?-
Common Files Microsoft Shared Microsoft Online Services MSOIDSVC.EXE
Common Files Microsoft Shared Microsoft Online Services MSOIDSvcm.exe
Tele2 Mobile Partner OnlineUpdate ouc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````


From Adwcleaner (I accidentally ran only the scan one, maybe two times (sorry), then Delete)
# AdwCleaner v2.104 - Logfile created 01/02/2013 at 11:12:09
# Updated 29/12/2012 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Stephen - PRECM6500
# Boot Mode : Normal
# Running from : C:\Users\Stephen\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Stephen\AppData\Roaming\pdfforge

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Tarma Installer

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

File : C:\Users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\34f0r9n5.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1590 octets] - [01/01/2013 21:29:31]
AdwCleaner[R2].txt - [1650 octets] - [02/01/2013 10:23:09]
AdwCleaner[S1].txt - [1607 octets] - [02/01/2013 11:12:09]

########## EOF - C:\AdwCleaner[S1].txt - [1667 octets] ##########


RogueKiller... I mistakenly clicked Scan only first(included), then ran Delete(included))
RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Stephen [Admin rights]
Mode : Scan -- Date : 01/02/2013 11:21:17

Bad processes : 2
[SUSP PATH] ouc.exe -- C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe -> KILLED [TermProc]
[SUSP PATH] ouc.exe -- C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe -> KILLED [TermProc]

Registry Entries : 10
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B} : NameServer (212.247.156.66 212.247.156.70) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3} : NameServer (212.247.156.66 212.247.156.70) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B} : NameServer (212.247.156.66 212.247.156.70) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3} : NameServer (212.247.156.66 212.247.156.70) -> FOUND
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\Wow6432Node\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD7500BPKT-75PK4T0 +++++
--- User ---
[MBR] b655f0703b91afcef287500ce1982938
[BSP] 6bcbb7e6c61cfe0e1b0d3c46a4ee01f8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 542 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 1112064 | Size: 750 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2648064 | Size: 714111 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1]_S_01022013_02d1121.txt >>
RKreport[1]_S_01022013_02d1121.txt


RogueKiller V8.4.2 [Dec 31 2012] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Stephen [Admin rights]
Mode : Remove -- Date : 01/02/2013 11:22:13

Bad processes : 2
[SUSP PATH] ouc.exe -- C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe -> KILLED [TermProc]
[SUSP PATH] ouc.exe -- C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe -> KILLED [TermProc]

Registry Entries : 8
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B} : NameServer (212.247.156.66 212.247.156.70) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3} : NameServer (212.247.156.66 212.247.156.70) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B} : NameServer (212.247.156.66 212.247.156.70) -> NOT REMOVED, USE DNSFIX
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3} : NameServer (212.247.156.66 212.247.156.70) -> NOT REMOVED, USE DNSFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

Particular Files / Folders:

Driver : [NOT LOADED]

HOSTS File:
--> C:\Windows\system32\drivers\etc\hosts



MBR Check:

+++++ PhysicalDrive0: WDC WD7500BPKT-75PK4T0 +++++
--- User ---
[MBR] b655f0703b91afcef287500ce1982938
[BSP] 6bcbb7e6c61cfe0e1b0d3c46a4ee01f8 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 542 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 1112064 | Size: 750 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2648064 | Size: 714111 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_01022013_02d1122.txt >>
RKreport[1]_S_01022013_02d1121.txt ; RKreport[2]_D_01022013_02d1122.txt


I look forward to hearing what you see in the reports. After rebooting my system, it's running very quietly. Usually I have about 140 to 150 processes after startup, but now I only had 90 and they have been slowly increasing to now 110 where they have stayed. Usually my memory at startup has been around 4Gb (I have an 8Gb system), but now it's only about 2Gb after 26 minutes of run time. I usually run IE and it's still trying to load the home page (http://edition.cnn.com), but Chrome loaded it right away. I'm also submitting this via Chrome because IE was taking forever to get to bleepingcomputer. From the past, I had a feeling that after using IE, then my CPU usage started to go up and not go down even if I closed most or all tabs. (BTW, IE finally, slowly was able to load cnn.com)

So, good results! The fans are at a low speed and the CPU is hardly being used. Often my system starts this way, then the CPU gets utilized more and more, the fans go to their highest speed, and nothing helps to reduce the CPU load / temperature. But, I'm surprised / concerned there are so many fewer processes and the memory usage is so low. I'll start doing my work on the system and report any bad behavior. Thanks for your help and I will give you a donation.

I am concerned about the 300 infections MalwareBytes found, but didn't quarantine / remove since my system shutdown from overheating. Should I run the full scan again? I disabled MS Forefront Protection, and thought MalwareBytes was still in effect, but it doesn't seem to be now. Let me know when and which virus protection you recommend, please.

Thanks again, very much,

WearyGuy

#6 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 02 January 2013 - 01:12 PM

Gringo,

Sad to say, things are pretty much as they were. The number of processes are still low, but whenever I use the system for much of anything, like typing this to you, the CPU utilization goes to 50-60% (once in a while it will go down to 20% for a bit, but then back up again even though I'm not doing anything really to cause it) and it starts to get much hotter quickly, even though the fans are running at a pretty high speed. If I stop doing anything, it takes 10-15 minutes to calm down. I know that's not much to go on, but perhaps it will give you a clue to something that I can't imagine.

Thanks in advance!

WearyGuy

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 02 January 2013 - 01:45 PM

Hello

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 02 January 2013 - 05:06 PM

So, I ran Combofix as directed. Instead of 10 or 20 minutes, it was taking way over an hour. I read some other posts that it could take 4 hours or more. Last I noticed it was up to Stage 48. I just decided like one other guy to go to bed and look at it in the morning. But I checked it a little later and was surprised to see that it was at the login screen for Windows. So, I entered my password and I get the message "The request is not supported". Same for another user I've configured on the system.

I've restarted it and get the same message.

What do you recommend now?

WearyGuy

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 03 January 2013 - 12:42 AM

see if this helps - http://answers.microsoft.com/en-us/windows/forum/windows_7-system/logon-error-msg-this-request-is-not-supported-when/30d64bd9-a37d-49f7-8494-99ccb51cf314
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 03 January 2013 - 02:36 AM

Your link helped, thanks. I rebooted using the last known good configuration, then I was able to log in. Then ComboFix popped up and ran and completed the report.

I tried then to run any program and got "Illegal operation attempted on a registry key that has been marked for deletion." So, I rebooted per the instructions, then couldn't login as before. So I restarted with the last known good configuration again, logged in as normal and now the programs respond.

The system is running pretty cool (around 73 degrees C), although the fans are racing for some reason. To try and keep it from overheating, before I ran ComboFix the first time, I had set the CPU's to go no higher than 90% in Power settings in Windows. I'll try bumping it up to 100% to see how things go and carry on with normal tasks and let you know how that goes.

IE is still terribly slow. So, I'm using Chrome at the moment. I found a lighter (in utilization) CPU temp program called Core Temp and it gives a notification of overheating at set levels.

Here's the ComboFix report... I look forward to your interpretation of it. Thanks very much for you continued help.
Oh, BTW, there's a mention of a quarantined file doc, ComboFix-quarantined-files.txt. Do you know where it is? I'd be curious to look at it. Thanks again.

ComboFix 13-01-02.02 - Stephen 01/02/2013 21:56:17.1.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8116.4540 [GMT 2:00]
Running from: c:\users\Stephen\Desktop\ComboFix.exe
AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Classic .NET AppPool\AppData\Local\assembly\tmp
c:\users\Default\AppData\Local\assembly\tmp
c:\users\DefaultAppPool\AppData\Local\assembly\tmp
c:\users\Klarika\AppData\Local\assembly\tmp
c:\users\MSSQL$SSEXP2012\AppData\Local\assembly\tmp
c:\users\MSSQLFDLauncher$SSEXP2012\AppData\Local\assembly\tmp
c:\users\ReportServer$SSEXP2012\AppData\Local\assembly\tmp
c:\users\Stephen\AppData\Local\assembly\tmp
c:\users\Stephen\AppData\Roaming\bytewdownload
c:\users\Stephen\AppData\Roaming\bytewdownload\installmanager.exe
c:\users\Stephen\AppData\Roaming\Microsoft\~DFK14eeb1.tmp
c:\users\Stephen\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\Stephen\AppData\Roaming\Microsoft\bass.dll
c:\users\Stephen\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\Stephen\AppData\Roaming\Microsoft\mjcriu.dll
c:\users\Stephen\AppData\Roaming\Microsoft\peaadje.dll
c:\users\Stephen\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\Stephen\AppData\Roaming\Microsoft\rsaadjd.dll
c:\users\Stephen\g2mdlhlpx.exe
c:\users\Stephen\GoToAssistDownloadHelper.exe
c:\windows\iun6002.exe
c:\windows\SysWow64\bin
c:\windows\SysWow64\d2d1debug1.dll
c:\windows\SysWow64\test
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_random
.
.
((((((((((((((((((((((((( Files Created from 2012-12-03 to 2013-01-03 )))))))))))))))))))))))))))))))
.
.
2013-01-02 21:32 . 2013-01-02 21:32 -------- d-----w- c:\users\ReportServer$SSEXP2012\AppData\Local\temp
2013-01-02 21:32 . 2013-01-02 21:32 -------- d-----w- c:\users\MSSQLFDLauncher$SSEXP2012\AppData\Local\temp
2013-01-02 21:32 . 2013-01-02 21:32 -------- d-----w- c:\users\MSSQL$SSEXP2012\AppData\Local\temp
2013-01-02 21:32 . 2013-01-02 21:32 -------- d-----w- c:\users\Klarika\AppData\Local\temp
2013-01-02 21:32 . 2013-01-02 21:32 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-01-02 08:20 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3351C530-C052-4F47-968D-A576C81C3ABB}\mpengine.dll
2013-01-01 21:37 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-31 14:04 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-12-31 14:03 . 2012-12-31 14:04 -------- d-----w- c:\program files (x86)\Event Log Explorer
2012-12-31 13:36 . 2012-12-31 13:36 -------- d-----w- c:\program files\CCleaner
2012-12-30 17:49 . 2012-12-30 17:49 -------- d-----w- C:\ImportReports
2012-12-30 17:48 . 2012-12-30 17:48 -------- dc-h--w- c:\users\Stephen\AppData\Local\{806B33C4-9764-4DED-9D66-67390E96D9FE}
2012-12-28 11:53 . 2012-12-28 11:53 -------- d-----w- c:\users\Stephen\AppData\Roaming\Malwarebytes
2012-12-28 11:50 . 2012-12-28 11:50 -------- d-----w- c:\programdata\Malwarebytes
2012-12-28 11:50 . 2012-12-14 14:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-28 11:50 . 2012-12-28 11:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-27 15:19 . 2012-12-27 15:19 -------- d-----w- c:\users\Stephen\AppData\Local\OSIsoft
2012-12-27 07:00 . 2011-02-27 16:13 110080 ----a-w- c:\windows\SysWow64\pywintypes27.dll
2012-12-27 07:00 . 2011-02-26 18:10 8192 ----a-w- c:\windows\SysWow64\pythoncomloader27.dll
2012-12-27 07:00 . 2011-02-26 18:02 354304 ----a-w- c:\windows\SysWow64\pythoncom27.dll
2012-12-27 06:39 . 2012-12-27 06:39 98304 ----a-r- c:\users\Stephen\AppData\Roaming\Microsoft\Installer\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}\python_icon.exe
2012-12-22 17:16 . 2012-12-22 17:17 -------- d-----w- c:\program files\Zune 4_7_1407_0
2012-12-22 16:13 . 2013-01-02 19:37 -------- d-----w- c:\users\v-stpavl
2012-12-21 13:09 . 2012-12-21 13:09 -------- d-----w- c:\windows\A2C249459261499686516D44DF4101FC.TMP
2012-12-21 12:56 . 2012-12-21 12:57 -------- d-----w- c:\program files\PI
2012-12-21 12:27 . 2012-12-21 12:27 -------- d-----w- c:\programdata\PISystem
2012-12-21 11:27 . 2012-12-21 11:27 -------- d-----w- c:\programdata\OSIsoft
2012-12-21 07:31 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 07:31 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 07:31 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 07:31 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 08:06 . 2012-12-14 08:06 -------- d-----w- c:\program files (x86)\nodejs
2012-12-13 11:24 . 2009-03-31 05:04 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SHAREPOINT-sqlagtctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SHAREPOINT-sqlagtctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SHAREPOINT-sqlctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 111640 ----a-w- c:\windows\system32\perf-MSSQL$SHAREPOINT-sqlctr10.1.2531.0.dll
2012-12-13 10:49 . 2012-12-13 10:49 -------- d-----w- c:\program files (x86)\Windows Identity Foundation
2012-12-13 10:49 . 2012-12-13 10:49 -------- d-----w- c:\program files\Windows Identity Foundation
2012-12-13 10:17 . 2012-12-13 10:40 -------- d-----w- C:\SharePointFiles
2012-12-12 11:43 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-12 11:43 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-12-12 11:43 . 2012-11-14 05:53 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-12-12 11:43 . 2012-11-14 07:11 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-12 11:43 . 2012-11-14 02:56 149552 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-12-12 11:43 . 2012-11-14 06:00 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-12 11:43 . 2012-11-14 01:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-12-12 11:41 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-12 11:41 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-12 11:10 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:10 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 11:09 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 11:07 . 2012-10-04 17:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 11:06 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:06 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 10:30 . 2012-12-11 10:30 -------- d-----w- c:\program files (x86)\Application Verifier
2012-12-11 10:30 . 2012-12-11 10:30 -------- d-----w- c:\program files\Application Verifier
2012-12-11 10:29 . 2012-12-11 10:29 -------- d-----w- c:\programdata\Windows App Certification Kit
2012-12-11 10:16 . 2012-12-11 10:16 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2012-12-11 09:55 . 2012-12-11 09:58 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
2012-12-11 09:52 . 2012-12-11 09:52 -------- d-----w- c:\program files\Microsoft
2012-12-11 09:38 . 2012-12-11 09:40 -------- d-----w- c:\program files\IIS Express
2012-12-11 09:28 . 2012-12-11 09:28 -------- d-----w- c:\program files (x86)\NuGet
2012-12-11 09:27 . 2012-12-11 09:27 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2012-12-11 09:10 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-12-11 09:05 . 2012-12-11 09:05 -------- d-----w- c:\program files (x86)\Windows Kits
2012-12-11 08:16 . 2012-12-11 08:16 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
2012-12-07 20:26 . 2012-12-11 12:22 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
2012-12-07 20:24 . 2012-12-07 20:24 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
2012-12-07 15:15 . 2012-12-07 15:15 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-12 14:33 . 2012-04-15 04:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 14:33 . 2011-06-20 16:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 12:39 . 2012-12-11 13:00 2489504 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2012-12-12 11:50 . 2010-11-11 16:13 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-28 07:00 . 2012-11-29 03:40 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{373943C3-06B4-45F0-A34A-E7D31EBC6765}\gapaengine.dll
2012-11-28 07:00 . 2010-12-01 06:58 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-01 13:35 . 2012-11-12 15:49 253256 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-10-30 22:50 . 2012-11-10 07:24 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-24 02:57 . 2012-10-24 02:57 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-28 07:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:05 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-15 06:12 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 06:12 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 06:12 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 06:12 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"HW_OPENEYE_OUC_Tele2 Mobile Partner"="c:\program files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe" [2012-09-11 655712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-01-16 343168]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-09-28 12105344]
"SoftGridTray"="c:\program files (x86)\Microsoft Application Virtualization Client\SFTTray.exe" [2012-09-03 854760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableAutoApproveHeuristics"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\0\0]
"Script"=script_wrapper.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\1\0]
"Script"=script_wrapper.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\2\0]
"Script"=delrms.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-07-13 285280]
R3 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-13 3246040]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 cpuz135;cpuz135;c:\users\Stephen\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 1039776]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-04-09 47616]
R3 DcaSvc;DirectAccess Connectivity Assistant Service;c:\program files (x86)\DirectAccess Connectivity Assistant\DcaSvc.exe [2010-10-06 121232]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-09-11 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-09-11 436224]
R3 lpasvc;Microsoft Policy Platform Local Authority;c:\program files\Microsoft Policy Platform\policyHost.exe [2011-06-10 57344]
R3 lppsvc;Microsoft Policy Platform Processor;c:\program files\Microsoft Policy Platform\policyHost.exe [2011-06-10 57344]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2007-05-10 16032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2012-06-12 220104]
R3 MSSQL$SSEXP2012;SQL Server (SSEXP2012);c:\program files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\sqlservr.exe [2012-06-12 190904]
R3 MSSQLFDLauncher$SSEXP2012;SQL Full-text Filter Daemon Launcher (SSEXP2012);c:\program files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\fdlauncher.exe [2012-02-11 49752]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
R4 AFService;PI AF Server 2.x Application Service;c:\program files\PIPC\AF\AFService.exe [2012-11-02 91024]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-01-16 204288]
R4 bufservX64;PI-Buffer Server x64;c:\program files\PIPC\bin\bufserv.exe [2011-11-10 1281408]
R4 CmRcService;Configuration Manager Remote Control;c:\windows\CCM\RemCtrl\CmRcService.exe [2011-08-09 579440]
R4 CouchbaseServer;CouchbaseServer;c:\program files\Couchbase\Server\bin\erlang\erts-5.8.3\bin\erlsrv.exe [2012-06-26 172032]
R4 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 517488]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 piaflink;PI AF Link Subsystem;c:\program files\PI\bin\piaflink.exe [2012-09-24 5710784]
R4 pialarm;PI Alarm Subsystem;c:\program files\PI\bin\pialarm.exe [2012-09-24 3395520]
R4 piarchss;PI Archive Subsystem;c:\program files\PI\bin\piarchss.exe [2012-09-24 6263232]
R4 pibackup;PI Backup Subsystem;c:\program files\PI\bin\pibackup.exe [2012-09-24 4351424]
R4 PIBaGen;PI Batch Generator Interface;c:\program files (x86)\PIPC\Interfaces\PIBaGen\PIBaGen.exe [2009-06-29 480640]
R4 pibasess;PI Base Subsystem;c:\program files\PI\bin\pibasess.exe [2012-09-24 8525760]
R4 pibatch;PI Batch Subsystem;c:\program files\PI\bin\pibatch.exe [2012-09-24 3224512]
R4 pibufss;PI Buffer Subsystem;c:\program files (x86)\PIPC\bin\pibufss.exe [2011-11-09 1816456]
R4 pilicmgr;PI License Manager;c:\program files\PI\bin\pilicmgr.exe [2012-09-24 3056064]
R4 pilogsrvX64;PIPC Log Server x64;c:\program files\PIPC\bin\pilogsrv.exe [2011-11-10 155520]
R4 pipeschd;PI Performance Equation Scheduler;c:\program files\PI\bin\pipeschd.exe [2012-09-24 3370432]
R4 pirecalc;PI Recalculator Subsystem;c:\program files\PI\bin\pirecalc.exe [2012-09-24 3771840]
R4 pishutev;PI Shutdown Subsystem;c:\program files\PI\bin\pishutev.exe [2012-09-24 2627520]
R4 pisnapss;PI Snapshot Subsystem;c:\program files\PI\bin\pisnapss.exe [2012-09-24 3669952]
R4 pisqlss;PI SQL Subsystem;c:\program files\PI\bin\pisqlss.exe [2012-09-24 5321664]
R4 pitotal;PI Totalizer Subsystem;c:\program files\PI\bin\pitotal.exe [2012-09-24 4068800]
R4 piupdmgr;PI Update Manager;c:\program files\PI\bin\piupdmgr.exe [2012-09-24 3296704]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-02 15768]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 31136]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-08-17 2024864]
S2 MSSQL$SHAREPOINT;SQL Server (SHAREPOINT);c:\program files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlservr.exe [2009-05-15 57629016]
S3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-12-05 95248]
S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-10-30 38440]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-09-11 90112]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-05-10 50208]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 20:59]
.
2013-01-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 20:59]
.
2013-01-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2261859637-2270655435-1067061215-1001Core.job
- c:\users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 21:31]
.
2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2261859637-2270655435-1067061215-1001UA.job
- c:\users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 21:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-22 2306448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-07-22 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"DWPersistentQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE" [2010-12-21 629664]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://edition.cnn.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: %SystemRoot%\system32\vsocklib.dll
Trusted Zone: livemeeting.com\www
Trusted Zone: precm6500
Trusted Zone: rtcppe.com\www406b
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B}: NameServer = 212.247.156.66 212.247.156.70
TCP: Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3}: NameServer = 212.247.156.66 212.247.156.70
DPF: {899B57D8-97C5-48E4-B0E2-E64621D32CCD} - hxxp://iadmin/iPlatformIncludes/poster4.cab
DPF: {C069D7B8-46C8-49BE-A3AB-C1FA97FFDD06} - hxxp://iadmin/iPlatformIncludes/webhelp.cab
FF - ProfilePath - c:\users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\34f0r9n5.default\
FF - ExtSQL: 2012-11-12 18:47; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools\PC Tools Security\BDT\Firefox
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-Locked - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-The Extractor1.4.2.2 - c:\windows\iun6002.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:8b,24,64,8f,75,2f,cc,01
.
[HKEY_USERS\S-1-5-21-2261859637-2270655435-1067061215-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2261859637-2270655435-1067061215-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-2261859637-2270655435-1067061215-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-2261859637-2270655435-1067061215-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PI\Counters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PI-SDK]
@Allowed: (B 1 4 5 6) (S-1-5-5-0-221052)
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PINS\Counters]
@Allowed: (B 1 4 5 6) (Administrators)
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\programdata\Tele2 Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
.
**************************************************************************
.
Completion time: 2013-01-03 08:09:05 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-03 06:09
.
Pre-Run: 123,119,697,920 bytes free
Post-Run: 121,422,295,040 bytes free
.
- - End Of File - - E414EC7885F987EC83AA823C7AB6C600

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 03 January 2013 - 03:01 AM

Greetings

That temp 73C seems kinda high is this a laptop or desktop?


I want you to run these next,

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.



Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 04 January 2013 - 01:36 AM

Yes, I'm running a laptop, a Dell Precision M6500 with an i7 CPU. 73 degrees is much better than what it's been, in the 90's to thermal shutdown at 100. So, this is an improvement. Yesterday, before the tests, the temps peaked at 83, which is still better than what it's been.

The aswMBR test ended prematurely with a message about "A problem caused the program to stop working correctly. Windows will close the program and notify you if a solution is available." I have a screenshot of what it looked like when it ended. It was in my user folder looking at a document from a known software company. I'll try running it again and see what it finds, but I may not be able to until later in my day as the scan takes a long time.

But my system seems to be running pretty well. The temps typing this and doing a couple of other tasks are around 65. The system is pretty responsive, and the CPU load calms down quickly when I stop doing something, so I'm encouraged, although I don't have much loaded yet (Outlook, etc.). IE is still way slow, not useable. I'll give you more feedback later in my day.

Here are the results from TDSSKiller. For some reason, there are two. Also, your instructions didn't follow what the program offered.
There was no Skip option when it found the suspicious threats.
There was no Cure option, perhaps because I had no malicious threats? And there was no Skip option.

Anyway, thanks very much for your help.

Best regards!

Here's the first report:
17:23:40.0508 6004 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:23:40.0900 6004 ============================================================
17:23:40.0900 6004 Current date / time: 2013/01/03 17:23:40.0900
17:23:40.0901 6004 SystemInfo:
17:23:40.0901 6004
17:23:40.0902 6004 OS Version: 6.1.7601 ServicePack: 1.0
17:23:40.0902 6004 Product type: Workstation
17:23:40.0903 6004 ComputerName: PRECM6500
17:23:40.0904 6004 UserName: Stephen
17:23:40.0904 6004 Windows directory: C:\Windows
17:23:40.0904 6004 System windows directory: C:\Windows
17:23:40.0904 6004 Running under WOW64
17:23:40.0905 6004 Processor architecture: Intel x64
17:23:40.0905 6004 Number of processors: 8
17:23:40.0905 6004 Page size: 0x1000
17:23:40.0905 6004 Boot type: Normal boot
17:23:40.0905 6004 ============================================================
17:23:43.0905 6004 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:23:43.0997 6004 ============================================================
17:23:43.0997 6004 \Device\Harddisk0\DR0:
17:23:43.0998 6004 MBR partitions:
17:23:43.0998 6004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10F800, BlocksNum 0x177000
17:23:43.0999 6004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x286800, BlocksNum 0x572BF800
17:23:43.0999 6004 ============================================================
17:23:44.0018 6004 C: <-> \Device\Harddisk0\DR0\Partition2
17:23:44.0020 6004 ============================================================
17:23:44.0020 6004 Initialize success
17:23:44.0020 6004 ============================================================
17:24:06.0273 4300 Deinitialize success

Apparently the second report was too long. I'll send the remainder of it in additional posts...

