Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojans and Rootkit Activity


  • This topic is locked This topic is locked
25 replies to this topic

#1 michael_brancato

michael_brancato

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 30 January 2013 - 11:59 PM

Dear all,
Last night i was browsing the internet for some software and I seemed to have contracted some malware. I ran several combinations of malwarebytes, mbam antirootkit, tdss, rkill, adwcleaner, the works. Only superantispyware has reported anything, a rootkit. I also recieved notifications from malwarebytes and trendmicro that they had found and stoped trojans. I am afraid I may have not been able to completely eradicate all problems. Also something of note- I believe that there is a fake trendmicro running. I had Trendmicro max 2013 installed and now when I look for the files the computer says there are no files in the folder. When i click on the icon, a splashscreen displaying obviously fake "tendmicro advanced 2012" displays. Weird. Chrome browsing seems fine. no redirects.
I need help asap thanks.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16453 BrowserJavaVersion: 10.11.2
Run by Michael at 22:54:17 on 2013-01-30
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.8086.4212 [GMT -6:00]
.
AV: Trend Micro Titanium Maximum Security *Disabled/Updated* {B7599298-8445-728A-A5C7-A26A082C8BDA}
AV: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Trend Micro Titanium Maximum Security *Disabled/Updated* {0C38737C-A27F-7D04-9F77-991873ABC167}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\taskhostex.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Mousotron\Mousotron.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
C:\Program Files (x86)\Unified Remote\RemoteServer.exe
C:\Users\Michael\AppData\Local\Google\Update\1.3.21.123\GoogleCrashHandler64.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta.exe
C:\WINDOWS\system32\MpSigStub.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Michael\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\Titanium\TrendMicro AntiThreat Toolkit\hc_attk\supportcustomizedpackage64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Western Digital\WD SmartWare\WDLockedFiles.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll
BHO: TSToolbarBHO: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: Trend Micro Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Google Update] "C:\Users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [Mousotron] C:\Program Files (x86)\Mousotron\Mousotron.exe
uRun: [MusicManager] "C:\Users\Michael\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
uRun: [ShowBatteryBar] "C:\Program Files\BatteryBar\ShowBatteryBar.exe" show
uRun: [Spotify] "C:\Users\Michael\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\Michael\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [TOSDOCKAPP] C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
uRun: [Unified Remote v2] C:\Program Files (x86)\Unified Remote\RemoteServer.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [PowerDVD12Agent] "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
mRun: [PowerDVD12DMREngine] "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Z1] cmd /c "C:\Users\Michael\Desktop\mbar-1.01.0.1017\mbar\mbar.exe" /cleanup /s
StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\BATTER~1.LNK - C:\Program Files\BatteryBar\BatteryBar.exe
StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\Michael\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-System: DisableCAD = dword:1
mPolicies-System: DontDisplayLockedUserId = dword:1
mPolicies-System: legalnoticecaption = WARNING
mPolicies-System: legalnoticetext = Unauthorized access is prohibited. If access is required but domain is not known, please contact the system administrator.
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {3B54DEAB-C6D4-48a8-8C32-A70558643400} - C:\Program Files (x86)\FinalVideoDownloader\fvdRunner.html
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D34A96F5-115C-421C-B121-F18DBC290443} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\WINDOWS\SysWOW64\nvinit.dll
SSODL: WebCheck - <orphaned>
x64-mStart Page = about:blank
x64-mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopIEPlg.dll
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [TOSDOCKAPP] C:\Program Files\TOSHIBA\dynadock_II\TosDockApp.exe
x64-Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] "C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe" -set Silent "1" SplashURL ""
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-RunOnce: [DCERegBootClean64] C:\WINDOWS\RegBootClean64.exe
x64-mPolicies-System: DisableCAD = dword:1
x64-mPolicies-System: DontDisplayLockedUserId = dword:1
x64-mPolicies-System: legalnoticecaption = WARNING
x64-mPolicies-System: legalnoticetext = Unauthorized access is prohibited. If access is required but domain is not known, please contact the system administrator.
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} - hxxps://support.dell.com/systemprofiler/SysProExe.CAB
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - LocalServer32 - <no file>
x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - <orphaned>
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\Drivers\nvpciflt.sys [2013-1-6 30648]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\Drivers\PxHlpa64.sys [2011-12-6 55856]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\WINDOWS\System32\Drivers\stdcfltn.sys [2013-1-14 21616]
R0 TMEBC;TMEBC;C:\WINDOWS\System32\Drivers\TMEBC64.sys [2013-1-16 46392]
R1 nvkflt;nvkflt;C:\WINDOWS\System32\Drivers\nvkflt.sys [2013-1-6 284600]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 tmevtmgr;tmevtmgr;C:\WINDOWS\System32\Drivers\tmevtmgr.sys [2013-1-16 76672]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-12-6 98208]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-9-30 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-30 1132480]
R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2012-12-25 90640]
R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2012-12-25 78352]
R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2012-12-25 295440]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-16 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-16 682344]
R2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2012-12-25 83704]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-25 1153368]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-11-26 659040]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-12-29 383416]
R2 tmeevw;tmeevw;C:\WINDOWS\System32\Drivers\tmeevw.sys [2013-1-16 98104]
R2 tmnciesc;tmnciesc;C:\WINDOWS\System32\Drivers\tmnciesc.sys [2013-1-16 210232]
R2 tmusa;Trend Micro Osprey Driver;C:\WINDOWS\System32\Drivers\tmusa.sys [2013-1-16 77112]
R2 TurboB;Turbo Boost UI Monitor driver;C:\WINDOWS\System32\Drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-12-6 2656280]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-6-14 1151424]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-6-14 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-6-14 1177536]
R3 Acceler;Accelerometer Service;C:\WINDOWS\System32\Drivers\Accelern.sys [2011-12-6 27760]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\WINDOWS\System32\Drivers\btmaux.sys [2012-10-1 132480]
R3 btmhsf;btmhsf;C:\WINDOWS\System32\Drivers\btmhsf.sys [2012-10-1 1337216]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\WINDOWS\System32\Drivers\CtClsFlt.sys [2011-12-6 176096]
R3 iBtFltCoex;iBtFltCoex;C:\WINDOWS\System32\Drivers\iBtFltCoex.sys [2012-8-6 68136]
R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\Drivers\IntcDAud.sys [2011-12-6 317440]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\Drivers\mbam.sys [2013-1-16 24176]
R3 qicflt;upper Device Filter Driver;C:\WINDOWS\System32\Drivers\qicflt.sys [2011-12-6 29288]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2012-6-2 589824]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\Drivers\rzudd.sys [2012-11-7 113664]
S0 tmel;tmel;C:\WINDOWS\System32\Drivers\tmel.sys [2013-1-16 34224]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
S2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2013-1-16 310952]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;C:\WINDOWS\System32\Drivers\AmpPal.sys [2011-9-15 299008]
S3 Impcd;Impcd;C:\WINDOWS\System32\Drivers\Impcd.sys [2011-12-6 158976]
S3 motandroidusb;Mot ADB Interface Driver;C:\WINDOWS\System32\Drivers\motoandroid.sys [2009-7-10 31744]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\Drivers\nvstusb.sys [2011-12-6 121960]
S3 PSI;PSI;C:\WINDOWS\System32\Drivers\psi_mf.sys [2010-9-1 17976]
S3 pwdrvio;pwdrvio;C:\WINDOWS\System32\pwdrvio.sys [2012-7-8 19032]
S3 pwdspio;pwdspio;C:\WINDOWS\System32\pwdspio.sys [2012-7-8 12384]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\Drivers\revoflt.sys [2012-12-25 31800]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-11-26 1225312]
S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .vbs: Applications\notepad.exe=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-01-31 04:50:51 0 ----a-w- C:\WINDOWS\System32\rzdevicedll.dll
2013-01-31 04:50:51 0 ----a-w- C:\WINDOWS\System32\rzaudiodll.dll
2013-01-31 04:50:51 0 ----a-w- C:\WINDOWS\System32\olepro32.dll
2013-01-31 04:50:51 0 ----a-w- C:\WINDOWS\System32\MSVBVM60.DLL
2013-01-31 04:50:50 0 ----a-w- C:\WINDOWS\System32\nvd3dum.dll
2013-01-31 04:50:50 0 ----a-w- C:\WINDOWS\System32\igdumd32.dll
2013-01-31 04:50:49 0 ----a-w- C:\WINDOWS\System32\nvumdshim.dll
2013-01-31 04:50:49 0 ----a-w- C:\WINDOWS\System32\nvinit.dll
2013-01-31 03:37:37 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8F13F574-641D-4E51-9B32-E4FDED0CB3B4}\mpengine.dll
2013-01-31 03:33:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-01-29 00:33:12 -------- d-----w- C:\Program Files\Motorola Inc
2013-01-29 00:33:12 -------- d-----w- C:\Program Files\Common Files\Motorola Shared
2013-01-29 00:31:10 -------- d-----w- C:\Program Files (x86)\Motorola
2013-01-27 19:26:02 544240 ----a-w- C:\WINDOWS\System32\npdeployJava1.dll
2013-01-27 06:46:11 -------- d-----w- C:\ProgramData\Sophos
2013-01-27 06:44:53 73728 -c--a-r- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-01-27 06:44:53 73728 -c--a-r- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2013-01-27 06:44:52 73728 -c--a-r- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2013-01-27 06:43:56 -------- d-----w- C:\Program Files (x86)\Sophos
2013-01-27 06:41:38 -------- d-----w- C:\Users\Michael\AppData\Local\Secunia PSI
2013-01-27 06:40:29 -------- d-----w- C:\Program Files (x86)\Secunia
2013-01-27 05:44:06 -------- d-----w- C:\Program Files (x86)\ESET
2013-01-26 01:10:12 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2013-01-23 05:36:52 234544 ----a-w- C:\WINDOWS\RegBootClean64.exe
2013-01-17 04:44:26 95648 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2013-01-17 03:42:57 24176 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2013-01-17 03:42:57 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-17 02:58:42 -------- dc-h--w- C:\TMRescueDisk
2013-01-17 02:54:00 98104 ----a-w- C:\WINDOWS\System32\drivers\tmeevw.sys
2013-01-17 02:53:59 210232 ----a-w- C:\WINDOWS\System32\drivers\tmnciesc.sys
2013-01-17 02:53:56 77112 ----a-w- C:\WINDOWS\System32\drivers\tmusa.sys
2013-01-17 02:53:56 76672 ----a-w- C:\WINDOWS\System32\drivers\tmevtmgr.sys
2013-01-17 02:53:56 46392 ----a-w- C:\WINDOWS\System32\drivers\TMEBC64.sys
2013-01-17 02:53:56 173504 ----a-w- C:\WINDOWS\System32\drivers\tmcomm.sys
2013-01-17 02:53:56 106000 ----a-w- C:\WINDOWS\System32\drivers\tmactmon.sys
2013-01-17 02:53:55 34224 ----a-w- C:\WINDOWS\System32\drivers\tmel.sys
2013-01-17 02:52:50 59 ----a-w- C:\WINDOWS\System32\SupportTool.exe.bat
2013-01-17 02:51:15 -------- d-----w- C:\Program Files\Trend Micro
2013-01-17 02:18:27 229869 ----a-w- C:\ProgramData\1358389063.bdinstall.bin
2013-01-17 02:16:04 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-01-17 01:42:57 -------- d-----w- C:\ProgramData\Dumps
2013-01-17 01:39:15 -------- d-----w- C:\Users\Michael\AppData\Local\bdch
2013-01-17 01:39:13 -------- d-----w- C:\ProgramData\bdch
2013-01-16 01:01:42 -------- d-----w- C:\Program Files\Microsoft Mouse and Keyboard Center
2013-01-16 00:19:45 16114176 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-16 00:19:45 15541248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-01-15 10:35:33 94208 ----a-w- C:\WINDOWS\System32\synceng.dll
2013-01-15 10:35:33 72192 ----a-w- C:\WINDOWS\SysWow64\synceng.dll
2013-01-15 10:34:55 17888 ----a-w- C:\WINDOWS\System32\msvcr100_clr0400.dll
2013-01-15 10:34:53 17888 ----a-w- C:\WINDOWS\SysWow64\msvcr100_clr0400.dll
2013-01-15 10:33:50 86016 ----a-w- C:\WINDOWS\System32\ncryptsslp.dll
2013-01-15 10:33:50 71168 ----a-w- C:\WINDOWS\SysWow64\ncryptsslp.dll
2013-01-15 10:33:47 148480 ----a-w- C:\WINDOWS\System32\poqexec.exe
2013-01-15 10:33:47 144384 ----a-w- C:\WINDOWS\System32\tssdisai.dll
2013-01-15 10:33:47 135680 ----a-w- C:\WINDOWS\System32\appserverai.dll
2013-01-15 10:33:47 132608 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2013-01-15 10:33:47 126976 ----a-w- C:\WINDOWS\System32\RDWebAI.dll
2013-01-15 10:33:47 122880 ----a-w- C:\WINDOWS\System32\VmHostAI.dll
2013-01-15 10:27:48 2893824 ----a-w- C:\WINDOWS\System32\msmpeg2vdec.dll
2013-01-15 10:27:48 2400256 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2013-01-15 10:26:36 2048 ----a-w- C:\WINDOWS\SysWow64\tzres.dll
2013-01-15 10:26:36 2048 ----a-w- C:\WINDOWS\System32\tzres.dll
2013-01-15 10:26:31 945152 ----a-w- C:\WINDOWS\System32\resetengmig.dll
2013-01-15 10:26:31 443392 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2013-01-15 10:26:31 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2013-01-15 10:26:31 132096 ----a-w- C:\WINDOWS\System32\sysreset.exe
2013-01-15 10:26:31 1009664 ----a-w- C:\WINDOWS\System32\reseteng.dll
2013-01-15 10:26:27 26624 ----a-w- C:\WINDOWS\System32\ReAgentc.exe
2013-01-15 10:26:27 24064 ----a-w- C:\WINDOWS\SysWow64\ReAgentc.exe
2013-01-15 01:57:12 76288 ----a-w- C:\WINDOWS\System32\newdev.exe
2013-01-15 01:57:12 301568 ----a-w- C:\WINDOWS\System32\newdev.dll
2013-01-15 01:57:12 275968 ----a-w- C:\WINDOWS\SysWow64\newdev.dll
2013-01-15 01:57:11 75264 ----a-w- C:\WINDOWS\System32\ndadmin.exe
2013-01-15 01:57:11 74240 ----a-w- C:\WINDOWS\SysWow64\newdev.exe
2013-01-15 01:57:11 73728 ----a-w- C:\WINDOWS\SysWow64\ndadmin.exe
2013-01-15 01:57:09 68608 ----a-w- C:\WINDOWS\System32\wwanprotdim.dll
2013-01-15 01:57:09 446976 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2013-01-15 01:57:06 890880 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2013-01-15 01:57:06 1120768 ----a-w- C:\WINDOWS\System32\msctf.dll
2013-01-15 01:55:20 11459584 ----a-w- C:\WINDOWS\System32\glcndFilter.dll
2013-01-15 01:54:59 2146816 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2013-01-15 01:51:24 274432 ----a-w- C:\WINDOWS\System32\srmstormod.dll
2013-01-15 01:50:39 929792 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2013-01-15 01:50:39 677888 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2013-01-15 01:50:39 673280 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2013-01-15 01:50:39 1172992 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2013-01-15 01:50:38 568832 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2013-01-15 01:50:38 513024 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2013-01-15 01:50:37 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2013-01-15 01:50:37 1048064 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2013-01-15 01:48:25 1131520 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2013-01-15 01:47:50 244736 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2013-01-15 01:46:15 2367528 ----a-w- C:\WINDOWS\System32\WSService.dll
2013-01-15 01:46:14 13640704 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2013-01-15 01:46:03 3265256 ----a-w- C:\WINDOWS\System32\drivers\evbda.sys
2013-01-15 01:44:50 571392 ----a-w- C:\WINDOWS\System32\drivers\csc.sys
2013-01-15 01:43:59 588800 ----a-w- C:\WINDOWS\System32\webio.dll
2013-01-15 00:40:13 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-15 00:40:13 -------- d-----w- C:\Program Files\iTunes
2013-01-15 00:40:13 -------- d-----w- C:\Program Files\iPod
2013-01-15 00:40:13 -------- d-----w- C:\Program Files (x86)\iTunes
2013-01-14 23:34:52 866094 ----a-w- C:\ProgramData\1358205919.bdinstall.bin
2013-01-14 18:29:12 55821 ----a-w- C:\ProgramData\1358188143.bdinstall.bin
2013-01-14 18:28:06 233558 ----a-w- C:\ProgramData\1358187854.bdinstall.bin
2013-01-14 17:57:44 -------- dc----w- C:\Windows.old
2013-01-14 17:00:03 18528 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm2.bin
2013-01-14 16:34:39 -------- d-----w- C:\Users\Michael\AppData\Local\Packages
2013-01-14 16:34:38 -------- d-----w- C:\ProgramData\PRICache
2013-01-14 16:03:08 -------- d-----w- C:\WINDOWS\SysWow64\NV
2013-01-14 16:03:08 -------- d-----w- C:\WINDOWS\System32\NV
2013-01-14 16:01:20 -------- d-----w- C:\Program Files\Realtek
2013-01-14 16:01:18 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2013-01-14 15:55:07 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2013-01-14 15:55:07 -------- d-----w- C:\WINDOWS\System32\msmq
2013-01-14 15:55:07 -------- d-----w- C:\WINDOWS\System32\BestPractices
2013-01-14 15:55:06 -------- d-----w- C:\inetpub
2013-01-14 15:53:51 1166440 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2013-01-14 15:53:50 35400 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2013-01-14 15:53:50 124040 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2013-01-14 15:53:49 35400 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2013-01-14 15:53:49 102528 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2013-01-14 15:53:47 778856 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2013-01-14 15:51:33 -------- d-----w- C:\Program Files\Synaptics
2013-01-14 15:11:46 -------- d-----w- C:\WINDOWS\Panther
2013-01-14 05:19:36 -------- dc-h--w- C:\WINDOWS\System32\WLANProfiles
2013-01-14 05:16:46 -------- dc----w- C:\Program Files\TOSHIBA USB Display Drivers
2013-01-14 01:57:38 -------- dc-h--r- C:\ESD
2013-01-13 21:19:50 -------- dc----w- C:\34da19d02537c95622d523020f
2013-01-11 00:39:51 256000 -c--a-w- C:\WINDOWS\PEV.exe
2013-01-11 00:39:51 208896 -c--a-w- C:\WINDOWS\MBR.exe
2013-01-11 00:39:50 98816 -c--a-w- C:\WINDOWS\sed.exe
2013-01-11 00:39:46 -------- dcs---w- C:\ComboFix
2013-01-10 04:41:05 -------- dc----w- C:\Users\Michael\AppData\Roaming\Efofex
2013-01-10 04:41:05 -------- dc----w- C:\ProgramData\Efofex
2013-01-10 04:41:04 -------- dc----w- C:\Program Files (x86)\Efofex
2013-01-10 00:35:18 -------- dc----w- C:\f2fd0ebfadade0f8cb46ed
2013-01-09 05:23:47 -------- dc----w- C:\fe4037e0b3940ee4e543336d20a2cf
2013-01-09 01:48:02 -------- dc----w- C:\dc7b136a6ba1fd7c93610df56b
2013-01-07 05:54:07 -------- dc----w- C:\Users\Michael\AppData\Local\Spotify
2013-01-07 05:53:19 -------- dc----w- C:\Users\Michael\AppData\Roaming\Spotify
2013-01-07 05:51:26 -------- dc----w- C:\Users\Michael\AppData\Roaming\Unified Remote
2013-01-07 05:51:21 -------- dc----w- C:\Program Files (x86)\Unified Remote
2013-01-06 20:43:32 -------- dc----w- C:\NVIDIA
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 -c----w- C:\WINDOWS\System32\MpSigStub.exe
2013-01-27 19:25:47 525808 -c--a-w- C:\WINDOWS\System32\deployJava1.dll
2013-01-17 01:55:36 431104 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2013-01-17 01:55:36 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2013-01-17 01:55:36 310784 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2013-01-16 02:21:44 82944 ----a-w- C:\WINDOWS\SysWow64\dskquota.dll
2013-01-16 02:20:24 99840 ----a-w- C:\WINDOWS\SysWow64\AppxSip.dll
2013-01-16 02:19:02 178176 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll
2013-01-16 02:19:02 170496 ----a-w- C:\WINDOWS\System32\TimeBrokerServer.dll
2013-01-16 02:17:15 7168 ----a-w- C:\WINDOWS\System32\KBDKURD.DLL
2013-01-16 02:17:15 6971624 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2013-01-16 02:17:15 6656 ----a-w- C:\WINDOWS\SysWow64\KBDKURD.DLL
2013-01-16 02:17:15 49152 ----a-w- C:\WINDOWS\System32\DevDispItemProvider.dll
2013-01-16 02:17:15 36352 ----a-w- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
2013-01-16 02:17:15 1184256 ----a-w- C:\WINDOWS\System32\Display.dll
2013-01-16 02:17:15 1164800 ----a-w- C:\WINDOWS\SysWow64\Display.dll
2013-01-16 00:14:16 405504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2013-01-16 00:13:53 96256 ----a-w- C:\WINDOWS\System32\fontsub.dll
2013-01-16 00:13:53 75776 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll
2013-01-16 00:13:53 46080 ----a-w- C:\WINDOWS\System32\atmlib.dll
2013-01-16 00:13:53 362496 ----a-w- C:\WINDOWS\System32\atmfd.dll
2013-01-16 00:13:53 35328 ----a-w- C:\WINDOWS\SysWow64\atmlib.dll
2013-01-16 00:13:53 3072 ----a-w- C:\WINDOWS\SysWow64\lpk.dll
2013-01-16 00:13:53 3072 ----a-w- C:\WINDOWS\System32\lpk.dll
2013-01-16 00:13:53 300032 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2013-01-16 00:13:53 14336 ----a-w- C:\WINDOWS\System32\dciman32.dll
2013-01-16 00:13:53 10752 ----a-w- C:\WINDOWS\SysWow64\dciman32.dll
2013-01-16 00:11:34 2361344 ----a-w- C:\WINDOWS\System32\msxml6.dll
2013-01-16 00:11:34 2048 ----a-w- C:\WINDOWS\SysWow64\msxml6r.dll
2013-01-16 00:11:34 2048 ----a-w- C:\WINDOWS\SysWow64\msxml3r.dll
2013-01-16 00:11:34 2048 ----a-w- C:\WINDOWS\System32\msxml6r.dll
2013-01-16 00:11:34 2048 ----a-w- C:\WINDOWS\System32\msxml3r.dll
2013-01-16 00:11:34 1836032 ----a-w- C:\WINDOWS\System32\msxml3.dll
2013-01-16 00:11:34 1802240 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2013-01-16 00:11:34 1438720 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2012-12-29 08:54:24 550328 -c--a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2012-12-29 08:40:27 6382008 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2012-12-29 08:40:27 3455416 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2012-12-29 08:40:11 2923201 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2012-12-29 08:40:09 997816 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2012-12-29 08:40:09 884152 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2012-12-29 08:40:09 63928 ----a-w- C:\WINDOWS\System32\nvshext.dll
2012-12-29 08:40:09 55736 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2012-12-29 08:40:09 2558392 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2012-12-29 08:40:09 118712 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2012-12-18 23:32:58 80728 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2012-12-18 23:32:58 695640 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2012-12-16 18:29:33 382464 ----a-w- C:\WINDOWS\SysWow64\wbemcomn2.dll
2012-12-16 18:16:53 228864 ----a-w- C:\WINDOWS\System32\rdpendp_winip.dll
2012-12-16 18:16:53 192000 ----a-w- C:\WINDOWS\SysWow64\rdpendp_winip.dll
2012-12-16 18:16:53 15360 ----a-w- C:\WINDOWS\System32\RdpGroupPolicyExtension.dll
2012-12-16 18:16:53 13312 ----a-w- C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyControl.exe
2012-12-16 15:01:30 1125567 -c--a-w- C:\ProgramData\1355630746.bdinstall.bin
2012-12-06 18:11:40 11518976 ----a-w- C:\WINDOWS\System32\drivers\Netwsw00.sys
2012-12-04 16:12:10 245248 ----a-w- C:\WINDOWS\System32\zshp1020s.dll
2012-11-27 07:00:32 194280 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2012-11-27 07:00:29 124648 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2012-11-27 03:57:32 18432 ----a-w- C:\WINDOWS\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\WINDOWS\System32\drivers\BthhfHid.sys
2012-11-20 04:56:27 27136 ----a-w- C:\WINDOWS\System32\drivers\usbohci.sys
2012-11-20 04:56:11 83456 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys
2012-11-20 04:54:31 39936 ----a-w- C:\WINDOWS\System32\drivers\hidi2c.sys
2012-11-15 01:44:52 56320 -c--a-w- C:\WINDOWS\SysWow64\rzdevinfo.dll
2012-11-15 01:44:52 148480 -c--a-w- C:\WINDOWS\SysWow64\rztouchdll.dll
2012-11-15 01:44:48 617472 -c--a-w- C:\WINDOWS\SysWow64\rzdevicedll.dll
2012-11-08 17:29:12 1402312 ----a-w- C:\WINDOWS\SysWow64\msxml4.dll
2012-11-07 07:49:46 113664 ----a-w- C:\WINDOWS\System32\drivers\rzudd.sys
2012-11-07 07:47:02 182272 -c--a-w- C:\WINDOWS\SysWow64\rzaudiodll.dll
2012-11-06 07:52:07 445160 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2012-11-06 07:52:04 277736 ----a-w- C:\WINDOWS\System32\drivers\msiscsi.sys
2012-11-06 04:54:13 2205696 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2012-11-06 04:20:16 240640 ----a-w- C:\WINDOWS\System32\fsquirt.exe
2012-11-06 04:00:17 16384 ----a-w- C:\WINDOWS\System32\iscsilog.dll
2012-11-06 03:55:44 22528 ----a-w- C:\WINDOWS\System32\drivers\fxppm.sys
2012-11-06 03:55:02 90624 ----a-w- C:\WINDOWS\System32\drivers\amdk8.sys
2012-11-06 03:55:02 89088 ----a-w- C:\WINDOWS\System32\drivers\intelppm.sys
2012-11-06 03:55:02 88064 ----a-w- C:\WINDOWS\System32\drivers\amdppm.sys
2012-11-06 03:55:02 87552 ----a-w- C:\WINDOWS\System32\drivers\processr.sys
2012-11-06 03:54:40 74752 ----a-w- C:\WINDOWS\System32\drivers\BTHUSB.SYS
2012-11-06 03:53:56 51712 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2012-11-06 03:53:12 1171968 ----a-w- C:\WINDOWS\System32\drivers\bthport.sys
2012-11-02 21:38:36 862664 ----a-w- C:\WINDOWS\SysWow64\msvcr110.dll
2012-11-02 21:38:36 828872 ----a-w- C:\WINDOWS\System32\msvcr110.dll
2012-11-02 21:38:36 661448 ----a-w- C:\WINDOWS\System32\msvcp110.dll
2012-11-02 21:38:36 534480 ----a-w- C:\WINDOWS\SysWow64\msvcp110.dll
2012-11-02 21:38:36 50856 ----a-w- C:\WINDOWS\System32\drivers\point64.sys
2012-11-02 21:38:36 354264 ----a-w- C:\WINDOWS\System32\vccorlib110.dll
2012-11-02 21:38:36 251864 ----a-w- C:\WINDOWS\SysWow64\vccorlib110.dll
.
============= FINISH: 22:56:00.02 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:05:38 PM

Posted 31 January 2013 - 12:21 AM

Hello and welcome to BleepingComputer. I am The Dark Knight and will be assisting you. Please ask questions if anything is unclear. :welcome:

Please download Malwarebytes Anti-Rootkit here.

  • Unzip the contents to a folder on the Desktop.
  • Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Please post the two logs produced.

Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.

=====

Also, please run a fresh scan with MBAM and post the results in your reply.

=====

In your reply I would like to see the contents of the following please:
  • Both MBAR logs.
  • MBAM log.
What issues are on your computer?

Edited by The Dark Knight, 31 January 2013 - 12:22 AM.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#3 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 31 January 2013 - 07:27 AM

Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.29.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
SYSTEM :: MICHAELBRANCATO [administrator]

Protection: Enabled

1/29/2013 9:23:11 PM
mbam-log-2013-01-29 (21-23-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 622757
Time elapsed: 4 hour(s), 18 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
I cannnot find log for malwarebytes rootkit but it said it did not find anything. Fake trendmicro seems to still be running.

#4 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 31 January 2013 - 07:29 AM

Malwarebytes Anti-Rootkit BETA 1.01.0.1017
www.malwarebytes.org

Database version: v2013.01.31.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
Michael :: MICHAELBRANCATO [administrator]

1/31/2013 12:52:03 AM
mbar-log-2013-01-31 (00-52-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 32350
Time elapsed: 1 hour(s), 15 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
sorry just found this

#5 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:05:38 PM

Posted 31 January 2013 - 07:30 AM

Good evening michael_brancato,

Thank you for the logs.

Please download to the Desktop RogueKiller (by tigzy).
  • Please quit all programs.
  • Start RogueKiller.exe.
  • Wait until Prescan has finished.
  • Click on Scan.
  • Click on Report and copy/paste the contents of the report in your next reply.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#6 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 31 January 2013 - 07:31 PM

I cannot use this program. Once started i get the error message that "roguekillerx64.exe has stoped working." C:\Users\Michael\AppData\Local\Temp\WER818B.tmp.appcompat.txt
C:\Users\Michael\AppData\Local\Temp\WER81BB.tmp.hdmp were loged as having the problem. in an effort to try and start it I ran rkill once to try and stop the malware. Posted below is the results. IT seems that the malware had replaced some system files and host file.

Rkill 2.4.6 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/31/2013 06:31:19 PM in x64 mode.
Windows Version: Windows 8 Pro

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* HdAudAddService [Missing Service]

* gpsvc => %windir%\system32\svchost.exe -k GPSvcGroup [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\olepro32.dll [NoSig]
+-> C:\WINDOWS\SysWOW64\olepro32.dll : 79,360 : 07/25/2012 10:19 PM : 75439663a508a6256f3d50e0e760488b [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.2.9200.16384_none_36bec673d31b0b3f\olepro32.dll : 79,360 : 07/25/2012 10:19 PM : 75439663a508a6256f3d50e0e760488b [Pos Repl]

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com

20 out of 15302 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/31/2013 06:31:23 PM
Execution time: 0 hours(s), 0 minute(s), and 3 seconds(s)


#7 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:05:38 PM

Posted 01 February 2013 - 12:17 AM

Hello michael_brancato,

Please download TFC to your Desktop.
  • Open the file and close any other windows.
  • It will close all programs itself when run; make sure to let it run uninterrupted.
  • Click the Start button to begin the process. The program should not take long to finish its job.
  • Once its finished it should reboot your machine; if not, do this yourself to ensure a complete clean.

Then, please try running RogueKiller. :)

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#8 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 02 February 2013 - 01:54 PM

still wil not run

#9 The Dark Knight

The Dark Knight

    The Magician


  • Security Colleague
  • 661 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Krypton
  • Local time:05:38 PM

Posted 02 February 2013 - 05:14 PM

Good morning michael_brancato. :)

Please download to your Desktop:
  • TDSSKiller.zip from here and extract it (right click on it => "Extract here").

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.
  • Click Change parameters.
  • Make sure you check the box Loaded modules.
  • A window will popup and say Reboot is required. Please click Reboot now.
  • Then click Change parameters again. Check the box Detect TDLFS file system.
  • Click on the Start Scan button.
  • If an infected file is detected, the default action will be Cure. Instead, choose SKIP, then click on Continue. Posted Image
  • If a suspicious file is detected, the default action will be Skip, click on Continue. Posted Image
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button.
  • Once the tool has finished, please click Report. Please copy and paste the contents of that log in your reply.
    Note: A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt).

=====

Also, please download aswMBR by gmer to your Desktop.

  • Please visit this site for instructions on how to run the tool.
  • Once familiar with this tool, double click aswMBR.exe to run it.
  • Click the Scan button to start the scan.
  • Once the scan has completed, please save the aswMBR.txt log to the Desktop and post it in your next reply.

=====

In your reply please provide the following:
  • TDSSKiller log.
  • aswMBR.txt.

If you make yourself more than just a man, if you devote yourself to an ideal...you become something else entirely. A legend, Mr. Wayne, a legend!


If I have helped you please consider donating to the Neuroscience Research Institute.


Posted Image
Posted Image


#10 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 02 February 2013 - 10:52 PM

Had to attach because posts were too long.
Also noticed with aswmbr that when i ran the scan with the avast definitions the scan would be stopped after trying to scan service "windefender" and "sys". Thinking back I think in the rkill long posted above some system files were replaced? I think that might be the source of the problem.Attached File  aswMBR.txt   1.8KB   1 downloads

#11 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 02 February 2013 - 10:56 PM