And the second report:
17:36:03.0886 4792 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:36:05.0617 4792 ============================================================
17:36:05.0618 4792 Current date / time: 2013/01/03 17:36:05.0617
17:36:05.0618 4792 SystemInfo:
17:36:05.0619 4792
17:36:05.0620 4792 OS Version: 6.1.7601 ServicePack: 1.0
17:36:05.0620 4792 Product type: Workstation
17:36:05.0621 4792 ComputerName: PRECM6500
17:36:05.0622 4792 UserName: Stephen
17:36:05.0622 4792 Windows directory: C:\Windows
17:36:05.0622 4792 System windows directory: C:\Windows
17:36:05.0623 4792 Running under WOW64
17:36:05.0623 4792 Processor architecture: Intel x64
17:36:05.0624 4792 Number of processors: 8
17:36:05.0624 4792 Page size: 0x1000
17:36:05.0624 4792 Boot type: Normal boot
17:36:05.0624 4792 ============================================================
17:36:06.0000 4792 BG loaded
17:36:09.0045 4792 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:36:09.0204 4792 ============================================================
17:36:09.0204 4792 \Device\Harddisk0\DR0:
17:36:09.0205 4792 MBR partitions:
17:36:09.0205 4792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x10F800, BlocksNum 0x177000
17:36:09.0205 4792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x286800, BlocksNum 0x572BF800
17:36:09.0206 4792 ============================================================
17:36:09.0408 4792 C: <-> \Device\Harddisk0\DR0\Partition2
17:36:09.0411 4792 ============================================================
17:36:09.0411 4792 Initialize success
17:36:09.0411 4792 ============================================================
17:37:27.0013 6992 ============================================================
17:37:27.0013 6992 Scan started
17:37:27.0013 6992 Mode: Manual; SigCheck; TDLFS;
17:37:27.0014 6992 ============================================================
17:37:28.0219 6992 ================ Scan system memory ========================
17:37:28.0219 6992 System memory - ok
17:37:28.0226 6992 ================ Scan services =============================
17:37:29.0302 6992 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:37:30.0121 6992 1394ohci - ok
17:37:30.0241 6992 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:37:30.0508 6992 ACPI - ok
17:37:30.0575 6992 [ 12C5274CD87449A2A37A607CDB321922 ] acpials C:\Windows\system32\DRIVERS\acpials.sys
17:37:30.0761 6992 acpials - ok
17:37:30.0868 6992 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:37:31.0119 6992 AcpiPmi - ok
17:37:31.0369 6992 [ 8B66C0195BA3BA88A319E1E69CEC159A ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
17:37:31.0664 6992 AcrSch2Svc - ok
17:37:31.0880 6992 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:37:32.0007 6992 AdobeARMservice - ok
17:37:32.0240 6992 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:37:32.0416 6992 AdobeFlashPlayerUpdateSvc - ok
17:37:32.0531 6992 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:37:32.0773 6992 adp94xx - ok
17:37:32.0846 6992 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:37:33.0056 6992 adpahci - ok
17:37:33.0125 6992 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:37:33.0284 6992 adpu320 - ok
17:37:33.0370 6992 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:37:34.0006 6992 AeLookupSvc - ok
17:37:34.0106 6992 [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
17:37:34.0281 6992 AESTFilters - ok
17:37:34.0419 6992 [ AE1FCE2CD1E99BEA89183BA8CD320872 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
17:37:34.0654 6992 afcdp - ok
17:37:35.0050 6992 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
17:37:35.0732 6992 afcdpsrv - ok
17:37:35.0852 6992 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:37:36.0093 6992 AFD - ok
17:37:36.0266 6992 [ 59A4642CDFE10AA77529E6E3509752A8 ] AFService C:\Program Files\PIPC\AF\AFService.exe
17:37:36.0388 6992 AFService - ok
17:37:36.0470 6992 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:37:36.0629 6992 agp440 - ok
17:37:36.0697 6992 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:37:36.0904 6992 ALG - ok
17:37:36.0964 6992 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:37:37.0085 6992 aliide - ok
17:37:37.0268 6992 ALSysIO - ok
17:37:37.0354 6992 [ DA9AA12027A178BA49752FFEAC324373 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:37:37.0638 6992 AMD External Events Utility - ok
17:37:37.0703 6992 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:37:37.0831 6992 amdide - ok
17:37:37.0891 6992 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:37:38.0048 6992 AmdK8 - ok
17:37:38.0831 6992 [ F29B94B19A1FD9A1C39F0CF753F186EE ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:37:40.0158 6992 amdkmdag - ok
17:37:40.0269 6992 [ FD0DD0CDF8C2167BFA75966FAF705D9C ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:37:40.0472 6992 amdkmdap - ok
17:37:40.0542 6992 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:37:40.0731 6992 AmdPPM - ok
17:37:40.0805 6992 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:37:40.0952 6992 amdsata - ok
17:37:41.0017 6992 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:37:41.0182 6992 amdsbs - ok
17:37:41.0244 6992 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:37:41.0382 6992 amdxata - ok
17:37:41.0511 6992 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
17:37:41.0666 6992 AppHostSvc - ok
17:37:41.0714 6992 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:37:42.0276 6992 AppID - ok
17:37:42.0363 6992 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:37:42.0814 6992 AppIDSvc - ok
17:37:42.0921 6992 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:37:43.0321 6992 Appinfo - ok
17:37:43.0393 6992 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
17:37:43.0589 6992 AppMgmt - ok
17:37:43.0654 6992 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:37:43.0802 6992 arc - ok
17:37:43.0853 6992 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:37:43.0992 6992 arcsas - ok
17:37:44.0246 6992 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:37:44.0471 6992 aspnet_state - ok
17:37:44.0540 6992 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:37:44.0993 6992 AsyncMac - ok
17:37:45.0084 6992 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:37:45.0210 6992 atapi - ok
17:37:45.0315 6992 [ B0790FF0E25B7A2674296052F2162C1A ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:37:45.0417 6992 AtiHDAudioService - ok
17:37:45.0490 6992 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
17:37:45.0604 6992 AtiHdmiService - ok
17:37:45.0731 6992 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:37:46.0222 6992 AudioEndpointBuilder - ok
17:37:46.0315 6992 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:37:46.0760 6992 AudioSrv - ok
17:37:46.0880 6992 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:37:47.0126 6992 AxInstSV - ok
17:37:47.0207 6992 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:37:47.0416 6992 b06bdrv - ok
17:37:47.0492 6992 [ 93AF5CCCE5145AA3C2F0A41E7F65149A ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:37:47.0643 6992 b57nd60a - ok
17:37:47.0723 6992 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:37:47.0906 6992 BDESVC - ok
17:37:47.0954 6992 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:37:48.0406 6992 Beep - ok
17:37:48.0545 6992 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:37:49.0012 6992 BFE - ok
17:37:49.0157 6992 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:37:49.0723 6992 BITS - ok
17:37:49.0875 6992 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:37:50.0028 6992 blbdrive - ok
17:37:50.0097 6992 [ E869C8C360F3705DA7875327DA616F11 ] Blfp C:\Windows\system32\DRIVERS\basp.sys
17:37:50.0259 6992 Blfp - ok
17:37:50.0353 6992 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:37:50.0522 6992 bowser - ok
17:37:50.0569 6992 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:37:50.0773 6992 BrFiltLo - ok
17:37:50.0818 6992 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:37:50.0998 6992 BrFiltUp - ok
17:37:51.0379 6992 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:37:51.0538 6992 Browser - ok
17:37:51.0605 6992 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:37:51.0799 6992 Brserid - ok
17:37:51.0859 6992 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:37:52.0024 6992 BrSerWdm - ok
17:37:52.0073 6992 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:37:52.0239 6992 BrUsbMdm - ok
17:37:52.0294 6992 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:37:52.0428 6992 BrUsbSer - ok
17:37:52.0506 6992 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
17:37:52.0677 6992 BthEnum - ok
17:37:52.0739 6992 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:37:52.0929 6992 BTHMODEM - ok
17:37:52.0994 6992 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:37:53.0189 6992 BthPan - ok
17:37:53.0287 6992 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:37:53.0484 6992 BTHPORT - ok
17:37:53.0571 6992 [ FBEBE2A6469EFB281EA143530A553F38 ] BTHprint C:\Windows\system32\DRIVERS\bthprint.sys
17:37:53.0746 6992 BTHprint - ok
17:37:53.0811 6992 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:37:54.0258 6992 bthserv - ok
17:37:54.0343 6992 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:37:54.0486 6992 BTHUSB - ok
17:37:54.0550 6992 [ 2641A3FE3D7B0646308F33B67F3B5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
17:37:54.0646 6992 btusbflt - ok
17:37:54.0720 6992 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:37:54.0819 6992 btwaudio - ok
17:37:54.0879 6992 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
17:37:55.0009 6992 btwavdt - ok
17:37:55.0148 6992 [ 6DDE1E97BE4D50253DFB9090A6A62524 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:37:55.0364 6992 btwdins - ok
17:37:55.0420 6992 [ 6149301DC3F81D6F9667A3FBAC410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
17:37:55.0501 6992 btwl2cap - ok
17:37:55.0546 6992 [ 28E105AD3B79F440BF94780F507BF66A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:37:55.0631 6992 btwrchid - ok
17:37:55.0855 6992 [ BEA79A9BFCBDAEC89C5E3C2D0C01C50C ] bufserv C:\Program Files (x86)\PIPC\BIN\bufserv.exe
17:37:56.0117 6992 bufserv - ok
17:37:56.0752 6992 [ 630483B18BEED6015F087DA7238B4765 ] bufservX64 C:\Program Files\PIPC\bin\bufserv.exe
17:37:57.0143 6992 bufservX64 - ok
17:37:57.0229 6992 c2wts - ok
17:37:57.0544 6992 [ 989AC0CE04D27DD0D2D7A57D54C8A37D ] CcmExec C:\Windows\CCM\CcmExec.exe
17:37:58.0088 6992 CcmExec - ok
17:37:58.0173 6992 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:37:58.0732 6992 cdfs - ok
17:37:58.0831 6992 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:37:59.0028 6992 cdrom - ok
17:37:59.0113 6992 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:37:59.0630 6992 CertPropSvc - ok
17:37:59.0766 6992 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:37:59.0993 6992 circlass - ok
17:38:00.0518 6992 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:38:00.0711 6992 CLFS - ok
17:38:00.0823 6992 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:00.0967 6992 clr_optimization_v2.0.50727_32 - ok
17:38:01.0051 6992 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:01.0192 6992 clr_optimization_v2.0.50727_64 - ok
17:38:01.0354 6992 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:38:01.0622 6992 clr_optimization_v4.0.30319_32 - ok
17:38:01.0686 6992 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:38:01.0870 6992 clr_optimization_v4.0.30319_64 - ok
17:38:01.0935 6992 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:02.0099 6992 CmBatt - ok
17:38:02.0188 6992 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:38:02.0312 6992 cmdide - ok
17:38:02.0470 6992 [ 60B30F6CE4073E2869C021BCF4822B30 ] CmRcService C:\Windows\CCM\RemCtrl\CmRcService.exe
17:38:02.0664 6992 CmRcService - ok
17:38:02.0776 6992 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:38:03.0057 6992 CNG - ok
17:38:03.0217 6992 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:38:03.0347 6992 Compbatt - ok
17:38:03.0428 6992 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:38:03.0598 6992 CompositeBus - ok
17:38:03.0642 6992 COMSysApp - ok
17:38:03.0862 6992 [ 8B4A16DE7D89566D3B68FBEFFB164C36 ] CouchbaseServer C:\Program Files\Couchbase\Server\bin\erlang\erts-5.8.3\bin\erlsrv.exe
17:38:03.0952 6992 CouchbaseServer ( UnsignedFile.Multi.Generic ) - warning
17:38:03.0956 6992 CouchbaseServer - detected UnsignedFile.Multi.Generic (1)
17:38:04.0030 6992 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:38:04.0162 6992 crcdisk - ok
17:38:04.0309 6992 [ 95669E82007DBD7BC3A7093252905612 ] Credential Vault Host Control Service C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
17:38:04.0578 6992 Credential Vault Host Control Service - ok
17:38:04.0619 6992 [ 33BD6D2F7F3906E07913BE4D05E6ABFD ] Credential Vault Host Storage C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
17:38:04.0705 6992 Credential Vault Host Storage - ok
17:38:04.0828 6992 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:05.0006 6992 CryptSvc - ok
17:38:05.0129 6992 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
17:38:05.0336 6992 CSC - ok
17:38:05.0459 6992 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
17:38:05.0719 6992 CscService - ok
17:38:05.0811 6992 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
17:38:05.0955 6992 CtClsFlt - ok
17:38:06.0015 6992 [ A84CAAE89B487931200B969D94018AFA ] cvusbdrv C:\Windows\system32\Drivers\cvusbdrv.sys
17:38:06.0104 6992 cvusbdrv - ok
17:38:06.0173 6992 [ 15C2AFD86D8A58354FC100434C78B621 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:38:06.0319 6992 dc3d - ok
17:38:06.0403 6992 [ BC63FFBA99D057CBC6022630C8E5F25B ] DcaSvc C:\Program Files (x86)\DirectAccess Connectivity Assistant\DcaSvc.exe
17:38:06.0535 6992 DcaSvc - ok
17:38:06.0715 6992 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:07.0182 6992 DcomLaunch - ok
17:38:07.0279 6992 [ 230BFB96A86AB29DA6DEB234F8985D34 ] dcpsysmgrsvc c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
17:38:07.0446 6992 dcpsysmgrsvc - ok
17:38:07.0513 6992 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:38:08.0019 6992 defragsvc - ok
17:38:08.0114 6992 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:08.0525 6992 DfsC - ok
17:38:08.0648 6992 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:38:08.0845 6992 Dhcp - ok
17:38:08.0929 6992 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:38:09.0332 6992 discache - ok
17:38:09.0387 6992 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:38:09.0517 6992 Disk - ok
17:38:09.0601 6992 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:09.0786 6992 Dnscache - ok
17:38:09.0884 6992 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:10.0330 6992 dot3svc - ok
17:38:10.0411 6992 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:38:10.0619 6992 Dot4 - ok
17:38:10.0931 6992 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
17:38:11.0121 6992 Dot4Print - ok
17:38:11.0177 6992 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:38:11.0347 6992 dot4usb - ok
17:38:11.0431 6992 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:38:11.0846 6992 DPS - ok
17:38:11.0946 6992 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:12.0121 6992 drmkaud - ok
17:38:12.0291 6992 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:12.0564 6992 DXGKrnl - ok
17:38:12.0663 6992 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:38:13.0072 6992 EapHost - ok
17:38:13.0415 6992 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:38:13.0980 6992 ebdrv - ok
17:38:14.0069 6992 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:38:14.0234 6992 EFS - ok
17:38:14.0345 6992 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:14.0624 6992 ehRecvr - ok
17:38:14.0701 6992 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:38:14.0858 6992 ehSched - ok
17:38:14.0950 6992 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:38:15.0174 6992 elxstor - ok
17:38:15.0248 6992 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:38:15.0379 6992 ErrDev - ok
17:38:15.0551 6992 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:38:16.0005 6992 EventSystem - ok
17:38:16.0211 6992 [ BDFCB7E8C108D042B213957D2B044E7E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:38:16.0520 6992 EvtEng - ok
17:38:16.0632 6992 [ F67D38BFE3A2E88B4AE8128B10084504 ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
17:38:16.0830 6992 ewusbmbb - ok
17:38:16.0917 6992 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
17:38:17.0092 6992 ew_hwusbdev - ok
17:38:17.0172 6992 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:17.0650 6992 exfat - ok
17:38:17.0749 6992 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:18.0207 6992 fastfat - ok
17:38:18.0330 6992 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:38:18.0591 6992 Fax - ok
17:38:18.0647 6992 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:38:18.0784 6992 fdc - ok
17:38:18.0843 6992 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:19.0253 6992 fdPHost - ok
17:38:19.0314 6992 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:19.0766 6992 FDResPub - ok
17:38:19.0829 6992 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:19.0985 6992 FileInfo - ok
17:38:20.0047 6992 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:20.0497 6992 Filetrace - ok
17:38:20.0549 6992 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:20.0704 6992 flpydisk - ok
17:38:20.0807 6992 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:21.0015 6992 FltMgr - ok
17:38:21.0550 6992 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:38:21.0903 6992 FontCache - ok
17:38:22.0065 6992 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:22.0183 6992 FontCache3.0.0.0 - ok
17:38:22.0246 6992 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:38:22.0374 6992 FsDepends - ok
17:38:22.0457 6992 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
17:38:22.0559 6992 fssfltr - ok
17:38:23.0052 6992 [ 40CDFAD174B3D5E80F95DDA003C0B97F ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
17:38:23.0427 6992 fsssvc - ok
17:38:23.0519 6992 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:23.0652 6992 Fs_Rec - ok
17:38:23.0803 6992 [ D225864F6FD96575A303A20BD42383ED ] ftpsvc C:\Windows\system32\inetsrv\ftpsvc.dll
17:38:24.0035 6992 ftpsvc - ok
17:38:24.0650 6992 [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
17:38:24.0725 6992 fussvc ( UnsignedFile.Multi.Generic ) - warning
17:38:24.0725 6992 fussvc - detected UnsignedFile.Multi.Generic (1)
17:38:24.0826 6992 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:38:25.0056 6992 fvevol - ok
17:38:25.0136 6992 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:38:25.0282 6992 gagp30kx - ok
17:38:25.0372 6992 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
17:38:25.0469 6992 GoToAssist - ok
17:38:25.0601 6992 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:26.0073 6992 gpsvc - ok
17:38:26.0277 6992 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:26.0388 6992 gupdate - ok
17:38:26.0421 6992 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:38:26.0538 6992 gupdatem - ok
17:38:26.0619 6992 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:38:26.0782 6992 gusvc - ok
17:38:26.0865 6992 [ ADB4348DA1345877B04E22203AFC8993 ] hcmon C:\Windows\system32\drivers\hcmon.sys
17:38:26.0960 6992 hcmon - ok
17:38:27.0021 6992 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:38:27.0186 6992 hcw85cir - ok
17:38:27.0284 6992 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:38:27.0454 6992 HDAudBus - ok
17:38:27.0497 6992 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:38:27.0657 6992 HidBatt - ok
17:38:27.0723 6992 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:38:27.0912 6992 HidBth - ok
17:38:27.0965 6992 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:38:28.0156 6992 HidIr - ok
17:38:28.0216 6992 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:38:28.0659 6992 hidserv - ok
17:38:28.0743 6992 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:38:28.0916 6992 HidUsb - ok
17:38:29.0000 6992 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:38:29.0433 6992 hkmsvc - ok
17:38:29.0562 6992 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:29.0765 6992 HomeGroupListener - ok
17:38:29.0864 6992 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:30.0045 6992 HomeGroupProvider - ok
17:38:30.0132 6992 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:38:30.0270 6992 HpSAMD - ok
17:38:30.0388 6992 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:38:30.0857 6992 HTTP - ok
17:38:30.0963 6992 [ DDBB283835010E52E88AAC6995B617D7 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
17:38:31.0101 6992 huawei_enumerator - ok
17:38:31.0257 6992 [ 24FA6177FE55C4BC045EC87E39F90688 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
17:38:31.0510 6992 hwdatacard - ok
17:38:32.0038 6992 [ E90DA42B87D684DEBFB73B38A718A006 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
17:38:32.0174 6992 HWDeviceService64.exe - ok
17:38:32.0266 6992 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:38:32.0387 6992 hwpolicy - ok
17:38:32.0530 6992 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:38:32.0667 6992 i8042prt - ok
17:38:32.0759 6992 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:38:32.0933 6992 iaStor - ok
17:38:33.0028 6992 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:38:33.0112 6992 IAStorDataMgrSvc - ok
17:38:33.0211 6992 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:38:33.0424 6992 iaStorV - ok
17:38:33.0538 6992 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:38:33.0596 6992 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:38:33.0597 6992 IDriverT - detected UnsignedFile.Multi.Generic (1)
17:38:33.0774 6992 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:34.0019 6992 idsvc - ok
17:38:34.0088 6992 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:38:34.0223 6992 iirsp - ok
17:38:34.0304 6992 [ AB55B8A9B13130F638546881CE4425F8 ] IISADMIN C:\Windows\system32\inetsrv\inetinfo.exe
17:38:34.0471 6992 IISADMIN - ok
17:38:34.0618 6992 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:38:35.0131 6992 IKEEXT - ok
17:38:35.0258 6992 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:38:35.0380 6992 intelide - ok
17:38:35.0435 6992 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:38:35.0581 6992 intelppm - ok
17:38:35.0637 6992 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:38:36.0066 6992 IPBusEnum - ok
17:38:36.0146 6992 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:36.0578 6992 IpFilterDriver - ok
17:38:36.0704 6992 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:38:36.0943 6992 iphlpsvc - ok
17:38:37.0021 6992 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:38:37.0183 6992 IPMIDRV - ok
17:38:37.0243 6992 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:38:37.0685 6992 IPNAT - ok
17:38:37.0787 6992 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:38:38.0044 6992 IRENUM - ok
17:38:38.0236 6992 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:38:38.0366 6992 isapnp - ok
17:38:38.0582 6992 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:38:39.0078 6992 iScsiPrt - ok
17:38:39.0209 6992 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
17:38:39.0352 6992 kbdclass - ok
17:38:39.0506 6992 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:38:39.0642 6992 kbdhid - ok
17:38:39.0719 6992 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:38:39.0848 6992 KeyIso - ok
17:38:39.0979 6992 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:38:40.0136 6992 KSecDD - ok
17:38:40.0256 6992 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:38:40.0449 6992 KSecPkg - ok
17:38:40.0588 6992 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:38:41.0010 6992 ksthunk - ok
17:38:41.0113 6992 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:38:41.0791 6992 KtmRm - ok
17:38:41.0911 6992 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:38:42.0370 6992 LanmanServer - ok
17:38:42.0595 6992 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:43.0035 6992 LanmanWorkstation - ok
17:38:43.0147 6992 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:38:43.0240 6992 LHidFilt - ok
17:38:43.0289 6992 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:38:43.0727 6992 lltdio - ok
17:38:43.0838 6992 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:38:44.0295 6992 lltdsvc - ok
17:38:44.0350 6992 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:38:44.0766 6992 lmhosts - ok
17:38:44.0857 6992 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:38:44.0948 6992 LMouFilt - ok
17:38:45.0075 6992 [ 9D0A4E487F7BE515049ED70F4D41D437 ] lpasvc C:\Program Files\Microsoft Policy Platform\policyHost.exe
17:38:45.0137 6992 lpasvc ( UnsignedFile.Multi.Generic ) - warning
17:38:45.0138 6992 lpasvc - detected UnsignedFile.Multi.Generic (1)
17:38:45.0169 6992 [ 9D0A4E487F7BE515049ED70F4D41D437 ] lppsvc C:\Program Files\Microsoft Policy Platform\policyHost.exe
17:38:45.0218 6992 lppsvc ( UnsignedFile.Multi.Generic ) - warning
17:38:45.0219 6992 lppsvc - detected UnsignedFile.Multi.Generic (1)
17:38:45.0297 6992 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:38:45.0440 6992 LSI_FC - ok
17:38:45.0507 6992 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:38:45.0648 6992 LSI_SAS - ok
17:38:45.0691 6992 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:38:45.0822 6992 LSI_SAS2 - ok
17:38:45.0875 6992 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:38:46.0012 6992 LSI_SCSI - ok
17:38:46.0070 6992 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:38:46.0558 6992 luafv - ok
17:38:46.0634 6992 [ 4CB64D7458ABD8396BCD389A69C8FC80 ] lvpepf64 C:\Windows\system32\DRIVERS\lv302a64.sys
17:38:46.0734 6992 lvpepf64 - ok
17:38:46.0815 6992 [ 0034F69D0007D3F77F6B96FA51228E85 ] LVUSBS64 C:\Windows\system32\drivers\LVUSBS64.sys
17:38:46.0915 6992 LVUSBS64 - ok
17:38:46.0989 6992 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:38:47.0086 6992 MBAMProtector - ok
17:38:47.0246 6992 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:38:47.0398 6992 MBAMScheduler - ok
17:38:47.0509 6992 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
17:38:47.0703 6992 MBAMService - ok
17:38:47.0804 6992 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
17:38:47.0960 6992 mcdbus - ok
17:38:48.0045 6992 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:38:48.0213 6992 Mcx2Svc - ok
17:38:48.0275 6992 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:38:48.0417 6992 megasas - ok
17:38:48.0502 6992 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:38:48.0699 6992 MegaSR - ok
17:38:48.0828 6992 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:38:49.0282 6992 MMCSS - ok
17:38:49.0328 6992 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:38:49.0740 6992 Modem - ok
17:38:49.0872 6992 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:38:50.0071 6992 monitor - ok
17:38:50.0145 6992 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:38:50.0270 6992 mouclass - ok
17:38:50.0313 6992 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:38:50.0460 6992 mouhid - ok
17:38:50.0553 6992 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:38:50.0702 6992 mountmgr - ok
17:38:50.0806 6992 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:38:50.0940 6992 MozillaMaintenance - ok
17:38:51.0036 6992 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
17:38:51.0236 6992 MpFilter - ok
17:38:51.0332 6992 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:38:51.0498 6992 mpio - ok
17:38:51.0546 6992 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:38:51.0966 6992 mpsdrv - ok
17:38:52.0111 6992 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:38:52.0625 6992 MpsSvc - ok
17:38:53.0131 6992 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:38:53.0381 6992 MRxDAV - ok
17:38:53.0442 6992 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:53.0597 6992 mrxsmb - ok
17:38:53.0696 6992 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:53.0873 6992 mrxsmb10 - ok
17:38:53.0935 6992 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:54.0085 6992 mrxsmb20 - ok
17:38:54.0171 6992 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:38:54.0319 6992 msahci - ok
17:38:54.0402 6992 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:38:54.0590 6992 msdsm - ok
17:38:54.0645 6992 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:38:54.0838 6992 MSDTC - ok
17:38:55.0085 6992 [ 0171827668F8DDC5C7E740E26DCAB6DD ] MsDtsServer100 C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
17:38:55.0250 6992 MsDtsServer100 - ok
17:38:55.0356 6992 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:38:55.0771 6992 Msfs - ok
17:38:55.0859 6992 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:38:56.0267 6992 mshidkmdf - ok
17:38:56.0345 6992 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:38:56.0469 6992 msisadrv - ok
17:38:56.0545 6992 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:38:56.0978 6992 MSiSCSI - ok
17:38:57.0015 6992 msiserver - ok
17:38:57.0105 6992 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:38:57.0510 6992 MSKSSRV - ok
17:38:57.0638 6992 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
17:38:57.0776 6992 MsMpSvc - ok
17:38:58.0015 6992 [ B0F062A952DA37DA2ED5DFE40F57E9E8 ] msoidsvc C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
17:38:58.0418 6992 msoidsvc - ok
17:38:58.0558 6992 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:59.0011 6992 MSPCLOCK - ok
17:38:59.0101 6992 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:38:59.0528 6992 MSPQM - ok
17:38:59.0660 6992 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:38:59.0855 6992 MsRPC - ok
17:39:00.0080 6992 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:39:00.0235 6992 mssmbios - ok
17:39:00.0330 6992 MSSQL$SHAREPOINT - ok
17:39:00.0433 6992 MSSQL$SQLEXPRESS - ok
17:39:00.0585 6992 [ 67EF4AE2F440BBAB7D7BA42224CA392B ] MSSQL$SSEXP2012 c:\Program Files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\sqlservr.exe
17:39:00.0755 6992 MSSQL$SSEXP2012 - ok
17:39:00.0877 6992 [ AA511EB28672011A1D832F73E302F0A0 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
17:39:00.0972 6992 MSSQLFDLauncher - ok
17:39:01.0082 6992 [ F4991C8C070C86082E6F0597F73E02D0 ] MSSQLFDLauncher$SSEXP2012 c:\Program Files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\fdlauncher.exe
17:39:01.0250 6992 MSSQLFDLauncher$SSEXP2012 - ok
17:39:01.0314 6992 MSSQLSERVER - ok
17:39:01.0417 6992 [ 04EF36EAF5C4DBCE424D81B76F1E9231 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:39:01.0522 6992 MSSQLServerADHelper100 - ok
17:39:01.0626 6992 MSSQLServerOLAPService - ok
17:39:01.0702 6992 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:39:02.0109 6992 MSTEE - ok
17:39:02.0211 6992 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:39:02.0370 6992 MTConfig - ok
17:39:02.0431 6992 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:39:02.0566 6992 Mup - ok
17:39:02.0697 6992 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:39:03.0172 6992 napagent - ok
17:39:03.0712 6992 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:39:03.0938 6992 NativeWifiP - ok
17:39:04.0075 6992 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:39:04.0368 6992 NDIS - ok
17:39:04.0432 6992 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:39:04.0849 6992 NdisCap - ok
17:39:04.0943 6992 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:39:05.0352 6992 NdisTapi - ok
17:39:05.0426 6992 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:39:05.0825 6992 Ndisuio - ok
17:39:05.0936 6992 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:39:06.0328 6992 NdisWan - ok
17:39:06.0441 6992 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:39:06.0850 6992 NDProxy - ok
17:39:06.0903 6992 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:39:07.0309 6992 NetBIOS - ok
17:39:07.0397 6992 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:39:07.0806 6992 NetBT - ok
17:39:07.0895 6992 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:39:08.0029 6992 Netlogon - ok
17:39:08.0102 6992 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:39:08.0568 6992 Netman - ok
17:39:08.0727 6992 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:08.0894 6992 NetMsmqActivator - ok
17:39:08.0949 6992 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:09.0095 6992 NetPipeActivator - ok
17:39:09.0194 6992 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:39:09.0674 6992 netprofm - ok
17:39:09.0726 6992 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:09.0868 6992 NetTcpActivator - ok
17:39:09.0905 6992 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:39:10.0055 6992 NetTcpPortSharing - ok
17:39:10.0686 6992 [ EB43840BABF5589E33186D094DE7381D ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
17:39:11.0737 6992 NETwNs64 - ok
17:39:11.0823 6992 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:39:11.0957 6992 nfrd960 - ok
17:39:12.0057 6992 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
17:39:12.0213 6992 NisDrv - ok
17:39:12.0301 6992 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
17:39:12.0521 6992 NisSrv - ok
17:39:12.0630 6992 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:39:12.0807 6992 NlaSvc - ok
17:39:12.0864 6992 [ 5FE6F8C05F0769BBB74AFAC11453B182 ] nmwcd C:\Windows\system32\drivers\ccdcmbx64.sys
17:39:13.0163 6992 nmwcd - ok
17:39:13.0238 6992 [ 73C929945C0850B8D1FE2FEA05FDF05D ] nmwcdc C:\Windows\system32\drivers\ccdcmbox64.sys
17:39:13.0524 6992 nmwcdc - ok
17:39:13.0570 6992 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:39:13.0995 6992 Npfs - ok
17:39:14.0173 6992 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:39:14.0567 6992 nsi - ok
17:39:14.0651 6992 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:39:15.0109 6992 nsiproxy - ok
17:39:15.0317 6992 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:39:15.0720 6992 Ntfs - ok
17:39:15.0781 6992 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys
17:39:15.0882 6992 NuidFltr - ok
17:39:15.0920 6992 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:39:16.0362 6992 Null - ok
17:39:16.0437 6992 [ 785298579B5F9B4032152DFBB992FDB6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:39:16.0574 6992 nusb3hub - ok
17:39:16.0650 6992 [ DF2750481B4964814467C974F2B0EEF1 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:39:16.0767 6992 nusb3xhc - ok
17:39:16.0825 6992 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:39:16.0983 6992 nvraid - ok
17:39:17.0076 6992 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:39:17.0249 6992 nvstor - ok
17:39:17.0329 6992 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:39:17.0473 6992 nv_agp - ok
17:39:17.0561 6992 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:39:17.0707 6992 ohci1394 - ok
17:39:17.0819 6992 [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
17:39:17.0867 6992 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
17:39:17.0868 6992 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
17:39:17.0960 6992 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:39:18.0106 6992 ose - ok
17:39:18.0533 6992 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:39:19.0498 6992 osppsvc - ok
17:39:19.0653 6992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:39:19.0855 6992 p2pimsvc - ok
17:39:19.0943 6992 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:39:20.0156 6992 p2psvc - ok
17:39:20.0230 6992 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:39:20.0385 6992 Parport - ok
17:39:20.0463 6992 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:39:20.0596 6992 partmgr - ok
17:39:20.0663 6992 [ 363B3F857ABEE85767E01E3044C539CD ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
17:39:20.0795 6992 PBADRV - ok
17:39:20.0846 6992 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:39:21.0101 6992 PcaSvc - ok
17:39:21.0186 6992 [ BC0018C2D29F655188A0ED3FA94FDB24 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
17:39:21.0302 6992 pccsmcfd - ok
17:39:21.0394 6992 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:39:21.0547 6992 pci - ok
17:39:21.0591 6992 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:39:21.0713 6992 pciide - ok
17:39:21.0774 6992 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:39:21.0935 6992 pcmcia - ok
17:39:21.0992 6992 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:39:22.0126 6992 pcw - ok
17:39:22.0215 6992 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:39:22.0709 6992 PEAUTH - ok
17:39:22.0901 6992 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:39:23.0222 6992 PeerDistSvc - ok
17:39:23.0398 6992 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:39:23.0555 6992 PerfHost - ok
17:39:24.0153 6992 [ DC9A5A8C34AA20AF09C3233E44AA7F61 ] piaflink C:\Program Files\PI\bin\piaflink.exe
17:39:25.0277 6992 piaflink - ok
17:39:25.0611 6992 [ 094E4413BAD945E45C2E048AA0447083 ] pialarm C:\Program Files\PI\bin\pialarm.exe
17:39:26.0260 6992 pialarm - ok
17:39:26.0790 6992 [ F42ABEF1F2693003DE44527039E76E81 ] piarchss C:\Program Files\PI\bin\piarchss.exe
17:39:28.0023 6992 piarchss - ok
17:39:28.0411 6992 [ 2B2CD9E8FE544BA09B427E8F19843877 ] pibackup C:\Program Files\PI\bin\pibackup.exe
17:39:29.0292 6992 pibackup - ok
17:39:29.0458 6992 [ A29DC3C9F22C287A933E32C26634F123 ] PIBaGen C:\Program Files (x86)\PIPC\Interfaces\PIBaGen\PIBaGen.exe
17:39:29.0634 6992 PIBaGen - ok
17:39:30.0240 6992 [ CD40E7804A4078111EE628113A52A6AB ] pibasess C:\Program Files\PI\bin\pibasess.exe
17:39:31.0767 6992 pibasess - ok
17:39:32.0073 6992 [ 808B06A18665A869CA99EFB9E1E62F9F ] pibatch C:\Program Files\PI\bin\pibatch.exe
17:39:32.0733 6992 pibatch - ok
17:39:32.0929 6992 [ F148DD9331957C0F03BA46E14747A966 ] pibufss C:\Program Files (x86)\PIPC\bin\pibufss.exe
17:39:33.0317 6992 pibufss - ok
17:39:33.0480 6992 [ 37EA62238E17AE88E4713D9246CA1C1C ] PID_PEPI C:\Windows\system32\DRIVERS\LV302V64.SYS
17:39:33.0785 6992 PID_PEPI - ok
17:39:34.0075 6992 [ 404A50114A435E57C6D6BC2D1DE375C1 ] pilicmgr C:\Program Files\PI\bin\pilicmgr.exe
17:39:34.0680 6992 pilicmgr - ok
17:39:35.0217 6992 [ 0A03CCA993993A987FBCED1D188FC8F6 ] pilogsrv C:\Program Files (x86)\PIPC\BIN\pilogsrv.exe
17:39:35.0312 6992 pilogsrv - ok
17:39:35.0446 6992 [ 8C37DF215F41EFD1D2ACD8903BE607A5 ] pilogsrvX64 C:\Program Files\PIPC\bin\pilogsrv.exe
17:39:35.0552 6992 pilogsrvX64 - ok
17:39:35.0805 6992 [ DDC418DD18D049413374AA2B8CF16743 ] pimsgss C:\Program Files\PI\bin\pimsgss.exe
17:39:36.0454 6992 pimsgss - ok
17:39:36.0791 6992 [ BFBCCBC5CBFF0781BF252D86027793FC ] pinetmgr C:\Program Files\PI\bin\pinetmgr.exe
17:39:37.0569 6992 pinetmgr - ok
17:39:37.0871 6992 [ 7F0786FE644886EFD883859568077C98 ] pipeschd C:\Program Files\PI\bin\pipeschd.exe
17:39:38.0545 6992 pipeschd - ok
17:39:38.0853 6992 [ B890E6A91AD4FF768522A51C62A207D0 ] pirecalc C:\Program Files\PI\bin\pirecalc.exe
17:39:39.0596 6992 pirecalc - ok
17:39:39.0856 6992 [ DAC9AA048C469DCD38949E9D83FA8EA9 ] pishutev C:\Program Files\PI\bin\pishutev.exe
17:39:40.0442 6992 pishutev - ok
17:39:40.0809 6992 [ EAFAE2A0C5CE33C950D0169002C55F9B ] pisnapss C:\Program Files\PI\bin\pisnapss.exe
17:39:41.0541 6992 pisnapss - ok
17:39:42.0008 6992 [ 3FA927CA5183A6EBB5EA50986CE6C7CF ] pisqlss C:\Program Files\PI\bin\pisqlss.exe
17:39:43.0043 6992 pisqlss - ok
17:39:43.0423 6992 [ 294487CAB7805A59F9414F9DF9F024B5 ] pitotal C:\Program Files\PI\bin\pitotal.exe
17:39:44.0193 6992 pitotal - ok
17:39:44.0489 6992 [ BA2F0B744E2DACFB5D55FFD22CA0E28A ] piupdmgr C:\Program Files\PI\bin\piupdmgr.exe
17:39:45.0132 6992 piupdmgr - ok
17:39:45.0328 6992 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:39:46.0066 6992 pla - ok
17:39:46.0223 6992 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:39:46.0438 6992 PlugPlay - ok
17:39:46.0532 6992 [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:39:46.0676 6992 Pml Driver HPZ12 - ok
17:39:46.0729 6992 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:39:46.0878 6992 PNRPAutoReg - ok
17:39:46.0963 6992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:39:47.0137 6992 PNRPsvc - ok
17:39:47.0227 6992 [ 33328FA8A580885AB0065BE6DB266E9F ] Point64 C:\Windows\system32\DRIVERS\point64.sys
17:39:47.0335 6992 Point64 - ok
17:39:47.0443 6992 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:39:47.0894 6992 PolicyAgent - ok
17:39:48.0017 6992 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:39:48.0473 6992 Power - ok
17:39:48.0574 6992 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:39:48.0987 6992 PptpMiniport - ok
17:39:49.0102 6992 [ 642238547DF19E0BDF98E8CF6601C101 ] prepdrvr C:\Windows\CCM\prepdrv.sys
17:39:49.0376 6992 prepdrvr - ok
17:39:49.0434 6992 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:39:49.0574 6992 Processor - ok
17:39:49.0666 6992 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:39:49.0830 6992 ProfSvc - ok
17:39:49.0923 6992 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:39:50.0060 6992 ProtectedStorage - ok
17:39:50.0154 6992 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:39:50.0577 6992 Psched - ok
17:39:50.0778 6992 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:39:51.0169 6992 ql2300 - ok
17:39:51.0228 6992 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:39:51.0380 6992 ql40xx - ok
17:39:51.0468 6992 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:39:51.0707 6992 QWAVE - ok
17:39:51.0757 6992 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:39:51.0949 6992 QWAVEdrv - ok
17:39:52.0084 6992 [ CAB62A5CDD214D9BF27845A521FE45A8 ] random C:\Program Files\PIPC\Interfaces\Random\random.exe
17:39:52.0345 6992 random - ok
17:39:52.0406 6992 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:39:52.0832 6992 RasAcd - ok
17:39:52.0881 6992 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:39:53.0296 6992 RasAgileVpn - ok
17:39:53.0355 6992 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:39:53.0781 6992 RasAuto - ok
17:39:53.0882 6992 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:39:54.0317 6992 Rasl2tp - ok
17:39:54.0428 6992 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:39:54.0877 6992 RasMan - ok
17:39:54.0969 6992 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:39:55.0428 6992 RasPppoe - ok
17:39:55.0523 6992 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:39:55.0944 6992 RasSstp - ok
17:39:56.0209 6992 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:39:56.0639 6992 rdbss - ok
17:39:56.0728 6992 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:39:56.0882 6992 rdpbus - ok
17:39:56.0924 6992 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:39:57.0325 6992 RDPCDD - ok
17:39:57.0431 6992 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:39:57.0617 6992 RDPDR - ok
17:39:57.0675 6992 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:39:58.0108 6992 RDPENCDD - ok
17:39:58.0217 6992 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:39:58.0609 6992 RDPREFMP - ok
17:39:58.0769 6992 [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:39:58.0932 6992 RdpVideoMiniport - ok
17:39:59.0025 6992 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:39:59.0190 6992 RDPWD - ok
17:39:59.0275 6992 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:39:59.0454 6992 rdyboost - ok
17:39:59.0583 6992 [ A6BAEA839CC888D4961AB5FE16BB8C4A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:39:59.0807 6992 RegSrvc - ok
17:39:59.0869 6992 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:40:00.0316 6992 RemoteAccess - ok
17:40:00.0388 6992 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:40:00.0857 6992 RemoteRegistry - ok
17:40:01.0186 6992 [ B08D6B6785B947FC97F18027A7A88F86 ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS10_50.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
17:40:01.0661 6992 ReportServer - ok
17:40:01.0978 6992 [ 6099C32689C98EB433EA44AF6DB9F3B4 ] ReportServer$SSEXP2012 c:\Program Files\Microsoft SQL Server\MSRS11.SSEXP2012\Reporting Services\ReportServer\bin\ReportingServicesService.exe
17:40:02.0543 6992 ReportServer$SSEXP2012 - ok
17:40:02.0651 6992 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:40:02.0861 6992 RFCOMM - ok
17:40:02.0992 6992 [ 3167FD3F7CBBAFB0076300A2F9AD8A5F ] rmp_sk C:\Program Files\PIPC\Interfaces\Rmp_sk\rmp_sk.exe
17:40:03.0263 6992 rmp_sk - ok
17:40:03.0351 6992 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:40:03.0794 6992 RpcEptMapper - ok
17:40:03.0891 6992 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:40:04.0045 6992 RpcLocator - ok
17:40:04.0158 6992 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:40:04.0678 6992 RpcSs - ok
17:40:04.0780 6992 [ 21EB2B83702285594DE893734A56B008 ] RsFx0102 C:\Windows\system32\DRIVERS\RsFx0102.sys
17:40:04.0930 6992 RsFx0102 - ok
17:40:05.0028 6992 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
17:40:05.0189 6992 RsFx0103 - ok
17:40:05.0285 6992 [ C606C5F712A3761896CEFFA4AF6B1268 ] RsFx0151 C:\Windows\system32\DRIVERS\RsFx0151.sys
17:40:05.0430 6992 RsFx0151 - ok
17:40:05.0536 6992 [ 5AA85332CB1694871B2F0704E0FC9113 ] RsFx0200 C:\Windows\system32\DRIVERS\RsFx0200.sys
17:40:05.0731 6992 RsFx0200 - ok
17:40:05.0798 6992 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:40:06.0210 6992 rspndr - ok
17:40:06.0610 6992 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:40:06.0871 6992 s3cap - ok
17:40:06.0931 6992 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:40:07.0071 6992 SamSs - ok
17:40:07.0177 6992 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:40:07.0318 6992 sbp2port - ok
17:40:07.0382 6992 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:40:07.0864 6992 SCardSvr - ok
17:40:07.0944 6992 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:40:08.0347 6992 scfilter - ok
17:40:08.0486 6992 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:40:09.0022 6992 Schedule - ok
17:40:09.0113 6992 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:40:09.0540 6992 SCPolicySvc - ok
17:40:09.0628 6992 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:40:09.0811 6992 sdbus - ok
17:40:09.0902 6992 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:40:10.0125 6992 SDRSVC - ok
17:40:10.0242 6992 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:40:10.0417 6992 SeaPort - ok
17:40:10.0475 6992 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:40:10.0897 6992 secdrv - ok
17:40:10.0989 6992 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:40:11.0397 6992 seclogon - ok
17:40:11.0640 6992 [ 38A40E111ABDF0862B72BB37A8BD5E62 ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
17:40:11.0892 6992 SecureStorageService ( UnsignedFile.Multi.Generic ) - warning
17:40:11.0893 6992 SecureStorageService - detected UnsignedFile.Multi.Generic (1)
17:40:11.0951 6992 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:40:12.0380 6992 SENS - ok
17:40:12.0433 6992 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:40:12.0579 6992 SensrSvc - ok
17:40:12.0658 6992 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:40:12.0805 6992 Serenum - ok
17:40:12.0856 6992 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:40:13.0007 6992 Serial - ok
17:40:13.0093 6992 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:40:13.0244 6992 sermouse - ok
17:40:13.0386 6992 [ F31E9531AF225CA25350D5E87E999B31 ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
17:40:13.0603 6992 ServiceLayer - ok
17:40:13.0805 6992 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:40:14.0223 6992 SessionEnv - ok
17:40:14.0316 6992 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:40:14.0496 6992 sffdisk - ok
17:40:14.0532 6992 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:40:14.0698 6992 sffp_mmc - ok
17:40:14.0739 6992 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:40:14.0907 6992 sffp_sd - ok
17:40:14.0980 6992 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:40:15.0126 6992 sfloppy - ok
17:40:15.0256 6992 [ D6427CE5818D6D4E6B4B9E1948253503 ] Sftfs C:\Windows\system32\DRIVERS\Sftfswin7.sys
17:40:15.0477 6992 Sftfs - ok
17:40:15.0630 6992 [ 0F1B052FA2A3506C287B271F6D99E101 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:40:15.0795 6992 sftlist - ok
17:40:15.0900 6992 [ 65903C19E6336DD4904E6E513DF4D03D ] Sftplay C:\Windows\system32\DRIVERS\Sftplaywin7.sys
17:40:16.0023 6992 Sftplay - ok
17:40:16.0112 6992 [ 05CA3E98EFA75DECD41766FEF984FC29 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirwin7.sys
17:40:16.0201 6992 Sftredir - ok
17:40:16.0250 6992 [ 2E4A209BE58A9D666F14B8AFDBFD40DA ] Sftvol C:\Windows\system32\DRIVERS\Sftvolwin7.sys
17:40:16.0339 6992 Sftvol - ok
17:40:16.0428 6992 [ 84DBE4108A5C4CABE0333367ABFCC71B ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:40:16.0546 6992 sftvsa - ok
17:40:16.0632 6992 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:40:17.0082 6992 SharedAccess - ok
17:40:17.0287 6992 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:40:17.0753 6992 ShellHWDetection - ok
17:40:17.0838 6992 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:40:17.0972 6992 SiSRaid2 - ok
17:40:18.0023 6992 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:40:18.0167 6992 SiSRaid4 - ok
17:40:18.0536 6992 [ 183F04C6742902F33039913A96F5B574 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:40:19.0175 6992 Skype C2C Service - ok
17:40:19.0288 6992 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:40:19.0407 6992 SkypeUpdate - ok
17:40:19.0485 6992 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:40:19.0931 6992 Smb - ok
17:40:19.0966 6992 smstsmgr - ok
17:40:20.0110 6992 [ 10450F432811D7FDA60A97FCC674D7B2 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
17:40:20.0284 6992 snapman - ok
17:40:20.0362 6992 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:40:20.0542 6992 SNMPTRAP - ok
17:40:20.0721 6992 [ C2C31A80DCA545201BBDDB6454D0B370 ] SPAdminV4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\WSSADMIN.EXE
17:40:20.0832 6992 SPAdminV4 - ok
17:40:20.0888 6992 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:40:21.0010 6992 spldr - ok
17:40:21.0126 6992 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:40:21.0347 6992 Spooler - ok
17:40:21.0656 6992 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:40:22.0498 6992 sppsvc - ok
17:40:22.0548 6992 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:40:22.0994 6992 sppuinotify - ok
17:40:23.0129 6992 [ 3171CA03ECEDDEAF01E0D80CDFDDF29E ] SPSearch4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\mssearch.exe
17:40:23.0328 6992 SPSearch4 - ok
17:40:23.0397 6992 [ C9D224FD2CC5CD28AD2AF9064D296CD6 ] SPTimerV4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\OWSTIMER.EXE
17:40:23.0509 6992 SPTimerV4 - ok
17:40:23.0551 6992 [ 08F94BF77CD27F3E3CA96E85C5F2CAF4 ] SPTraceV4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\wsstracing.exe
17:40:23.0676 6992 SPTraceV4 - ok
17:40:23.0750 6992 [ 9189914B7E6BE57C4CEEB8C387D4B63A ] SPUserCodeV4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCHostService.exe
17:40:23.0856 6992 SPUserCodeV4 - ok
17:40:23.0905 6992 [ 2B2C76CD0053D079B1A088E41F0E44A1 ] SPWriterV4 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\SPWRITER.EXE
17:40:24.0010 6992 SPWriterV4 - ok
17:40:24.0154 6992 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SHAREPOINT c:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\SQLAGENT.EXE
17:40:24.0341 6992 SQLAgent$SHAREPOINT - ok
17:40:24.0504 6992 [ 95F9538A05857307E73348AEAE00C1E0 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:40:24.0686 6992 SQLAgent$SQLEXPRESS - ok
17:40:24.0893 6992 [ AECDE8DA025B1256E00A6749102FBDC9 ] SQLAgent$SSEXP2012 c:\Program Files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\SQLAGENT.EXE
17:40:25.0151 6992 SQLAgent$SSEXP2012 - ok
17:40:25.0322 6992 [ E9254892A2D74E537BAD3092F0F8EE40 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:40:25.0514 6992 SQLBrowser - ok
17:40:25.0678 6992 [ A99D9DCA14281E0B787501CAE4D995E0 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
17:40:25.0894 6992 SQLSERVERAGENT - ok
17:40:26.0023 6992 [ EAD5300C93946B0250A309E2BF2BE4CF ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:40:26.0180 6992 SQLWriter - ok
17:40:26.0292 6992 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:40:26.0503 6992 srv - ok
17:40:26.0580 6992 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:40:26.0771 6992 srv2 - ok
17:40:26.0838 6992 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:40:26.0981 6992 srvnet - ok
17:40:27.0067 6992 [ F4F1E1FF6986FE8914525AF751EA3EAC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
17:40:27.0217 6992 sscdbus - ok
17:40:27.0663 6992 [ 5447690D2CFE1BDE1BE3A5A5A3E2F796 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
17:40:27.0750 6992 sscdmdfl - ok
17:40:27.0802 6992 [ BFDA292053AEB76A0C1D63B2279D5138 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
17:40:27.0930 6992 sscdmdm - ok
17:40:27.0983 6992 [ 208731A751357DD71C5A0345C77AFD0A ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
17:40:28.0102 6992 sscdserd - ok
17:40:28.0193 6992 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:40:28.0653 6992 SSDPSRV - ok
17:40:28.0762 6992 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:40:29.0180 6992 SstpSvc - ok
17:40:29.0348 6992 [ B00068BA94F5F306911B14B425AAEB56 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
17:40:29.0494 6992 STacSV - ok
17:40:29.0552 6992 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:40:29.0684 6992 stexstor - ok
17:40:29.0799 6992 [ DA40D9C9CCB9836D6ABD1706935A2277 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
17:40:29.0983 6992 STHDA - ok
17:40:30.0109 6992 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:40:30.0388 6992 stisvc - ok
17:40:30.0458 6992 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:40:30.0588 6992 storflt - ok
17:40:30.0672 6992 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:40:30.0806 6992 storvsc - ok
17:40:30.0895 6992 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:40:31.0017 6992 swenum - ok
17:40:31.0108 6992 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:40:31.0593 6992 swprv - ok
17:40:31.0649 6992 Synth3dVsc - ok
17:40:31.0785 6992 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:40:31.0923 6992 SynTP - ok
17:40:32.0133 6992 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:40:32.0559 6992 SysMain - ok
17:40:32.0649 6992 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:40:32.0882 6992 TabletInputService - ok
17:40:32.0960 6992 [ D5462D5C8F4AF904D109C5B41B8CD43A ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
17:40:33.0080 6992 tap0901 - ok
17:40:33.0219 6992 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:40:33.0704 6992 TapiSrv - ok
17:40:33.0799 6992 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:40:34.0232 6992 TBS - ok
17:40:34.0444 6992 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:40:34.0922 6992 Tcpip - ok
17:40:35.0084 6992 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:40:35.0490 6992 TCPIP6 - ok
17:40:35.0587 6992 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:40:35.0733 6992 tcpipreg - ok
17:40:35.0891 6992 [ 69F1A38A6DBFE682491CB61A596662E3 ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:40:36.0079 6992 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - warning
17:40:36.0080 6992 tcsd_win32.exe - detected UnsignedFile.Multi.Generic (1)
17:40:36.0337 6992 [ 8C6740F641A1C3D56A1A396AEB0158E7 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:40:36.0815 6992 TdmService - ok
17:40:36.0909 6992 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:40:37.0048 6992 TDPIPE - ok
17:40:37.0205 6992 [ 99527D49EE0A96FC25537C61B270A372 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
17:40:37.0515 6992 tdrpman273 - ok
17:40:37.0631 6992 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:40:37.0769 6992 TDTCP - ok
17:40:38.0201 6992 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:40:38.0599 6992 tdx - ok
17:40:38.0747 6992 [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
17:40:38.0828 6992 Te.Service ( UnsignedFile.Multi.Generic ) - warning
17:40:38.0828 6992 Te.Service - detected UnsignedFile.Multi.Generic (1)
17:40:39.0049 6992 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] Tele2 Mobile Partner. RunOuc C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe
17:40:39.0255 6992 Tele2 Mobile Partner. RunOuc - ok
17:40:39.0335 6992 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:40:39.0469 6992 TermDD - ok
17:40:39.0590 6992 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:40:40.0096 6992 TermService - ok
17:40:40.0159 6992 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:40:40.0375 6992 Themes - ok
17:40:40.0457 6992 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:40:40.0894 6992 THREADORDER - ok
17:40:41.0001 6992 [ 8A76949E0F461FDDC147491B0C5B28C3 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
17:40:41.0148 6992 tifm21 - ok
17:40:41.0292 6992 [ EBBAEA02F0095A798000C7E06B16D41B ] timounter C:\Windows\system32\DRIVERS\timntr.sys
17:40:41.0569 6992 timounter - ok
17:40:41.0620 6992 [ 519CB7D7F697F4BA47DE05845C20F158 ] TlntSvr C:\Windows\System32\tlntsvr.exe
17:40:41.0786 6992 TlntSvr - ok
17:40:41.0871 6992 [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM C:\Windows\system32\drivers\tpm.sys
17:40:42.0017 6992 TPM - ok
17:40:42.0073 6992 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:40:42.0494 6992 TrkWks - ok
17:40:42.0644 6992 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:40:43.0090 6992 TrustedInstaller - ok
17:40:43.0184 6992 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:40:43.0616 6992 tssecsrv - ok
17:40:43.0709 6992 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:40:43.0833 6992 TsUsbFlt - ok
17:40:43.0868 6992 tsusbhub - ok
17:40:43.0965 6992 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:40:44.0397 6992 tunnel - ok
17:40:44.0516 6992 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:40:44.0665 6992 uagp35 - ok
17:40:44.0762 6992 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:40:45.0206 6992 udfs - ok
17:40:45.0306 6992 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:40:45.0469 6992 UI0Detect - ok
17:40:45.0521 6992 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:40:45.0669 6992 uliagpkx - ok
17:40:45.0744 6992 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:40:45.0884 6992 umbus - ok
17:40:45.0927 6992 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:40:46.0062 6992 UmPass - ok
17:40:46.0173 6992 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
17:40:46.0373 6992 UmRdpService - ok
17:40:46.0438 6992 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:40:46.0933 6992 upnphost - ok
17:40:47.0028 6992 [ 34AFB83C7BBA370E404E52CC2290350C ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
17:40:47.0313 6992 upperdev - ok
17:40:47.0398 6992 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:40:47.0584 6992 usbaudio - ok
17:40:47.0673 6992 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:40:47.0832 6992 usbccgp - ok
17:40:47.0918 6992 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:40:48.0124 6992 usbcir - ok
17:40:48.0185 6992 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:40:48.0322 6992 usbehci - ok
17:40:48.0719 6992 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:40:48.0884 6992 usbhub - ok
17:40:48.0968 6992 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:40:49.0097 6992 usbohci - ok
17:40:49.0169 6992 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:40:49.0337 6992 usbprint - ok
17:40:49.0418 6992 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:40:49.0588 6992 usbscan - ok
17:40:49.0663 6992 [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser C:\Windows\system32\drivers\usbser.sys
17:40:49.0801 6992 usbser - ok
17:40:49.0881 6992 [ AA75E1EFBEE7186B4CBAAACF1F15E6CA ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
17:40:50.0153 6992 UsbserFilt - ok
17:40:50.0237 6992 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:40:50.0410 6992 USBSTOR - ok
17:40:50.0456 6992 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:40:50.0591 6992 usbuhci - ok
17:40:50.0715 6992 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:40:50.0920 6992 usbvideo - ok
17:40:50.0971 6992 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:40:51.0398 6992 UxSms - ok
17:40:51.0615 6992 [ 34812F7FAAFE329D15F55C4EB6DB44DA ] VASDeviceDrm C:\Windows\system32\drivers\vasdDev.sys
17:40:51.0990 6992 VASDeviceDrm - ok
17:40:52.0089 6992 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:40:52.0228 6992 VaultSvc - ok
17:40:52.0274 6992 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:40:52.0400 6992 vdrvroot - ok
17:40:52.0524 6992 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:40:52.0985 6992 vds - ok
17:40:53.0080 6992 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:40:53.0242 6992 vga - ok
17:40:53.0279 6992 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:40:53.0707 6992 VgaSave - ok
17:40:53.0740 6992 VGPU - ok
17:40:53.0851 6992 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:40:54.0018 6992 vhdmp - ok
17:40:54.0098 6992 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:40:54.0241 6992 viaide - ok
17:40:54.0367 6992 [ 1562A089B46C821487AFF8D01EE5547E ] VMAuthdService C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
17:40:54.0410 6992 VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
17:40:54.0411 6992 VMAuthdService - detected UnsignedFile.Multi.Generic (1)
17:40:54.0513 6992 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:40:54.0685 6992 vmbus - ok
17:40:54.0763 6992 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:40:54.0915 6992 VMBusHID - ok
17:40:54.0994 6992 [ 87FC1DD880E8CAC4FAEBB84AF61A87C4 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
17:40:55.0105 6992 vmci - ok
17:40:55.0182 6992 [ DE41918B7ABAE9056EB1E62540D229D3 ] vmkbd C:\Windows\system32\drivers\VMkbd.sys
17:40:55.0289 6992 vmkbd - ok
17:40:55.0391 6992 [ 21C96AA588D3993191761A08DBAABB15 ] vmm C:\Windows\system32\Drivers\vmm.sys
17:40:55.0534 6992 vmm - ok
17:40:55.0595 6992 [ B259C31378BC855AFD1B53F59311C251 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
17:40:55.0692 6992 VMnetAdapter - ok
17:40:55.0759 6992 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
17:40:55.0860 6992 VMnetBridge - ok
17:40:55.0911 6992 VMnetDHCP - ok
17:40:55.0985 6992 [ 0AB32D9F175C015D97EB712F5E636313 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
17:40:56.0078 6992 VMnetuserif - ok
17:40:56.0602 6992 [ 18903CA7936912C337C9D28858880CF2 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
17:40:56.0842 6992 VMUSBArbService - ok
17:40:56.0922 6992 VMware NAT Service - ok
17:40:57.0025 6992 [ 840DD8AD9B1E26F82C598242369EA770 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
17:40:57.0122 6992 vmx86 - ok
17:40:57.0202 6992 [ 3F63FA4A5D8A7C1B1A87E342569FBA53 ] VNUSB C:\Windows\system32\Drivers\VNUSB.sys
17:40:57.0329 6992 VNUSB - ok
17:40:57.0421 6992 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:40:57.0569 6992 volmgr - ok
17:40:57.0689 6992 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:40:57.0876 6992 volmgrx - ok
17:40:57.0960 6992 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:40:58.0146 6992 volsnap - ok
17:40:58.0228 6992 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:40:58.0393 6992 vsmraid - ok
17:40:58.0574 6992 [ CA64A8838B4674D14BDF88ABA2F253EA ] VSPerfDrv100 C:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
17:40:58.0711 6992 VSPerfDrv100 - ok
17:40:59.0387 6992 [ F972436B5ED08069A1E7D623B77C226A ] VSPerfDrv110 C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys
17:40:59.0506 6992 VSPerfDrv110 - ok
17:40:59.0686 6992 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:41:00.0296 6992 VSS - ok
17:41:00.0350 6992 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:41:00.0518 6992 vwifibus - ok
17:41:00.0570 6992 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:41:00.0761 6992 vwififlt - ok
17:41:00.0807 6992 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:41:01.0001 6992 vwifimp - ok
17:41:01.0111 6992 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:41:01.0619 6992 W32Time - ok
17:41:01.0796 6992 [ B32009DB1972E7F2C227499289C4384A ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
17:41:01.0989 6992 W3SVC - ok
17:41:02.0042 6992 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:41:02.0177 6992 WacomPen - ok
17:41:02.0251 6992 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:41:02.0662 6992 WANARP - ok
17:41:02.0700 6992 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:41:03.0115 6992 Wanarpv6 - ok
17:41:03.0223 6992 [ B32009DB1972E7F2C227499289C4384A ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
17:41:03.0391 6992 WAS - ok
17:41:03.0553 6992 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:41:03.0896 6992 WatAdminSvc - ok
17:41:04.0090 6992 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:41:04.0463 6992 wbengine - ok
17:41:04.0540 6992 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:41:04.0792 6992 WbioSrvc - ok
17:41:04.0897 6992 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:41:05.0205 6992 wcncsvc - ok
17:41:05.0260 6992 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:41:05.0421 6992 WcsPlugInService - ok
17:41:05.0476 6992 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:41:05.0612 6992 Wd - ok
17:41:05.0760 6992 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:41:06.0050 6992 Wdf01000 - ok
17:41:06.0171 6992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:41:06.0492 6992 WdiServiceHost - ok
17:41:06.0527 6992 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:41:06.0740 6992 WdiSystemHost - ok
17:41:06.0868 6992 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:41:07.0168 6992 WebClient - ok
17:41:07.0241 6992 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:41:07.0713 6992 Wecsvc - ok
17:41:07.0801 6992 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:41:08.0237 6992 wercplsupport - ok
17:41:08.0292 6992 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:41:08.0712 6992 WerSvc - ok
17:41:08.0796 6992 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:41:09.0191 6992 WfpLwf - ok
17:41:09.0333 6992 [ BB42167E444D16859BAE6B9F7D92334C ] wgsslvpnsrc C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
17:41:09.0581 6992 wgsslvpnsrc ( UnsignedFile.Multi.Generic ) - warning
17:41:09.0581 6992 wgsslvpnsrc - detected UnsignedFile.Multi.Generic (1)
17:41:09.0905 6992 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:41:10.0039 6992 WIMMount - ok
17:41:10.0088 6992 WinDefend - ok
17:41:10.0169 6992 WinHttpAutoProxySvc - ok
17:41:10.0276 6992 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:41:10.0705 6992 Winmgmt - ok
17:41:10.0953 6992 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:41:11.0657 6992 WinRM - ok
17:41:11.0827 6992 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
17:41:11.0988 6992 WinUsb - ok
17:41:12.0091 6992 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:41:12.0400 6992 Wlansvc - ok
17:41:12.0469 6992 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:41:12.0568 6992 wlcrasvc - ok
17:41:12.0835 6992 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:41:13.0290 6992 wlidsvc - ok
17:41:13.0376 6992 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:41:13.0516 6992 WmiAcpi - ok
17:41:13.0600 6992 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:41:13.0779 6992 wmiApSrv - ok
17:41:13.0833 6992 WMPNetworkSvc - ok
17:41:13.0894 6992 [ B5BD872122A2CE82D196ABF2D5D8D80A ] WMSVC C:\Windows\system32\inetsrv\wmsvc.exe
17:41:14.0082 6992 WMSVC - ok
17:41:14.0219 6992 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm c:\Program Files\Zune\WMZuneComm.exe
17:41:14.0433 6992 WMZuneComm - ok
17:41:14.0519 6992 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:41:14.0670 6992 WPCSvc - ok
17:41:14.0756 6992 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:41:14.0973 6992 WPDBusEnum - ok
17:41:15.0029 6992 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:41:15.0475 6992 ws2ifsl - ok
17:41:15.0595 6992 [ AD12F5C7251BB8D575D560894E73CBBA ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
17:41:15.0688 6992 WsAudioDevice_383S(1) - ok
17:41:15.0739 6992 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:41:15.0960 6992 wscsvc - ok
17:41:16.0013 6992 WSearch - ok
17:41:16.0303 6992 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:41:16.0810 6992 wuauserv - ok
17:41:16.0904 6992 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:41:17.0048 6992 WudfPf - ok
17:41:17.0115 6992 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:41:17.0268 6992 WUDFRd - ok
17:41:17.0355 6992 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:41:17.0509 6992 wudfsvc - ok
17:41:17.0572 6992 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:41:17.0817 6992 WwanSvc - ok
17:41:18.0515 6992 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc c:\Program Files\Zune\ZuneNss.exe
17:41:20.0297 6992 ZuneNetworkSvc - ok
17:41:20.0455 6992 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc c:\Program Files\Zune\ZuneWlanCfgSvc.exe
17:41:20.0738 6992 ZuneWlanCfgSvc - ok

More to follow...

#13 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 04 January 2013 - 01:41 AM

Part 2 of ???

17:41:20.0988 6992 ================ Scan global ===============================
17:41:21.0151 6992 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:41:21.0250 6992 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:41:21.0334 6992 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\system32\winsrv.dll
17:41:21.0407 6992 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:41:21.0491 6992 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:41:21.0531 6992 [Global] - ok
17:41:21.0536 6992 ================ Scan MBR ==================================
17:41:21.0562 6992 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:41:22.0259 6992 \Device\Harddisk0\DR0 - ok
17:41:22.0263 6992 ================ Scan VBR ==================================
17:41:22.0286 6992 [ A00FB74F71E2768F455B40359F6EFCDA ] \Device\Harddisk0\DR0\Partition1
17:41:22.0298 6992 \Device\Harddisk0\DR0\Partition1 - ok
17:41:22.0353 6992 [ 5850E20A1F38A391EB00136ECE9DB7E5 ] \Device\Harddisk0\DR0\Partition2
17:41:22.0366 6992 \Device\Harddisk0\DR0\Partition2 - ok
17:41:22.0370 6992 ================ Scan active images ========================
17:41:22.0393 6992 [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
17:41:22.0394 6992 C:\Windows\System32\drivers\crashdmp.sys - ok
17:41:22.0436 6992 [ ABBF174CB394F5C437410A788B7E404A ] C:\Windows\System32\drivers\iaStor.sys
17:41:22.0436 6992 C:\Windows\System32\drivers\iaStor.sys - ok
17:41:22.0465 6992 [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
17:41:22.0465 6992 C:\Windows\System32\drivers\dumpfve.sys - ok
17:41:22.0509 6992 [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
17:41:22.0510 6992 C:\Windows\System32\drivers\cdrom.sys - ok
17:41:22.0555 6992 [ C606C5F712A3761896CEFFA4AF6B1268 ] C:\Windows\System32\drivers\RsFx0151.sys
17:41:22.0556 6992 C:\Windows\System32\drivers\RsFx0151.sys - ok
17:41:22.0601 6992 [ 21EB2B83702285594DE893734A56B008 ] C:\Windows\System32\drivers\RsFx0102.sys
17:41:22.0601 6992 C:\Windows\System32\drivers\RsFx0102.sys - ok
17:41:22.0649 6992 [ 5AA85332CB1694871B2F0704E0FC9113 ] C:\Windows\System32\drivers\RsFx0200.sys
17:41:22.0649 6992 C:\Windows\System32\drivers\RsFx0200.sys - ok
17:41:22.0692 6992 [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
17:41:22.0693 6992 C:\Windows\System32\drivers\null.sys - ok
17:41:22.0722 6992 [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
17:41:22.0723 6992 C:\Windows\System32\drivers\beep.sys - ok
17:41:22.0773 6992 [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
17:41:22.0773 6992 C:\Windows\System32\drivers\videoprt.sys - ok
17:41:22.0826 6992 [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
17:41:22.0826 6992 C:\Windows\System32\drivers\watchdog.sys - ok
17:41:22.0881 6992 [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
17:41:22.0882 6992 C:\Windows\System32\drivers\vga.sys - ok
17:41:22.0971 6992 [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
17:41:22.0972 6992 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:41:23.0033 6992 [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
17:41:23.0034 6992 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:41:23.0092 6992 [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
17:41:23.0093 6992 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:41:23.0139 6992 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
17:41:23.0140 6992 C:\Windows\System32\drivers\msfs.sys - ok
17:41:23.0188 6992 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
17:41:23.0188 6992 C:\Windows\System32\drivers\npfs.sys - ok
17:41:23.0233 6992 [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
17:41:23.0233 6992 C:\Windows\System32\drivers\tdi.sys - ok
17:41:23.0264 6992 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
17:41:23.0264 6992 C:\Windows\System32\drivers\tdx.sys - ok
17:41:23.0315 6992 [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
17:41:23.0315 6992 C:\Windows\System32\drivers\netbt.sys - ok
17:41:23.0366 6992 [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
17:41:23.0366 6992 C:\Windows\System32\drivers\afd.sys - ok
17:41:23.0410 6992 [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
17:41:23.0411 6992 C:\Windows\System32\drivers\ws2ifsl.sys - ok
17:41:23.0457 6992 [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
17:41:23.0457 6992 C:\Windows\System32\drivers\wfplwf.sys - ok
17:41:23.0506 6992 [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
17:41:23.0507 6992 C:\Windows\System32\drivers\pacer.sys - ok
17:41:23.0538 6992 [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
17:41:23.0538 6992 C:\Windows\System32\drivers\vwififlt.sys - ok
17:41:23.0594 6992 [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
17:41:23.0594 6992 C:\Windows\System32\drivers\netbios.sys - ok
17:41:23.0641 6992 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
17:41:23.0642 6992 C:\Windows\System32\drivers\serial.sys - ok
17:41:23.0683 6992 [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
17:41:23.0684 6992 C:\Windows\System32\drivers\wanarp.sys - ok
17:41:23.0724 6992 [ 21C96AA588D3993191761A08DBAABB15 ] C:\Windows\System32\drivers\VMM.sys
17:41:23.0724 6992 C:\Windows\System32\drivers\VMM.sys - ok
17:41:23.0769 6992 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
17:41:23.0769 6992 C:\Windows\System32\drivers\termdd.sys - ok
17:41:23.0800 6992 [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
17:41:23.0800 6992 C:\Windows\System32\drivers\rdbss.sys - ok
17:41:23.0849 6992 [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
17:41:23.0850 6992 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:41:23.0893 6992 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
17:41:23.0894 6992 C:\Windows\System32\drivers\mssmbios.sys - ok
17:41:23.0945 6992 [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
17:41:23.0946 6992 C:\Windows\System32\drivers\discache.sys - ok
17:41:24.0003 6992 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
17:41:24.0003 6992 C:\Windows\System32\drivers\csc.sys - ok
17:41:24.0040 6992 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
17:41:24.0040 6992 C:\Windows\System32\drivers\dfsc.sys - ok
17:41:24.0122 6992 [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
17:41:24.0122 6992 C:\Windows\System32\drivers\blbdrive.sys - ok
17:41:24.0187 6992 [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
17:41:24.0188 6992 C:\Windows\System32\drivers\tunnel.sys - ok
17:41:24.0239 6992 [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
17:41:24.0239 6992 C:\Windows\System32\smss.exe - ok
17:41:24.0280 6992 [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
17:41:24.0281 6992 C:\Windows\System32\ntdll.dll - ok
17:41:24.0315 6992 [ FD0DD0CDF8C2167BFA75966FAF705D9C ] C:\Windows\System32\drivers\atikmpag.sys
17:41:24.0315 6992 C:\Windows\System32\drivers\atikmpag.sys - ok
17:41:24.0363 6992 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
17:41:24.0364 6992 C:\Windows\System32\autochk.exe - ok
17:41:24.0410 6992 [ F29B94B19A1FD9A1C39F0CF753F186EE ] C:\Windows\System32\drivers\atikmdag.sys
17:41:24.0411 6992 C:\Windows\System32\drivers\atikmdag.sys - ok
17:41:24.0453 6992 [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
17:41:24.0454 6992 C:\Windows\System32\shell32.dll - ok
17:41:24.0500 6992 [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:41:24.0501 6992 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:41:24.0545 6992 [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
17:41:24.0546 6992 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:41:24.0578 6992 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
17:41:24.0578 6992 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:41:24.0627 6992 [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
17:41:24.0628 6992 C:\Windows\System32\drivers\usbport.sys - ok
17:41:24.0672 6992 [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
17:41:24.0673 6992 C:\Windows\System32\drivers\usbehci.sys - ok
17:41:24.0718 6992 [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
17:41:24.0718 6992 C:\Windows\System32\imagehlp.dll - ok
17:41:24.0762 6992 [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
17:41:24.0762 6992 C:\Windows\System32\imm32.dll - ok
17:41:24.0807 6992 [ A0F52880DDD164F968BE903C1FECD27E ] C:\Windows\System32\iertutil.dll
17:41:24.0808 6992 C:\Windows\System32\iertutil.dll - ok
17:41:24.0840 6992 [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
17:41:24.0840 6992 C:\Windows\System32\gdi32.dll - ok
17:41:24.0900 6992 [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
17:41:24.0900 6992 C:\Windows\System32\shlwapi.dll - ok
17:41:24.0954 6992 [ 1DC3504CA4C57900F1557E9A3F01D272 ] C:\Windows\System32\kernel32.dll
17:41:24.0955 6992 C:\Windows\System32\kernel32.dll - ok
17:41:25.0002 6992 [ EB43840BABF5589E33186D094DE7381D ] C:\Windows\System32\drivers\NETwNs64.sys
17:41:25.0002 6992 C:\Windows\System32\drivers\NETwNs64.sys - ok
17:41:25.0047 6992 [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
17:41:25.0048 6992 C:\Windows\System32\oleaut32.dll - ok
17:41:25.0088 6992 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
17:41:25.0089 6992 C:\Windows\System32\usp10.dll - ok
17:41:25.0121 6992 [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
17:41:25.0122 6992 C:\Windows\System32\msvcrt.dll - ok
17:41:25.0167 6992 [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
17:41:25.0167 6992 C:\Windows\System32\sechost.dll - ok
17:41:25.0213 6992 [ 1DBA462CF92D890D8F8E6472E7E8B4B4 ] C:\Windows\System32\urlmon.dll
17:41:25.0213 6992 C:\Windows\System32\urlmon.dll - ok
17:41:25.0267 6992 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
17:41:25.0267 6992 C:\Windows\System32\drivers\vwifibus.sys - ok
17:41:25.0324 6992 [ 5121DB613E10A46A3C5085B479026AA7 ] C:\Windows\System32\wininet.dll
17:41:25.0324 6992 C:\Windows\System32\wininet.dll - ok
17:41:25.0357 6992 [ 93AF5CCCE5145AA3C2F0A41E7F65149A ] C:\Windows\System32\drivers\b57nd60a.sys
17:41:25.0358 6992 C:\Windows\System32\drivers\b57nd60a.sys - ok
17:41:25.0411 6992 [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
17:41:25.0412 6992 C:\Windows\System32\rpcrt4.dll - ok
17:41:25.0456 6992 [ DF2750481B4964814467C974F2B0EEF1 ] C:\Windows\System32\drivers\nusb3xhc.sys
17:41:25.0457 6992 C:\Windows\System32\drivers\nusb3xhc.sys - ok
17:41:25.0504 6992 [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
17:41:25.0504 6992 C:\Windows\System32\drivers\usbd.sys - ok
17:41:25.0550 6992 [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
17:41:25.0550 6992 C:\Windows\System32\ws2_32.dll - ok
17:41:25.0593 6992 [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
17:41:25.0593 6992 C:\Windows\System32\drivers\1394ohci.sys - ok
17:41:25.0634 6992 [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
17:41:25.0635 6992 C:\Windows\System32\difxapi.dll - ok
17:41:25.0701 6992 [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
17:41:25.0701 6992 C:\Windows\System32\comdlg32.dll - ok
17:41:25.0753 6992 [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
17:41:25.0753 6992 C:\Windows\System32\advapi32.dll - ok
17:41:25.0795 6992 [ 8A76949E0F461FDDC147491B0C5B28C3 ] C:\Windows\System32\drivers\tifm21.sys
17:41:25.0796 6992 C:\Windows\System32\drivers\tifm21.sys - ok
17:41:25.0829 6992 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
17:41:25.0830 6992 C:\Windows\System32\setupapi.dll - ok
17:41:25.0876 6992 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] C:\Windows\System32\drivers\sdbus.sys
17:41:25.0876 6992 C:\Windows\System32\drivers\sdbus.sys - ok
17:41:25.0910 6992 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
17:41:25.0910 6992 C:\Windows\System32\drivers\i8042prt.sys - ok
17:41:25.0956 6992 [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
17:41:25.0956 6992 C:\Windows\System32\msctf.dll - ok
17:41:26.0006 6992 [ 064A2530A4A7C7CEC1BE6A1945645BE4 ] C:\Windows\System32\drivers\SynTP.sys
17:41:26.0006 6992 C:\Windows\System32\drivers\SynTP.sys - ok
17:41:26.0047 6992 [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
17:41:26.0048 6992 C:\Windows\System32\nsi.dll - ok
17:41:26.0086 6992 [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
17:41:26.0086 6992 C:\Windows\System32\user32.dll - ok
17:41:26.0125 6992 [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
17:41:26.0125 6992 C:\Windows\System32\Wldap32.dll - ok
17:41:26.0176 6992 [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
17:41:26.0176 6992 C:\Windows\System32\normaliz.dll - ok
17:41:26.0205 6992 [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
17:41:26.0206 6992 C:\Windows\System32\ole32.dll - ok
17:41:26.0243 6992 [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
17:41:26.0244 6992 C:\Windows\System32\lpk.dll - ok
17:41:26.0285 6992 [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
17:41:26.0286 6992 C:\Windows\System32\clbcatq.dll - ok
17:41:26.0329 6992 [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
17:41:26.0329 6992 C:\Windows\System32\psapi.dll - ok
17:41:26.0374 6992 [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
17:41:26.0374 6992 C:\Windows\System32\wintrust.dll - ok
17:41:26.0422 6992 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
17:41:26.0422 6992 C:\Windows\System32\comctl32.dll - ok
17:41:26.0461 6992 [ 6F2E324703E6D22B9934C33DA48F1F01 ] C:\Windows\System32\KernelBase.dll
17:41:26.0461 6992 C:\Windows\System32\KernelBase.dll - ok
17:41:26.0523 6992 [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
17:41:26.0524 6992 C:\Windows\System32\devobj.dll - ok
17:41:26.0571 6992 [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
17:41:26.0572 6992 C:\Windows\System32\cfgmgr32.dll - ok
17:41:26.0616 6992 [ 12EE6FE9268CEE6D90FDCCBF89236C65 ] C:\Windows\System32\crypt32.dll
17:41:26.0616 6992 C:\Windows\System32\crypt32.dll - ok
17:41:26.0666 6992 [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
17:41:26.0666 6992 C:\Windows\System32\msasn1.dll - ok
17:41:26.0709 6992 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
17:41:26.0710 6992 C:\Windows\SysWOW64\normaliz.dll - ok
17:41:26.0740 6992 [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
17:41:26.0741 6992 C:\Windows\System32\drivers\mouclass.sys - ok
17:41:26.0784 6992 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
17:41:26.0784 6992 C:\Windows\System32\drivers\kbdclass.sys - ok
17:41:26.0835 6992 [ DE41918B7ABAE9056EB1E62540D229D3 ] C:\Windows\System32\drivers\VMkbd.sys
17:41:26.0836 6992 C:\Windows\System32\drivers\VMkbd.sys - ok
17:41:26.0885 6992 [ 0086431C29C35BE1DBC43F52CC273887 ] C:\Windows\System32\drivers\parport.sys
17:41:26.0886 6992 C:\Windows\System32\drivers\parport.sys - ok
17:41:26.0937 6992 [ DBCC20C02E8A3E43B03C304A4E40A84F ] C:\Windows\System32\drivers\tpm.sys
17:41:26.0938 6992 C:\Windows\System32\drivers\tpm.sys - ok
17:41:26.0992 6992 [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
17:41:26.0992 6992 C:\Windows\System32\drivers\CmBatt.sys - ok
17:41:27.0026 6992 [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
17:41:27.0026 6992 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:41:27.0074 6992 [ 12C5274CD87449A2A37A607CDB321922 ] C:\Windows\System32\drivers\acpials.sys
17:41:27.0074 6992 C:\Windows\System32\drivers\acpials.sys - ok
17:41:27.0128 6992 [ DDA4CAF29D8C0A297F886BFE561E6659 ] C:\Windows\System32\drivers\WUDFRd.sys
17:41:27.0129 6992 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:41:27.0172 6992 [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
17:41:27.0173 6992 C:\Windows\System32\drivers\intelppm.sys - ok
17:41:27.0221 6992 [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
17:41:27.0222 6992 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:41:27.0255 6992 [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
17:41:27.0255 6992 C:\Windows\System32\drivers\agilevpn.sys - ok
17:41:27.0300 6992 [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
17:41:27.0301 6992 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:41:27.0344 6992 [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
17:41:27.0344 6992 C:\Windows\System32\drivers\ndistapi.sys - ok
17:41:27.0390 6992 [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
17:41:27.0390 6992 C:\Windows\System32\drivers\ndiswan.sys - ok
17:41:27.0437 6992 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
17:41:27.0437 6992 C:\Windows\System32\drivers\raspppoe.sys - ok
17:41:27.0486 6992 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
17:41:27.0487 6992 C:\Windows\System32\drivers\raspptp.sys - ok
17:41:27.0515 6992 [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
17:41:27.0515 6992 C:\Windows\System32\drivers\rassstp.sys - ok
17:41:27.0566 6992 [ D5462D5C8F4AF904D109C5B41B8CD43A ] C:\Windows\System32\drivers\tap0901.sys
17:41:27.0566 6992 C:\Windows\System32\drivers\tap0901.sys - ok
17:41:27.0616 6992 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
17:41:27.0617 6992 C:\Windows\System32\drivers\rdpbus.sys - ok
17:41:27.0682 6992 [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
17:41:27.0682 6992 C:\Windows\System32\drivers\scsiport.sys - ok
17:41:27.0734 6992 [ 79D51E7F5926E8CE1B3EBECEBAE28CFF ] C:\Windows\System32\drivers\mcdbus.sys
17:41:27.0734 6992 C:\Windows\System32\drivers\mcdbus.sys - ok
17:41:27.0786 6992 [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
17:41:27.0787 6992 C:\Windows\System32\drivers\ks.sys - ok
17:41:27.0819 6992 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
17:41:27.0820 6992 C:\Windows\System32\drivers\swenum.sys - ok
17:41:27.0872 6992 [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
17:41:27.0873 6992 C:\Windows\System32\drivers\umbus.sys - ok
17:41:27.0926 6992 [ DDBB283835010E52E88AAC6995B617D7 ] C:\Windows\System32\drivers\ew_jubusenum.sys
17:41:27.0927 6992 C:\Windows\System32\drivers\ew_jubusenum.sys - ok
17:41:27.0982 6992 [ D019A286ECE0B4A547484B2C654CB74B ] C:\Windows\System32\drivers\vmnet.sys
17:41:27.0983 6992 C:\Windows\System32\drivers\vmnet.sys - ok
17:41:28.0039 6992 [ B259C31378BC855AFD1B53F59311C251 ] C:\Windows\System32\drivers\vmnetadapter.sys
17:41:28.0039 6992 C:\Windows\System32\drivers\vmnetadapter.sys - ok
17:41:28.0092 6992 [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
17:41:28.0092 6992 C:\Windows\System32\drivers\usbhub.sys - ok
17:41:28.0149 6992 [ 785298579B5F9B4032152DFBB992FDB6 ] C:\Windows\System32\drivers\nusb3hub.sys
17:41:28.0150 6992 C:\Windows\System32\drivers\nusb3hub.sys - ok
17:41:28.0200 6992 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
17:41:28.0200 6992 C:\Windows\System32\drivers\ndproxy.sys - ok
17:41:28.0261 6992 [ 0034F69D0007D3F77F6B96FA51228E85 ] C:\Windows\System32\drivers\LVUSBS64.sys
17:41:28.0261 6992 C:\Windows\System32\drivers\LVUSBS64.sys - ok
17:41:28.0309 6992 [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
17:41:28.0309 6992 C:\Windows\System32\drivers\drmk.sys - ok
17:41:28.0338 6992 [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
17:41:28.0339 6992 C:\Windows\System32\drivers\portcls.sys - ok
17:41:28.0386 6992 [ B0790FF0E25B7A2674296052F2162C1A ] C:\Windows\System32\drivers\AtihdW76.sys
17:41:28.0387 6992 C:\Windows\System32\drivers\AtihdW76.sys - ok
17:41:28.0430 6992 [ DA40D9C9CCB9836D6ABD1706935A2277 ] C:\Windows\System32\drivers\stwrt64.sys
17:41:28.0430 6992 C:\Windows\System32\drivers\stwrt64.sys - ok
17:41:28.0475 6992 [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
17:41:28.0475 6992 C:\Windows\System32\drivers\dxapi.sys - ok
17:41:28.0525 6992 [ C58923115CDE6071C3BF2FF063546E9F ] C:\Windows\System32\win32k.sys
17:41:28.0525 6992 C:\Windows\System32\win32k.sys - ok
17:41:28.0577 6992 [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
17:41:28.0578 6992 C:\Windows\System32\drivers\usbccgp.sys - ok
17:41:28.0620 6992 [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
17:41:28.0620 6992 C:\Windows\System32\csrss.exe - ok
17:41:28.0664 6992 [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
17:41:28.0665 6992 C:\Windows\System32\csrsrv.dll - ok
17:41:28.0712 6992 [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
17:41:28.0713 6992 C:\Windows\System32\drivers\usbvideo.sys - ok
17:41:28.0791 6992 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
17:41:28.0792 6992 C:\Windows\System32\basesrv.dll - ok
17:41:28.0870 6992 [ 72CC564BBC70DE268784BCE91EB8A28F ] C:\Windows\System32\winsrv.dll
17:41:28.0870 6992 C:\Windows\System32\winsrv.dll - ok
17:41:28.0931 6992 [ 8CE04A5BDD2CE6E62CE02A1C27093104 ] C:\Windows\System32\drivers\CtClsFlt.sys
17:41:28.0932 6992 C:\Windows\System32\drivers\CtClsFlt.sys - ok
17:41:28.0992 6992 [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
17:41:28.0993 6992 C:\Windows\System32\drivers\ksthunk.sys - ok
17:41:29.0047 6992 [ A84CAAE89B487931200B969D94018AFA ] C:\Windows\System32\drivers\cvusbdrv.sys
17:41:29.0047 6992 C:\Windows\System32\drivers\cvusbdrv.sys - ok
17:41:29.0100 6992 [ FE88B288356E7B47B74B13372ADD906D ] C:\Windows\System32\drivers\winusb.sys
17:41:29.0100 6992 C:\Windows\System32\drivers\winusb.sys - ok
17:41:29.0137 6992 [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
17:41:29.0137 6992 C:\Windows\System32\drivers\hidparse.sys - ok
17:41:29.0198 6992 [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
17:41:29.0198 6992 C:\Windows\System32\drivers\hidclass.sys - ok
17:41:29.0247 6992 [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
17:41:29.0247 6992 C:\Windows\System32\drivers\hidusb.sys - ok
17:41:29.0299 6992 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
17:41:29.0299 6992 C:\Windows\System32\drivers\kbdhid.sys - ok
17:41:29.0348 6992 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
17:41:29.0348 6992 C:\Windows\System32\drivers\mouhid.sys - ok
17:41:29.0402 6992 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] C:\Windows\System32\drivers\usbscan.sys
17:41:29.0402 6992 C:\Windows\System32\drivers\usbscan.sys - ok
17:41:29.0434 6992 [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
17:41:29.0435 6992 C:\Windows\System32\drivers\usbprint.sys - ok
17:41:29.0490 6992 [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
17:41:29.0490 6992 C:\Windows\System32\drivers\monitor.sys - ok
17:41:29.0538 6992 [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
17:41:29.0539 6992 C:\Windows\System32\tsddd.dll - ok
17:41:29.0585 6992 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
17:41:29.0585 6992 C:\Windows\System32\sxssrv.dll - ok
17:41:29.0634 6992 [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
17:41:29.0634 6992 C:\Windows\System32\wininit.exe - ok
17:41:29.0673 6992 [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
17:41:29.0673 6992 C:\Windows\System32\profapi.dll - ok
17:41:29.0739 6992 [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
17:41:29.0739 6992 C:\Windows\System32\RpcRtRemote.dll - ok
17:41:29.0790 6992 [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
17:41:29.0791 6992 C:\Windows\System32\cdd.dll - ok
17:41:29.0837 6992 [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
17:41:29.0837 6992 C:\Windows\System32\KBDUS.DLL - ok
17:41:29.0881 6992 [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
17:41:29.0881 6992 C:\Windows\System32\WlS0WndH.dll - ok
17:41:29.0940 6992 [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
17:41:29.0941 6992 C:\Windows\System32\apphelp.dll - ok
17:41:29.0990 6992 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
17:41:29.0991 6992 C:\Windows\System32\services.exe - ok
17:41:30.0071 6992 [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
17:41:30.0072 6992 C:\Windows\System32\sxs.dll - ok
17:41:30.0146 6992 [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
17:41:30.0147 6992 C:\Windows\System32\cryptbase.dll - ok
17:41:30.0268 6992 [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
17:41:30.0269 6992 C:\Windows\System32\lsass.exe - ok
17:41:30.0330 6992 [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
17:41:30.0331 6992 C:\Windows\System32\sspicli.dll - ok
17:41:30.0388 6992 [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
17:41:30.0389 6992 C:\Windows\System32\lsm.exe - ok
17:41:30.0462 6992 [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
17:41:30.0463 6992 C:\Windows\System32\sspisrv.dll - ok
17:41:30.0506 6992 [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
17:41:30.0507 6992 C:\Windows\System32\scext.dll - ok
17:41:30.0537 6992 [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
17:41:30.0538 6992 C:\Windows\System32\lsasrv.dll - ok
17:41:30.0590 6992 [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
17:41:30.0591 6992 C:\Windows\System32\sysntfy.dll - ok
17:41:30.0649 6992 [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
17:41:30.0649 6992 C:\Windows\System32\wmsgapi.dll - ok
17:41:30.0701 6992 [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
17:41:30.0702 6992 C:\Windows\System32\secur32.dll - ok
17:41:30.0749 6992 [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
17:41:30.0750 6992 C:\Windows\System32\scesrv.dll - ok
17:41:30.0806 6992 [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
17:41:30.0806 6992 C:\Windows\System32\srvcli.dll - ok
17:41:30.0857 6992 [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
17:41:30.0858 6992 C:\Windows\System32\samsrv.dll - ok
17:41:30.0922 6992 [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
17:41:30.0923 6992 C:\Windows\System32\cryptdll.dll - ok
17:41:30.0988 6992 [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
17:41:30.0988 6992 C:\Windows\System32\wevtapi.dll - ok
17:41:31.0042 6992 [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
17:41:31.0042 6992 C:\Windows\System32\cngaudit.dll - ok
17:41:31.0080 6992 [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
17:41:31.0080 6992 C:\Windows\System32\authz.dll - ok
17:41:31.0132 6992 [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
17:41:31.0133 6992 C:\Windows\System32\ncrypt.dll - ok
17:41:31.0200 6992 [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
17:41:31.0200 6992 C:\Windows\System32\winlogon.exe - ok
17:41:31.0280 6992 [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
17:41:31.0281 6992 C:\Windows\System32\bcrypt.dll - ok
17:41:31.0335 6992 [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
17:41:31.0336 6992 C:\Windows\System32\winsta.dll - ok
17:41:31.0382 6992 [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
17:41:31.0383 6992 C:\Windows\System32\msprivs.dll - ok
17:41:31.0434 6992 [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
17:41:31.0435 6992 C:\Windows\System32\netjoin.dll - ok
17:41:31.0483 6992 [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
17:41:31.0483 6992 C:\Windows\System32\negoexts.dll - ok
17:41:31.0528 6992 [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
17:41:31.0528 6992 C:\Windows\System32\kerberos.dll - ok
17:41:31.0575 6992 [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
17:41:31.0575 6992 C:\Windows\System32\version.dll - ok
17:41:31.0604 6992 [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
17:41:31.0604 6992 C:\Windows\System32\cryptsp.dll - ok
17:41:31.0649 6992 [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
17:41:31.0649 6992 C:\Windows\System32\mswsock.dll - ok
17:41:31.0691 6992 [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
17:41:31.0692 6992 C:\Windows\System32\wship6.dll - ok
17:41:31.0735 6992 [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
17:41:31.0736 6992 C:\Windows\System32\msv1_0.dll - ok
17:41:31.0779 6992 [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
17:41:31.0779 6992 C:\Windows\System32\netlogon.dll - ok
17:41:31.0826 6992 [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
17:41:31.0827 6992 C:\Windows\System32\dnsapi.dll - ok
17:41:31.0871 6992 [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
17:41:31.0871 6992 C:\Windows\System32\logoncli.dll - ok
17:41:31.0938 6992 [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
17:41:31.0938 6992 C:\Windows\System32\schannel.dll - ok
17:41:31.0995 6992 [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
17:41:31.0995 6992 C:\Windows\System32\wdigest.dll - ok
17:41:32.0046 6992 [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
17:41:32.0046 6992 C:\Windows\System32\rsaenh.dll - ok
17:41:32.0106 6992 [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
17:41:32.0107 6992 C:\Windows\System32\TSpkg.dll - ok
17:41:32.0134 6992 [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
17:41:32.0135 6992 C:\Windows\System32\atmfd.dll - ok
17:41:32.0187 6992 [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
17:41:32.0187 6992 C:\Windows\System32\pku2u.dll - ok
17:41:32.0228 6992 [ 7DBA64AD70C2E2481C68D9E0F7CD7840 ] C:\Windows\System32\LIVESSP.DLL
17:41:32.0228 6992 C:\Windows\System32\LIVESSP.DLL - ok
17:41:32.0269 6992 [ 98A3831AD419590CE85F07406B265EEE ] C:\Windows\System32\MSOIDSSP.DLL
17:41:32.0270 6992 C:\Windows\System32\MSOIDSSP.DLL - ok
17:41:32.0309 6992 [ A6C84405B6D558D48A92C290A0EFD032 ] C:\Windows\System32\wvauth.dll
17:41:32.0309 6992 C:\Windows\System32\wvauth.dll - ok
17:41:32.0378 6992 [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
17:41:32.0379 6992 C:\Windows\System32\WinSCard.dll - ok
17:41:32.0431 6992 [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
17:41:32.0432 6992 C:\Windows\System32\userenv.dll - ok
17:41:32.0489 6992 [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
17:41:32.0489 6992 C:\Windows\System32\wsock32.dll - ok
17:41:32.0544 6992 [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
17:41:32.0544 6992 C:\Windows\System32\netapi32.dll - ok
17:41:32.0596 6992 [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
17:41:32.0596 6992 C:\Windows\System32\netutils.dll - ok
17:41:32.0647 6992 [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
17:41:32.0647 6992 C:\Windows\System32\wkscli.dll - ok
17:41:32.0685 6992 [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
17:41:32.0686 6992 C:\Windows\System32\activeds.dll - ok
17:41:32.0743 6992 [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
17:41:32.0743 6992 C:\Windows\System32\adsldpc.dll - ok
17:41:32.0812 6992 [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
17:41:32.0813 6992 C:\Windows\System32\atl.dll - ok
17:41:32.0867 6992 [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
17:41:32.0868 6992 C:\Windows\System32\bcryptprimitives.dll - ok
17:41:32.0921 6992 [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
17:41:32.0922 6992 C:\Windows\System32\efslsaext.dll - ok
17:41:32.0949 6992 [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
17:41:32.0950 6992 C:\Windows\System32\credssp.dll - ok
17:41:33.0004 6992 [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
17:41:33.0005 6992 C:\Windows\System32\ubpm.dll - ok
17:41:33.0063 6992 [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
17:41:33.0064 6992 C:\Windows\System32\scecli.dll - ok
17:41:33.0120 6992 [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
17:41:33.0121 6992 C:\Windows\System32\svchost.exe - ok
17:41:33.0179 6992 [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
17:41:33.0180 6992 C:\Windows\System32\umpnpmgr.dll - ok
17:41:33.0210 6992 [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
17:41:33.0211 6992 C:\Windows\System32\SPInf.dll - ok
17:41:33.0258 6992 [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
17:41:33.0259 6992 C:\Windows\System32\devrtl.dll - ok
17:41:33.0302 6992 [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
17:41:33.0303 6992 C:\Windows\System32\gpapi.dll - ok
17:41:33.0348 6992 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
17:41:33.0348 6992 C:\Windows\System32\umpo.dll - ok
17:41:33.0393 6992 [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
17:41:33.0394 6992 C:\Windows\System32\pcwum.dll - ok
17:41:33.0433 6992 [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
17:41:33.0433 6992 C:\Windows\System32\powrprof.dll - ok
17:41:33.0474 6992 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
17:41:33.0475 6992 C:\Windows\System32\drivers\luafv.sys - ok
17:41:33.0515 6992 [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
17:41:33.0516 6992 C:\Windows\System32\rpcss.dll - ok
17:41:33.0582 6992 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
17:41:33.0582 6992 C:\Windows\System32\RpcEpMap.dll - ok
17:41:33.0642 6992 [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
17:41:33.0642 6992 C:\Windows\System32\WSHTCPIP.DLL - ok
17:41:33.0690 6992 [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
17:41:33.0691 6992 C:\Windows\System32\wshqos.dll - ok
17:41:33.0741 6992 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
17:41:33.0742 6992 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
17:41:33.0780 6992 [ DC5B5D3A1BF59A74ECA9C2EBB34574BE ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
17:41:33.0781 6992 C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
17:41:33.0840 6992 [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
17:41:33.0841 6992 C:\Windows\System32\FirewallAPI.dll - ok
17:41:33.0892 6992 [ BCF8F2758AA5C451F8E366C66A98BBFE ] C:\Program Files\Microsoft Security Client\MpSvc.dll
17:41:33.0893 6992 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
17:41:33.0959 6992 [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
17:41:33.0959 6992 C:\Windows\System32\LogonUI.exe - ok
17:41:34.0017 6992 [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
17:41:34.0018 6992 C:\Windows\System32\wtsapi32.dll - ok
17:41:34.0054 6992 [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
17:41:34.0054 6992 C:\Windows\System32\authui.dll - ok
17:41:34.0106 6992 [ 2F67DEE6452EBC9F4A6C97A1CCC232FE ] C:\Program Files\Microsoft Security Client\MpClient.dll
17:41:34.0106 6992 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
17:41:34.0156 6992 [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
17:41:34.0157 6992 C:\Windows\System32\cryptui.dll - ok
17:41:34.0208 6992 [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
17:41:34.0208 6992 C:\Windows\System32\ntmarta.dll - ok
17:41:34.0263 6992 [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:41:34.0264 6992 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:41:34.0306 6992 [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
17:41:34.0307 6992 C:\Windows\System32\shacct.dll - ok
17:41:34.0359 6992 [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
17:41:34.0361 6992 C:\Windows\System32\samlib.dll - ok
17:41:34.0418 6992 [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
17:41:34.0418 6992 C:\Windows\System32\propsys.dll - ok
17:41:34.0469 6992 [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
17:41:34.0469 6992 C:\Windows\System32\uxtheme.dll - ok
17:41:34.0519 6992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
17:41:34.0520 6992 C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
17:41:34.0567 6992 [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:41:34.0567 6992 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:41:34.0600 6992 [ 40DA7B4B1E89B095E15273F0390D6843 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
17:41:34.0600 6992 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
17:41:34.0642 6992 [ DA9AA12027A178BA49752FFEAC324373 ] C:\Windows\System32\atiesrxx.exe
17:41:34.0642 6992 C:\Windows\System32\atiesrxx.exe - ok
17:41:34.0715 6992 [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
17:41:34.0716 6992 C:\Windows\System32\dui70.dll - ok
17:41:34.0797 6992 [ BF62F3BC1BE0700804EC394BB77F02C4 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
17:41:34.0797 6992 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
17:41:34.0836 6992 [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
17:41:34.0836 6992 C:\Windows\System32\duser.dll - ok
17:41:34.0879 6992 [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
17:41:34.0880 6992 C:\Windows\System32\SndVolSSO.dll - ok
17:41:34.0933 6992 [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
17:41:34.0934 6992 C:\Windows\System32\fltLib.dll - ok
17:41:34.0994 6992 [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
17:41:34.0995 6992 C:\Windows\System32\hid.dll - ok
17:41:35.0059 6992 [ 0476A8C105932312A17CA43FEDC6D3B6 ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
17:41:35.0059 6992 C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
17:41:35.0106 6992 [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
17:41:35.0106 6992 C:\Windows\System32\MMDevAPI.dll - ok
17:41:35.0138 6992 [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
17:41:35.0138 6992 C:\Windows\System32\wevtsvc.dll - ok
17:41:35.0188 6992 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] C:\Windows\System32\drivers\MpFilter.sys
17:41:35.0188 6992 C:\Windows\System32\drivers\MpFilter.sys - ok
17:41:35.0234 6992 [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
17:41:35.0234 6992 C:\Windows\System32\dwmapi.dll - ok
17:41:35.0280 6992 [ 12FD09889C8A6141C8D10F7AE48BBAC8 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
17:41:35.0280 6992 C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
17:41:35.0330 6992 [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
17:41:35.0330 6992 C:\Windows\System32\xmllite.dll - ok
17:41:35.0381 6992 [ D527EF4364D2D00443470940B177EAD4 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E6174E1-BAE5-40FE-9E3C-F07246DB5065}\mpengine.dll
17:41:35.0382 6992 C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7E6174E1-BAE5-40FE-9E3C-F07246DB5065}\mpengine.dll - ok
17:41:35.0419 6992 [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
17:41:35.0419 6992 C:\Windows\System32\WindowsCodecs.dll - ok
17:41:35.0468 6992 [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
17:41:35.0468 6992 C:\Windows\System32\audiosrv.dll - ok
17:41:35.0518 6992 [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
17:41:35.0518 6992 C:\Windows\System32\mmcss.dll - ok
17:41:35.0562 6992 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
17:41:35.0563 6992 C:\Windows\System32\netprofm.dll - ok
17:41:35.0604 6992 [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
17:41:35.0604 6992 C:\Windows\System32\avrt.dll - ok
17:41:35.0646 6992 [ B00068BA94F5F306911B14B425AAEB56 ] C:\Program Files\IDT\WDM\stacsv64.exe
17:41:35.0646 6992 C:\Program Files\IDT\WDM\stacsv64.exe - ok
17:41:35.0676 6992 [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
17:41:35.0677 6992 C:\Windows\System32\dsound.dll - ok
17:41:35.0721 6992 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
17:41:35.0722 6992 C:\Windows\System32\wlansvc.dll - ok
17:41:35.0764 6992 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
17:41:35.0764 6992 C:\Windows\System32\winbrand.dll - ok
17:41:35.0806 6992 [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
17:41:35.0807 6992 C:\Windows\System32\winmm.dll - ok
17:41:35.0863 6992 [ BD37CB67B1BD1312227C8B1438E319B8 ] C:\Windows\System32\stapi64.dll
17:41:35.0864 6992 C:\Windows\System32\stapi64.dll - ok
17:41:35.0934 6992 [ FBF3AA8AA4729D5855B3EA70ABCA05FC ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\Microsoft.SharePoint.Msg.dll
17:41:35.0934 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\1033\Microsoft.SharePoint.Msg.dll - ok
17:41:35.0986 6992 [ 5FB997B6DFFB8AA7919527885B88E212 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL
17:41:35.0986 6992 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDCREDPROV.DLL - ok
17:41:36.0060 6992 [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:41:36.0061 6992 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:41:36.0104 6992 [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
17:41:36.0105 6992 C:\Windows\System32\credui.dll - ok
17:41:36.0148 6992 [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
17:41:36.0148 6992 C:\Windows\System32\VaultCredProvider.dll - ok
17:41:36.0193 6992 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
17:41:36.0194 6992 C:\Windows\System32\MPSSVC.dll - ok
17:41:36.0230 6992 [ E2038ABDBDF1837F077FB8E50EAD083C ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
17:41:36.0230 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
17:41:36.0280 6992 [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
17:41:36.0281 6992 C:\Windows\System32\winspool.drv - ok
17:41:36.0325 6992 [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
17:41:36.0325 6992 C:\Windows\System32\bthprops.cpl - ok
17:41:36.0371 6992 [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
17:41:36.0372 6992 C:\Windows\System32\WUDFPlatform.dll - ok
17:41:36.0415 6992 [ A77F3D11B465A0AC72071AE9E82D903F ] C:\Windows\System32\WvCredProv.dll
17:41:36.0416 6992 C:\Windows\System32\WvCredProv.dll - ok
17:41:36.0458 6992 [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
17:41:36.0458 6992 C:\Windows\System32\drivers\fltMgr.sys - ok
17:41:36.0490 6992 [ 80F1AF82729817DB1A96C99BF4921FDC ] C:\Windows\System32\AmRes_en.dll
17:41:36.0491 6992 C:\Windows\System32\AmRes_en.dll - ok
17:41:36.0544 6992 [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
17:41:36.0544 6992 C:\Windows\System32\PSHED.DLL - ok
17:41:36.0590 6992 [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:41:36.0591 6992 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:41:36.0637 6992 [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:41:36.0637 6992 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:41:36.0680 6992 [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
17:41:36.0680 6992 C:\Windows\System32\BioCredProv.dll - ok
17:41:36.0726 6992 [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
17:41:36.0727 6992 C:\Windows\System32\winbio.dll - ok
17:41:36.0756 6992 [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
17:41:36.0756 6992 C:\Windows\System32\vaultcli.dll - ok
17:41:36.0812 6992 [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
17:41:36.0813 6992 C:\Windows\System32\samcli.dll - ok
17:41:36.0855 6992 [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
17:41:36.0856 6992 C:\Windows\System32\certCredProvider.dll - ok
17:41:36.0905 6992 [ 032229246107C5C7211E6D1498B52D3D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:41:36.0906 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:41:36.0947 6992 [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
17:41:36.0948 6992 C:\Windows\System32\rasplap.dll - ok
17:41:36.0996 6992 [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
17:41:36.0996 6992 C:\Windows\System32\rasapi32.dll - ok
17:41:37.0037 6992 [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
17:41:37.0038 6992 C:\Windows\System32\rasman.dll - ok
17:41:37.0101 6992 [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
17:41:37.0102 6992 C:\Windows\System32\rtutils.dll - ok
17:41:37.0157 6992 [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
17:41:37.0157 6992 C:\Windows\System32\audiodg.exe - ok
17:41:37.0213 6992 [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
17:41:37.0213 6992 C:\Windows\System32\AudioSes.dll - ok
17:41:37.0255 6992 [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
17:41:37.0255 6992 C:\Windows\System32\oleacc.dll - ok
17:41:37.0285 6992 [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
17:41:37.0285 6992 C:\Windows\System32\UIAutomationCore.dll - ok
17:41:37.0332 6992 [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
17:41:37.0332 6992 C:\Windows\System32\AudioEng.dll - ok
17:41:37.0376 6992 [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
17:41:37.0376 6992 C:\Windows\System32\AUDIOKSE.dll - ok
17:41:37.0418 6992 [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
17:41:37.0419 6992 C:\Windows\System32\ksuser.dll - ok
17:41:37.0464 6992 [ 45277FE27AF71140BA44DB4A061EE04B ] C:\Windows\System32\stapo64.dll
17:41:37.0464 6992 C:\Windows\System32\stapo64.dll - ok
17:41:37.0508 6992 [ FFA1A0DD5C18130DABE0F68D6F1EBFBA ] C:\Windows\System32\AESTAC64.dll
17:41:37.0509 6992 C:\Windows\System32\AESTAC64.dll - ok
17:41:37.0551 6992 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
17:41:37.0552 6992 C:\Windows\System32\gpsvc.dll - ok
17:41:37.0582 6992 [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
17:41:37.0583 6992 C:\Windows\System32\nlaapi.dll - ok
17:41:37.0626 6992 [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
17:41:37.0626 6992 C:\Windows\System32\themeservice.dll - ok
17:41:37.0671 6992 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
17:41:37.0672 6992 C:\Windows\System32\profsvc.dll - ok
17:41:37.0718 6992 [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
17:41:37.0718 6992 C:\Windows\System32\dsrole.dll - ok
17:41:37.0760 6992 [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
17:41:37.0761 6992 C:\Windows\System32\slc.dll - ok
17:41:37.0803 6992 [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
17:41:37.0804 6992 C:\Windows\System32\es.dll - ok
17:41:37.0832 6992 [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
17:41:37.0833 6992 C:\Windows\System32\UXInit.dll - ok
17:41:37.0878 6992 [ C3B919EAEA397A9A00EF103A01B43F8A ] C:\Windows\System32\atieclxx.exe
17:41:37.0879 6992 C:\Windows\System32\atieclxx.exe - ok
17:41:37.0947 6992 [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
17:41:37.0948 6992 C:\Windows\System32\comres.dll - ok
17:41:38.0012 6992 [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
17:41:38.0012 6992 C:\Windows\System32\Sens.dll - ok
17:41:38.0063 6992 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
17:41:38.0064 6992 C:\Windows\System32\uxsms.dll - ok
17:41:38.0096 6992 [ DEC4CE720FFEDA939CF1BA315CFBD993 ] C:\Windows\System32\drivers\vmnetbridge.sys
17:41:38.0097 6992 C:\Windows\System32\drivers\vmnetbridge.sys - ok
17:41:38.0162 6992 [ DB16A7C0A453F7E220A5F29E42572FD8 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
17:41:38.0162 6992 C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
17:41:38.0204 6992 [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
17:41:38.0205 6992 C:\Windows\System32\sfc.dll - ok
17:41:38.0264 6992 [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
17:41:38.0264 6992 C:\Windows\System32\sfc_os.dll - ok
17:41:38.0336 6992 [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
17:41:38.0336 6992 C:\Windows\System32\mpr.dll - ok
17:41:38.0370 6992 [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
17:41:38.0370 6992 C:\Windows\System32\drivers\lltdio.sys - ok
17:41:38.0423 6992 [ 662995BB2BD59CED1679B3FDEE6AFD27 ] C:\Windows\System32\atiadlxx.dll
17:41:38.0424 6992 C:\Windows\System32\atiadlxx.dll - ok
17:41:38.0469 6992 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
17:41:38.0469 6992 C:\Windows\System32\drivers\nwifi.sys - ok
17:41:38.0525 6992 [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
17:41:38.0525 6992 C:\Windows\System32\drivers\ndisuio.sys - ok
17:41:38.0571 6992 [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
17:41:38.0571 6992 C:\Windows\System32\drivers\rspndr.sys - ok
17:41:38.0619 6992 [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
17:41:38.0619 6992 C:\Windows\System32\lmhsvc.dll - ok
17:41:38.0654 6992 [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
17:41:38.0655 6992 C:\Windows\System32\nsisvc.dll - ok
17:41:38.0703 6992 [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
17:41:38.0704 6992 C:\Windows\System32\IPHLPAPI.DLL - ok
17:41:38.0752 6992 [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
17:41:38.0752 6992 C:\Windows\System32\winnsi.dll - ok
17:41:38.0821 6992 [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
17:41:38.0821 6992 C:\Windows\System32\nrpsrv.dll - ok
17:41:38.0884 6992 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
17:41:38.0884 6992 C:\Windows\System32\dhcpcore.dll - ok
17:41:38.0924 6992 [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
17:41:38.0925 6992 C:\Windows\System32\dhcpcore6.dll - ok
17:41:38.0985 6992 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
17:41:38.0985 6992 C:\Windows\System32\dnsrslvr.dll - ok
17:41:39.0042 6992 [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
17:41:39.0043 6992 C:\Windows\System32\keyiso.dll - ok
17:41:39.0092 6992 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
17:41:39.0093 6992 C:\Windows\System32\eapsvc.dll - ok
17:41:39.0140 6992 [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
17:41:39.0140 6992 C:\Windows\System32\nlasvc.dll - ok
17:41:39.0180 6992 [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
17:41:39.0180 6992 C:\Windows\System32\eapphost.dll - ok
17:41:39.0222 6992 [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
17:41:39.0222 6992 C:\Windows\System32\dhcpcsvc.dll - ok
17:41:39.0265 6992 [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
17:41:39.0266 6992 C:\Windows\System32\dhcpcsvc6.dll - ok
17:41:39.0304 6992 [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
17:41:39.0305 6992 C:\Windows\System32\ncsi.dll - ok
17:41:39.0348 6992 [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
17:41:39.0348 6992 C:\Windows\System32\winhttp.dll - ok
17:41:39.0406 6992 [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
17:41:39.0406 6992 C:\Windows\System32\webio.dll - ok
17:41:39.0459 6992 [ 3A148506DA4BFD40B31C6D6532E78D65 ] C:\Windows\System32\atimuixx.dll
17:41:39.0460 6992 C:\Windows\System32\atimuixx.dll - ok
17:41:39.0508 6992 [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
17:41:39.0509 6992 C:\Windows\System32\FWPUCLNT.DLL - ok
17:41:39.0560 6992 [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
17:41:39.0561 6992 C:\Windows\System32\umb.dll - ok
17:41:39.0600 6992 [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
17:41:39.0600 6992 C:\Windows\System32\wlanmsm.dll - ok
17:41:39.0651 6992 [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
17:41:39.0652 6992 C:\Windows\System32\dnsext.dll - ok
17:41:39.0680 6992 [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
17:41:39.0680 6992 C:\Windows\System32\wlansec.dll - ok
17:41:39.0723 6992 [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
17:41:39.0724 6992 C:\Windows\System32\onex.dll - ok
17:41:39.0774 6992 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
17:41:39.0775 6992 C:\Windows\System32\ssdpapi.dll - ok
17:41:39.0829 6992 [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
17:41:39.0830 6992 C:\Windows\System32\eappprxy.dll - ok
17:41:39.0877 6992 [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
17:41:39.0878 6992 C:\Windows\System32\eappcfg.dll - ok
17:41:39.0950 6992 [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
17:41:39.0950 6992 C:\Windows\System32\wlgpclnt.dll - ok
17:41:39.0992 6992 [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
17:41:39.0993 6992 C:\Windows\System32\l2gpstore.dll - ok
17:41:40.0042 6992 [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
17:41:40.0042 6992 C:\Windows\System32\wlanutil.dll - ok
17:41:40.0112 6992 [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
17:41:40.0112 6992 C:\Windows\System32\msxml6.dll - ok
17:41:40.0162 6992 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
17:41:40.0162 6992 C:\Windows\System32\wwansvc.dll - ok
17:41:40.0212 6992 [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
17:41:40.0212 6992 C:\Windows\System32\wmi.dll - ok
17:41:40.0239 6992 [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
17:41:40.0240 6992 C:\Windows\System32\shsvcs.dll - ok
17:41:40.0290 6992 [ 43FAB56AE5F639AD59D7209693F4C4C2 ] C:\Windows\System32\wlanext.exe
17:41:40.0290 6992 C:\Windows\System32\wlanext.exe - ok
17:41:40.0336 6992 [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
17:41:40.0337 6992 C:\Windows\System32\schedsvc.dll - ok
17:41:40.0380 6992 [ 3326166011C9BC13D6A8EFD856E9921C ] C:\Windows\System32\conhost.exe
17:41:40.0380 6992 C:\Windows\System32\conhost.exe - ok
17:41:40.0423 6992 [ 2E57E51D99DF238C3D64285B7663844E ] C:\Windows\System32\OEM_Resources.dll
17:41:40.0423 6992 C:\Windows\System32\OEM_Resources.dll - ok
17:41:40.0467 6992 [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
17:41:40.0467 6992 C:\Windows\System32\ktmw32.dll - ok
17:41:40.0501 6992 [ DD668F1B9D35FBC00E10916A98B243B4 ] C:\Program Files\Wave Systems Corp\Common\SsoProxy.dll
17:41:40.0501 6992 C:\Program Files\Wave Systems Corp\Common\SsoProxy.dll - ok
17:41:40.0567 6992 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
17:41:40.0567 6992 C:\Windows\System32\taskcomp.dll - ok
17:41:40.0632 6992 [ B95F748C4F100DD0F6E8115CC0968670 ] C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll
17:41:40.0633 6992 C:\Windows\winsxs\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.dll - ok
17:41:40.0685 6992 [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
17:41:40.0685 6992 C:\Windows\System32\fveapi.dll - ok
17:41:40.0727 6992 [ A8704A10FFDE468F4AB18EBF82A9A86F ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
17:41:40.0727 6992 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
17:41:40.0760 6992 [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
17:41:40.0761 6992 C:\Windows\System32\tbs.dll - ok
17:41:40.0802 6992 [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
17:41:40.0803 6992 C:\Windows\System32\fvecerts.dll - ok
17:41:40.0865 6992 [ 366AC361522AAE4EF3ABFD7E68D4FFB4 ] C:\Windows\System32\iwmssvc.dll
17:41:40.0866 6992 C:\Windows\System32\iwmssvc.dll - ok
17:41:40.0929 6992 [ EC6BA7C92FA5B2AA4AFDF4DF22AEDAB7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
17:41:40.0929 6992 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
17:41:40.0990 6992 [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
17:41:40.0991 6992 C:\Windows\System32\wiarpc.dll - ok
17:41:41.0041 6992 [ A01C162C4EEF32C5B9E4ADA75A1FF59B ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootBiosManager.dll
17:41:41.0042 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootBiosManager.dll - ok
17:41:41.0098 6992 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
17:41:41.0099 6992 C:\Windows\System32\drivers\http.sys - ok
17:41:41.0155 6992 [ 03D6D9E1B2B465BCAB0A54D3F3BEC70C ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PBMCredentialManager.dll
17:41:41.0155 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PBMCredentialManager.dll - ok
17:41:41.0204 6992 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
17:41:41.0204 6992 C:\Windows\System32\spoolsv.exe - ok
17:41:41.0265 6992 [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:41:41.0266 6992 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:41:41.0296 6992 [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
17:41:41.0297 6992 C:\Windows\System32\wlanapi.dll - ok
17:41:41.0340 6992 [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
17:41:41.0340 6992 C:\Windows\System32\msiltcfg.dll - ok
17:41:41.0406 6992 [ D844B11545F53AA0C10F78763381D9EC ] C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
17:41:41.0406 6992 C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll - ok
17:41:41.0460 6992 [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
17:41:41.0460 6992 C:\Windows\System32\msi.dll - ok
17:41:41.0507 6992 [ C1DE9B1E928F844AD7E640CF54F74FDD ] C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll
17:41:41.0507 6992 C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll - ok
17:41:41.0541 6992 [ 1F5DA72CD1612DEE384860687D1AD617 ] C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll
17:41:41.0541 6992 C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll - ok
17:41:41.0592 6992 [ D91D9EA4F71EF04373B6994B4C83278E ] C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll
17:41:41.0592 6992 C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\ccxplugin.dll - ok
17:41:41.0641 6992 [ 33BD6D2F7F3906E07913BE4D05E6ABFD ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
17:41:41.0642 6992 C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe - ok
17:41:41.0697 6992 [ 8EB2642D0523F1C684B62ED1D9DCDC24 ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\CVUsrIfc.dll
17:41:41.0698 6992 C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\CVUsrIfc.dll - ok
17:41:41.0764 6992 [ E4F98B9A2FC94B0C86C6FF77245C16AC ] C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\bipdll.dll
17:41:41.0765 6992 C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\bipdll.dll - ok
17:41:41.0807 6992 [ FA7545CF9FC13B89EE4894E0452530D7 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmAutoLogon.dll
17:41:41.0807 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmAutoLogon.dll - ok
17:41:41.0871 6992 [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
17:41:41.0872 6992 C:\Windows\System32\tbssvc.dll - ok
17:41:41.0920 6992 [ A014408C6A73B2470425BD157D046012 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\WCR10.dll
17:41:41.0920 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\WCR10.dll - ok
17:41:41.0981 6992 [ A82ED039ADD15F468A843D088009B778 ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\CredentialVaultManager.dll
17:41:41.0982 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\CredentialVaultManager.dll - ok
17:41:42.0037 6992 [ 69F1A38A6DBFE682491CB61A596662E3 ] C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:41:42.0038 6992 C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe - ok
17:41:42.0068 6992 [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
17:41:42.0068 6992 C:\Windows\SysWOW64\ntdll.dll - ok
17:41:42.0124 6992 [ 8E2A21FAD9380A4A918C4BF9324FBDE8 ] C:\Windows\System32\bioapi100.dll
17:41:42.0124 6992 C:\Windows\System32\bioapi100.dll - ok
17:41:42.0184 6992 [ 561786125D6039BCCD3970BB15162102 ] C:\Windows\System32\bioapi_mds300.dll
17:41:42.0185 6992 C:\Windows\System32\bioapi_mds300.dll - ok
17:41:42.0230 6992 [ 15B30F15BD13640B337A0FC37BD48CDE ] C:\Windows\System32\wow64.dll
17:41:42.0231 6992 C:\Windows\System32\wow64.dll - ok
17:41:42.0277 6992 [ 57B020E4A597ED0A2185B805DB95A6E6 ] C:\Windows\System32\pbadrvdll.dll
17:41:42.0277 6992 C:\Windows\System32\pbadrvdll.dll - ok
17:41:42.0320 6992 [ 2970785A72054740E1A5DCEB32485486 ] C:\Windows\System32\wow64win.dll
17:41:42.0320 6992 C:\Windows\System32\wow64win.dll - ok
17:41:42.0353 6992 [ E4F98B9A2FC94B0C86C6FF77245C16AC ] C:\Windows\System32\bipdll.dll
17:41:42.0354 6992 C:\Windows\System32\bipdll.dll - ok
17:41:42.0398 6992 [ 98168B9B0656A01A321FF1BECB2C03E1 ] C:\Windows\System32\wow64cpu.dll
17:41:42.0398 6992 C:\Windows\System32\wow64cpu.dll - ok
17:41:42.0451 6992 [ D4F3176082566CEFA633B4945802D4C4 ] C:\Windows\SysWOW64\kernel32.dll
17:41:42.0452 6992 C:\Windows\SysWOW64\kernel32.dll - ok
17:41:42.0501 6992 [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
17:41:42.0502 6992 C:\Windows\System32\netcfgx.dll - ok
17:41:42.0551 6992 [ 0978C2B33BDD0A7E6C563AA337DC8BA0 ] C:\Windows\SysWOW64\KernelBase.dll
17:41:42.0551 6992 C:\Windows\SysWOW64\KernelBase.dll - ok
17:41:42.0594 6992 [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
17:41:42.0595 6992 C:\Windows\System32\dssenh.dll - ok
17:41:42.0626 6992 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
17:41:42.0626 6992 C:\Windows\SysWOW64\ws2_32.dll - ok
17:41:42.0671 6992 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
17:41:42.0672 6992 C:\Windows\SysWOW64\wsock32.dll - ok
17:41:42.0714 6992 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
17:41:42.0714 6992 C:\Windows\SysWOW64\msvcrt.dll - ok
17:41:42.0756 6992 [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
17:41:42.0757 6992 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:41:42.0816 6992 [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
17:41:42.0817 6992 C:\Windows\SysWOW64\sspicli.dll - ok
17:41:42.0878 6992 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
17:41:42.0879 6992 C:\Windows\SysWOW64\cryptbase.dll - ok
17:41:42.0936 6992 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
17:41:42.0936 6992 C:\Windows\SysWOW64\sechost.dll - ok
17:41:43.0004 6992 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
17:41:43.0004 6992 C:\Windows\SysWOW64\nsi.dll - ok
17:41:43.0068 6992 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
17:41:43.0069 6992 C:\Windows\SysWOW64\advapi32.dll - ok