18:00:19.0927 5432 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:00:20.0380 5432 ============================================================
18:00:20.0380 5432 Current date / time: 2013/02/02 18:00:20.0380
18:00:20.0380 5432 SystemInfo:
18:00:20.0380 5432
18:00:20.0380 5432 OS Version: 6.2.9200 ServicePack: 0.0
18:00:20.0380 5432 Product type: Workstation
18:00:20.0380 5432 ComputerName: MICHAELBRANCATO
18:00:20.0380 5432 UserName: Michael
18:00:20.0380 5432 Windows directory: C:\WINDOWS
18:00:20.0380 5432 System windows directory: C:\WINDOWS
18:00:20.0380 5432 Running under WOW64
18:00:20.0380 5432 Processor architecture: Intel x64
18:00:20.0380 5432 Number of processors: 8
18:00:20.0380 5432 Page size: 0x1000
18:00:20.0380 5432 Boot type: Normal boot
18:00:20.0380 5432 ============================================================
18:00:20.0771 5432 BG loaded
18:00:21.0568 5432 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:00:21.0568 5432 ============================================================
18:00:21.0568 5432 \Device\Harddisk0\DR0:
18:00:21.0568 5432 MBR partitions:
18:00:21.0568 5432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x34000, BlocksNum 0x2710000
18:00:21.0568 5432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2744000, BlocksNum 0x54E01000
18:00:21.0568 5432 ============================================================
18:00:21.0958 5432 C: <-> \Device\Harddisk0\DR0\Partition2
18:00:21.0958 5432 ============================================================
18:00:21.0958 5432 Initialize success
18:00:21.0958 5432 ============================================================
18:00:48.0790 5848 ============================================================
18:00:48.0790 5848 Scan started
18:00:48.0790 5848 Mode: Manual;
18:00:48.0790 5848 ============================================================
18:00:54.0478 5848 ================ Scan system memory ========================
18:00:54.0478 5848 System memory - ok
18:00:54.0478 5848 ================ Scan services =============================
18:00:55.0135 5848 [ 581D88B25C4D4121824FED2CA38E562F ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
18:00:55.0181 5848 !SASCORE - ok
18:00:57.0260 5848 [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
18:01:00.0385 5848 1394ohci - ok
18:01:00.0552 5848 [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
18:01:00.0619 5848 3ware - ok
18:01:00.0729 5848 [ E0065CBF1A25C015C218457D2CD522B9 ] Acceler C:\WINDOWS\system32\DRIVERS\Accelern.sys
18:01:00.0729 5848 Acceler - ok
18:01:00.0994 5848 [ 975AABEB243B800C23626D6B652C5A9C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
18:01:01.0010 5848 ACPI - ok
18:01:01.0182 5848 [ DC968C37822117E576B933F34A2D130C ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
18:01:01.0182 5848 acpiex - ok
18:01:01.0354 5848 [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
18:01:01.0354 5848 acpipagr - ok
18:01:01.0557 5848 [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
18:01:01.0557 5848 AcpiPmi - ok
18:01:01.0854 5848 [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
18:01:01.0854 5848 acpitime - ok
18:01:02.0480 5848 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:01:02.0480 5848 AdobeARMservice - ok
18:01:02.0980 5848 [ 93C6388592B99925C1D1576E465BC80F ] adp94xx C:\WINDOWS\system32\drivers\adp94xx.sys
18:01:03.0136 5848 adp94xx - ok
18:01:03.0261 5848 [ D27763E0247292654E7F7D16444C7C72 ] adpahci C:\WINDOWS\system32\drivers\adpahci.sys
18:01:03.0261 5848 adpahci - ok
18:01:03.0652 5848 [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320 C:\WINDOWS\system32\drivers\adpu320.sys
18:01:04.0495 5848 adpu320 - ok
18:01:04.0667 5848 [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
18:01:07.0449 5848 AeLookupSvc - ok
18:01:08.0730 5848 [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
18:01:08.0730 5848 AERTFilters - ok
18:01:10.0043 5848 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD C:\WINDOWS\system32\drivers\afd.sys
18:01:10.0886 5848 AFD - ok
18:01:11.0402 5848 [ 01590377A5AB19E792528C628A2A68F9 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
18:01:12.0934 5848 agp440 - ok
18:01:13.0434 5848 [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG C:\WINDOWS\System32\alg.exe
18:01:13.0434 5848 ALG - ok
18:01:13.0497 5848 [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
18:01:14.0481 5848 AllUserInstallAgent - ok
18:01:15.0231 5848 [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
18:01:15.0231 5848 AmdK8 - ok
18:01:15.0263 5848 [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
18:01:15.0263 5848 AmdPPM - ok
18:01:15.0372 5848 [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
18:01:15.0388 5848 amdsata - ok
18:01:17.0513 5848 [ 00452671904F5EE94B50BF0219C97164 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
18:01:17.0513 5848 amdsbs - ok
18:01:17.0544 5848 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
18:01:17.0544 5848 amdxata - ok
18:01:17.0591 5848 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\WINDOWS\system32\DRIVERS\AMPPAL.sys
18:01:17.0606 5848 AMPPAL - ok
18:01:18.0467 5848 [ 1E7B61301E75B734BC2D60DB0E15183B ] Amsp C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:01:18.0467 5848 Amsp - ok
18:01:19.0764 5848 [ 823F34D1DEF120A657BB7529ABF4461F ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:01:19.0779 5848 AppHostSvc - ok
18:01:20.0014 5848 [ 83B3682CE922FB0F415734B26D9D6233 ] AppID C:\WINDOWS\system32\drivers\appid.sys
18:01:20.0983 5848 AppID - ok
18:01:21.0467 5848 [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
18:01:21.0483 5848 AppIDSvc - ok
18:01:21.0701 5848 [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo C:\WINDOWS\System32\appinfo.dll
18:01:21.0701 5848 Appinfo - ok
18:01:21.0811 5848 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:01:21.0811 5848 Apple Mobile Device - ok
18:01:21.0983 5848 [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:01:21.0983 5848 AppMgmt - ok
18:01:22.0108 5848 [ E933401B392387F4BE34DE8BAF1722A7 ] arc C:\WINDOWS\system32\drivers\arc.sys
18:01:22.0108 5848 arc - ok
18:01:22.0795 5848 [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
18:01:22.0858 5848 arcsas - ok
18:01:25.0342 5848 [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:01:26.0436 5848 aspnet_state - ok
18:01:26.0686 5848 [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:01:26.0702 5848 AsyncMac - ok
18:01:26.0733 5848 [ A721FF570C2387E383BDDEA9632863C9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:01:26.0733 5848 atapi - ok
18:01:27.0202 5848 [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:01:27.0202 5848 AudioEndpointBuilder - ok
18:01:27.0842 5848 [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
18:01:27.0858 5848 Audiosrv - ok
18:01:28.0233 5848 [ 89491EF71D5EA011127832C588002853 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
18:01:28.0249 5848 AxInstSV - ok
18:01:29.0327 5848 [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
18:01:29.0452 5848 b06bdrv - ok
18:01:29.0546 5848 [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:01:29.0546 5848 BasicDisplay - ok
18:01:29.0842 5848 [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
18:01:29.0858 5848 BasicRender - ok
18:01:30.0108 5848 [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
18:01:30.0124 5848 BDESVC - ok
18:01:30.0593 5848 [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:01:30.0593 5848 Beep - ok
18:01:31.0155 5848 [ 9E6A544F465C582AB42444A217CF04DC ] BFE C:\WINDOWS\System32\bfe.dll
18:01:31.0155 5848 BFE - ok
18:01:31.0452 5848 [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS C:\WINDOWS\System32\qmgr.dll
18:01:31.0452 5848 BITS - ok
18:01:32.0139 5848 [ BAE8683BE3463B25E51875B380AB695A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:01:32.0139 5848 Bluetooth Device Monitor - ok
18:01:32.0889 5848 [ AF06006C7A8B6CE409ABD351867A9544 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:01:32.0952 5848 Bluetooth OBEX Service - ok
18:01:33.0156 5848 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:01:33.0156 5848 Bonjour Service - ok
18:01:33.0187 5848 [ B17AC10B47C7FCB44D22A1F06415840E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
18:01:33.0187 5848 bowser - ok
18:01:33.0344 5848 [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:01:33.0344 5848 BrokerInfrastructure - ok
18:01:33.0719 5848 [ 310068BDA80B1D55C36580FD8A873FAF ] Browser C:\WINDOWS\System32\browser.dll
18:01:33.0719 5848 Browser - ok
18:01:33.0797 5848 [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:01:33.0797 5848 BthAvrcpTg - ok
18:01:33.0937 5848 [ 6AB44FF15F12E2CADABA3B8E9B2FBEB8 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
18:01:33.0953 5848 BthEnum - ok
18:01:34.0172 5848 [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
18:01:34.0172 5848 BthHFEnum - ok
18:01:34.0406 5848 [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
18:01:34.0422 5848 bthhfhid - ok
18:01:34.0547 5848 [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
18:01:34.0547 5848 BTHMODEM - ok
18:01:34.0656 5848 [ 091BB978E9504D0AD14586929431A957 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
18:01:34.0656 5848 BthPan - ok
18:01:35.0125 5848 [ CFD630EA8B3F593FFA0030FD53BA7908 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
18:01:35.0156 5848 BTHPORT - ok
18:01:35.0234 5848 [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv C:\WINDOWS\system32\bthserv.dll
18:01:35.0234 5848 bthserv - ok
18:01:35.0234 5848 [ 69C903C026CB675E234F4A7C951FD722 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:01:35.0250 5848 BTHUSB - ok
18:01:35.0391 5848 [ 8F5E4E166C19A1B60F508057CF2FF96E ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys
18:01:35.0391 5848 btmaux - ok
18:01:35.0891 5848 [ FD6DCB9E986D4B88655370C7F3976F78 ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
18:01:35.0922 5848 btmhsf - ok
18:01:36.0172 5848 [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:01:36.0172 5848 cdfs - ok
18:01:36.0281 5848 [ 339BFF85D788268752DA8C9644B188EE ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
18:01:36.0281 5848 cdrom - ok
18:01:36.0422 5848 [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
18:01:36.0422 5848 CertPropSvc - ok
18:01:36.0500 5848 [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
18:01:36.0500 5848 circlass - ok
18:01:36.0859 5848 [ 9905168708DB68849B879B5548F68AB3 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
18:01:36.0891 5848 CLFS - ok
18:01:38.0892 5848 [ 626C1C769F4CC1225B2866E23FF213DA ] CLHNServiceForPowerDVD12 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
18:01:38.0892 5848 CLHNServiceForPowerDVD12 - ok
18:01:39.0283 5848 [ 2DC8538A2260647484A6C921CA837313 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
18:01:39.0298 5848 CmBatt - ok
18:01:40.0111 5848 [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
18:01:40.0126 5848 CNG - ok
18:01:40.0298 5848 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
18:01:40.0298 5848 CompositeBus - ok
18:01:40.0298 5848 COMSysApp - ok
18:01:40.0595 5848 [ D9CB0782AF819548072AA45B70F8B22D ] condrv C:\WINDOWS\system32\drivers\condrv.sys
18:01:40.0595 5848 condrv - ok
18:01:41.0345 5848 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:01:41.0361 5848 cphs - ok
18:01:41.0876 5848 [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
18:01:41.0876 5848 CryptSvc - ok
18:01:42.0126 5848 [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC C:\WINDOWS\system32\drivers\csc.sys
18:01:42.0236 5848 CSC - ok
18:01:42.0486 5848 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService C:\WINDOWS\System32\cscsvc.dll
18:01:42.0486 5848 CscService - ok
18:01:42.0517 5848 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] CtClsFlt C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys
18:01:42.0611 5848 CtClsFlt - ok
18:01:42.0830 5848 [ E7D3009627CE1EDC5C524CFDF2C5D282 ] CyberLink PowerDVD 12 Media Server Monitor Service C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
18:01:42.0830 5848 CyberLink PowerDVD 12 Media Server Monitor Service - ok
18:01:42.0845 5848 [ 5363B3EA54B526C345434B994B8B2C06 ] CyberLink PowerDVD 12 Media Server Service C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
18:01:42.0845 5848 CyberLink PowerDVD 12 Media Server Service - ok
18:01:42.0986 5848 [ C4D01BD86D6B207275FC143EEA951D75 ] dam C:\WINDOWS\system32\drivers\dam.sys
18:01:42.0986 5848 dam - ok
18:01:43.0095 5848 [ E6CE7188CC47AE5DAFDAF552D370C52F ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
18:01:43.0142 5848 dc3d - ok
18:01:43.0517 5848 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:01:43.0517 5848 DcomLaunch - ok
18:01:43.0642 5848 [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
18:01:43.0642 5848 defragsvc - ok
18:01:43.0751 5848 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:01:43.0767 5848 DeviceAssociationService - ok
18:01:43.0830 5848 [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
18:01:43.0830 5848 DeviceInstall - ok
18:01:43.0939 5848 [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
18:01:43.0955 5848 Dfsc - ok
18:01:44.0283 5848 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
18:01:44.0283 5848 Dhcp - ok
18:01:44.0330 5848 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache C:\WINDOWS\system32\drivers\discache.sys
18:01:44.0330 5848 discache - ok
18:01:44.0455 5848 [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk C:\WINDOWS\system32\drivers\disk.sys
18:01:44.0470 5848 disk - ok
18:01:44.0533 5848 [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
18:01:44.0533 5848 dmvsc - ok
18:01:44.0705 5848 [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:01:44.0705 5848 Dnscache - ok
18:01:44.0798 5848 [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
18:01:44.0814 5848 dot3svc - ok
18:01:44.0986 5848 [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS C:\WINDOWS\system32\dps.dll
18:01:44.0986 5848 DPS - ok
18:01:45.0127 5848 [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:01:45.0142 5848 drmkaud - ok
18:01:45.0252 5848 [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
18:01:45.0252 5848 DsmSvc - ok
18:01:45.0533 5848 [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:01:45.0548 5848 DXGKrnl - ok
18:01:45.0611 5848 [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
18:01:45.0611 5848 Eaphost - ok
18:01:46.0127 5848 [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
18:01:46.0205 5848 ebdrv - ok
18:01:46.0267 5848 [ F702AB6181513303AB0FC8D59E52708B ] EFS C:\WINDOWS\System32\lsass.exe
18:01:46.0267 5848 EFS - ok
18:01:46.0361 5848 [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
18:01:46.0361 5848 EhStorClass - ok
18:01:46.0377 5848 [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:01:46.0377 5848 EhStorTcgDrv - ok
18:01:46.0408 5848 [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
18:01:46.0423 5848 ErrDev - ok
18:01:46.0924 5848 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem C:\WINDOWS\system32\es.dll
18:01:46.0924 5848 EventSystem - ok
18:01:47.0095 5848 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
18:01:47.0095 5848 exfat - ok
18:01:47.0111 5848 [ 60996602A7111FD2D086E803F33E4282 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
18:01:47.0127 5848 fastfat - ok
18:01:47.0330 5848 [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax C:\WINDOWS\system32\fxssvc.exe
18:01:47.0377 5848 Fax - ok
18:01:47.0392 5848 [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
18:01:47.0392 5848 fdc - ok
18:01:47.0549 5848 [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost C:\WINDOWS\system32\fdPHost.dll
18:01:47.0549 5848 fdPHost - ok
18:01:47.0674 5848 [ 872506AAB591E8908DF4461475AF92DF ] FDResPub C:\WINDOWS\system32\fdrespub.dll
18:01:47.0689 5848 FDResPub - ok
18:01:47.0799 5848 [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
18:01:47.0799 5848 fhsvc - ok
18:01:48.0033 5848 [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
18:01:48.0049 5848 FileInfo - ok
18:01:48.0111 5848 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
18:01:48.0111 5848 Filetrace - ok
18:01:48.0127 5848 [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
18:01:48.0142 5848 flpydisk - ok
18:01:48.0158 5848 [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:01:48.0158 5848 FltMgr - ok
18:01:48.0330 5848 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache C:\WINDOWS\system32\FntCache.dll
18:01:48.0345 5848 FontCache - ok
18:01:48.0955 5848 [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:01:48.0955 5848 FontCache3.0.0.0 - ok
18:01:48.0971 5848 [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
18:01:48.0971 5848 FsDepends - ok
18:01:49.0080 5848 [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:01:49.0096 5848 Fs_Rec - ok
18:01:49.0346 5848 [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:01:49.0361 5848 fvevol - ok
18:01:49.0439 5848 [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
18:01:49.0439 5848 FxPPM - ok
18:01:49.0517 5848 [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
18:01:49.0517 5848 gagp30kx - ok
18:01:49.0642 5848 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:01:49.0642 5848 GEARAspiWDM - ok
18:01:49.0861 5848 [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
18:01:49.0908 5848 gencounter - ok
18:01:50.0033 5848 [ 8F6AE606EB0CC884EE12C41948424422 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\615\g2aservice.exe
18:01:50.0033 5848 GoToAssist - ok
18:01:50.0158 5848 [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:01:50.0158 5848 GPIOClx0101 - ok
18:01:50.0674 5848 [ 5358678C6370F2ADC5291849F6503262 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
18:01:50.0689 5848 gpsvc - ok
18:01:50.0924 5848 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
18:01:50.0924 5848 HDAudBus - ok
18:01:50.0955 5848 [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
18:01:50.0955 5848 HidBatt - ok
18:01:51.0080 5848 [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
18:01:51.0080 5848 HidBth - ok
18:01:51.0174 5848 [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
18:01:51.0189 5848 hidi2c - ok
18:01:51.0205 5848 [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
18:01:51.0205 5848 HidIr - ok
18:01:51.0252 5848 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv C:\WINDOWS\system32\hidserv.dll
18:01:51.0252 5848 hidserv - ok
18:01:51.0346 5848 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
18:01:51.0346 5848 HidUsb - ok
18:01:51.0455 5848 [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
18:01:51.0455 5848 hkmsvc - ok
18:01:51.0549 5848 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:01:51.0549 5848 HomeGroupListener - ok
18:01:51.0721 5848 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:01:51.0721 5848 HomeGroupProvider - ok
18:01:51.0877 5848 [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
18:01:51.0877 5848 HpSAMD - ok
18:01:52.0471 5848 [ 29CB98187BB5711F7759540976D295FC ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
18:01:52.0502 5848 HTTP - ok
18:01:52.0783 5848 [ 2A98301068801700906C06649860FE94 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
18:01:52.0799 5848 hwpolicy - ok
18:01:53.0111 5848 [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
18:01:53.0111 5848 hyperkbd - ok
18:01:53.0127 5848 [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:01:53.0143 5848 HyperVideo - ok
18:01:53.0221 5848 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
18:01:53.0236 5848 i8042prt - ok
18:01:53.0314 5848 [ D469B77687E12FE43E344806740B624D ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:01:53.0314 5848 iaStor - ok
18:01:53.0455 5848 [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
18:01:53.0471 5848 iaStorV - ok
18:01:53.0752 5848 [ C430482AC892D52CED021EDDD4D368A2 ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
18:01:53.0752 5848 iBtFltCoex - ok
18:01:56.0127 5848 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:01:56.0377 5848 igfx - ok
18:01:56.0455 5848 [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp C:\WINDOWS\system32\drivers\iirsp.sys
18:01:56.0455 5848 iirsp - ok
18:01:56.0674 5848 [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
18:01:56.0690 5848 IKEEXT - ok
18:01:56.0830 5848 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\WINDOWS\system32\drivers\Impcd.sys
18:01:56.0830 5848 Impcd - ok
18:01:57.0299 5848 [ 8FED6428FDE53D7F4C105095F22524BE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:01:57.0346 5848 IntcAzAudAddService - ok
18:01:57.0549 5848 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
18:01:57.0549 5848 IntcDAud - ok
18:01:57.0612 5848 [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
18:01:57.0612 5848 intelide - ok
18:01:57.0737 5848 [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
18:01:57.0737 5848 intelppm - ok
18:01:57.0815 5848 [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:01:57.0815 5848 IpFilterDriver - ok
18:01:57.0987 5848 [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
18:01:57.0987 5848 iphlpsvc - ok
18:01:58.0002 5848 [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:01:58.0002 5848 IPMIDRV - ok
18:01:58.0112 5848 [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
18:01:58.0112 5848 IPNAT - ok
18:01:58.0315 5848 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:01:58.0315 5848 iPod Service - ok
18:01:58.0440 5848 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
18:01:58.0487 5848 IRENUM - ok
18:01:58.0549 5848 [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
18:01:58.0565 5848 isapnp - ok
18:01:58.0799 5848 [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
18:01:58.0799 5848 iScsiPrt - ok
18:01:58.0877 5848 [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
18:01:58.0893 5848 kbdclass - ok
18:01:58.0955 5848 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
18:01:58.0971 5848 kbdhid - ok
18:01:58.0971 5848 [ FB6C185092E18011EF49989425C2AA87 ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:01:58.0987 5848 kdnic - ok
18:01:59.0002 5848 [ F702AB6181513303AB0FC8D59E52708B ] KeyIso C:\WINDOWS\system32\lsass.exe
18:01:59.0002 5848 KeyIso - ok
18:01:59.0080 5848 [ DFA480F6DED551464F3A5B959F437800 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
18:01:59.0096 5848 KSecDD - ok
18:01:59.0238 5848 [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:01:59.0238 5848 KSecPkg - ok
18:01:59.0269 5848 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
18:01:59.0285 5848 ksthunk - ok
18:01:59.0363 5848 [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
18:01:59.0363 5848 KtmRm - ok
18:01:59.0628 5848 [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
18:01:59.0644 5848 LanmanServer - ok
18:01:59.0691 5848 [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:01:59.0691 5848 LanmanWorkstation - ok
18:01:59.0831 5848 [ CEEFD29FC551F289810B0B9381B321DC ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:01:59.0831 5848 lltdio - ok
18:02:00.0081 5848 [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
18:02:00.0081 5848 lltdsvc - ok
18:02:00.0175 5848 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
18:02:00.0175 5848 lmhosts - ok
18:02:00.0331 5848 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:02:00.0331 5848 LMS - ok
18:02:00.0378 5848 [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
18:02:00.0378 5848 LSI_SAS - ok
18:02:00.0456 5848 [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:02:00.0456 5848 LSI_SAS2 - ok
18:02:00.0519 5848 [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI C:\WINDOWS\system32\drivers\lsi_scsi.sys
18:02:00.0519 5848 LSI_SCSI - ok
18:02:00.0566 5848 [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
18:02:00.0566 5848 LSI_SSS - ok
18:02:00.0706 5848 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM C:\WINDOWS\System32\lsm.dll
18:02:00.0706 5848 LSM - ok
18:02:00.0831 5848 [ 2BDC5D711FA61307CE6190D47C956368 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
18:02:00.0831 5848 luafv - ok
18:02:00.0925 5848 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
18:02:00.0925 5848 MBAMProtector - ok
18:02:01.0566 5848 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:02:01.0582 5848 MBAMScheduler - ok
18:02:01.0847 5848 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:02:01.0847 5848 MBAMService - ok
18:02:01.0910 5848 [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas C:\WINDOWS\system32\drivers\megasas.sys
18:02:01.0925 5848 megasas - ok
18:02:01.0988 5848 [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR C:\WINDOWS\system32\drivers\MegaSR.sys
18:02:02.0003 5848 MegaSR - ok
18:02:02.0128 5848 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
18:02:02.0128 5848 MEIx64 - ok
18:02:02.0191 5848 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS C:\WINDOWS\system32\mmcss.dll
18:02:02.0191 5848 MMCSS - ok
18:02:02.0269 5848 [ 780098AD5DA8A4822E2563984C85EF7B ] Modem C:\WINDOWS\system32\drivers\modem.sys
18:02:02.0285 5848 Modem - ok
18:02:02.0363 5848 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor C:\WINDOWS\system32\DRIVERS\monitor.sys
18:02:02.0378 5848 monitor - ok
18:02:02.0566 5848 [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb C:\WINDOWS\System32\Drivers\motoandroid.sys
18:02:02.0566 5848 motandroidusb - ok
18:02:02.0738 5848 [ 618446B98C79776654340CE27C73485E ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
18:02:02.0738 5848 mouclass - ok
18:02:02.0910 5848 [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
18:02:02.0925 5848 mouhid - ok
18:02:02.0957 5848 [ 89D263DBF08119CE16273991C120D6DD ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
18:02:02.0957 5848 mountmgr - ok
18:02:03.0019 5848 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
18:02:03.0019 5848 mpsdrv - ok
18:02:03.0097 5848 [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
18:02:03.0113 5848 MpsSvc - ok
18:02:03.0191 5848 [ 866AF645A3B1F4358C4201CE089839EA ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
18:02:03.0191 5848 MQAC - ok
18:02:03.0269 5848 [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
18:02:03.0269 5848 MRxDAV - ok
18:02:03.0378 5848 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:02:03.0394 5848 mrxsmb - ok
18:02:03.0566 5848 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:02:03.0566 5848 mrxsmb10 - ok
18:02:03.0629 5848 [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:02:03.0629 5848 mrxsmb20 - ok
18:02:03.0675 5848 [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
18:02:03.0675 5848 MsBridge - ok
18:02:03.0785 5848 [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:02:03.0785 5848 MSDTC - ok
18:02:03.0957 5848 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:02:03.0957 5848 Msfs - ok
18:02:04.0019 5848 [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:02:04.0035 5848 msgpiowin32 - ok
18:02:04.0097 5848 [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:02:04.0097 5848 mshidkmdf - ok
18:02:04.0160 5848 [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
18:02:04.0160 5848 mshidumdf - ok
18:02:04.0222 5848 [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
18:02:04.0222 5848 msisadrv - ok
18:02:04.0285 5848 [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
18:02:04.0285 5848 MSiSCSI - ok
18:02:04.0285 5848 msiserver - ok
18:02:04.0300 5848 [ 509809566E49F4411055864EA8D437CD ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:02:04.0316 5848 MSKSSRV - ok
18:02:04.0394 5848 [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:02:04.0394 5848 MsLldp - ok
18:02:04.0457 5848 [ 80FF037D6184FFACB2740A50C7949D20 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
18:02:04.0457 5848 MSMQ - ok
18:02:04.0488 5848 [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:02:04.0488 5848 MSPCLOCK - ok
18:02:04.0519 5848 [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:02:04.0519 5848 MSPQM - ok
18:02:04.0582 5848 [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
18:02:04.0582 5848 MsRPC - ok
18:02:04.0660 5848 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
18:02:04.0660 5848 mssmbios - ok
18:02:04.0691 5848 [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:02:04.0707 5848 MSTEE - ok
18:02:04.0722 5848 [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
18:02:04.0722 5848 MTConfig - ok
18:02:04.0754 5848 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
18:02:04.0754 5848 Mup - ok
18:02:04.0769 5848 [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
18:02:04.0785 5848 mvumis - ok
18:02:04.0879 5848 [ 4B18840511D720BA118D3017E8165875 ] napagent C:\WINDOWS\system32\qagentRT.dll
18:02:04.0894 5848 napagent - ok
18:02:05.0066 5848 [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:02:05.0129 5848 NativeWifiP - ok
18:02:05.0191 5848 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
18:02:05.0191 5848 NcaSvc - ok
18:02:05.0254 5848 [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
18:02:05.0254 5848 NcdAutoSetup - ok
18:02:05.0535 5848 [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
18:02:05.0566 5848 NDIS - ok
18:02:05.0613 5848 [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:02:05.0613 5848 NdisCap - ok
18:02:05.0660 5848 [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:02:05.0675 5848 NdisImPlatform - ok
18:02:05.0722 5848 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:02:05.0722 5848 NdisTapi - ok
18:02:05.0816 5848 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:02:05.0816 5848 Ndisuio - ok
18:02:05.0941 5848 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:02:05.0957 5848 NdisWan - ok
18:02:05.0957 5848 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:02:05.0957 5848 NDISWANLEGACY - ok
18:02:06.0004 5848 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:02:06.0004 5848 NDProxy - ok
18:02:06.0051 5848 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
18:02:06.0051 5848 Ndu - ok
18:02:06.0082 5848 [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:02:06.0082 5848 NetBIOS - ok
18:02:06.0160 5848 [ 7CEC25C682D319D484630B3952C31A11 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:02:06.0176 5848 NetBT - ok
18:02:06.0207 5848 [ F702AB6181513303AB0FC8D59E52708B ] Netlogon C:\WINDOWS\system32\lsass.exe
18:02:06.0207 5848 Netlogon - ok
18:02:06.0269 5848 [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman C:\WINDOWS\System32\netman.dll
18:02:06.0269 5848 Netman - ok
18:02:06.0551 5848 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:02:06.0551 5848 NetMsmqActivator - ok
18:02:06.0551 5848 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:02:06.0551 5848 NetPipeActivator - ok
18:02:06.0707 5848 [ 20F6FD63E6D456114BC8056D62792786 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
18:02:06.0707 5848 netprofm - ok
18:02:06.0707 5848 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:02:06.0707 5848 NetTcpActivator - ok
18:02:06.0722 5848 [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:02:06.0738 5848 NetTcpPortSharing - ok
18:02:07.0957 5848 [ 98CF53F7B23F77D082805D5DBBD99A4E ] NETwNs64 C:\WINDOWS\system32\DRIVERS\Netwsw00.sys
18:02:08.0129 5848 NETwNs64 - ok
18:02:08.0160 5848 [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960 C:\WINDOWS\system32\drivers\nfrd960.sys
18:02:08.0160 5848 nfrd960 - ok
18:02:08.0238 5848 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
18:02:08.0238 5848 NlaSvc - ok
18:02:08.0957 5848 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:02:08.0973 5848 NOBU - ok
18:02:09.0035 5848 [ C31FA031335EFF434B2D94278E74BCCE ] NPF C:\WINDOWS\system32\drivers\npf.sys
18:02:09.0082 5848 NPF - ok
18:02:09.0144 5848 [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:02:09.0144 5848 Npfs - ok
18:02:09.0207 5848 [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
18:02:09.0207 5848 npsvctrig - ok
18:02:09.0254 5848 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi C:\WINDOWS\system32\nsisvc.dll
18:02:09.0254 5848 nsi - ok
18:02:09.0269 5848 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
18:02:09.0285 5848 nsiproxy - ok
18:02:09.0504 5848 [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:02:09.0582 5848 Ntfs - ok
18:02:09.0769 5848 [ A773AA47341A1FD16C6A9BA3C11D7DAA ] ntk_PowerDVD12 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
18:02:09.0785 5848 ntk_PowerDVD12 - ok
18:02:09.0848 5848 [ 4163ADE07DB51843AE31F65B94F5398D ] Null C:\WINDOWS\system32\drivers\Null.sys
18:02:09.0848 5848 Null - ok
18:02:09.0941 5848 [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
18:02:09.0957 5848 NVHDA - ok
18:02:10.0004 5848 [ 5AA24BDF21D995D8E48747074C7C7018 ] nvkflt C:\WINDOWS\system32\DRIVERS\nvkflt.sys
18:02:10.0019 5848 nvkflt - ok
18:02:13.0207 5848 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:02:13.0363 5848 nvlddmkm - ok
18:02:13.0488 5848 [ 6D785C898F9D70905A90655F4D0D0AFB ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
18:02:13.0488 5848 nvpciflt - ok
18:02:13.0629 5848 [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
18:02:13.0629 5848 nvraid - ok
18:02:13.0817 5848 [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
18:02:13.0817 5848 nvstor - ok
18:02:13.0957 5848 [ 9E01B716C8085F7ADB1CDC10103CEEF8 ] NvStUSB C:\WINDOWS\system32\drivers\nvstusb.sys
18:02:13.0957 5848 NvStUSB - ok
18:02:14.0145 5848 [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
18:02:14.0145 5848 nvsvc - ok
18:02:14.0443 5848 [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:02:14.0443 5848 nvUpdatusService - ok
18:02:14.0521 5848 [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
18:02:14.0536 5848 nv_agp - ok
18:02:14.0677 5848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:02:14.0677 5848 ose - ok
18:02:15.0349 5848 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:02:16.0208 5848 osppsvc - ok
18:02:16.0255 5848 [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
18:02:16.0255 5848 p2pimsvc - ok
18:02:16.0349 5848 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
18:02:16.0349 5848 p2psvc - ok
18:02:16.0474 5848 [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport C:\WINDOWS\System32\drivers\parport.sys
18:02:16.0474 5848 Parport - ok
18:02:16.0490 5848 [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
18:02:16.0490 5848 partmgr - ok
18:02:16.0630 5848 [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
18:02:16.0630 5848 PcaSvc - ok
18:02:16.0818 5848 [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci C:\WINDOWS\system32\drivers\pci.sys
18:02:16.0833 5848 pci - ok
18:02:16.0849 5848 [ F9908D274D458220F91E89B54D78D837 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
18:02:16.0849 5848 pciide - ok
18:02:16.0912 5848 [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
18:02:16.0927 5848 pcmcia - ok
18:02:16.0943 5848 [ CEBBAD5391C2644560C55628A40BFD27 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
18:02:16.0958 5848 pcw - ok
18:02:16.0974 5848 [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
18:02:16.0974 5848 pdc - ok
18:02:17.0099 5848 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
18:02:17.0130 5848 PEAUTH - ok
18:02:18.0115 5848 [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
18:02:18.0209 5848 PeerDistSvc - ok
18:02:19.0427 5848 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
18:02:19.0443 5848 PerfHost - ok
18:02:19.0787 5848 [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla C:\WINDOWS\system32\pla.dll
18:02:19.0849 5848 pla - ok
18:02:19.0959 5848 [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
18:02:19.0959 5848 PlugPlay - ok
18:02:20.0052 5848 [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll

18:02:20.0052 5848 PNRPAutoReg - ok
18:02:20.0115 5848 [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
18:02:20.0115 5848 PNRPsvc - ok
18:02:20.0177 5848 [ 5BC4D480DD527EB0CF33A67A090A130E ] Point64 C:\WINDOWS\System32\drivers\point64.sys
18:02:20.0177 5848 Point64 - ok
18:02:20.0318 5848 [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
18:02:20.0334 5848 PolicyAgent - ok
18:02:20.0427 5848 [ F1E067F56373F11EA4B785CAE823740A ] Power C:\WINDOWS\system32\umpo.dll
18:02:20.0443 5848 Power - ok
18:02:20.0552 5848 [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:02:20.0552 5848 PptpMiniport - ok
18:02:21.0224 5848 [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
18:02:21.0334 5848 PrintNotify - ok
18:02:21.0427 5848 [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor C:\WINDOWS\System32\drivers\processr.sys
18:02:21.0427 5848 Processor - ok
18:02:21.0490 5848 [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
18:02:21.0490 5848 ProfSvc - ok
18:02:21.0615 5848 [ EB8034147D4820CD31BFCB11A2A652DF ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
18:02:21.0615 5848 Psched - ok
18:02:21.0646 5848 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf.sys
18:02:21.0662 5848 PSI - ok
18:02:21.0724 5848 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:02:21.0724 5848 PSI_SVC_2 - ok
18:02:21.0802 5848 [ D8589A43B352E7F2317194C98447149F ] pwdrvio C:\Windows\system32\pwdrvio.sys
18:02:21.0802 5848 pwdrvio - ok
18:02:21.0896 5848 [ 4B8FDA635F4D2E7D638B2B3817B5AFC8 ] pwdspio C:\Windows\system32\pwdspio.sys
18:02:21.0912 5848 pwdspio - ok
18:02:21.0959 5848 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
18:02:21.0974 5848 PxHlpa64 - ok
18:02:22.0037 5848 [ 0928BD20273625622722FE1DE5BBDE57 ] qicflt C:\WINDOWS\system32\DRIVERS\qicflt.sys
18:02:22.0037 5848 qicflt - ok
18:02:22.0177 5848 [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE C:\WINDOWS\system32\qwave.dll
18:02:22.0193 5848 QWAVE - ok
18:02:22.0256 5848 [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
18:02:22.0256 5848 QWAVEdrv - ok
18:02:22.0318 5848 [ 873C60F8178100557740A832FCE10B5F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:02:22.0334 5848 RasAcd - ok
18:02:22.0365 5848 [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
18:02:22.0381 5848 RasAgileVpn - ok
18:02:22.0459 5848 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:02:22.0459 5848 RasAuto - ok
18:02:22.0474 5848 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:02:22.0474 5848 Rasl2tp - ok
18:02:22.0646 5848 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:02:22.0662 5848 RasMan - ok
18:02:22.0709 5848 [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:02:22.0709 5848 RasPppoe - ok
18:02:22.0756 5848 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
18:02:22.0756 5848 RasSstp - ok
18:02:22.0928 5848 [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:02:22.0943 5848 rdbss - ok
18:02:23.0068 5848 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
18:02:23.0068 5848 rdpbus - ok
18:02:23.0131 5848 [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
18:02:23.0131 5848 RDPDR - ok
18:02:23.0209 5848 [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:02:23.0224 5848 RdpVideoMiniport - ok
18:02:23.0288 5848 [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:02:23.0304 5848 RDPWD - ok
18:02:23.0382 5848 [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
18:02:23.0382 5848 rdyboost - ok
18:02:23.0429 5848 [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:02:23.0429 5848 RemoteAccess - ok
18:02:23.0491 5848 [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:02:23.0491 5848 RemoteRegistry - ok
18:02:23.0554 5848 [ 9C3AC71A9934B884FAC567A8807E9C4D ] Revoflt C:\WINDOWS\system32\DRIVERS\revoflt.sys
18:02:23.0569 5848 Revoflt - ok
18:02:23.0725 5848 [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
18:02:23.0741 5848 RFCOMM - ok
18:02:24.0179 5848 [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
18:02:24.0257 5848 RoxMediaDB12OEM - ok
18:02:24.0319 5848 [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
18:02:24.0319 5848 RoxWatch12 - ok
18:02:24.0397 5848 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
18:02:24.0413 5848 rpcapd - ok
18:02:24.0491 5848 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
18:02:24.0507 5848 RpcEptMapper - ok
18:02:24.0538 5848 [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator C:\WINDOWS\system32\locator.exe
18:02:24.0554 5848 RpcLocator - ok
18:02:24.0897 5848 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:02:24.0897 5848 RpcSs - ok
18:02:24.0929 5848 [ E04E770DD198B9399640717145E79EBF ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:02:24.0929 5848 rspndr - ok
18:02:25.0194 5848 [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
18:02:25.0257 5848 RTL8168 - ok
18:02:25.0429 5848 [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] RUBotSrv C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
18:02:25.0429 5848 RUBotSrv - ok
18:02:25.0476 5848 [ D28AB8D41CA4633EA69F2897F0B45565 ] rzudd C:\WINDOWS\System32\drivers\rzudd.sys
18:02:25.0476 5848 rzudd - ok
18:02:25.0538 5848 [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
18:02:25.0554 5848 s3cap - ok
18:02:25.0585 5848 [ F702AB6181513303AB0FC8D59E52708B ] SamSs C:\WINDOWS\system32\lsass.exe
18:02:25.0601 5848 SamSs - ok
18:02:25.0726 5848 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
18:02:25.0726 5848 SASDIFSV - ok
18:02:25.0772 5848 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
18:02:25.0788 5848 SASKUTIL - ok
18:02:25.0804 5848 [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
18:02:25.0804 5848 sbp2port - ok
18:02:26.0101 5848 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:02:26.0101 5848 SBSDWSCService - ok
18:02:26.0147 5848 [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
18:02:26.0147 5848 SCardSvr - ok
18:02:26.0210 5848 [ 5D7733A12756B267FCA021672B26BC9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:02:26.0210 5848 scfilter - ok
18:02:26.0569 5848 [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:02:26.0569 5848 Schedule - ok
18:02:26.0663 5848 [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
18:02:26.0663 5848 SCPolicySvc - ok
18:02:26.0726 5848 [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
18:02:26.0726 5848 sdbus - ok
18:02:26.0804 5848 [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
18:02:26.0804 5848 SDRSVC - ok
18:02:26.0882 5848 [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
18:02:26.0882 5848 sdstor - ok
18:02:26.0898 5848 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
18:02:26.0898 5848 secdrv - ok
18:02:26.0944 5848 [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon C:\WINDOWS\system32\seclogon.dll
18:02:26.0944 5848 seclogon - ok
18:02:27.0163 5848 [ 306F9390976E41063D21AB9AB6D48122 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
18:02:27.0288 5848 Secunia PSI Agent - ok
18:02:27.0304 5848 [ 29C852880E9634F8C6BD77A4E68B5B34 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
18:02:27.0351 5848 Secunia Update Agent - ok
18:02:27.0382 5848 [ 9C51620998F0763039DFA6BF68E475ED ] SENS C:\WINDOWS\System32\sens.dll
18:02:27.0382 5848 SENS - ok
18:02:27.0413 5848 [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
18:02:27.0413 5848 SensrSvc - ok
18:02:27.0460 5848 [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
18:02:27.0476 5848 SerCx - ok
18:02:27.0507 5848 [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
18:02:27.0507 5848 Serenum - ok
18:02:27.0554 5848 [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial C:\WINDOWS\System32\drivers\serial.sys
18:02:27.0554 5848 Serial - ok
18:02:27.0601 5848 [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
18:02:27.0601 5848 sermouse - ok
18:02:27.0648 5848 [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv C:\WINDOWS\system32\sessenv.dll
18:02:27.0663 5848 SessionEnv - ok
18:02:27.0710 5848 [ 7EE65419B29302C795714FF8073969A1 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
18:02:27.0726 5848 sfloppy - ok
18:02:27.0788 5848 [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:02:27.0804 5848 SharedAccess - ok
18:02:27.0882 5848 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:02:27.0882 5848 ShellHWDetection - ok
18:02:27.0929 5848 [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:02:27.0929 5848 SiSRaid2 - ok
18:02:27.0944 5848 [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
18:02:27.0944 5848 SiSRaid4 - ok
18:02:28.0007 5848 [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
18:02:28.0007 5848 SNMPTRAP - ok
18:02:28.0054 5848 [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
18:02:28.0054 5848 spaceport - ok
18:02:28.0069 5848 [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
18:02:28.0069 5848 SpbCx - ok
18:02:28.0179 5848 [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler C:\WINDOWS\System32\spoolsv.exe
18:02:28.0179 5848 Spooler - ok
18:02:28.0336 5848 [ EC84D961501054F87A6878EC5D53388F ] sppsvc C:\WINDOWS\system32\sppsvc.exe
18:02:28.0414 5848 sppsvc - ok
18:02:28.0477 5848 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:02:28.0477 5848 srv - ok
18:02:28.0539 5848 [ C2106BB710AA34A046126AED7BCA6964 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
18:02:28.0555 5848 srv2 - ok
18:02:28.0602 5848 [ 9400C71F5A1A380B494B6922F007D485 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:02:28.0617 5848 srvnet - ok
18:02:28.0664 5848 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:02:28.0664 5848 SSDPSRV - ok
18:02:28.0711 5848 [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
18:02:28.0727 5848 SstpSvc - ok
18:02:28.0774 5848 [ 92E7F6666633D2DD91D527503DAA7BE0 ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
18:02:28.0774 5848 stdcfltn - ok
18:02:28.0867 5848 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:02:28.0867 5848 Stereo Service - ok
18:02:28.0914 5848 [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
18:02:28.0914 5848 stexstor - ok
18:02:28.0992 5848 [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc C:\WINDOWS\System32\wiaservc.dll
18:02:29.0008 5848 stisvc - ok
18:02:29.0039 5848 [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
18:02:29.0055 5848 stllssvr - ok
18:02:29.0117 5848 [ C588BBD37B432CE3204E5765B459E6B2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
18:02:29.0117 5848 storahci - ok
18:02:29.0133 5848 [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
18:02:29.0133 5848 storflt - ok
18:02:29.0149 5848 [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc C:\WINDOWS\system32\storsvc.dll
18:02:29.0149 5848 StorSvc - ok
18:02:29.0180 5848 [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
18:02:29.0180 5848 storvsc - ok
18:02:29.0227 5848 [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
18:02:29.0227 5848 storvsp - ok
18:02:29.0274 5848 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc C:\WINDOWS\system32\svsvc.dll
18:02:29.0289 5848 svsvc - ok
18:02:29.0289 5848 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
18:02:29.0289 5848 swenum - ok
18:02:29.0383 5848 [ 502F9488540051F3E6C39889ECFA76BB ] swprv C:\WINDOWS\System32\swprv.dll
18:02:29.0383 5848 swprv - ok
18:02:29.0571 5848 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] SynTP C:\WINDOWS\System32\drivers\SynTP.sys
18:02:29.0586 5848 SynTP - ok
18:02:29.0664 5848 [ DC21E1F06343773D7E24362DCEF7944B ] SysMain C:\WINDOWS\system32\sysmain.dll
18:02:29.0664 5848 SysMain - ok
18:02:29.0711 5848 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:02:29.0711 5848 SystemEventsBroker - ok
18:02:29.0758 5848 [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:02:29.0758 5848 TabletInputService - ok
18:02:29.0821 5848 [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:02:29.0821 5848 TapiSrv - ok
18:02:29.0946 5848 [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
18:02:29.0992 5848 Tcpip - ok
18:02:30.0117 5848 [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:02:30.0133 5848 TCPIP6 - ok
18:02:30.0180 5848 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
18:02:30.0180 5848 tcpipreg - ok
18:02:30.0211 5848 [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
18:02:30.0211 5848 tdx - ok
18:02:30.0227 5848 [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
18:02:30.0227 5848 terminpt - ok
18:02:30.0258 5848 [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService C:\WINDOWS\System32\termsrv.dll
18:02:30.0305 5848 TermService - ok
18:02:30.0352 5848 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes C:\WINDOWS\system32\themeservice.dll
18:02:30.0352 5848 Themes - ok
18:02:30.0399 5848 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
18:02:30.0414 5848 THREADORDER - ok
18:02:30.0461 5848 [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
18:02:30.0461 5848 TimeBroker - ok
18:02:30.0508 5848 [ 6642C9F15CCC7859CAEEA159E711EB21 ] tmactmon C:\WINDOWS\system32\DRIVERS\tmactmon.sys
18:02:30.0524 5848 tmactmon - ok
18:02:30.0571 5848 [ 0BD205E00C93B8CF828301F43164AA51 ] tmcomm C:\WINDOWS\system32\DRIVERS\tmcomm.sys
18:02:30.0571 5848 tmcomm - ok
18:02:30.0617 5848 [ 9D86A57FB83E39A967CD8D3AAE8A170A ] TMEBC C:\WINDOWS\system32\DRIVERS\TMEBC64.sys
18:02:30.0617 5848 TMEBC - ok
18:02:30.0633 5848 [ 3B59304441B7610980976801272C8261 ] tmeevw C:\WINDOWS\system32\DRIVERS\tmeevw.sys
18:02:30.0649 5848 tmeevw - ok
18:02:30.0680 5848 [ C6FCD93938DC5F4EE3994270496FECEB ] tmel C:\WINDOWS\system32\DRIVERS\tmel.sys
18:02:30.0680 5848 tmel - ok
18:02:30.0696 5848 [ C27DAE25484C205F3CCF7260E1B045DD ] tmevtmgr C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
18:02:30.0696 5848 tmevtmgr - ok
18:02:30.0742 5848 [ 0FED34E72250A068BC4E7BA6EA07E7A0 ] tmnciesc C:\WINDOWS\system32\DRIVERS\tmnciesc.sys
18:02:30.0742 5848 tmnciesc - ok
18:02:30.0805 5848 [ A371ED5E08FC782AD180869BF1E2A27A ] tmusa C:\WINDOWS\system32\DRIVERS\tmusa.sys
18:02:30.0821 5848 tmusa - ok
18:02:30.0867 5848 [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
18:02:30.0867 5848 TPM - ok
18:02:30.0914 5848 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks C:\WINDOWS\System32\trkwks.dll
18:02:30.0914 5848 TrkWks - ok
18:02:31.0008 5848 [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:02:31.0024 5848 TrustedInstaller - ok
18:02:31.0055 5848 [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
18:02:31.0071 5848 TsUsbFlt - ok
18:02:31.0117 5848 [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:02:31.0117 5848 TsUsbGD - ok
18:02:31.0117 5848 [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:02:31.0133 5848 tunnel - ok
18:02:31.0149 5848 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\WINDOWS\system32\DRIVERS\TurboB.sys
18:02:31.0149 5848 TurboB - ok
18:02:31.0196 5848 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:02:31.0211 5848 TurboBoost - ok
18:02:31.0227 5848 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
18:02:31.0227 5848 uagp35 - ok
18:02:31.0274 5848 [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
18:02:31.0274 5848 UASPStor - ok
18:02:31.0336 5848 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
18:02:31.0336 5848 UCX01000 - ok
18:02:31.0430 5848 [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
18:02:31.0430 5848 udfs - ok
18:02:31.0493 5848 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
18:02:31.0493 5848 UI0Detect - ok
18:02:31.0508 5848 [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
18:02:31.0508 5848 uliagpkx - ok
18:02:31.0524 5848 [ 02CEB3FE6152668A7BA420B93B664860 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
18:02:31.0524 5848 umbus - ok
18:02:31.0555 5848 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
18:02:31.0555 5848 UmPass - ok
18:02:31.0618 5848 [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
18:02:31.0618 5848 UmRdpService - ok
18:02:31.0805 5848 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:02:31.0852 5848 UNS - ok
18:02:31.0946 5848 [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost C:\WINDOWS\System32\upnphost.dll
18:02:31.0946 5848 upnphost - ok
18:02:31.0993 5848 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
18:02:32.0008 5848 usbccgp - ok
18:02:32.0055 5848 [ B395B62B62F28106218FA6FB17F4C797 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
18:02:32.0055 5848 usbcir - ok
18:02:32.0102 5848 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
18:02:32.0102 5848 usbehci - ok
18:02:32.0211 5848 [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
18:02:32.0227 5848 usbhub - ok
18:02:32.0321 5848 [ B7A948501424805571BF562BB0BFE31D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
18:02:32.0336 5848 USBHUB3 - ok
18:02:32.0352 5848 [ 325F6179009B5A7F6118951A5BA422AB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
18:02:32.0352 5848 usbohci - ok
18:02:32.0399 5848 [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
18:02:32.0399 5848 usbprint - ok
18:02:32.0446 5848 [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:02:32.0446 5848 USBSTOR - ok
18:02:32.0524 5848 [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
18:02:32.0539 5848 usbuhci - ok
18:02:32.0602 5848 [ 09799E701B4327097E9F63D3FE221083 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
18:02:32.0602 5848 usbvideo - ok
18:02:32.0680 5848 [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:02:32.0696 5848 USBXHCI - ok
18:02:32.0711 5848 [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc C:\WINDOWS\system32\lsass.exe
18:02:32.0711 5848 VaultSvc - ok
18:02:32.0868 5848 [ D7FCD8FBBF6CC93140D9C7C7959ED60C ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
18:02:32.0899 5848 VBoxDrv - ok
18:02:32.0977 5848 [ 6B22F16BE58AEF1A57970611D7109507 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
18:02:32.0993 5848 VBoxNetAdp - ok
18:02:33.0086 5848 [ 10DD814DA2F2064F53B9694E30FF45A4 ] VBoxNetFlt C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys
18:02:33.0102 5848 VBoxNetFlt - ok
18:02:33.0149 5848 [ 812C2E4EC41CFCACE761620E17463529 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
18:02:33.0164 5848 VBoxUSBMon - ok
18:02:33.0211 5848 [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
18:02:33.0227 5848 vdrvroot - ok
18:02:33.0321 5848 [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds C:\WINDOWS\System32\vds.exe
18:02:33.0352 5848 vds - ok
18:02:33.0368 5848 [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
18:02:33.0368 5848 VerifierExt - ok
18:02:33.0540 5848 [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
18:02:33.0540 5848 vhdmp - ok
18:02:33.0586 5848 [ F5B4A14B00E89250C50982AC762DDD1D ] viaide C:\WINDOWS\system32\drivers\viaide.sys
18:02:33.0586 5848 viaide - ok
18:02:33.0633 5848 [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid C:\WINDOWS\System32\drivers\Vid.sys
18:02:33.0633 5848 Vid - ok
18:02:33.0664 5848 [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
18:02:33.0664 5848 vmbus - ok
18:02:33.0711 5848 [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
18:02:33.0711 5848 VMBusHID - ok
18:02:33.0727 5848 [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys
18:02:33.0743 5848 vmbusr - ok
18:02:33.0821 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
18:02:33.0821 5848 vmicheartbeat - ok
18:02:33.0821 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:02:33.0821 5848 vmickvpexchange - ok
18:02:33.0836 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
18:02:33.0836 5848 vmicrdv - ok
18:02:33.0836 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
18:02:33.0836 5848 vmicshutdown - ok
18:02:33.0852 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
18:02:33.0852 5848 vmictimesync - ok
18:02:33.0852 5848 [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
18:02:33.0852 5848 vmicvss - ok
18:02:33.0899 5848 [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
18:02:33.0899 5848 volmgr - ok
18:02:34.0055 5848 [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
18:02:34.0055 5848 volmgrx - ok
18:02:34.0149 5848 [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
18:02:34.0149 5848 volsnap - ok
18:02:34.0211 5848 [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
18:02:34.0211 5848 vpci - ok
18:02:34.0227 5848 [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys
18:02:34.0227 5848 vpcivsp - ok
18:02:34.0290 5848 [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
18:02:34.0290 5848 vsmraid - ok
18:02:34.0415 5848 [ EA658570314042C914964FC72AB50E6B ] VSS C:\WINDOWS\system32\vssvc.exe
18:02:34.0461 5848 VSS - ok
18:02:34.0508 5848 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
18:02:34.0524 5848 VSTXRAID - ok
18:02:34.0571 5848 [ 62460A45435A26A334907E3F2EA45611 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
18:02:34.0571 5848 vwifibus - ok
18:02:34.0586 5848 [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:02:34.0602 5848 vwififlt - ok
18:02:34.0618 5848 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:02:34.0618 5848 vwifimp - ok
18:02:34.0680 5848 [ F690B6EEAA94576727B24376D7ED3601 ] W32Time C:\WINDOWS\system32\w32time.dll
18:02:34.0680 5848 W32Time - ok
18:02:34.0836 5848 [ 901CC968412F8155B08D7ABE0171166A ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:02:34.0836 5848 W3SVC - ok
18:02:34.0852 5848 [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
18:02:34.0868 5848 WacomPen - ok
18:02:34.0915 5848 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:02:34.0915 5848 Wanarp - ok
18:02:34.0915 5848 [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:02:34.0915 5848 Wanarpv6 - ok
18:02:34.0930 5848 [ 901CC968412F8155B08D7ABE0171166A ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:02:34.0930 5848 WAS - ok
18:02:35.0055 5848 [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine C:\WINDOWS\system32\wbengine.exe
18:02:35.0071 5848 wbengine - ok
18:02:35.0165 5848 [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
18:02:35.0165 5848 WbioSrvc - ok
18:02:35.0274 5848 [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
18:02:35.0274 5848 Wcmsvc - ok
18:02:35.0430 5848 [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
18:02:35.0430 5848 wcncsvc - ok
18:02:35.0477 5848 [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:02:35.0477 5848 WcsPlugInService - ok
18:02:35.0524 5848 [ B3A4D918DAB90505B6BC7B70632913CB ] Wd C:\WINDOWS\system32\drivers\wd.sys
18:02:35.0524 5848 Wd - ok
18:02:35.0743 5848 [ D634CFE93E0CD001499D0D6D68890C9E ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:02:35.0758 5848 WDBackup - ok
18:02:35.0774 5848 [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
18:02:35.0774 5848 WdBoot - ok
18:02:35.0868 5848 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:02:35.0899 5848 WDDriveService - ok
18:02:36.0008 5848 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
18:02:36.0040 5848 Wdf01000 - ok
18:02:36.0102 5848 [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
18:02:36.0102 5848 WdFilter - ok
18:02:36.0149 5848 [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
18:02:36.0149 5848 WdiServiceHost - ok
18:02:36.0149 5848 [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
18:02:36.0149 5848 WdiSystemHost - ok
18:02:36.0290 5848 [ A578AE45097ACAD346C86C96F1C0D5A7 ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
18:02:36.0290 5848 WDRulesService - ok
18:02:36.0383 5848 [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:02:36.0383 5848 WebClient - ok
18:02:36.0477 5848 [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
18:02:36.0493 5848 Wecsvc - ok
18:02:36.0508 5848 [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
18:02:36.0524 5848 wercplsupport - ok
18:02:36.0540 5848 [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
18:02:36.0540 5848 WerSvc - ok
18:02:36.0618 5848 [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:02:36.0618 5848 WFPLWFS - ok
18:02:36.0665 5848 [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
18:02:36.0665 5848 WiaRpc - ok
18:02:36.0696 5848 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\WINDOWS\system32\DRIVERS\wimfltr.sys
18:02:36.0712 5848 WimFltr - ok
18:02:36.0712 5848 [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
18:02:36.0712 5848 WIMMount - ok
18:02:36.0743 5848 WinDefend - ok
18:02:36.0805 5848 [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:02:36.0805 5848 WinHttpAutoProxySvc - ok
18:02:36.0977 5848 [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:02:36.0977 5848 Winmgmt - ok
18:02:37.0633 5848 [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:02:37.0680 5848 WinRM - ok
18:02:37.0758 5848 [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
18:02:37.0774 5848 WlanSvc - ok
18:02:37.0821 5848 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:02:37.0821 5848 wlcrasvc - ok
18:02:38.0008 5848 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
18:02:38.0024 5848 wlidsvc - ok
18:02:38.0055 5848 [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
18:02:38.0055 5848 WmiAcpi - ok
18:02:38.0102 5848 [ D113499052C5E541906B727779F0F959 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:02:38.0102 5848 wmiApSrv - ok
18:02:38.0149 5848 WMPNetworkSvc - ok
18:02:38.0165 5848 [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:02:38.0165 5848 wpcfltr - ok
18:02:38.0196 5848 [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
18:02:38.0212 5848 WPCSvc - ok
18:02:38.0305 5848 [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
18:02:38.0305 5848 WPDBusEnum - ok
18:02:38.0383 5848 [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:02:38.0383 5848 WpdUpFltr - ok
18:02:38.0446 5848 [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:02:38.0462 5848 ws2ifsl - ok
18:02:38.0477 5848 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
18:02:38.0477 5848 wscsvc - ok
18:02:38.0602 5848 [ 74EFDA0526862C3D8D01A776182798EA ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
18:02:38.0602 5848 WSDPrintDevice - ok
18:02:38.0602 5848 WSearch - ok
18:02:38.0962 5848 [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService C:\WINDOWS\System32\WSService.dll
18:02:38.0993 5848 WSService - ok
18:02:39.0134 5848 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv C:\WINDOWS\system32\wuaueng.dll
18:02:39.0149 5848 wuauserv - ok
18:02:39.0180 5848 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
18:02:39.0196 5848 WudfPf - ok
18:02:39.0212 5848 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
18:02:39.0212 5848 WUDFRd - ok
18:02:39.0227 5848 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:02:39.0227 5848 WUDFSensorLP - ok
18:02:39.0259 5848 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
18:02:39.0259 5848 wudfsvc - ok
18:02:39.0274 5848 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:02:39.0274 5848 WUDFWpdFs - ok
18:02:39.0352 5848 [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
18:02:39.0368 5848 WwanSvc - ok
18:02:39.0415 5848 ================ Scan global ===============================
18:02:39.0493 5848 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\WINDOWS\system32\basesrv.dll
18:02:39.0555 5848 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\WINDOWS\system32\winsrv.dll
18:02:39.0602 5848 [ BD7C6949984D19AAA609896B675E7357 ] C:\WINDOWS\system32\sxssrv.dll
18:02:39.0712 5848 [ 8F226143046435C75C033B0C52E90FFE ] C:\WINDOWS\system32\services.exe
18:02:39.0727 5848 [Global] - ok
18:02:39.0727 5848 ================ Scan MBR ==================================
18:02:39.0743 5848 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:02:40.0727 5848 \Device\Harddisk0\DR0 - ok
18:02:40.0727 5848 ================ Scan VBR ==================================
18:02:40.0743 5848 [ CCF6EDB4D0891D92D556CB1325CD30EB ] \Device\Harddisk0\DR0\Partition1
18:02:40.0743 5848 \Device\Harddisk0\DR0\Partition1 - ok
18:02:40.0774 5848 [ 79D9885F751902E99E4CEEB1E2FD41D7 ] \Device\Harddisk0\DR0\Partition2
18:02:40.0774 5848 \Device\Harddisk0\DR0\Partition2 - ok
18:02:40.0774 5848 ================ Scan active images ========================
18:02:40.0774 5848 [ 48753C871A12B9E2201E71D01B32F6EF ] C:\Windows\System32\Drivers\crashdmp.sys
18:02:40.0774 5848 C:\Windows\System32\Drivers\crashdmp.sys - ok
18:02:40.0790 5848 [ D469B77687E12FE43E344806740B624D ] C:\Windows\System32\Drivers\iaStor.sys
18:02:40.0790 5848 C:\Windows\System32\Drivers\iaStor.sys - ok
18:02:40.0790 5848 [ CB9EAD11F3312C77CE9B7F29B59C3A39 ] C:\Windows\System32\Drivers\dumpfve.sys
18:02:40.0790 5848 C:\Windows\System32\Drivers\dumpfve.sys - ok
18:02:40.0790 5848 [ 339BFF85D788268752DA8C9644B188EE ] C:\Windows\System32\Drivers\cdrom.sys
18:02:40.0790 5848 C:\Windows\System32\Drivers\cdrom.sys - ok
18:02:40.0790 5848 [ 4163ADE07DB51843AE31F65B94F5398D ] C:\Windows\System32\Drivers\null.sys
18:02:40.0790 5848 C:\Windows\System32\Drivers\null.sys - ok
18:02:40.0790 5848 [ 5EC68164E14D25675C98BBB5F09E8606 ] C:\Windows\System32\Drivers\BasicRender.sys
18:02:40.0790 5848 C:\Windows\System32\Drivers\BasicRender.sys - ok
18:02:40.0805 5848 [ 9E7AEA59776D904607985AFFE7E5E183 ] C:\Windows\System32\Drivers\beep.sys
18:02:40.0805 5848 C:\Windows\System32\Drivers\beep.sys - ok
18:02:40.0805 5848 [ 898BF1647BBF012B38EF45C7F9F7A67E ] C:\Windows\System32\Drivers\dxgkrnl.sys
18:02:40.0805 5848 C:\Windows\System32\Drivers\dxgkrnl.sys - ok
18:02:40.0805 5848 [ B9FF5E13079ADB858ED5C0B1E4CAB225 ] C:\Windows\System32\Drivers\watchdog.sys
18:02:40.0805 5848 C:\Windows\System32\Drivers\watchdog.sys - ok
18:02:40.0805 5848 [ 728DFAEEF8E52E793DE8EB0423F4E948 ] C:\Windows\System32\Drivers\dxgmms1.sys
18:02:40.0805 5848 C:\Windows\System32\Drivers\dxgmms1.sys - ok
18:02:40.0805 5848 [ 81703BC5D68DEDBB086C2368FBE7B334 ] C:\Windows\System32\Drivers\BasicDisplay.sys
18:02:40.0805 5848 C:\Windows\System32\Drivers\BasicDisplay.sys - ok
18:02:40.0821 5848 [ 17E19A742FB30C002F8B43575451DBE1 ] C:\Windows\System32\Drivers\npfs.sys
18:02:40.0821 5848 C:\Windows\System32\Drivers\npfs.sys - ok
18:02:40.0821 5848 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] C:\Windows\System32\Drivers\msfs.sys
18:02:40.0821 5848 C:\Windows\System32\Drivers\msfs.sys - ok
18:02:40.0821 5848 [ 749AFA28C01233E93F59BD31B2B088B1 ] C:\Windows\System32\Drivers\tdi.sys
18:02:40.0821 5848 C:\Windows\System32\Drivers\tdi.sys - ok
18:02:40.0821 5848 [ 73DC722CE5DF26D7638CE2446F2655C7 ] C:\Windows\System32\Drivers\tdx.sys
18:02:40.0821 5848 C:\Windows\System32\Drivers\tdx.sys - ok
18:02:40.0821 5848 [ 7CEC25C682D319D484630B3952C31A11 ] C:\Windows\System32\Drivers\netbt.sys
18:02:40.0821 5848 C:\Windows\System32\Drivers\netbt.sys - ok
18:02:40.0837 5848 [ 36D6A3201721558A8AFBCC09C2DA4C2C ] C:\Windows\System32\Drivers\afd.sys
18:02:40.0837 5848 C:\Windows\System32\Drivers\afd.sys - ok
18:02:40.0837 5848 [ EB8034147D4820CD31BFCB11A2A652DF ] C:\Windows\System32\Drivers\pacer.sys
18:02:40.0837 5848 C:\Windows\System32\Drivers\pacer.sys - ok
18:02:40.0837 5848 [ 095E943D27025E4D588AF0A72CC2318F ] C:\Windows\System32\Drivers\vwififlt.sys
18:02:40.0837 5848 C:\Windows\System32\Drivers\vwififlt.sys - ok
18:02:40.0837 5848 [ 7C203A76394F9AE68F69EEE5F9612C4A ] C:\Windows\System32\Drivers\netbios.sys
18:02:40.0837 5848 C:\Windows\System32\Drivers\netbios.sys - ok
18:02:40.0837 5848 [ C27DAE25484C205F3CCF7260E1B045DD ] C:\Windows\System32\Drivers\tmevtmgr.sys
18:02:40.0837 5848 C:\Windows\System32\Drivers\tmevtmgr.sys - ok
18:02:40.0852 5848 [ 6642C9F15CCC7859CAEEA159E711EB21 ] C:\Windows\System32\Drivers\tmactmon.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\tmactmon.sys - ok
18:02:40.0852 5848 [ B72C33DBD5326B3864CF2091AF8B906B ] C:\Windows\System32\Drivers\rdbss.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\rdbss.sys - ok
18:02:40.0852 5848 [ F2C69C3D98249DE14D4B2832516D4FD5 ] C:\Windows\System32\Drivers\csc.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\csc.sys - ok
18:02:40.0852 5848 [ 6081CEC9EF9EB145D8B46655C7708D51 ] C:\Windows\System32\Drivers\wanarp.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\wanarp.sys - ok
18:02:40.0852 5848 [ 812C2E4EC41CFCACE761620E17463529 ] C:\Windows\System32\Drivers\VBoxUSBMon.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\VBoxUSBMon.sys - ok
18:02:40.0852 5848 [ D7FCD8FBBF6CC93140D9C7C7959ED60C ] C:\Windows\System32\Drivers\VBoxDrv.sys
18:02:40.0852 5848 C:\Windows\System32\Drivers\VBoxDrv.sys - ok
18:02:40.0868 5848 [ 58A38E75F3316A83C23DF6173D41F2B5 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
18:02:40.0868 5848 C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
18:02:40.0868 5848 [ 3289766038DB2CB14D07DC84392138D5 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
18:02:40.0868 5848 C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
18:02:40.0868 5848 [ 5AA24BDF21D995D8E48747074C7C7018 ] C:\Windows\System32\Drivers\nvkflt.sys
18:02:40.0868 5848 C:\Windows\System32\Drivers\nvkflt.sys - ok
18:02:40.0868 5848 [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] C:\Windows\System32\Drivers\nsiproxy.sys
18:02:40.0868 5848 C:\Windows\System32\Drivers\nsiproxy.sys - ok
18:02:40.0868 5848 [ 3C736FAE17BA6F91BA37594AAB139CD0 ] C:\Windows\System32\Drivers\discache.sys
18:02:40.0868 5848 C:\Windows\System32\Drivers\discache.sys - ok
18:02:40.0868 5848 [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] C:\Windows\System32\Drivers\mssmbios.sys
18:02:40.0868 5848 C:\Windows\System32\Drivers\mssmbios.sys - ok
18:02:40.0884 5848 [ 8ED299C30792544264E558BEA79F0947 ] C:\Windows\System32\Drivers\npsvctrig.sys
18:02:40.0884 5848 C:\Windows\System32\Drivers\npsvctrig.sys - ok
18:02:40.0884 5848 [ 09D9EB9E7898F8E6561473A20CC808B9 ] C:\Windows\System32\Drivers\dfsc.sys
18:02:40.0884 5848 C:\Windows\System32\Drivers\dfsc.sys - ok
18:02:40.0884 5848 [ C4D01BD86D6B207275FC143EEA951D75 ] C:\Windows\System32\Drivers\dam.sys
18:02:40.0884 5848 C:\Windows\System32\Drivers\dam.sys - ok
18:02:40.0884 5848 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] C:\Windows\System32\Drivers\ndistapi.sys
18:02:40.0884 5848 C:\Windows\System32\Drivers\ndistapi.sys - ok
18:02:40.0884 5848 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] C:\Windows\System32\Drivers\ndiswan.sys
18:02:40.0884 5848 C:\Windows\System32\Drivers\ndiswan.sys - ok
18:02:40.0899 5848 [ 6B22F16BE58AEF1A57970611D7109507 ] C:\Windows\System32\Drivers\VBoxNetAdp.sys
18:02:40.0899 5848 C:\Windows\System32\Drivers\VBoxNetAdp.sys - ok
18:02:40.0899 5848 [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] C:\Windows\System32\Drivers\rassstp.sys
18:02:40.0899 5848 C:\Windows\System32\Drivers\rassstp.sys - ok
18:02:40.0899 5848 [ F1B8276F58969BD87683D33066DFE442 ] C:\Windows\System32\ntdll.dll
18:02:40.0899 5848 C:\Windows\System32\ntdll.dll - ok
18:02:40.0899 5848 [ 08F850FEBDBDE7C89017B6B0CA0D1CD2 ] C:\Windows\System32\smss.exe
18:02:40.0899 5848 C:\Windows\System32\smss.exe - ok
18:02:40.0899 5848 [ 490B7921C6DC58022FAA908E6310CF24 ] C:\Windows\System32\autochk.exe
18:02:40.0899 5848 C:\Windows\System32\autochk.exe - ok
18:02:40.0915 5848 [ 69B93F623B130976243ECA3D84CC99CA ] C:\Windows\System32\Drivers\agilevpn.sys
18:02:40.0915 5848 C:\Windows\System32\Drivers\agilevpn.sys - ok
18:02:40.0915 5848 [ 78C9EE193AC2B4CBDBC48B620314D740 ] C:\Windows\System32\Drivers\tunnel.sys
18:02:40.0915 5848 C:\Windows\System32\Drivers\tunnel.sys - ok
18:02:40.0915 5848 [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] C:\Windows\System32\Drivers\CompositeBus.sys
18:02:40.0915 5848 C:\Windows\System32\Drivers\CompositeBus.sys - ok
18:02:40.0915 5848 [ FB6C185092E18011EF49989425C2AA87 ] C:\Windows\System32\Drivers\kdnic.sys
18:02:40.0915 5848 C:\Windows\System32\Drivers\kdnic.sys - ok
18:02:40.0915 5848 [ 02CEB3FE6152668A7BA420B93B664860 ] C:\Windows\System32\Drivers\umbus.sys
18:02:40.0915 5848 C:\Windows\System32\Drivers\umbus.sys - ok
18:02:40.0930 5848 [ 10DD814DA2F2064F53B9694E30FF45A4 ] C:\Windows\System32\Drivers\VBoxNetFlt.sys
18:02:40.0930 5848 C:\Windows\System32\Drivers\VBoxNetFlt.sys - ok
18:02:40.0930 5848 [ E2A596CACFC6504306CDB7B593B90084 ] C:\Windows\System32\Drivers\wmiacpi.sys
18:02:40.0930 5848 C:\Windows\System32\Drivers\wmiacpi.sys - ok
18:02:40.0930 5848 [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] C:\Windows\System32\Drivers\nvlddmkm.sys
18:02:40.0930 5848 C:\Windows\System32\Drivers\nvlddmkm.sys - ok
18:02:40.0930 5848 [ 53883A0057063F9695475186A81BF001 ] C:\Windows\System32\Drivers\nvBridge.kmd
18:02:40.0930 5848 C:\Windows\System32\Drivers\nvBridge.kmd - ok
18:02:40.0930 5848 [ CC81790E0A18535853C33BABBFF15D56 ] C:\Windows\System32\lpk.dll
18:02:40.0930 5848 C:\Windows\System32\lpk.dll - ok
18:02:40.0930 5848 [ 348214F96642FD4FEF630DE021BA3540 ] C:\Windows\System32\Drivers\igdkmd64.sys
18:02:40.0930 5848 C:\Windows\System32\Drivers\igdkmd64.sys - ok
18:02:40.0946 5848 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\Drivers\HECIx64.sys
18:02:40.0946 5848 C:\Windows\System32\Drivers\HECIx64.sys - ok
18:02:40.0946 5848 [ 169629C36CB835A36E23BBC37664401E ] C:\Windows\System32\Drivers\usbport.sys
18:02:40.0946 5848 C:\Windows\System32\Drivers\usbport.sys - ok
18:02:40.0946 5848 [ 7D87B5B6C7188D553E11B59DC7F0B111 ] C:\Windows\System32\Drivers\hdaudbus.sys
18:02:40.0946 5848 C:\Windows\System32\Drivers\hdaudbus.sys - ok
18:02:40.0946 5848 [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] C:\Windows\System32\Drivers\usbehci.sys
18:02:40.0946 5848 C:\Windows\System32\Drivers\usbehci.sys - ok
18:02:40.0946 5848 [ 98CF53F7B23F77D082805D5DBBD99A4E ] C:\Windows\System32\Drivers\Netwsw00.sys
18:02:40.0946 5848 C:\Windows\System32\Drivers\Netwsw00.sys - ok
18:02:40.0946 5848 [ 9CD4259AD15F84DE27B94A956C978D6C ] C:\Windows\System32\Drivers\USBXHCI.SYS
18:02:40.0946 5848 C:\Windows\System32\Drivers\USBXHCI.SYS - ok
18:02:40.0962 5848 [ 62460A45435A26A334907E3F2EA45611 ] C:\Windows\System32\Drivers\vwifibus.sys
18:02:40.0962 5848 C:\Windows\System32\Drivers\vwifibus.sys - ok
18:02:40.0962 5848 [ 15923AA360F7675D3D43C9669316A0BA ] C:\Windows\System32\Drivers\Rt630x64.sys
18:02:40.0962 5848 C:\Windows\System32\Drivers\Rt630x64.sys - ok
18:02:40.0962 5848 [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] C:\Windows\System32\Drivers\UCX01000.SYS
18:02:40.0962 5848 C:\Windows\System32\Drivers\UCX01000.SYS - ok
18:02:40.0962 5848 [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] C:\Windows\System32\Drivers\i8042prt.sys
18:02:40.0962 5848 C:\Windows\System32\Drivers\i8042prt.sys - ok
18:02:40.0962 5848 [ 8FBD94B69D6423E20ABCD59D86368B21 ] C:\Windows\System32\Drivers\kbdclass.sys
18:02:40.0962 5848 C:\Windows\System32\Drivers\kbdclass.sys - ok
18:02:40.0962 5848 [ B0C7D4DCF4800DF2F2145B500D0161E8 ] C:\Windows\System32\Drivers\SynTP.sys
18:02:40.0962 5848 C:\Windows\System32\Drivers\SynTP.sys - ok
18:02:40.0977 5848 [ 3FA129BFC7808A2BB7681BEAF339FACD ] C:\Windows\System32\Drivers\usbd.sys
18:02:40.0977 5848 C:\Windows\System32\Drivers\usbd.sys - ok
18:02:40.0977 5848 [ 618446B98C79776654340CE27C73485E ] C:\Windows\System32\Drivers\mouclass.sys
18:02:40.0977 5848 C:\Windows\System32\Drivers\mouclass.sys - ok
18:02:40.0977 5848 [ C3D51000E8FBEF76BC91E145B0D7FC67 ] C:\Windows\System32\comdlg32.dll
18:02:40.0977 5848 C:\Windows\System32\comdlg32.dll - ok
18:02:40.0977 5848 [ F02118B1D3B0D574C99D87380069B44E ] C:\Windows\System32\urlmon.dll
18:02:40.0977 5848 C:\Windows\System32\urlmon.dll - ok
18:02:40.0977 5848 [ AECED95ACFDCF96757EDD8D0CFFE34B8 ] C:\Windows\System32\msvcrt.dll
18:02:40.0977 5848 C:\Windows\System32\msvcrt.dll - ok
18:02:40.0977 5848 [ 2E3EDE81672653E0C759F0A1135F704F ] C:\Windows\System32\clbcatq.dll
18:02:40.0977 5848 C:\Windows\System32\clbcatq.dll - ok
18:02:40.0993 5848 [ 1E2E99B4FA9A5F0D9934F8B99B528A62 ] C:\Windows\System32\wow64cpu.dll
18:02:40.0993 5848 C:\Windows\System32\wow64cpu.dll - ok
18:02:40.0993 5848 [ 75CB0458521FFA420E4230A931E4517B ] C:\Windows\System32\normaliz.dll
18:02:40.0993 5848 C:\Windows\System32\normaliz.dll - ok
18:02:40.0993 5848 [ 2E5B349ACDA36C20612795754DB93312 ] C:\Windows\System32\ws2_32.dll
18:02:40.0993 5848 C:\Windows\System32\ws2_32.dll - ok
18:02:40.0993 5848 [ CA7561AACEE1F578C5360E4C07B71708 ] C:\Windows\System32\gdi32.dll