17:41:43.0134 6992 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
17:41:43.0134 6992 C:\Windows\SysWOW64\shell32.dll - ok
17:41:43.0187 6992 [ 0E7045E24F78351E021D3C01566DBBA3 ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
17:41:43.0188 6992 C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
17:41:43.0261 6992 [ 49FE0307484720327CA6E55B55E09653 ] C:\Program Files\Intel\WiFi\bin\iWMSProv.dll
17:41:43.0262 6992 C:\Program Files\Intel\WiFi\bin\iWMSProv.dll - ok
17:41:43.0330 6992 [ 250CC5E6E5746673A5B5A1E89A9518EE ] C:\Program Files\Intel\WiFi\bin\IntStngs.dll
17:41:43.0331 6992 C:\Program Files\Intel\WiFi\bin\IntStngs.dll - ok
17:41:43.0379 6992 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
17:41:43.0379 6992 C:\Windows\SysWOW64\shlwapi.dll - ok
17:41:43.0409 6992 [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
17:41:43.0410 6992 C:\Windows\System32\wscapi.dll - ok
17:41:43.0456 6992 [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
17:41:43.0456 6992 C:\Windows\SysWOW64\gdi32.dll - ok
17:41:43.0499 6992 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
17:41:43.0500 6992 C:\Windows\SysWOW64\user32.dll - ok
17:41:43.0545 6992 [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
17:41:43.0545 6992 C:\Windows\SysWOW64\lpk.dll - ok
17:41:43.0599 6992 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
17:41:43.0599 6992 C:\Windows\SysWOW64\usp10.dll - ok
17:41:43.0655 6992 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
17:41:43.0655 6992 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
17:41:43.0692 6992 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
17:41:43.0692 6992 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
17:41:43.0738 6992 [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
17:41:43.0739 6992 C:\Windows\SysWOW64\imm32.dll - ok
17:41:43.0776 6992 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
17:41:43.0777 6992 C:\Windows\SysWOW64\msctf.dll - ok
17:41:43.0817 6992 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
17:41:43.0817 6992 C:\Windows\SysWOW64\ole32.dll - ok
17:41:43.0861 6992 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
17:41:43.0862 6992 C:\Windows\SysWOW64\userenv.dll - ok
17:41:43.0909 6992 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
17:41:43.0909 6992 C:\Windows\SysWOW64\profapi.dll - ok
17:41:43.0954 6992 [ AA1241F2DE06FBF4A42A7ECBDC342500 ] C:\Program Files\Wave Systems Corp\Authentication Manager\Authentec2.dll
17:41:43.0954 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\Authentec2.dll - ok
17:41:43.0989 6992 [ 02AEB84115C0F84DC8612E3162D78A6C ] C:\Program Files\Wave Systems Corp\Authentication Manager\Broadcom2.dll
17:41:43.0990 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\Broadcom2.dll - ok
17:41:44.0044 6992 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
17:41:44.0044 6992 C:\Windows\SysWOW64\setupapi.dll - ok
17:41:44.0096 6992 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\SysWOW64\tbs.dll
17:41:44.0097 6992 C:\Windows\SysWOW64\tbs.dll - ok
17:41:44.0150 6992 [ 51BD7A51B2F5EA6784040E0BE2EB75EA ] C:\Program Files\Wave Systems Corp\Authentication Manager\DPersona2.dll
17:41:44.0151 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\DPersona2.dll - ok
17:41:44.0199 6992 [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:41:44.0199 6992 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:41:44.0233 6992 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
17:41:44.0233 6992 C:\Windows\SysWOW64\oleaut32.dll - ok
17:41:44.0284 6992 [ 0B97E90848784DA5022D6441FDA0DFB4 ] C:\Program Files\Wave Systems Corp\Authentication Manager\Upek2.dll
17:41:44.0285 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\Upek2.dll - ok
17:41:44.0334 6992 [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
17:41:44.0335 6992 C:\Windows\SysWOW64\devobj.dll - ok
17:41:44.0382 6992 [ E75B15B2D6D2FE79A34CDE92573438C0 ] C:\Program Files\Wave Systems Corp\Authentication Manager\Validity2.dll
17:41:44.0382 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\Validity2.dll - ok
17:41:44.0427 6992 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
17:41:44.0427 6992 C:\Windows\SysWOW64\wintrust.dll - ok
17:41:44.0473 6992 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\SysWOW64\crypt32.dll
17:41:44.0473 6992 C:\Windows\SysWOW64\crypt32.dll - ok
17:41:44.0502 6992 [ 7290CF65C4B68216DBB9F7124B7479A6 ] C:\Program Files\Wave Systems Corp\Authentication Manager\AT8Plugin2.dll
17:41:44.0502 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\AT8Plugin2.dll - ok
17:41:44.0548 6992 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
17:41:44.0548 6992 C:\Windows\SysWOW64\msasn1.dll - ok
17:41:44.0595 6992 [ E023102D81300E4A0421ECD8A41A84E2 ] C:\Program Files\Wave Systems Corp\Authentication Manager\BSUpek.dll
17:41:44.0595 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\BSUpek.dll - ok
17:41:44.0642 6992 [ 8817032C2476C66B305750F542191DAF ] C:\Program Files\Wave Systems Corp\Authentication Manager\SCPlugin2.dll
17:41:44.0642 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\SCPlugin2.dll - ok
17:41:44.0690 6992 [ FAF4D882EB9A2FE11E9EE18D6AB3428D ] C:\Program Files\Wave Systems Corp\Authentication Manager\TPMPlugin2.dll
17:41:44.0691 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\TPMPlugin2.dll - ok
17:41:44.0734 6992 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
17:41:44.0735 6992 C:\Windows\SysWOW64\version.dll - ok
17:41:44.0761 6992 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
17:41:44.0761 6992 C:\Windows\SysWOW64\mswsock.dll - ok
17:41:44.0807 6992 [ 27ABA2872316B4EFC22CC53CA9AC22CD ] C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll
17:41:44.0808 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll - ok
17:41:44.0852 6992 [ 8C6740F641A1C3D56A1A396AEB0158E7 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:41:44.0852 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe - ok
17:41:44.0898 6992 [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
17:41:44.0899 6992 C:\Windows\System32\BFE.DLL - ok
17:41:44.0942 6992 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:41:44.0942 6992 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:41:44.0987 6992 [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
17:41:44.0987 6992 C:\Windows\System32\drivers\bowser.sys - ok
17:41:45.0036 6992 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
17:41:45.0036 6992 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:41:45.0079 6992 [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
17:41:45.0080 6992 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:41:45.0122 6992 [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
17:41:45.0123 6992 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:41:45.0167 6992 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
17:41:45.0168 6992 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:41:45.0215 6992 [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
17:41:45.0215 6992 C:\Windows\System32\wkssvc.dll - ok
17:41:45.0282 6992 [ ADB4348DA1345877B04E22203AFC8993 ] C:\Windows\System32\drivers\hcmon.sys
17:41:45.0283 6992 C:\Windows\System32\drivers\hcmon.sys - ok
17:41:45.0322 6992 [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
17:41:45.0323 6992 C:\Windows\System32\wfapigp.dll - ok
17:41:45.0368 6992 [ 840DD8AD9B1E26F82C598242369EA770 ] C:\Windows\System32\drivers\vmx86.sys
17:41:45.0368 6992 C:\Windows\System32\drivers\vmx86.sys - ok
17:41:45.0409 6992 [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
17:41:45.0409 6992 C:\Windows\System32\mscms.dll - ok
17:41:45.0453 6992 [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Program Files\IDT\WDM\AESTSr64.exe
17:41:45.0453 6992 C:\Program Files\IDT\WDM\AESTSr64.exe - ok
17:41:45.0495 6992 [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
17:41:45.0496 6992 C:\Windows\System32\pcasvc.dll - ok
17:41:45.0541 6992 [ 59D01FA91962C9C1E9B4022B2D3B46DB ] C:\Windows\System32\inetsrv\apphostsvc.dll
17:41:45.0541 6992 C:\Windows\System32\inetsrv\apphostsvc.dll - ok
17:41:45.0573 6992 [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
17:41:45.0574 6992 C:\Windows\System32\snmptrap.exe - ok
17:41:45.0622 6992 [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
17:41:45.0623 6992 C:\Windows\System32\bthserv.dll - ok
17:41:45.0671 6992 [ C99C5AD6E5412A8D37D40E780113D7B5 ] C:\Windows\System32\inetsrv\iisutil.dll
17:41:45.0671 6992 C:\Windows\System32\inetsrv\iisutil.dll - ok
17:41:45.0713 6992 [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
17:41:45.0714 6992 C:\Windows\System32\wbem\wbemprox.dll - ok
17:41:45.0759 6992 [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
17:41:45.0759 6992 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
17:41:45.0805 6992 [ 6DDE1E97BE4D50253DFB9090A6A62524 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
17:41:45.0806 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe - ok
17:41:45.0837 6992 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8 ] C:\Windows\System32\shfolder.dll
17:41:45.0837 6992 C:\Windows\System32\shfolder.dll - ok
17:41:45.0885 6992 [ A77EA0AF89B0147A9B38211E3096A2E0 ] C:\Windows\System32\inetsrv\nativerd.dll
17:41:45.0885 6992 C:\Windows\System32\inetsrv\nativerd.dll - ok
17:41:45.0929 6992 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
17:41:45.0930 6992 C:\Windows\System32\wbemcomn.dll - ok
17:41:45.0970 6992 [ B1A8D4A2974CA902148F0B0FC00D877E ] C:\Windows\System32\inetsrv\iisres.dll
17:41:45.0971 6992 C:\Windows\System32\inetsrv\iisres.dll - ok
17:41:46.0017 6992 [ 6061114558D3D1CBE66F2EF2AF148966 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll
17:41:46.0017 6992 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80.dll - ok
17:41:46.0061 6992 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
17:41:46.0061 6992 C:\Windows\System32\vssapi.dll - ok
17:41:46.0093 6992 [ 0A9432AD51E083A687A64D3E9C05031F ] C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll
17:41:46.0094 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btins.dll - ok
17:41:46.0136 6992 [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
17:41:46.0136 6992 C:\Windows\System32\hnetcfg.dll - ok
17:41:46.0184 6992 [ DFC3095A2149E457B509E9E139A1CDC9 ] C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe
17:41:46.0185 6992 C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe - ok
17:41:46.0230 6992 [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
17:41:46.0230 6992 C:\Windows\System32\mscoree.dll - ok
17:41:46.0275 6992 [ 2DEDC3CCFB72C054292CD94BA427A237 ] C:\Program Files\Zune\ZuneResources.dll
17:41:46.0275 6992 C:\Program Files\Zune\ZuneResources.dll - ok
17:41:46.0320 6992 [ DE6B73AA8A3F29CA02977D6CC938F685 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:41:46.0320 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:41:46.0356 6992 [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
17:41:46.0356 6992 C:\Windows\System32\vsstrace.dll - ok
17:41:46.0418 6992 [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
17:41:46.0418 6992 C:\Windows\System32\tapi32.dll - ok
17:41:46.0471 6992 [ 442235AC4F20B195F932990CAE47408E ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
17:41:46.0472 6992 C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
17:41:46.0516 6992 [ D6E86B82EBC0835D5998C1AC308FDBD2 ] C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll
17:41:46.0517 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btwprofpack.dll - ok
17:41:46.0561 6992 [ E6F57B2C3D2293C5864BBAD8A02CE4A1 ] C:\Windows\System32\bipbsp.dll
17:41:46.0561 6992 C:\Windows\System32\bipbsp.dll - ok
17:41:46.0588 6992 [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
17:41:46.0589 6992 C:\Windows\System32\imageres.dll - ok
17:41:46.0640 6992 [ AD6B6C89CC0A53338E000CC887610D71 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
17:41:46.0641 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
17:41:46.0683 6992 [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
17:41:46.0684 6992 C:\Windows\System32\mlang.dll - ok
17:41:46.0728 6992 [ 2EBCB5F356F3E34EAF17EC531828F482 ] C:\Windows\System32\SMCNative.dll
17:41:46.0728 6992 C:\Windows\System32\SMCNative.dll - ok
17:41:46.0773 6992 [ D6DA9DDCB8DEA5FD995D37BA346D84DC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
17:41:46.0773 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
17:41:46.0818 6992 [ ACA30B753EF16345AE2100E40603BF14 ] C:\Windows\System32\msvcr110_clr0400.dll
17:41:46.0819 6992 C:\Windows\System32\msvcr110_clr0400.dll - ok
17:41:46.0855 6992 [ 519CB7D7F697F4BA47DE05845C20F158 ] C:\Windows\System32\tlntsvr.exe
17:41:46.0855 6992 C:\Windows\System32\tlntsvr.exe - ok
17:41:46.0901 6992 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] C:\Windows\System32\drivers\bthport.sys
17:41:46.0901 6992 C:\Windows\System32\drivers\bthport.sys - ok
17:41:46.0950 6992 [ F188B7394D81010767B6DF3178519A37 ] C:\Windows\System32\drivers\BTHUSB.SYS
17:41:46.0950 6992 C:\Windows\System32\drivers\BTHUSB.SYS - ok
17:41:47.0006 6992 [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
17:41:47.0007 6992 C:\Windows\System32\PeerDistSh.dll - ok
17:41:47.0062 6992 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] C:\Windows\System32\drivers\vwifimp.sys
17:41:47.0062 6992 C:\Windows\System32\drivers\vwifimp.sys - ok
17:41:47.0111 6992 [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
17:41:47.0111 6992 C:\Windows\System32\provsvc.dll - ok
17:41:47.0149 6992 [ A5E85C5EA673D66ED378E66097FE181B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\9da5bb33cd1c34b7851c088f0cf749cc\mscorlib.ni.dll
17:41:47.0149 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\9da5bb33cd1c34b7851c088f0cf749cc\mscorlib.ni.dll - ok
17:41:47.0196 6992 [ 3DD798846E2C28102B922C56E71B7932 ] C:\Windows\System32\drivers\rfcomm.sys
17:41:47.0197 6992 C:\Windows\System32\drivers\rfcomm.sys - ok
17:41:47.0242 6992 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
17:41:47.0242 6992 C:\Windows\System32\sstpsvc.dll - ok
17:41:47.0283 6992 [ CF98190A94F62E405C8CB255018B2315 ] C:\Windows\System32\drivers\bthenum.sys
17:41:47.0283 6992 C:\Windows\System32\drivers\bthenum.sys - ok
17:41:47.0328 6992 [ 02DD601B708DD0667E1331FA8518E9FF ] C:\Windows\System32\drivers\bthpan.sys
17:41:47.0329 6992 C:\Windows\System32\drivers\bthpan.sys - ok
17:41:47.0370 6992 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] C:\Windows\System32\drivers\bthmodem.sys
17:41:47.0370 6992 C:\Windows\System32\drivers\bthmodem.sys - ok
17:41:47.0401 6992 [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
17:41:47.0401 6992 C:\Windows\System32\drivers\modem.sys - ok
17:41:47.0443 6992 [ 82DC8B7C626E526681C1BEBED2BC3FF9 ] C:\Windows\System32\drivers\btwavdt.sys
17:41:47.0444 6992 C:\Windows\System32\drivers\btwavdt.sys - ok
17:41:47.0486 6992 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] C:\Windows\System32\drivers\hidbth.sys
17:41:47.0486 6992 C:\Windows\System32\drivers\hidbth.sys - ok
17:41:47.0539 6992 [ FBEBE2A6469EFB281EA143530A553F38 ] C:\Windows\System32\drivers\BTHPRINT.SYS
17:41:47.0540 6992 C:\Windows\System32\drivers\BTHPRINT.SYS - ok
17:41:47.0598 6992 [ 6BCFDC2B5B7F66D484486D4BD4B39A6B ] C:\Windows\System32\drivers\btwaudio.sys
17:41:47.0599 6992 C:\Windows\System32\drivers\btwaudio.sys - ok
17:41:47.0633 6992 [ 6149301DC3F81D6F9667A3FBAC410975 ] C:\Windows\System32\drivers\btwl2cap.sys
17:41:47.0633 6992 C:\Windows\System32\drivers\btwl2cap.sys - ok
17:41:47.0678 6992 [ 28E105AD3B79F440BF94780F507BF66A ] C:\Windows\System32\drivers\btwrchid.sys
17:41:47.0679 6992 C:\Windows\System32\drivers\btwrchid.sys - ok
17:41:47.0724 6992 [ B6552D382FF070B4ED34CBD6737277C0 ] C:\Windows\System32\drivers\LHidFilt.Sys
17:41:47.0725 6992 C:\Windows\System32\drivers\LHidFilt.Sys - ok
17:41:47.0769 6992 [ 73C1F563AB73D459DFFE682D66476558 ] C:\Windows\System32\drivers\LMouFilt.Sys
17:41:47.0769 6992 C:\Windows\System32\drivers\LMouFilt.Sys - ok
17:41:47.0813 6992 [ BB7E865599FA258C70DF8B1F70109F6F ] C:\Windows\System32\newdev.dll
17:41:47.0814 6992 C:\Windows\System32\newdev.dll - ok
17:41:47.0857 6992 [ BE7DFCC43C5A2C214B50165F933559A6 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
17:41:47.0858 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
17:41:47.0905 6992 [ B07E66E454A717777A792CAF87D808EB ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\d191674dfd2e0fb89abf108445359453\System.ni.dll
17:41:47.0906 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\d191674dfd2e0fb89abf108445359453\System.ni.dll - ok
17:41:47.0941 6992 [ 9AA7368B0B51395780610B832BCE1B13 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\8f65ac5915e767d3186b913c4ecaf5ed\System.ServiceProcess.ni.dll
17:41:47.0941 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\8f65ac5915e767d3186b913c4ecaf5ed\System.ServiceProcess.ni.dll - ok
17:41:47.0989 6992 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] C:\Windows\System32\cryptsvc.dll
17:41:47.0989 6992 C:\Windows\System32\cryptsvc.dll - ok
17:41:48.0030 6992 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
17:41:48.0030 6992 C:\Windows\System32\dps.dll - ok
17:41:48.0073 6992 [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
17:41:48.0073 6992 C:\Windows\System32\FDResPub.dll - ok
17:41:48.0113 6992 [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
17:41:48.0114 6992 C:\Windows\System32\efssvc.dll - ok
17:41:48.0158 6992 [ 7F8E83B9466A0A002D4AB15C104062A7 ] C:\Windows\System32\efscore.dll
17:41:48.0159 6992 C:\Windows\System32\efscore.dll - ok
17:41:48.0204 6992 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
17:41:48.0204 6992 C:\Windows\System32\taskschd.dll - ok
17:41:48.0244 6992 [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
17:41:48.0245 6992 C:\Windows\System32\WSDApi.dll - ok
17:41:48.0287 6992 [ 8792BAB371B4B1589E015B6FD1ED3B15 ] C:\Windows\System32\cryptnet.dll
17:41:48.0287 6992 C:\Windows\System32\cryptnet.dll - ok
17:41:48.0329 6992 [ 58283053C781AD3A579C95D7765C1FA0 ] C:\Windows\System32\efsutil.dll
17:41:48.0329 6992 C:\Windows\System32\efsutil.dll - ok
17:41:48.0371 6992 [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
17:41:48.0371 6992 C:\Windows\System32\esent.dll - ok
17:41:48.0413 6992 [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
17:41:48.0414 6992 C:\Windows\System32\webservices.dll - ok
17:41:48.0441 6992 [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
17:41:48.0441 6992 C:\Windows\System32\wdi.dll - ok
17:41:48.0483 6992 [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
17:41:48.0483 6992 C:\Windows\System32\fundisc.dll - ok
17:41:48.0524 6992 [ D225864F6FD96575A303A20BD42383ED ] C:\Windows\System32\inetsrv\ftpsvc.dll
17:41:48.0524 6992 C:\Windows\System32\inetsrv\ftpsvc.dll - ok
17:41:48.0565 6992 [ E90DA42B87D684DEBFB73B38A718A006 ] C:\ProgramData\DatacardService\HWDeviceService64.exe
17:41:48.0566 6992 C:\ProgramData\DatacardService\HWDeviceService64.exe - ok
17:41:48.0608 6992 [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
17:41:48.0609 6992 C:\Windows\System32\NapiNSP.dll - ok
17:41:48.0657 6992 [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
17:41:48.0657 6992 C:\Windows\System32\pnrpnsp.dll - ok
17:41:48.0704 6992 [ 748849C42DEA24C723048E24BCA1BD55 ] C:\Windows\System32\wshbth.dll
17:41:48.0704 6992 C:\Windows\System32\wshbth.dll - ok
17:41:48.0753 6992 [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
17:41:48.0753 6992 C:\Windows\System32\winrnr.dll - ok
17:41:48.0803 6992 [ AFB5B500AD69E24ED1BC15D1161641EF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:41:48.0804 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:41:48.0853 6992 [ 511A4F945A35135E9440393E46834D05 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\8ae856324ba290331c8d1442b3321a22\System.Core.ni.dll
17:41:48.0853 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\8ae856324ba290331c8d1442b3321a22\System.Core.ni.dll - ok
17:41:48.0905 6992 [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
17:41:48.0906 6992 C:\Windows\System32\rasadhlp.dll - ok
17:41:48.0949 6992 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
17:41:48.0950 6992 C:\Windows\System32\httpapi.dll - ok
17:41:48.0988 6992 [ AB55B8A9B13130F638546881CE4425F8 ] C:\Windows\System32\inetsrv\inetinfo.exe
17:41:48.0988 6992 C:\Windows\System32\inetsrv\inetinfo.exe - ok
17:41:49.0038 6992 [ 89273F3971C98AD42929DEA4785D8289 ] C:\Windows\System32\inetsrv\rpcref.dll
17:41:49.0039 6992 C:\Windows\System32\inetsrv\rpcref.dll - ok
17:41:49.0081 6992 [ 54CB2D6909E6CCDC3177E1D2B68D7610 ] C:\Windows\System32\iisRtl.dll
17:41:49.0081 6992 C:\Windows\System32\iisRtl.dll - ok
17:41:49.0125 6992 [ 39C12223C665E8407563B61629DE13B0 ] C:\Windows\System32\inetsrv\iisadmin.dll
17:41:49.0125 6992 C:\Windows\System32\inetsrv\iisadmin.dll - ok
17:41:49.0176 6992 [ B0F062A952DA37DA2ED5DFE40F57E9E8 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
17:41:49.0176 6992 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE - ok
17:41:49.0221 6992 [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
17:41:49.0221 6992 C:\Windows\System32\IKEEXT.DLL - ok
17:41:49.0247 6992 [ 922605664B97C050370AC19AB923D6BD ] C:\Windows\System32\inetsrv\coadmin.dll
17:41:49.0247 6992 C:\Windows\System32\inetsrv\coadmin.dll - ok
17:41:49.0296 6992 [ EDC5E337D2CCD95150E89AD9E777778F ] C:\Windows\System32\admwprox.dll
17:41:49.0297 6992 C:\Windows\System32\admwprox.dll - ok
17:41:49.0340 6992 [ DE5F830C97B791258179D784907D0192 ] C:\Windows\System32\inetsrv\iiscfg.dll
17:41:49.0340 6992 C:\Windows\System32\inetsrv\iiscfg.dll - ok
17:41:49.0382 6992 [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
17:41:49.0383 6992 C:\Windows\System32\vpnikeapi.dll - ok
17:41:49.0423 6992 [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
17:41:49.0424 6992 C:\Windows\System32\SensApi.dll - ok
17:41:49.0466 6992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL
17:41:49.0466 6992 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\SQMAPI.DLL - ok
17:41:49.0506 6992 [ F241C6AA7FA86C46E249C6C1ECF28B8A ] C:\Windows\System32\inetsrv\abocomp.dll
17:41:49.0507 6992 C:\Windows\System32\inetsrv\abocomp.dll - ok
17:41:49.0535 6992 [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
17:41:49.0535 6992 C:\Windows\System32\ntdsapi.dll - ok
17:41:49.0577 6992 [ 9576E890099A08BFADB8612B96FA8A13 ] C:\Windows\System32\inetsrv\metadata.dll
17:41:49.0578 6992 C:\Windows\System32\inetsrv\metadata.dll - ok
17:41:49.0622 6992 [ DAE64707C76A1A905300D0C0C9C50FFE ] C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll
17:41:49.0623 6992 C:\ProgramData\Microsoft\MSOIdentityCRL\production\msoidconfig.dll - ok
17:41:49.0672 6992 [ 71F4B1F196933367EB8C085BDF82138B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\b6c60909860ace07b6b6617c71d089ff\System.ServiceModel.ni.dll
17:41:49.0672 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\b6c60909860ace07b6b6617c71d089ff\System.ServiceModel.ni.dll - ok
17:41:49.0715 6992 [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
17:41:49.0716 6992 C:\Windows\System32\msxml3.dll - ok
17:41:49.0759 6992 [ 00000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlservr.exe
17:41:49.0760 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlservr.exe - ok
17:41:49.0791 6992 [ C87E88165D5ACBFAE7DF08BB4DF212EF ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlos.dll
17:41:49.0792 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlos.dll - ok
17:41:49.0856 6992 [ BDB13E8D4EAAE0AC11AA10BA28432CCA ] C:\Program Files\Wave Systems Corp\Common\CryptoManager.dll
17:41:49.0856 6992 C:\Program Files\Wave Systems Corp\Common\CryptoManager.dll - ok
17:41:49.0910 6992 [ CF6850A72BEB4845A3BFFB3F5E8014B2 ] C:\Windows\System32\pdh.dll
17:41:49.0910 6992 C:\Windows\System32\pdh.dll - ok
17:41:49.0956 6992 [ 759B3E957B35C2426B81B81FF62E9AB7 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\opends60.dll
17:41:49.0956 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\opends60.dll - ok
17:41:50.0011 6992 [ 5DB8C6309F08E991A081B6CE89365624 ] C:\Windows\System32\wclient14.dll
17:41:50.0012 6992 C:\Windows\System32\wclient14.dll - ok
17:41:50.0070 6992 [ 83398851164292684C34F7FC9A236C2D ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\batchparser.dll
17:41:50.0070 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\batchparser.dll - ok
17:41:50.0118 6992 [ 2F39A138DAC71FE92DD3B95E480658F2 ] C:\Windows\System32\tcg15.dll
17:41:50.0119 6992 C:\Windows\System32\tcg15.dll - ok
17:41:50.0168 6992 [ 951BBE94F0B241EA9BC4E86A6B42AF19 ] C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\Tsp1_x64.dll
17:41:50.0169 6992 C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\Tsp1_x64.dll - ok
17:41:50.0222 6992 [ 50235F34194CFDBEFCE2239B82E44E4A ] C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE
17:41:50.0223 6992 C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVCM.EXE - ok
17:41:50.0271 6992 [ A3A1891CDDBDEFC48CEC620832C4A1BC ] C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
17:41:50.0271 6992 C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll - ok
17:41:50.0306 6992 [ 8C2A1272A5DA0BB88623DC0E64905C5C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\3dd1bdef318925394a5f51fb254b7004\System.Configuration.ni.dll
17:41:50.0307 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\3dd1bdef318925394a5f51fb254b7004\System.Configuration.ni.dll - ok
17:41:50.0354 6992 [ E69AC84672B5F7947ADB1A78B4C259CC ] C:\Windows\System32\inetsrv\wamreg.dll
17:41:50.0355 6992 C:\Windows\System32\inetsrv\wamreg.dll - ok
17:41:50.0404 6992 [ AF1FD0AF88380A680AFDC96A5C69D396 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\7ce23442406c8bff478964ae214251b5\SMDiagnostics.ni.dll
17:41:50.0405 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\7ce23442406c8bff478964ae214251b5\SMDiagnostics.ni.dll - ok
17:41:50.0453 6992 [ F6F604CECBDD2E5F01FF0A6841F0F014 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\7a54d4ebaa554c877a48c06148506a0e\System.Xml.ni.dll
17:41:50.0453 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\7a54d4ebaa554c877a48c06148506a0e\System.Xml.ni.dll - ok
17:41:50.0503 6992 [ 1E11EE6EBA9876A9FFAFBB4499209EE8 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll
17:41:50.0504 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\nlssorting.dll - ok
17:41:50.0546 6992 [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
17:41:50.0546 6992 C:\Windows\System32\drprov.dll - ok
17:41:50.0576 6992 [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
17:41:50.0576 6992 C:\Windows\System32\ntlanman.dll - ok
17:41:50.0623 6992 [ C4C5D29C4F67693FFE9AEF033565EB6A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\ca7c2fd7257e0452df4a39ec969e8913\System.ServiceModel.Internals.ni.dll
17:41:50.0623 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\ca7c2fd7257e0452df4a39ec969e8913\System.ServiceModel.Internals.ni.dll - ok
17:41:50.0667 6992 [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
17:41:50.0667 6992 C:\Windows\System32\davclnt.dll - ok
17:41:50.0708 6992 [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
17:41:50.0708 6992 C:\Windows\System32\davhlpr.dll - ok
17:41:50.0749 6992 [ B0091CD01B70B1DDE643F763A86224D0 ] C:\Windows\System32\TdmNetworkProvider.dll
17:41:50.0749 6992 C:\Windows\System32\TdmNetworkProvider.dll - ok
17:41:50.0795 6992 [ B1FDCFFF7609E121C10751A669AB1611 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
17:41:50.0795 6992 C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
17:41:50.0841 6992 [ 9831B1FAB7776D5DA41112851195E1F6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\29ffe930d3112e330be0c61b4f83bf5a\System.Runtime.Serialization.ni.dll
17:41:50.0842 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\29ffe930d3112e330be0c61b4f83bf5a\System.Runtime.Serialization.ni.dll - ok
17:41:50.0878 6992 [ F69E34081DE9F92B8329DA17B9CB1607 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\7b2df4768784cae3f8714f1ececbe25a\System.IdentityModel.ni.dll
17:41:50.0879 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\7b2df4768784cae3f8714f1ececbe25a\System.IdentityModel.ni.dll - ok
17:41:50.0930 6992 [ 5E636CF2E37A3B2B019DA2FE5FDEF283 ] C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll
17:41:50.0931 6992 C:\Program Files\Microsoft SQL Server\100\Shared\instapi10.dll - ok
17:41:51.0009 6992 [ 6AE4D6AE475B1ABBFA33CB0B17BEF0F6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\89678d19935c197c817553e6e7413e5b\System.Transactions.ni.dll
17:41:51.0009 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\89678d19935c197c817553e6e7413e5b\System.Transactions.ni.dll - ok
17:41:51.0124 6992 [ 00000000000000000000000000000000 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
17:41:51.0125 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe - ok
17:41:51.0190 6992 [ DFE21A1B212FF6B7C3384D536581661B ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
17:41:51.0190 6992 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
17:41:51.0242 6992 [ DB6D118B6E12C8B56D7A7707283763C8 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlboot.dll
17:41:51.0243 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlboot.dll - ok
17:41:51.0292 6992 [ DA91D1C0A279A9B3C17FF671A6B182FA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlos.dll
17:41:51.0292 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlos.dll - ok
17:41:51.0345 6992 [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
17:41:51.0346 6992 C:\Windows\System32\cscapi.dll - ok
17:41:51.0398 6992 [ 78FB3F169BC7BEA4884CA9B5025A68C8 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\opends60.dll
17:41:51.0399 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\opends60.dll - ok
17:41:51.0444 6992 [ 5A5192A25B64BA520EC1AAFFC67B338D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\batchparser.dll
17:41:51.0444 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\batchparser.dll - ok
17:41:51.0505 6992 [ 6C3CAD1816F6DEB7EFBFE73866657F13 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\Resources\1033\sqlevn70.rll
17:41:51.0506 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
17:41:51.0549 6992 [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
17:41:51.0550 6992 C:\Windows\System32\dllhost.exe - ok
17:41:51.0591 6992 [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
17:41:51.0591 6992 C:\Windows\System32\IDStore.dll - ok
17:41:51.0632 6992 [ 5E36F8E4034A4B148CBA14EB535C47CA ] C:\Windows\System32\KBDRU.DLL
17:41:51.0633 6992 C:\Windows\System32\KBDRU.DLL - ok
17:41:51.0674 6992 [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
17:41:51.0674 6992 C:\Windows\System32\taskhost.exe - ok
17:41:51.0702 6992 [ 579028EA99B938F007D0F2B6EA459646 ] C:\Windows\System32\KBDEST.DLL
17:41:51.0702 6992 C:\Windows\System32\KBDEST.DLL - ok
17:41:51.0743 6992 [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
17:41:51.0743 6992 C:\Windows\System32\PlaySndSrv.dll - ok
17:41:51.0785 6992 [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
17:41:51.0785 6992 C:\Windows\System32\taskeng.exe - ok
17:41:51.0825 6992 [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
17:41:51.0826 6992 C:\Windows\System32\HotStartUserAgent.dll - ok
17:41:51.0866 6992 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
17:41:51.0866 6992 C:\Windows\System32\localspl.dll - ok
17:41:51.0910 6992 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
17:41:51.0910 6992 C:\Windows\System32\MsCtfMonitor.dll - ok
17:41:51.0940 6992 [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
17:41:51.0940 6992 C:\Windows\System32\msutb.dll - ok
17:41:51.0995 6992 [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
17:41:51.0995 6992 C:\Windows\System32\TSChannel.dll - ok
17:41:52.0037 6992 [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
17:41:52.0037 6992 C:\Windows\System32\spoolss.dll - ok
17:41:52.0080 6992 [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
17:41:52.0081 6992 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:41:52.0123 6992 [ 1B7DE44565C9AB33A302916686DCA078 ] C:\Windows\System32\CNCALAK.DLL
17:41:52.0124 6992 C:\Windows\System32\CNCALAK.DLL - ok
17:41:52.0179 6992 [ C10D68BC01F31E8FF7B24F8B863EF94D ] C:\Windows\System32\CNMLMAK.DLL
17:41:52.0180 6992 C:\Windows\System32\CNMLMAK.DLL - ok
17:41:52.0224 6992 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:52.0224 6992 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
17:41:52.0292 6992 [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
17:41:52.0292 6992 C:\Windows\System32\FXSMON.dll - ok
17:41:52.0339 6992 [ 06C364E9A8E3AD34897D2B49CAA9D100 ] C:\Windows\System32\HPZ3LLHN.DLL
17:41:52.0340 6992 C:\Windows\System32\HPZ3LLHN.DLL - ok
17:41:52.0383 6992 [ C5E82BCFD577AF98F3A7937A69A338B9 ] C:\Windows\System32\HPZ3LWN7.DLL
17:41:52.0383 6992 C:\Windows\System32\HPZ3LWN7.DLL - ok
17:41:52.0439 6992 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll
17:41:52.0439 6992 C:\Program Files (x86)\Google\Update\1.3.21.123\goopdate.dll - ok
17:41:52.0482 6992 [ AB89D70762C6A5E4803EDA057622EB98 ] C:\Windows\System32\pdfcmon.dll
17:41:52.0483 6992 C:\Windows\System32\pdfcmon.dll - ok
17:41:52.0513 6992 [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
17:41:52.0513 6992 C:\Windows\System32\tcpmon.dll - ok
17:41:52.0557 6992 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:41:52.0557 6992 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:41:52.0599 6992 [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
17:41:52.0600 6992 C:\Windows\System32\snmpapi.dll - ok
17:41:52.0642 6992 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
17:41:52.0643 6992 C:\Windows\SysWOW64\winnsi.dll - ok
17:41:52.0682 6992 [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
17:41:52.0682 6992 C:\Windows\System32\wsnmp32.dll - ok
17:41:52.0731 6992 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
17:41:52.0731 6992 C:\Windows\SysWOW64\netapi32.dll - ok
17:41:52.0750 6992 [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
17:41:52.0751 6992 C:\Windows\System32\usbmon.dll - ok
17:41:52.0795 6992 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
17:41:52.0796 6992 C:\Windows\SysWOW64\netutils.dll - ok
17:41:52.0842 6992 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
17:41:52.0842 6992 C:\Windows\SysWOW64\srvcli.dll - ok
17:41:52.0883 6992 [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
17:41:52.0884 6992 C:\Windows\System32\WSDMon.dll - ok
17:41:52.0925 6992 [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
17:41:52.0926 6992 C:\Windows\System32\fdPnp.dll - ok
17:41:52.0967 6992 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
17:41:52.0967 6992 C:\Windows\SysWOW64\wkscli.dll - ok
17:41:53.0014 6992 [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:41:53.0015 6992 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:41:53.0050 6992 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:41:53.0051 6992 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:41:53.0097 6992 [ 082EC606B2B95CB922AD3331E73A738F ] C:\Windows\System32\spool\prtprocs\x64\CNMPDAK.DLL
17:41:53.0098 6992 C:\Windows\System32\spool\prtprocs\x64\CNMPDAK.DLL - ok
17:41:53.0141 6992 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
17:41:53.0142 6992 C:\Windows\SysWOW64\imagehlp.dll - ok
17:41:53.0187 6992 [ C30A50449EA4B611484A5F1F1F016774 ] C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL
17:41:53.0188 6992 C:\Windows\System32\spool\prtprocs\x64\HPZPPLHN.DLL - ok
17:41:53.0231 6992 [ 8F1C949FD695C83C4E30C3BFC004C81F ] C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL
17:41:53.0231 6992 C:\Windows\System32\spool\prtprocs\x64\HPZPPWN7.DLL - ok
17:41:53.0273 6992 [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
17:41:53.0273 6992 C:\Windows\SysWOW64\msi.dll - ok
17:41:53.0305 6992 [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
17:41:53.0306 6992 C:\Windows\System32\win32spl.dll - ok
17:41:53.0357 6992 [ 928164E107631F00310533E27AC0043A ] C:\Program Files\Core Temp\Core Temp.exe
17:41:53.0358 6992 C:\Program Files\Core Temp\Core Temp.exe - ok
17:41:53.0419 6992 [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
17:41:53.0420 6992 C:\Windows\System32\inetpp.dll - ok
17:41:53.0469 6992 [ 7FA3A810F383588D46220967DE8B64FF ] C:\Windows\SysWOW64\wininet.dll
17:41:53.0470 6992 C:\Windows\SysWOW64\wininet.dll - ok
17:41:53.0510 6992 [ 780E80E5502015EDAEC91DC0A0C96A79 ] C:\Windows\SysWOW64\iertutil.dll
17:41:53.0511 6992 C:\Windows\SysWOW64\iertutil.dll - ok
17:41:53.0538 6992 [ 4266A3230981DD4434C55957F6DD497D ] C:\Windows\SysWOW64\urlmon.dll
17:41:53.0538 6992 C:\Windows\SysWOW64\urlmon.dll - ok
17:41:53.0584 6992 [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
17:41:53.0585 6992 C:\Windows\System32\AtBroker.exe - ok
17:41:53.0627 6992 [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
17:41:53.0627 6992 C:\Windows\System32\userinit.exe - ok
17:41:53.0669 6992 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
17:41:53.0669 6992 C:\Windows\SysWOW64\cscapi.dll - ok
17:41:53.0708 6992 [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
17:41:53.0709 6992 C:\Windows\System32\dwm.exe - ok
17:41:53.0751 6992 [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
17:41:53.0751 6992 C:\Windows\System32\dwmredir.dll - ok
17:41:53.0793 6992 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
17:41:53.0794 6992 C:\Windows\SysWOW64\ntmarta.dll - ok
17:41:53.0823 6992 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
17:41:53.0823 6992 C:\Windows\SysWOW64\Wldap32.dll - ok
17:41:53.0866 6992 [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
17:41:53.0866 6992 C:\Windows\System32\dwmcore.dll - ok
17:41:53.0906 6992 [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
17:41:53.0906 6992 C:\Windows\explorer.exe - ok
17:41:53.0950 6992 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
17:41:53.0951 6992 C:\Windows\SysWOW64\dbghelp.dll - ok
17:41:53.0995 6992 [ E1374D37477322D4956604711008C69D ] C:\Windows\System32\d3d10_1.dll
17:41:53.0995 6992 C:\Windows\System32\d3d10_1.dll - ok
17:41:54.0039 6992 [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
17:41:54.0039 6992 C:\Windows\System32\d3d10_1core.dll - ok
17:41:54.0071 6992 [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
17:41:54.0071 6992 C:\Windows\System32\dxgi.dll - ok
17:41:54.0116 6992 [ 0E1ED5514E7AE03F98B7B434B3E7BE79 ] C:\Windows\System32\aticfx64.dll
17:41:54.0117 6992 C:\Windows\System32\aticfx64.dll - ok
17:41:54.0159 6992 [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
17:41:54.0160 6992 C:\Windows\System32\ExplorerFrame.dll - ok
17:41:54.0205 6992 [ 1690642B98BE1C11729700984719A348 ] C:\Windows\System32\spool\drivers\x64\3\CNCARAK.DLL
17:41:54.0206 6992 C:\Windows\System32\spool\drivers\x64\3\CNCARAK.DLL - ok
17:41:54.0257 6992 [ B0301D51CBCFE8762D98BA5F93CAC1FE ] C:\Windows\System32\atiuxp64.dll
17:41:54.0258 6992 C:\Windows\System32\atiuxp64.dll - ok
17:41:54.0301 6992 [ 349AB4F70E2AC44970894E7F03E1576E ] C:\ProgramData\DatacardService\DCSHelper.exe
17:41:54.0301 6992 C:\ProgramData\DatacardService\DCSHelper.exe - ok
17:41:54.0329 6992 [ 9494DD9539BCF221A9F34704671FEC8C ] C:\Windows\System32\atidxx64.dll
17:41:54.0330 6992 C:\Windows\System32\atidxx64.dll - ok
17:41:54.0372 6992 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
17:41:54.0372 6992 C:\Windows\SysWOW64\apphelp.dll - ok
17:41:54.0416 6992 [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
17:41:54.0417 6992 C:\Windows\System32\ntprint.dll - ok
17:41:54.0477 6992 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe
17:41:54.0478 6992 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
17:41:54.0523 6992 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
17:41:54.0523 6992 C:\Windows\SysWOW64\winspool.drv - ok
17:41:54.0579 6992 [ 41938F2C1642459CBBA691B5DBD6395A ] C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
17:41:54.0580 6992 C:\Program Files (x86)\Google\Update\1.3.21.123\GoogleCrashHandler64.exe - ok
17:41:54.0615 6992 [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
17:41:54.0616 6992 C:\Windows\SysWOW64\clbcatq.dll - ok
17:41:54.0657 6992 [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
17:41:54.0657 6992 C:\Windows\SysWOW64\uxtheme.dll - ok
17:41:54.0703 6992 [ 7B18A5CE7FE9FC43FDCC55161996262D ] C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
17:41:54.0704 6992 C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll - ok
17:41:54.0747 6992 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
17:41:54.0747 6992 C:\Windows\SysWOW64\mstask.dll - ok
17:41:54.0789 6992 [ 5F88F9362DF6E0F4A6F181C5E13D5C35 ] C:\Program Files\TortoiseHg\ThgShellx64.dll
17:41:54.0789 6992 C:\Program Files\TortoiseHg\ThgShellx64.dll - ok
17:41:54.0832 6992 [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
17:41:54.0832 6992 C:\Windows\System32\dbghelp.dll - ok
17:41:54.0880 6992 [ A006A093FFCF5F76E1E68FF3364C296D ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
17:41:54.0881 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll - ok
17:41:54.0927 6992 [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
17:41:54.0928 6992 C:\Windows\System32\EhStorShell.dll - ok
17:41:54.0972 6992 [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
17:41:54.0972 6992 C:\Windows\System32\cscui.dll - ok
17:41:55.0022 6992 [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
17:41:55.0022 6992 C:\Windows\System32\cscdll.dll - ok
17:41:55.0076 6992 [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
17:41:55.0076 6992 C:\Windows\System32\uDWM.dll - ok
17:41:55.0123 6992 [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
17:41:55.0124 6992 C:\Windows\System32\ntshrui.dll - ok
17:41:55.0156 6992 [ E8B9164DA7701C1E595647C3A3AFA766 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:55.0156 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe - ok
17:41:55.0202 6992 [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
17:41:55.0203 6992 C:\Windows\System32\IconCodecService.dll - ok
17:41:55.0248 6992 [ 0BD9FDDCF8E1771145F23F7EAF064007 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlboot.dll
17:41:55.0249 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlboot.dll - ok
17:41:55.0295 6992 [ 8FD1B907C9C9A56FD8E15C8962C302C6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\32eed9660b18f9d4b7564e03231639b6\SMSvcHost.ni.exe
17:41:55.0296 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\32eed9660b18f9d4b7564e03231639b6\SMSvcHost.ni.exe - ok
17:41:55.0342 6992 [ 48DD8668D6820114B243EDEA1090DE8A ] C:\Windows\System32\d3d10sdklayers.dll
17:41:55.0342 6992 C:\Windows\System32\d3d10sdklayers.dll - ok
17:41:55.0383 6992 [ 6BB2B300DCB68ACD5E1857F91214244E ] C:\Windows\System32\dxgidebug.dll
17:41:55.0383 6992 C:\Windows\System32\dxgidebug.dll - ok
17:41:55.0411 6992 [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
17:41:55.0412 6992 C:\Windows\System32\aepic.dll - ok
17:41:55.0454 6992 [ A7D60E03B5680B834218794A4F234F1B ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll
17:41:55.0454 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
17:41:55.0498 6992 [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
17:41:55.0498 6992 C:\Windows\System32\drivers\PEAuth.sys - ok
17:41:55.0544 6992 [ A6BAEA839CC888D4961AB5FE16BB8C4A ] C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:41:55.0544 6992 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe - ok
17:41:55.0587 6992 [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
17:41:55.0587 6992 C:\Windows\System32\browcli.dll - ok
17:41:55.0647 6992 [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
17:41:55.0647 6992 C:\Windows\System32\aeevts.dll - ok
17:41:55.0705 6992 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
17:41:55.0706 6992 C:\Windows\System32\drivers\secdrv.sys - ok
17:41:55.0761 6992 [ 2CECCD66E857CF3DED554A35B26250E8 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\c74360836c6e9805315d882bd0786f82\System.Xaml.ni.dll
17:41:55.0762 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\c74360836c6e9805315d882bd0786f82\System.Xaml.ni.dll - ok
17:41:55.0810 6992 [ 183F04C6742902F33039913A96F5B574 ] C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:41:55.0810 6992 C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe - ok
17:41:55.0851 6992 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
17:41:55.0852 6992 C:\Windows\SysWOW64\winhttp.dll - ok
17:41:55.0893 6992 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
17:41:55.0893 6992 C:\Windows\SysWOW64\webio.dll - ok
17:41:55.0922 6992 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
17:41:55.0922 6992 C:\Windows\SysWOW64\cryptsp.dll - ok
17:41:55.0972 6992 [ C2C31A80DCA545201BBDDB6454D0B370 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\WSSADMIN.EXE
17:41:55.0972 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\WSSADMIN.EXE - ok
17:41:56.0020 6992 [ 02CD5B2C3B017122CAC00BDB520CD7AC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
17:41:56.0021 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
17:41:56.0076 6992 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
17:41:56.0077 6992 C:\Windows\SysWOW64\rsaenh.dll - ok
17:41:56.0128 6992 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:41:56.0129 6992 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:41:56.0176 6992 [ 01AEA2F16FE0C522DDFD7FAFFC959C6A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll
17:41:56.0176 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\74a5f0c2bc0d0e6e3c4ec4886b9be891\mscorlib.ni.dll - ok
17:41:56.0213 6992 [ 0A94DE4AA9864D312E60D747FD249ABE ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll
17:41:56.0213 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsec.dll - ok
17:41:56.0257 6992 [ 850BD2D2D9CB5894935C3B6333CAD6FD ] C:\Windows\System32\riched20.dll
17:41:56.0257 6992 C:\Windows\System32\riched20.dll - ok
17:41:56.0298 6992 [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
17:41:56.0299 6992 C:\Windows\System32\security.dll - ok
17:41:56.0340 6992 [ 8BE887F1743FBB39ED2C9CA2937742D6 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll
17:41:56.0340 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\f3888a2c7b096d416ca0cfc5405219b4\System.ni.dll - ok
17:41:56.0388 6992 [ 020C2F610BE801B9B50AF1BFF4A5B24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll
17:41:56.0388 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\c9866f6c2cae33d2c38ab32da622a167\System.ServiceProcess.ni.dll - ok
17:41:56.0436 6992 [ 3ABB7ADB9CCBCD24D6C55201A3842A94 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
17:41:56.0437 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
17:41:56.0470 6992 [ 2035FD7E2808B5E2AD95C13C21144A23 ] C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlscriptupgrade.dll
17:41:56.0471 6992 C:\Program Files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlscriptupgrade.dll - ok
17:41:56.0516 6992 [ 2F48D1FCB85C7F54686B0CD82286E1AA ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\3ec5badce9d058166da868ed2cc29783\System.Runtime.Remoting.ni.dll
17:41:56.0516 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\3ec5badce9d058166da868ed2cc29783\System.Runtime.Remoting.ni.dll - ok
17:41:56.0564 6992 [ C9D224FD2CC5CD28AD2AF9064D296CD6 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\OWSTIMER.EXE
17:41:56.0564 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\OWSTIMER.EXE - ok
17:41:56.0612 6992 [ D233C7FEAE3FAA25F93A9E6B46815ADC ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
17:41:56.0612 6992 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
17:41:56.0661 6992 [ D55CE57D4079C8B8953ECC8128FF8FC1 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\ONETUTIL.DLL
17:41:56.0661 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\ONETUTIL.DLL - ok
17:41:56.0706 6992 [ 08F94BF77CD27F3E3CA96E85C5F2CAF4 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\wsstracing.exe
17:41:56.0706 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\wsstracing.exe - ok
17:41:56.0737 6992 [ 241AF87821FDA0F5792037B779F49BE0 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
17:41:56.0737 6992 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
17:41:56.0793 6992 [ A07DC555C3C75C863EFCA2A89FB57BFF ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\onetnative.dll
17:41:56.0794 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\onetnative.dll - ok
17:41:56.0846 6992 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
17:41:56.0846 6992 C:\Windows\System32\wer.dll - ok
17:41:56.0906 6992 [ E6B0AEE869B0BFA267EC8380E521B08A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll
17:41:56.0907 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscriptupgrade.dll - ok
17:41:56.0960 6992 [ 9189914B7E6BE57C4CEEB8C387D4B63A ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCHostService.exe
17:41:56.0960 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCHostService.exe - ok
17:41:56.0992 6992 [ 08360AF9178A2436B6DD98815031DA56 ] C:\Program Files\Common Files\System\ado\msadox.dll
17:41:56.0992 6992 C:\Program Files\Common Files\System\ado\msadox.dll - ok
17:41:57.0045 6992 [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
17:41:57.0045 6992 C:\Windows\System32\p2pcollab.dll - ok
17:41:57.0083 6992 [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
17:41:57.0083 6992 C:\Windows\System32\QAGENTRT.DLL - ok
17:41:57.0130 6992 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
17:41:57.0130 6992 C:\Windows\System32\fveui.dll - ok
17:41:57.0186 6992 [ B439EFB7F218ED0849B4CC2D4A7FE1D3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll
17:41:57.0186 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\63ba654893f4fc924ff75cf785744150\System.Core.ni.dll - ok
17:41:57.0242 6992 [ E9254892A2D74E537BAD3092F0F8EE40 ] C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:41:57.0243 6992 C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
17:41:57.0270 6992 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
17:41:57.0271 6992 C:\Windows\SysWOW64\msvcr100.dll - ok
17:41:57.0314 6992 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
17:41:57.0314 6992 C:\Windows\SysWOW64\psapi.dll - ok
17:41:57.0360 6992 [ 00000000000000000000000000000000 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoint\a461531049e561bb0ba09fd4d0ce7789\Microsoft.SharePoint.ni.dll
17:41:57.0360 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoint\a461531049e561bb0ba09fd4d0ce7789\Microsoft.SharePoint.ni.dll - ok
17:41:57.0413 6992 [ F9EE4C23A7BDBBB94BBFFF3DA087B431 ] C:\Program Files (x86)\Microsoft SQL Server\110\Shared\instapi110.dll
17:41:57.0414 6992 C:\Program Files (x86)\Microsoft SQL Server\110\Shared\instapi110.dll - ok
17:41:57.0462 6992 [ EAD5300C93946B0250A309E2BF2BE4CF ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:41:57.0463 6992 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
17:41:57.0504 6992 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
17:41:57.0505 6992 C:\Windows\SysWOW64\wship6.dll - ok
17:41:57.0536 6992 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
17:41:57.0536 6992 C:\Windows\SysWOW64\wshqos.dll - ok
17:41:57.0579 6992 [ 366FD6F3A451351B5DF2D7C4ECF4C73A ] C:\Windows\System32\msvcr100.dll
17:41:57.0579 6992 C:\Windows\System32\msvcr100.dll - ok
17:41:57.0624 6992 [ C7ABA85E5E2B8894B5CDD566C3C1E243 ] C:\Program Files (x86)\Microsoft SQL Server\110\Shared\msmdredir.dll
17:41:57.0625 6992 C:\Program Files (x86)\Microsoft SQL Server\110\Shared\msmdredir.dll - ok
17:41:57.0669 6992 [ 42363182AB20C3248E37E5D274ADEEB1 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
17:41:57.0669 6992 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
17:41:57.0712 6992 [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
17:41:57.0712 6992 C:\Windows\System32\drivers\srvnet.sys - ok
17:41:57.0754 6992 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
17:41:57.0754 6992 C:\Windows\System32\wiaservc.dll - ok
17:41:57.0783 6992 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
17:41:57.0783 6992 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:41:57.0827 6992 [ D029339C0F59CF662094EDDF8C42B2B5 ] C:\Windows\System32\msvcp100.dll
17:41:57.0827 6992 C:\Windows\System32\msvcp100.dll - ok
17:41:57.0873 6992 [ C9E16467D50C0A64C5F5356CF5464064 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\53effcaddf64a39310480965c9e61b3b\System.Web.ni.dll
17:41:57.0873 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web\53effcaddf64a39310480965c9e61b3b\System.Web.ni.dll - ok
17:41:57.0920 6992 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
17:41:57.0920 6992 C:\Windows\System32\wiatrace.dll - ok
17:41:57.0977 6992 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe
17:41:57.0978 6992 C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe - ok
17:41:58.0032 6992 [ 4C1244FEF74C60A4B1B151C76609CBE2 ] C:\Windows\System32\wsdchngr.dll
17:41:58.0032 6992 C:\Windows\System32\wsdchngr.dll - ok
17:41:58.0078 6992 [ DBDA60D92E774B4ACB3B1CD71F909426 ] C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\mingwm10.dll
17:41:58.0078 6992 C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\mingwm10.dll - ok
17:41:58.0131 6992 [ C4B4409F186DA70FCF2BCC60D5F05489 ] C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\libgcc_s_dw2-1.dll
17:41:58.0132 6992 C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\libgcc_s_dw2-1.dll - ok
17:41:58.0183 6992 [ FB398D88FF38A97E069E9DFB44D84FC6 ] C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\QtCore4.dll
17:41:58.0183 6992 C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\QtCore4.dll - ok
17:41:58.0225 6992 [ AC3F5C50E94037619AC93D01BBF0CA27 ] C:\Windows\System32\CNC360C.dll
17:41:58.0225 6992 C:\Windows\System32\CNC360C.dll - ok
17:41:58.0273 6992 [ 5602B694FD7EE83899E876328350EADF ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\f043b807016bde27155a51f3631467c0\Microsoft.SharePoint.Library.ni.dll
17:41:58.0273 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\f043b807016bde27155a51f3631467c0\Microsoft.SharePoint.Library.ni.dll - ok
17:41:58.0303 6992 [ F325980A000E2FD05C3D9D0313F3A1BE ] C:\Windows\System32\CNC360L.dll
17:41:58.0304 6992 C:\Windows\System32\CNC360L.dll - ok
17:41:58.0348 6992 [ A58BC88BD84D6D2325CA2475F94AFA37 ] C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\QtNetwork4.dll
17:41:58.0349 6992 C:\Program Files (x86)\Tele2 Mobile Partner\UpdateDog\QtNetwork4.dll - ok
17:41:58.0390 6992 [ D61211C6242AE4D6C914CB62EE3D3473 ] C:\Windows\twain_32\MX360 series\SG_ENU.dll
17:41:58.0390 6992 C:\Windows\twain_32\MX360 series\SG_ENU.dll - ok
17:41:58.0434 6992 [ 493574E218AA18161D14EECFD572A0E8 ] C:\Windows\System32\CNHMCA6.dll
17:41:58.0434 6992 C:\Windows\System32\CNHMCA6.dll - ok
17:41:58.0477 6992 [ EE1213C83CA80FA59121A9B41D2A1282 ] C:\Program Files\Microsoft SQL Server\100\COM\iftsph.dll
17:41:58.0477 6992 C:\Program Files\Microsoft SQL Server\100\COM\iftsph.dll - ok
17:41:58.0525 6992 [ 216B29818A8358E89BDD096E6C422BCF ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\STSWEL.DLL
17:41:58.0525 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\STSWEL.DLL - ok
17:41:58.0570 6992 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
17:41:58.0570 6992 C:\Windows\SysWOW64\winmm.dll - ok
17:41:58.0601 6992 [ 93FD40DC39C59442DA31F97D1B89FEBC ] C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll
17:41:58.0601 6992 C:\Program Files (x86)\Common Files\System\Ole DB\xmlrw.dll - ok
17:41:58.0646 6992 [ 0FF093396E70ACFE320E7EF3271390A2 ] C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll
17:41:58.0646 6992 C:\Program Files (x86)\Common Files\System\Ole DB\xmlrwbin.dll - ok
17:41:58.0687 6992 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
17:41:58.0688 6992 C:\Windows\SysWOW64\security.dll - ok
17:41:58.0731 6992 [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
17:41:58.0732 6992 C:\Windows\SysWOW64\secur32.dll - ok
17:41:58.0771 6992 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
17:41:58.0771 6992 C:\Windows\SysWOW64\mlang.dll - ok
17:41:58.0812 6992 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
17:41:58.0812 6992 C:\Windows\SysWOW64\credssp.dll - ok
17:41:58.0839 6992 [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
17:41:58.0839 6992 C:\Windows\SysWOW64\msxml6.dll - ok
17:41:58.0885 6992 [ FA53944BB994114197F43DD2C02E05C0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ftimport.dll
17:41:58.0885 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ftimport.dll - ok
17:41:58.0932 6992 [ 5D2F22BCDB24AEB5AF82E8F7B4BA3F5E ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\msfte.dll
17:41:58.0933 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\msfte.dll - ok
17:41:58.0971 6992 [ CD2F4506973B235949F8E392D3CC880E ] C:\Program Files (x86)\Microsoft SQL Server\110\Shared\Resources\1033\msmdsrv.rll
17:41:58.0971 6992 C:\Program Files (x86)\Microsoft SQL Server\110\Shared\Resources\1033\msmdsrv.rll - ok
17:41:59.0030 6992 [ 971FFC32025DCA6D5A74C4FF3E86E687 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL
17:41:59.0031 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\DBGHELP.DLL - ok
17:41:59.0114 6992 [ 54F5882E1DA8DD5DB8506B720A8B0192 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\NaturalLanguage6.dll
17:41:59.0115 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\NaturalLanguage6.dll - ok
17:41:59.0157 6992 [ F5051ADA9AEF1FEEFBE06BB8EE227856 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ChsBrkr.dll
17:41:59.0157 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ChsBrkr.dll - ok
17:41:59.0228 6992 [ 85DA2B61B29D7650305369A8FC68B843 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\CHTBRKR.DLL
17:41:59.0228 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\CHTBRKR.DLL - ok
17:41:59.0278 6992 [ F8FE8D444E369A5AEB7CA697FAD06A67 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\a0a4d7b74968335a24a48b7273900398\Microsoft.SharePoint.Security.ni.dll
17:41:59.0278 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\a0a4d7b74968335a24a48b7273900398\Microsoft.SharePoint.Security.ni.dll - ok
17:41:59.0331 6992 [ 919A1B70A8A6EED25A5150B3655AB40B ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\LangWrbk.dll
17:41:59.0332 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\LangWrbk.dll - ok
17:41:59.0380 6992 [ EBF189843BC9448FB1EA5C6A81ECA702 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\korwbrkr.dll
17:41:59.0381 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\korwbrkr.dll - ok
17:41:59.0413 6992 [ D503C0CDBAE1920C82CA500D9AB29907 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\ISAPI\OWSSVR.DLL
17:41:59.0414 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\ISAPI\OWSSVR.DLL - ok
17:41:59.0462 6992 [ 71C06DB4FF4A5DBFF1CE9EF8B6F86506 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ThaWBrkr.dll
17:41:59.0463 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\ThaWBrkr.dll - ok
17:41:59.0510 6992 [ F55ACF27CF7284AD2FABA2E28A3E00E4 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\nlhtml.dll
17:41:59.0511 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\nlhtml.dll - ok
17:41:59.0554 6992 [ A9035C4CA57ACB80419ED878FE1EB161 ] C:\Windows\System32\offfilt.dll
17:41:59.0555 6992 C:\Windows\System32\offfilt.dll - ok
17:41:59.0601 6992 [ F31B0BBC451022A01DC65863E02F6B2A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xmlfilt.dll
17:41:59.0601 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xmlfilt.dll - ok
17:41:59.0650 6992 [ 57C252FFD3A6C49ACD5BB033EB497811 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\91bece4a0ffbdf6ca99dfc16971a5cc5\System.Web.Abstractions.ni.dll
17:41:59.0650 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\91bece4a0ffbdf6ca99dfc16971a5cc5\System.Web.Abstractions.ni.dll - ok
17:41:59.0683 6992 [ A3DC196D0DC21DCC33DC87C92CB0E51C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\fc6d2f5089ea7ffbcaf58016ac98ae32\System.Web.Extensions.ni.dll
17:41:59.0683 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\fc6d2f5089ea7ffbcaf58016ac98ae32\System.Web.Extensions.ni.dll - ok