18:02:40.0993 5848 C:\Windows\System32\gdi32.dll - ok
18:02:40.0993 5848 [ C6B2D1AE7F957BCA38C6C86E800BDC3F ] C:\Windows\System32\usp10.dll
18:02:40.0993 5848 C:\Windows\System32\usp10.dll - ok
18:02:41.0009 5848 [ E1B2751640FA7840CC5EB6E78513A632 ] C:\Windows\System32\Wldap32.dll
18:02:41.0009 5848 C:\Windows\System32\Wldap32.dll - ok
18:02:41.0009 5848 [ B0CECE742DD090C8E2E0B47812F0A26F ] C:\Windows\System32\iertutil.dll
18:02:41.0009 5848 C:\Windows\System32\iertutil.dll - ok
18:02:41.0009 5848 [ 2AE813F005223E5B39E0C4D7B8314732 ] C:\Windows\System32\wow64win.dll
18:02:41.0009 5848 C:\Windows\System32\wow64win.dll - ok
18:02:41.0009 5848 [ 1D2731630A5437C54217CDE1C4830F81 ] C:\Windows\System32\ole32.dll
18:02:41.0009 5848 C:\Windows\System32\ole32.dll - ok
18:02:41.0024 5848 [ 46501A8D9CF0383A104120810E1BABA6 ] C:\Windows\System32\shlwapi.dll
18:02:41.0024 5848 C:\Windows\System32\shlwapi.dll - ok
18:02:41.0024 5848 [ 93FA1A230C11C8568DE3624263C35D39 ] C:\Windows\System32\GdiPlus.dll
18:02:41.0024 5848 C:\Windows\System32\GdiPlus.dll - ok
18:02:41.0024 5848 [ B74C50954E234506548CBBF3933AF391 ] C:\Windows\System32\wow64.dll
18:02:41.0024 5848 C:\Windows\System32\wow64.dll - ok
18:02:41.0024 5848 [ 85B5B3797315F714A62AC986FFB2B17E ] C:\Windows\System32\sechost.dll
18:02:41.0024 5848 C:\Windows\System32\sechost.dll - ok
18:02:41.0024 5848 [ A99AD14F26BDA7D7F27F76BC91B7EED7 ] C:\Windows\System32\user32.dll
18:02:41.0024 5848 C:\Windows\System32\user32.dll - ok
18:02:41.0040 5848 [ DA66D6D4A0B77D57F5CF449B1231010F ] C:\Windows\System32\imm32.dll
18:02:41.0040 5848 C:\Windows\System32\imm32.dll - ok
18:02:41.0040 5848 [ CE1C66AD4D56FCD7301E1EFEA71340EC ] C:\Windows\System32\oleaut32.dll
18:02:41.0040 5848 C:\Windows\System32\oleaut32.dll - ok
18:02:41.0040 5848 [ 0341C9184C252000D1AD396C71CFD860 ] C:\Windows\System32\combase.dll
18:02:41.0040 5848 C:\Windows\System32\combase.dll - ok
18:02:41.0040 5848 [ 3A30E09AAA2BB060D39C8FA5E20D4FA3 ] C:\Windows\System32\advapi32.dll
18:02:41.0040 5848 C:\Windows\System32\advapi32.dll - ok
18:02:41.0055 5848 [ 41AC2B1335317D2F8700E17328F71E0C ] C:\Windows\System32\psapi.dll
18:02:41.0055 5848 C:\Windows\System32\psapi.dll - ok
18:02:41.0055 5848 [ 154553459809F791C7335075211ED81B ] C:\Windows\System32\shell32.dll
18:02:41.0055 5848 C:\Windows\System32\shell32.dll - ok
18:02:41.0055 5848 [ B3FB7D980FE7F6FB78D83B87C0D2F7F3 ] C:\Windows\System32\imagehlp.dll
18:02:41.0055 5848 C:\Windows\System32\imagehlp.dll - ok
18:02:41.0055 5848 [ 3C6933B638BB812F4084CF44AE698704 ] C:\Windows\System32\kernel32.dll
18:02:41.0055 5848 C:\Windows\System32\kernel32.dll - ok
18:02:41.0071 5848 [ 652467DC0E67CF738972117C09D05571 ] C:\Windows\System32\rpcrt4.dll
18:02:41.0071 5848 C:\Windows\System32\rpcrt4.dll - ok
18:02:41.0071 5848 [ DF8663D43AAA1289DE7E32961722BBBA ] C:\Windows\System32\setupapi.dll
18:02:41.0071 5848 C:\Windows\System32\setupapi.dll - ok
18:02:41.0071 5848 [ A74C6A6DA5A35686D7639ACDBD458BFB ] C:\Windows\System32\nsi.dll
18:02:41.0071 5848 C:\Windows\System32\nsi.dll - ok
18:02:41.0071 5848 [ AAEF73606F58ADE710208F4B1B988FBF ] C:\Windows\System32\wininet.dll
18:02:41.0071 5848 C:\Windows\System32\wininet.dll - ok
18:02:41.0071 5848 [ 6B3F1596000CB33F73E14B6F7D5CFF82 ] C:\Windows\System32\difxapi.dll
18:02:41.0071 5848 C:\Windows\System32\difxapi.dll - ok
18:02:41.0087 5848 [ 4522375A7B8693C2134D5613A134E4F6 ] C:\Windows\System32\msctf.dll
18:02:41.0087 5848 C:\Windows\System32\msctf.dll - ok
18:02:41.0087 5848 [ 03E223CC4AE2D2B55E400AD9C55449F6 ] C:\Windows\System32\comctl32.dll
18:02:41.0087 5848 C:\Windows\System32\comctl32.dll - ok
18:02:41.0087 5848 [ 51B6CB1852B49E150F7E8B8C2F4CB0F7 ] C:\Windows\System32\devobj.dll
18:02:41.0087 5848 C:\Windows\System32\devobj.dll - ok
18:02:41.0087 5848 [ EFD55F2C466663F37412B843F6CC55F5 ] C:\Windows\System32\crypt32.dll
18:02:41.0087 5848 C:\Windows\System32\crypt32.dll - ok
18:02:41.0087 5848 [ 996604E515ACE3775D645A4FE0D66D4A ] C:\Windows\System32\wintrust.dll
18:02:41.0087 5848 C:\Windows\System32\wintrust.dll - ok
18:02:41.0102 5848 [ C26780F936820DBB3A1323FC1C09E05F ] C:\Windows\System32\cfgmgr32.dll
18:02:41.0102 5848 C:\Windows\System32\cfgmgr32.dll - ok
18:02:41.0102 5848 [ F37BD0CAA604B6FE5CEC9D0BC05ABAF8 ] C:\Windows\System32\KernelBase.dll
18:02:41.0102 5848 C:\Windows\System32\KernelBase.dll - ok
18:02:41.0102 5848 [ C763F7DC50C70E657DCB164FA9D92085 ] C:\Windows\System32\msasn1.dll
18:02:41.0102 5848 C:\Windows\System32\msasn1.dll - ok
18:02:41.0102 5848 [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\Drivers\GEARAspiWDM.sys
18:02:41.0102 5848 C:\Windows\System32\Drivers\GEARAspiWDM.sys - ok
18:02:41.0102 5848 [ E0065CBF1A25C015C218457D2CD522B9 ] C:\Windows\System32\Drivers\Accelern.sys
18:02:41.0102 5848 C:\Windows\System32\Drivers\Accelern.sys - ok
18:02:41.0118 5848 [ 04F5D7396FE6414150FEEDB60FDAC670 ] C:\Windows\System32\Drivers\battc.sys
18:02:41.0118 5848 C:\Windows\System32\Drivers\battc.sys - ok
18:02:41.0118 5848 [ 2DC8538A2260647484A6C921CA837313 ] C:\Windows\System32\Drivers\CmBatt.sys
18:02:41.0118 5848 C:\Windows\System32\Drivers\CmBatt.sys - ok
18:02:41.0118 5848 [ 36D755FFED947A08B1650ACE9644FAB8 ] C:\Windows\SysWOW64\lpk.dll
18:02:41.0118 5848 C:\Windows\SysWOW64\lpk.dll - ok
18:02:41.0118 5848 [ E15CDF68DD73423F15D4AC404793AF0D ] C:\Windows\System32\Drivers\intelppm.sys
18:02:41.0118 5848 C:\Windows\System32\Drivers\intelppm.sys - ok
18:02:41.0118 5848 [ BD321B58C0CC6C8196F8CF4EE226E830 ] C:\Windows\SysWOW64\normaliz.dll
18:02:41.0118 5848 C:\Windows\SysWOW64\normaliz.dll - ok
18:02:41.0134 5848 [ BC9503A901A545FAD807909F8C86B286 ] C:\Windows\SysWOW64\usp10.dll
18:02:41.0134 5848 C:\Windows\SysWOW64\usp10.dll - ok
18:02:41.0134 5848 [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] C:\Windows\System32\Drivers\rasl2tp.sys
18:02:41.0134 5848 C:\Windows\System32\Drivers\rasl2tp.sys - ok
18:02:41.0134 5848 [ 362D47E5B4D67270DE4B8606036F4ADD ] C:\Windows\System32\Drivers\raspptp.sys
18:02:41.0134 5848 C:\Windows\System32\Drivers\raspptp.sys - ok
18:02:41.0134 5848 [ 00695B9C2DB6111064499C529E90C042 ] C:\Windows\System32\Drivers\raspppoe.sys
18:02:41.0134 5848 C:\Windows\System32\Drivers\raspppoe.sys - ok
18:02:41.0134 5848 [ 48258ED8A46D0F39ACBF891336250E89 ] C:\Windows\System32\Drivers\ks.sys
18:02:41.0134 5848 C:\Windows\System32\Drivers\ks.sys - ok
18:02:41.0149 5848 [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] C:\Windows\System32\Drivers\rdpbus.sys
18:02:41.0149 5848 C:\Windows\System32\Drivers\rdpbus.sys - ok
18:02:41.0149 5848 [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] C:\Windows\System32\Drivers\swenum.sys
18:02:41.0149 5848 C:\Windows\System32\Drivers\swenum.sys - ok
18:02:41.0149 5848 [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] C:\Windows\System32\Drivers\ndproxy.sys
18:02:41.0149 5848 C:\Windows\System32\Drivers\ndproxy.sys - ok
18:02:41.0149 5848 [ FBB6794E3BBAD92D66D59D206C1F849F ] C:\Windows\System32\Drivers\usbhub.sys
18:02:41.0149 5848 C:\Windows\System32\Drivers\usbhub.sys - ok
18:02:41.0149 5848 [ 946ECE07334A74373FAFBFAA063E62F2 ] C:\Windows\System32\Drivers\drmk.sys
18:02:41.0149 5848 C:\Windows\System32\Drivers\drmk.sys - ok
18:02:41.0165 5848 [ D10DAEA91AA8412A323DB8EADA23768A ] C:\Windows\System32\Drivers\portcls.sys
18:02:41.0165 5848 C:\Windows\System32\Drivers\portcls.sys - ok
18:02:41.0165 5848 [ 8FED6428FDE53D7F4C105095F22524BE ] C:\Windows\System32\Drivers\RTKVHD64.sys
18:02:41.0165 5848 C:\Windows\System32\Drivers\RTKVHD64.sys - ok
18:02:41.0165 5848 [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] C:\Windows\System32\Drivers\ksthunk.sys
18:02:41.0165 5848 C:\Windows\System32\Drivers\ksthunk.sys - ok
18:02:41.0165 5848 [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\Drivers\IntcDAud.sys
18:02:41.0165 5848 C:\Windows\System32\Drivers\IntcDAud.sys - ok
18:02:41.0165 5848 [ B7A948501424805571BF562BB0BFE31D ] C:\Windows\System32\Drivers\USBHUB3.SYS
18:02:41.0165 5848 C:\Windows\System32\Drivers\USBHUB3.SYS - ok
18:02:41.0165 5848 [ 436188BB139D51E4A763D1D356C90EE3 ] C:\Windows\System32\Drivers\hidparse.sys
18:02:41.0165 5848 C:\Windows\System32\Drivers\hidparse.sys - ok
18:02:41.0180 5848 [ F3427D3D28F02A4BE6DFC1E672E30BA3 ] C:\Windows\System32\win32k.sys
18:02:41.0180 5848 C:\Windows\System32\win32k.sys - ok
18:02:41.0180 5848 [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] C:\Windows\System32\Drivers\usbccgp.sys
18:02:41.0180 5848 C:\Windows\System32\Drivers\usbccgp.sys - ok
18:02:41.0180 5848 [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\System32\basesrv.dll
18:02:41.0180 5848 C:\Windows\System32\basesrv.dll - ok
18:02:41.0180 5848 [ 1C510F9C2DB7393468EB789A96DAAFA8 ] C:\Windows\System32\csrsrv.dll
18:02:41.0180 5848 C:\Windows\System32\csrsrv.dll - ok
18:02:41.0180 5848 [ 0D9F14739D05F8B8B028B539FC6F1F29 ] C:\Windows\System32\csrss.exe
18:02:41.0180 5848 C:\Windows\System32\csrss.exe - ok
18:02:41.0180 5848 [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\System32\winsrv.dll
18:02:41.0180 5848 C:\Windows\System32\winsrv.dll - ok
18:02:41.0196 5848 [ E6CE7188CC47AE5DAFDAF552D370C52F ] C:\Windows\System32\Drivers\dc3d.sys
18:02:41.0196 5848 C:\Windows\System32\Drivers\dc3d.sys - ok
18:02:41.0196 5848 [ 771BE60F1899D8E43CF563162A8A2FBB ] C:\Windows\System32\Drivers\hidclass.sys
18:02:41.0196 5848 C:\Windows\System32\Drivers\hidclass.sys - ok
18:02:41.0196 5848 [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] C:\Windows\System32\Drivers\hidusb.sys
18:02:41.0196 5848 C:\Windows\System32\Drivers\hidusb.sys - ok
18:02:41.0196 5848 [ E88C932ABDF8185A62C8F2FC7B051FB6 ] C:\Windows\System32\Drivers\kbdhid.sys
18:02:41.0196 5848 C:\Windows\System32\Drivers\kbdhid.sys - ok
18:02:41.0196 5848 [ CB2527B8B87D83E56FBF3944BBB6F606 ] C:\Windows\System32\Drivers\mouhid.sys
18:02:41.0196 5848 C:\Windows\System32\Drivers\mouhid.sys - ok
18:02:41.0212 5848 [ 5BC4D480DD527EB0CF33A67A090A130E ] C:\Windows\System32\Drivers\point64.sys
18:02:41.0212 5848 C:\Windows\System32\Drivers\point64.sys - ok
18:02:41.0212 5848 [ F14D77B1B3347ED08272B65A3F80B4CE ] C:\Windows\System32\tsddd.dll
18:02:41.0212 5848 C:\Windows\System32\tsddd.dll - ok
18:02:41.0212 5848 [ 3491660B47A7CE7BC1B63C4E71E1E251 ] C:\Windows\System32\cdd.dll
18:02:41.0212 5848 C:\Windows\System32\cdd.dll - ok
18:02:41.0212 5848 [ FD777FE5B879BC921ED01A647143D709 ] C:\Windows\System32\KBDUS.DLL
18:02:41.0212 5848 C:\Windows\System32\KBDUS.DLL - ok
18:02:41.0212 5848 [ 5D62E672E5358780B2905C62AC90C942 ] C:\Windows\System32\nvinitx.dll
18:02:41.0212 5848 C:\Windows\System32\nvinitx.dll - ok
18:02:41.0212 5848 [ 4C7303709714F589A0809AC82F03CA84 ] C:\Windows\System32\profapi.dll
18:02:41.0212 5848 C:\Windows\System32\profapi.dll - ok
18:02:41.0227 5848 [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\System32\sxssrv.dll
18:02:41.0227 5848 C:\Windows\System32\sxssrv.dll - ok
18:02:41.0227 5848 [ FE9AB232B56A12224E8A3F3F9878C9A3 ] C:\Windows\System32\wininit.exe
18:02:41.0227 5848 C:\Windows\System32\wininit.exe - ok
18:02:41.0227 5848 [ 8144BCD1736C3C76978B8378556CA746 ] C:\Windows\System32\wininitext.dll
18:02:41.0227 5848 C:\Windows\System32\wininitext.dll - ok
18:02:41.0227 5848 [ DAFF45EACE818FA560BDA2E0672487F0 ] C:\Windows\System32\atmfd.dll
18:02:41.0227 5848 C:\Windows\System32\atmfd.dll - ok
18:02:41.0227 5848 [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] C:\Windows\System32\Drivers\monitor.sys
18:02:41.0227 5848 C:\Windows\System32\Drivers\monitor.sys - ok
18:02:41.0243 5848 [ BCF2036A0DD579E47C008C133550283E ] C:\Windows\System32\winlogon.exe
18:02:41.0243 5848 C:\Windows\System32\winlogon.exe - ok
18:02:41.0243 5848 [ EF72CFB67C73A8751F3BC4F4C98EAD4C ] C:\Windows\System32\powrprof.dll
18:02:41.0243 5848 C:\Windows\System32\powrprof.dll - ok
18:02:41.0243 5848 [ C0FAB7DDA13CE5593A48B40056AA278D ] C:\Windows\System32\samcli.dll
18:02:41.0243 5848 C:\Windows\System32\samcli.dll - ok
18:02:41.0243 5848 [ 9D7EAFBAD213566D70BAE9A14B847666 ] C:\Windows\System32\winsta.dll
18:02:41.0243 5848 C:\Windows\System32\winsta.dll - ok
18:02:41.0243 5848 [ E8001E0F56F0B0F5D204EF865F47372B ] C:\Windows\System32\wtsapi32.dll
18:02:41.0243 5848 C:\Windows\System32\wtsapi32.dll - ok
18:02:41.0243 5848 [ 10564D7D4FBAABDB826E9D607679C85F ] C:\Windows\System32\WlS0WndH.dll
18:02:41.0243 5848 C:\Windows\System32\WlS0WndH.dll - ok
18:02:41.0259 5848 [ 7679414791657155EDF45D388325BEFE ] C:\Windows\System32\sxs.dll
18:02:41.0259 5848 C:\Windows\System32\sxs.dll - ok
18:02:41.0259 5848 [ 2577AEA213B0B70FF5B4E3D180E66B11 ] C:\Windows\System32\cryptbase.dll
18:02:41.0259 5848 C:\Windows\System32\cryptbase.dll - ok
18:02:41.0259 5848 [ 7F4E2FB897E35952C5B22BE48047FCA8 ] C:\Windows\System32\bcryptprimitives.dll
18:02:41.0259 5848 C:\Windows\System32\bcryptprimitives.dll - ok
18:02:41.0259 5848 [ F702AB6181513303AB0FC8D59E52708B ] C:\Windows\System32\lsass.exe
18:02:41.0259 5848 C:\Windows\System32\lsass.exe - ok
18:02:41.0259 5848 [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\System32\services.exe
18:02:41.0259 5848 C:\Windows\System32\services.exe - ok
18:02:41.0259 5848 [ 90BEE4B9728DDCF9787100CB8A04815C ] C:\Windows\System32\sspisrv.dll
18:02:41.0259 5848 C:\Windows\System32\sspisrv.dll - ok
18:02:41.0274 5848 [ D1AEFA79EE1EE089D03249BE581D5DD6 ] C:\Windows\System32\sspicli.dll
18:02:41.0274 5848 C:\Windows\System32\sspicli.dll - ok
18:02:41.0274 5848 [ ECFC9AF8D1A6E16223E1B17EA732FA08 ] C:\Windows\System32\scext.dll
18:02:41.0274 5848 C:\Windows\System32\scext.dll - ok
18:02:41.0274 5848 [ D293F2E8CEE73B87B04790D5169C0F25 ] C:\Windows\System32\lsasrv.dll
18:02:41.0274 5848 C:\Windows\System32\lsasrv.dll - ok
18:02:41.0274 5848 [ 8A6CAF25365FDF2432054C672885917E ] C:\Windows\System32\ubpm.dll
18:02:41.0274 5848 C:\Windows\System32\ubpm.dll - ok
18:02:41.0274 5848 [ 1B5B5563C5008911D77398B8FDC6F757 ] C:\Windows\System32\samsrv.dll
18:02:41.0274 5848 C:\Windows\System32\samsrv.dll - ok
18:02:41.0274 5848 [ D71A882FE7A74F01B92F6A2C74305E45 ] C:\Windows\System32\srvcli.dll
18:02:41.0274 5848 C:\Windows\System32\srvcli.dll - ok
18:02:41.0290 5848 [ E3D5F59826899393970533A8E6AB34EE ] C:\Windows\System32\bcrypt.dll
18:02:41.0290 5848 C:\Windows\System32\bcrypt.dll - ok
18:02:41.0290 5848 [ EA697BA99655FA048BB297EE9A3CCBC7 ] C:\Windows\System32\ncrypt.dll
18:02:41.0290 5848 C:\Windows\System32\ncrypt.dll - ok
18:02:41.0290 5848 [ A6FE1FCAB4AC686D6BD7884B317935F7 ] C:\Windows\System32\ntasn1.dll
18:02:41.0290 5848 C:\Windows\System32\ntasn1.dll - ok
18:02:41.0290 5848 [ DF8111BDC2F35006F0CD471A2CC65665 ] C:\Windows\System32\SPInf.dll
18:02:41.0290 5848 C:\Windows\System32\SPInf.dll - ok
18:02:41.0290 5848 [ 09799E701B4327097E9F63D3FE221083 ] C:\Windows\System32\Drivers\usbvideo.sys
18:02:41.0290 5848 C:\Windows\System32\Drivers\usbvideo.sys - ok
18:02:41.0290 5848 [ 0928BD20273625622722FE1DE5BBDE57 ] C:\Windows\System32\Drivers\qicflt.sys
18:02:41.0290 5848 C:\Windows\System32\Drivers\qicflt.sys - ok
18:02:41.0306 5848 [ BC3D4F90978CD7C8EABD1BAF3BF7873A ] C:\Windows\System32\Drivers\CtClsFlt.sys
18:02:41.0306 5848 C:\Windows\System32\Drivers\CtClsFlt.sys - ok
18:02:41.0306 5848 [ 39084062AB7B7CA19DBF0AA4581D833B ] C:\Windows\System32\msprivs.dll
18:02:41.0306 5848 C:\Windows\System32\msprivs.dll - ok
18:02:41.0306 5848 [ 21AA2C2564DDB9F3B83CE322D9E97F9C ] C:\Windows\System32\netjoin.dll
18:02:41.0306 5848 C:\Windows\System32\netjoin.dll - ok
18:02:41.0306 5848 [ 058B0CDA8E19AF2A7E6CFA7604BB8D14 ] C:\Windows\System32\cryptdll.dll
18:02:41.0306 5848 C:\Windows\System32\cryptdll.dll - ok
18:02:41.0306 5848 [ 016EDF8CF3BC0428F9A910637E918808 ] C:\Windows\System32\negoexts.dll
18:02:41.0306 5848 C:\Windows\System32\negoexts.dll - ok
18:02:41.0321 5848 [ 1654B23B029698077A59469E6AC93A99 ] C:\Windows\System32\kerberos.dll
18:02:41.0321 5848 C:\Windows\System32\kerberos.dll - ok
18:02:41.0321 5848 [ 8F9F55C4B857E35552D78A2AAF1BADF9 ] C:\Windows\System32\cryptsp.dll
18:02:41.0321 5848 C:\Windows\System32\cryptsp.dll - ok
18:02:41.0321 5848 [ C430482AC892D52CED021EDDD4D368A2 ] C:\Windows\System32\Drivers\iBtFltCoex.sys
18:02:41.0321 5848 C:\Windows\System32\Drivers\iBtFltCoex.sys - ok
18:02:41.0321 5848 [ 1AC307A2F7317007BC382046B3835202 ] C:\Windows\System32\mswsock.dll
18:02:41.0321 5848 C:\Windows\System32\mswsock.dll - ok
18:02:41.0321 5848 [ FD6DCB9E986D4B88655370C7F3976F78 ] C:\Windows\System32\Drivers\btmhsf.sys
18:02:41.0321 5848 C:\Windows\System32\Drivers\btmhsf.sys - ok
18:02:41.0321 5848 [ CFD630EA8B3F593FFA0030FD53BA7908 ] C:\Windows\System32\Drivers\bthport.sys
18:02:41.0321 5848 C:\Windows\System32\Drivers\bthport.sys - ok
18:02:41.0337 5848 [ 69C903C026CB675E234F4A7C951FD722 ] C:\Windows\System32\Drivers\BTHUSB.SYS
18:02:41.0337 5848 C:\Windows\System32\Drivers\BTHUSB.SYS - ok
18:02:41.0337 5848 [ 4543E23FF678CA9D2C943A45B5B82A17 ] C:\Windows\System32\msv1_0.dll
18:02:41.0337 5848 C:\Windows\System32\msv1_0.dll - ok
18:02:41.0337 5848 [ FDC70965F0FC9DFEBC919627DED5DDFF ] C:\Windows\System32\netlogon.dll
18:02:41.0337 5848 C:\Windows\System32\netlogon.dll - ok
18:02:41.0337 5848 [ B16A14270DB26838B48A06835FDBBFB4 ] C:\Windows\System32\dnsapi.dll
18:02:41.0337 5848 C:\Windows\System32\dnsapi.dll - ok
18:02:41.0337 5848 [ 113E9BB020461D5F9D0C0C6EA29C513F ] C:\Windows\System32\logoncli.dll
18:02:41.0337 5848 C:\Windows\System32\logoncli.dll - ok
18:02:41.0337 5848 [ 72FCEDD4EEE5F1C38F84F0947A26950E ] C:\Windows\System32\userenv.dll
18:02:41.0352 5848 C:\Windows\System32\userenv.dll - ok
18:02:41.0352 5848 [ 6847834F846A4CF1CD4FC86334B4879D ] C:\Windows\System32\schannel.dll
18:02:41.0352 5848 C:\Windows\System32\schannel.dll - ok
18:02:41.0352 5848 [ 0DFEBCD834EF05A112BF90F8A7993212 ] C:\Windows\System32\wdigest.dll
18:02:41.0352 5848 C:\Windows\System32\wdigest.dll - ok
18:02:41.0352 5848 [ BB4FCE5019D973A8BA038A03C7ECECDD ] C:\Windows\System32\rsaenh.dll
18:02:41.0352 5848 C:\Windows\System32\rsaenh.dll - ok
18:02:41.0352 5848 [ CC6D17EDB5B1C73523E4B7D6EB7BBC09 ] C:\Windows\System32\TSpkg.dll
18:02:41.0352 5848 C:\Windows\System32\TSpkg.dll - ok
18:02:41.0352 5848 [ 0059D2032BCA18EBBC03D6D1308892F6 ] C:\Windows\System32\pku2u.dll
18:02:41.0352 5848 C:\Windows\System32\pku2u.dll - ok
18:02:41.0368 5848 [ 5B92CE37EBE65A5424074E50C48AA52E ] C:\Windows\System32\livessp.dll
18:02:41.0368 5848 C:\Windows\System32\livessp.dll - ok
18:02:41.0368 5848 [ D8BEFDDADA7125E5A4DD37EA5AC620D9 ] C:\Windows\System32\efslsaext.dll
18:02:41.0368 5848 C:\Windows\System32\efslsaext.dll - ok
18:02:41.0368 5848 [ 6AB44FF15F12E2CADABA3B8E9B2FBEB8 ] C:\Windows\System32\Drivers\bthenum.sys
18:02:41.0368 5848 C:\Windows\System32\Drivers\bthenum.sys - ok
18:02:41.0368 5848 [ 091BB978E9504D0AD14586929431A957 ] C:\Windows\System32\Drivers\bthpan.sys
18:02:41.0368 5848 C:\Windows\System32\Drivers\bthpan.sys - ok
18:02:41.0368 5848 [ 17EF582CBC4809F96B9E6D0543480763 ] C:\Windows\System32\Drivers\rfcomm.sys
18:02:41.0368 5848 C:\Windows\System32\Drivers\rfcomm.sys - ok
18:02:41.0368 5848 [ 2F5E3751FAB4AE994262E2FB9CEDC885 ] C:\Windows\System32\dpapisrv.dll
18:02:41.0368 5848 C:\Windows\System32\dpapisrv.dll - ok
18:02:41.0384 5848 [ 8F5E4E166C19A1B60F508057CF2FF96E ] C:\Windows\System32\Drivers\btmaux.sys
18:02:41.0384 5848 C:\Windows\System32\Drivers\btmaux.sys - ok
18:02:41.0384 5848 [ 8EA33056071F6EB7A97C68E978F01573 ] C:\Windows\System32\credssp.dll
18:02:41.0384 5848 C:\Windows\System32\credssp.dll - ok
18:02:41.0384 5848 [ 4F6E1CA672370A9BCAC049CE3AB7F666 ] C:\Windows\System32\scecli.dll
18:02:41.0384 5848 C:\Windows\System32\scecli.dll - ok
18:02:41.0384 5848 [ C0D0F60B47079C2AAD30B836326313F4 ] C:\Windows\System32\scesrv.dll
18:02:41.0384 5848 C:\Windows\System32\scesrv.dll - ok
18:02:41.0384 5848 [ 0D7B278E91F0F07BBC4DFDF634BEFDB5 ] C:\Windows\System32\authz.dll
18:02:41.0384 5848 C:\Windows\System32\authz.dll - ok
18:02:41.0399 5848 [ E17EA93682D88F1CE94CCE2A804FA691 ] C:\Windows\System32\netutils.dll
18:02:41.0399 5848 C:\Windows\System32\netutils.dll - ok
18:02:41.0399 5848 [ EDE27EACE742EE2888C5DD36400A2EC0 ] C:\Windows\System32\svchost.exe
18:02:41.0399 5848 C:\Windows\System32\svchost.exe - ok
18:02:41.0399 5848 [ 0CE9A21C24E62DFD77E273B56B11C2C7 ] C:\Windows\System32\devrtl.dll
18:02:41.0399 5848 C:\Windows\System32\devrtl.dll - ok
18:02:41.0399 5848 [ 2BA42F109B70D10E2F12072AD5BFFE27 ] C:\Windows\System32\hid.dll
18:02:41.0399 5848 C:\Windows\System32\hid.dll - ok
18:02:41.0399 5848 [ 61A8BF961A244C60697814D8CC2741FA ] C:\Windows\System32\pcwum.dll
18:02:41.0399 5848 C:\Windows\System32\pcwum.dll - ok
18:02:41.0399 5848 [ 799BE46D45D486704CE0F37CA5385262 ] C:\Windows\System32\umpnpmgr.dll
18:02:41.0399 5848 C:\Windows\System32\umpnpmgr.dll - ok
18:02:41.0415 5848 [ F1E067F56373F11EA4B785CAE823740A ] C:\Windows\System32\umpo.dll
18:02:41.0415 5848 C:\Windows\System32\umpo.dll - ok
18:02:41.0415 5848 [ 58CE8F135CC6F3271603A8BB094B1967 ] C:\Windows\System32\umpoext.dll
18:02:41.0415 5848 C:\Windows\System32\umpoext.dll - ok
18:02:41.0415 5848 [ 5C2758C697F6EC1C3771902D5FDF8079 ] C:\Windows\System32\gpapi.dll
18:02:41.0415 5848 C:\Windows\System32\gpapi.dll - ok
18:02:41.0415 5848 [ 2BDC5D711FA61307CE6190D47C956368 ] C:\Windows\System32\Drivers\luafv.sys
18:02:41.0415 5848 C:\Windows\System32\Drivers\luafv.sys - ok
18:02:41.0415 5848 [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\Drivers\mbam.sys
18:02:41.0415 5848 C:\Windows\System32\Drivers\mbam.sys - ok
18:02:41.0415 5848 [ A83AC04D672567CAF8BE7A4D73C0B850 ] C:\Windows\System32\nvvsvc.exe
18:02:41.0415 5848 C:\Windows\System32\nvvsvc.exe - ok
18:02:41.0431 5848 [ BF81D887348C8DD9E45B08F3718F7D96 ] C:\Windows\System32\SHCore.dll
18:02:41.0431 5848 C:\Windows\System32\SHCore.dll - ok
18:02:41.0431 5848 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:02:41.0431 5848 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
18:02:41.0431 5848 [ 0F38E5BAB0E4CEBB57987967F5505CD7 ] C:\Windows\SysWOW64\ntdll.dll
18:02:41.0431 5848 C:\Windows\SysWOW64\ntdll.dll - ok
18:02:41.0431 5848 [ 1C5F50F98291B7545391BB57C406E615 ] C:\Windows\SysWOW64\kernel32.dll
18:02:41.0431 5848 C:\Windows\SysWOW64\kernel32.dll - ok
18:02:41.0431 5848 [ 5A3BF11D81C7F7EE8EDE9A2430B70878 ] C:\Windows\SysWOW64\KernelBase.dll
18:02:41.0431 5848 C:\Windows\SysWOW64\KernelBase.dll - ok
18:02:41.0431 5848 [ 024B76FAD711EFECD6DD0FBD87265444 ] C:\Windows\SysWOW64\setupapi.dll
18:02:41.0431 5848 C:\Windows\SysWOW64\setupapi.dll - ok
18:02:41.0446 5848 [ 682C3D4982B5375732A4273809365A0A ] C:\Windows\SysWOW64\version.dll
18:02:41.0446 5848 C:\Windows\SysWOW64\version.dll - ok
18:02:41.0446 5848 [ BA1C3ACD929A71E88B49C2B6E38F92B3 ] C:\Windows\SysWOW64\user32.dll
18:02:41.0446 5848 C:\Windows\SysWOW64\user32.dll - ok
18:02:41.0446 5848 [ 05DE4C1D408A5A2E599E2DA0F6B909ED ] C:\Windows\SysWOW64\gdi32.dll
18:02:41.0446 5848 C:\Windows\SysWOW64\gdi32.dll - ok
18:02:41.0446 5848 [ BFEF608CD713A4CD3165D72E2AEB23F2 ] C:\Windows\SysWOW64\advapi32.dll
18:02:41.0446 5848 C:\Windows\SysWOW64\advapi32.dll - ok
18:02:41.0446 5848 [ EA35B404D87B3A61E7A5FBF6CDA1CF94 ] C:\Windows\SysWOW64\oleaut32.dll
18:02:41.0446 5848 C:\Windows\SysWOW64\oleaut32.dll - ok
18:02:41.0446 5848 [ 4F583ABEF86D3B9DD2C0D24C9E41138E ] C:\Windows\SysWOW64\winspool.drv
18:02:41.0446 5848 C:\Windows\SysWOW64\winspool.drv - ok
18:02:41.0462 5848 [ B59E9810F8A416B9E5354834F26969D4 ] C:\Windows\SysWOW64\msvcrt.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\msvcrt.dll - ok
18:02:41.0462 5848 [ 567612D556BBC4FC98169EA98F6EA480 ] C:\Windows\SysWOW64\cfgmgr32.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\cfgmgr32.dll - ok
18:02:41.0462 5848 [ E64021308A378207B317A97950B47413 ] C:\Windows\SysWOW64\rpcrt4.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\rpcrt4.dll - ok
18:02:41.0462 5848 [ B2A25F2C3DCCD9858701E0AF13E5EE4D ] C:\Windows\SysWOW64\devobj.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\devobj.dll - ok
18:02:41.0462 5848 [ 828CFD406E60311A9E5414685FA7EEDF ] C:\Windows\SysWOW64\combase.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\combase.dll - ok
18:02:41.0462 5848 [ 496E036F16467D7B7D12E0794E9FB85D ] C:\Windows\SysWOW64\sechost.dll
18:02:41.0462 5848 C:\Windows\SysWOW64\sechost.dll - ok
18:02:41.0477 5848 [ 1B382A581EE2B13B65A72F2E0E3C7F89 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
18:02:41.0477 5848 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
18:02:41.0477 5848 [ 7DFC3FCD0D5B7FC2F60C344BB384607C ] C:\Windows\SysWOW64\bcryptprimitives.dll
18:02:41.0477 5848 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
18:02:41.0477 5848 [ 0D3C6E1A7EBD401F46E00EDBD61D1A72 ] C:\Windows\SysWOW64\cryptbase.dll
18:02:41.0477 5848 C:\Windows\SysWOW64\cryptbase.dll - ok
18:02:41.0477 5848 [ CA36A7BA8ABA7321E7F2F0D285A3954A ] C:\Windows\SysWOW64\nvinit.dll
18:02:41.0477 5848 C:\Windows\SysWOW64\nvinit.dll - ok
18:02:41.0477 5848 [ 39B721A0FB5F3E9880EE247F04012D8C ] C:\Windows\SysWOW64\sspicli.dll
18:02:41.0477 5848 C:\Windows\SysWOW64\sspicli.dll - ok
18:02:41.0493 5848 [ 17D3C4FFBF3CAAD1FC9D5E66276CA0EF ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
18:02:41.0493 5848 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
18:02:41.0493 5848 [ 1EC6E533C954BDDF2A37E7851A7E58FD ] C:\Windows\System32\rpcss.dll
18:02:41.0493 5848 C:\Windows\System32\rpcss.dll - ok
18:02:41.0493 5848 [ 73F2E030B5C24E4E41401B5F0D59E6FD ] C:\Windows\System32\RpcEpMap.dll
18:02:41.0493 5848 C:\Windows\System32\RpcEpMap.dll - ok
18:02:41.0493 5848 [ 587089B7A93F3DE43832F3DBDD8F4653 ] C:\Windows\System32\RpcRtRemote.dll
18:02:41.0493 5848 C:\Windows\System32\RpcRtRemote.dll - ok
18:02:41.0493 5848 [ 7BB3FE507D7143CD54293DA3FB5DF3AB ] C:\Windows\SysWOW64\crypt32.dll
18:02:41.0493 5848 C:\Windows\SysWOW64\crypt32.dll - ok
18:02:41.0493 5848 [ C28F010F8C6AB4341749E2DEDEAC5D06 ] C:\Windows\SysWOW64\wintrust.dll
18:02:41.0493 5848 C:\Windows\SysWOW64\wintrust.dll - ok
18:02:41.0509 5848 [ 975398A3D2C1FEA73FC93931978DF354 ] C:\Windows\System32\bisrv.dll
18:02:41.0509 5848 C:\Windows\System32\bisrv.dll - ok
18:02:41.0509 5848 [ 43197AE4DF1F8D5A95C5134C81B05FB9 ] C:\Windows\System32\FirewallAPI.dll
18:02:41.0509 5848 C:\Windows\System32\FirewallAPI.dll - ok
18:02:41.0509 5848 [ AFAACBE85092FBD8EE7F54CA7FF3F0F1 ] C:\Windows\SysWOW64\msasn1.dll
18:02:41.0509 5848 C:\Windows\SysWOW64\msasn1.dll - ok
18:02:41.0509 5848 [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] C:\Windows\System32\lsm.dll
18:02:41.0509 5848 C:\Windows\System32\lsm.dll - ok
18:02:41.0509 5848 [ 066FE80AE0AC570822EB37970E27EA1D ] C:\Windows\System32\psmsrv.dll
18:02:41.0509 5848 C:\Windows\System32\psmsrv.dll - ok
18:02:41.0509 5848 [ 4E1278D5040A2D2D274EB98661CBF07E ] C:\Windows\SysWOW64\devrtl.dll
18:02:41.0509 5848 C:\Windows\SysWOW64\devrtl.dll - ok
18:02:41.0524 5848 [ 327E45388BDAC4A778A2C0040587272F ] C:\Windows\SysWOW64\drvstore.dll
18:02:41.0524 5848 C:\Windows\SysWOW64\drvstore.dll - ok
18:02:41.0524 5848 [ 5192F9A06BC32684ADF938EE16E118D9 ] C:\Windows\SysWOW64\ntmarta.dll
18:02:41.0524 5848 C:\Windows\SysWOW64\ntmarta.dll - ok
18:02:41.0524 5848 [ 30AAA85A13C5CAA79333D6703FF7F491 ] C:\Windows\SysWOW64\SPInf.dll
18:02:41.0524 5848 C:\Windows\SysWOW64\SPInf.dll - ok
18:02:41.0524 5848 [ 2383FFF04B78586DB2F78E82583F630A ] C:\Windows\System32\sysntfy.dll
18:02:41.0524 5848 C:\Windows\System32\sysntfy.dll - ok
18:02:41.0524 5848 [ F718B60213F47D9702F5048DC703C13D ] C:\Windows\System32\UXInit.dll
18:02:41.0524 5848 C:\Windows\System32\UXInit.dll - ok
18:02:41.0540 5848 [ E5D1CB25AB7050FE4A4397089BE2AA09 ] C:\Windows\System32\wmsgapi.dll
18:02:41.0540 5848 C:\Windows\System32\wmsgapi.dll - ok
18:02:41.0540 5848 [ B5CCCD2C6A0CC5CAE2B5140A1985DD69 ] C:\Windows\System32\uxtheme.dll
18:02:41.0540 5848 C:\Windows\System32\uxtheme.dll - ok
18:02:41.0540 5848 [ 11EA2B2C58E38BDBBEC4298BCEE40A59 ] C:\Windows\System32\wevtsvc.dll
18:02:41.0540 5848 C:\Windows\System32\wevtsvc.dll - ok
18:02:41.0540 5848 [ 52576C623E5877D6CD73479610A532C2 ] C:\Windows\System32\dpapi.dll
18:02:41.0540 5848 C:\Windows\System32\dpapi.dll - ok
18:02:41.0540 5848 [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] C:\Windows\System32\cscsvc.dll
18:02:41.0540 5848 C:\Windows\System32\cscsvc.dll - ok
18:02:41.0540 5848 [ 5358678C6370F2ADC5291849F6503262 ] C:\Windows\System32\gpsvc.dll
18:02:41.0540 5848 C:\Windows\System32\gpsvc.dll - ok
18:02:41.0556 5848 [ 429E8502AD2227CF88F8840FC5BD590D ] C:\Windows\System32\profsvc.dll
18:02:41.0556 5848 C:\Windows\System32\profsvc.dll - ok
18:02:41.0556 5848 [ 064FEE2A4EEE419868FE409C4C065A24 ] C:\Windows\System32\authui.dll
18:02:41.0556 5848 C:\Windows\System32\authui.dll - ok
18:02:41.0556 5848 [ 0CBF0748B3F6C978233BBDD1D9D6A023 ] C:\Windows\System32\dwm.exe
18:02:41.0556 5848 C:\Windows\System32\dwm.exe - ok
18:02:41.0556 5848 [ FAD009934DE5E8FA2511109B2349B9B1 ] C:\Windows\System32\LogonUI.exe
18:02:41.0556 5848 C:\Windows\System32\LogonUI.exe - ok
18:02:41.0556 5848 [ 91F2CB5172B120F7BE0645882D4427C8 ] C:\Windows\System32\profsvcext.dll
18:02:41.0556 5848 C:\Windows\System32\profsvcext.dll - ok
18:02:41.0571 5848 [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] C:\Windows\System32\themeservice.dll
18:02:41.0571 5848 C:\Windows\System32\themeservice.dll - ok
18:02:41.0571 5848 [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] C:\Windows\System32\es.dll
18:02:41.0571 5848 C:\Windows\System32\es.dll - ok
18:02:41.0571 5848 [ 91E1A704990CEE32FFFBDF8AB8C258E4 ] C:\Windows\System32\dsrole.dll
18:02:41.0571 5848 C:\Windows\System32\dsrole.dll - ok
18:02:41.0571 5848 [ F0C56FAF38A244599CBC173D581E27FC ] C:\Windows\System32\nlaapi.dll
18:02:41.0571 5848 C:\Windows\System32\nlaapi.dll - ok
18:02:41.0571 5848 [ BF2ACCB423E2066A1F8563057F8EA88E ] C:\Windows\System32\PeerDist.dll
18:02:41.0571 5848 C:\Windows\System32\PeerDist.dll - ok
18:02:41.0571 5848 [ 59963253442F28C8BE31A1BC3A16C352 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
18:02:41.0571 5848 C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
18:02:41.0587 5848 [ 4B249FD266D2FF17EE8809EB46A173A6 ] C:\Windows\System32\taskschd.dll
18:02:41.0587 5848 C:\Windows\System32\taskschd.dll - ok
18:02:41.0587 5848 [ 80E5C64479952266CCFCF52CBBBE84DC ] C:\Windows\System32\dui70.dll
18:02:41.0587 5848 C:\Windows\System32\dui70.dll - ok
18:02:41.0587 5848 [ 849958533A0CB20B5B738CA963A81EAF ] C:\Windows\System32\dwmredir.dll
18:02:41.0587 5848 C:\Windows\System32\dwmredir.dll - ok
18:02:41.0587 5848 [ F235600515AD6CBE06DB440FBB7C8E01 ] C:\Windows\System32\atl.dll
18:02:41.0587 5848 C:\Windows\System32\atl.dll - ok
18:02:41.0587 5848 [ 38082C25FC60B10977AC729127A4463D ] C:\Windows\System32\dwmapi.dll
18:02:41.0587 5848 C:\Windows\System32\dwmapi.dll - ok
18:02:41.0602 5848 [ 584B806DCBC4319DB649034AFD03481D ] C:\Windows\System32\mstask.dll
18:02:41.0602 5848 C:\Windows\System32\mstask.dll - ok
18:02:41.0602 5848 [ D70E930E67968D0F849333841DDBA02B ] C:\Windows\System32\netapi32.dll
18:02:41.0602 5848 C:\Windows\System32\netapi32.dll - ok
18:02:41.0602 5848 [ BB6591EA99CBCD17989CBF04214DD7E8 ] C:\Windows\System32\ntdsapi.dll
18:02:41.0602 5848 C:\Windows\System32\ntdsapi.dll - ok
18:02:41.0602 5848 [ 87D74EE28A323525C46ACAC7BB0E9C92 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
18:02:41.0602 5848 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
18:02:41.0602 5848 [ 4A945F0177124D653B5EF975D11DA9F8 ] C:\Windows\System32\dfscli.dll
18:02:41.0602 5848 C:\Windows\System32\dfscli.dll - ok
18:02:41.0602 5848 [ 9C51620998F0763039DFA6BF68E475ED ] C:\Windows\System32\Sens.dll
18:02:41.0602 5848 C:\Windows\System32\Sens.dll - ok
18:02:41.0618 5848 [ FC414C8C91848FACFD6514AEF88A5ABA ] C:\Windows\System32\wkscli.dll
18:02:41.0618 5848 C:\Windows\System32\wkscli.dll - ok
18:02:41.0618 5848 [ 79E94CDA16848C33FE05E743018F4858 ] C:\Windows\System32\nvsvc64.dll
18:02:41.0618 5848 C:\Windows\System32\nvsvc64.dll - ok
18:02:41.0618 5848 [ 4A98FF2EDD8C72CEEB42E0BA24330BE1 ] C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
18:02:41.0618 5848 C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll - ok
18:02:41.0618 5848 [ 301A491D64521D4AA7FD9CA950151027 ] C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
18:02:41.0618 5848 C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll - ok
18:02:41.0618 5848 [ 65F870703D4DC0FC382C23EB2A609252 ] C:\Windows\System32\dwmcore.dll
18:02:41.0618 5848 C:\Windows\System32\dwmcore.dll - ok
18:02:41.0618 5848 [ 7EF9810A8CBB51594DC046EF35A376C5 ] C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
18:02:41.0618 5848 C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll - ok
18:02:41.0634 5848 [ 810ED88782952228AF9C0985FB7D259E ] C:\Windows\System32\AudioEndpointBuilder.dll
18:02:41.0634 5848 C:\Windows\System32\AudioEndpointBuilder.dll - ok
18:02:41.0634 5848 [ 37843E6888569097918544F0338BC19D ] C:\Windows\System32\avrt.dll
18:02:41.0634 5848 C:\Windows\System32\avrt.dll - ok
18:02:41.0634 5848 [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] C:\Windows\System32\FntCache.dll
18:02:41.0634 5848 C:\Windows\System32\FntCache.dll - ok
18:02:41.0634 5848 [ EEE908BE7143FCA48CF0CB87214E2AB8 ] C:\Windows\System32\mmcss.dll
18:02:41.0634 5848 C:\Windows\System32\mmcss.dll - ok
18:02:41.0634 5848 [ B5FEAE9A8C299EB6D1B6D810CDB4A9A7 ] C:\Windows\System32\MMDevAPI.dll
18:02:41.0634 5848 C:\Windows\System32\MMDevAPI.dll - ok
18:02:41.0634 5848 [ ABA350274707D09D91826ED8EAF886B5 ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f\comctl32.dll
18:02:41.0634 5848 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_418c2a697189c07f\comctl32.dll - ok
18:02:41.0649 5848 [ B1256D36D6D415FB924A26957A83C2CB ] C:\Windows\System32\dcomp.dll
18:02:41.0649 5848 C:\Windows\System32\dcomp.dll - ok
18:02:41.0649 5848 [ 6D7F0A9FE5E7E01A0EA2D952FB0D2668 ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
18:02:41.0649 5848 C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
18:02:41.0649 5848 [ C6D71F42C6CB7F3AECFEDC1C0DDE8232 ] C:\Windows\System32\WindowsCodecs.dll
18:02:41.0649 5848 C:\Windows\System32\WindowsCodecs.dll - ok
18:02:41.0649 5848 [ D90968F95B7304F28988572C3877330B ] C:\Windows\System32\mscms.dll
18:02:41.0649 5848 C:\Windows\System32\mscms.dll - ok
18:02:41.0649 5848 [ 81ECD8768D3E4AD61DB7EE27401A25E9 ] C:\Windows\System32\wevtapi.dll
18:02:41.0649 5848 C:\Windows\System32\wevtapi.dll - ok
18:02:41.0649 5848 [ 5264BDA0ACE3D560336AC2EAD0728D41 ] C:\Windows\System32\duser.dll
18:02:41.0649 5848 C:\Windows\System32\duser.dll - ok
18:02:41.0665 5848 [ D39F1714D8944A0AC590B08F5A2DD0E7 ] C:\Windows\System32\SndVolSSO.dll
18:02:41.0665 5848 C:\Windows\System32\SndVolSSO.dll - ok
18:02:41.0665 5848 [ AF433565E5E02857C5D0AFFD932AF150 ] C:\Windows\System32\msimg32.dll
18:02:41.0665 5848 C:\Windows\System32\msimg32.dll - ok
18:02:41.0665 5848 [ 5DCBA1A3AE7150D2B71347BDD08639ED ] C:\Windows\System32\version.dll
18:02:41.0665 5848 C:\Windows\System32\version.dll - ok
18:02:41.0665 5848 [ 0E658D67C4A79294BC7BBBF4656F0794 ] C:\Windows\System32\winmm.dll
18:02:41.0665 5848 C:\Windows\System32\winmm.dll - ok
18:02:41.0665 5848 [ D3F63550DCDA80A2AFB218A86A4EC5F0 ] C:\Windows\System32\BCP47Langs.dll
18:02:41.0665 5848 C:\Windows\System32\BCP47Langs.dll - ok
18:02:41.0665 5848 [ 6CB5B0F8F835B0E69857436405BA6E28 ] C:\Windows\System32\d3d10_1.dll
18:02:41.0665 5848 C:\Windows\System32\d3d10_1.dll - ok
18:02:41.0681 5848 [ 156B8769D44187090781DFA9FED1AE18 ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:02:41.0681 5848 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:02:41.0681 5848 [ 3951ECF063787EB40CD33D2961B39E23 ] C:\Windows\System32\d3d10_1core.dll
18:02:41.0681 5848 C:\Windows\System32\d3d10_1core.dll - ok
18:02:41.0681 5848 [ 15343AA01C41F7AB4FE549499159DB6F ] C:\Windows\System32\winmmbase.dll
18:02:41.0681 5848 C:\Windows\System32\winmmbase.dll - ok
18:02:41.0681 5848 [ 02DF949C584B02FAB05868502C578D42 ] C:\Windows\System32\dxgi.dll
18:02:41.0681 5848 C:\Windows\System32\dxgi.dll - ok
18:02:41.0681 5848 [ BD415FA1E9456FA10DE674486DF98A19 ] C:\Windows\System32\nvapi64.dll
18:02:41.0681 5848 C:\Windows\System32\nvapi64.dll - ok
18:02:41.0681 5848 [ EAE1E802E8DBA1A8562652A29D520BEF ] C:\Windows\System32\d3d11.dll
18:02:41.0681 5848 C:\Windows\System32\d3d11.dll - ok
18:02:41.0696 5848 [ BA00213023D5CD80C2534BBD38F77610 ] C:\Windows\System32\nvd3dumx.dll
18:02:41.0696 5848 C:\Windows\System32\nvd3dumx.dll - ok
18:02:41.0696 5848 [ C98F6286818474AB284144A73EC7BA6D ] C:\Windows\System32\cngcredui.dll
18:02:41.0696 5848 C:\Windows\System32\cngcredui.dll - ok
18:02:41.0696 5848 [ 20A19E2D29F86B2B3AA5B2A8B96B3041 ] C:\Windows\System32\DWrite.dll
18:02:41.0696 5848 C:\Windows\System32\DWrite.dll - ok
18:02:41.0696 5848 [ F6A782EEADBAE440046DD558836C3036 ] C:\Windows\System32\nvsvcr.dll
18:02:41.0696 5848 C:\Windows\System32\nvsvcr.dll - ok
18:02:41.0696 5848 [ 7FA8C13A62CAEB2D84A731030DC1B866 ] C:\Windows\System32\oleacc.dll
18:02:41.0696 5848 C:\Windows\System32\oleacc.dll - ok
18:02:41.0696 5848 [ 439580916E49358F8BE33005E98E4B1F ] C:\Windows\System32\BioCredProv.dll
18:02:41.0696 5848 C:\Windows\System32\BioCredProv.dll - ok
18:02:41.0712 5848 [ CA898506AAD915A003D512154B615BDC ] C:\Windows\System32\nvcpl.dll
18:02:41.0712 5848 C:\Windows\System32\nvcpl.dll - ok
18:02:41.0712 5848 [ CE0884D5E82E48F0959BEE3006BEA0E1 ] C:\Windows\System32\certCredProvider.dll
18:02:41.0712 5848 C:\Windows\System32\certCredProvider.dll - ok
18:02:41.0712 5848 [ 77DA2B3F012A1F0D88F29C612F606F28 ] C:\Windows\System32\winbio.dll
18:02:41.0712 5848 C:\Windows\System32\winbio.dll - ok
18:02:41.0712 5848 [ 1D03DD2BA438D4B3E1A0289738619056 ] C:\Windows\System32\wlidcredprov.dll
18:02:41.0712 5848 C:\Windows\System32\wlidcredprov.dll - ok
18:02:41.0712 5848 [ EC7C1F9882A5E2F4C5391DDC43582110 ] C:\Windows\System32\rasplap.dll
18:02:41.0712 5848 C:\Windows\System32\rasplap.dll - ok
18:02:41.0727 5848 [ 6E578460E165F14D9BA473ED54E3299B ] C:\Windows\System32\rasapi32.dll
18:02:41.0727 5848 C:\Windows\System32\rasapi32.dll - ok
18:02:41.0727 5848 [ 8BC7CDECD6CBD692E35B0A15CAC2B9D0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
18:02:41.0727 5848 C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
18:02:41.0727 5848 [ 8C988C29CFB9B3673E882B4DA5EEC81D ] C:\Windows\System32\rasman.dll
18:02:41.0727 5848 C:\Windows\System32\rasman.dll - ok
18:02:41.0727 5848 [ 4E251FE2729D6A3FCCC87DC13F823DC2 ] C:\Windows\System32\rtutils.dll
18:02:41.0727 5848 C:\Windows\System32\rtutils.dll - ok
18:02:41.0727 5848 [ 855D7BA4DC79E4157651FF5B23B41FD0 ] C:\Windows\System32\UIAnimation.dll
18:02:41.0727 5848 C:\Windows\System32\UIAnimation.dll - ok
18:02:41.0727 5848 [ 46F09D226A9F0676932657A6761CEB82 ] C:\Windows\System32\d3d10warp.dll
18:02:41.0727 5848 C:\Windows\System32\d3d10warp.dll - ok
18:02:41.0743 5848 [ F6929D9D3821A4ADEAF89CD1E0E70317 ] C:\Windows\System32\nvumdshimx.dll
18:02:41.0743 5848 C:\Windows\System32\nvumdshimx.dll - ok
18:02:41.0743 5848 [ F2CDA4A446FD4BA2D8BAF456219C6964 ] C:\Windows\System32\UIAutomationCore.dll
18:02:41.0743 5848 C:\Windows\System32\UIAutomationCore.dll - ok
18:02:41.0743 5848 [ 21E796CF2D1B8A6FAA2347B0070316CE ] C:\Windows\System32\winbrand.dll
18:02:41.0743 5848 C:\Windows\System32\winbrand.dll - ok
18:02:41.0743 5848 [ A5BD2A901B11C3B0C47E7C7488CBC1D8 ] C:\Windows\System32\igd10umd64.dll
18:02:41.0743 5848 C:\Windows\System32\igd10umd64.dll - ok
18:02:41.0743 5848 [ 25CA8B87479A374919563B3EE7136F32 ] C:\Windows\System32\audiosrv.dll
18:02:41.0743 5848 C:\Windows\System32\audiosrv.dll - ok
18:02:41.0743 5848 [ 103E609A08474C43C04FB064440FCAE7 ] C:\Windows\System32\shacct.dll
18:02:41.0743 5848 C:\Windows\System32\shacct.dll - ok
18:02:41.0759 5848 [ A22411CA36466FC676D6805B3196726E ] C:\Windows\System32\samlib.dll
18:02:41.0759 5848 C:\Windows\System32\samlib.dll - ok
18:02:41.0759 5848 [ CEEFD29FC551F289810B0B9381B321DC ] C:\Windows\System32\Drivers\lltdio.sys
18:02:41.0759 5848 C:\Windows\System32\Drivers\lltdio.sys - ok
18:02:41.0759 5848 [ 43D7388A90A4C6EA346A4D6FF0377479 ] C:\Windows\System32\Drivers\nwifi.sys
18:02:41.0759 5848 C:\Windows\System32\Drivers\nwifi.sys - ok
18:02:41.0759 5848 [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] C:\Windows\System32\Drivers\ndisuio.sys
18:02:41.0759 5848 C:\Windows\System32\Drivers\ndisuio.sys - ok
18:02:41.0759 5848 [ E04E770DD198B9399640717145E79EBF ] C:\Windows\System32\Drivers\rspndr.sys
18:02:41.0759 5848 C:\Windows\System32\Drivers\rspndr.sys - ok
18:02:41.0774 5848 [ FD24F98D2898BE093FE926604BE7DB99 ] C:\Windows\System32\Drivers\TurboB.sys
18:02:41.0774 5848 C:\Windows\System32\Drivers\TurboB.sys - ok
18:02:41.0774 5848 [ 04A9D55BDCD79EBB2F32D91FE5946C28 ] C:\Windows\System32\IPHLPAPI.DLL
18:02:41.0774 5848 C:\Windows\System32\IPHLPAPI.DLL - ok
18:02:41.0774 5848 [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] C:\Windows\System32\lmhsvc.dll
18:02:41.0774 5848 C:\Windows\System32\lmhsvc.dll - ok
18:02:41.0774 5848 [ 832B5FDF0B5577713FD7F2465FCD0ACE ] C:\Windows\System32\nsisvc.dll
18:02:41.0774 5848 C:\Windows\System32\nsisvc.dll - ok
18:02:41.0774 5848 [ 066B9710B36AB550E01EEFCA52155968 ] C:\Windows\System32\dnsrslvr.dll
18:02:41.0774 5848 C:\Windows\System32\dnsrslvr.dll - ok
18:02:41.0774 5848 [ F28C7A1A04C73FD099CBA2441B07842D ] C:\Windows\System32\nrpsrv.dll
18:02:41.0774 5848 C:\Windows\System32\nrpsrv.dll - ok
18:02:41.0790 5848 [ D9C1E82651BF19C6FF69CEC6FD400124 ] C:\Windows\System32\wcmsvc.dll
18:02:41.0790 5848 C:\Windows\System32\wcmsvc.dll - ok
18:02:41.0790 5848 [ 0911A3B2DE545EA2498E560D745B7E71 ] C:\Windows\System32\winnsi.dll
18:02:41.0790 5848 C:\Windows\System32\winnsi.dll - ok
18:02:41.0790 5848 [ 9E0E72222264745ADEB0E5AC680B0ED6 ] C:\Windows\System32\dhcpcore.dll
18:02:41.0790 5848 C:\Windows\System32\dhcpcore.dll - ok
18:02:41.0790 5848 [ 536198D1FACCF6C6F5A4D71E7EA70039 ] C:\Windows\System32\FWPUCLNT.DLL
18:02:41.0790 5848 C:\Windows\System32\FWPUCLNT.DLL - ok
18:02:41.0790 5848 [ 6351724B8FA0255C2DBD970297F00B93 ] C:\Windows\System32\wlansvc.dll
18:02:41.0790 5848 C:\Windows\System32\wlansvc.dll - ok
18:02:41.0790 5848 [ ACB80C69E775A1EA1D0500CE8C72FD69 ] C:\Windows\System32\dhcpcore6.dll
18:02:41.0790 5848 C:\Windows\System32\dhcpcore6.dll - ok
18:02:41.0806 5848 [ 028A5E6B0ABDD7B2D32745C5F1D8F711 ] C:\Windows\System32\wcmcsp.dll
18:02:41.0806 5848 C:\Windows\System32\wcmcsp.dll - ok
18:02:41.0806 5848 [ E2B8F9FE6FA401AEB0BDFF8ED61A7568 ] C:\Windows\System32\wmiclnt.dll
18:02:41.0806 5848 C:\Windows\System32\wmiclnt.dll - ok
18:02:41.0806 5848 [ EB87F1EFE1376CE0283635563026F9E0 ] C:\Windows\System32\dhcpcsvc6.dll
18:02:41.0806 5848 C:\Windows\System32\dhcpcsvc6.dll - ok
18:02:41.0806 5848 [ 137BBCFB2080C5F6F4E5C4EB6314D97A ] C:\Windows\System32\dnsext.dll
18:02:41.0806 5848 C:\Windows\System32\dnsext.dll - ok
18:02:41.0806 5848 [ 7D6BDD2A339080EFA03D9EB39398F4E6 ] C:\Windows\System32\wlanmsm.dll
18:02:41.0806 5848 C:\Windows\System32\wlanmsm.dll - ok
18:02:41.0806 5848 [ 8341C75945D37A0CA7642A47B7E79260 ] C:\Windows\System32\dhcpcsvc.dll
18:02:41.0806 5848 C:\Windows\System32\dhcpcsvc.dll - ok
18:02:41.0821 5848 [ 72EC1DEF102304EE8C2E47566328F035 ] C:\Windows\System32\onex.dll
18:02:41.0821 5848 C:\Windows\System32\onex.dll - ok
18:02:41.0821 5848 [ D142894EBEFD276A5CFE876884A6E3F9 ] C:\Windows\System32\uDWM.dll
18:02:41.0821 5848 C:\Windows\System32\uDWM.dll - ok
18:02:41.0821 5848 [ 14D785DFBE808D9CF7B8C06884730B1D ] C:\Windows\System32\wlansec.dll
18:02:41.0821 5848 C:\Windows\System32\wlansec.dll - ok
18:02:41.0821 5848 [ 6684C72C745F0E5E385EEAFF3C15538F ] C:\Windows\System32\eappprxy.dll
18:02:41.0821 5848 C:\Windows\System32\eappprxy.dll - ok
18:02:41.0821 5848 [ 36E419B92BFBF76438B8C0C4DD28B9E6 ] C:\Windows\System32\msxml6.dll
18:02:41.0821 5848 C:\Windows\System32\msxml6.dll - ok
18:02:41.0837 5848 [ 2C71C009DFAC4C6EE7795C6C042090B4 ] C:\Windows\System32\slc.dll
18:02:41.0837 5848 C:\Windows\System32\slc.dll - ok
18:02:41.0837 5848 [ D9AEEA13463C68BC9506342A7D15CBDA ] C:\Windows\System32\wlgpclnt.dll
18:02:41.0837 5848 C:\Windows\System32\wlgpclnt.dll - ok
18:02:41.0837 5848 [ DC774C3671FBD6FD176864AF0EBA404E ] C:\Windows\System32\d2d1.dll
18:02:41.0837 5848 C:\Windows\System32\d2d1.dll - ok
18:02:41.0837 5848 [ 193F8B5C8E94D2F4512868135CDB3B1A ] C:\Windows\System32\l2gpstore.dll
18:02:41.0837 5848 C:\Windows\System32\l2gpstore.dll - ok
18:02:41.0837 5848 [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] C:\Windows\System32\shsvcs.dll
18:02:41.0837 5848 C:\Windows\System32\shsvcs.dll - ok
18:02:41.0837 5848 [ 047DB56D72FDC16114606B1A6576904B ] C:\Windows\System32\wlanapi.dll
18:02:41.0837 5848 C:\Windows\System32\wlanapi.dll - ok
18:02:41.0837 5848 [ 04E866855FC3282BFEC25E8B6703FFEE ] C:\Windows\System32\netcfgx.dll
18:02:41.0837 5848 C:\Windows\System32\netcfgx.dll - ok
18:02:41.0852 5848 [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] C:\Windows\System32\Drivers\vwifimp.sys
18:02:41.0852 5848 C:\Windows\System32\Drivers\vwifimp.sys - ok
18:02:41.0852 5848 [ EDCDF4DB82EF825B94B190D544C8C58B ] C:\Windows\System32\schedsvc.dll
18:02:41.0852 5848 C:\Windows\System32\schedsvc.dll - ok
18:02:41.0852 5848 [ 59FB8ADC92BF41345BD0034F02187C0E ] C:\Windows\System32\wlanhlp.dll
18:02:41.0852 5848 C:\Windows\System32\wlanhlp.dll - ok
18:02:41.0852 5848 [ 3E5177CAE5C4325C49345B4D48626856 ] C:\Windows\System32\SubscriptionMgr.dll
18:02:41.0852 5848 C:\Windows\System32\SubscriptionMgr.dll - ok
18:02:41.0852 5848 [ D058F369A791DD5B4DF8E7C18C0EB282 ] C:\Windows\System32\ktmw32.dll

18:02:41.0852 5848 C:\Windows\System32\ktmw32.dll - ok
18:02:41.0852 5848 [ 15E300200794A8FC38589B44A0B314D6 ] C:\Windows\System32\xmllite.dll
18:02:41.0852 5848 C:\Windows\System32\xmllite.dll - ok
18:02:41.0868 5848 [ EB4EE894AF86408776C6FD03376DEA29 ] C:\Windows\System32\fveapi.dll
18:02:41.0868 5848 C:\Windows\System32\fveapi.dll - ok
18:02:41.0868 5848 [ 8FF250BD9B3AC4D9D3F325570F901F36 ] C:\Windows\System32\fvecerts.dll
18:02:41.0868 5848 C:\Windows\System32\fvecerts.dll - ok
18:02:41.0868 5848 [ AA221DD533C7B0897B90B92AFFA45A7E ] C:\Windows\System32\taskcomp.dll
18:02:41.0868 5848 C:\Windows\System32\taskcomp.dll - ok
18:02:41.0868 5848 [ 3DB7FFC313BD190D0E64931302776BAF ] C:\Windows\System32\ntmarta.dll
18:02:41.0868 5848 C:\Windows\System32\ntmarta.dll - ok
18:02:41.0868 5848 [ 29CB98187BB5711F7759540976D295FC ] C:\Windows\System32\Drivers\http.sys
18:02:41.0868 5848 C:\Windows\System32\Drivers\http.sys - ok
18:02:41.0868 5848 [ 3F215BF2D4D8D6756298B25B579772C2 ] C:\Windows\System32\spoolsv.exe
18:02:41.0868 5848 C:\Windows\System32\spoolsv.exe - ok
18:02:41.0884 5848 [ 9F2EF726FF603F09BE6BFBBAB5114973 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
18:02:41.0884 5848 C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
18:02:41.0884 5848 [ 9E6A544F465C582AB42444A217CF04DC ] C:\Windows\System32\BFE.DLL
18:02:41.0884 5848 C:\Windows\System32\BFE.DLL - ok
18:02:41.0884 5848 [ AFE9464D80CFE0B0ECFE906C8A5996A0 ] C:\Windows\System32\winspool.drv
18:02:41.0884 5848 C:\Windows\System32\winspool.drv - ok
18:02:41.0884 5848 [ 599FCE13B819BA7D2D4D4E9C5AD08002 ] C:\Windows\System32\ProximityService.dll
18:02:41.0884 5848 C:\Windows\System32\ProximityService.dll - ok
18:02:41.0884 5848 [ 406388E840C631E3C338F4E3551F791C ] C:\Windows\System32\ProximityCommon.dll
18:02:41.0884 5848 C:\Windows\System32\ProximityCommon.dll - ok
18:02:41.0884 5848 [ B17AC10B47C7FCB44D22A1F06415840E ] C:\Windows\System32\Drivers\bowser.sys
18:02:41.0884 5848 C:\Windows\System32\Drivers\bowser.sys - ok
18:02:41.0884 5848 [ 4A627D948C498368B2F65A5312455520 ] C:\Windows\System32\taskhost.exe
18:02:41.0884 5848 C:\Windows\System32\taskhost.exe - ok
18:02:41.0899 5848 [ 467497DF10CF8D4014BD25CCE987EA84 ] C:\Windows\System32\wcmapi.dll
18:02:41.0899 5848 C:\Windows\System32\wcmapi.dll - ok
18:02:41.0899 5848 [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] C:\Windows\System32\Drivers\mpsdrv.sys
18:02:41.0899 5848 C:\Windows\System32\Drivers\mpsdrv.sys - ok
18:02:41.0899 5848 [ 3031573A739DBEE8923851929D0AF423 ] C:\Windows\System32\MPSSVC.dll
18:02:41.0899 5848 C:\Windows\System32\MPSSVC.dll - ok
18:02:41.0899 5848 [ 877D60D6E4156EC4A2E0B6871D41BED9 ] C:\Windows\System32\Drivers\mrxsmb.sys
18:02:41.0899 5848 C:\Windows\System32\Drivers\mrxsmb.sys - ok
18:02:41.0899 5848 [ 3A6209AC494296C24C2065CB4392B5F4 ] C:\Windows\System32\rundll32.exe
18:02:41.0899 5848 C:\Windows\System32\rundll32.exe - ok
18:02:41.0899 5848 [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] C:\Windows\System32\Drivers\mrxsmb10.sys
18:02:41.0899 5848 C:\Windows\System32\Drivers\mrxsmb10.sys - ok
18:02:41.0915 5848 [ D8F969B29E087A860156E4FFDB04138D ] C:\Windows\System32\adhapi.dll
18:02:41.0915 5848 C:\Windows\System32\adhapi.dll - ok
18:02:41.0915 5848 [ E078446D4B8622AA6030C7B8A1A08962 ] C:\Windows\System32\Drivers\mrxsmb20.sys
18:02:41.0915 5848 C:\Windows\System32\Drivers\mrxsmb20.sys - ok
18:02:41.0915 5848 [ 16650912BE5A94B40E0B3B4C39652B56 ] C:\Windows\System32\wkssvc.dll
18:02:41.0915 5848 C:\Windows\System32\wkssvc.dll - ok
18:02:41.0915 5848 [ BA47A3E78521EC9EA4341F6FA8A75EC9 ] C:\Windows\System32\propsys.dll
18:02:41.0915 5848 C:\Windows\System32\propsys.dll - ok
18:02:41.0915 5848 [ 9C09F1D54C7F391B1C3D7440AF30720A ] C:\Windows\System32\InputSwitch.dll
18:02:41.0915 5848 C:\Windows\System32\InputSwitch.dll - ok
18:02:41.0915 5848 [ FF468871BC365B52AE650D422FEA21F5 ] C:\Windows\System32\wfapigp.dll
18:02:41.0915 5848 C:\Windows\System32\wfapigp.dll - ok
18:02:41.0931 5848 [ ABE4B349D12138772B0D3B1B55C5F2A8 ] C:\Windows\System32\MrmCoreR.dll
18:02:41.0931 5848 C:\Windows\System32\MrmCoreR.dll - ok
18:02:41.0931 5848 [ B938289D040F341BA457C7F27B507A7F ] C:\Windows\System32\wdmaud.drv
18:02:41.0931 5848 C:\Windows\System32\wdmaud.drv - ok
18:02:41.0931 5848 [ 7DBFCB05BCD03500D6B877C54FEE4971 ] C:\Windows\System32\ksuser.dll
18:02:41.0931 5848 C:\Windows\System32\ksuser.dll - ok
18:02:41.0931 5848 [ 7FD32D1A763D8BDF3A142C99FC21D232 ] C:\Windows\System32\AudioSes.dll
18:02:41.0931 5848 C:\Windows\System32\AudioSes.dll - ok
18:02:41.0931 5848 [ 1BA72303004CC0C35217722D703B8311 ] C:\Windows\System32\midimap.dll
18:02:41.0931 5848 C:\Windows\System32\midimap.dll - ok
18:02:41.0931 5848 [ 802EEA1D3BB0D99892DF2DCE5B5610DE ] C:\Windows\System32\msacm32.dll
18:02:41.0931 5848 C:\Windows\System32\msacm32.dll - ok
18:02:41.0946 5848 [ 714F76BF1B594CD7D38AF1515F6F25E5 ] C:\Windows\System32\msacm32.drv
18:02:41.0946 5848 C:\Windows\System32\msacm32.drv - ok
18:02:41.0946 5848 [ F61538DADA4EF556BEA8F3AEF12A7E6B ] C:\Windows\System32\audiodg.exe
18:02:41.0946 5848 C:\Windows\System32\audiodg.exe - ok
18:02:41.0946 5848 [ AB168DB41491E3D043A99110F1E148DE ] C:\Windows\System32\AudioEng.dll
18:02:41.0946 5848 C:\Windows\System32\AudioEng.dll - ok
18:02:41.0946 5848 [ 6246774331042E74F7E1ADA504C24063 ] C:\Windows\System32\AUDIOKSE.dll
18:02:41.0946 5848 C:\Windows\System32\AUDIOKSE.dll - ok
18:02:41.0946 5848 [ 7E6CA0FBCFDD2B6E2D99EDD8B673A192 ] C:\Windows\System32\MBWrp64.dll
18:02:41.0946 5848 C:\Windows\System32\MBWrp64.dll - ok
18:02:41.0946 5848 [ 2C074F8E6027B1091E957A57C03AC620 ] C:\Windows\System32\MBAPO64.dll
18:02:41.0946 5848 C:\Windows\System32\MBAPO64.dll - ok
18:02:41.0946 5848 [ 17B2B3271157BC6B5E0FE946E403E9CC ] C:\Windows\System32\RtkAPO64.dll
18:02:41.0946 5848 C:\Windows\System32\RtkAPO64.dll - ok
18:02:41.0962 5848 [ 1E7B61301E75B734BC2D60DB0E15183B ] C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
18:02:41.0962 5848 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe - ok
18:02:41.0962 5848 [ BE399977E4EDAD96977E552D9A449097 ] C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll
18:02:41.0962 5848 C:\Program Files\Trend Micro\AMSP\utilGenericLoader.dll - ok
18:02:41.0962 5848 [ CB0B95F5FB3F70FCDD9277EC4A1AF9C7 ] C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll
18:02:41.0962 5848 C:\Program Files\Trend Micro\AMSP\utilDebugLog.dll - ok
18:02:41.0962 5848 [ F3FA3ED4DD8FC618E9667F4910298D67 ] C:\Program Files\Trend Micro\AMSP\utilInstallation.dll
18:02:41.0962 5848 C:\Program Files\Trend Micro\AMSP\utilInstallation.dll - ok
18:02:41.0962 5848 [ 03E0955A7D8E5E74E7F6986A56A66196 ] C:\Windows\System32\MaxxAudioAPO30.dll
18:02:41.0962 5848 C:\Windows\System32\MaxxAudioAPO30.dll - ok
18:02:41.0962 5848 [ 973ADB6AD47AC047F900C0D760AB6BE2 ] C:\Windows\System32\AERTAR64.dll
18:02:41.0962 5848 C:\Windows\System32\AERTAR64.dll - ok
18:02:41.0977 5848 [ DDB2690A640079E3AD611E5C7AD834BD ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_88dc8c812fb1ba3f\msvcp80.dll
18:02:41.0977 5848 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_88dc8c812fb1ba3f\msvcp80.dll - ok
18:02:41.0977 5848 [ 2D43B15DA25E6CDC39C733730D48F110 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_88dc8c812fb1ba3f\msvcr80.dll
18:02:41.0977 5848 C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_88dc8c812fb1ba3f\msvcr80.dll - ok
18:02:41.0977 5848 [ 872B28B559AB214346D31A9A5AAF8381 ] C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
18:02:41.0977 5848 C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll - ok
18:02:41.0977 5848 [ 0FCD79A682AFF4957ECBC017FF085841 ] C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll
18:02:41.0977 5848 C:\Program Files\Trend Micro\AMSP\utilComponentInfo.dll - ok
18:02:41.0977 5848 [ 151A9FFA90027B9E636F99295D9672AB ] C:\Windows\System32\deviceaccess.dll
18:02:41.0977 5848 C:\Windows\System32\deviceaccess.dll - ok
18:02:41.0993 5848 [ DC5547F48A48636BB50179AECDD94A0B ] C:\Windows\System32\WMALFXGFXDSP.dll
18:02:41.0993 5848 C:\Windows\System32\WMALFXGFXDSP.dll - ok
18:02:41.0993 5848 [ 1717CE7906AB980501948CEC53DFF636 ] C:\Windows\System32\mfplat.dll
18:02:41.0993 5848 C:\Windows\System32\mfplat.dll - ok
18:02:41.0993 5848 [ 6BB64E7787DD119CE02A26B1F3393C6A ] C:\Program Files\Trend Micro\AMSP\utilThread.dll
18:02:41.0993 5848 C:\Program Files\Trend Micro\AMSP\utilThread.dll - ok
18:02:41.0993 5848 [ DF61F49C9D61E00D38B4818A148777F0 ] C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll
18:02:41.0993 5848 C:\Program Files\Trend Micro\AMSP\utilMsgBuffer.dll - ok
18:02:41.0993 5848 [ 04ED9A5B39FFDDDD8314E8F34049022F ] C:\Windows\System32\dbghelp.dll
18:02:41.0993 5848 C:\Windows\System32\dbghelp.dll - ok
18:02:41.0993 5848 [ 581D88B25C4D4121824FED2CA38E562F ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
18:02:41.0993 5848 C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
18:02:42.0009 5848 [ 8CA39652B982491675141E343AAE717D ] C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
18:02:42.0009 5848 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe - ok
18:02:42.0009 5848 [ 2640C2240F9B6529AE779D83E8FF2127 ] C:\Windows\System32\apphelp.dll
18:02:42.0009 5848 C:\Windows\System32\apphelp.dll - ok
18:02:42.0009 5848 [ 3E30EF769BC47B9B16515EB66EFF1E2F ] C:\Windows\System32\conhost.exe
18:02:42.0009 5848 C:\Windows\System32\conhost.exe - ok
18:02:42.0009 5848 [ D9CB0782AF819548072AA45B70F8B22D ] C:\Windows\System32\Drivers\condrv.sys
18:02:42.0009 5848 C:\Windows\System32\Drivers\condrv.sys - ok
18:02:42.0009 5848 [ 3927397AC60D943DAF8808AFFED582B7 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:02:42.0009 5848 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
18:02:42.0009 5848 [ 7646E9DA362163D9C0F402F812EB1A0E ] C:\Windows\SysWOW64\shell32.dll
18:02:42.0009 5848 C:\Windows\SysWOW64\shell32.dll - ok
18:02:42.0024 5848 [ A93982600ED8B058A4582240B5DF4A2E ] C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe - ok
18:02:42.0024 5848 [ 6DFA32353FE0F20D05F276686B751CB1 ] C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\AMSP_LogServer.exe - ok
18:02:42.0024 5848 [ 6766306FD9DDDB4FC181B26121E120A7 ] C:\Program Files\Trend Micro\AMSP\sqlite3.dll
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\sqlite3.dll - ok
18:02:42.0024 5848 [ 31936787AA45748B2CB8B269D58201EE ] C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\outer_AMSP_ClientLibrary.dll - ok
18:02:42.0024 5848 [ 3450B487086D58F2E220E11F3E2D4301 ] C:\Program Files\Trend Micro\AMSP\utilIPC.dll
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\utilIPC.dll - ok
18:02:42.0024 5848 [ F59ABF64B729602C7D0274908D8675FE ] C:\Program Files\Trend Micro\AMSP\utilRPC.dll
18:02:42.0024 5848 C:\Program Files\Trend Micro\AMSP\utilRPC.dll - ok
18:02:42.0040 5848 [ E0FDDECAC62DDAB981FEC8722DC8D543 ] C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll
18:02:42.0040 5848 C:\Program Files\Trend Micro\AMSP\coreConfigRepository.dll - ok
18:02:42.0040 5848 [ 6ADA7F192919DD51930A73F364129433 ] C:\Windows\SysWOW64\ole32.dll
18:02:42.0040 5848 C:\Windows\SysWOW64\ole32.dll - ok
18:02:42.0040 5848 [ 57FC85710B27E01608E7F343B27F9579 ] C:\Program Files\Trend Micro\AMSP\module\1\2.5.1342\coreFrameworkBuilder.dll
18:02:42.0040 5848 C:\Program Files\Trend Micro\AMSP\module\1\2.5.1342\coreFrameworkBuilder.dll - ok
18:02:42.0040 5848 [ 5BB92B4A3DDB7FB2D9085F7F7A771512 ] C:\Windows\System32\ieframe.dll
18:02:42.0040 5848 C:\Windows\System32\ieframe.dll - ok
18:02:42.0040 5848 [ F1F9EEEF647CFA62A7104C054CE0999B ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\msvcr90.dll
18:02:42.0040 5848 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\msvcr90.dll - ok
18:02:42.0040 5848 [ 1FFE84F20C3FCCC0445999DC9725F0E4 ] C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
18:02:42.0040 5848 C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll - ok
18:02:42.0056 5848 [ B8ECF8A56EEF75468F9ABFECE70AF555 ] C:\Windows\SysWOW64\shlwapi.dll
18:02:42.0056 5848 C:\Windows\SysWOW64\shlwapi.dll - ok
18:02:42.0056 5848 [ E0FDDECAC62DDAB981FEC8722DC8D543 ] C:\Program Files\Trend Micro\AMSP\module\5\2.5.1331\coreConfigRepository.dll
18:02:42.0056 5848 C:\Program Files\Trend Micro\AMSP\module\5\2.5.1331\coreConfigRepository.dll - ok
18:02:42.0056 5848 [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
18:02:42.0056 5848 C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
18:02:42.0056 5848 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:02:42.0056 5848 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:02:42.0056 5848 [ 823F34D1DEF120A657BB7529ABF4461F ] C:\Windows\System32\inetsrv\apphostsvc.dll
18:02:42.0056 5848 C:\Windows\System32\inetsrv\apphostsvc.dll - ok
18:02:42.0056 5848 [ 3B3F1B06FAD6B14AEADD6BF5465386BD ] C:\Windows\System32\inetsrv\iisutil.dll
18:02:42.0056 5848 C:\Windows\System32\inetsrv\iisutil.dll - ok
18:02:42.0071 5848 [ 12BC4D22DD8280FED7D3004E099DC499 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcp80.dll
18:02:42.0071 5848 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcp80.dll - ok
18:02:42.0071 5848 [ B6A5F92A417ED4BDE54BE170AF0A9E31 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcr80.dll
18:02:42.0071 5848 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6910_none_d089c358442de345\msvcr80.dll - ok
18:02:42.0071 5848 [ 896737897BCF9656F2D0ADC9F1C1D791 ] C:\Program Files\Trend Micro\AMSP\module\7\2.5.1331\coreUpdateManager.dll
18:02:42.0071 5848 C:\Program Files\Trend Micro\AMSP\module\7\2.5.1331\coreUpdateManager.dll - ok
18:02:42.0071 5848 [ 921E00A2245BAC544E3DD706FBFD1F54 ] C:\Windows\System32\inetsrv\nativerd.dll
18:02:42.0071 5848 C:\Windows\System32\inetsrv\nativerd.dll - ok
18:02:42.0071 5848 [ 92DA9EDE07390B4352B29DD82079E398 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:02:42.0071 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:02:42.0071 5848 [ F8D4C122F9B78449AE0EE6FE44EAFFA5 ] C:\Windows\System32\inetsrv\iisres.dll
18:02:42.0071 5848 C:\Windows\System32\inetsrv\iisres.dll - ok
18:02:42.0087 5848 [ 6654EC286C836E72514C1127EEFB7D29 ] C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll
18:02:42.0087 5848 C:\Program Files\Trend Micro\AMSP\utilAccessControl.dll - ok
18:02:42.0087 5848 [ EF8CD3C64EE9C08980D6D06CCCE46C68 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:02:42.0087 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:02:42.0087 5848 [ 64894527838C86454E2F378FF39FA336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:02:42.0087 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:02:42.0087 5848 [ 9C2CB23B77E539D87B4652FA68A6C275 ] C:\Windows\System32\vssapi.dll
18:02:42.0087 5848 C:\Windows\System32\vssapi.dll - ok
18:02:42.0087 5848 [ F6FD367C9EAAEDF90CD7A7952AE0B336 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
18:02:42.0087 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:02:42.0102 5848 [ B3CC9EDFD97F7087013A9A47089DF571 ] C:\Windows\SysWOW64\ws2_32.dll
18:02:42.0102 5848 C:\Windows\SysWOW64\ws2_32.dll - ok
18:02:42.0102 5848 [ 78865ABC5F5D13190F8B35BD9044714A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
18:02:42.0102 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
18:02:42.0102 5848 [ 638C7596B493F5F77DB9EF6BAD8FE46C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:02:42.0102 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:02:42.0102 5848 [ FF9831030678C7B6D70BAC00F68F8976 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
18:02:42.0102 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:02:42.0102 5848 [ 5A963C340DE1A01BA6E24945CE05D16A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
18:02:42.0102 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:02:42.0102 5848 [ 5B5878314B78A6827BA4431C4C3379EB ] C:\Windows\System32\mlang.dll
18:02:42.0102 5848 C:\Windows\System32\mlang.dll - ok
18:02:42.0118 5848 [ 5579A2CE7756B59F4BB778AFDCAF2096 ] C:\Windows\System32\vsstrace.dll
18:02:42.0118 5848 C:\Windows\System32\vsstrace.dll - ok
18:02:42.0118 5848 [ F4BC62990E7E5C29799A895B80FC3177 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
18:02:42.0118 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:02:42.0118 5848 [ 1AFB56F8A39455ACBAB16A29A45C30AC ] C:\Windows\SysWOW64\nsi.dll
18:02:42.0118 5848 C:\Windows\SysWOW64\nsi.dll - ok
18:02:42.0118 5848 [ A02FEA71B9A7EC2AF4A072BFB06CAE54 ] C:\Program Files\Trend Micro\AMSP\module\10\2.5.1374\coreActionManager.dll
18:02:42.0118 5848 C:\Program Files\Trend Micro\AMSP\module\10\2.5.1374\coreActionManager.dll - ok
18:02:42.0118 5848 [ B1E63281081B64BB570EA5B3EC5146C5 ] C:\Windows\System32\sfc.dll
18:02:42.0118 5848 C:\Windows\System32\sfc.dll - ok
18:02:42.0118 5848 [ C954FE5796A0BFCDCDD8A9C210E9D2C3 ] C:\Windows\System32\sfc_os.dll
18:02:42.0118 5848 C:\Windows\System32\sfc_os.dll - ok
18:02:42.0134 5848 [ 149D74E1128A86DC9CFB2851FBEA11EB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
18:02:42.0134 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:02:42.0134 5848 [ 8E902EE869004D40F350C02C4E63B0CA ] C:\Windows\SysWOW64\winmm.dll
18:02:42.0134 5848 C:\Windows\SysWOW64\winmm.dll - ok
18:02:42.0134 5848 [ A2B03204078BBB32CDD3AF779717FCC4 ] C:\Windows\SysWOW64\wsock32.dll
18:02:42.0134 5848 C:\Windows\SysWOW64\wsock32.dll - ok
18:02:42.0134 5848 [ B2563BF75ACA1FE4B8CA39F383FB1A57 ] C:\Program Files\Trend Micro\AMSP\module\11\2.5.1374\coreScanManager.dll
18:02:42.0134 5848 C:\Program Files\Trend Micro\AMSP\module\11\2.5.1374\coreScanManager.dll - ok
18:02:42.0134 5848 [ F0E5C2AACB8DFD8EF2F7A67A12CCDA5D ] C:\Windows\System32\IDStore.dll
18:02:42.0134 5848 C:\Windows\System32\IDStore.dll - ok
18:02:42.0134 5848 [ 53B518707ECB8132E173ADAF42D68054 ] C:\Windows\System32\Windows.UI.Immersive.dll
18:02:42.0134 5848 C:\Windows\System32\Windows.UI.Immersive.dll - ok
18:02:42.0149 5848 [ F9D935D60C397809FC6E1E0676F4AC6E ] C:\Windows\System32\wuaext.dll
18:02:42.0149 5848 C:\Windows\System32\wuaext.dll - ok
18:02:42.0149 5848 [ FB6AEC7AE0725C48783E6023A9B20A00 ] C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
18:02:42.0149 5848 C:\Program Files\Trend Micro\AMSP\libprotobuf.dll - ok
18:02:42.0149 5848 [ F38DD05686AC8597BCD38C2F324900B9 ] C:\Windows\System32\AuthExt.dll
18:02:42.0149 5848 C:\Windows\System32\AuthExt.dll - ok
18:02:42.0149 5848 [ 554F73A015A84FA8B5F23635FE016314 ] C:\Windows\System32\wlidres.dll
18:02:42.0149 5848 C:\Windows\System32\wlidres.dll - ok
18:02:42.0149 5848 [ BC484B89C153942BF5D8BFBE832274E1 ] C:\Windows\System32\batmeter.dll
18:02:42.0149 5848 C:\Windows\System32\batmeter.dll - ok
18:02:42.0149 5848 [ 99F1AF16D1282E7EA71961727C371EF2 ] C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_49.dll
18:02:42.0149 5848 C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_49.dll - ok
18:02:42.0165 5848 [ 85F7AFD9C7DFD6824BAFDC5E5D7D4E86 ] C:\Windows\SysWOW64\SHCore.dll
18:02:42.0165 5848 C:\Windows\SysWOW64\SHCore.dll - ok
18:02:42.0165 5848 [ 5C539C92A7704C80EDB45BFD8D7F600F ] C:\Windows\SysWOW64\winmmbase.dll
18:02:42.0165 5848 C:\Windows\SysWOW64\winmmbase.dll - ok
18:02:42.0165 5848 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:02:42.0165 5848 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:02:42.0165 5848 [ 7D2306701584AE7B77B8622314B55F78 ] C:\Windows\SysWOW64\profapi.dll
18:02:42.0165 5848 C:\Windows\SysWOW64\profapi.dll - ok
18:02:42.0165 5848 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
18:02:42.0165 5848 C:\Windows\SysWOW64\dnssd.dll - ok
18:02:42.0165 5848 [ 58EE457D0D49A95A1E981F6F67FB560F ] C:\Windows\SysWOW64\userenv.dll
18:02:42.0165 5848 C:\Windows\SysWOW64\userenv.dll - ok
18:02:42.0181 5848 [ 715A1F4D2A064DA1DDCAC2533FAF780F ] C:\Windows\SysWOW64\wtsapi32.dll
18:02:42.0181 5848 C:\Windows\SysWOW64\wtsapi32.dll - ok
18:02:42.0181 5848 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
18:02:42.0181 5848 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:02:42.0181 5848 [ C317E72447B437F99CC750BD876DF30E ] C:\Windows\SysWOW64\mswsock.dll
18:02:42.0181 5848 C:\Windows\SysWOW64\mswsock.dll - ok
18:02:42.0181 5848 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:02:42.0181 5848 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:02:42.0181 5848 [ E7D3009627CE1EDC5C524CFDF2C5D282 ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
18:02:42.0181 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe - ok
18:02:42.0181 5848 [ 3C5846581F329FD6768E5E7C1780151E ] C:\Windows\System32\cryptcatsvc.dll
18:02:42.0181 5848 C:\Windows\System32\cryptcatsvc.dll - ok
18:02:42.0196 5848 [ F0E78B119D12BA81F163D48C0FF30B9A ] C:\Windows\System32\cryptsvc.dll
18:02:42.0196 5848 C:\Windows\System32\cryptsvc.dll - ok
18:02:42.0196 5848 [ DD236E26397C1C79D55684F5A72E1C3C ] C:\Windows\System32\PhotoMetadataHandler.dll
18:02:42.0196 5848 C:\Windows\System32\PhotoMetadataHandler.dll - ok
18:02:42.0196 5848 [ 5363B3EA54B526C345434B994B8B2C06 ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
18:02:42.0196 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe - ok
18:02:42.0196 5848 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\msvcp71.dll
18:02:42.0196 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\msvcp71.dll - ok
18:02:42.0196 5848 [ 05C4C7AEF684E2CC5F8161D4F696F9D7 ] C:\Program Files\Trend Micro\AMSP\module\2\2.5.1374\coreCommandManager.dll
18:02:42.0196 5848 C:\Program Files\Trend Micro\AMSP\module\2\2.5.1374\coreCommandManager.dll - ok
18:02:42.0196 5848 [ 42FF7DC63C1CB122CE2C8061B5FE4390 ] C:\Windows\SysWOW64\shfolder.dll
18:02:42.0196 5848 C:\Windows\SysWOW64\shfolder.dll - ok
18:02:42.0212 5848 [ 314E662DD78AF3F7766BA25162BEEEDA ] C:\Windows\SysWOW64\wininet.dll
18:02:42.0212 5848 C:\Windows\SysWOW64\wininet.dll - ok
18:02:42.0212 5848 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\msvcr71.dll
18:02:42.0212 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\msvcr71.dll - ok
18:02:42.0212 5848 [ 3588D5D12FF7BFEBF2A4955C36B38EB0 ] C:\Windows\SysWOW64\psapi.dll
18:02:42.0212 5848 C:\Windows\SysWOW64\psapi.dll - ok
18:02:42.0212 5848 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] C:\Windows\System32\das.dll
18:02:42.0212 5848 C:\Windows\System32\das.dll - ok
18:02:42.0212 5848 [ 109FC3F80BF4F4DC5A071058074F13C1 ] C:\Windows\System32\dps.dll
18:02:42.0212 5848 C:\Windows\System32\dps.dll - ok
18:02:42.0212 5848 [ 872506AAB591E8908DF4461475AF92DF ] C:\Windows\System32\FDResPub.dll
18:02:42.0212 5848 C:\Windows\System32\FDResPub.dll - ok
18:02:42.0212 5848 [ 531B5A98145DA689741A0AC18F14EA94 ] C:\Windows\System32\IKEEXT.DLL
18:02:42.0212 5848 C:\Windows\System32\IKEEXT.DLL - ok
18:02:42.0227 5848 [ 70B5BD19740464A41B835C082819B74D ] C:\Windows\System32\WSDApi.dll
18:02:42.0227 5848 C:\Windows\System32\WSDApi.dll - ok
18:02:42.0227 5848 [ B278B76FF26BE911DD369724612F2D03 ] C:\Windows\System32\dasHost.exe
18:02:42.0227 5848 C:\Windows\System32\dasHost.exe - ok
18:02:42.0227 5848 [ 509192E80BF34E985C4D277A8FFF2893 ] C:\Windows\System32\webservices.dll
18:02:42.0227 5848 C:\Windows\System32\webservices.dll - ok
18:02:42.0227 5848 [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:02:42.0227 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:02:42.0227 5848 [ 2E14406E05789F91C9282AE7CFCA3A07 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
18:02:42.0227 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:02:42.0227 5848 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
18:02:42.0227 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe - ok
18:02:42.0243 5848 [ 6C20BD6E46D606CB40A13C22D52B90C7 ] C:\Windows\SysWOW64\powrprof.dll
18:02:42.0243 5848 C:\Windows\SysWOW64\powrprof.dll - ok
18:02:42.0243 5848 [ BD483C1AE32D5B21A22CABE74A9D4798 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
18:02:42.0243 5848 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
18:02:42.0243 5848 [ 47E892006A6155BE617F526E02CA09DD ] C:\Windows\System32\fundisc.dll
18:02:42.0243 5848 C:\Windows\System32\fundisc.dll - ok
18:02:42.0243 5848 [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
18:02:42.0243 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
18:02:42.0243 5848 [ 04BBB80AA805B156A68F991F364218EE ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMediaServer.dll
18:02:42.0243 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMS\CLMediaServer.dll - ok
18:02:42.0259 5848 [ C37508B16F7C26CDF20BAD5646034670 ] C:\Windows\System32\vpnikeapi.dll
18:02:42.0259 5848 C:\Windows\System32\vpnikeapi.dll - ok
18:02:42.0259 5848 [ E896C75EE5CB36A252B1C908E2DDAB2C ] C:\Windows\SysWOW64\NapiNSP.dll
18:02:42.0259 5848 C:\Windows\SysWOW64\NapiNSP.dll - ok
18:02:42.0259 5848 [ FB69B7E36AC72474C26E7EEB996228A3 ] C:\Windows\SysWOW64\nlaapi.dll
18:02:42.0259 5848 C:\Windows\SysWOW64\nlaapi.dll - ok
18:02:42.0259 5848 [ E31D5851E5F789D29DB955C75C3760BA ] C:\Windows\SysWOW64\pnrpnsp.dll
18:02:42.0259 5848 C:\Windows\SysWOW64\pnrpnsp.dll - ok
18:02:42.0259 5848 [ A202E73D2906E7093BC00444DF4D7784 ] C:\Windows\SysWOW64\iertutil.dll
18:02:42.0259 5848 C:\Windows\SysWOW64\iertutil.dll - ok
18:02:42.0259 5848 [ 7911470B6018059A880469A63B65700A ] C:\Windows\System32\winhttp.dll
18:02:42.0259 5848 C:\Windows\System32\winhttp.dll - ok
18:02:42.0259 5848 [ BB3717D6FC27A22D0403C825A93BC068 ] C:\Windows\SysWOW64\dnsapi.dll
18:02:42.0259 5848 C:\Windows\SysWOW64\dnsapi.dll - ok
18:02:42.0274 5848 [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
18:02:42.0274 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
18:02:42.0274 5848 [ 282191A781E23B9CB50BF7652A5F511C ] C:\Windows\System32\httpapi.dll
18:02:42.0274 5848 C:\Windows\System32\httpapi.dll - ok
18:02:42.0274 5848 [ 8BA9851E671E8B5E49E303748FFD530C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
18:02:42.0274 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:02:42.0274 5848 [ CABE28C5A1AA6C51BD827B1C3DC97B49 ] C:\Program Files\Trend Micro\AMSP\module\3\2.5.1374\coreEventManager.dll
18:02:42.0274 5848 C:\Program Files\Trend Micro\AMSP\module\3\2.5.1374\coreEventManager.dll - ok
18:02:42.0274 5848 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
18:02:42.0274 5848 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
18:02:42.0274 5848 [ BAB337D3F4C2ECDF883B9CAEC41F49FB ] C:\Windows\SysWOW64\winrnr.dll
18:02:42.0274 5848 C:\Windows\SysWOW64\winrnr.dll - ok
18:02:42.0290 5848 [ 631FB40C600849898482875EEA002F16 ] C:\Windows\SysWOW64\wshbth.dll
18:02:42.0290 5848 C:\Windows\SysWOW64\wshbth.dll - ok
18:02:42.0290 5848 [ 84F0DC88E6AE4B49B032509868B4BD73 ] C:\Windows\SysWOW64\dhcpcsvc.dll
18:02:42.0290 5848 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
18:02:42.0290 5848 [ 77ADCD16CCEB8A9AD1FD81FC464B1A6B ] C:\Windows\SysWOW64\winnsi.dll
18:02:42.0290 5848 C:\Windows\SysWOW64\winnsi.dll - ok
18:02:42.0290 5848 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll
18:02:42.0290 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamcore.dll - ok
18:02:42.0290 5848 [ 5E33C164DC7FA74728D8A83036C438BB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
18:02:42.0290 5848 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:02:42.0290 5848 [ 785838B984563D12D4612256D2C78B48 ] C:\Windows\SysWOW64\mpr.dll
18:02:42.0290 5848 C:\Windows\SysWOW64\mpr.dll - ok
18:02:42.0306 5848 [ 866AF645A3B1F4358C4201CE089839EA ] C:\Windows\System32\Drivers\mqac.sys
18:02:42.0306 5848 C:\Windows\System32\Drivers\mqac.sys - ok
18:02:42.0306 5848 [ 9765A16624C3B82B931338FECA51EDEA ] C:\Windows\System32\mqqm.dll
18:02:42.0306 5848 C:\Windows\System32\mqqm.dll - ok
18:02:42.0306 5848 [ 80FF037D6184FFACB2740A50C7949D20 ] C:\Windows\System32\mqsvc.exe
18:02:42.0306 5848 C:\Windows\System32\mqsvc.exe - ok
18:02:42.0306 5848 [ 2A38ADAF170008C6B9D7D0323A5B26E9 ] C:\Program Files\Trend Micro\AMSP\module\4\2.5.1374\coreTaskManager.dll