End part 2 of 3

Part 3 / 3

17:41:59.0729 6992 [ 625C98D60AD5AB1FCCBD0E2C0AC0D905 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe
17:41:59.0730 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\ouc.exe - ok
17:41:59.0774 6992 [ DBDA60D92E774B4ACB3B1CD71F909426 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\mingwm10.dll
17:41:59.0775 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\mingwm10.dll - ok
17:41:59.0817 6992 [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
17:41:59.0818 6992 C:\Windows\System32\trkwks.dll - ok
17:41:59.0862 6992 [ C4B4409F186DA70FCF2BCC60D5F05489 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
17:41:59.0863 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll - ok
17:41:59.0906 6992 [ FB398D88FF38A97E069E9DFB44D84FC6 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtCore4.dll
17:41:59.0907 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtCore4.dll - ok
17:41:59.0940 6992 [ 0AB32D9F175C015D97EB712F5E636313 ] C:\Windows\System32\drivers\vmnetuserif.sys
17:41:59.0940 6992 C:\Windows\System32\drivers\vmnetuserif.sys - ok
17:41:59.0985 6992 [ A58BC88BD84D6D2325CA2475F94AFA37 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtNetwork4.dll
17:41:59.0985 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtNetwork4.dll - ok
17:42:00.0030 6992 [ B32009DB1972E7F2C227499289C4384A ] C:\Windows\System32\inetsrv\iisw3adm.dll
17:42:00.0030 6992 C:\Windows\System32\inetsrv\iisw3adm.dll - ok
17:42:00.0086 6992 [ BB42167E444D16859BAE6B9F7D92334C ] C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
17:42:00.0087 6992 C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe - ok
17:42:00.0130 6992 [ 49F9AF60349A514C1BCF14DB9C843C5A ] C:\Windows\System32\inetsrv\w3tp.dll
17:42:00.0131 6992 C:\Windows\System32\inetsrv\w3tp.dll - ok
17:42:00.0181 6992 [ 9B8595399A2CF9DAB8AAE79334B2B575 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QueryStrategy.dll
17:42:00.0181 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QueryStrategy.dll - ok
17:42:00.0220 6992 [ 31C6C1938413D13EB37AEAB83939BF49 ] C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtXml4.dll
17:42:00.0220 6992 C:\ProgramData\Tele2 Mobile Partner\OnlineUpdate\QtXml4.dll - ok
17:42:00.0268 6992 [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
17:42:00.0268 6992 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:42:00.0333 6992 [ 2BACD71123F42CEA603F4E205E1AE337 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:42:00.0333 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:42:00.0383 6992 [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
17:42:00.0383 6992 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:42:00.0428 6992 [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:42:00.0428 6992 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:42:00.0459 6992 [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
17:42:00.0459 6992 C:\Windows\System32\wbem\fastprox.dll - ok
17:42:00.0504 6992 [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
17:42:00.0505 6992 C:\Windows\System32\wbem\wbemcore.dll - ok
17:42:00.0550 6992 [ 78DC35C728FE05C6C9581FCD0023AFD0 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\ae0d5a6fe11d058910d1d12dbd1e82b2\System.ServiceModel.ni.dll
17:42:00.0550 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceModel\ae0d5a6fe11d058910d1d12dbd1e82b2\System.ServiceModel.ni.dll - ok
17:42:00.0595 6992 [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
17:42:00.0596 6992 C:\Windows\System32\wbem\esscli.dll - ok
17:42:00.0643 6992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:42:00.0643 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:42:00.0687 6992 [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
17:42:00.0688 6992 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:42:00.0714 6992 [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
17:42:00.0714 6992 C:\Windows\System32\wbem\wmiutils.dll - ok
17:42:00.0757 6992 [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
17:42:00.0758 6992 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:42:00.0799 6992 [ B5BD872122A2CE82D196ABF2D5D8D80A ] C:\Windows\System32\inetsrv\WMSvc.exe
17:42:00.0799 6992 C:\Windows\System32\inetsrv\WMSvc.exe - ok
17:42:00.0840 6992 [ 079FD1D59EAD19270C979AF174D881A3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:42:00.0840 6992 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:42:00.0884 6992 [ BDFCB7E8C108D042B213957D2B044E7E ] C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:42:00.0884 6992 C:\Program Files\Intel\WiFi\bin\EvtEng.exe - ok
17:42:00.0929 6992 [ 2A46FFE841EC43001D5A293A54DB34DE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:42:00.0929 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:42:00.0975 6992 [ D63652F124E1D23F145667591AB5B737 ] C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll
17:42:00.0975 6992 C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll - ok
17:42:01.0008 6992 [ 439FE203A62321D341121F7F1353176F ] C:\Program Files\Intel\WiFi\bin\MurocApi.dll
17:42:01.0009 6992 C:\Program Files\Intel\WiFi\bin\MurocApi.dll - ok
17:42:01.0058 6992 [ 981D0C89DBF79F034A4669A6904D3CED ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.IdentityM#\0f8b3c4e54f5bb034d10b158c01a3ea0\Microsoft.IdentityModel.ni.dll
17:42:01.0058 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.IdentityM#\0f8b3c4e54f5bb034d10b158c01a3ea0\Microsoft.IdentityModel.ni.dll - ok
17:42:01.0104 6992 [ AF17FAB5B90F54C6CD396A85CFE6A76B ] C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll
17:42:01.0104 6992 C:\Program Files\Intel\WiFi\bin\AmtWsMan.dll - ok
17:42:01.0152 6992 [ FE2DDBCF65163CE24D95F2E70F54BDCC ] C:\Program Files\Intel\WiFi\bin\pfQOSMgr.dll
17:42:01.0153 6992 C:\Program Files\Intel\WiFi\bin\pfQOSMgr.dll - ok
17:42:01.0207 6992 [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
17:42:01.0207 6992 C:\Windows\System32\iphlpsvc.dll - ok
17:42:01.0240 6992 [ 6A3A5E566D792BA30AFF5EC949FF9F49 ] C:\Windows\System32\inetsrv\wbhstipm.dll
17:42:01.0240 6992 C:\Windows\System32\inetsrv\wbhstipm.dll - ok
17:42:01.0291 6992 [ A99D9DCA14281E0B787501CAE4D995E0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
17:42:01.0291 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE - ok
17:42:01.0334 6992 [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
17:42:01.0335 6992 C:\Windows\System32\sqmapi.dll - ok
17:42:01.0376 6992 [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
17:42:01.0377 6992 C:\Windows\System32\odbc32.dll - ok
17:42:01.0432 6992 [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
17:42:01.0433 6992 C:\Windows\System32\wdscore.dll - ok
17:42:01.0493 6992 [ 2BAAF86F414E1FE77329E94799DD8BFC ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll
17:42:01.0494 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SqlResourceLoader.dll - ok
17:42:01.0533 6992 [ 5EE78226EF981A20052F49A96CEE746D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll
17:42:01.0534 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlsvc.dll - ok
17:42:01.0575 6992 [ 8BFDEDAFB9295252BB3D467C9F1A0C01 ] C:\Windows\System32\sqlncli10.dll
17:42:01.0575 6992 C:\Windows\System32\sqlncli10.dll - ok
17:42:01.0617 6992 [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
17:42:01.0618 6992 C:\Windows\System32\nci.dll - ok
17:42:01.0664 6992 [ 1598380A63186032696EB9E1F15EFF23 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\5f9be6e52ae2196e9a419125c8fb4c82\System.Data.ni.dll
17:42:01.0664 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Data\5f9be6e52ae2196e9a419125c8fb4c82\System.Data.ni.dll - ok
17:42:01.0713 6992 [ 80B4054B1F477D57FBBB0FF305AA9C9A ] C:\Windows\assembly\GAC_64\Microsoft.Sharepoint.Sandbox\14.0.0.0__71e9bce111e9429c\Microsoft.Sharepoint.Sandbox.dll
17:42:01.0713 6992 C:\Windows\assembly\GAC_64\Microsoft.Sharepoint.Sandbox\14.0.0.0__71e9bce111e9429c\Microsoft.Sharepoint.Sandbox.dll - ok
17:42:01.0761 6992 [ 5965125255D4B462F140BA10CD65DC56 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscm.dll
17:42:01.0762 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlscm.dll - ok
17:42:01.0791 6992 [ 56CE429ED8FD951388944E8BF96E24E2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SEMMAP.DLL
17:42:01.0791 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SEMMAP.DLL - ok
17:42:01.0833 6992 [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
17:42:01.0833 6992 C:\Windows\System32\odbcint.dll - ok
17:42:01.0874 6992 [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
17:42:01.0875 6992 C:\Windows\System32\clusapi.dll - ok
17:42:01.0916 6992 [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
17:42:01.0916 6992 C:\Windows\System32\resutils.dll - ok
17:42:01.0961 6992 [ 710146A31A791475BE6CA058DF6D5E3F ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll
17:42:01.0961 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\sqlsvc.rll - ok
17:42:02.0013 6992 [ E551E335D794F55EDA76D65E1EB08240 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SEMMAP.RLL
17:42:02.0013 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SEMMAP.RLL - ok
17:42:02.0052 6992 [ 40D076F5994981E6966870BDAE5BA9C0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL
17:42:02.0053 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLAGENT.RLL - ok
17:42:02.0109 6992 [ 0017163E0D5985168792BEE5CF70D5DF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
17:42:02.0110 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
17:42:02.0161 6992 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
17:42:02.0310 6992 C:\Windows\System32\drivers\srv2.sys - ok
17:42:02.0361 6992 [ 143A9BB8D22991E9C6E1E83B532E2F2D ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL
17:42:02.0362 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENTLOG.DLL - ok
17:42:02.0411 6992 [ 70E2F9B696E4443E532E75FC30C26E26 ] C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
17:42:02.0412 6992 C:\Windows\assembly\GAC_64\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
17:42:02.0458 6992 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
17:42:02.0458 6992 C:\Windows\System32\drivers\srv.sys - ok
17:42:02.0500 6992 [ 9EF88C73068792A39F1C6C55A2A088A6 ] C:\Windows\System32\1033\sqlnclir10.rll
17:42:02.0500 6992 C:\Windows\System32\1033\sqlnclir10.rll - ok
17:42:02.0542 6992 [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
17:42:02.0542 6992 C:\Windows\System32\srvsvc.dll - ok
17:42:02.0573 6992 [ 5629E16C6C15A138F9E0FABF42E2AE78 ] C:\Windows\System32\netbios.dll
17:42:02.0573 6992 C:\Windows\System32\netbios.dll - ok
17:42:02.0623 6992 [ 8A6D92C24314304292B2F4D8408E1933 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
17:42:02.0623 6992 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
17:42:02.0684 6992 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
17:42:02.0684 6992 C:\Windows\System32\browser.dll - ok
17:42:02.0725 6992 [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
17:42:02.0725 6992 C:\Windows\System32\netmsg.dll - ok
17:42:02.0766 6992 [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
17:42:02.0766 6992 C:\Windows\System32\sscore.dll - ok
17:42:02.0808 6992 [ F31F1487388534C01135FEA9943B65EB ] C:\Program Files\Intel\WiFi\bin\iWrap.exe
17:42:02.0808 6992 C:\Program Files\Intel\WiFi\bin\iWrap.exe - ok
17:42:02.0839 6992 [ AA511EB28672011A1D832F73E302F0A0 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
17:42:02.0839 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe - ok
17:42:02.0885 6992 [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
17:42:02.0885 6992 C:\Windows\System32\oledlg.dll - ok
17:42:02.0928 6992 [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
17:42:02.0928 6992 C:\Windows\System32\diagperf.dll - ok
17:42:02.0972 6992 [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
17:42:02.0973 6992 C:\Windows\System32\qmgr.dll - ok
17:42:03.0022 6992 [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
17:42:03.0023 6992 C:\Windows\System32\netman.dll - ok
17:42:03.0074 6992 [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
17:42:03.0074 6992 C:\Windows\System32\perftrack.dll - ok
17:42:03.0109 6992 [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
17:42:03.0110 6992 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:42:03.0173 6992 [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
17:42:03.0174 6992 C:\Windows\System32\bitsperf.dll - ok
17:42:03.0221 6992 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
17:42:03.0221 6992 C:\Windows\System32\appinfo.dll - ok
17:42:03.0266 6992 [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
17:42:03.0266 6992 C:\Windows\System32\WUDFSvc.dll - ok
17:42:03.0312 6992 [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
17:42:03.0312 6992 C:\Windows\System32\aelupsvc.dll - ok
17:42:03.0358 6992 [ 309D90A46AB6A7726141DF806EE863F5 ] C:\Users\Stephen\AppData\Local\Temp\ALSysIO64.sys
17:42:03.0358 6992 C:\Users\Stephen\AppData\Local\Temp\ALSysIO64.sys - ok
17:42:03.0390 6992 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
17:42:03.0390 6992 C:\Windows\System32\netshell.dll - ok
17:42:03.0435 6992 [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
17:42:03.0435 6992 C:\Windows\System32\bitsigd.dll - ok
17:42:03.0480 6992 [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
17:42:03.0481 6992 C:\Windows\System32\npmproxy.dll - ok
17:42:03.0523 6992 [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
17:42:03.0523 6992 C:\Windows\System32\upnp.dll - ok
17:42:03.0566 6992 [ EED4198F66E4D2EDFE464FAA663C4816 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
17:42:03.0567 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe - ok
17:42:03.0608 6992 [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
17:42:03.0609 6992 C:\Windows\System32\hidserv.dll - ok
17:42:03.0638 6992 [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
17:42:03.0638 6992 C:\Windows\System32\pnpts.dll - ok
17:42:03.0681 6992 [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
17:42:03.0681 6992 C:\Windows\System32\wpdbusenum.dll - ok
17:42:03.0721 6992 [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
17:42:03.0722 6992 C:\Windows\System32\Apphlpdm.dll - ok
17:42:03.0770 6992 [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
17:42:03.0771 6992 C:\Windows\System32\wdiasqmmodule.dll - ok
17:42:03.0824 6992 [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
17:42:03.0824 6992 C:\Windows\System32\rasdlg.dll - ok
17:42:03.0869 6992 [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
17:42:03.0869 6992 C:\Windows\System32\runonce.exe - ok
17:42:03.0895 6992 [ FF1429C45BF0412B412A1324CDC3F178 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fd.dll
17:42:03.0896 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fd.dll - ok
17:42:03.0946 6992 [ A924FCAA92481C04AC821AFFA49E87EA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\query.dll
17:42:03.0947 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\query.dll - ok
17:42:03.0988 6992 [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
17:42:03.0989 6992 C:\Windows\System32\mprapi.dll - ok
17:42:04.0036 6992 [ 1CF07AAD12D123727733E97801C132FA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlft105ph.dll
17:42:04.0036 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlft105ph.dll - ok
17:42:04.0086 6992 [ CF318F60A84F15AF352439465A8D05F4 ] C:\Program Files\Windows Defender\MpSvc.dll
17:42:04.0087 6992 C:\Program Files\Windows Defender\MpSvc.dll - ok
17:42:04.0116 6992 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
17:42:04.0116 6992 C:\Windows\SysWOW64\runonce.exe - ok
17:42:04.0156 6992 [ ADF3E771F429940E762AC097F5A54EAF ] C:\Program Files\Windows Defender\MpClient.dll
17:42:04.0157 6992 C:\Program Files\Windows Defender\MpClient.dll - ok
17:42:04.0220 6992 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
17:42:04.0221 6992 C:\Windows\System32\ssdpsrv.dll - ok
17:42:04.0262 6992 [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
17:42:04.0263 6992 C:\Windows\System32\wersvc.dll - ok
17:42:04.0301 6992 [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
17:42:04.0301 6992 C:\Windows\System32\PortableDeviceApi.dll - ok
17:42:04.0341 6992 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
17:42:04.0341 6992 C:\Windows\System32\IPSECSVC.DLL - ok
17:42:04.0384 6992 [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
17:42:04.0385 6992 C:\Windows\System32\FwRemoteSvr.dll - ok
17:42:04.0413 6992 [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:42:04.0413 6992 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:42:04.0456 6992 [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
17:42:04.0456 6992 C:\Windows\System32\radardt.dll - ok
17:42:04.0500 6992 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
17:42:04.0500 6992 C:\Windows\SysWOW64\propsys.dll - ok
17:42:04.0544 6992 [ 8ABFE00F213F2571498F1B8FD7939A98 ] C:\Windows\System32\WUDFHost.exe
17:42:04.0544 6992 C:\Windows\System32\WUDFHost.exe - ok
17:42:04.0593 6992 [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:42:04.0593 6992 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:42:04.0641 6992 [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
17:42:04.0641 6992 C:\Windows\System32\ncobjapi.dll - ok
17:42:04.0674 6992 [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
17:42:04.0674 6992 C:\Windows\System32\wbem\wbemess.dll - ok
17:42:04.0725 6992 [ FBD879D17B26D49DD7A48FF58062FAE6 ] C:\Windows\System32\tdh.dll
17:42:04.0725 6992 C:\Windows\System32\tdh.dll - ok
17:42:04.0768 6992 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
17:42:04.0769 6992 C:\Windows\SysWOW64\cmd.exe - ok
17:42:04.0815 6992 [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
17:42:04.0816 6992 C:\Windows\System32\qmgrprxy.dll - ok
17:42:04.0861 6992 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
17:42:04.0861 6992 C:\Windows\SysWOW64\qmgrprxy.dll - ok
17:42:04.0916 6992 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F ] C:\Windows\System32\WUDFx.dll
17:42:04.0916 6992 C:\Windows\System32\WUDFx.dll - ok
17:42:04.0963 6992 [ B2CDBED4C6E85D053BF560DCE322D24B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\7d3fef4ecf2b5c960bf716020bf335e5\Microsoft.SharePoint.Client.ServerRuntime.ni.dll
17:42:04.0963 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\Microsoft.SharePoin#\7d3fef4ecf2b5c960bf716020bf335e5\Microsoft.SharePoint.Client.ServerRuntime.ni.dll - ok
17:42:05.0022 6992 [ 719791FD6C86D0FF4F2AFB829CA878E1 ] C:\Windows\System32\drivers\UMDF\SensorsAlsDriver.dll
17:42:05.0023 6992 C:\Windows\System32\drivers\UMDF\SensorsAlsDriver.dll - ok
17:42:05.0068 6992 [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
17:42:05.0069 6992 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:42:05.0121 6992 [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
17:42:05.0122 6992 C:\Windows\System32\pnidui.dll - ok
17:42:05.0171 6992 [ 3130CB59CAF6B16F83FA4075D0AE7366 ] C:\Windows\System32\SensorsClassExtension.dll
17:42:05.0171 6992 C:\Windows\System32\SensorsClassExtension.dll - ok
17:42:05.0238 6992 [ 389CA818132C1D7DCF0C791E8D9035DE ] C:\Windows\System32\PortableDeviceClassExtension.dll
17:42:05.0238 6992 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
17:42:05.0282 6992 [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
17:42:05.0283 6992 C:\Windows\System32\drivers\scfilter.sys - ok
17:42:05.0328 6992 [ 521202AA6F2B74FCCC6BC7E162109D71 ] C:\Windows\System32\wbem\unsecapp.exe
17:42:05.0328 6992 C:\Windows\System32\wbem\unsecapp.exe - ok
17:42:05.0373 6992 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
17:42:05.0373 6992 C:\Windows\SysWOW64\winbrand.dll - ok
17:42:05.0422 6992 [ A4B3A9FFA483F8CB36E56C19448DDE36 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll
17:42:05.0423 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\52e2da35b160dbd254683f72a0f1b937\System.Xml.ni.dll - ok
17:42:05.0476 6992 [ 5D0F03EEF3205F66ECFBE72A7CBBAD1F ] C:\Windows\System32\winusb.dll
17:42:05.0477 6992 C:\Windows\System32\winusb.dll - ok
17:42:05.0502 6992 [ 8691A502CFF70D360372A86434A8C723 ] C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll
17:42:05.0502 6992 C:\Windows\System32\drivers\UMDF\WUDFUsbccidDriver.dll - ok
17:42:05.0547 6992 [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
17:42:05.0547 6992 C:\Windows\System32\wmp.dll - ok
17:42:05.0592 6992 [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
17:42:05.0592 6992 C:\Windows\System32\dimsjob.dll - ok
17:42:05.0637 6992 [ 5466DCAEF5A648E04D1B6580F2C901B5 ] C:\Windows\SysWOW64\ieframe.dll
17:42:05.0637 6992 C:\Windows\SysWOW64\ieframe.dll - ok
17:42:05.0685 6992 [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
17:42:05.0686 6992 C:\Windows\System32\pautoenr.dll - ok
17:42:05.0734 6992 [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
17:42:05.0734 6992 C:\Windows\System32\certcli.dll - ok
17:42:05.0769 6992 [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
17:42:05.0769 6992 C:\Windows\System32\CertEnroll.dll - ok
17:42:05.0815 6992 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
17:42:05.0815 6992 C:\Windows\SysWOW64\oleacc.dll - ok
17:42:05.0857 6992 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
17:42:05.0857 6992 C:\Windows\SysWOW64\shdocvw.dll - ok
17:42:05.0900 6992 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Stephen\AppData\Local\Temp\6BA6E829-9F55-43DD-9BDC-6F8F5A2424F1.exe
17:42:05.0900 6992 C:\Users\Stephen\AppData\Local\Temp\6BA6E829-9F55-43DD-9BDC-6F8F5A2424F1.exe - ok
17:42:05.0946 6992 [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:42:05.0946 6992 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:42:05.0989 6992 [ 60EDA0D8FB337B4EAAEC4F828EE34230 ] C:\Windows\assembly\GAC_64\Microsoft.SharePoint.Search\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.Search.dll
17:42:05.0989 6992 C:\Windows\assembly\GAC_64\Microsoft.SharePoint.Search\14.0.0.0__71e9bce111e9429c\Microsoft.SharePoint.Search.dll - ok
17:42:06.0026 6992 [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
17:42:06.0026 6992 C:\Windows\System32\wbem\cimwin32.dll - ok
17:42:06.0080 6992 [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
17:42:06.0081 6992 C:\Windows\System32\framedynos.dll - ok
17:42:06.0152 6992 [ CF4F9EEE0B58988F3CFA1F3D938CA4A5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll
17:42:06.0153 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xpsqlbot.dll - ok
17:42:06.0219 6992 [ 470994AFCC3C981015200246D1C2FFBE ] C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll
17:42:06.0219 6992 C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll - ok
17:42:06.0276 6992 [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
17:42:06.0276 6992 C:\Windows\SysWOW64\ncrypt.dll - ok
17:42:06.0306 6992 [ DB4BC74DC444CC7A5F8F6DF2D38FBD96 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll
17:42:06.0307 6992 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcm90.dll - ok
17:42:06.0349 6992 [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
17:42:06.0349 6992 C:\Windows\SysWOW64\bcrypt.dll - ok
17:42:06.0393 6992 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:42:06.0393 6992 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:42:06.0435 6992 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
17:42:06.0436 6992 C:\Windows\SysWOW64\gpapi.dll - ok
17:42:06.0481 6992 [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
17:42:06.0481 6992 C:\Windows\System32\wbem\NCProv.dll - ok
17:42:06.0527 6992 [ 7A91BDEB8F4C96E17D652CB470664E39 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\ed06a2b15f6bba9f73a0f58d46c4b2b4\System.Web.Services.ni.dll
17:42:06.0528 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\ed06a2b15f6bba9f73a0f58d46c4b2b4\System.Web.Services.ni.dll - ok
17:42:06.0558 6992 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\SysWOW64\cryptnet.dll
17:42:06.0558 6992 C:\Windows\SysWOW64\cryptnet.dll - ok
17:42:06.0603 6992 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
17:42:06.0604 6992 C:\Windows\SysWOW64\SensApi.dll - ok
17:42:06.0645 6992 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
17:42:06.0645 6992 C:\Windows\SysWOW64\dwmapi.dll - ok
17:42:06.0690 6992 [ 07AD88DF9EF73215458867EFC1BFFE9E ] C:\Windows\System32\wbem\wmiprov.dll
17:42:06.0690 6992 C:\Windows\System32\wbem\wmiprov.dll - ok
17:42:06.0732 6992 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
17:42:06.0733 6992 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
17:42:06.0778 6992 [ 0BA4CF46A97F7DDF42E37AD68C2EE379 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TDMAuditLogger.exe
17:42:06.0778 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TDMAuditLogger.exe - ok
17:42:06.0829 6992 [ 8DAE34F16F8EB3E058637DF11CAF9DDD ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\XPStar.DLL
17:42:06.0829 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\XPStar.DLL - ok
17:42:06.0860 6992 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
17:42:06.0861 6992 C:\Windows\SysWOW64\EhStorShell.dll - ok
17:42:06.0906 6992 [ 5DC82354ADADD514B040B4740223DABA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL
17:42:06.0907 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\XPStar.RLL - ok
17:42:06.0951 6992 [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
17:42:06.0952 6992 C:\Windows\SysWOW64\ntshrui.dll - ok
17:42:07.0001 6992 [ 855CFF2E03811072592C03331D278427 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\6ba323bb63f75d1648563c8e3bd80dd4\System.Management.Automation.ni.dll
17:42:07.0001 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management.A#\6ba323bb63f75d1648563c8e3bd80dd4\System.Management.Automation.ni.dll - ok
17:42:07.0058 6992 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
17:42:07.0058 6992 C:\Windows\SysWOW64\slc.dll - ok
17:42:07.0110 6992 [ E860C7864FE098E8C5ACA9268E28B515 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xplog70.dll
17:42:07.0110 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\xplog70.dll - ok
17:42:07.0144 6992 [ EAC76F1992BC3369818AAE89EFD52061 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll
17:42:07.0145 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\xplog70.rll - ok
17:42:07.0190 6992 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
17:42:07.0191 6992 C:\Windows\SysWOW64\imageres.dll - ok
17:42:07.0256 6992 [ 00FC60BAB4F9C9DE5EF05454AF4A72B2 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL
17:42:07.0257 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLATXSS.DLL - ok
17:42:07.0343 6992 [ 18D12BC9FFF8F36DE4CAADEF50235AC5 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\atxcore.dll
17:42:07.0343 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\atxcore.dll - ok
17:42:07.0378 6992 [ 565335FD16E90B74A63F468E41DED7CE ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll
17:42:07.0379 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\atxcore.rll - ok
17:42:07.0439 6992 [ 0C15D6765A6F5CBA0E5C8B68EF8144A8 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL
17:42:07.0439 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLATXSS.RLL - ok
17:42:07.0496 6992 [ DFBBAC38EF42617FECE24D35D459D860 ] C:\Program Files\Microsoft SQL Server\100\COM\AXSCPHST.DLL
17:42:07.0496 6992 C:\Program Files\Microsoft SQL Server\100\COM\AXSCPHST.DLL - ok
17:42:07.0559 6992 [ BD8B890E46E851A6CE7DED2F67BC9F50 ] C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\AXSCPHST.RLL
17:42:07.0559 6992 C:\Program Files\Microsoft SQL Server\100\COM\Resources\1033\AXSCPHST.RLL - ok
17:42:07.0612 6992 [ 1F48397185A34C9BC502D4ED46318644 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL
17:42:07.0612 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLCMDSS.DLL - ok
17:42:07.0650 6992 [ ADBF9B4F4B4E4C6733FF70AC818D81DA ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL
17:42:07.0651 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLCMDSS.RLL - ok
17:42:07.0706 6992 [ EF038E72FE3F7D9FD69C3E79FBC32829 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL
17:42:07.0706 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLREPSS.DLL - ok
17:42:07.0755 6992 [ 95F023A4D3A1657EFC5E61F623DC335A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL
17:42:07.0756 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLREPSS.RLL - ok
17:42:07.0806 6992 [ 026017F0EF12B1F1A51D16179EA0FCBB ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL
17:42:07.0806 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLOLAPSS.DLL - ok
17:42:07.0857 6992 [ A7E03E5E0C27DDD4CFE8F243FBE853F8 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcm80.dll
17:42:07.0857 6992 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcm80.dll - ok
17:42:07.0912 6992 [ 5D0E28A22860E487148B2820309C0063 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll
17:42:07.0913 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\ac14913a11af4bfae0b8eb913a46a161\System.Configuration.ni.dll - ok
17:42:07.0955 6992 [ E22336AEE30B56BD1982BBD34E414DA1 ] C:\Program Files (x86)\VMware\VMware Player\vmnetBridge.dll
17:42:07.0956 6992 C:\Program Files (x86)\VMware\VMware Player\vmnetBridge.dll - ok
17:42:08.0005 6992 [ F0A079CB4F819DD2AB94B06B3C17BF4C ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll
17:42:08.0005 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Transactions\2110a213770c5bf08d61fb266706eb6d\System.Transactions.ni.dll - ok
17:42:08.0052 6992 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
17:42:08.0053 6992 C:\Windows\System32\ndiscapCfg.dll - ok
17:42:08.0098 6992 [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
17:42:08.0099 6992 C:\Windows\System32\rascfg.dll - ok
17:42:08.0143 6992 [ E4806AC8BE2D890193252D4BEE7EA95C ] C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
17:42:08.0143 6992 C:\Windows\assembly\GAC_64\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
17:42:08.0179 6992 [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
17:42:08.0179 6992 C:\Windows\System32\mprmsg.dll - ok
17:42:08.0225 6992 [ 9C4E5A0B1558D1434A54FC18690874F9 ] C:\Windows\System32\basp.dll
17:42:08.0225 6992 C:\Windows\System32\basp.dll - ok
17:42:08.0283 6992 [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
17:42:08.0283 6992 C:\Windows\System32\tcpipcfg.dll - ok
17:42:08.0330 6992 [ C173DDA91F5EB542B0F01E3B4BD95E79 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL
17:42:08.0331 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLOLAPSS.RLL - ok
17:42:08.0387 6992 [ 0129DC94FE97CEFD5C1CF606D4802869 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL
17:42:08.0387 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLDTSSS.DLL - ok
17:42:08.0459 6992 [ 9F4873EB59F2588BA35CA38E5D84E2A8 ] C:\Windows\System32\vnetlib64.dll
17:42:08.0460 6992 C:\Windows\System32\vnetlib64.dll - ok
17:42:08.0507 6992 [ 3B0795EFB18898BC50463EE328070F61 ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL
17:42:08.0507 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLDTSSS.RLL - ok
17:42:08.0559 6992 [ DAF3CBC9B0606A8124A44E9CA5E5CDDE ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL
17:42:08.0559 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLPOWERSHELLSS.DLL - ok
17:42:08.0607 6992 [ 3C00FC1B12C5657AEF020BCA072E757A ] C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL
17:42:08.0607 6992 C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\Resources\1033\SQLPOWERSHELLSS.RLL - ok
17:42:08.0657 6992 [ 0464F693C59CC02CF261DE7E4D33E5B7 ] C:\Windows\System32\wbem\WmiPerfClass.dll
17:42:08.0658 6992 C:\Windows\System32\wbem\WmiPerfClass.dll - ok
17:42:08.0701 6992 [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
17:42:08.0701 6992 C:\Windows\System32\wlaninst.dll - ok
17:42:08.0730 6992 [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
17:42:08.0731 6992 C:\Windows\System32\wwaninst.dll - ok
17:42:08.0789 6992 [ D64D99EC088B54FFE8EE67A480386C20 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
17:42:08.0789 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
17:42:08.0847 6992 [ E50ACF664E2718450EF70DDAFCF963F9 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3b5084f54a9c0b25602a95dea7139afa\System.DirectoryServices.ni.dll
17:42:08.0848 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.DirectorySer#\3b5084f54a9c0b25602a95dea7139afa\System.DirectoryServices.ni.dll - ok
17:42:08.0901 6992 [ F9F08AFAF2685F2DF6453BE45C613BF9 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCWorkerProcessProxy.exe
17:42:08.0902 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCWorkerProcessProxy.exe - ok
17:42:08.0945 6992 [ A014408C6A73B2470425BD157D046012 ] C:\Windows\System32\WCR10.dll
17:42:08.0946 6992 C:\Windows\System32\WCR10.dll - ok
17:42:08.0991 6992 [ 36B426BBC243441259F5D90A26553CF1 ] C:\Windows\System32\inetsrv\adsiis.dll
17:42:08.0992 6992 C:\Windows\System32\inetsrv\adsiis.dll - ok
17:42:09.0034 6992 [ 464B24F0A7590F458FE46EA438CE819A ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCWorkerProcess.exe
17:42:09.0035 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\UserCode\SPUCWorkerProcess.exe - ok
17:42:09.0097 6992 [ 0A7DBB9E474BAF2DC07979D3B3DDDB18 ] C:\Windows\System32\inetsrv\iisext.dll
17:42:09.0098 6992 C:\Windows\System32\inetsrv\iisext.dll - ok
17:42:09.0149 6992 [ 5E1012EF2CEEB76484501209F9B50575 ] C:\Windows\System32\inetsrv\rsca.dll
17:42:09.0150 6992 C:\Windows\System32\inetsrv\rsca.dll - ok
17:42:09.0196 6992 [ BEAFCF7E206869DC59C934B1906266BC ] C:\Windows\System32\inetsrv\w3ctrlps.dll
17:42:09.0196 6992 C:\Windows\System32\inetsrv\w3ctrlps.dll - ok
17:42:09.0237 6992 [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
17:42:09.0238 6992 C:\Windows\System32\spfileq.dll - ok
17:42:09.0269 6992 [ E601860AA04CE2198DBC6AC2AF80AFF7 ] C:\Windows\System32\perfos.dll
17:42:09.0269 6992 C:\Windows\System32\perfos.dll - ok
17:42:09.0324 6992 [ 093747DAE1C1A7F6DEA8D16E26D4F648 ] C:\Windows\System32\msscntrs.dll
17:42:09.0324 6992 C:\Windows\System32\msscntrs.dll - ok
17:42:09.0372 6992 [ B203DECBF40A7E84B40EB4CBE01F03E9 ] C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\Counters\msmdctr100.DLL
17:42:09.0372 6992 C:\Program Files\Microsoft SQL Server\MSAS10_50.MSSQLSERVER\OLAP\bin\Counters\msmdctr100.DLL - ok
17:42:09.0419 6992 [ 0F02C3FF97EAB0D8295854D6C4F82BEE ] C:\Windows\System32\netfxperf.dll
17:42:09.0419 6992 C:\Windows\System32\netfxperf.dll - ok
17:42:09.0464 6992 [ 247699C4F41599ADC13B86EBF4029983 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll
17:42:09.0464 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\PerfCounter.dll - ok
17:42:09.0508 6992 [ 6C04E82C3D6DE9F37095E8BF97D67F4C ] C:\Windows\System32\pictrdll.dll
17:42:09.0508 6992 C:\Windows\System32\pictrdll.dll - ok
17:42:09.0541 6992 [ B3BA3CB8515B27110A4791DCE9EEF402 ] C:\Windows\System32\usbperf.dll
17:42:09.0541 6992 C:\Windows\System32\usbperf.dll - ok
17:42:09.0609 6992 [ 559B702265ADD962D4207688CA0F8E41 ] C:\Program Files (x86)\VMware\VMware Player\vmPerfmon.dll
17:42:09.0609 6992 C:\Program Files (x86)\VMware\VMware Player\vmPerfmon.dll - ok
17:42:09.0661 6992 [ 677CCEADE829839BB8979190A251B09C ] C:\Windows\System32\wbem\WmiApRpl.dll
17:42:09.0662 6992 C:\Windows\System32\wbem\WmiApRpl.dll - ok
17:42:09.0715 6992 [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
17:42:09.0715 6992 C:\Windows\System32\loadperf.dll - ok
17:42:09.0760 6992 [ 5C0D012DDEF2DABAE8BF7D2B0BD57E42 ] C:\Windows\System32\baspin.exe
17:42:09.0760 6992 C:\Windows\System32\baspin.exe - ok
17:42:09.0805 6992 [ D85288ED4A30B6D9593F5B977D5ADC0F ] C:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
17:42:09.0806 6992 C:\Windows\assembly\GAC_64\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll - ok
17:42:09.0835 6992 [ B466E673B5E219520A12B40F1289E455 ] C:\Windows\System32\perfproc.dll
17:42:09.0835 6992 C:\Windows\System32\perfproc.dll - ok
17:42:09.0876 6992 [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
17:42:09.0876 6992 C:\Windows\servicing\TrustedInstaller.exe - ok
17:42:09.0919 6992 [ 989AC0CE04D27DD0D2D7A57D54C8A37D ] C:\Windows\CCM\CcmExec.exe
17:42:09.0919 6992 C:\Windows\CCM\CcmExec.exe - ok
17:42:09.0962 6992 [ 6549647F348F8C45EA42136B4A234907 ] C:\Windows\System32\ccmcore.dll
17:42:09.0962 6992 C:\Windows\System32\ccmcore.dll - ok
17:42:10.0000 6992 [ 89E67D7352F08D38325E0968D6FA3FC7 ] C:\Windows\CCM\ccmgencert.dll
17:42:10.0001 6992 C:\Windows\CCM\ccmgencert.dll - ok
17:42:10.0041 6992 [ 9BCC9362331CE64CF03B012B1580E99A ] C:\Windows\CCM\smscore.dll
17:42:10.0041 6992 C:\Windows\CCM\smscore.dll - ok
17:42:10.0068 6992 [ CC9A2DCC8244B38D6C3FF54AD387F0E8 ] C:\Windows\CCM\ccmutillib.dll
17:42:10.0069 6992 C:\Windows\CCM\ccmutillib.dll - ok
17:42:10.0112 6992 [ EFBF944281A0A4D6A5A8B5B288E8A1F1 ] C:\Windows\CCM\ccmid.dll
17:42:10.0112 6992 C:\Windows\CCM\ccmid.dll - ok
17:42:10.0162 6992 [ CB533AF5A35EE1029EA08C3FE6D1B72A ] C:\Windows\CCM\LSUtilities.dll
17:42:10.0162 6992 C:\Windows\CCM\LSUtilities.dll - ok
17:42:10.0212 6992 [ 7A173A9F349420D97F2D444813CF92A0 ] C:\Windows\CCM\fsputillib.dll
17:42:10.0212 6992 C:\Windows\CCM\fsputillib.dll - ok
17:42:10.0261 6992 [ 8793A7C83DCB6C66106DE255D941A142 ] C:\Windows\CCM\CcmTask.dll
17:42:10.0261 6992 C:\Windows\CCM\CcmTask.dll - ok
17:42:10.0308 6992 [ 96C43B88CD440E51AD49C27D2A9750DD ] C:\Windows\CCM\ccmperf.dll
17:42:10.0308 6992 C:\Windows\CCM\ccmperf.dll - ok
17:42:10.0336 6992 [ 62D2B05F7426D4735F50DC207D569281 ] C:\Windows\System32\framedyn.dll
17:42:10.0336 6992 C:\Windows\System32\framedyn.dll - ok
17:42:10.0381 6992 [ 1658E808E4D4889C66DE47EC87F1DED1 ] C:\Windows\System32\msvcp60.dll
17:42:10.0381 6992 C:\Windows\System32\msvcp60.dll - ok
17:42:10.0423 6992 [ ACE1B5C7933943D5BF075991596215C0 ] C:\Windows\CCM\PolicyAgent.dll
17:42:10.0423 6992 C:\Windows\CCM\PolicyAgent.dll - ok
17:42:10.0466 6992 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:42:10.0466 6992 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
17:42:10.0511 6992 [ 956B6ACA4EFF31046403F0DD6235332E ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
17:42:10.0511 6992 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
17:42:10.0553 6992 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
17:42:10.0553 6992 C:\Windows\SysWOW64\mscoree.dll - ok
17:42:10.0600 6992 [ 86329C35FF23CFEF0FB6C0023BA06BCE ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:42:10.0600 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
17:42:10.0630 6992 [ A9B057A6203D62BD037DE9C4793C5A55 ] C:\Windows\CCM\PolicyAgentProvider.dll
17:42:10.0631 6992 C:\Windows\CCM\PolicyAgentProvider.dll - ok