18:02:42.0306 5848 C:\Program Files\Trend Micro\AMSP\module\4\2.5.1374\coreTaskManager.dll - ok
18:02:42.0306 5848 [ 7D20883F79FF846AEE49678238BE8A7A ] C:\Windows\SysWOW64\cryptsp.dll
18:02:42.0306 5848 C:\Windows\SysWOW64\cryptsp.dll - ok
18:02:42.0306 5848 [ A7E47FACEBB9F492E9DE3D592EAD4AFF ] C:\Program Files\Trend Micro\AMSP\module\6\2.5.1374\coreReportManager.dll
18:02:42.0306 5848 C:\Program Files\Trend Micro\AMSP\module\6\2.5.1374\coreReportManager.dll - ok
18:02:42.0306 5848 [ 46211947C1F1953B74C33FC80ECD3C6A ] C:\Windows\SysWOW64\rsaenh.dll
18:02:42.0306 5848 C:\Windows\SysWOW64\rsaenh.dll - ok
18:02:42.0321 5848 [ CEB35EB551BE4F216691255D38867346 ] C:\Windows\System32\activeds.dll
18:02:42.0321 5848 C:\Windows\System32\activeds.dll - ok
18:02:42.0321 5848 [ BD7032D44C369C1D49E501A279E85123 ] C:\Program Files\Trend Micro\AMSP\module\1000001\2.5.1331\paCoreProductAdaptor.dll
18:02:42.0321 5848 C:\Program Files\Trend Micro\AMSP\module\1000001\2.5.1331\paCoreProductAdaptor.dll - ok
18:02:42.0321 5848 [ FA6C8E59B74908550607EBEDCD7BA1E2 ] C:\Windows\System32\secur32.dll
18:02:42.0321 5848 C:\Windows\System32\secur32.dll - ok
18:02:42.0321 5848 [ 721CAFC7474688EFB2961726DBBF1C78 ] C:\Windows\System32\wsock32.dll
18:02:42.0321 5848 C:\Windows\System32\wsock32.dll - ok
18:02:42.0321 5848 [ 32550CE9B5AFB962A1BB8D995E76688D ] C:\Windows\System32\clusapi.dll
18:02:42.0321 5848 C:\Windows\System32\clusapi.dll - ok
18:02:42.0337 5848 [ 7CE118FFB27F30A4BF159A22C7B2C0CD ] C:\Windows\System32\dsparse.dll
18:02:42.0337 5848 C:\Windows\System32\dsparse.dll - ok
18:02:42.0337 5848 [ 0027A3132B3DA10A75A26B40EB75462B ] C:\Windows\System32\mqutil.dll
18:02:42.0337 5848 C:\Windows\System32\mqutil.dll - ok
18:02:42.0337 5848 [ AB74105622BBE9EE069AC56666DBC696 ] C:\Windows\System32\Windows.Globalization.dll
18:02:42.0337 5848 C:\Windows\System32\Windows.Globalization.dll - ok
18:02:42.0337 5848 [ 20EEE90079E24853739B94C8E6E49165 ] C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll
18:02:42.0337 5848 C:\Program Files\Trend Micro\AMSP\utilJsonHandle.dll - ok
18:02:42.0337 5848 [ DC220877B20A1B92E80D0291263CE7DE ] C:\Windows\System32\mqsec.dll
18:02:42.0337 5848 C:\Windows\System32\mqsec.dll - ok
18:02:42.0337 5848 [ F060A60A25795660852D43DC6661A28E ] C:\Program Files\Trend Micro\AMSP\inner_AMSP_ClientLibrary.dll
18:02:42.0337 5848 C:\Program Files\Trend Micro\AMSP\inner_AMSP_ClientLibrary.dll - ok
18:02:42.0352 5848 [ 6AE7DC415EFF4840512E5354CE99F4A5 ] C:\Windows\System32\adsldpc.dll
18:02:42.0352 5848 C:\Windows\System32\adsldpc.dll - ok
18:02:42.0352 5848 [ 185C71A41C02724A56BA625578651817 ] C:\Windows\System32\NetworkStatus.dll
18:02:42.0352 5848 C:\Windows\System32\NetworkStatus.dll - ok
18:02:42.0352 5848 [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] C:\Windows\System32\Drivers\Ndu.sys
18:02:42.0352 5848 C:\Windows\System32\Drivers\Ndu.sys - ok
18:02:42.0352 5848 [ 89519D29CBEC2121CA65CC29C4D345E0 ] C:\Windows\System32\netman.dll
18:02:42.0352 5848 C:\Windows\System32\netman.dll - ok
18:02:42.0352 5848 [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] C:\Windows\System32\nlasvc.dll
18:02:42.0352 5848 C:\Windows\System32\nlasvc.dll - ok
18:02:42.0352 5848 [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:02:42.0352 5848 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:02:42.0352 5848 [ 04C84B41AD7BC0C663A613CA9E3D3FC5 ] C:\Windows\System32\rasadhlp.dll
18:02:42.0352 5848 C:\Windows\System32\rasadhlp.dll - ok
18:02:42.0368 5848 [ 4215C49E751ECA4BC42B3C10C8A55950 ] C:\Windows\System32\ncryptsslp.dll
18:02:42.0368 5848 C:\Windows\System32\ncryptsslp.dll - ok
18:02:42.0368 5848 [ F6E06380D717875F6AEFC2B0694B9E9D ] C:\Windows\System32\ncryptprov.dll
18:02:42.0368 5848 C:\Windows\System32\ncryptprov.dll - ok
18:02:42.0368 5848 [ D47794FC9B672034F4932B47016A4998 ] C:\Windows\System32\ncsi.dll
18:02:42.0368 5848 C:\Windows\System32\ncsi.dll - ok
18:02:42.0368 5848 [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
18:02:42.0368 5848 C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe - ok
18:02:42.0368 5848 [ 0515FF4F49057EDE5FAAB6537D26D5EB ] C:\Windows\System32\dssenh.dll
18:02:42.0368 5848 C:\Windows\System32\dssenh.dll - ok
18:02:42.0368 5848 [ 5858AA1B5AF20C37B186971A21460A4E ] C:\Windows\System32\ssdpapi.dll
18:02:42.0368 5848 C:\Windows\System32\ssdpapi.dll - ok
18:02:42.0384 5848 [ A58BF529A259A9A6ACC60BE75537F9D1 ] C:\Program Files\Trend Micro\AMSP\module\20015\2.5.1331\1.0.1016\plugAdapterELAM.dll
18:02:42.0384 5848 C:\Program Files\Trend Micro\AMSP\module\20015\2.5.1331\1.0.1016\plugAdapterELAM.dll - ok
18:02:42.0384 5848 [ 2A8BFB22474E1461511E9428D5F4C001 ] C:\Windows\System32\mqlogmgr.dll
18:02:42.0384 5848 C:\Windows\System32\mqlogmgr.dll - ok
18:02:42.0384 5848 [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll
18:02:42.0384 5848 C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll - ok
18:02:42.0384 5848 [ 5C32C180AB29655EFDFF6B7F91271775 ] C:\Windows\System32\msftedit.dll
18:02:42.0384 5848 C:\Windows\System32\msftedit.dll - ok
18:02:42.0384 5848 [ BE9B25E446E3AF0F9857C6A3C7B5ABC1 ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\plugAdapterOsprey.dll
18:02:42.0384 5848 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\plugAdapterOsprey.dll - ok
18:02:42.0384 5848 [ C31FA031335EFF434B2D94278E74BCCE ] C:\Windows\System32\Drivers\npf.sys
18:02:42.0384 5848 C:\Windows\System32\Drivers\npf.sys - ok
18:02:42.0399 5848 [ A773AA47341A1FD16C6A9BA3C11D7DAA ] C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
18:02:42.0399 5848 C:\Program Files (x86)\Cyberlink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys - ok
18:02:42.0399 5848 [ 4811D9EC53649105A5A8BEA661B0F936 ] C:\Windows\System32\pcasvc.dll
18:02:42.0399 5848 C:\Windows\System32\pcasvc.dll - ok
18:02:42.0399 5848 [ 70DBB6A8B52B3830922F1C5789E1BEEB ] C:\Windows\System32\Drivers\PEAuth.sys
18:02:42.0399 5848 C:\Windows\System32\Drivers\PEAuth.sys - ok
18:02:42.0399 5848 [ 1580A33C6CD8E0117247A48C31825D6E ] C:\Windows\System32\aepic.dll
18:02:42.0399 5848 C:\Windows\System32\aepic.dll - ok
18:02:42.0399 5848 [ 47AC075FC4DE7DCF690E861B9B2C22A9 ] C:\Windows\System32\ninput.dll
18:02:42.0399 5848 C:\Windows\System32\ninput.dll - ok
18:02:42.0399 5848 [ C3E0713F9F00E931DA4C2BF728029998 ] C:\Program Files\Trend Micro\AMSP\module\20017\1.0.1030\plugAdapterTMEBC.dll
18:02:42.0399 5848 C:\Program Files\Trend Micro\AMSP\module\20017\1.0.1030\plugAdapterTMEBC.dll - ok
18:02:42.0399 5848 [ 543A4EF0923BF70D126625B034EF25AF ] C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
18:02:42.0399 5848 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe - ok
18:02:42.0415 5848 [ 41E843174754F87D86EF0FBF7F60DB0D ] C:\Windows\SysWOW64\oleacc.dll
18:02:42.0415 5848 C:\Windows\SysWOW64\oleacc.dll - ok
18:02:42.0415 5848 [ 330BD755E1CA778387FB1D27EF397DA1 ] C:\Program Files\Trend Micro\AMSP\module\10000\2.5.1331\9.700.1001\plugEngineVSAPI.dll
18:02:42.0415 5848 C:\Program Files\Trend Micro\AMSP\module\10000\2.5.1331\9.700.1001\plugEngineVSAPI.dll - ok
18:02:42.0415 5848 [ 7A3B96DE45ED3AB1B6BAA1D0B7B9869B ] C:\Windows\SysWOW64\comctl32.dll
18:02:42.0415 5848 C:\Windows\SysWOW64\comctl32.dll - ok
18:02:42.0415 5848 [ E80DD61E52EDFFF9DA1ED7260A68855B ] C:\Windows\System32\regsvc.dll
18:02:42.0415 5848 C:\Windows\System32\regsvc.dll - ok
18:02:42.0415 5848 [ 6AF2152593A409D3316D1566CBF7709B ] C:\Program Files\Trend Micro\AMSP\module\10001\2.5.1331\6.2.1039\plugEngineSSAPI.dll
18:02:42.0415 5848 C:\Program Files\Trend Micro\AMSP\module\10001\2.5.1331\6.2.1039\plugEngineSSAPI.dll - ok
18:02:42.0431 5848 [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
18:02:42.0431 5848 C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe - ok
18:02:42.0431 5848 [ 354D3D034709206BC0A4CDFD902F7550 ] C:\Program Files (x86)\Trend Micro\RUBotted\hc_help.dll
18:02:42.0431 5848 C:\Program Files (x86)\Trend Micro\RUBotted\hc_help.dll - ok
18:02:42.0431 5848 [ 7C08AB759FCDD326CD215C8142821BED ] C:\Program Files\Trend Micro\AMSP\module\10002\2.5.1331\7.0.1028\plugEngineDCE.dll
18:02:42.0431 5848 C:\Program Files\Trend Micro\AMSP\module\10002\2.5.1331\7.0.1028\plugEngineDCE.dll - ok
18:02:42.0431 5848 [ DAE5F233818083AF69E2E5133A50A2CB ] C:\Windows\SysWOW64\wpcap.dll
18:02:42.0431 5848 C:\Windows\SysWOW64\wpcap.dll - ok
18:02:42.0431 5848 [ 859B368D5C2EB6AFEBEDD7366134B401 ] C:\Program Files\Trend Micro\AMSP\module\10004\6.0.1056\6.0.1056\plugEngineAEGIS.dll
18:02:42.0431 5848 C:\Program Files\Trend Micro\AMSP\module\10004\6.0.1056\6.0.1056\plugEngineAEGIS.dll - ok
18:02:42.0431 5848 [ F19EF622B44422E5DDB75D0AE1ACB427 ] C:\Windows\SysWOW64\Packet.dll
18:02:42.0431 5848 C:\Windows\SysWOW64\Packet.dll - ok
18:02:42.0446 5848 [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\Drivers\secdrv.sys
18:02:42.0446 5848 C:\Windows\System32\Drivers\secdrv.sys - ok
18:02:42.0446 5848 [ 29C852880E9634F8C6BD77A4E68B5B34 ] C:\Program Files (x86)\Secunia\PSI\sua.exe
18:02:42.0446 5848 C:\Program Files (x86)\Secunia\PSI\sua.exe - ok
18:02:42.0446 5848 [ 27D2B6138B0706C639DAD81F4AA23926 ] C:\Program Files\Trend Micro\AMSP\module\10005\2.5.1331\3.6.1008\plugEngineTMUFE.dll
18:02:42.0446 5848 C:\Program Files\Trend Micro\AMSP\module\10005\2.5.1331\3.6.1008\plugEngineTMUFE.dll - ok
18:02:42.0446 5848 [ 5C96F30D1144AB5D8F03DFF045B8C791 ] C:\Windows\SysWOW64\netapi32.dll
18:02:42.0446 5848 C:\Windows\SysWOW64\netapi32.dll - ok
18:02:42.0446 5848 [ 7FFC244DFE77909A13F52CF54B1FE475 ] C:\Windows\SysWOW64\netutils.dll
18:02:42.0446 5848 C:\Windows\SysWOW64\netutils.dll - ok
18:02:42.0446 5848 [ DDF8C39C085D2E98BD030B3E8A1F40B8 ] C:\Windows\SysWOW64\secur32.dll
18:02:42.0446 5848 C:\Windows\SysWOW64\secur32.dll - ok
18:02:42.0462 5848 [ D8533AF2AAE712047A3CCAC9AC98EDC4 ] C:\Windows\SysWOW64\srvcli.dll
18:02:42.0462 5848 C:\Windows\SysWOW64\srvcli.dll - ok
18:02:42.0462 5848 [ 0F3B2F57676DEBB7F86B74A51BEC079C ] C:\Windows\SysWOW64\dhcpcsvc6.dll
18:02:42.0462 5848 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
18:02:42.0462 5848 [ 182DD861AD25CD72AE6F3B54AE7AA8AD ] C:\Windows\SysWOW64\wkscli.dll
18:02:42.0462 5848 C:\Windows\SysWOW64\wkscli.dll - ok
18:02:42.0462 5848 [ C3CD50F19851FB3DB7A9418B32E1FEC1 ] C:\Windows\SysWOW64\samcli.dll
18:02:42.0462 5848 C:\Windows\SysWOW64\samcli.dll - ok
18:02:42.0462 5848 [ 469A0EBE3D3F22B9A4B6546DEF75CC93 ] C:\Program Files\Trend Micro\AMSP\module\10007\2.5.1331\2.51.1006\plugEngineTMFBE.dll
18:02:42.0462 5848 C:\Program Files\Trend Micro\AMSP\module\10007\2.5.1331\2.51.1006\plugEngineTMFBE.dll - ok
18:02:42.0462 5848 [ 9400C71F5A1A380B494B6922F007D485 ] C:\Windows\System32\Drivers\srvnet.sys
18:02:42.0462 5848 C:\Windows\System32\Drivers\srvnet.sys - ok
18:02:42.0462 5848 [ 8F2A13A5DF99D72FDDE87F502A66F989 ] C:\Windows\System32\Drivers\tcpipreg.sys
18:02:42.0462 5848 C:\Windows\System32\Drivers\tcpipreg.sys - ok
18:02:42.0477 5848 [ D233B16999A8E626F6004BD7814C57EC ] C:\Windows\System32\sstpsvc.dll
18:02:42.0477 5848 C:\Windows\System32\sstpsvc.dll - ok
18:02:42.0477 5848 [ DC21E1F06343773D7E24362DCEF7944B ] C:\Windows\System32\sysmain.dll
18:02:42.0477 5848 C:\Windows\System32\sysmain.dll - ok
18:02:42.0477 5848 [ 88B7721AB551C4325036B25A34A2BF7B ] C:\Windows\System32\tapisrv.dll
18:02:42.0477 5848 C:\Windows\System32\tapisrv.dll - ok
18:02:42.0477 5848 [ 3B59304441B7610980976801272C8261 ] C:\Windows\System32\Drivers\tmeevw.sys
18:02:42.0477 5848 C:\Windows\System32\Drivers\tmeevw.sys - ok
18:02:42.0477 5848 [ 68C78A00A363115D2C047CA240ACD7E8 ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\plugEngineICRC.dll
18:02:42.0477 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\plugEngineICRC.dll - ok
18:02:42.0493 5848 [ C84B51243DF6A6C5835FF6CAEC5C6B97 ] C:\Windows\System32\webio.dll
18:02:42.0493 5848 C:\Windows\System32\webio.dll - ok
18:02:42.0493 5848 [ 1F7561B4F429C76D114B5274F21AA4F1 ] C:\Program Files\Trend Micro\AMSP\module\20001\2.5.1339\5.50.1043\plugAdapterSystem.dll
18:02:42.0493 5848 C:\Program Files\Trend Micro\AMSP\module\20001\2.5.1339\5.50.1043\plugAdapterSystem.dll - ok
18:02:42.0493 5848 [ D74634B2F800020A1D7F96D28CD58063 ] C:\Program Files\Trend Micro\AMSP\module\30000\2.5.1402\plugRealtimeScanFlow.dll
18:02:42.0493 5848 C:\Program Files\Trend Micro\AMSP\module\30000\2.5.1402\plugRealtimeScanFlow.dll - ok
18:02:42.0493 5848 [ E437B86F9004ADFE3AF3BED451EB09C2 ] C:\Program Files\Trend Micro\AMSP\module\30001\2.5.1331\plugManualScanFlow.dll
18:02:42.0493 5848 C:\Program Files\Trend Micro\AMSP\module\30001\2.5.1331\plugManualScanFlow.dll - ok
18:02:42.0493 5848 [ F397BAD384118820255D619F1F56CD60 ] C:\Program Files\Trend Micro\AMSP\module\30004\2.5.1331\plugRealTimeScanCache.dll
18:02:42.0493 5848 C:\Program Files\Trend Micro\AMSP\module\30004\2.5.1331\plugRealTimeScanCache.dll - ok
18:02:42.0493 5848 [ 0FED34E72250A068BC4E7BA6EA07E7A0 ] C:\Windows\System32\Drivers\tmnciesc.sys
18:02:42.0493 5848 C:\Windows\System32\Drivers\tmnciesc.sys - ok
18:02:42.0509 5848 [ 533EE0ADC2DAC5A4377F1DE66BB9B858 ] C:\Program Files\Trend Micro\AMSP\module\40000\2.5.1331\5.50.1043\plugUtilRCM.dll
18:02:42.0509 5848 C:\Program Files\Trend Micro\AMSP\module\40000\2.5.1331\5.50.1043\plugUtilRCM.dll - ok
18:02:42.0509 5848 [ A371ED5E08FC782AD180869BF1E2A27A ] C:\Windows\System32\Drivers\tmusa.sys
18:02:42.0509 5848 C:\Windows\System32\Drivers\tmusa.sys - ok
18:02:42.0509 5848 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] C:\Windows\System32\trkwks.dll
18:02:42.0509 5848 C:\Windows\System32\trkwks.dll - ok
18:02:42.0509 5848 [ 901CC968412F8155B08D7ABE0171166A ] C:\Windows\System32\inetsrv\iisw3adm.dll
18:02:42.0509 5848 C:\Windows\System32\inetsrv\iisw3adm.dll - ok
18:02:42.0509 5848 [ BB4CD4BA612A53A323F2D3AEED0723B8 ] C:\Windows\System32\inetsrv\w3tp.dll
18:02:42.0509 5848 C:\Windows\System32\inetsrv\w3tp.dll - ok
18:02:42.0509 5848 [ 2277CD5B13B18B6DF5F80E8A84254EA7 ] C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
18:02:42.0509 5848 C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe - ok
18:02:42.0524 5848 [ 0268A78012488A53D2EB313BE0539565 ] C:\Program Files\Trend Micro\AMSP\module\40001\2.6.1190\plugUtilEnum.dll
18:02:42.0524 5848 C:\Program Files\Trend Micro\AMSP\module\40001\2.6.1190\plugUtilEnum.dll - ok
18:02:42.0524 5848 [ 62F46FB1AED31B289F6A64718A3E5ECF ] C:\Windows\SysWOW64\clbcatq.dll
18:02:42.0524 5848 C:\Windows\SysWOW64\clbcatq.dll - ok
18:02:42.0524 5848 [ DA3021EFAC1D185AC725AFCCD3398521 ] C:\Windows\System32\msi.dll
18:02:42.0524 5848 C:\Windows\System32\msi.dll - ok
18:02:42.0524 5848 [ 71DA7A42C6E229ABE756C643335A4B98 ] C:\Windows\SysWOW64\upnp.dll
18:02:42.0524 5848 C:\Windows\SysWOW64\upnp.dll - ok
18:02:42.0524 5848 [ 7A4797475ABAD6ECF1BCB08637922ECA ] C:\Windows\SysWOW64\winhttp.dll
18:02:42.0524 5848 C:\Windows\SysWOW64\winhttp.dll - ok
18:02:42.0524 5848 [ CCCCF2E9EFD54111F65E199BE39688F0 ] C:\Windows\SysWOW64\ssdpapi.dll
18:02:42.0524 5848 C:\Windows\SysWOW64\ssdpapi.dll - ok
18:02:42.0540 5848 [ A578AE45097ACAD346C86C96F1C0D5A7 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
18:02:42.0540 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe - ok
18:02:42.0540 5848 [ 2946E0E1A6078AE2E2F60914EB53E443 ] C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\plugAdapterBP.dll
18:02:42.0540 5848 C:\Program Files\Trend Micro\AMSP\module\20002\7.5.1125\7.5.1125\plugAdapterBP.dll - ok
18:02:42.0540 5848 [ D77A1818BC2708E79176DE1697E44453 ] C:\Program Files\Trend Micro\AMSP\module\10009\3.6.1029\3.6.1029\plugEngineLCE.dll
18:02:42.0540 5848 C:\Program Files\Trend Micro\AMSP\module\10009\3.6.1029\3.6.1029\plugEngineLCE.dll - ok
18:02:42.0540 5848 [ 460ADD46E104E54915D89B3C7B7817C4 ] C:\Program Files\Trend Micro\AMSP\module\10010\3.6.1029\3.6.1029\plugEngineLES.dll
18:02:42.0540 5848 C:\Program Files\Trend Micro\AMSP\module\10010\3.6.1029\3.6.1029\plugEngineLES.dll - ok
18:02:42.0540 5848 [ 2837C8A01729407765CBCD4EC0645063 ] C:\Windows\SysWOW64\mscoree.dll
18:02:42.0540 5848 C:\Windows\SysWOW64\mscoree.dll - ok
18:02:42.0540 5848 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\Windows\SysWOW64\msvcr100.dll
18:02:42.0540 5848 C:\Windows\SysWOW64\msvcr100.dll - ok
18:02:42.0556 5848 [ 7E781C9A0C39B4DC4AF3BE8B9CC2FD8C ] C:\Program Files\Trend Micro\AMSP\module\40002\2.5.1402\plugUtilSysInfo.dll
18:02:42.0556 5848 C:\Program Files\Trend Micro\AMSP\module\40002\2.5.1402\plugUtilSysInfo.dll - ok
18:02:42.0556 5848 [ 5125C1F27F8537F33076D0C0151F6B7F ] C:\Windows\SysWOW64\dbghelp.dll
18:02:42.0556 5848 C:\Windows\SysWOW64\dbghelp.dll - ok
18:02:42.0556 5848 [ 20D563632B73B9BDEFADA51210AF6B9A ] C:\Program Files\Trend Micro\AMSP\module\30005\3.0.1052\plugLocalCorrelationFlow.dll
18:02:42.0556 5848 C:\Program Files\Trend Micro\AMSP\module\30005\3.0.1052\plugLocalCorrelationFlow.dll - ok
18:02:42.0556 5848 [ 06ADA73672F6773457BF165FD9849462 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:02:42.0556 5848 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:02:42.0556 5848 [ E949BC9BFF7AD86D40EF56D00A414D91 ] C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\plugEngineTMSA.dll
18:02:42.0556 5848 C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\plugEngineTMSA.dll - ok
18:02:42.0571 5848 [ 8BEA77B663240216293A267A084BC368 ] C:\Program Files\Trend Micro\AMSP\module\30006\2.5.1331\plugCommonScanCache.dll
18:02:42.0571 5848 C:\Program Files\Trend Micro\AMSP\module\30006\2.5.1331\plugCommonScanCache.dll - ok
18:02:42.0571 5848 [ 2516089BB603D22C9F577B97C2A443DC ] C:\Program Files\Trend Micro\AMSP\module\40003\2.5.1331\2.5.1331\plugUtilException.dll
18:02:42.0571 5848 C:\Program Files\Trend Micro\AMSP\module\40003\2.5.1331\2.5.1331\plugUtilException.dll - ok
18:02:42.0571 5848 [ 5ED76F781AC99D84E2FAE1C24CD769BF ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
18:02:42.0571 5848 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
18:02:42.0571 5848 [ 98D9EC5E81ECFCCEEB94894D19AA9F7E ] C:\Windows\System32\mpr.dll
18:02:42.0571 5848 C:\Windows\System32\mpr.dll - ok
18:02:42.0571 5848 [ 9ADD3FD7EC8F25A271AB569BE891F9A5 ] C:\Program Files\Trend Micro\AMSP\module\10012\1.6.1018\1.6.1018\plugEngineDre.dll
18:02:42.0571 5848 C:\Program Files\Trend Micro\AMSP\module\10012\1.6.1018\1.6.1018\plugEngineDre.dll - ok
18:02:42.0587 5848 [ E070EF278B54B4B0529E2CB021957B41 ] C:\Program Files\Trend Micro\AMSP\module\20009\1.5.1012\1.5.1012\plugAdapterNCIE.dll
18:02:42.0587 5848 C:\Program Files\Trend Micro\AMSP\module\20009\1.5.1012\1.5.1012\plugAdapterNCIE.dll - ok
18:02:42.0587 5848 [ 956B6ACA4EFF31046403F0DD6235332E ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
18:02:42.0587 5848 C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
18:02:42.0587 5848 [ 717BCEAF7C2DDC070EFA7685B0D7F4C6 ] C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\plugAdapterEagleEye.dll
18:02:42.0587 5848 C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\plugAdapterEagleEye.dll - ok
18:02:42.0587 5848 [ 45A66E49D1088DF57797248024B41F1A ] C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\plugEngineWL.dll
18:02:42.0587 5848 C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\plugEngineWL.dll - ok
18:02:42.0587 5848 [ 518E053EADA615DF7BE0473B65FD2E41 ] C:\Program Files\Trend Micro\AMSP\module\10013\2.5.1331\1.0.1069\plugEnginePeDif.dll
18:02:42.0587 5848 C:\Program Files\Trend Micro\AMSP\module\10013\2.5.1331\1.0.1069\plugEnginePeDif.dll - ok
18:02:42.0587 5848 [ 8F1C4121A6900BDB85E7D6BD8E90A3F3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll
18:02:42.0587 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll - ok
18:02:42.0602 5848 [ 813B222F7EFCC3A3115BB657C1A0CA6F ] C:\Program Files\Trend Micro\AMSP\module\10014\1.6.1085\1.6.1085\plugEngineTmCDE.dll
18:02:42.0602 5848 C:\Program Files\Trend Micro\AMSP\module\10014\1.6.1085\1.6.1085\plugEngineTmCDE.dll - ok
18:02:42.0602 5848 [ EEAB9C9C470ABFFF9B0D21C039ECD8A7 ] C:\Program Files\Trend Micro\AMSP\module\40004\2.5.1331\plugUtilLowConfDB.dll
18:02:42.0602 5848 C:\Program Files\Trend Micro\AMSP\module\40004\2.5.1331\plugUtilLowConfDB.dll - ok
18:02:42.0602 5848 [ D4B918B37BE6F29A71E3466762672FD2 ] C:\Program Files\Trend Micro\AMSP\module\30007\2.5.1371\2.5.1371\plugCensus.dll
18:02:42.0602 5848 C:\Program Files\Trend Micro\AMSP\module\30007\2.5.1371\2.5.1371\plugCensus.dll - ok
18:02:42.0602 5848 [ D6F4D1CBF6AA673DD1A423CAA7E46AFB ] C:\Program Files\Trend Micro\AMSP\module\10016\2.5.1331\2.0.1001\plugEngineSMV.dll
18:02:42.0602 5848 C:\Program Files\Trend Micro\AMSP\module\10016\2.5.1331\2.0.1001\plugEngineSMV.dll - ok
18:02:42.0602 5848 [ 0F8524B614E93C499F9A32B3A0259229 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
18:02:42.0602 5848 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
18:02:42.0602 5848 [ E870AABC9D31A15934848F3FE512E049 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDIO.dll
18:02:42.0602 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\WDIO.dll - ok
18:02:42.0618 5848 [ BC83108B18756547013ED443B8CDB31B ] C:\Windows\SysWOW64\msvcp100.dll
18:02:42.0618 5848 C:\Windows\SysWOW64\msvcp100.dll - ok
18:02:42.0618 5848 [ 75824506A5B222469CC8079FCC644DBF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll
18:02:42.0618 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll - ok
18:02:42.0618 5848 [ 8AA79A2FC0EF314B4686C84CAB89873A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll
18:02:42.0618 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll - ok
18:02:42.0618 5848 [ 262F68CCF66CAD7F12C801C9CEE13CC6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll
18:02:42.0618 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll - ok
18:02:42.0618 5848 [ 3D6B518B71C75C8FA4115A33615C107A ] C:\Windows\System32\wbem\WMIsvc.dll
18:02:42.0618 5848 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:02:42.0634 5848 [ 5243CFC2E7161C91C2B355240035B9E4 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:02:42.0634 5848 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe - ok
18:02:42.0634 5848 [ 21CA3869D0EA99C902B26ED697BD78E5 ] C:\Windows\System32\wbemcomn.dll
18:02:42.0634 5848 C:\Windows\System32\wbemcomn.dll - ok
18:02:42.0634 5848 [ CCA14076376D8D0161BA4EDC5A2CA81C ] C:\Windows\System32\mscoree.dll
18:02:42.0634 5848 C:\Windows\System32\mscoree.dll - ok
18:02:42.0634 5848 [ 0FA29BD2E724CBBEB2D430384A181CA3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
18:02:42.0634 5848 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
18:02:42.0634 5848 [ A8484C0CB54DB48180FB7CA00F1C3F8F ] C:\Windows\System32\wuaueng.dll
18:02:42.0634 5848 C:\Windows\System32\wuaueng.dll - ok
18:02:42.0634 5848 [ 17953D6E22AC355462D35C0D1C78890A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll
18:02:42.0634 5848 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll - ok
18:02:42.0649 5848 [ A18100201E7477BB47C72711E092A8F0 ] C:\Windows\System32\esent.dll
18:02:42.0649 5848 C:\Windows\System32\esent.dll - ok
18:02:42.0649 5848 [ A0CFAE5D60E2011E7531F1921028259C ] C:\Windows\System32\cabinet.dll
18:02:42.0649 5848 C:\Windows\System32\cabinet.dll - ok
18:02:42.0649 5848 [ F21C16DA28157B5897555588E7949E9E ] C:\Windows\System32\mspatcha.dll
18:02:42.0649 5848 C:\Windows\System32\mspatcha.dll - ok
18:02:42.0649 5848 [ 06DF6E95E59FF75FFB575A6FC63CC233 ] C:\Windows\System32\wups.dll
18:02:42.0649 5848 C:\Windows\System32\wups.dll - ok
18:02:42.0649 5848 [ 6CAF9601D1317E5115AF90E0298E174F ] C:\Windows\System32\wups2.dll
18:02:42.0649 5848 C:\Windows\System32\wups2.dll - ok
18:02:42.0649 5848 [ ACA30B753EF16345AE2100E40603BF14 ] C:\Windows\System32\msvcr110_clr0400.dll
18:02:42.0649 5848 C:\Windows\System32\msvcr110_clr0400.dll - ok
18:02:42.0665 5848 [ 49FFE6B4887AE2D91379A45964DC23D9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0247de206c1c48ac4f8b55df16468405\System.Core.ni.dll
18:02:42.0665 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0247de206c1c48ac4f8b55df16468405\System.Core.ni.dll - ok
18:02:42.0665 5848 [ A999A58CF4D1BCC28132FA2087F4CD97 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\5a23c5e185cb978f73c67718f6e061a4\mscorlib.ni.dll
18:02:42.0665 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\5a23c5e185cb978f73c67718f6e061a4\mscorlib.ni.dll - ok
18:02:42.0665 5848 [ 8509B0F379BEFE03AB85F3CE3765B645 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\bac491dd87671c70ae204cf8bfb0eba2\System.Data.ni.dll
18:02:42.0665 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\bac491dd87671c70ae204cf8bfb0eba2\System.Data.ni.dll - ok
18:02:42.0665 5848 [ 670BCFF1ECBDAE19CC8C8E3921BBB7D4 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
18:02:42.0665 5848 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
18:02:42.0665 5848 [ F0ED366D60ECC1F54ADD0F82B078832E ] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
18:02:42.0665 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll - ok
18:02:42.0681 5848 [ 01A634CCF68044DC6D440DAD8A273A1A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\780ee51b01c636cf43ec0011100a8cbc\System.Transactions.ni.dll
18:02:42.0681 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\780ee51b01c636cf43ec0011100a8cbc\System.Transactions.ni.dll - ok
18:02:42.0681 5848 [ E8279050F1E2EC0B4FFA889DE5EAD4B1 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System\67f7ddcb264bac2f465b439bb19616b1\System.ni.dll
18:02:42.0681 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System\67f7ddcb264bac2f465b439bb19616b1\System.ni.dll - ok
18:02:42.0681 5848 [ 44BCD8E217B7C4254EF081755BAEE9BC ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
18:02:42.0681 5848 C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
18:02:42.0681 5848 [ 710A702487D4DFCF6DECE1ABB4E219FF ] C:\Program Files\Trend Micro\AMSP\module\10000\2.5.1331\9.700.1001\vsapi64.dll
18:02:42.0681 5848 C:\Program Files\Trend Micro\AMSP\module\10000\2.5.1331\9.700.1001\vsapi64.dll - ok
18:02:42.0681 5848 [ 7D8D55626C07A0CE5FF8D1E498122E0A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cd22fdcc7b8e9ad0e752965720c6d141\Microsoft.VisualC.ni.dll
18:02:42.0681 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\cd22fdcc7b8e9ad0e752965720c6d141\Microsoft.VisualC.ni.dll - ok
18:02:42.0681 5848 [ EA3CD9D80CF28DB7191C6485674CB6FA ] C:\Program Files\Trend Micro\AMSP\module\10002\2.5.1331\7.0.1028\tscdll64.dll
18:02:42.0681 5848 C:\Program Files\Trend Micro\AMSP\module\10002\2.5.1331\7.0.1028\tscdll64.dll - ok
18:02:42.0696 5848 [ C57BF6F04F3D282A4FA7F37F4BCC6A97 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c973dc898216bb3f08d8afee8c73006f\System.EnterpriseServices.ni.dll
18:02:42.0696 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c973dc898216bb3f08d8afee8c73006f\System.EnterpriseServices.ni.dll - ok
18:02:42.0696 5848 [ 62CD631DDBCDE1C501C97CB10D436C9C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\d15c6a21644d7d352417aae1512e2c91\SMSvcHost.ni.exe
18:02:42.0696 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\SMSvcHost\d15c6a21644d7d352417aae1512e2c91\SMSvcHost.ni.exe - ok
18:02:42.0696 5848 [ B8CC9A70D2956CC58176883864AA5F62 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
18:02:42.0696 5848 C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
18:02:42.0696 5848 [ C4244DD187B5344D375FF63C3216C9D5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c973dc898216bb3f08d8afee8c73006f\System.EnterpriseServices.Wrapper.dll
18:02:42.0696 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\c973dc898216bb3f08d8afee8c73006f\System.EnterpriseServices.Wrapper.dll - ok
18:02:42.0696 5848 [ 91BA196AEE2FE73DE175E30F39FED40F ] C:\Program Files\Trend Micro\AMSP\module\10004\6.0.1056\6.0.1056\TMPEM.dll
18:02:42.0696 5848 C:\Program Files\Trend Micro\AMSP\module\10004\6.0.1056\6.0.1056\TMPEM.dll - ok
18:02:42.0696 5848 [ 086D4735935537FE8A84DE58ED084CBC ] C:\Program Files\Trend Micro\AMSP\module\10005\2.5.1331\3.6.1008\tmufeng.dll