17:42:10.0674 6992 [ 31A0E93CDF29007D6C6FFFB632F375ED ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
17:42:10.0675 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
17:42:10.0726 6992 [ AB22BFF47D0C26749E4951680F64349C ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:42:10.0726 6992 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:42:10.0782 6992 [ 8B92BED5B8D4A8480E7AA631F35A6F35 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:42:10.0782 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:42:10.0834 6992 [ 31D59387099070963EAD4CE14C5B5F04 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
17:42:10.0834 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll - ok
17:42:10.0862 6992 [ 6D6596E046CA6A61DE250AD3A281A1AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
17:42:10.0862 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll - ok
17:42:10.0916 6992 [ 885A88C268C23618AFB937F1ECE56A20 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
17:42:10.0916 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
17:42:10.0967 6992 [ 45589E89343FDF8171E3DB802EEDFD37 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
17:42:10.0967 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
17:42:11.0016 6992 [ 9FD14C52C877DA06212FD638625B142A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\74f16da618ea40889f6299f25628f9e6\IAStorDataMgrSvc.ni.exe
17:42:11.0016 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\74f16da618ea40889f6299f25628f9e6\IAStorDataMgrSvc.ni.exe - ok
17:42:11.0070 6992 [ 30B94A855F4C86212F98BB184A30CA96 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll
17:42:11.0070 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll - ok
17:42:11.0130 6992 [ 760C39AB75B456B86C926B04DEDA9D80 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
17:42:11.0131 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
17:42:11.0164 6992 [ FCFD172DFD228F85230ED6A053EA9ECE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\1a346936448c577357d806a93e99506b\IAStorDataMgr.ni.dll
17:42:11.0164 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\1a346936448c577357d806a93e99506b\IAStorDataMgr.ni.dll - ok
17:42:11.0215 6992 [ 9C6114D534B2A1C31DC475C083347C22 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d9c2bad0366d854229add380b4b523f4\IAStorUtil.ni.dll
17:42:11.0215 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d9c2bad0366d854229add380b4b523f4\IAStorUtil.ni.dll - ok
17:42:11.0272 6992 [ 7221E380FB8BFCF0160B9D4E704E7E77 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
17:42:11.0273 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll - ok
17:42:11.0317 6992 [ 43104328E99680FCF282E71CC45CB5D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
17:42:11.0318 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll - ok
17:42:11.0383 6992 [ 3BD900FCC514F12A82D4AE9566113254 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6f212cae83042127ead556a5bce9c238\System.Runtime.Remoting.ni.dll
17:42:11.0384 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\6f212cae83042127ead556a5bce9c238\System.Runtime.Remoting.ni.dll - ok
17:42:11.0414 6992 [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
17:42:11.0414 6992 C:\Windows\System32\sppsvc.exe - ok
17:42:11.0462 6992 [ 91072FFB415483FDECA1FC1B898708CB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b9801b99e189749c20a0d34ab1eaff5a\IsdiInterop.ni.dll
17:42:11.0463 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b9801b99e189749c20a0d34ab1eaff5a\IsdiInterop.ni.dll - ok
17:42:11.0512 6992 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:42:11.0512 6992 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:42:11.0562 6992 [ A093ED015173A0952817B05ADE79E5C0 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
17:42:11.0562 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
17:42:11.0609 6992 [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
17:42:11.0609 6992 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
17:42:11.0655 6992 [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
17:42:11.0655 6992 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
17:42:11.0682 6992 [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
17:42:11.0682 6992 C:\Windows\System32\drivers\spsys.sys - ok
17:42:11.0726 6992 [ 8114D50DFA0A701028F55D97DF6E6260 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Aspnet_perf.dll
17:42:11.0726 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Aspnet_perf.dll - ok
17:42:11.0772 6992 [ BFCCB94CBCE9A3CE51F8F4B7E15EC7D7 ] C:\Windows\System32\esentprf.dll
17:42:11.0772 6992 C:\Windows\System32\esentprf.dll - ok
17:42:11.0825 6992 [ 807EB11BD87CD9026906FB79015414CE ] C:\Windows\System32\perfdisk.dll
17:42:11.0825 6992 C:\Windows\System32\perfdisk.dll - ok
17:42:11.0889 6992 [ 00499168B9CC556647590707E6701ADB ] C:\Windows\System32\perfnet.dll
17:42:11.0889 6992 C:\Windows\System32\perfnet.dll - ok
17:42:11.0923 6992 [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
17:42:11.0924 6992 C:\Windows\System32\wmdrmdev.dll - ok
17:42:11.0967 6992 [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
17:42:11.0968 6992 C:\Windows\System32\wscsvc.dll - ok
17:42:12.0009 6992 [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
17:42:12.0010 6992 C:\Windows\System32\sppwinob.dll - ok
17:42:12.0053 6992 [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
17:42:12.0053 6992 C:\Windows\System32\drmv2clt.dll - ok
17:42:12.0105 6992 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
17:42:12.0105 6992 C:\Windows\System32\sysmain.dll - ok
17:42:12.0147 6992 [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
17:42:12.0147 6992 C:\Windows\System32\mfplat.dll - ok
17:42:12.0174 6992 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
17:42:12.0174 6992 C:\Windows\System32\wuaueng.dll - ok
17:42:12.0220 6992 [ 8056A3E51B569C3F437A5026A0ABE66D ] C:\Windows\System32\perfctrs.dll
17:42:12.0221 6992 C:\Windows\System32\perfctrs.dll - ok
17:42:12.0267 6992 [ C7E0E09A9864CEB931C88A7873DA7A9F ] C:\Windows\System32\inetsrv\w3ctrs.dll
17:42:12.0268 6992 C:\Windows\System32\inetsrv\w3ctrs.dll - ok
17:42:12.0325 6992 [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
17:42:12.0325 6992 C:\Windows\System32\cabinet.dll - ok
17:42:12.0365 6992 [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
17:42:12.0365 6992 C:\Windows\System32\mspatcha.dll - ok
17:42:12.0410 6992 [ 3FCF96B5C88032C5A280410B6CFCDAAC ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key
17:42:12.0410 6992 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01_64.key - ok
17:42:12.0448 6992 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
17:42:12.0449 6992 C:\Windows\System32\wbem\WmiApSrv.exe - ok
17:42:12.0506 6992 [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:42:12.0506 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:42:12.0552 6992 [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
17:42:12.0553 6992 C:\Windows\System32\wups.dll - ok
17:42:12.0593 6992 [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
17:42:12.0593 6992 C:\Windows\System32\wups2.dll - ok
17:42:12.0633 6992 [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
17:42:12.0633 6992 C:\Windows\System32\wuapi.dll - ok
17:42:12.0677 6992 [ 75BCC4043512E41D83C8F224B168039C ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
17:42:12.0677 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
17:42:12.0706 6992 [ 858716CED10DBBF0BC5748F71ED2F59D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
17:42:12.0706 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll - ok
17:42:12.0753 6992 [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
17:42:12.0753 6992 C:\Windows\System32\tquery.dll - ok
17:42:12.0793 6992 [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
17:42:12.0794 6992 C:\Windows\System32\wscisvif.dll - ok
17:42:12.0836 6992 [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
17:42:12.0836 6992 C:\Windows\System32\wscproxystub.dll - ok
17:42:12.0876 6992 [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
17:42:12.0877 6992 C:\Windows\System32\wmploc.DLL - ok
17:42:12.0918 6992 [ C1D0691BE5DDB0C230D8370BD96BBE8B ] C:\Program Files\Internet Explorer\ieproxy.dll
17:42:12.0919 6992 C:\Program Files\Internet Explorer\ieproxy.dll - ok
17:42:12.0961 6992 [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
17:42:12.0961 6992 C:\Windows\System32\wmpps.dll - ok
17:42:12.0993 6992 [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
17:42:12.0994 6992 C:\Windows\System32\sppobjs.dll - ok
17:42:13.0052 6992 [ 8BAD6A48766A16F37C15CC38E08B8B59 ] C:\Windows\System32\wbem\WmiPerfInst.dll
17:42:13.0053 6992 C:\Windows\System32\wbem\WmiPerfInst.dll - ok
17:42:13.0106 6992 [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
17:42:13.0106 6992 C:\Windows\System32\schedcli.dll - ok
17:42:13.0152 6992 [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
17:42:13.0152 6992 C:\Windows\System32\wbem\wmipcima.dll - ok
17:42:13.0196 6992 [ 79160E670093F70F1D58D59C73D56CDB ] C:\Windows\CCM\SrcUpdateMgr.dll
17:42:13.0196 6992 C:\Windows\CCM\SrcUpdateMgr.dll - ok
17:42:13.0232 6992 [ CD70193232143CC34654C15377A7F872 ] C:\Windows\CCM\CcmDTS.dll
17:42:13.0232 6992 C:\Windows\CCM\CcmDTS.dll - ok
17:42:13.0283 6992 [ DE0B01E0165BB8C142737BEF56B3EEA4 ] C:\Windows\CCM\CcmCTMNotification.dll
17:42:13.0283 6992 C:\Windows\CCM\CcmCTMNotification.dll - ok
17:42:13.0327 6992 [ 4F9CFC1A8FFA28F95130160FA448BA98 ] C:\Windows\CCM\smssha.dll
17:42:13.0327 6992 C:\Windows\CCM\smssha.dll - ok
17:42:13.0368 6992 [ C6CBBD315A0FA60794D0F1564222B10A ] C:\Windows\CCM\SoftwareCenterSystemTasks.dll
17:42:13.0368 6992 C:\Windows\CCM\SoftwareCenterSystemTasks.dll - ok
17:42:13.0410 6992 [ 9EE2D58E7C64408D4440EC40A1390DBD ] C:\Windows\CCM\StateMessage.dll
17:42:13.0411 6992 C:\Windows\CCM\StateMessage.dll - ok
17:42:13.0451 6992 [ 23018291DB437CEBB0034C5D21E1508C ] C:\Windows\CCM\VAppLaunchMgr.dll
17:42:13.0452 6992 C:\Windows\CCM\VAppLaunchMgr.dll - ok
17:42:13.0500 6992 [ E3863C18020C17DDBE5EFE991192E64D ] C:\Windows\CCM\UpdatesDeployment.dll
17:42:13.0501 6992 C:\Windows\CCM\UpdatesDeployment.dll - ok
17:42:13.0529 6992 [ A3AEC6B8584E04B0835DA5D8E46CC595 ] C:\Windows\CCM\CcmProxy.dll
17:42:13.0530 6992 C:\Windows\CCM\CcmProxy.dll - ok
17:42:13.0572 6992 [ CFB486AE4CF09E4BDCD7DC135A789C4E ] C:\Windows\CCM\ScanAgent.dll
17:42:13.0572 6992 C:\Windows\CCM\ScanAgent.dll - ok
17:42:13.0618 6992 [ 4E1EECE8ECA8BD21012664F8BAA62CD0 ] C:\Windows\CCM\Sched.dll
17:42:13.0618 6992 C:\Windows\CCM\Sched.dll - ok
17:42:13.0658 6992 [ 36F5F304B124346AF471B2BD1AEA86AD ] C:\Windows\CCM\rebootcoord.dll
17:42:13.0658 6992 C:\Windows\CCM\rebootcoord.dll - ok
17:42:13.0697 6992 [ FAC26042554ECE4734EC4728B9C94484 ] C:\Windows\CCM\TSCore.dll
17:42:13.0698 6992 C:\Windows\CCM\TSCore.dll - ok
17:42:13.0738 6992 [ 9235145DB66EC02D61B4D46D88A4DE0A ] C:\Windows\CCM\CcmPolicySdk.dll
17:42:13.0738 6992 C:\Windows\CCM\CcmPolicySdk.dll - ok
17:42:13.0766 6992 [ 0950C12AD421EA3F18667087202D7981 ] C:\Windows\CCM\PolicyAgentEndpoint.dll
17:42:13.0766 6992 C:\Windows\CCM\PolicyAgentEndpoint.dll - ok
17:42:13.0811 6992 [ BFECC42D2CA0CC8F22EB976C49F34F53 ] C:\Windows\CCM\UpdatesStore.dll
17:42:13.0811 6992 C:\Windows\CCM\UpdatesStore.dll - ok
17:42:13.0851 6992 [ 67E5879837CD147F36222D8B10BCCEC7 ] C:\Windows\CCM\ContentAccess.dll
17:42:13.0851 6992 C:\Windows\CCM\ContentAccess.dll - ok
17:42:13.0894 6992 [ A89BAB861A8A39A58E2AF56760AD0FEB ] C:\Windows\CCM\CPApplet.dll
17:42:13.0894 6992 C:\Windows\CCM\CPApplet.dll - ok
17:42:13.0934 6992 [ 7D6641B34F282D9CCA46701AAC959309 ] C:\Windows\CCM\CcmCTM.dll
17:42:13.0934 6992 C:\Windows\CCM\CcmCTM.dll - ok
17:42:13.0974 6992 [ 996534DD7D82C3BBF03FB468664C1A8D ] C:\Windows\CCM\librdc.dll
17:42:13.0974 6992 C:\Windows\CCM\librdc.dll - ok
17:42:14.0013 6992 [ 3D995938F59DDA9520417BB446BC4798 ] C:\Windows\CCM\execmgr.dll
17:42:14.0013 6992 C:\Windows\CCM\execmgr.dll - ok
17:42:14.0042 6992 [ 8CCB69CD0CCF3F36265B37AE64EBEF7A ] C:\Windows\CCM\SrvWinMgr.dll
17:42:14.0042 6992 C:\Windows\CCM\SrvWinMgr.dll - ok
17:42:14.0084 6992 [ 06A81215108C57DB1F453E8E6D31E927 ] C:\Windows\CCM\StatusAgent.dll
17:42:14.0085 6992 C:\Windows\CCM\StatusAgent.dll - ok
17:42:14.0129 6992 [ 46E7FD8E453E142924D63BAD90B1CD5B ] C:\Windows\CCM\CcmEvalTask.dll
17:42:14.0129 6992 C:\Windows\CCM\CcmEvalTask.dll - ok
17:42:14.0199 6992 [ CC7866119684D854A09C0D369F4DA8B2 ] C:\Windows\CCM\EndpointProtectionEndpoint.dll
17:42:14.0200 6992 C:\Windows\CCM\EndpointProtectionEndpoint.dll - ok
17:42:14.0255 6992 [ 7CE89B87FE5A7E02ECF16B6CDA249991 ] C:\Windows\CCM\AffinityAgent.dll
17:42:14.0256 6992 C:\Windows\CCM\AffinityAgent.dll - ok
17:42:14.0283 6992 [ 5FCAB3D61FFB6D21663DC73FF070F44E ] C:\Windows\CCM\ccmident.dll
17:42:14.0283 6992 C:\Windows\CCM\ccmident.dll - ok
17:42:14.0330 6992 [ 4ABDC635A2B0037343AA4221D98F03CB ] C:\Windows\CCM\ExternalEventEndpoint.dll
17:42:14.0331 6992 C:\Windows\CCM\ExternalEventEndpoint.dll - ok
17:42:14.0378 6992 [ 30839C4B9D6A16E606EDB1DB457422A0 ] C:\Windows\CCM\CCMAuthMessageHook.dll
17:42:14.0379 6992 C:\Windows\CCM\CCMAuthMessageHook.dll - ok
17:42:14.0420 6992 [ AD97EB9A36E2C4EFA14331AD1FE91847 ] C:\Windows\CCM\LSInterface.dll
17:42:14.0421 6992 C:\Windows\CCM\LSInterface.dll - ok
17:42:14.0469 6992 [ F02A533F517EB38333CB12A9E8963773 ] C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe
17:42:14.0470 6992 C:\Users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe - ok
17:42:14.0523 6992 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\goopdate.dll
17:42:14.0523 6992 C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\goopdate.dll - ok
17:42:14.0554 6992 [ E4024CCF225A936207294DE50925D4F6 ] C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll
17:42:14.0554 6992 C:\Users\Stephen\AppData\Local\Google\Update\1.3.21.123\goopdateres_en.dll - ok
17:42:14.0601 6992 [ 644CECF861FACE5F3E89578D04A83393 ] C:\Windows\CCM\smsclient.dll
17:42:14.0601 6992 C:\Windows\CCM\smsclient.dll - ok
17:42:14.0646 6992 [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
17:42:14.0646 6992 C:\Windows\System32\wbem\WMIADAP.exe - ok
17:42:14.0689 6992 [ 811BEC6BEDA8558C721F689F40FC9C05 ] C:\Windows\CCM\MtrMgr.dll
17:42:14.0690 6992 C:\Windows\CCM\MtrMgr.dll - ok
17:42:14.0732 6992 [ 7ADE3B07AC72A172562ED7F8C7DD21AA ] C:\Windows\CCM\SCNotification.exe
17:42:14.0732 6992 C:\Windows\CCM\SCNotification.exe - ok
17:42:14.0774 6992 [ ADB9A15F0747E2EE1CAAFF666D84FE9A ] C:\Windows\CCM\Prep.dll
17:42:14.0774 6992 C:\Windows\CCM\Prep.dll - ok
17:42:14.0815 6992 [ 33D52EA15D9BB30B84AB11BB39C23B36 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\c4bb9e953d4ca1c8c71e0a769d618dd1\WindowsBase.ni.dll
17:42:14.0815 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\c4bb9e953d4ca1c8c71e0a769d618dd1\WindowsBase.ni.dll - ok
17:42:14.0845 6992 [ F651FEA233BD5BD876A71FCE5CF7315D ] C:\Windows\CCM\MaintenanceCoordinator.dll
17:42:14.0846 6992 C:\Windows\CCM\MaintenanceCoordinator.dll - ok
17:42:14.0891 6992 [ CB66545DF361D22CE518E9024B7114D6 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\c6697e9495550f11186c5033e541fafb\PresentationCore.ni.dll
17:42:14.0892 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\c6697e9495550f11186c5033e541fafb\PresentationCore.ni.dll - ok
17:42:14.0935 6992 [ 31F25427B7EFA595CAFBA177E57F7FC0 ] C:\Windows\CCM\WUAHandler.dll
17:42:14.0935 6992 C:\Windows\CCM\WUAHandler.dll - ok
17:42:14.0977 6992 [ 794E25B24136368C1FBDF954DEED2F01 ] C:\Windows\CCM\pdpagent.dll
17:42:14.0978 6992 C:\Windows\CCM\pdpagent.dll - ok
17:42:15.0027 6992 [ 06DA27B9721CCF1722F77B14510B28B9 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\5bc4dbfc86fc45e18bd4fe54764163d6\PresentationFramework.ni.dll
17:42:15.0027 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio5ae0f00f#\5bc4dbfc86fc45e18bd4fe54764163d6\PresentationFramework.ni.dll - ok
17:42:15.0069 6992 [ FD80E35FCB52A2F76BB351C57F25612F ] C:\Windows\CCM\CIStore.dll
17:42:15.0070 6992 C:\Windows\CCM\CIStore.dll - ok
17:42:15.0106 6992 [ 75C128FF012D6109755A8C8E2C84E369 ] C:\Windows\CCM\CcmSqlCE.dll
17:42:15.0107 6992 C:\Windows\CCM\CcmSqlCE.dll - ok
17:42:15.0149 6992 [ 7BD68F0C5433E7C4A849A5D73306CEFE ] C:\Windows\CCM\sqlceoledb35.dll
17:42:15.0149 6992 C:\Windows\CCM\sqlceoledb35.dll - ok
17:42:15.0192 6992 [ 5BA0323EA6A28EF35BDB92A2F08D6308 ] C:\Windows\CCM\sqlceer35EN.dll
17:42:15.0193 6992 C:\Windows\CCM\sqlceer35EN.dll - ok
17:42:15.0232 6992 [ A477144E3CF2EE904CAFB3E968394139 ] C:\Windows\CCM\sqlcese35.dll
17:42:15.0233 6992 C:\Windows\CCM\sqlcese35.dll - ok
17:42:15.0274 6992 [ EEDC10914542022CA2956CA41E5184EC ] C:\Windows\CCM\sqlceqp35.dll
17:42:15.0274 6992 C:\Windows\CCM\sqlceqp35.dll - ok
17:42:15.0335 6992 [ D7369697F7C2F9DD04F4C1479B98A454 ] C:\Windows\CCM\CIStateStore.dll
17:42:15.0336 6992 C:\Windows\CCM\CIStateStore.dll - ok
17:42:15.0392 6992 [ 7426279D625196393EABBEFE1C60A0C2 ] C:\Windows\System32\DWrite.dll
17:42:15.0393 6992 C:\Windows\System32\DWrite.dll - ok
17:42:15.0448 6992 [ C46FFAF88FD719CECA33CDA7EEB534FC ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll
17:42:15.0449 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
17:42:15.0496 6992 [ B15CD492707C3D719B1B435D8F6E2F2E ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll
17:42:15.0497 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
17:42:15.0544 6992 [ 20A52B23E4CCB5A3632B0AEC2C11C95B ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\2e9aaf6ef4a1d3e19f11d93f4e09d5e2\Microsoft.VisualBasic.ni.dll
17:42:15.0545 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\2e9aaf6ef4a1d3e19f11d93f4e09d5e2\Microsoft.VisualBasic.ni.dll - ok
17:42:15.0593 6992 [ 79FC794A50048057FC14A4724886D86B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll
17:42:15.0593 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\diasymreader.dll - ok
17:42:15.0625 6992 [ 67B49A3F928B79121FAE9AD805D12CFD ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\fe0b5caab219a62708e42ad3ab7f0440\System.Drawing.ni.dll
17:42:15.0625 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\fe0b5caab219a62708e42ad3ab7f0440\System.Drawing.ni.dll - ok
17:42:15.0673 6992 [ 44ADBCA7718147180F365A12C334A675 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3fac3f0dccd0fdc80be79bd7fcf2261a\System.Windows.Forms.ni.dll
17:42:15.0674 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3fac3f0dccd0fdc80be79bd7fcf2261a\System.Windows.Forms.ni.dll - ok
17:42:15.0722 6992 [ 319E9BA563E55C170958735195EC78D2 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\29d94c7eaf97f31c46ae0cf4a1aed460\System.Runtime.Remoting.ni.dll
17:42:15.0722 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runt73a1fc9d#\29d94c7eaf97f31c46ae0cf4a1aed460\System.Runtime.Remoting.ni.dll - ok
17:42:15.0771 6992 [ B3276BCF7C7F69385C91AB669180A667 ] C:\Windows\CCM\CIDownloader.dll
17:42:15.0772 6992 C:\Windows\CCM\CIDownloader.dll - ok
17:42:15.0821 6992 [ 41536BDAF67CF434E61516CFA8C3966E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\f50fcbf1beffc72fbacdc777b230d04b\System.Management.ni.dll
17:42:15.0822 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Management\f50fcbf1beffc72fbacdc777b230d04b\System.Management.ni.dll - ok
17:42:15.0853 6992 [ 757219D33FCD0B246011AA708B86557D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll
17:42:15.0853 6992 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WMINet_Utils.dll - ok
17:42:15.0901 6992 [ 40220D13DECBF7FDA1560D77C57F40D9 ] C:\Windows\CCM\CIAgent.dll
17:42:15.0901 6992 C:\Windows\CCM\CIAgent.dll - ok
17:42:15.0942 6992 [ E7A83239F7BE9C919AEC7F0CC85B643A ] C:\Windows\CCM\ccmsdkprovider.dll
17:42:15.0942 6992 C:\Windows\CCM\ccmsdkprovider.dll - ok
17:42:15.0983 6992 [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
17:42:15.0983 6992 C:\Windows\System32\d3d9.dll - ok
17:42:16.0026 6992 [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
17:42:16.0026 6992 C:\Windows\System32\d3d8thk.dll - ok
17:42:16.0067 6992 [ A4DA994E627A7A41A6C573E40EA83D18 ] C:\Windows\System32\atiu9p64.dll
17:42:16.0067 6992 C:\Windows\System32\atiu9p64.dll - ok
17:42:16.0109 6992 [ 04991C71CA2A48FC11A8E47349E5B65D ] C:\Windows\System32\atiumd64.dll
17:42:16.0109 6992 C:\Windows\System32\atiumd64.dll - ok
17:42:16.0148 6992 [ 73BC44DEFC18CA00AA570A74444437D6 ] C:\Windows\System32\atiumd6a.dll
17:42:16.0148 6992 C:\Windows\System32\atiumd6a.dll - ok
17:42:16.0194 6992 [ 3DC68F41B2C87D237E803C96BC181EE2 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\bbd9373ccdee2c9366f5c1d05642971e\PresentationFramework.Aero.ni.dll
17:42:16.0194 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio1c9175f8#\bbd9373ccdee2c9366f5c1d05642971e\PresentationFramework.Aero.ni.dll - ok
17:42:16.0245 6992 [ 6E90F83D0E253B2B060963EB72819B35 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\942e02ca7afbfefcc4b726816cb50f0b\PresentationFramework-SystemXml.ni.dll
17:42:16.0246 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\Presentatio49d6fefe#\942e02ca7afbfefcc4b726816cb50f0b\PresentationFramework-SystemXml.ni.dll - ok
17:42:16.0293 6992 [ 2EFE164449F1C62CEA167B10850CD9F1 ] C:\Windows\System32\msctfui.dll
17:42:16.0294 6992 C:\Windows\System32\msctfui.dll - ok
17:42:16.0339 6992 [ 572B8025D2A68C84B4F65734E284E163 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\796bd368f8f32cd37b5ebdf260639743\UIAutomationTypes.ni.dll
17:42:16.0340 6992 C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAutomationTypes\796bd368f8f32cd37b5ebdf260639743\UIAutomationTypes.ni.dll - ok
17:42:16.0373 6992 [ 67A691E9CA6127F00EDD0C41C1DBA688 ] C:\Windows\CCM\ExecMgr_ps.dll
17:42:16.0373 6992 C:\Windows\CCM\ExecMgr_ps.dll - ok
17:42:16.0422 6992 [ 477753F2E55833B19393C9B8FD5A6CB9 ] C:\Windows\CCM\UpdatesDeployment_ps.dll
17:42:16.0422 6992 C:\Windows\CCM\UpdatesDeployment_ps.dll - ok
17:42:16.0468 6992 [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
17:42:16.0468 6992 C:\Windows\System32\QAGENT.DLL - ok
17:42:16.0525 6992 [ 2F9BD1B9DFE4E3CF922559650B051E5C ] C:\Windows\CCM\ccmcisdk.dll
17:42:16.0526 6992 C:\Windows\CCM\ccmcisdk.dll - ok
17:42:16.0564 6992 [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
17:42:16.0565 6992 C:\Windows\System32\QUTIL.DLL - ok
17:42:16.0606 6992 [ 535898BD1FEBF990CEABF61ED0CD22C2 ] C:\Windows\CCM\dcmagent.dll
17:42:16.0607 6992 C:\Windows\CCM\dcmagent.dll - ok
17:42:16.0633 6992 [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
17:42:16.0633 6992 C:\Windows\System32\oleres.dll - ok
17:42:16.0677 6992 [ 9D0A4E487F7BE515049ED70F4D41D437 ] C:\Program Files\Microsoft Policy Platform\policyHost.exe
17:42:16.0677 6992 C:\Program Files\Microsoft Policy Platform\policyHost.exe - ok
17:42:16.0721 6992 [ C18D6EA397BEB9DE76D1817251AED702 ] C:\Program Files\Microsoft Policy Platform\lpa.dll
17:42:16.0723 6992 C:\Program Files\Microsoft Policy Platform\lpa.dll - ok
17:42:16.0765 6992 [ 574556B24E7FFE24ED324E32A609EA67 ] C:\Program Files\Microsoft Policy Platform\sqlceoledb35.dll
17:42:16.0766 6992 C:\Program Files\Microsoft Policy Platform\sqlceoledb35.dll - ok
17:42:16.0814 6992 [ BD3F0CAA82228E8B81E1AB34432A2F9F ] C:\Program Files\Microsoft Policy Platform\sqlceer35EN.dll
17:42:16.0814 6992 C:\Program Files\Microsoft Policy Platform\sqlceer35EN.dll - ok
17:42:16.0867 6992 [ DCC322F2BCF22CE8C8BBAB89CA376C51 ] C:\Program Files\Microsoft Policy Platform\sqlcese35.dll
17:42:16.0868 6992 C:\Program Files\Microsoft Policy Platform\sqlcese35.dll - ok
17:42:16.0893 6992 [ B61426A70E8C1C2E5232BBCB20EE40E3 ] C:\Program Files\Microsoft Policy Platform\sqlceqp35.dll
17:42:16.0893 6992 C:\Program Files\Microsoft Policy Platform\sqlceqp35.dll - ok
17:42:16.0942 6992 [ 197FC8DB46FD53D764FA14ED5BBF024B ] C:\Windows\CCM\PwrAgentEndpoint.dll
17:42:16.0943 6992 C:\Windows\CCM\PwrAgentEndpoint.dll - ok
17:42:16.0985 6992 [ 5D92820248183C4DC7F762DE1D2B8441 ] C:\Windows\CCM\PwrEventTask.dll
17:42:16.0985 6992 C:\Windows\CCM\PwrEventTask.dll - ok
17:42:17.0028 6992 [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
17:42:17.0028 6992 C:\Windows\System32\msidle.dll - ok
17:42:17.0067 6992 [ A75D9635DABD37ABCE22FE9917A46BFE ] C:\Windows\CCM\dcmagent_ps.dll
17:42:17.0067 6992 C:\Windows\CCM\dcmagent_ps.dll - ok
17:42:17.0110 6992 [ 030DBFF1AC028547F309F0FA6C2B9AC4 ] C:\Windows\CCM\RebootCoord_ps.dll
17:42:17.0110 6992 C:\Windows\CCM\RebootCoord_ps.dll - ok
17:42:17.0151 6992 [ 4947AB26D8C3E402B153B3A5BB615495 ] C:\Windows\System32\tscfgwmi.dll
17:42:17.0152 6992 C:\Windows\System32\tscfgwmi.dll - ok
17:42:17.0181 6992 [ E377BBA01F34E4183C32E5BBD688CE83 ] C:\Windows\System32\regapi.dll
17:42:17.0182 6992 C:\Windows\System32\regapi.dll - ok
17:42:17.0221 6992 [ 2837668C8C607C8FB69112B4EC9C3810 ] C:\Windows\System32\cfgbkend.dll
17:42:17.0222 6992 C:\Windows\System32\cfgbkend.dll - ok
17:42:17.0266 6992 [ BAFBBD9D6A9FF4085036C25D060A754C ] C:\Windows\System32\utildll.dll
17:42:17.0266 6992 C:\Windows\System32\utildll.dll - ok
17:42:17.0306 6992 [ EF00EAD1A0C4978C685BEB83FF1C9EF6 ] C:\Windows\System32\rdpcfgex.dll
17:42:17.0307 6992 C:\Windows\System32\rdpcfgex.dll - ok
17:42:17.0353 6992 [ B88E5340A5A50B53310B00DA455FB4FA ] C:\Windows\System32\wbem\stdprov.dll
17:42:17.0353 6992 C:\Windows\System32\wbem\stdprov.dll - ok
17:42:17.0404 6992 [ 3171CA03ECEDDEAF01E0D80CDFDDF29E ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\mssearch.exe
17:42:17.0404 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\mssearch.exe - ok
17:42:17.0436 6992 [ E1A7BD56430ED2E4934F7D88009137A1 ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\mssrch.dll
17:42:17.0436 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\mssrch.dll - ok
17:42:17.0483 6992 [ 464D1022EB44C624D4D599ED9892F33A ] C:\Windows\CCM\SCUpdateMgr.dll
17:42:17.0483 6992 C:\Windows\CCM\SCUpdateMgr.dll - ok
17:42:17.0525 6992 [ FF2B106909EED48C536DA04742C0324A ] C:\Windows\System32\Query.dll
17:42:17.0526 6992 C:\Windows\System32\Query.dll - ok
17:42:17.0573 6992 [ B40F2D462687028F770DDADF882D1E7A ] C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\tquery.dll
17:42:17.0573 6992 C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\BIN\tquery.dll - ok
17:42:17.0620 6992 [ 740860EA65F8003503D97E1BF43A7BF6 ] C:\Program Files\Common Files\System\Ole DB\oledb32.dll
17:42:17.0621 6992 C:\Program Files\Common Files\System\Ole DB\oledb32.dll - ok
17:42:17.0674 6992 [ CDD78E8E82C863A102CC2252255A614D ] C:\Windows\System32\msdart.dll
17:42:17.0674 6992 C:\Windows\System32\msdart.dll - ok
17:42:17.0724 6992 [ B8D21199FA5AD6A5C4C991247A2ECA36 ] C:\Program Files\Common Files\System\Ole DB\oledb32r.dll
17:42:17.0724 6992 C:\Program Files\Common Files\System\Ole DB\oledb32r.dll - ok
17:42:17.0781 6992 [ F1C09EE3A594B19DD1F4B4AEA9E353C9 ] C:\Windows\System32\comsvcs.dll
17:42:17.0781 6992 C:\Windows\System32\comsvcs.dll - ok
17:42:17.0824 6992 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
17:42:17.0824 6992 C:\Windows\SysWOW64\sfc.dll - ok
17:42:17.0863 6992 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
17:42:17.0863 6992 C:\Windows\SysWOW64\sfc_os.dll - ok
17:42:17.0905 6992 [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
17:42:17.0906 6992 C:\Windows\SysWOW64\devrtl.dll - ok
17:42:17.0947 6992 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
17:42:17.0948 6992 C:\Windows\SysWOW64\mpr.dll - ok
17:42:17.0998 6992 [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
17:42:17.0998 6992 C:\Windows\System32\ie4uinit.exe - ok
17:42:18.0035 6992 [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
17:42:18.0035 6992 C:\Windows\System32\iedkcs32.dll - ok
17:42:18.0076 6992 [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
17:42:18.0076 6992 C:\Windows\System32\themeui.dll - ok
17:42:18.0119 6992 [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
17:42:18.0120 6992 C:\Windows\System32\timedate.cpl - ok
17:42:18.0164 6992 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
17:42:18.0164 6992 C:\Windows\SysWOW64\dnsapi.dll - ok
17:42:18.0207 6992 [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
17:42:18.0208 6992 C:\Windows\System32\actxprxy.dll - ok
17:42:18.0253 6992 [ 12B79422A23814429CDA9E734C58F78F ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:42:18.0253 6992 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:42:18.0285 6992 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
17:42:18.0285 6992 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:42:18.0327 6992 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:42:18.0328 6992 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:42:18.0378 6992 [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
17:42:18.0378 6992 C:\Windows\System32\shdocvw.dll - ok
17:42:18.0426 6992 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\44020788.sys
17:42:18.0427 6992 C:\Windows\System32\drivers\44020788.sys - ok
17:42:18.0469 6992 [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
17:42:18.0469 6992 C:\Windows\System32\linkinfo.dll - ok
17:42:18.0513 6992 [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:42:18.0513 6992 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:42:18.0544 6992 [ 661CEEDE98A2E0E5CDD7DE239EB38353 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
17:42:18.0544 6992 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
17:42:18.0586 6992 [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
17:42:18.0586 6992 C:\Windows\System32\gameux.dll - ok
17:42:18.0627 6992 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
17:42:18.0627 6992 C:\Windows\SysWOW64\riched20.dll - ok
17:42:18.0669 6992 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:42:18.0669 6992 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:42:18.0710 6992 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
17:42:18.0710 6992 C:\Windows\SysWOW64\duser.dll - ok
17:42:18.0750 6992 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
17:42:18.0751 6992 C:\Windows\SysWOW64\dui70.dll - ok
17:42:18.0791 6992 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
17:42:18.0791 6992 C:\Windows\System32\msftedit.dll - ok
17:42:18.0858 6992 [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
17:42:18.0858 6992 C:\Windows\System32\msls31.dll - ok
17:42:18.0906 6992 [ 1A493ED42BA0FA488518A79C3A96B46A ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:42:18.0907 6992 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
17:42:18.0956 6992 [ C973C36D057A121A8BB940CB74AFF53F ] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
17:42:18.0959 6992 C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe - ok
17:42:19.0007 6992 [ 75DB69BA8484879885896C8570DF1424 ] C:\Windows\System32\adsnt.dll
17:42:19.0008 6992 C:\Windows\System32\adsnt.dll - ok
17:42:19.0058 6992 [ 0DC4F0282238AAF4F044626B1BFBB1D4 ] C:\Windows\System32\SynCOM.dll
17:42:19.0058 6992 C:\Windows\System32\SynCOM.dll - ok
17:42:19.0115 6992 [ C71E7ABB1A34E56CE73AE117C8DD566F ] C:\Windows\System32\ieframe.dll
17:42:19.0116 6992 C:\Windows\System32\ieframe.dll - ok
17:42:19.0171 6992 [ 10D333207797686BBAEF0E4879CB0EFC ] C:\Windows\System32\SynTPAPI.dll
17:42:19.0172 6992 C:\Windows\System32\SynTPAPI.dll - ok
17:42:19.0223 6992 [ BE9320CEB453839E3C85615937C1D4F5 ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
17:42:19.0224 6992 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
17:42:19.0266 6992 [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
17:42:19.0266 6992 C:\Windows\System32\consent.exe - ok
17:42:19.0312 6992 [ 762AA3B81B1B83BC300E68E18FFBEECB ] C:\Program Files\Synaptics\SynTP\DellTpad.exe
17:42:19.0312 6992 C:\Program Files\Synaptics\SynTP\DellTpad.exe - ok
17:42:19.0344 6992 [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
17:42:19.0344 6992 C:\Windows\System32\msimg32.dll - ok
17:42:19.0387 6992 [ 65600640A94863057D4AAB7258624310 ] C:\Program Files\Microsoft IntelliType Pro\itype.exe
17:42:19.0388 6992 C:\Program Files\Microsoft IntelliType Pro\itype.exe - ok
17:42:19.0434 6992 [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
17:42:19.0434 6992 C:\Windows\System32\DeviceCenter.dll - ok
17:42:19.0479 6992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll
17:42:19.0480 6992 C:\Program Files\Microsoft IntelliType Pro\SQMAPI.dll - ok
17:42:19.0522 6992 [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
17:42:19.0522 6992 C:\Windows\System32\thumbcache.dll - ok
17:42:19.0564 6992 [ 6AEE3BBB1E1CF7B6E8EEC122CE21B020 ] C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll
17:42:19.0564 6992 C:\Program Files\Microsoft IntelliType Pro\dpgmkb.dll - ok
17:42:19.0595 6992 [ 0080231EC57D26B380F630CC790DAB85 ] C:\Program Files\Microsoft IntelliPoint\ipoint.exe
17:42:19.0595 6992 C:\Program Files\Microsoft IntelliPoint\ipoint.exe - ok
17:42:19.0644 6992 [ D79D19EC66106119DCD45D042C6B5170 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll
17:42:19.0644 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\88f8a6436dc95497fce0dae347646e53\System.Drawing.ni.dll - ok
17:42:19.0690 6992 [ EADFC95980BC24DF3C7EE5B2CD38F043 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll
17:42:19.0691 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\d6af7216038720b1adeca71e81c14bd6\System.Windows.Forms.ni.dll - ok
17:42:19.0736 6992 [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll
17:42:19.0736 6992 C:\Program Files\Microsoft IntelliPoint\SQMAPI.dll - ok
17:42:19.0779 6992 [ 1D5BADF51C73219837A82B739C95C2CC ] C:\Program Files\IDT\WDM\sttray64.exe
17:42:19.0779 6992 C:\Program Files\IDT\WDM\sttray64.exe - ok
17:42:19.0820 6992 [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
17:42:19.0820 6992 C:\Windows\System32\networkexplorer.dll - ok
17:42:19.0868 6992 [ 11D3FB66BF2AAA7A252D5E9D8C62E7DA ] C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll
17:42:19.0868 6992 C:\Program Files\Microsoft IntelliPoint\dpgmkb.dll - ok
17:42:19.0899 6992 [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
17:42:19.0900 6992 C:\Windows\System32\mfc42u.dll - ok
17:42:19.0951 6992 [ 9040A817D976550912A74B67D2A1DA0A ] C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
17:42:19.0951 6992 C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe - ok
17:42:20.0008 6992 [ 0DC6669BC2B552C0ECC905B6B761F508 ] C:\Program Files\Microsoft Security Client\msseces.exe
17:42:20.0008 6992 C:\Program Files\Microsoft Security Client\msseces.exe - ok
17:42:20.0058 6992 [ 24ACB86A6D06931F61C1D6A328C7FDDD ] C:\Program Files\IDT\WDM\stlang64.dll
17:42:20.0058 6992 C:\Program Files\IDT\WDM\stlang64.dll - ok
17:42:20.0105 6992 [ 69C5596B0367432A92B68AE100656709 ] C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
17:42:20.0106 6992 C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE - ok
17:42:20.0135 6992 [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
17:42:20.0135 6992 C:\Windows\System32\UIAnimation.dll - ok
17:42:20.0188 6992 [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
17:42:20.0189 6992 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
17:42:20.0242 6992 [ 446B03772189820C3CCEEA0C8BF8BA1E ] C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
17:42:20.0242 6992 C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe - ok
17:42:20.0291 6992 [ 74354790ECAE60C11631BD7856C0AFD0 ] C:\Windows\KHALMNPR.Exe
17:42:20.0292 6992 C:\Windows\KHALMNPR.Exe - ok
17:42:20.0334 6992 [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
17:42:20.0334 6992 C:\Program Files\Windows Sidebar\sidebar.exe - ok
17:42:20.0391 6992 [ A2482057CC07E43E5E0CA436F0607A9F ] C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll
17:42:20.0392 6992 C:\Program Files\Microsoft IntelliType Pro\dpgcmd.dll - ok
17:42:20.0427 6992 [ C40894A0E9031191674FEE74D4C7C473 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
17:42:20.0427 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - ok
17:42:20.0471 6992 [ 2D840805B9125AF39507700FE8965D8D ] C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll
17:42:20.0471 6992 C:\Program Files\WIDCOMM\Bluetooth Software\Btwapi.dll - ok
17:42:20.0514 6992 [ 25107F58D1B8F60D67D1EE95798C0DE8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
17:42:20.0514 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
17:42:20.0559 6992 [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
17:42:20.0560 6992 C:\Windows\System32\stobject.dll - ok
17:42:20.0605 6992 [ E70028B34EDB7739E0B499770F2954C3 ] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EmbassyStatus.dll
17:42:20.0605 6992 C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EmbassyStatus.dll - ok
17:42:20.0651 6992 [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
17:42:20.0652 6992 C:\Windows\System32\batmeter.dll - ok
17:42:20.0684 6992 [ 78BFC4EA95666D5CC8DA346F2A0742EB ] C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll
17:42:20.0684 6992 C:\Program Files\Microsoft IntelliType Pro\Components\Commands\DPGHnt\DPGHnt.dll - ok
17:42:20.0731 6992 [ 7CB14FD41A0ADC538FDB65CE31C659C5 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll
17:42:20.0731 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btosif.dll - ok
17:42:20.0773 6992 [ E63E20EB05EB5569FB53EC7507CB4B53 ] C:\Windows\System32\Wavx_ESC_Logging.dll
17:42:20.0773 6992 C:\Windows\System32\Wavx_ESC_Logging.dll - ok
17:42:20.0821 6992 [ 0116B6ECF4980DAF3FFC3B8A6C69974A ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:42:20.0821 6992 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
17:42:20.0867 6992 [ 878AD98DC9ECD14CA733DFCCA3069CBC ] C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll
17:42:20.0868 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btwhidcs.dll - ok
17:42:20.0916 6992 [ C51B3679DB08D11F49367D3A7CCA9E3C ] C:\Program Files (x86)\Microsoft Lync\communicator.exe
17:42:20.0916 6992 C:\Program Files (x86)\Microsoft Lync\communicator.exe - ok
17:42:20.0948 6992 [ 61F9930A4D57A26878C0803118DF95DB ] C:\Windows\SysWOW64\atiadlxy.dll
17:42:20.0948 6992 C:\Windows\SysWOW64\atiadlxy.dll - ok
17:42:20.0991 6992 [ 11BE2933DA0600DE6A644C3A492675F4 ] C:\Windows\System32\irprops.cpl
17:42:20.0991 6992 C:\Windows\System32\irprops.cpl - ok
17:42:21.0032 6992 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
17:42:21.0033 6992 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:42:21.0074 6992 [ E39BA1F4A17F31B935CB31D2358198B0 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll
17:42:21.0074 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll - ok
17:42:21.0130 6992 [ 2A72853494912BB034AF7AC1C86EC04E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
17:42:21.0130 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll - ok
17:42:21.0192 6992 [ AC6A3801F3CDE7EB41B3F52E9B0A1C2B ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
17:42:21.0193 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll - ok
17:42:21.0228 6992 [ 0CE4611DF2E9A6DB302606BBE9465DF5 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll
17:42:21.0229 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtwRSupport.dll - ok
17:42:21.0278 6992 [ EA2D140310F69681D8ABE53FEB380FDA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
17:42:21.0278 6992 C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll - ok
17:42:21.0321 6992 [ CFF3C4ABDCC5356B0674743BDF0FB674 ] C:\Windows\System32\mshtml.dll
17:42:21.0322 6992 C:\Windows\System32\mshtml.dll - ok
17:42:21.0368 6992 [ 0EF84F10C403BE55DB972677355D223F ] C:\Program Files (x86)\Microsoft Lync\Uc.dll
17:42:21.0368 6992 C:\Program Files (x86)\Microsoft Lync\Uc.dll - ok
17:42:21.0418 6992 [ B3CE0951E3C1EA3C733573C472EE85F9 ] C:\Windows\System32\msimtf.dll
17:42:21.0419 6992 C:\Windows\System32\msimtf.dll - ok
17:42:21.0458 6992 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:42:21.0459 6992 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:42:21.0507 6992 [ 36D979DB9C462D8D4F24A0CB9CA2DE1C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sfttray.exe
17:42:21.0508 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sfttray.exe - ok
17:42:21.0555 6992 [ 9568BB33BBAD356EDD6CDE988E570523 ] C:\Windows\System32\jscript9.dll
17:42:21.0555 6992 C:\Windows\System32\jscript9.dll - ok
17:42:21.0600 6992 [ B20AE6BF86871EDAD0AB2342E0C98F11 ] C:\Program Files (x86)\Microsoft Lync\psom.dll
17:42:21.0600 6992 C:\Program Files (x86)\Microsoft Lync\psom.dll - ok
17:42:21.0647 6992 [ 50093278F90AB4843A65C6114DCB3773 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
17:42:21.0648 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe - ok
17:42:21.0696 6992 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:42:21.0696 6992 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:42:21.0725 6992 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:42:21.0726 6992 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:42:21.0771 6992 [ 1F04E809409A9B5FFD510B5FD89A1155 ] C:\Windows\System32\d2d1.dll
17:42:21.0771 6992 C:\Windows\System32\d2d1.dll - ok
17:42:21.0814 6992 [ 68D45D36DD827738A2F2E8E21E53C193 ] C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
17:42:21.0814 6992 C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE - ok
17:42:21.0858 6992 [ 85218271191D2B11D3E6B40C8D9257B3 ] C:\Program Files (x86)\Microsoft Lync\ocimport.dll
17:42:21.0858 6992 C:\Program Files (x86)\Microsoft Lync\ocimport.dll - ok
17:42:21.0899 6992 [ 64ABE1250EC1A1CFD1442E7C8800216E ] C:\Windows\System32\d3d10warp.dll
17:42:21.0899 6992 C:\Windows\System32\d3d10warp.dll - ok
17:42:21.0945 6992 [ 47BDDC78E40C2917EFCD75A659436F3D ] C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe
17:42:21.0946 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_explorer.exe - ok
17:42:21.0987 6992 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\SysWOW64\hid.dll
17:42:21.0987 6992 C:\Windows\SysWOW64\hid.dll - ok
17:42:22.0022 6992 [ A3A1891CDDBDEFC48CEC620832C4A1BC ] C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll
17:42:22.0022 6992 C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_ENU.dll - ok
17:42:22.0065 6992 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
17:42:22.0065 6992 C:\Windows\SysWOW64\cryptui.dll - ok
17:42:22.0106 6992 [ E6696590758594B5BE8CB5D886586BAB ] C:\Program Files\WIDCOMM\Bluetooth Software\BTWUIExt.exe
17:42:22.0107 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BTWUIExt.exe - ok
17:42:22.0156 6992 [ 54EC0948BC2AC7B432F0058E1ADA1F87 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
17:42:22.0157 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
17:42:22.0201 6992 [ 1E8D06AAE74FED674C1156B3FEA911C2 ] C:\Windows\SysWOW64\Faultrep.dll
17:42:22.0201 6992 C:\Windows\SysWOW64\Faultrep.dll - ok
17:42:22.0256 6992 [ 778D22868A91E4C142A838CADED561C0 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
17:42:22.0256 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
17:42:22.0292 6992 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
17:42:22.0292 6992 C:\Windows\System32\prnfldr.dll - ok
17:42:22.0355 6992 [ 3EBCE609DC5AE828CD256337E384FE15 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll
17:42:22.0355 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtAudioHelper.dll - ok
17:42:22.0413 6992 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\SysWOW64\credui.dll
17:42:22.0414 6992 C:\Windows\SysWOW64\credui.dll - ok
17:42:22.0466 6992 [ 330CD386A113DFC1F172CF10D1F08B11 ] C:\Program Files\Wave Systems Corp\Common\SecureLoginSupport.dll
17:42:22.0466 6992 C:\Program Files\Wave Systems Corp\Common\SecureLoginSupport.dll - ok
17:42:22.0521 6992 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
17:42:22.0521 6992 C:\Windows\SysWOW64\dsound.dll - ok
17:42:22.0557 6992 [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
17:42:22.0557 6992 C:\Windows\System32\fdProxy.dll - ok
17:42:22.0608 6992 [ 64F785D95FD0008DE0CCF717FE771783 ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll
17:42:22.0608 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_ol.dll - ok
17:42:22.0651 6992 [ B079C2629E54EF8C82F3644CE6C9BFFC ] C:\Windows\System32\adsldp.dll
17:42:22.0652 6992 C:\Windows\System32\adsldp.dll - ok
17:42:22.0698 6992 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
17:42:22.0699 6992 C:\Windows\SysWOW64\powrprof.dll - ok
17:42:22.0740 6992 [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
17:42:22.0741 6992 C:\Windows\System32\DXP.dll - ok
17:42:22.0786 6992 [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
17:42:22.0786 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
17:42:22.0818 6992 [ 2E4A209BE58A9D666F14B8AFDBFD40DA ] C:\Windows\System32\drivers\Sftvolwin7.sys
17:42:22.0818 6992 C:\Windows\System32\drivers\Sftvolwin7.sys - ok
17:42:22.0864 6992 [ DB5BC0C7F25A33590E37FDE869124B9F ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll
17:42:22.0865 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_olx.dll - ok
17:42:22.0907 6992 [ 8771BEDEAD950014EEDF6EEFE4A68066 ] C:\Windows\System32\scrrun.dll
17:42:22.0907 6992 C:\Windows\System32\scrrun.dll - ok
17:42:22.0947 6992 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
17:42:22.0948 6992 C:\Windows\System32\Syncreg.dll - ok
17:42:22.0992 6992 [ 3DCC84D1F63E5F7CB56F229D2149AB5D ] C:\Windows\System32\wshom.ocx
17:42:22.0992 6992 C:\Windows\System32\wshom.ocx - ok
17:42:23.0043 6992 [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
17:42:23.0044 6992 C:\Windows\ehome\ehSSO.dll - ok
17:42:23.0081 6992 [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
17:42:23.0082 6992 C:\Windows\System32\mapi32.dll - ok
17:42:23.0126 6992 [ 5736554195F5DEC010DCAF563066CD7B ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll
17:42:23.0127 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_notes.dll - ok
17:42:23.0170 6992 [ D6427CE5818D6D4E6B4B9E1948253503 ] C:\Windows\System32\drivers\Sftfswin7.sys
17:42:23.0170 6992 C:\Windows\System32\drivers\Sftfswin7.sys - ok
17:42:23.0214 6992 [ 754A0C324ECA95AE4F708D01EF27060E ] C:\Windows\System32\wbem\wbemdisp.dll
17:42:23.0214 6992 C:\Windows\System32\wbem\wbemdisp.dll - ok
17:42:23.0261 6992 [ B777C9CE5731407502B76AF1C0077233 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll
17:42:23.0261 6992 C:\Program Files (x86)\Microsoft Lync\MUI\0409\LCLang.dll - ok
17:42:23.0303 6992 [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
17:42:23.0303 6992 C:\Windows\System32\WPDShServiceObj.dll - ok
17:42:23.0334 6992 [ 50F9394F53CF8015C703EBD2EF3BABC6 ] C:\Windows\System32\LocationApi.dll
17:42:23.0334 6992 C:\Windows\System32\LocationApi.dll - ok
17:42:23.0378 6992 [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
17:42:23.0379 6992 C:\Windows\System32\ActionCenter.dll - ok
17:42:23.0431 6992 [ 9111354A308612483F8DA995A1DD1835 ] C:\Windows\System32\SensorsApi.dll
17:42:23.0431 6992 C:\Windows\System32\SensorsApi.dll - ok
17:42:23.0500 6992 [ FDC4D99490C00AF9AE3080DD3C0D23ED ] C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll
17:42:23.0501 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtMmHook.dll - ok
17:42:23.0553 6992 [ 8FA7B622B02BFCBD2EA21DB1C284696B ] C:\Program Files (x86)\Microsoft Lync\CURes.dll
17:42:23.0553 6992 C:\Program Files (x86)\Microsoft Lync\CURes.dll - ok
17:42:23.0582 6992 [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
17:42:23.0582 6992 C:\Windows\System32\FXSST.dll - ok
17:42:23.0629 6992 [ 65903C19E6336DD4904E6E513DF4D03D ] C:\Windows\System32\drivers\Sftplaywin7.sys
17:42:23.0629 6992 C:\Windows\System32\drivers\Sftplaywin7.sys - ok
17:42:23.0678 6992 [ CB397EF7B2DD6C3ABAAFA86DBAF47F9A ] C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll
17:42:23.0679 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btosif_wincal.dll - ok
17:42:23.0723 6992 [ 759194CDE3BB7622FF2F80FC7FE11B5C ] C:\Program Files (x86)\Microsoft Lync\UccApi.dll
17:42:23.0724 6992 C:\Program Files (x86)\Microsoft Lync\UccApi.dll - ok
17:42:23.0766 6992 [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
17:42:23.0767 6992 C:\Windows\System32\FXSAPI.dll - ok
17:42:23.0812 6992 [ 84DBE4108A5C4CABE0333367ABFCC71B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:42:23.0813 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
17:42:23.0841 6992 [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
17:42:23.0842 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
17:42:23.0890 6992 [ CE6196784066D1109A347CA3B0650C8A ] C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll
17:42:23.0890 6992 C:\Program Files\WIDCOMM\Bluetooth Software\btdev.dll - ok
17:42:23.0934 6992 [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
17:42:23.0935 6992 C:\Windows\System32\FXSRESM.dll - ok
17:42:23.0987 6992 [ DCC5600F18265FE9C8FE2B6E1F30C405 ] C:\Program Files\WIDCOMM\Bluetooth Software\bt2k_ins.dll
17:42:23.0987 6992 C:\Program Files\WIDCOMM\Bluetooth Software\bt2k_ins.dll - ok
17:42:24.0028 6992 [ 0F1B052FA2A3506C287B271F6D99E101 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:42:24.0028 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
17:42:24.0072 6992 [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
17:42:24.0073 6992 C:\Windows\System32\srchadmin.dll - ok
17:42:24.0102 6992 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
17:42:24.0102 6992 C:\Windows\System32\FXSSVC.exe - ok
17:42:24.0146 6992 [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
17:42:24.0146 6992 C:\Windows\System32\webcheck.dll - ok
17:42:24.0195 6992 [ C61D476C867D215FB9CE136CE6BF0C14 ] C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
17:42:24.0195 6992 C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll - ok
17:42:24.0238 6992 [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
17:42:24.0239 6992 C:\Windows\System32\regsvr32.exe - ok
17:42:24.0284 6992 [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
17:42:24.0285 6992 C:\Windows\System32\SyncCenter.dll - ok
17:42:24.0326 6992 [ 4131E3CC43C48DC4BBDD0C304F88ADBC ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll
17:42:24.0326 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtWizard.dll - ok
17:42:24.0356 6992 [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
17:42:24.0356 6992 C:\Windows\System32\wdmaud.drv - ok
17:42:24.0403 6992 [ F2545AE2D9E360EC7FB8D4993C731F19 ] C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll
17:42:24.0403 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BTNCopy.dll - ok
17:42:24.0450 6992 [ 8A6460B739AA184B0EF5D680A95BC57F ] C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll
17:42:24.0451 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BtWdSdk.dll - ok
17:42:24.0500 6992 [ B90116192908CEA3940217554579FDF3 ] C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll
17:42:24.0500 6992 C:\Program Files (x86)\Microsoft Lync\MUI\0409\OCAPIRES.dll - ok
17:42:24.0541 6992 [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
17:42:24.0542 6992 C:\Windows\System32\msacm32.drv - ok
17:42:24.0585 6992 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
17:42:24.0585 6992 C:\Windows\System32\msacm32.dll - ok
17:42:24.0616 6992 [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
17:42:24.0617 6992 C:\Windows\System32\midimap.dll - ok
17:42:24.0679 6992 [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
17:42:24.0679 6992 C:\Windows\System32\imapi2.dll - ok
17:42:24.0725 6992 [ EC135FC63AC306A4FD8A8E3801C46D28 ] C:\Program Files (x86)\Microsoft Lync\ocrec.dll
17:42:24.0726 6992 C:\Program Files (x86)\Microsoft Lync\ocrec.dll - ok
17:42:24.0778 6992 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
17:42:24.0778 6992 C:\Windows\System32\AltTab.dll - ok
17:42:24.0822 6992 [ 975FE6924191082E2182850F2A56DE2C ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll
17:42:24.0822 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUserInterface.dll - ok
17:42:24.0869 6992 [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
17:42:24.0869 6992 C:\Windows\System32\hgcpl.dll - ok
17:42:24.0903 6992 [ 69388C3D3DBD3D92C475B58AE4BF508B ] C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
17:42:24.0903 6992 C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe - ok
17:42:24.0954 6992 [ 9B77707B49EB6EA889B56A37ADBF8584 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
17:42:24.0954 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
17:42:25.0003 6992 [ 0DDFBE7CCFA1974D320D2FBF78CE505B ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
17:42:25.0003 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
17:42:25.0050 6992 [ 7FCFD73D6D0333401D6DD2B1FFFC5B58 ] C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll
17:42:25.0051 6992 C:\Program Files (x86)\Microsoft Lync\RTMPLTFM.dll - ok
17:42:25.0095 6992 [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
17:42:25.0096 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
17:42:25.0138 6992 [ E6C60E153524E8C18E06C643B11D5AD3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:42:25.0139 6992 C:\Program Files\CCleaner\CCleaner64.exe - ok
17:42:25.0168 6992 [ F2C7BB8ACC97F92E987A2D4087D021B1 ] C:\Windows\System32\notepad.exe
17:42:25.0169 6992 C:\Windows\System32\notepad.exe - ok
17:42:25.0217 6992 [ E167EDFD77805FFF4990DDAE70B8CEF2 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUtilC.dll
17:42:25.0217 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmUtilC.dll - ok
17:42:25.0265 6992 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
17:42:25.0265 6992 C:\Windows\System32\dot3api.dll - ok
17:42:25.0309 6992 [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
17:42:25.0309 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
17:42:25.0352 6992 [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
17:42:25.0352 6992 C:\Windows\System32\wlanhlp.dll - ok
17:42:25.0399 6992 [ 733792D1C008875B70910AEF438666E7 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
17:42:25.0400 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
17:42:25.0435 6992 [ 65405227E620C3D62D7CF3FD734E0A91 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
17:42:25.0435 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
17:42:25.0491 6992 [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
17:42:25.0491 6992 C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
17:42:25.0540 6992 [ A1A4B223A1F81A23FB62115EEF1CA795 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
17:42:25.0541 6992 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
17:42:25.0584 6992 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
17:42:25.0585 6992 C:\Windows\SysWOW64\logoncli.dll - ok
17:42:25.0626 6992 [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
17:42:25.0626 6992 C:\Windows\SysWOW64\shfolder.dll - ok
17:42:25.0674 6992 [ 97A8968A66F15FD3B2F09C6F56B2170D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
17:42:25.0675 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
17:42:25.0703 6992 [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
17:42:25.0704 6992 C:\Windows\SysWOW64\pdh.dll - ok
17:42:25.0751 6992 [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
17:42:25.0751 6992 C:\Windows\System32\fdPHost.dll - ok
17:42:25.0802 6992 [ 09F7401D56F2393C6CA534FF0241A590 ] C:\Windows\System32\taskmgr.exe
17:42:25.0803 6992 C:\Windows\System32\taskmgr.exe - ok
17:42:25.0861 6992 [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
17:42:25.0862 6992 C:\Windows\System32\fdWSD.dll - ok
17:42:25.0908 6992 [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
17:42:25.0908 6992 C:\Windows\System32\fdSSDP.dll - ok
17:42:25.0935 6992 [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
17:42:25.0936 6992 C:\Windows\SysWOW64\cabinet.dll - ok
17:42:25.0981 6992 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
17:42:25.0981 6992 C:\Windows\SysWOW64\netprofm.dll - ok
17:42:26.0026 6992 [ 2809F6A69068C6C56860E6B8B8DB4AFB ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe
17:42:26.0026 6992 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\xlicons.exe - ok
17:42:26.0070 6992 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
17:42:26.0070 6992 C:\Windows\SysWOW64\avrt.dll - ok
17:42:26.0112 6992 [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
17:42:26.0112 6992 C:\Windows\SysWOW64\nlaapi.dll - ok
17:42:26.0155 6992 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
17:42:26.0156 6992 C:\Windows\SysWOW64\wlanapi.dll - ok
17:42:26.0204 6992 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC ] C:\Windows\SysWOW64\fltLib.dll
17:42:26.0204 6992 C:\Windows\SysWOW64\fltLib.dll - ok
17:42:26.0245 6992 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
17:42:26.0245 6992 C:\Windows\SysWOW64\wlanutil.dll - ok
17:42:26.0289 6992 [ 05CA3E98EFA75DECD41766FEF984FC29 ] C:\Windows\System32\drivers\Sftredirwin7.sys
17:42:26.0289 6992 C:\Windows\System32\drivers\Sftredirwin7.sys - ok
17:42:26.0333 6992 [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
17:42:26.0333 6992 C:\Windows\System32\ListSvc.dll - ok
17:42:26.0377 6992 [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
17:42:26.0378 6992 C:\Windows\System32\P2P.dll - ok
17:42:26.0421 6992 [ 625D390D5CBA512166571019E5EFECFB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll
17:42:26.0422 6992 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\98059f32b988a3e2d869e9b3bf56db17\System.Management.ni.dll - ok
17:42:26.0481 6992 [ 625020DE1DBE6A19EDF26916A127AD3D ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe
17:42:26.0481 6992 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\outicon.exe - ok
17:42:26.0519 6992 [ BBD351CB2E5455F0E96FE4460EC05F52 ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe
17:42:26.0520 6992 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\wordicon.exe - ok
17:42:26.0566 6992 [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
17:42:26.0566 6992 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
17:42:26.0612 6992 [ 45375DF47ED4D0535739465105AAABE3 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
17:42:26.0612 6992 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
17:42:26.0655 6992 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
17:42:26.0656 6992 C:\Windows\SysWOW64\winsta.dll - ok
17:42:26.0699 6992 [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
17:42:26.0700 6992 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
17:42:26.0744 6992 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
17:42:26.0745 6992 C:\Windows\SysWOW64\MMDevAPI.dll - ok
17:42:26.0773 6992 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:42:26.0774 6992 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:42:26.0815 6992 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
17:42:26.0815 6992 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:42:26.0857 6992 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
17:42:26.0858 6992 C:\Windows\SysWOW64\devenum.dll - ok
17:42:26.0899 6992 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
17:42:26.0899 6992 C:\Windows\SysWOW64\AudioSes.dll - ok
17:42:26.0964 6992 [ 4EF5FA9E63CF56017A26111A121EE20B ] C:\Program Files\Windows Azure Emulator\emulator\csmonitor.exe
17:42:26.0964 6992 C:\Program Files\Windows Azure Emulator\emulator\csmonitor.exe - ok
17:42:27.0029 6992 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
17:42:27.0030 6992 C:\Windows\SysWOW64\msdmo.dll - ok
17:42:27.0085 6992 [ C97DA72CEE8C13CA00AA04EE6A93EB42 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmWmiProvider.dll
17:42:27.0085 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmWmiProvider.dll - ok
17:42:27.0141 6992 [ 668349D13C5822D37F6A4FE756260F3F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a29e4e436cd8128ce2621469325aa302\System.Web.ni.dll
17:42:27.0142 6992 C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a29e4e436cd8128ce2621469325aa302\System.Web.ni.dll - ok
17:42:27.0189 6992 [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
17:42:27.0189 6992 C:\Windows\SysWOW64\avicap32.dll - ok
17:42:27.0232 6992 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
17:42:27.0233 6992 C:\Windows\SysWOW64\schannel.dll - ok
17:42:27.0274 6992 [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
17:42:27.0274 6992 C:\Windows\SysWOW64\msvfw32.dll - ok
17:42:27.0305 6992 [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
17:42:27.0306 6992 C:\Windows\SysWOW64\vfwwdm32.dll - ok
17:42:27.0356 6992 [ D544030DAE030F6B0D1DA332C8171FA8 ] C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
17:42:27.0356 6992 C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe - ok
17:42:27.0400 6992 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:42:27.0401 6992 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:42:27.0448 6992 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:42:27.0449 6992 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:42:27.0495 6992 [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
17:42:27.0495 6992 C:\Windows\System32\WWanAPI.dll - ok
17:42:27.0535 6992 [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:42:27.0539 6992 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:42:27.0563 6992 [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
17:42:27.0563 6992 C:\Windows\System32\pnrpsvc.dll - ok
17:42:27.0605 6992 [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
17:42:27.0605 6992 C:\Windows\System32\wwapi.dll - ok
17:42:27.0648 6992 [ A8FFFBA5C5FC63E65BBDF5D54174721B ] C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll
17:42:27.0649 6992 C:\Program Files (x86)\Windows Live\Messenger\msgsres.dll - ok
17:42:27.0692 6992 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\SysWOW64\wdmaud.drv
17:42:27.0692 6992 C:\Windows\SysWOW64\wdmaud.drv - ok
17:42:27.0736 6992 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
17:42:27.0736 6992 C:\Windows\SysWOW64\ksuser.dll - ok
17:42:27.0777 6992 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:42:27.0777 6992 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:42:27.0820 6992 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
17:42:27.0821 6992 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:42:27.0856 6992 [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
17:42:27.0856 6992 C:\Windows\SysWOW64\ksproxy.ax - ok
17:42:27.0895 6992 [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
17:42:27.0896 6992 C:\Windows\SysWOW64\d3d9.dll - ok
17:42:27.0940 6992 [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
17:42:27.0941 6992 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:42:27.0985 6992 [ 4A213C7D74A8293017D74997A39BE635 ] C:\Program Files\Windows Azure Emulator\emulator\devstore\DSInit.exe
17:42:27.0985 6992 C:\Program Files\Windows Azure Emulator\emulator\devstore\DSInit.exe - ok
17:42:28.0030 6992 [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
17:42:28.0030 6992 C:\Windows\SysWOW64\vidcap.ax - ok
17:42:28.0072 6992 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
17:42:28.0072 6992 C:\Windows\SysWOW64\wbem\WmiPrvSE.exe - ok
17:42:28.0113 6992 [ D476962D39223474E3D78DF33BFDB13F ] C:\Program Files\Windows Azure Emulator\emulator\devstore\DSService.exe
17:42:28.0114 6992 C:\Program Files\Windows Azure Emulator\emulator\devstore\DSService.exe - ok
17:42:28.0172 6992 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
17:42:28.0172 6992 C:\Windows\SysWOW64\msxml3.dll - ok
17:42:28.0226 6992 [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
17:42:28.0226 6992 C:\Windows\System32\p2psvc.dll - ok
17:42:28.0275 6992 [ BBEE9BBFD1F3C339059D96C4C42B455F ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
17:42:28.0275 6992 C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
17:42:28.0324 6992 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\SysWOW64\ncobjapi.dll
17:42:28.0325 6992 C:\Windows\SysWOW64\ncobjapi.dll - ok
17:42:28.0368 6992 [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
17:42:28.0368 6992 C:\Windows\SysWOW64\Kswdmcap.ax - ok
17:42:28.0399 6992 [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
17:42:28.0399 6992 C:\Windows\System32\P2PGraph.dll - ok
17:42:28.0442 6992 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
17:42:28.0442 6992 C:\Windows\SysWOW64\msv1_0.dll - ok
17:42:28.0487 6992 [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
17:42:28.0487 6992 C:\Windows\SysWOW64\mfc42.dll - ok
17:42:28.0535 6992 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
17:42:28.0535 6992 C:\Windows\SysWOW64\cryptdll.dll - ok
17:42:28.0578 6992 [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
17:42:28.0579 6992 C:\Windows\System32\IdListen.dll - ok
17:42:28.0622 6992 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
17:42:28.0623 6992 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
17:42:28.0652 6992 [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
17:42:28.0652 6992 C:\Windows\SysWOW64\odbc32.dll - ok
17:42:28.0696 6992 [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
17:42:28.0697 6992 C:\Windows\System32\hgprint.dll - ok
17:42:28.0741 6992 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\SysWOW64\WinSATAPI.dll
17:42:28.0742 6992 C:\Windows\SysWOW64\WinSATAPI.dll - ok
17:42:28.0788 6992 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
17:42:28.0788 6992 C:\Windows\SysWOW64\dxgi.dll - ok
17:42:28.0834 6992 [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
17:42:28.0835 6992 C:\Windows\SysWOW64\odbcint.dll - ok
17:42:28.0877 6992 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\SysWOW64\msacm32.drv
17:42:28.0878 6992 C:\Windows\SysWOW64\msacm32.drv - ok
17:42:28.0909 6992 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
17:42:28.0909 6992 C:\Windows\SysWOW64\msacm32.dll - ok
17:42:28.0954 6992 [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
17:42:28.0954 6992 C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
17:42:28.0998 6992 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\SysWOW64\midimap.dll
17:42:28.0999 6992 C:\Windows\SysWOW64\midimap.dll - ok
17:42:29.0042 6992 [ 1C2E98534835927E87D0C1C1F188C1F8 ] C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe
17:42:29.0043 6992 C:\Windows\Installer\{90140000-003D-0000-0000-0000000FF1CE}\joticon.exe - ok
17:42:29.0086 6992 [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
17:42:29.0086 6992 C:\Windows\System32\drttransport.dll - ok
17:42:29.0125 6992 [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
17:42:29.0126 6992 C:\Windows\System32\drt.dll - ok
17:42:29.0154 6992 [ 6664F6757A9F75F17698748A3BCDA451 ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootManager.dll
17:42:29.0155 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootManager.dll - ok
17:42:29.0202 6992 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
17:42:29.0202 6992 C:\Windows\SysWOW64\sxs.dll - ok
17:42:29.0256 6992 [ 4BB59B0061F1FA9524D0BDC34E9E82E7 ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootBiosManager2.dll
17:42:29.0257 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\PrebootBiosManager2.dll - ok
17:42:29.0323 6992 [ 3428C3802559870C871319BAAF30EA26 ] C:\Program Files\TortoiseHg\kdiff3.exe
17:42:29.0324 6992 C:\Program Files\TortoiseHg\kdiff3.exe - ok
17:42:29.0369 6992 [ 4FCE41B5474078FDA65E837379CD6384 ] C:\Program Files (x86)\Microsoft Lync\sqmapi.dll
17:42:29.0370 6992 C:\Program Files (x86)\Microsoft Lync\sqmapi.dll - ok
17:42:29.0416 6992 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
17:42:29.0416 6992 C:\Windows\SysWOW64\msftedit.dll - ok
17:42:29.0447 6992 [ 06F8D094F516B21A698AB562198EEF7E ] C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
17:42:29.0448 6992 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe - ok
17:42:29.0492 6992 [ AAB6F5C4083C3487ADAA8FC988D9EE58 ] C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
17:42:29.0493 6992 C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE - ok
17:42:29.0544 6992 [ 51D02BA36098B4B0836CAFBB4525B4B9 ] C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\LandingPage.exe
17:42:29.0545 6992 C:\Program Files\Microsoft SQL Server\100\Setup Bootstrap\Release\x64\LandingPage.exe - ok
17:42:29.0594 6992 [ F50D779E07E13F943CA758994196B8C9 ] C:\Program Files\Wave Systems Corp\Authentication Manager\WizardLauncherCOM.dll
17:42:29.0595 6992 C:\Program Files\Wave Systems Corp\Authentication Manager\WizardLauncherCOM.dll - ok
17:42:29.0645 6992 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
17:42:29.0646 6992 C:\Windows\SysWOW64\msls31.dll - ok
17:42:29.0696 6992 [ 225E95293D848D1CBE0CBC4EFEBB164F ] C:\Program Files\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x64\ScenarioEngine.exe
17:42:29.0696 6992 C:\Program Files\Microsoft SQL Server\110\Setup Bootstrap\SQLServer2012\x64\ScenarioEngine.exe - ok
17:42:29.0725 6992 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
17:42:29.0725 6992 C:\Windows\SysWOW64\msimg32.dll - ok
17:42:29.0766 6992 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
17:42:29.0766 6992 C:\Windows\SysWOW64\rasapi32.dll - ok
17:42:29.0811 6992 [ 970E191FA2BA21844D7103792B6885F6 ] C:\Program Files\SetPoint - BT Mouse\SetPoint.exe
17:42:29.0812 6992 C:\Program Files\SetPoint - BT Mouse\SetPoint.exe - ok
17:42:29.0852 6992 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
17:42:29.0853 6992 C:\Windows\SysWOW64\rasman.dll - ok
17:42:29.0893 6992 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
17:42:29.0893 6992 C:\Windows\SysWOW64\rtutils.dll - ok
17:42:29.0934 6992 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\SysWOW64\rundll32.exe
17:42:29.0934 6992 C:\Windows\SysWOW64\rundll32.exe - ok
17:42:29.0960 6992 [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
17:42:29.0960 6992 C:\Windows\AppPatch\AcLayers.dll - ok
17:42:30.0003 6992 [ EE2F3B7E6A2E69BBCD4816EEA4E0A003 ] C:\Program Files\Speccy\Speccy64.exe
17:42:30.0003 6992 C:\Program Files\Speccy\Speccy64.exe - ok
17:42:30.0042 6992 [ E337DE8814EABEDEA01919B94D323078 ] C:\Windows\AppPatch\acwow64.dll
17:42:30.0042 6992 C:\Windows\AppPatch\acwow64.dll - ok
17:42:30.0084 6992 [ 3C06536A9AA332E9E0CEBDE5A596822A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL
17:42:30.0084 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDPROV.DLL - ok
17:42:30.0132 6992 [ 0C15DB6FF927935F0ECA52FEEA40E6C2 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll
17:42:30.0133 6992 C:\Program Files\Common Files\Microsoft Shared\Windows Live\wlidcli.dll - ok
17:42:30.0177 6992 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
17:42:30.0177 6992 C:\Windows\SysWOW64\npmproxy.dll - ok
17:42:30.0221 6992 [ E5BD11E882311F9FBE98601DD57B32A3 ] C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
17:42:30.0221 6992 C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe - ok
17:42:30.0254 6992 [ 59E440277061325529DDF7970AC347E7 ] C:\Program Files\TortoiseHg\thg.exe
17:42:30.0254 6992 C:\Program Files\TortoiseHg\thg.exe - ok
17:42:30.0301 6992 [ CED00426DDC90FAC8163128CEB07990B ] C:\Program Files\TortoiseHg\thgw.exe
17:42:30.0301 6992 C:\Program Files\TortoiseHg\thgw.exe - ok
17:42:30.0349 6992 [ F3C10BB8749A0C935086E981927E1648 ] C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe
17:42:30.0350 6992 C:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe - ok
17:42:30.0414 6992 [ 38768B5D3E0B00847FAA388F6ADFE038 ] C:\Program Files\Zune\Zune.exe
17:42:30.0414 6992 C:\Program Files\Zune\Zune.exe - ok
17:42:30.0479 6992 [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C ] C:\Program Files\Zune\ZuneLauncher.exe
17:42:30.0480 6992 C:\Program Files\Zune\ZuneLauncher.exe - ok
17:42:30.0528 6992 [ F3A9B7CF8AFFA959D06B627D4BBA6009 ] C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll
17:42:30.0529 6992 C:\Program Files\Microsoft IntelliPoint\dpgcmd.dll - ok
17:42:30.0580 6992 [ E1B77F36004A1DF2EF3431D074E5B4CB ] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\Wavx_ArchiveHelper.dll
17:42:30.0580 6992 C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\Wavx_ArchiveHelper.dll - ok
17:42:30.0623 6992 [ 8BE4B6BF8F9C50E3FA0001393043F4F9 ] C:\Windows\SysWOW64\InkEd.dll
17:42:30.0623 6992 C:\Windows\SysWOW64\InkEd.dll - ok
17:42:30.0674 6992 [ 7B58E22341B1E6A952B984EC2DDBCC21 ] C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll
17:42:30.0674 6992 C:\Program Files\Microsoft IntelliPoint\Components\Commands\DPGHnt\DPGHnt.dll - ok
17:42:30.0718 6992 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\SysWOW64\PeerDist.dll
17:42:30.0718 6992 C:\Windows\SysWOW64\PeerDist.dll - ok
17:42:30.0748 6992 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
17:42:30.0749 6992 C:\Windows\SysWOW64\authz.dll - ok
17:42:30.0796 6992 [ E73D6F3160CE2FD1D59FF1EF6167DF02 ] C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
17:42:30.0796 6992 C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll - ok
17:42:30.0840 6992 [ 6E6602DE23AB3776007702FC9540E8E9 ] C:\Windows\System32\vbscript.dll
17:42:30.0840 6992 C:\Windows\System32\vbscript.dll - ok
17:42:30.0880 6992 [ 3D2D108E14AD21889A2621B94C80A3DD ] C:\Windows\System32\tzres.dll
17:42:30.0880 6992 C:\Windows\System32\tzres.dll - ok
17:42:30.0926 6992 [ 2E76FF14C5987BE45AB65A91332E3C58 ] C:\Program Files\Windows Sidebar\wlsrvc.dll
17:42:30.0926 6992 C:\Program Files\Windows Sidebar\wlsrvc.dll - ok
17:42:30.0971 6992 [ 1571602DF9EF7238B85E4238252397AE ] C:\Program Files\Wave Systems Corp\EMBASSY Security Center\ControlVault.dll
17:42:30.0971 6992 C:\Program Files\Wave Systems Corp\EMBASSY Security Center\ControlVault.dll - ok
17:42:31.0024 6992 [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
17:42:31.0024 6992 C:\Windows\System32\rundll32.exe - ok
17:42:31.0066 6992 [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
17:42:31.0067 6992 C:\Windows\System32\PeerDist.dll - ok
17:42:31.0115 6992 [ A3287F8EB6182FB060C818524C7D6A63 ] C:\Windows\System32\dxtrans.dll
17:42:31.0115 6992 C:\Windows\System32\dxtrans.dll - ok
17:42:31.0161 6992 [ 590C1DE27519A406657F47AE063F0353 ] C:\Program Files\Wave Systems Corp\Dell Preboot Manager\Wave.CV.dll
17:42:31.0162 6992 C:\Program Files\Wave Systems Corp\Dell Preboot Manager\Wave.CV.dll - ok
17:42:31.0204 6992 [ 4938A4350327E1A5DEB0CD134AC1AAA3 ] C:\Windows\System32\ddrawex.dll
17:42:31.0204 6992 C:\Windows\System32\ddrawex.dll - ok
17:42:31.0245 6992 [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
17:42:31.0245 6992 C:\Windows\System32\ddraw.dll - ok
17:42:31.0294 6992 [ 501F5BB8DA9104CC6A2C8195C2E0230F ] C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\msoidcli.dll
17:42:31.0295 6992 C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\msoidcli.dll - ok
17:42:31.0325 6992 [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
17:42:31.0325 6992 C:\Windows\System32\dciman32.dll - ok
17:42:31.0367 6992 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\SysWOW64\WinSCard.dll
17:42:31.0368 6992 C:\Windows\SysWOW64\WinSCard.dll - ok
17:42:31.0416 6992 [ BD66ECA9479C688412DDDA9F2CCD2C69 ] C:\Windows\System32\d3d10.dll
17:42:31.0417 6992 C:\Windows\System32\d3d10.dll - ok
17:42:31.0463 6992 [ B628DA8B548E6D11A35B86799714CB22 ] C:\Windows\System32\d3d10core.dll
17:42:31.0463 6992 C:\Windows\System32\d3d10core.dll - ok
17:42:31.0509 6992 [ 3D3BA0FE48246C22F6F1352A0A4AB697 ] C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\MSOIDRES.DLL
17:42:31.0509 6992 C:\Program Files (x86)\Common Files\microsoft shared\Microsoft Online Services\MSOIDRES.DLL - ok
17:42:31.0572 6992 [ D6A99F26E31C9F15D8D8CC42FFE6D16B ] C:\Windows\System32\dxtmsft.dll
17:42:31.0573 6992 C:\Windows\System32\dxtmsft.dll - ok
17:42:31.0594 6992 ============================================================
17:42:31.0594 6992 Scan finished
17:42:31.0594 6992 ============================================================
17:42:31.0725 7000 Detected object count: 11
17:42:31.0726 7000 Actual detected object count: 11
17:54:25.0998 7000 CouchbaseServer ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:25.0999 7000 CouchbaseServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0004 7000 fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0004 7000 fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0018 7000 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0019 7000 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0033 7000 lpasvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0034 7000 lpasvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0047 7000 lppsvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0047 7000 lppsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0061 7000 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0062 7000 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0074 7000 SecureStorageService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0074 7000 SecureStorageService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0087 7000 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0088 7000 tcsd_win32.exe ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0101 7000 Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0102 7000 Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0117 7000 VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0118 7000 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:54:26.0132 7000 wgsslvpnsrc ( UnsignedFile.Multi.Generic ) - skipped by user
17:54:26.0132 7000 wgsslvpnsrc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:43:46.0830 3980 Deinitialize success