#12 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 02 February 2013 - 10:59 PM

18:02:42.0712 5848 C:\Program Files\Trend Micro\AMSP\module\10005\2.5.1331\3.6.1008\tmufeng.dll - ok
18:02:42.0712 5848 [ 4DD132420ACA4709F310505374F7AAA3 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3145945493fbcef888aa44b0081134cc\System.Core.ni.dll
18:02:42.0712 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\3145945493fbcef888aa44b0081134cc\System.Core.ni.dll - ok
18:02:42.0712 5848 [ BCDD3EDD38744DC4103F45C54E366887 ] C:\Program Files\Trend Micro\AMSP\module\10007\2.5.1331\2.51.1006\tmfbeng.dll
18:02:42.0712 5848 C:\Program Files\Trend Micro\AMSP\module\10007\2.5.1331\2.51.1006\tmfbeng.dll - ok
18:02:42.0712 5848 [ 93962D7FBE16AA0566A9C90E444C51A9 ] C:\Windows\System32\SettingSyncInfo.dll
18:02:42.0712 5848 C:\Windows\System32\SettingSyncInfo.dll - ok
18:02:42.0712 5848 [ B617F2E83951A9A4F495BBA58CF492B2 ] C:\Windows\System32\dllhost.exe
18:02:42.0712 5848 C:\Windows\System32\dllhost.exe - ok
18:02:42.0712 5848 [ CEE24510E1E0676A65021B5E3961DB5C ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\ICRCHdler.dll
18:02:42.0712 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\ICRCHdler.dll - ok
18:02:42.0727 5848 [ AA49B531D8766BF6119BF27586BAF36C ] C:\Windows\System32\dxva2.dll
18:02:42.0727 5848 C:\Windows\System32\dxva2.dll - ok
18:02:42.0727 5848 [ 1C36F01131AA9E8DAF2094B860A3A849 ] C:\Windows\System32\AtBroker.exe
18:02:42.0727 5848 C:\Windows\System32\AtBroker.exe - ok
18:02:42.0727 5848 [ 0E925F7BA032920D58DD284B6181A247 ] C:\Windows\System32\userinit.exe
18:02:42.0727 5848 C:\Windows\System32\userinit.exe - ok
18:02:42.0727 5848 [ 83C4E13852335E1EAC12AA62A2F01E52 ] C:\Windows\SysWOW64\winsta.dll
18:02:42.0727 5848 C:\Windows\SysWOW64\winsta.dll - ok
18:02:42.0727 5848 [ 38175536133BDC9324910582250CB8DD ] C:\Windows\System32\taskeng.exe
18:02:42.0727 5848 C:\Windows\System32\taskeng.exe - ok
18:02:42.0727 5848 [ CD09341CCD92DA45EA5A0C725270FA51 ] C:\Windows\System32\userinitext.dll
18:02:42.0727 5848 C:\Windows\System32\userinitext.dll - ok
18:02:42.0743 5848 [ 456913A14EAFD876ABDC1FC11DA856FA ] C:\Windows\System32\taskhostex.exe
18:02:42.0743 5848 C:\Windows\System32\taskhostex.exe - ok
18:02:42.0743 5848 [ 8BC5E1F477761F75B26E66746828915D ] C:\Windows\System32\HotStartUserAgent.dll
18:02:42.0743 5848 C:\Windows\System32\HotStartUserAgent.dll - ok
18:02:42.0743 5848 [ A572A1F193C14D7C17AB2BF3029A52BB ] C:\Windows\System32\MsCtfMonitor.dll
18:02:42.0743 5848 C:\Windows\System32\MsCtfMonitor.dll - ok
18:02:42.0743 5848 [ 792A8831E3639449AD97AE59BF05EDEF ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\libcurl.dll
18:02:42.0743 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\libcurl.dll - ok
18:02:42.0743 5848 [ E13A31D5254C25406A7946BDD9B06364 ] C:\Windows\explorer.exe
18:02:42.0743 5848 C:\Windows\explorer.exe - ok
18:02:42.0743 5848 [ 1A196FE539A6F81977805B6CE4F90BDC ] C:\Windows\System32\msutb.dll
18:02:42.0743 5848 C:\Windows\System32\msutb.dll - ok
18:02:42.0759 5848 [ D0122B8F528929278B7387F31B44CA8F ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\perfiCrcPerfMonMgr.dll
18:02:42.0759 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\perfiCrcPerfMonMgr.dll - ok
18:02:42.0759 5848 [ 38E669E49C35B6A02A9AF0737C526C0F ] C:\Windows\System32\PlaySndSrv.dll
18:02:42.0759 5848 C:\Windows\System32\PlaySndSrv.dll - ok
18:02:42.0759 5848 [ FFBA3E054E747C1FCCDC42B71E19F994 ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\libeay32.dll
18:02:42.0759 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\libeay32.dll - ok
18:02:42.0759 5848 [ BC61E429D78796F292D5E9A71C3A967F ] C:\Windows\System32\TSChannel.dll
18:02:42.0759 5848 C:\Windows\System32\TSChannel.dll - ok
18:02:42.0759 5848 [ FF90AB19985DC507C11EBDD05B370B5B ] C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\ssleay32.dll
18:02:42.0759 5848 C:\Program Files\Trend Micro\AMSP\module\10008\2.5.1331\2.01.1025\ssleay32.dll - ok
18:02:42.0759 5848 [ 927560169D763EB9C1CCCE689A0F3CA5 ] C:\Windows\System32\loadperf.dll
18:02:42.0759 5848 C:\Windows\System32\loadperf.dll - ok
18:02:42.0774 5848 [ 11B6498999F5B556417917EFB66906CC ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\f1b7b3e552560a6a00d9910d293700fa\System.ServiceModel.ni.dll
18:02:42.0774 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\f1b7b3e552560a6a00d9910d293700fa\System.ServiceModel.ni.dll - ok
18:02:42.0774 5848 [ 558DE1EA81825E418278AA14817E2A14 ] C:\Program Files\Trend Micro\AMSP\module\10009\3.6.1029\3.6.1029\TMLCE64.dll
18:02:42.0774 5848 C:\Program Files\Trend Micro\AMSP\module\10009\3.6.1029\3.6.1029\TMLCE64.dll - ok
18:02:42.0774 5848 [ E8E836E8EAB4B3660F9A5E445D531D4A ] C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\tmsa64.dll
18:02:42.0774 5848 C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\tmsa64.dll - ok
18:02:42.0774 5848 [ 9DE665D0D94B728A764812634B570B82 ] C:\Windows\System32\osk.exe
18:02:42.0774 5848 C:\Windows\System32\osk.exe - ok
18:02:42.0774 5848 [ CF54120FD7B5642A57CA5597C276B131 ] C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\tmwk64.dll
18:02:42.0774 5848 C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\tmwk64.dll - ok
18:02:42.0774 5848 [ EE0ED63921E59098310183433EB7971C ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\36ea558b41990f698cf908ec4ba32722\System.ServiceProcess.ni.dll
18:02:42.0774 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\36ea558b41990f698cf908ec4ba32722\System.ServiceProcess.ni.dll - ok
18:02:42.0790 5848 [ 29E643787F0E13E842E3E027DEB7F06A ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\3b22e6d063e270e13949842991b1159c\System.ServiceModel.Internals.ni.dll
18:02:42.0790 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\3b22e6d063e270e13949842991b1159c\System.ServiceModel.Internals.ni.dll - ok
18:02:42.0790 5848 [ 4234AC1C3AF70AA20C5D21EB2E763E9F ] C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\muyu64.dll
18:02:42.0790 5848 C:\Program Files\Trend Micro\AMSP\module\10011\2.5.1141\2.5.1141\muyu64.dll - ok
18:02:42.0790 5848 [ D9B409DFEF14EE8CE246EC25C04A3C76 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\20308140ceb6dda0bdc722f944f208fd\SMDiagnostics.ni.dll
18:02:42.0790 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\20308140ceb6dda0bdc722f944f208fd\SMDiagnostics.ni.dll - ok
18:02:42.0790 5848 [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] C:\Windows\System32\rasmans.dll
18:02:42.0790 5848 C:\Windows\System32\rasmans.dll - ok
18:02:42.0790 5848 [ B035BDC7F7000C9498733CC6FC6B8D2F ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\8517b132cbe0b329b40bc6a9ef106828\System.Configuration.ni.dll
18:02:42.0790 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Configuration\8517b132cbe0b329b40bc6a9ef106828\System.Configuration.ni.dll - ok
18:02:42.0806 5848 [ C2106BB710AA34A046126AED7BCA6964 ] C:\Windows\System32\Drivers\srv2.sys
18:02:42.0806 5848 C:\Windows\System32\Drivers\srv2.sys - ok
18:02:42.0806 5848 [ 6FCBBD06ED5EFC708FB7D00D5D099C70 ] C:\Windows\System32\rastapi.dll
18:02:42.0806 5848 C:\Windows\System32\rastapi.dll - ok
18:02:42.0806 5848 [ BB258D7748337F6B61993CCCBA1D5241 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\4334f45efbe62a6415f2cb7393c59f74\System.Xml.ni.dll
18:02:42.0806 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xml\4334f45efbe62a6415f2cb7393c59f74\System.Xml.ni.dll - ok
18:02:42.0806 5848 [ 39F77E95F29C4E13D774AF25C504282A ] C:\Windows\System32\tapi32.dll
18:02:42.0806 5848 C:\Windows\System32\tapi32.dll - ok
18:02:42.0806 5848 [ D634CFE93E0CD001499D0D6D68890C9E ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
18:02:42.0806 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe - ok
18:02:42.0806 5848 [ 5A1F9DEB7C93125474ABD49709DB64E5 ] C:\Windows\System32\inetsrv\wbhstipm.dll
18:02:42.0806 5848 C:\Windows\System32\inetsrv\wbhstipm.dll - ok
18:02:42.0821 5848 [ D0398301E7E94D2B7DFE6D12DE77E809 ] C:\Windows\System32\cryptnet.dll
18:02:42.0821 5848 C:\Windows\System32\cryptnet.dll - ok
18:02:42.0821 5848 [ A1E7D1141A5AF2AD243E252767BAD2EC ] C:\Windows\System32\unimdm.tsp
18:02:42.0821 5848 C:\Windows\System32\unimdm.tsp - ok
18:02:42.0821 5848 [ E44165EBCF505BBC2A5DDA79CFBDD6E0 ] C:\Program Files\Trend Micro\AMSP\module\10013\2.5.1331\1.0.1069\PeDifEng64.dll
18:02:42.0821 5848 C:\Program Files\Trend Micro\AMSP\module\10013\2.5.1331\1.0.1069\PeDifEng64.dll - ok
18:02:42.0821 5848 [ 55C6944DC9FBE9884F24F5F4CD82A245 ] C:\Windows\System32\hidphone.tsp
18:02:42.0821 5848 C:\Windows\System32\hidphone.tsp - ok
18:02:42.0821 5848 [ 68F75813B8779365C6905DAB831FE5C0 ] C:\Windows\System32\kmddsp.tsp
18:02:42.0821 5848 C:\Windows\System32\kmddsp.tsp - ok
18:02:42.0821 5848 [ 5BB9A5EE8B0A787028382C31A0E3610A ] C:\Windows\System32\ndptsp.tsp
18:02:42.0821 5848 C:\Windows\System32\ndptsp.tsp - ok
18:02:42.0821 5848 [ 52CCF6A430D77C88F3A795CA0004C39F ] C:\Windows\System32\uniplat.dll
18:02:42.0821 5848 C:\Windows\System32\uniplat.dll - ok
18:02:42.0837 5848 [ F49519495912C9A986C662D84F775E19 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll
18:02:42.0837 5848 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\clrjit.dll - ok
18:02:42.0837 5848 [ 0EC28714499583607F412A3E4BD7EBBE ] C:\Windows\System32\rasppp.dll
18:02:42.0837 5848 C:\Windows\System32\rasppp.dll - ok
18:02:42.0837 5848 [ 3ACD3D10AD1D5157458C9493582D9BD7 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDEngine.dll
18:02:42.0837 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\WDEngine.dll - ok
18:02:42.0837 5848 [ 6625A9EECF1846921DA7230062E483FE ] C:\Windows\System32\eappcfg.dll
18:02:42.0837 5848 C:\Windows\System32\eappcfg.dll - ok
18:02:42.0837 5848 [ CAC5202757EF68C4849B0DFFA75F6D3C ] C:\Windows\System32\iphlpsvc.dll
18:02:42.0837 5848 C:\Windows\System32\iphlpsvc.dll - ok
18:02:42.0837 5848 [ B6191C2187460A0568A9F510188DE2ED ] C:\Windows\System32\wbem\wbemprox.dll
18:02:42.0837 5848 C:\Windows\System32\wbem\wbemprox.dll - ok
18:02:42.0852 5848 [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] C:\Windows\System32\wscsvc.dll
18:02:42.0852 5848 C:\Windows\System32\wscsvc.dll - ok
18:02:42.0852 5848 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] C:\Windows\System32\Drivers\srv.sys
18:02:42.0852 5848 C:\Windows\System32\Drivers\srv.sys - ok
18:02:42.0852 5848 [ E057691FF043DB57925C7A79F8DB3E23 ] C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\tmwlchk.dll
18:02:42.0852 5848 C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\tmwlchk.dll - ok
18:02:42.0852 5848 [ 699BA9326F05444AE4C773690E2FA0F0 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9bd0d9d218d0f2350fc168e9f4cdb4d2\System.Runtime.Serialization.ni.dll
18:02:42.0852 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\9bd0d9d218d0f2350fc168e9f4cdb4d2\System.Runtime.Serialization.ni.dll - ok
18:02:42.0852 5848 [ 72DC8033685DB684D133F8C19AC5D768 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDUtilities.dll
18:02:42.0852 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\WDUtilities.dll - ok
18:02:42.0852 5848 [ 794D4B48DFB6E999537C7C3947863463 ] C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
18:02:42.0852 5848 C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe - ok
18:02:42.0868 5848 [ EF6D330ECBD93DDB460EED60E045BEF4 ] C:\Windows\System32\vpnike.dll
18:02:42.0868 5848 C:\Windows\System32\vpnike.dll - ok
18:02:42.0868 5848 [ 256EE31588257E8A555DBFAA13F1908E ] C:\Windows\System32\srvsvc.dll
18:02:42.0868 5848 C:\Windows\System32\srvsvc.dll - ok
18:02:42.0868 5848 [ A0BB8E532EFB10D24697F676DCC71BD3 ] C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\tmtap.dll
18:02:42.0868 5848 C:\Program Files\Trend Micro\AMSP\module\10015\6.0.1056\6.0.1056\tmtap.dll - ok
18:02:42.0868 5848 [ 4E743FA4D61A2EF8CA1642F49DC4784D ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll
18:02:42.0868 5848 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll - ok
18:02:42.0868 5848 [ 310068BDA80B1D55C36580FD8A873FAF ] C:\Windows\System32\browser.dll
18:02:42.0868 5848 C:\Windows\System32\browser.dll - ok
18:02:42.0868 5848 [ F10C09A8331B0A9B30C8056F1FEB14CE ] C:\Windows\System32\raschap.dll
18:02:42.0868 5848 C:\Windows\System32\raschap.dll - ok
18:02:42.0884 5848 [ 46558835A2092077DB5E90BE3E9715B1 ] C:\Windows\System32\credui.dll
18:02:42.0884 5848 C:\Windows\System32\credui.dll - ok
18:02:42.0884 5848 [ B1E1452C0DE1249BB22ADCA48B280AC7 ] C:\Windows\System32\httpprxm.dll
18:02:42.0884 5848 C:\Windows\System32\httpprxm.dll - ok
18:02:42.0884 5848 [ 735D4C58ADC1F4DE5A59850078910218 ] C:\Windows\System32\wbem\wbemcore.dll
18:02:42.0884 5848 C:\Windows\System32\wbem\wbemcore.dll - ok
18:02:42.0884 5848 [ 6FA9D09428E56C11E01066CAF2FB5031 ] C:\Windows\SysWOW64\msimg32.dll
18:02:42.0884 5848 C:\Windows\SysWOW64\msimg32.dll - ok
18:02:42.0884 5848 [ 12CE2AD29DD8D50528AB9AD5DE7E7184 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Interop.WDRulesService.dll
18:02:42.0884 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\Interop.WDRulesService.dll - ok
18:02:42.0884 5848 [ A6B68EFE9CCE9073483717215F2725F4 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\951123c992d512c68834b259a057267b\System.IdentityModel.ni.dll
18:02:42.0884 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.IdentityModel\951123c992d512c68834b259a057267b\System.IdentityModel.ni.dll - ok
18:02:42.0899 5848 [ D6D574650D68F91A7629465218EF2E48 ] C:\Program Files\Trend Micro\AMSP\module\10016\2.5.1331\2.0.1001\smv64.dll
18:02:42.0899 5848 C:\Program Files\Trend Micro\AMSP\module\10016\2.5.1331\2.0.1001\smv64.dll - ok
18:02:42.0899 5848 [ 17824F0C753189A361C8F555116FCC3D ] C:\Windows\SysWOW64\wer.dll
18:02:42.0899 5848 C:\Windows\SysWOW64\wer.dll - ok
18:02:42.0899 5848 [ A2294886FB28F84924381BAB6ED025C9 ] C:\Program Files\Trend Micro\AMSP\module\20001\2.5.1339\5.50.1043\TmSysEvt.dll
18:02:42.0899 5848 C:\Program Files\Trend Micro\AMSP\module\20001\2.5.1339\5.50.1043\TmSysEvt.dll - ok
18:02:42.0899 5848 [ E54F732758B5BB7405C2F4E05A64D6E1 ] C:\Windows\System32\wbem\esscli.dll
18:02:42.0899 5848 C:\Windows\System32\wbem\esscli.dll - ok
18:02:42.0899 5848 [ C82020F726F659478ACB95051C054CB5 ] C:\Windows\SysWOW64\sxs.dll
18:02:42.0899 5848 C:\Windows\SysWOW64\sxs.dll - ok
18:02:42.0899 5848 [ 71B118BDFA59A420DCBD19A5DCCFCCC5 ] C:\Windows\SysWOW64\Faultrep.dll
18:02:42.0899 5848 C:\Windows\SysWOW64\Faultrep.dll - ok
18:02:42.0915 5848 [ 88563EEF0BEF38739185E210179E2C9E ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\b37ff428b5cd9a459db7c0794bc5c66b\System.Xaml.ni.dll
18:02:42.0915 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Xaml\b37ff428b5cd9a459db7c0794bc5c66b\System.Xaml.ni.dll - ok
18:02:42.0915 5848 [ 19304E66115DD1400182211B4FD7E73A ] C:\Windows\System32\wbem\fastprox.dll
18:02:42.0915 5848 C:\Windows\System32\wbem\fastprox.dll - ok
18:02:42.0915 5848 [ BFDD523AB06AB9932B6327E52C6E9AE6 ] C:\Windows\SysWOW64\propsys.dll
18:02:42.0915 5848 C:\Windows\SysWOW64\propsys.dll - ok
18:02:42.0915 5848 [ 648EDA660D32C7B80F62EF74B6B392D5 ] C:\Windows\System32\adhsvc.dll
18:02:42.0915 5848 C:\Windows\System32\adhsvc.dll - ok
18:02:42.0915 5848 [ 547D152592C3B4960DD80D9C61F7C8A9 ] C:\Windows\System32\mi.dll
18:02:42.0915 5848 C:\Windows\System32\mi.dll - ok
18:02:42.0931 5848 [ 3C14BC7A5590DFDD754CA7A15CED0A9A ] C:\Windows\System32\sscore.dll
18:02:42.0931 5848 C:\Windows\System32\sscore.dll - ok
18:02:42.0931 5848 [ C5D0659CEA9A87C4C4E82B0464683F19 ] C:\Windows\System32\sscoreext.dll
18:02:42.0931 5848 C:\Windows\System32\sscoreext.dll - ok
18:02:42.0931 5848 [ 9B7280BAF510CE8AA3E712BC63EE50E3 ] C:\Windows\System32\wbem\wbemsvc.dll
18:02:42.0931 5848 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:02:42.0931 5848 [ 8CABB7DB418AA58CEC8A00E43368EAA7 ] C:\Windows\System32\miutils.dll
18:02:42.0931 5848 C:\Windows\System32\miutils.dll - ok
18:02:42.0931 5848 [ 47F7B9DF32E259FC7B8D9ED34EA4E0BF ] C:\Windows\System32\ncbservice.dll
18:02:42.0931 5848 C:\Windows\System32\ncbservice.dll - ok
18:02:42.0946 5848 [ 81CB9ABC700F5FC7B327AB458FDAC512 ] C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\a0ef01f1a5517f5bac92f0a658fd7559\System.Transactions.ni.dll
18:02:42.0946 5848 C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Transactions\a0ef01f1a5517f5bac92f0a658fd7559\System.Transactions.ni.dll - ok
18:02:42.0946 5848 [ DFE21A1B212FF6B7C3384D536581661B ] C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
18:02:42.0946 5848 C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
18:02:42.0946 5848 [ D86F25F0AD6CA6E77A9F67641EEB6722 ] C:\Windows\System32\sqmapi.dll
18:02:42.0946 5848 C:\Windows\System32\sqmapi.dll - ok
18:02:42.0946 5848 [ CD821D37F8D41D211197B6195904B192 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\3b550eb4636b82f35028c4185421de5d\System.Numerics.ni.dll
18:02:42.0946 5848 C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\3b550eb4636b82f35028c4185421de5d\System.Numerics.ni.dll - ok
18:02:42.0946 5848 [ 0AEF3F58E05D5BBCD8A3CF2B393FE465 ] C:\Windows\System32\wmidcom.dll
18:02:42.0946 5848 C:\Windows\System32\wmidcom.dll - ok
18:02:42.0946 5848 [ 10EB888ED897F031B9BFAC5867F5B290 ] C:\Windows\SysWOW64\bcrypt.dll
18:02:42.0946 5848 C:\Windows\SysWOW64\bcrypt.dll - ok
18:02:42.0962 5848 [ 4811A86C4CA6EDC58D316A29E56629F6 ] C:\Windows\System32\wbem\wmiutils.dll
18:02:42.0962 5848 C:\Windows\System32\wbem\wmiutils.dll - ok
18:02:42.0962 5848 [ 3A729A258006D813FCB2D3CEE8733878 ] C:\Windows\System32\netprofm.dll
18:02:42.0962 5848 C:\Windows\System32\netprofm.dll - ok
18:02:42.0962 5848 [ 95AB131067CD1695B62DEE20ADDD5071 ] C:\Windows\System32\resutils.dll
18:02:42.0962 5848 C:\Windows\System32\resutils.dll - ok
18:02:42.0962 5848 [ 5C51484B4D2211FBE88DEB472588B5DF ] C:\Windows\System32\wdscore.dll
18:02:42.0962 5848 C:\Windows\System32\wdscore.dll - ok
18:02:42.0962 5848 [ 7642600038C890DDAC01D26E58C6E856 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
18:02:42.0962 5848 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
18:02:42.0977 5848 [ C9DA260FC97E22905A97FFC3D5F42B18 ] C:\Windows\System32\bi.dll
18:02:42.0977 5848 C:\Windows\System32\bi.dll - ok
18:02:42.0977 5848 [ FA0672B09ED377939BB9F3D39895B404 ] C:\Windows\SysWOW64\wbemcomn.dll
18:02:42.0977 5848 C:\Windows\SysWOW64\wbemcomn.dll - ok
18:02:42.0977 5848 [ 58D768B03F3C7FF919004634C29E7843 ] C:\Windows\System32\nci.dll
18:02:42.0977 5848 C:\Windows\System32\nci.dll - ok
18:02:42.0977 5848 [ 2BD1447ECF8A9697AFCF4D7C71D45AA7 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
18:02:42.0977 5848 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
18:02:42.0977 5848 [ 7F38EFD2A0A2C393E8348A73073D6F8E ] C:\Windows\System32\localspl.dll
18:02:42.0977 5848 C:\Windows\System32\localspl.dll - ok
18:02:42.0993 5848 [ 616285E00B6B7F2DE84891F6D094528B ] C:\Windows\System32\wbem\repdrvfs.dll
18:02:42.0993 5848 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:02:42.0993 5848 [ E5BD0802B4A574FF3404927FE58515A1 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
18:02:42.0993 5848 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
18:02:42.0993 5848 [ 55A07D76F345CD44070890FFC693BEF6 ] C:\Windows\System32\spoolss.dll
18:02:42.0993 5848 C:\Windows\System32\spoolss.dll - ok
18:02:42.0993 5848 [ 7B26AAF3E85DF49D77B03E6328E3F662 ] C:\Program Files\Trend Micro\AMSP\module\20009\1.5.1012\1.5.1012\tmncieco.dll
18:02:42.0993 5848 C:\Program Files\Trend Micro\AMSP\module\20009\1.5.1012\1.5.1012\tmncieco.dll - ok
18:02:42.0993 5848 [ 7139C54E7282804745F9991F588FE506 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
18:02:42.0993 5848 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
18:02:43.0009 5848 [ 035FCFCB767313F8066ABC7E9BEE6CE4 ] C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\tmeedbg.dll
18:02:43.0009 5848 C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\tmeedbg.dll - ok
18:02:43.0009 5848 [ 992BD101F370B0D93A1131227BA342F6 ] C:\Windows\SysWOW64\wbem\fastprox.dll
18:02:43.0009 5848 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
18:02:43.0009 5848 [ 7D8902670720152867617016CE940ED8 ] C:\Windows\System32\PrintIsolationProxy.dll
18:02:43.0009 5848 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:02:43.0009 5848 [ ED9A7E01433244ECFF2212D442732FD2 ] C:\Windows\System32\hpinksts5412LM.dll
18:02:43.0009 5848 C:\Windows\System32\hpinksts5412LM.dll - ok
18:02:43.0009 5848 [ 5F7D19522A2E280581723BE8E5E1F2F1 ] C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\tmeectv.dll
18:02:43.0009 5848 C:\Program Files\Trend Micro\AMSP\module\20011\1.5.1107\1.5.1104\tmeectv.dll - ok
18:02:43.0024 5848 [ BEB7F94AEBA903A0138D3259904AE2EB ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopDbg.dll
18:02:43.0024 5848 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopDbg.dll - ok
18:02:43.0024 5848 [ E554ACAEAE4C2235229C5D0FC43E509F ] C:\Windows\System32\HPDiscoPM5412.dll
18:02:43.0024 5848 C:\Windows\System32\HPDiscoPM5412.dll - ok
18:02:43.0024 5848 [ C6E5504FFFE6B6E462254CCBF6ED2784 ] C:\Program Files (x86)\Western Digital\WD SmartWare\Interop.WDLockedFiles.dll
18:02:43.0024 5848 C:\Program Files (x86)\Western Digital\WD SmartWare\Interop.WDLockedFiles.dll - ok
18:02:43.0024 5848 [ 44D0F67EDCFE3B1DA9DEA3E0B16570ED ] C:\Windows\System32\VBoxNetFltNobj.dll
18:02:43.0024 5848 C:\Windows\System32\VBoxNetFltNobj.dll - ok
18:02:43.0040 5848 [ ADB778A085E71B9835F3FA776878184B ] C:\Windows\System32\wsnmp32.dll
18:02:43.0040 5848 C:\Windows\System32\wsnmp32.dll - ok
18:02:43.0040 5848 [ 5EAC7C24407243B31C1F3C06620EAAC5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
18:02:43.0040 5848 C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
18:02:43.0040 5848 [ 11A9C08F39F929B0D04FEE7C743CE8D9 ] C:\Windows\System32\adsldp.dll
18:02:43.0040 5848 C:\Windows\System32\adsldp.dll - ok
18:02:43.0040 5848 [ E6C7752237B3A615A190D9EE23ECF152 ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:02:43.0040 5848 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:02:43.0040 5848 [ 89F34252294CEC67BDD772D177566EB6 ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopCfg.dll
18:02:43.0040 5848 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopCfg.dll - ok
18:02:43.0056 5848 [ 52EF3A32EC17D3E9580A79A23B712917 ] C:\Windows\System32\brdgcfg.dll
18:02:43.0056 5848 C:\Windows\System32\brdgcfg.dll - ok
18:02:43.0056 5848 [ 54482D83FF8501A46BB0B349FED0DAEB ] C:\Windows\System32\ncobjapi.dll
18:02:43.0056 5848 C:\Windows\System32\ncobjapi.dll - ok
18:02:43.0056 5848 [ 08AF5B64DA03D206508CBACAEB9E1FF3 ] C:\Windows\System32\ndiscapCfg.dll
18:02:43.0056 5848 C:\Windows\System32\ndiscapCfg.dll - ok
18:02:43.0056 5848 [ DD35092F11DCED777EF8621D4EE2505A ] C:\Windows\System32\rascfg.dll
18:02:43.0056 5848 C:\Windows\System32\rascfg.dll - ok
18:02:43.0056 5848 [ 909EBA9AF43AF0E70EA7FFC352484424 ] C:\Windows\System32\mprapi.dll
18:02:43.0056 5848 C:\Windows\System32\mprapi.dll - ok
18:02:43.0056 5848 [ 11F0834544D68B955E6C44DFFB272122 ] C:\Windows\System32\mprmsg.dll
18:02:43.0056 5848 C:\Windows\System32\mprmsg.dll - ok
18:02:43.0071 5848 [ 55955FB63C2E045AA9915184880B4F27 ] C:\Windows\System32\cscapi.dll
18:02:43.0071 5848 C:\Windows\System32\cscapi.dll - ok
18:02:43.0071 5848 [ E296B0D7842DD5478605B6C86573E52F ] C:\Windows\System32\wbem\wbemess.dll
18:02:43.0071 5848 C:\Windows\System32\wbem\wbemess.dll - ok
18:02:43.0071 5848 [ 090AE16F79C8EAD04E6031F863DA85F3 ] C:\Windows\System32\ipnathlp.dll
18:02:43.0071 5848 C:\Windows\System32\ipnathlp.dll - ok
18:02:43.0071 5848 [ 335C4488A14AC4B52B3E1CDF6D6F7780 ] C:\Windows\System32\hnetcfg.dll
18:02:43.0071 5848 C:\Windows\System32\hnetcfg.dll - ok
18:02:43.0071 5848 [ F6BB843AFC93AEE9E928CFE4BB5B743C ] C:\Windows\System32\LldpNotify.dll
18:02:43.0071 5848 C:\Windows\System32\LldpNotify.dll - ok
18:02:43.0071 5848 [ 91E352ACB49DF3388C960A09243E5616 ] C:\Windows\System32\NdisImPlatform.dll
18:02:43.0071 5848 C:\Windows\System32\NdisImPlatform.dll - ok
18:02:43.0087 5848 [ AF56A8936DF2F7031D4311C81D065CE9 ] C:\Windows\System32\tcpipcfg.dll
18:02:43.0087 5848 C:\Windows\System32\tcpipcfg.dll - ok
18:02:43.0087 5848 [ E09A3A37634A2F23A2184839BC31FD54 ] C:\Windows\System32\wshbth.dll
18:02:43.0087 5848 C:\Windows\System32\wshbth.dll - ok
18:02:43.0087 5848 [ 4A48113D40185101073E45EB614C736A ] C:\Windows\System32\wlaninst.dll
18:02:43.0087 5848 C:\Windows\System32\wlaninst.dll - ok
18:02:43.0087 5848 [ 368ECFA053515B73262C3B6F6569BFA7 ] C:\Windows\System32\wwaninst.dll
18:02:43.0087 5848 C:\Windows\System32\wwaninst.dll - ok
18:02:43.0087 5848 [ 768B5A538A11E9C6F8EDD9AFDFA16936 ] C:\Windows\System32\winrnr.dll
18:02:43.0087 5848 C:\Windows\System32\winrnr.dll - ok
18:02:43.0087 5848 [ 149FEE067A002D75B7714C300D019C9E ] C:\Windows\System32\NapiNSP.dll
18:02:43.0087 5848 C:\Windows\System32\NapiNSP.dll - ok
18:02:43.0102 5848 [ CA4FAFFA957C71C006B59E29DFE3EB8B ] C:\Windows\System32\pnrpnsp.dll
18:02:43.0102 5848 C:\Windows\System32\pnrpnsp.dll - ok
18:02:43.0102 5848 [ 59EA2E681CBB1F0D1DC966E27864B234 ] C:\Windows\System32\wuapi.dll
18:02:43.0102 5848 C:\Windows\System32\wuapi.dll - ok
18:02:43.0102 5848 [ 5098D96D9E1975DBFE870757B097CC51 ] C:\Windows\System32\ZLhp1020.DLL
18:02:43.0102 5848 C:\Windows\System32\ZLhp1020.DLL - ok
18:02:43.0102 5848 [ E8DF2DAD385DAAB92D55AD1332538F5A ] C:\Windows\System32\FXSMON.dll
18:02:43.0102 5848 C:\Windows\System32\FXSMON.dll - ok
18:02:43.0102 5848 [ AF5A41782DBD2010497851B8E955BD2A ] C:\Windows\System32\tcpmon.dll
18:02:43.0102 5848 C:\Windows\System32\tcpmon.dll - ok
18:02:43.0118 5848 [ 85EBAAA913E187B65FB5B47EA36FA306 ] C:\Windows\System32\snmpapi.dll
18:02:43.0118 5848 C:\Windows\System32\snmpapi.dll - ok
18:02:43.0118 5848 [ E583B7B3CCACE9E3880C16E119585245 ] C:\Windows\System32\usbmon.dll
18:02:43.0118 5848 C:\Windows\System32\usbmon.dll - ok
18:02:43.0118 5848 [ E1F5ACD2E86DFC938AD781EC162B745D ] C:\Windows\System32\wbem\NCProv.dll
18:02:43.0118 5848 C:\Windows\System32\wbem\NCProv.dll - ok
18:02:43.0118 5848 [ D35AEACAEF5E75A802BC9465C6C0F710 ] C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopCtl.dll
18:02:43.0118 5848 C:\Program Files\Trend Micro\AMSP\module\20013\1.0.1194\1.0.1194\TmopCtl.dll - ok
18:02:43.0118 5848 [ 417BE56629E14D88EFDE76B3720F2C61 ] C:\Windows\System32\WSDMon.dll
18:02:43.0118 5848 C:\Windows\System32\WSDMon.dll - ok
18:02:43.0118 5848 [ E24FCC199F4AD27289ACEC15D8A6740C ] C:\Windows\System32\fdPnp.dll
18:02:43.0118 5848 C:\Windows\System32\fdPnp.dll - ok
18:02:43.0134 5848 [ F082773EF130B7293E0F6D64B962A118 ] C:\Windows\System32\deviceassociation.dll
18:02:43.0134 5848 C:\Windows\System32\deviceassociation.dll - ok
18:02:43.0134 5848 [ 8F625E3E627BC99823E7E168A9AB5625 ] C:\Windows\System32\wsdchngr.dll
18:02:43.0134 5848 C:\Windows\System32\wsdchngr.dll - ok
18:02:43.0134 5848 [ AD83740AF98C2AE2EA2833E77C237C6D ] C:\Program Files\Trend Micro\AMSP\module\20015\2.5.1331\1.0.1016\Tmelapi.dll
18:02:43.0134 5848 C:\Program Files\Trend Micro\AMSP\module\20015\2.5.1331\1.0.1016\Tmelapi.dll - ok
18:02:43.0134 5848 [ 7038DC41C455ABF75BC988BE052655F4 ] C:\Windows\System32\drvstore.dll
18:02:43.0134 5848 C:\Windows\System32\drvstore.dll - ok
18:02:43.0134 5848 [ D248ABAFF17C0E861F4A5499F4DBC10B ] C:\Windows\System32\spool\prtprocs\x64\PPhp1020.DLL
18:02:43.0134 5848 C:\Windows\System32\spool\prtprocs\x64\PPhp1020.DLL - ok
18:02:43.0149 5848 [ D1CA3C8C5DC6DC357CE4C08F0BCC1EEE ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
18:02:43.0149 5848 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
18:02:43.0149 5848 [ D3C5AF952553891757230BABDF49F286 ] C:\Windows\System32\win32spl.dll
18:02:43.0149 5848 C:\Windows\System32\win32spl.dll - ok
18:02:43.0149 5848 [ D274AF2427A7E2D9640943B8F797C8C3 ] C:\Windows\System32\inetpp.dll
18:02:43.0149 5848 C:\Windows\System32\inetpp.dll - ok
18:02:43.0149 5848 [ D64C4AFEE8277F35EF729A2B924666B0 ] C:\Windows\System32\appinfo.dll
18:02:43.0149 5848 C:\Windows\System32\appinfo.dll - ok
18:02:43.0149 5848 [ F6F1B55FC775E6F096AD400030E9D0B8 ] C:\Windows\System32\dimsjob.dll
18:02:43.0149 5848 C:\Windows\System32\dimsjob.dll - ok
18:02:43.0165 5848 [ 63145201D6458E4958E572E7D6FC2604 ] C:\Windows\System32\Drivers\mslldp.sys
18:02:43.0165 5848 C:\Windows\System32\Drivers\mslldp.sys - ok
18:02:43.0165 5848 [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] C:\Windows\System32\NcaSvc.dll
18:02:43.0165 5848 C:\Windows\System32\NcaSvc.dll - ok
18:02:43.0165 5848 [ 20F6FD63E6D456114BC8056D62792786 ] C:\Windows\System32\netprofmsvc.dll
18:02:43.0165 5848 C:\Windows\System32\netprofmsvc.dll - ok
18:02:43.0165 5848 [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] C:\Windows\System32\ssdpsrv.dll
18:02:43.0165 5848 C:\Windows\System32\ssdpsrv.dll - ok
18:02:43.0165 5848 [ 240FC332484572227CD1DF82407F33E5 ] C:\Windows\System32\wdi.dll
18:02:43.0165 5848 C:\Windows\System32\wdi.dll - ok
18:02:43.0165 5848 [ 94AA5150E35B3ABB7191FE641E3C2473 ] C:\Windows\System32\wpdbusenum.dll
18:02:43.0165 5848 C:\Windows\System32\wpdbusenum.dll - ok
18:02:43.0181 5848 [ F6E2D63673ED6C04AB21CEC88517B0F5 ] C:\Program Files\Windows Defender\MsMpEng.exe
18:02:43.0181 5848 C:\Program Files\Windows Defender\MsMpEng.exe - ok
18:02:43.0181 5848 [ EA9FCF8A296C372473D29E4424EEF800 ] C:\Windows\System32\bidispl.dll
18:02:43.0181 5848 C:\Windows\System32\bidispl.dll - ok
18:02:43.0181 5848 [ E90D6FE0603A7D88731EEF32C5E80DE1 ] C:\Windows\System32\httpprxp.dll
18:02:43.0181 5848 C:\Windows\System32\httpprxp.dll - ok
18:02:43.0181 5848 [ 0588950D93A426F97C7AAADB1A9B0458 ] C:\Windows\System32\fhsvc.dll
18:02:43.0181 5848 C:\Windows\System32\fhsvc.dll - ok
18:02:43.0181 5848 [ FAC37D7B3D6354A5A5E19A45B50B4008 ] C:\Windows\System32\hidserv.dll
18:02:43.0181 5848 C:\Windows\System32\hidserv.dll - ok
18:02:43.0181 5848 [ 94F97611FFCFF810BF8CB0D467BADA60 ] C:\Windows\System32\msidle.dll
18:02:43.0181 5848 C:\Windows\System32\msidle.dll - ok
18:02:43.0196 5848 [ 3AC898E2B7C02CC26CD4ED52C68D870E ] C:\Windows\System32\consent.exe
18:02:43.0196 5848 C:\Windows\System32\consent.exe - ok
18:02:43.0196 5848 [ F7FE8684ADE6E144F6BCDA556B6907E7 ] C:\Windows\System32\dafupnp.dll
18:02:43.0196 5848 C:\Windows\System32\dafupnp.dll - ok
18:02:43.0196 5848 [ EA51E928D7ED1910CF377B2DA386FA23 ] C:\Windows\System32\fhcfg.dll
18:02:43.0196 5848 C:\Windows\System32\fhcfg.dll - ok
18:02:43.0196 5848 [ 3E36CBECA4F6D566405603A8737CB118 ] C:\Windows\System32\efsutil.dll
18:02:43.0196 5848 C:\Windows\System32\efsutil.dll - ok
18:02:43.0196 5848 [ 64F6AFD2F4F8D0DB5B8770EC59103778 ] C:\Windows\System32\PortableDeviceApi.dll
18:02:43.0196 5848 C:\Windows\System32\PortableDeviceApi.dll - ok
18:02:43.0212 5848 [ 3A4DE678E4E709C0794DA57C198AA7E3 ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:02:43.0212 5848 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:02:43.0212 5848 [ D9EF270C328058907F46EAA790670461 ] C:\Program Files\Windows Defender\MpSvc.dll
18:02:43.0212 5848 C:\Program Files\Windows Defender\MpSvc.dll - ok
18:02:43.0212 5848 [ 0F57DEA30340B49B06DCB8B077BEF072 ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:02:43.0212 5848 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:02:43.0212 5848 [ A4387C3D271959313E2577DB7BE8BA7A ] C:\Windows\System32\bthserv.dll
18:02:43.0212 5848 C:\Windows\System32\bthserv.dll - ok
18:02:43.0212 5848 [ 54A59A152C795E4FD51FB247841F57D6 ] C:\Windows\System32\diagperf.dll
18:02:43.0212 5848 C:\Windows\System32\diagperf.dll - ok
18:02:43.0212 5848 [ 26D38C1391CD81ADDD791DE136E2FEA7 ] C:\Windows\System32\npmproxy.dll
18:02:43.0212 5848 C:\Windows\System32\npmproxy.dll - ok
18:02:43.0227 5848 [ 645846172593708AC3F39CF6D09AF2D9 ] C:\Windows\System32\dafBth.dll
18:02:43.0227 5848 C:\Windows\System32\dafBth.dll - ok
18:02:43.0227 5848 [ D93DF255633D351F6F3450EA79C10480 ] C:\Windows\System32\wbem\cimwin32.dll
18:02:43.0227 5848 C:\Windows\System32\wbem\cimwin32.dll - ok
18:02:43.0227 5848 [ D1A04DC07552A12553D64404CDBAB3A1 ] C:\Windows\System32\perftrack.dll
18:02:43.0227 5848 C:\Windows\System32\perftrack.dll - ok
18:02:43.0227 5848 [ D8DCEE270674DDB6503730CC4C2F1691 ] C:\Windows\System32\BluetoothApis.dll
18:02:43.0227 5848 C:\Windows\System32\BluetoothApis.dll - ok
18:02:43.0227 5848 [ 173C770E388C31EDBB23F4283992F73E ] C:\Program Files\Windows Defender\MpClient.dll
18:02:43.0227 5848 C:\Program Files\Windows Defender\MpClient.dll - ok
18:02:43.0243 5848 [ 8B5D475B48506471669B9B46945138B0 ] C:\Windows\System32\wer.dll
18:02:43.0243 5848 C:\Windows\System32\wer.dll - ok
18:02:43.0243 5848 [ 9913A96B7A27DF38A8AA3B2A949F4008 ] C:\Windows\System32\framedynos.dll
18:02:43.0243 5848 C:\Windows\System32\framedynos.dll - ok
18:02:43.0243 5848 [ 0108C8E5176D590F242701EF5A62CC26 ] C:\Windows\System32\IPSECSVC.DLL
18:02:43.0243 5848 C:\Windows\System32\IPSECSVC.DLL - ok
18:02:43.0243 5848 [ 0828E3E7BD77C89149EAD3232BFD38DB ] C:\Windows\System32\fdPHost.dll
18:02:43.0243 5848 C:\Windows\System32\fdPHost.dll - ok
18:02:43.0243 5848 [ ACEBEB1F363C819576216CF9C4962FA2 ] C:\Windows\System32\fdWSD.dll
18:02:43.0243 5848 C:\Windows\System32\fdWSD.dll - ok
18:02:43.0243 5848 [ 7417B004B5BD4B9EC1140890131CD41D ] C:\Windows\System32\pnpts.dll
18:02:43.0243 5848 C:\Windows\System32\pnpts.dll - ok
18:02:43.0259 5848 [ A6E506E122DF3244443BE6113404EB96 ] C:\Windows\System32\pautoenr.dll
18:02:43.0259 5848 C:\Windows\System32\pautoenr.dll - ok
18:02:43.0259 5848 [ 203BEA6A8C2C2FA22A05C3FA9D01E222 ] C:\Windows\System32\wmi.dll
18:02:43.0259 5848 C:\Windows\System32\wmi.dll - ok
18:02:43.0259 5848 [ ACA7A882A6CAD94A08632868AA2EE64A ] C:\Windows\System32\FwRemoteSvr.dll
18:02:43.0259 5848 C:\Windows\System32\FwRemoteSvr.dll - ok
18:02:43.0259 5848 [ 37814A36DBAF1AE9D42BE89889ECB4B7 ] C:\Windows\System32\certca.dll
18:02:43.0259 5848 C:\Windows\System32\certca.dll - ok
18:02:43.0259 5848 [ 4E2A0C91A8246AB25B140695123EAECA ] C:\Windows\SysWOW64\msxml6.dll
18:02:43.0259 5848 C:\Windows\SysWOW64\msxml6.dll - ok
18:02:43.0274 5848 [ B460531B5F5ED9E8ABCA3BA342AE9563 ] C:\Program Files\Windows Defender\MpCmdRun.exe
18:02:43.0274 5848 C:\Program Files\Windows Defender\MpCmdRun.exe - ok
18:02:43.0274 5848 [ 855E7E347893BDB93245120E137577FB ] C:\Windows\System32\radardt.dll
18:02:43.0274 5848 C:\Windows\System32\radardt.dll - ok
18:02:43.0274 5848 [ 8411147754C00B3B096C5C0ED95B3CFC ] C:\Windows\System32\runonce.exe
18:02:43.0274 5848 C:\Windows\System32\runonce.exe - ok
18:02:43.0274 5848 [ CC5512FC3FCCEA164F01592B5979F1BE ] C:\Windows\System32\srumsvc.dll
18:02:43.0274 5848 C:\Windows\System32\srumsvc.dll - ok
18:02:43.0274 5848 [ 0D97A065E85D59B8F0EE2BD31A679456 ] C:\Windows\System32\wdiasqmmodule.dll
18:02:43.0274 5848 C:\Windows\System32\wdiasqmmodule.dll - ok
18:02:43.0290 5848 [ D3B1196386488D4BEDA5DFDA3749E36C ] C:\Windows\System32\fdSSDP.dll
18:02:43.0290 5848 C:\Windows\System32\fdSSDP.dll - ok
18:02:43.0290 5848 [ 2D7BB53EA2BB3F213CE558A79EC8448D ] C:\Windows\System32\nduprov.dll
18:02:43.0290 5848 C:\Windows\System32\nduprov.dll - ok
18:02:43.0290 5848 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] C:\Windows\System32\provsvc.dll
18:02:43.0290 5848 C:\Windows\System32\provsvc.dll - ok
18:02:43.0290 5848 [ D0A82052050909677C648B2496C0909E ] C:\Windows\System32\wpnsruprov.dll
18:02:43.0290 5848 C:\Windows\System32\wpnsruprov.dll - ok
18:02:43.0290 5848 [ 5F46797ED1629F152EF4A8DD0DBBC31F ] C:\Windows\System32\DAFWSD.dll
18:02:43.0290 5848 C:\Windows\System32\DAFWSD.dll - ok