The End (for now)...

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:12:33 PM

Posted 04 January 2013 - 02:25 AM

Greetings

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Open Notepad and copy/paste the text in the box into the window:

ClearJavaCache::

Save it to your desktop as CFScript.txt

Refering to the picture above, drag CFScript.txt into ComboFix.exe
Posted Image
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following

  • report from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now after running the script?

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 WearyGuy

WearyGuy
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:06:33 PM

Posted 06 January 2013 - 11:58 AM

Hi Gringo, sorry for the delay in my response.

So, I ran ComboFix with the script file and IE is still taking forever to open web pages for well known web sites. I got the same behavior from ComboFix as before (and it said there was a new version, so I allowed it to be installed this time), it rebooted the computer, but when I went to login it said "The request is not supported", so I rebooted, hitting F8, chose to boot with the Last Known Good Configuration, then when I went to run any program it said "Illegal operation attempted on a registry key that has been marked for deletion." So, I rebooted per the instructions, then couldn't login as before. So I restarted with the last known good configuration again, logged in as normal and now the programs respond.

Maybe I should just reinstall IE, however that's done. I tried to download it from MS and it said it can't because my version is newer.

Otherwise my system seems better. The CPU calms down OK after I stop running some program I know is using it. Although my wife's Core 2 Duo with standard video is much faster at many things than my i7 with a pretty hot video system. So, I don't quite know what to say about that, but I do have a lot of software running in the background for when I do dev work (SQL Server, SharePoint local installation, etc.). It's running at 77 degrees C, with very little going on, kind of warm, but not so bad as before. The big issue for me is when I run certain apps, like GoToMeeting, which I need to do later tonight, the CPU gets very utilized and it after a while gets hot enough it needs to be shutdown and the performance in GoToMeeting is terrible, when it wasn't in the past.

BTW, I never seem to get the rated 1.7GHz out of the CPU per Core Temp, only about 1.4 max. I've fiddled with the CPU % usage in the Power Options, but it doesn't help, except to stave off overheating "maybe".

So, here's the report. If you have some other ideas, I'm happy to hear and try them. Again, thanks for your help and if I have more info before you post, I'll let you know.

Best regards, WearyGuy

ComboFix 13-01-05.01 - Stephen 01/05/2013 21:38:12.2.8 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8116.4414 [GMT 2:00]
Running from: c:\users\Stephen\Desktop\ComboFix.exe
Command switches used :: c:\users\Stephen\Desktop\CFScript.txt
AV: Microsoft Forefront Endpoint Protection *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Forefront Endpoint Protection *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_random
.
.
((((((((((((((((((((((((( Files Created from 2012-12-06 to 2013-01-06 )))))))))))))))))))))))))))))))
.
.
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\ReportServer$SSEXP2012\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\MSSQLFDLauncher$SSEXP2012\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\MSSQL$SSEXP2012\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\Klarika\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-05 20:11 . 2013-01-05 20:11 -------- d-----w- c:\users\Classic .NET AppPool\AppData\Local\temp
2013-01-05 13:05 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D139E525-8ED9-447B-9652-7AA0AE6B318F}\mpengine.dll
2013-01-04 15:07 . 2013-01-04 15:08 -------- d-----w- c:\program files\PI Install Backup
2013-01-04 14:30 . 2013-01-04 14:30 -------- d-----w- c:\users\Stephen\AppData\Local\IsolatedStorage
2013-01-04 07:58 . 2013-01-04 07:58 -------- d-----w- c:\program files (x86)\Geeks3D
2013-01-04 06:10 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-03 14:41 . 2013-01-03 14:41 -------- d-----w- c:\programdata\ATI
2013-01-03 14:35 . 2013-01-03 14:35 -------- d-----w- c:\programdata\AMD
2013-01-03 14:35 . 2013-01-03 14:35 -------- d-----w- c:\program files (x86)\Common Files\ATI Technologies
2013-01-03 14:35 . 2013-01-03 14:35 -------- d-----w- c:\program files (x86)\AMD AVT
2013-01-03 14:35 . 2013-01-03 14:35 -------- d-----w- c:\program files\Common Files\ATI Technologies
2013-01-03 14:34 . 2013-01-03 14:34 -------- d-----w- c:\program files (x86)\AMD APP
2013-01-03 08:46 . 2013-01-03 08:46 -------- d-----w- c:\users\Stephen\AppData\Local\ElevatedDiagnostics
2013-01-03 07:22 . 2013-01-03 12:27 -------- d-----w- c:\program files\Core Temp
2013-01-03 06:54 . 2013-01-03 06:54 -------- d-----w- c:\windows\system32\Wave Systems Corp
2012-12-31 14:04 . 2004-05-04 10:53 1645320 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-12-31 14:03 . 2012-12-31 14:04 -------- d-----w- c:\program files (x86)\Event Log Explorer
2012-12-31 13:36 . 2012-12-31 13:36 -------- d-----w- c:\program files\CCleaner
2012-12-30 17:49 . 2012-12-30 17:49 -------- d-----w- C:\ImportReports
2012-12-30 17:48 . 2012-12-30 17:48 -------- dc-h--w- c:\users\Stephen\AppData\Local\{806B33C4-9764-4DED-9D66-67390E96D9FE}
2012-12-28 11:53 . 2012-12-28 11:53 -------- d-----w- c:\users\Stephen\AppData\Roaming\Malwarebytes
2012-12-28 11:50 . 2012-12-28 11:50 -------- d-----w- c:\programdata\Malwarebytes
2012-12-28 11:50 . 2012-12-14 14:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-28 11:50 . 2012-12-28 11:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-12-27 15:19 . 2012-12-27 15:19 -------- d-----w- c:\users\Stephen\AppData\Local\OSIsoft
2012-12-27 07:00 . 2011-02-27 16:13 110080 ----a-w- c:\windows\SysWow64\pywintypes27.dll
2012-12-27 07:00 . 2011-02-26 18:10 8192 ----a-w- c:\windows\SysWow64\pythoncomloader27.dll
2012-12-27 07:00 . 2011-02-26 18:02 354304 ----a-w- c:\windows\SysWow64\pythoncom27.dll
2012-12-27 06:39 . 2012-12-27 06:39 98304 ----a-r- c:\users\Stephen\AppData\Roaming\Microsoft\Installer\{C0C31BCC-56FB-42A7-8766-D29E1BD74C7C}\python_icon.exe
2012-12-22 17:16 . 2012-12-22 17:17 -------- d-----w- c:\program files\Zune 4_7_1407_0
2012-12-22 16:13 . 2013-01-02 19:37 -------- d-----w- c:\users\v-stpavl
2012-12-21 13:09 . 2012-12-21 13:09 -------- d-----w- c:\windows\A2C249459261499686516D44DF4101FC.TMP
2012-12-21 12:56 . 2012-12-21 12:57 -------- d-----w- c:\program files\PI
2012-12-21 12:27 . 2012-12-21 12:27 -------- d-----w- c:\programdata\PISystem
2012-12-21 11:27 . 2012-12-21 11:27 -------- d-----w- c:\programdata\OSIsoft
2012-12-21 07:31 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-21 07:31 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-21 07:31 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-21 07:31 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-14 08:06 . 2012-12-14 08:06 -------- d-----w- c:\program files (x86)\nodejs
2012-12-13 11:24 . 2009-03-31 05:04 78872 ----a-w- c:\windows\system32\perf-SQLAgent$SHAREPOINT-sqlagtctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 50200 ----a-w- c:\windows\SysWow64\perf-SQLAgent$SHAREPOINT-sqlagtctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 79896 ----a-w- c:\windows\SysWow64\perf-MSSQL$SHAREPOINT-sqlctr10.1.2531.0.dll
2012-12-13 11:24 . 2009-03-31 05:04 111640 ----a-w- c:\windows\system32\perf-MSSQL$SHAREPOINT-sqlctr10.1.2531.0.dll
2012-12-13 10:49 . 2012-12-13 10:49 -------- d-----w- c:\program files (x86)\Windows Identity Foundation
2012-12-13 10:49 . 2012-12-13 10:49 -------- d-----w- c:\program files\Windows Identity Foundation
2012-12-13 10:17 . 2012-12-13 10:40 -------- d-----w- C:\SharePointFiles
2012-12-12 11:43 . 2012-11-14 05:52 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-12-12 11:43 . 2012-11-14 01:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-12-12 11:43 . 2012-11-14 05:53 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-12-12 11:43 . 2012-11-14 07:11 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2012-12-12 11:43 . 2012-11-14 02:56 149552 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2012-12-12 11:43 . 2012-11-14 06:00 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2012-12-12 11:43 . 2012-11-14 01:48 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-12-12 11:41 . 2012-11-14 07:06 17811968 ----a-w- c:\windows\system32\mshtml.dll
2012-12-12 11:41 . 2012-11-14 06:32 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-12-12 11:10 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-12 11:10 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-12 11:09 . 2012-11-22 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2012-12-12 11:07 . 2012-10-04 17:38 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-12-12 11:06 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-12 11:06 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-11 10:30 . 2012-12-11 10:30 -------- d-----w- c:\program files (x86)\Application Verifier
2012-12-11 10:30 . 2012-12-11 10:30 -------- d-----w- c:\program files\Application Verifier
2012-12-11 10:29 . 2012-12-11 10:29 -------- d-----w- c:\programdata\Windows App Certification Kit
2012-12-11 10:16 . 2012-12-11 10:16 -------- d-----w- c:\program files (x86)\Common Files\Microsoft
2012-12-11 09:55 . 2012-12-11 09:58 -------- d-----w- c:\program files (x86)\Microsoft Web Tools
2012-12-11 09:52 . 2012-12-11 09:52 -------- d-----w- c:\program files\Microsoft
2012-12-11 09:38 . 2012-12-11 09:40 -------- d-----w- c:\program files\IIS Express
2012-12-11 09:28 . 2012-12-11 09:28 -------- d-----w- c:\program files (x86)\NuGet
2012-12-11 09:27 . 2012-12-11 09:27 -------- d-----w- c:\program files (x86)\Microsoft WCF Data Services
2012-12-11 09:10 . 2010-05-26 09:41 1998168 ----a-w- c:\windows\SysWow64\D3DX9_43.dll
2012-12-11 09:05 . 2012-12-11 09:05 -------- d-----w- c:\program files (x86)\Windows Kits
2012-12-11 08:16 . 2012-12-11 08:16 -------- d-----w- c:\program files (x86)\Microsoft Help Viewer
2012-12-07 20:26 . 2012-12-11 12:22 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 11.0
2012-12-07 20:24 . 2012-12-07 20:24 -------- d-----w- c:\program files\Microsoft Visual Studio 11.0
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-03 13:49 . 2012-02-14 05:06 4753408 ----a-w- c:\windows\SysWow64\atiumdva.dll
2013-01-03 13:49 . 2010-11-01 23:57 129536 ----a-w- c:\windows\system32\atiuxp64.dll
2013-01-03 13:49 . 2012-02-14 05:06 5540008 ----a-w- c:\windows\SysWow64\atiumdag.dll
2013-01-03 13:49 . 2012-02-14 05:06 4269056 ----a-w- c:\windows\system32\atiumd6a.dll
2013-01-03 13:49 . 2012-02-14 05:06 6676992 ----a-w- c:\windows\system32\atiumd64.dll
2013-01-03 13:49 . 2012-02-14 05:06 83456 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2013-01-03 13:49 . 2012-02-14 05:06 103936 ----a-w- c:\windows\system32\atiu9p64.dll
2013-01-03 13:49 . 2010-11-01 23:56 7052800 ----a-w- c:\windows\system32\atidxx64.dll
2013-01-03 13:49 . 2010-11-01 23:56 1111040 ----a-w- c:\windows\system32\aticfx64.dll
2013-01-03 13:49 . 2010-11-01 23:56 927232 ----a-w- c:\windows\SysWow64\aticfx32.dll
2013-01-03 13:48 . 2012-02-14 05:06 540672 ----a-w- c:\windows\system32\atiadlxx.dll
2012-12-12 14:33 . 2012-04-15 04:24 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-12 14:33 . 2011-06-20 16:01 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-12 12:39 . 2012-12-11 13:00 2489504 ----a-w- c:\programdata\Microsoft\VisualStudio\11.0\1033\ResourceCache.dll
2012-12-12 11:50 . 2010-11-11 16:13 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-11-28 07:00 . 2012-11-29 03:40 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{373943C3-06B4-45F0-A34A-E7D31EBC6765}\gapaengine.dll
2012-11-28 07:00 . 2010-12-01 06:58 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-11-01 13:35 . 2012-11-12 15:49 253256 ----a-w- c:\windows\system32\drivers\PCTSD64.sys
2012-10-30 22:50 . 2012-11-10 07:24 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-24 02:57 . 2012-10-24 02:57 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2012-10-16 08:38 . 2012-11-28 07:05 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 07:05 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 07:05 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-09 18:17 . 2012-11-15 06:12 55296 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-10-09 18:17 . 2012-11-15 06:12 226816 ----a-w- c:\windows\system32\dhcpcore6.dll
2012-10-09 17:40 . 2012-11-15 06:12 44032 ----a-w- c:\windows\SysWow64\dhcpcsvc6.dll
2012-10-09 17:40 . 2012-11-15 06:12 193536 ----a-w- c:\windows\SysWow64\dhcpcore6.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"HW_OPENEYE_OUC_Tele2 Mobile Partner"="c:\program files (x86)\Tele2 Mobile Partner\UpdateDog\ouc.exe" [2012-09-11 655712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-10-03 642216]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2012-09-28 12105344]
"SoftGridTray"="c:\program files (x86)\Microsoft Application Virtualization Client\SFTTray.exe" [2012-09-03 854760]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-8-18 1080096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableAutoApproveHeuristics"= 1 (0x1)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp msoidssp
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\0\0]
"Script"=script_wrapper.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\1\0]
"Script"=script_wrapper.cmd
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2127521184-1604012920-1887927527-5821502\Scripts\Logon\2\0]
"Script"=delrms.bat
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AFService;PI AF Server 2.x Application Service;c:\program files\PIPC\AF\AFService.exe [2012-11-02 91024]
R2 bufservX64;PI-Buffer Server x64;c:\program files\PIPC\bin\bufserv.exe [2011-11-10 1281408]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
R2 piarchss;PI Archive Subsystem;c:\program files\PI\bin\piarchss.exe [2012-09-24 6263232]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2011-07-13 285280]
R3 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-07-13 3246040]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]
R3 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2010-03-24 1039776]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys [2011-04-09 47616]
R3 DcaSvc;DirectAccess Connectivity Assistant Service;c:\program files (x86)\DirectAccess Connectivity Assistant\DcaSvc.exe [2010-10-06 121232]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-09-11 117248]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [2012-09-11 436224]
R3 lpasvc;Microsoft Policy Platform Local Authority;c:\program files\Microsoft Policy Platform\policyHost.exe [2011-06-10 57344]
R3 lppsvc;Microsoft Policy Platform Processor;c:\program files\Microsoft Policy Platform\policyHost.exe [2011-06-10 57344]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys [2007-05-10 16032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
R3 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2012-06-12 220104]
R3 MSSQL$SSEXP2012;SQL Server (SSEXP2012);c:\program files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\sqlservr.exe [2012-06-12 190904]
R3 MSSQLFDLauncher$SSEXP2012;SQL Full-text Filter Daemon Launcher (SSEXP2012);c:\program files\Microsoft SQL Server\MSSQL11.SSEXP2012\MSSQL\Binn\fdlauncher.exe [2012-02-11 49752]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-04-13 45432]
R4 CmRcService;Configuration Manager Remote Control;c:\windows\CCM\RemCtrl\CmRcService.exe [2011-08-09 579440]
R4 CouchbaseServer;CouchbaseServer;c:\program files\Couchbase\Server\bin\erlang\erts-5.8.3\bin\erlsrv.exe [2012-06-26 172032]
R4 dcpsysmgrsvc;Dell System Manager Service;c:\program files\Dell\Dell System Manager\DCPSysMgrSvc.exe [2010-08-24 517488]
R4 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2013-01-03 239616]
S2 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [2010-02-02 15768]
S2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2010-03-24 31136]
S2 ftpsvc;Microsoft FTP Service;c:\windows\system32\svchost.exe [2009-07-14 27136]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 msoidsvc;Microsoft Online Services Sign-in Assistant;c:\program files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2010-08-17 2024864]
S2 MSSQL$SHAREPOINT;SQL Server (SHAREPOINT);c:\program files\Microsoft SQL Server\MSSQL10.SHAREPOINT\MSSQL\Binn\sqlservr.exe [2009-05-15 57629016]
S2 piaflink;PI AF Link Subsystem;c:\program files\PI\bin\piaflink.exe [2012-09-24 5710784]
S2 pialarm;PI Alarm Subsystem;c:\program files\PI\bin\pialarm.exe [2012-09-24 3395520]
S2 pibackup;PI Backup Subsystem;c:\program files\PI\bin\pibackup.exe [2012-09-24 4351424]
S2 PIBaGen;PI Batch Generator Interface;c:\program files (x86)\PIPC\Interfaces\PIBaGen\PIBaGen.exe [2009-06-29 480640]
S2 pibasess;PI Base Subsystem;c:\program files\PI\bin\pibasess.exe [2012-09-24 8525760]
S2 pibatch;PI Batch Subsystem;c:\program files\PI\bin\pibatch.exe [2012-09-24 3224512]
S2 pibufss;PI Buffer Subsystem;c:\program files (x86)\PIPC\bin\pibufss.exe [2011-11-09 1816456]
S2 pilicmgr;PI License Manager;c:\program files\PI\bin\pilicmgr.exe [2012-09-24 3056064]
S2 pilogsrvX64;PIPC Log Server x64;c:\program files\PIPC\bin\pilogsrv.exe [2011-11-10 155520]
S2 pipeschd;PI Performance Equation Scheduler;c:\program files\PI\bin\pipeschd.exe [2012-09-24 3370432]
S2 pirecalc;PI Recalculator Subsystem;c:\program files\PI\bin\pirecalc.exe [2012-09-24 3771840]
S2 pishutev;PI Shutdown Subsystem;c:\program files\PI\bin\pishutev.exe [2012-09-24 2627520]
S2 pisnapss;PI Snapshot Subsystem;c:\program files\PI\bin\pisnapss.exe [2012-09-24 3669952]
S2 pisqlss;PI SQL Subsystem;c:\program files\PI\bin\pisqlss.exe [2012-09-24 5321664]
S2 pitotal;PI Totalizer Subsystem;c:\program files\PI\bin\pitotal.exe [2012-09-24 4068800]
S2 piupdmgr;PI Update Manager;c:\program files\PI\bin\piupdmgr.exe [2012-09-24 3296704]
S3 acpials;ALS Sensor Filter;c:\windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2013-01-03 96896]
S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2009-07-14 67072]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 35104]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-09-16 172960]
S3 cvusbdrv;Dell ControlVault;c:\windows\system32\Drivers\cvusbdrv.sys [2009-10-30 38440]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-09-11 90112]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys [2007-05-10 50208]
S3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2009-11-21 75776]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2009-11-21 177152]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 20:59]
.
2013-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-03-15 20:59]
.
2013-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2261859637-2270655435-1067061215-1001Core.job
- c:\users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 21:31]
.
2013-01-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2261859637-2270655435-1067061215-1001UA.job
- c:\users\Stephen\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 21:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 07:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\EnabledUnlockedFDEIconOverlay]
@="{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}"
[HKEY_CLASSES_ROOT\CLSID\{30D3C2AF-9709-4D05-9CF4-13335F3C1E4A}]
2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UninitializedFdeIconOverlay]
@="{CF08DA3E-C97D-4891-A66B-E39B28DD270F}"
[HKEY_CLASSES_ROOT\CLSID\{CF08DA3E-C97D-4891-A66B-E39B28DD270F}]
2010-03-29 18:00 60784 ----a-w- c:\program files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"USCService"="c:\program files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe" [2010-06-22 34232]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-22 2306448]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-07-22 487424]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"DWPersistentQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE" [2010-12-21 629664]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 130576]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://edition.cnn.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
LSP: %SystemRoot%\system32\vsocklib.dll
Trusted Zone: dell.com
Trusted Zone: livemeeting.com\www
Trusted Zone: precm6500
Trusted Zone: rtcppe.com\www406b
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CF068DAE-9D10-47C9-BBB2-4E2AA6A0489B}: NameServer = 212.247.156.66 212.247.156.70
TCP: Interfaces\{EF257639-E5C0-4DFF-9FFB-408C503B86D3}: NameServer = 212.247.156.66 212.247.156.70
DPF: {899B57D8-97C5-48E4-B0E2-E64621D32CCD} - hxxp://iadmin/iPlatformIncludes/poster4.cab
DPF: {C069D7B8-46C8-49BE-A3AB-C1FA97FFDD06} - hxxp://iadmin/iPlatformIncludes/webhelp.cab
FF - ProfilePath - c:\users\Stephen\AppData\Roaming\Mozilla\Firefox\Profiles\34f0r9n5.default\
FF - ExtSQL: 2012-11-12 18:47; {cb84136f-9c44-433a-9048-c5cd9df1dc16}; c:\program files (x86)\PC Tools\PC Tools Security\BDT\Firefox
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
SafeBoot-87300860.sys
AddRemove-The Extractor1.4.2.2 - c:\windows\iun6002.exe
AddRemove-{FD9E03B5-AEEA-4D59-B512-6CE4AA0281D4} - c:\users\Stephen\AppData\Local\{7D4B3D1D-104E-4507-9123-568BC721B7E2}\BYKI4Installer.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}"=hex:51,66,7a,6c,4c,1d,38,12,8f,19,47,
2e,c4,15,0b,03,d7,b5,8c,e9,62,70,06,85
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:8b,24,64,8f,75,2f,cc,01
.
[HKEY_USERS\S-1-5-21-2261859637-2270655435-1067061215-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-2261859637-2270655435-1067061215-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.eml.14"
.
[HKEY_USERS\S-1-5-21-2261859637-2270655435-1067061215-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (S-1-5-21-2261859637-2270655435-1067061215-1001)
@Denied: (2) (LocalSystem)
"Progid"="Outlook.File.vcf.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PI\Counters]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PI-SDK]
@Allowed: (B 1 4 5 6) (S-1-5-5-0-221052)
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\PISystem\PINS\Counters]
@Allowed: (B 1 4 5 6) (Administrators)
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\programdata\Tele2 Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
c:\program files (x86)\PIPC\BIN\pilogsrv.exe
.
**************************************************************************
.
Completion time: 2013-01-06 18:11:22 - machine was rebooted
ComboFix-quarantined-files.txt 2013-01-06 16:11
ComboFix2.txt 2013-01-03 06:09
.
Pre-Run: 120,321,257,472 bytes free
Post-Run: 115,491,799,040 bytes free
.
- - End Of File - - 0F880720C2309C9E2AE3C074C7233DB3




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users