18:02:43.0290 5848 [ C982FE4CC91DECE2259F494FCEB4030F ] C:\Windows\System32\NcdAutoSetup.dll
18:02:43.0290 5848 C:\Windows\System32\NcdAutoSetup.dll - ok
18:02:43.0306 5848 [ 15E174928C1ABD23B3647270F2632D6C ] C:\Windows\System32\CertEnroll.dll
18:02:43.0306 5848 C:\Windows\System32\CertEnroll.dll - ok
18:02:43.0306 5848 [ 9E2E7FE5237CFE3A0529B54C53021CA0 ] C:\Windows\System32\appsruprov.dll
18:02:43.0306 5848 C:\Windows\System32\appsruprov.dll - ok
18:02:43.0306 5848 [ 71697EDF104E5EACD75822E588FA8149 ] C:\Windows\System32\energyprov.dll
18:02:43.0306 5848 C:\Windows\System32\energyprov.dll - ok
18:02:43.0306 5848 [ BD7849649C6E85118802010F442F67A8 ] C:\Windows\SysWOW64\webio.dll
18:02:43.0306 5848 C:\Windows\SysWOW64\webio.dll - ok
18:02:43.0306 5848 [ AE03E9CBFFB8EDE81B3DA7603E546F56 ] C:\Windows\System32\srumapi.dll
18:02:43.0306 5848 C:\Windows\System32\srumapi.dll - ok
18:02:43.0306 5848 [ 06856DA4C306F557BF115C4EF2269095 ] C:\Windows\System32\dtsh.dll
18:02:43.0306 5848 C:\Windows\System32\dtsh.dll - ok
18:02:43.0321 5848 [ A075E18C6A60C5B2A0A95AB7F7BF94E8 ] C:\Windows\System32\fdProxy.dll
18:02:43.0321 5848 C:\Windows\System32\fdProxy.dll - ok
18:02:43.0321 5848 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] C:\Windows\System32\ListSvc.dll
18:02:43.0321 5848 C:\Windows\System32\ListSvc.dll - ok
18:02:43.0321 5848 [ 88D686DE8D296AAC4A634B0EFBED9028 ] C:\Windows\System32\P2P.dll
18:02:43.0321 5848 C:\Windows\System32\P2P.dll - ok
18:02:43.0321 5848 [ 26F0D5C6F38FFDE13E46F028CE12AFA5 ] C:\Windows\SysWOW64\urlmon.dll
18:02:43.0321 5848 C:\Windows\SysWOW64\urlmon.dll - ok
18:02:43.0321 5848 [ AB76700D764A342D7475FB8F47CAB18C ] C:\Windows\System32\pnrpsvc.dll
18:02:43.0321 5848 C:\Windows\System32\pnrpsvc.dll - ok
18:02:43.0337 5848 [ B5EB8E2AF9B3E067A8525622AEEC212E ] C:\Windows\System32\wlroamextension.dll
18:02:43.0337 5848 C:\Windows\System32\wlroamextension.dll - ok
18:02:43.0337 5848 [ 1C8E051AA357E5B73B74B4C8FFDCE9C3 ] C:\Windows\System32\actxprxy.dll
18:02:43.0337 5848 C:\Windows\System32\actxprxy.dll - ok
18:02:43.0337 5848 [ FFBD302B058E2732246E7B365D99D73D ] C:\Windows\System32\smbwmiv2.dll
18:02:43.0337 5848 C:\Windows\System32\smbwmiv2.dll - ok
18:02:43.0337 5848 [ FAE5157339279E1251D2482E6365691A ] C:\Windows\System32\fhlisten.dll
18:02:43.0337 5848 C:\Windows\System32\fhlisten.dll - ok
18:02:43.0337 5848 [ 9DE5419BE2F4A47A79785E285BA005E2 ] C:\Windows\System32\IdListen.dll
18:02:43.0337 5848 C:\Windows\System32\IdListen.dll - ok
18:02:43.0337 5848 [ 5E94D0BAFC05422F05528C44DA164FD5 ] C:\Windows\System32\wmitomi.dll
18:02:43.0337 5848 C:\Windows\System32\wmitomi.dll - ok
18:02:43.0352 5848 [ 0AB4E16A91E3C937A4C61488120E323A ] C:\Windows\System32\hgprint.dll
18:02:43.0352 5848 C:\Windows\System32\hgprint.dll - ok
18:02:43.0352 5848 [ A2418204EBFA6F41DE3DF2FBB46B7F3F ] C:\Windows\System32\pcacli.dll
18:02:43.0352 5848 C:\Windows\System32\pcacli.dll - ok
18:02:43.0352 5848 [ C7C199266ADBC96EDA3ADC0429CF42BD ] C:\Windows\System32\OskSupport.dll
18:02:43.0352 5848 C:\Windows\System32\OskSupport.dll - ok
18:02:43.0352 5848 [ 51187F2413CDB487542290E046B6378E ] C:\Windows\System32\twinapi.dll
18:02:43.0352 5848 C:\Windows\System32\twinapi.dll - ok
18:02:43.0352 5848 [ 1CD203FFC8CD27E95FF1B2B60EADE477 ] C:\Windows\System32\perfos.dll
18:02:43.0352 5848 C:\Windows\System32\perfos.dll - ok
18:02:43.0352 5848 [ CBED42E4840468C3CC7A40330966AEEB ] C:\Program Files\Common Files\microsoft shared\ink\tabskb.dll
18:02:43.0352 5848 C:\Program Files\Common Files\microsoft shared\ink\tabskb.dll - ok
18:02:43.0368 5848 [ 4319FD931DCD796435ECB5DB4A04FBA5 ] C:\Windows\System32\p2psvc.dll
18:02:43.0368 5848 C:\Windows\System32\p2psvc.dll - ok
18:02:43.0368 5848 [ ECC24B42DAF1778D7DA6F1BCD4AB01FC ] C:\Windows\System32\msTextPrediction.dll
18:02:43.0368 5848 C:\Windows\System32\msTextPrediction.dll - ok
18:02:43.0368 5848 [ 72FDF51B6F91401A97C3271180A46C39 ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
18:02:43.0368 5848 C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
18:02:43.0368 5848 [ 733E0C2F074B17D660349768BB70393D ] C:\Windows\System32\P2PGraph.dll
18:02:43.0368 5848 C:\Windows\System32\P2PGraph.dll - ok
18:02:43.0368 5848 [ 98FB2850E58E26C8F1DFF3A10F031991 ] C:\Windows\RegBootClean64.exe
18:02:43.0368 5848 C:\Windows\RegBootClean64.exe - ok
18:02:43.0368 5848 [ F0408DB6F94E3F0D5ED94B16C097A622 ] C:\Windows\SysWOW64\runonce.exe
18:02:43.0368 5848 C:\Windows\SysWOW64\runonce.exe - ok
18:02:43.0384 5848 [ 51E886381803D55926A6D50643B9436C ] C:\Windows\SysWOW64\imm32.dll
18:02:43.0384 5848 C:\Windows\SysWOW64\imm32.dll - ok
18:02:43.0384 5848 [ 69229810EB42C6FA2BAA298E02A043E1 ] C:\Windows\SysWOW64\msctf.dll
18:02:43.0384 5848 C:\Windows\SysWOW64\msctf.dll - ok
18:02:43.0384 5848 [ 6477C69FC49D97C7BF406D27E81FC17F ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
18:02:43.0384 5848 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll - ok
18:02:43.0384 5848 [ 46A953E91C72DFF009E76C72C9437A9A ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
18:02:43.0384 5848 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll - ok
18:02:43.0384 5848 [ 383123CB897895FAA7914D5A5A64798B ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
18:02:43.0384 5848 C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll - ok
18:02:43.0384 5848 [ D07CDFA0320605FC429D5C54D89DC925 ] C:\Windows\SysWOW64\uxtheme.dll
18:02:43.0384 5848 C:\Windows\SysWOW64\uxtheme.dll - ok
18:02:43.0399 5848 [ 7853D2AB445C10F97610B2B05FA4CF0A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
18:02:43.0399 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
18:02:43.0399 5848 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:02:43.0399 5848 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
18:02:43.0399 5848 [ 86F869D43E6E998466538A1DF0D1E6D7 ] C:\Windows\System32\drttransport.dll
18:02:43.0399 5848 C:\Windows\System32\drttransport.dll - ok
18:02:43.0399 5848 [ BFABA02A0EA273980BA69DA07483737E ] C:\Windows\System32\drt.dll
18:02:43.0399 5848 C:\Windows\System32\drt.dll - ok
18:02:43.0399 5848 [ 6A0C81508755C7F8EA5C5A4BC0E922CB ] C:\Windows\SysWOW64\apphelp.dll
18:02:43.0399 5848 C:\Windows\SysWOW64\apphelp.dll - ok
18:02:43.0399 5848 [ 224F6B374852153C8C24BED141AE3A20 ] C:\Windows\SysWOW64\rundll32.exe
18:02:43.0399 5848 C:\Windows\SysWOW64\rundll32.exe - ok
18:02:43.0415 5848 [ 7CFA57D9E63AFE400BA45FF96EB835FC ] C:\Windows\System32\FXSRESM.dll
18:02:43.0415 5848 C:\Windows\System32\FXSRESM.dll - ok
18:02:43.0415 5848 [ C6B60D86B37D1C10AF7E7764D74D9194 ] C:\Windows\apppatch\AcLayers.dll
18:02:43.0415 5848 C:\Windows\apppatch\AcLayers.dll - ok
18:02:43.0415 5848 [ 5DDEA740B911D4E910AC031090183E6A ] C:\Windows\SysWOW64\sfc.dll
18:02:43.0415 5848 C:\Windows\SysWOW64\sfc.dll - ok
18:02:43.0415 5848 [ FF3AA70595B26BD3DC0DDB00B90B1B57 ] C:\Windows\SysWOW64\imagehlp.dll
18:02:43.0415 5848 C:\Windows\SysWOW64\imagehlp.dll - ok
18:02:43.0415 5848 [ 0313A5DFA5966E31220C26A6167FD479 ] C:\Windows\SysWOW64\sfc_os.dll
18:02:43.0415 5848 C:\Windows\SysWOW64\sfc_os.dll - ok
18:02:43.0415 5848 [ 4BE1DCAD76BE96D1EC887A41E570C404 ] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll
18:02:43.0415 5848 C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll - ok
18:02:43.0431 5848 [ 341ADCBB9A744F559C3CF3CA5D3D8934 ] C:\Windows\SysWOW64\dwmapi.dll
18:02:43.0431 5848 C:\Windows\SysWOW64\dwmapi.dll - ok
18:02:43.0431 5848 [ 5996C79FB52BDE3FA10F77396654AE42 ] C:\Windows\SysWOW64\cmd.exe
18:02:43.0431 5848 C:\Windows\SysWOW64\cmd.exe - ok
18:02:43.0431 5848 [ F2E12B5B7EEDE6854104E5AF8AC841A8 ] C:\Windows\SysWOW64\cmdext.dll
18:02:43.0431 5848 C:\Windows\SysWOW64\cmdext.dll - ok
18:02:43.0431 5848 [ 9DA86B80AE1339F19CD5D290787EB7B3 ] C:\Windows\SysWOW64\shdocvw.dll
18:02:43.0431 5848 C:\Windows\SysWOW64\shdocvw.dll - ok
18:02:43.0431 5848 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\Users\Michael\AppData\Local\Temp\E4B4805C-EAAE-497E-A6BC-CA724C6B687F.exe
18:02:43.0431 5848 C:\Users\Michael\AppData\Local\Temp\E4B4805C-EAAE-497E-A6BC-CA724C6B687F.exe - ok
18:02:43.0431 5848 [ F8DE2E949B135BA7E45AE18DC82BF262 ] C:\Windows\SysWOW64\pcacli.dll
18:02:43.0431 5848 C:\Windows\SysWOW64\pcacli.dll - ok
18:02:43.0446 5848 [ 974AE60BF5B90E31412D93596C968E5B ] C:\Windows\System32\aelupsvc.dll
18:02:43.0446 5848 C:\Windows\System32\aelupsvc.dll - ok
18:02:43.0446 5848 [ 7CD424F005ED71204DCB14CF11F1EB0C ] C:\Windows\SysWOW64\rasadhlp.dll
18:02:43.0446 5848 C:\Windows\SysWOW64\rasadhlp.dll - ok
18:02:43.0446 5848 [ 18D61C0822414ACDBD88EB8AD6319D70 ] C:\Windows\System32\ExplorerFrame.dll
18:02:43.0446 5848 C:\Windows\System32\ExplorerFrame.dll - ok
18:02:43.0446 5848 [ 4B968083851285996B465FFDCB5AE9E8 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
18:02:43.0446 5848 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
18:02:43.0446 5848 [ C4729C10C3D9E1517EFF2C7AAE72E819 ] C:\Windows\System32\gameux.dll
18:02:43.0446 5848 C:\Windows\System32\gameux.dll - ok
18:02:43.0446 5848 [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\Drivers\39146776.sys
18:02:43.0446 5848 C:\Windows\System32\Drivers\39146776.sys - ok
18:02:43.0462 5848 [ 8620189836543C2A0435BF37C864BCEE ] C:\Windows\System32\twinui.dll
18:02:43.0462 5848 C:\Windows\System32\twinui.dll - ok
18:02:43.0462 5848 [ 70C3B722AE97E6C6A144EC20E5D7C080 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
18:02:43.0462 5848 C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
18:02:43.0462 5848 [ F4BF5F909E33BD8B6C489B0EC58CB0EA ] C:\Program Files\iTunes\iTunesMiniPlayer.dll
18:02:43.0462 5848 C:\Program Files\iTunes\iTunesMiniPlayer.dll - ok
18:02:43.0462 5848 [ EAEF04815B7D64F5759EA17324A8E909 ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll
18:02:43.0462 5848 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\en.lproj\iTunesMiniPlayerLocalized.dll - ok
18:02:43.0462 5848 [ 09D886BA5A4BCC31079A2B12980CCF50 ] C:\Windows\SysWOW64\msi.dll
18:02:43.0462 5848 C:\Windows\SysWOW64\msi.dll - ok
18:02:43.0462 5848 [ 8D50E5EB371B8EE29847185863E1A309 ] C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll
18:02:43.0462 5848 C:\Program Files\iTunes\iTunesMiniPlayer.Resources\iTunesMiniPlayer.dll - ok
18:02:43.0477 5848 [ 475968A048FB44A90AF63F8FA7E6C8BD ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
18:02:43.0477 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
18:02:43.0477 5848 [ 15AC3A854C3DD59DFD11EEE2FF63C79A ] C:\Windows\SysWOW64\riched20.dll
18:02:43.0477 5848 C:\Windows\SysWOW64\riched20.dll - ok
18:02:43.0477 5848 [ C4A6771ABE5F9B2B9B5876175F14E61A ] C:\Windows\SysWOW64\msls31.dll
18:02:43.0477 5848 C:\Windows\SysWOW64\msls31.dll - ok
18:02:43.0477 5848 [ 5F4A80C0313FA9E80CB7285F56D388D2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\92569e1135c02f1fadea705767e6668e\mscorlib.ni.dll
18:02:43.0477 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\92569e1135c02f1fadea705767e6668e\mscorlib.ni.dll - ok
18:02:43.0477 5848 [ 074223C4D8109C016B5864DEBF356BD8 ] C:\Windows\SysWOW64\ExplorerFrame.dll
18:02:43.0477 5848 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
18:02:43.0477 5848 [ FE4D3F3C0F40B9CF957091847704D22E ] C:\Windows\SysWOW64\duser.dll
18:02:43.0477 5848 C:\Windows\SysWOW64\duser.dll - ok
18:02:43.0493 5848 [ FB11241B62F07C9FFE664610E262C528 ] C:\Windows\SysWOW64\dui70.dll
18:02:43.0493 5848 C:\Windows\SysWOW64\dui70.dll - ok
18:02:43.0493 5848 [ AEA052132903B2751391F21555A123EF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
18:02:43.0493 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
18:02:43.0493 5848 [ 321C0FF6DE5AF0E7AAD43A07C1113354 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\a4817edfce7a8811ffd7e291c782cefb\System.Windows.Forms.ni.dll
18:02:43.0493 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\a4817edfce7a8811ffd7e291c782cefb\System.Windows.Forms.ni.dll - ok
18:02:43.0493 5848 [ AC52471DE3FB92963F8B5C8C47B6A408 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\84bc4fed3dcd8b1ce74a9865e7bd4650\System.ni.dll
18:02:43.0493 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\84bc4fed3dcd8b1ce74a9865e7bd4650\System.ni.dll - ok
18:02:43.0493 5848 [ 3042C6671D38AD6D9273289E38D5F141 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\46b259da845285f7ed5db0e8b2f6e604\System.Drawing.ni.dll
18:02:43.0493 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\46b259da845285f7ed5db0e8b2f6e604\System.Drawing.ni.dll - ok
18:02:43.0509 5848 [ FC0F11E0253A58BBA13A31C75C8BC091 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
18:02:43.0509 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
18:02:43.0509 5848 [ 4CE7AD89E343FDD5117067AEBE48A8F7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c55f3367dc9d18da025f8ddff8b3c4f6\System.Xml.ni.dll
18:02:43.0509 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\c55f3367dc9d18da025f8ddff8b3c4f6\System.Xml.ni.dll - ok
18:02:43.0509 5848 [ BD3D0B828D67A55F604599421B5F9042 ] C:\Windows\System32\shfolder.dll
18:02:43.0509 5848 C:\Windows\System32\shfolder.dll - ok
18:02:43.0509 5848 [ EEB7DC84BBE6ADE7D6F497265044389D ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
18:02:43.0509 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
18:02:43.0509 5848 [ 0059112721765C1C850FD7481EA4CB97 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\509da078376dcd9be471d7ac9db6312c\System.Configuration.ni.dll
18:02:43.0509 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\509da078376dcd9be471d7ac9db6312c\System.Configuration.ni.dll - ok
18:02:43.0524 5848 [ 930BB70D42EED950F30CB7C0635F53F6 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
18:02:43.0524 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
18:02:43.0524 5848 [ 9E435BA84F1D0E7A390418581882B330 ] C:\Windows\System32\wbem\wmiprov.dll
18:02:43.0524 5848 C:\Windows\System32\wbem\wmiprov.dll - ok
18:02:43.0524 5848 [ 67CC19E0E43E3378DB7318DBEC1350A7 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
18:02:43.0524 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
18:02:43.0524 5848 [ 57B5D247AED31250CCAE768777B5DF67 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
18:02:43.0524 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
18:02:43.0524 5848 [ 31937F2CA3DF518E2BF55B724A9DD338 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
18:02:43.0524 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
18:02:43.0524 5848 [ C718C805BE49E1F4B995CD7A55B07DEF ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
18:02:43.0524 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
18:02:43.0524 5848 [ 008207A8345B1A1551C360F1F8BC3420 ] C:\Windows\System32\msxml3.dll
18:02:43.0524 5848 C:\Windows\System32\msxml3.dll - ok
18:02:43.0540 5848 [ E9E5A7ACA738438C8F646CDE38ED222A ] C:\Windows\System32\keyiso.dll
18:02:43.0540 5848 C:\Windows\System32\keyiso.dll - ok
18:02:43.0540 5848 [ AE216A0329FAC7804DC4DFEA49254F0D ] C:\Windows\System32\ntshrui.dll
18:02:43.0540 5848 C:\Windows\System32\ntshrui.dll - ok
18:02:43.0540 5848 [ FCD59C405ADFADAC1B0729C580F7F70C ] C:\Windows\System32\wlidprov.dll
18:02:43.0540 5848 C:\Windows\System32\wlidprov.dll - ok
18:02:43.0540 5848 [ 7ECD8DF63A762BDE3F481BC4239FB9AB ] C:\Windows\System32\shdocvw.dll
18:02:43.0540 5848 C:\Windows\System32\shdocvw.dll - ok
18:02:43.0540 5848 [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] C:\Windows\System32\wlidsvc.dll
18:02:43.0540 5848 C:\Windows\System32\wlidsvc.dll - ok
18:02:43.0540 5848 [ 7308CF302FAD17A77A2EB87ACE9185E0 ] C:\Windows\System32\networkexplorer.dll
18:02:43.0540 5848 C:\Windows\System32\networkexplorer.dll - ok
18:02:43.0556 5848 [ 7C953E5667BF195BB8E71066081FE0F3 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\a21a53270da88186f965cb91b4895ef7\Accessibility.ni.dll
18:02:43.0556 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\Accessibility\a21a53270da88186f965cb91b4895ef7\Accessibility.ni.dll - ok
18:02:43.0556 5848 [ E70F241D136B61E5CCA39B9C1A2A591D ] C:\Windows\System32\drprov.dll
18:02:43.0556 5848 C:\Windows\System32\drprov.dll - ok
18:02:43.0556 5848 [ 64E9DC1084B44DA86555DD5729D1357F ] C:\Windows\System32\ntlanman.dll
18:02:43.0556 5848 C:\Windows\System32\ntlanman.dll - ok
18:02:43.0556 5848 [ 67B42C85172B2E3ADB5194E39FF9D000 ] C:\Windows\System32\davclnt.dll
18:02:43.0556 5848 C:\Windows\System32\davclnt.dll - ok
18:02:43.0556 5848 [ 82B7E2AADC7F3DD0F79D7926CE06AE63 ] C:\Windows\System32\davhlpr.dll
18:02:43.0556 5848 C:\Windows\System32\davhlpr.dll - ok
18:02:43.0571 5848 [ 1D2BF8A373546ADA00F09DC7496B86AB ] C:\Windows\System32\wpncore.dll
18:02:43.0571 5848 C:\Windows\System32\wpncore.dll - ok
18:02:43.0571 5848 [ F0814D492176F8A4FD49D852D2AD748E ] C:\Windows\System32\sppc.dll
18:02:43.0571 5848 C:\Windows\System32\sppc.dll - ok
18:02:43.0571 5848 [ 71A488228C040CAF2DF30B8CB09FF5B9 ] C:\Windows\System32\CertPolEng.dll
18:02:43.0571 5848 C:\Windows\System32\CertPolEng.dll - ok
18:02:43.0571 5848 [ 5EFD801A12FB267405B24945012F5E1A ] C:\Windows\System32\linkinfo.dll
18:02:43.0571 5848 C:\Windows\System32\linkinfo.dll - ok
18:02:43.0571 5848 [ 520C138EB08059060D30C92BE5F817FE ] C:\Windows\System32\msiltcfg.dll
18:02:43.0571 5848 C:\Windows\System32\msiltcfg.dll - ok
18:02:43.0571 5848 [ E219BF7BCCFE4881B0C053C7E0B47ECC ] C:\Windows\System32\SystemEventsBrokerServer.dll
18:02:43.0571 5848 C:\Windows\System32\SystemEventsBrokerServer.dll - ok
18:02:43.0571 5848 [ FF4135424A79DCC2998276D8E39C9B4D ] C:\Windows\System32\TimeBrokerServer.dll
18:02:43.0571 5848 C:\Windows\System32\TimeBrokerServer.dll - ok
18:02:43.0587 5848 [ 9C0502C5E747C8011D700DCA681A55A1 ] C:\Windows\System32\ELSCore.dll
18:02:43.0587 5848 C:\Windows\System32\ELSCore.dll - ok
18:02:43.0587 5848 [ 9314C83DE37182685C788FCA3CEC43A4 ] C:\Windows\System32\thumbcache.dll
18:02:43.0587 5848 C:\Windows\System32\thumbcache.dll - ok
18:02:43.0587 5848 [ 75DBBEB3517E41C55A7AC1B1C934FD1B ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b0e18045b0a4a44a2b95e8e0123ce94b\System.Management.ni.dll
18:02:43.0587 5848 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Management\b0e18045b0a4a44a2b95e8e0123ce94b\System.Management.ni.dll - ok
18:02:43.0587 5848 [ 65C31219F85FC0E39A9263F8C144D46A ] C:\Program Files\Windows Media Player\WMPMediaSharing.dll
18:02:43.0587 5848 C:\Program Files\Windows Media Player\WMPMediaSharing.dll - ok
18:02:43.0587 5848 [ FFB1C5477E7E29A115F6E688FB6EF858 ] C:\Windows\System32\wmp.dll
18:02:43.0587 5848 C:\Windows\System32\wmp.dll - ok
18:02:43.0587 5848 [ A0F844B0E9ADACA064B832CAF0AEE338 ] C:\Windows\System32\elsTrans.dll
18:02:43.0587 5848 C:\Windows\System32\elsTrans.dll - ok
18:02:43.0602 5848 [ 4DD66B8118B529EF72A36150BC15DCAB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll
18:02:43.0602 5848 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\WMINet_Utils.dll - ok
18:02:43.0602 5848 [ DCB7509F83B2A2089DBE07DDEDB52017 ] C:\Windows\System32\WinTypes.dll
18:02:43.0602 5848 C:\Windows\System32\WinTypes.dll - ok
18:02:43.0602 5848 [ F6F335A35D54FF8A55D15FA35E0F7671 ] C:\Windows\System32\elslad.dll
18:02:43.0602 5848 C:\Windows\System32\elslad.dll - ok
18:02:43.0602 5848 [ 5ADC4DA684CF0CF42691E4BA85EEABDA ] C:\Windows\System32\wmploc.DLL
18:02:43.0602 5848 C:\Windows\System32\wmploc.DLL - ok
18:02:43.0602 5848 [ 4E6C0D003B381CC109A50794A2F1A222 ] C:\Windows\System32\stobject.dll
18:02:43.0602 5848 C:\Windows\System32\stobject.dll - ok
18:02:43.0602 5848 [ F308F6365D961F07EF2A7B1C19229F6C ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
18:02:43.0602 5848 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
18:02:43.0602 5848 [ D12BEB5E114701442F1FAA92A739E60E ] C:\Windows\System32\prnfldr.dll
18:02:43.0602 5848 C:\Windows\System32\prnfldr.dll - ok
18:02:43.0618 5848 [ 843D5C2D3032631E400E3ACD1F06312E ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
18:02:43.0618 5848 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe - ok
18:02:43.0618 5848 [ DCF3F02F3F039EE4A5C15CCB2BD3A7AE ] C:\Windows\System32\dxtrans.dll
18:02:43.0618 5848 C:\Windows\System32\dxtrans.dll - ok
18:02:43.0618 5848 [ CCC22B35A2A470F642E022AF9EA043AE ] C:\Windows\System32\imgutil.dll
18:02:43.0618 5848 C:\Windows\System32\imgutil.dll - ok
18:02:43.0618 5848 [ 4BAA9A0235BF73FCDC42A9F3E04ABBE8 ] C:\Windows\System32\ddrawex.dll
18:02:43.0618 5848 C:\Windows\System32\ddrawex.dll - ok
18:02:43.0618 5848 [ 638407A6996B1DD4CB7BB979B8C260DE ] C:\Windows\System32\Windows.Networking.Connectivity.dll
18:02:43.0618 5848 C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
18:02:43.0618 5848 [ 48067CB53E31B98A394CB12024F26D1B ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
18:02:43.0618 5848 C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
18:02:43.0634 5848 [ 3145C77D8CFED3DF2E1D109A13B676A2 ] C:\Windows\System32\ddraw.dll
18:02:43.0634 5848 C:\Windows\System32\ddraw.dll - ok
18:02:43.0634 5848 [ 25CB2CC6F974CCC7B4B882714D69CC7D ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll
18:02:43.0634 5848 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll - ok
18:02:43.0634 5848 [ 44F388C294370B255F7EB751939BD6E3 ] C:\Windows\System32\wpnprv.dll
18:02:43.0634 5848 C:\Windows\System32\wpnprv.dll - ok
18:02:43.0634 5848 [ 2CAC5C2B89FEB2497D78DBC3F8D25C65 ] C:\Windows\System32\dciman32.dll
18:02:43.0634 5848 C:\Windows\System32\dciman32.dll - ok
18:02:43.0634 5848 [ 5F59C3E414CC8A05FFB4D86FFCB13CD4 ] C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
18:02:43.0634 5848 C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll - ok
18:02:43.0634 5848 [ 907C4782AA98A587EAA50D830FFC246C ] C:\Windows\System32\DeviceSetupManagerAPI.dll

18:02:43.0634 5848 C:\Windows\System32\DeviceSetupManagerAPI.dll - ok
18:02:43.0649 5848 [ D59D2375484BDC431306E21DAC4FA47F ] C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll
18:02:43.0649 5848 C:\Program Files\NVIDIA Corporation\Update Common\EasyDaemonAPIU64.dll - ok
18:02:43.0649 5848 [ 83A075C07425E84ACC6687FFF7126930 ] C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll
18:02:43.0649 5848 C:\Windows\System32\Windows.Networking.Sockets.PushEnabledApplication.dll - ok
18:02:43.0649 5848 [ 22B215ED657914C6611EE9926A31E655 ] C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll
18:02:43.0649 5848 C:\Program Files\NVIDIA Corporation\Update Common\NvUpdtr.dll - ok
18:02:43.0649 5848 [ 043B150DA8B3559BD7AE701D3496D232 ] C:\Windows\System32\DXP.dll
18:02:43.0649 5848 C:\Windows\System32\DXP.dll - ok
18:02:43.0649 5848 [ F6A6AE3284C17A04C3B4F802D347E3AB ] C:\Windows\System32\pngfilt.dll
18:02:43.0649 5848 C:\Windows\System32\pngfilt.dll - ok
18:02:43.0649 5848 [ CE0BD323EB9BDFD140271E550CBA4111 ] C:\Windows\System32\TimeBrokerClient.dll
18:02:43.0649 5848 C:\Windows\System32\TimeBrokerClient.dll - ok
18:02:43.0665 5848 [ 5A5E57A0E1D3674AE9ADBC9CAD80428D ] C:\Windows\System32\Syncreg.dll
18:02:43.0665 5848 C:\Windows\System32\Syncreg.dll - ok
18:02:43.0665 5848 [ F7C576B31DD1D18E8C45A43AE807C5F5 ] C:\Windows\System32\ThumbnailExtractionHost.exe
18:02:43.0665 5848 C:\Windows\System32\ThumbnailExtractionHost.exe - ok
18:02:43.0665 5848 [ 259C9486E06C16BF1BC36CAE784FDFDE ] C:\Windows\System32\WWanAPI.dll
18:02:43.0665 5848 C:\Windows\System32\WWanAPI.dll - ok
18:02:43.0665 5848 [ DC12FF4A1B00CAE279D5744F36B74873 ] C:\Windows\System32\wwapi.dll
18:02:43.0665 5848 C:\Windows\System32\wwapi.dll - ok
18:02:43.0665 5848 [ 56C91F36ADE867F0EDFE0BC6179AC2BC ] C:\Windows\System32\WPDShServiceObj.dll
18:02:43.0665 5848 C:\Windows\System32\WPDShServiceObj.dll - ok
18:02:43.0665 5848 [ AC89ADD10CDAC8D5647928FBE5B94621 ] C:\Windows\System32\PortableDeviceTypes.dll
18:02:43.0665 5848 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:02:43.0681 5848 [ B5198D9837E0EC371EF0D3F5BE423C61 ] C:\Windows\System32\SettingMonitor.dll
18:02:43.0681 5848 C:\Windows\System32\SettingMonitor.dll - ok
18:02:43.0681 5848 [ 4681211F6D66604F34646FA6EB84D989 ] C:\Program Files\Windows Portable Devices\sqmapi.dll
18:02:43.0681 5848 C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
18:02:43.0681 5848 [ 7CEE52B25CA677E5B62DC00E3BD3BBCE ] C:\Windows\System32\ActionCenter.dll
18:02:43.0681 5848 C:\Windows\System32\ActionCenter.dll - ok
18:02:43.0681 5848 [ 797119E1F2752761610CDAA02CC472A3 ] C:\Windows\System32\IME\SHARED\IMEROAMING.DLL
18:02:43.0681 5848 C:\Windows\System32\IME\SHARED\IMEROAMING.DLL - ok
18:02:43.0681 5848 [ 360609B4B55380EFD8F862B4B482576E ] C:\Windows\System32\SearchFolder.dll
18:02:43.0681 5848 C:\Windows\System32\SearchFolder.dll - ok
18:02:43.0681 5848 [ AAB25C7F73532849DE843C563BADA8CF ] C:\Windows\System32\PackageStateRoaming.dll
18:02:43.0681 5848 C:\Windows\System32\PackageStateRoaming.dll - ok
18:02:43.0696 5848 [ 60996602A7111FD2D086E803F33E4282 ] C:\Windows\System32\Drivers\fastfat.sys
18:02:43.0696 5848 C:\Windows\System32\Drivers\fastfat.sys - ok
18:02:43.0696 5848 [ D86F25F0AD6CA6E77A9F67641EEB6722 ] C:\Program Files\Internet Explorer\sqmapi.dll
18:02:43.0696 5848 C:\Program Files\Internet Explorer\sqmapi.dll - ok
18:02:43.0696 5848 [ 923260FAA0F64A90FA63F7EAC08881AF ] C:\Windows\System32\AltTab.dll
18:02:43.0696 5848 C:\Windows\System32\AltTab.dll - ok
18:02:43.0696 5848 [ A084CB0B1898CE603EEF210DF7C13C2D ] C:\Windows\System32\pnidui.dll
18:02:43.0696 5848 C:\Windows\System32\pnidui.dll - ok
18:02:43.0696 5848 [ 4B5A42E0FDD2012B6940CC14F447E8D8 ] C:\Windows\System32\NcaApi.dll
18:02:43.0696 5848 C:\Windows\System32\NcaApi.dll - ok
18:02:43.0696 5848 [ AAA384C8F6412103973518D60FCEAAD0 ] C:\Windows\System32\bthprops.cpl
18:02:43.0696 5848 C:\Windows\System32\bthprops.cpl - ok
18:02:43.0712 5848 [ 7CEC524B7062EE51D2700E45E3636911 ] C:\Windows\System32\cscui.dll
18:02:43.0712 5848 C:\Windows\System32\cscui.dll - ok
18:02:43.0712 5848 [ 7AC09E3DF4AE2710FC033531FE5D7402 ] C:\Windows\System32\cscdll.dll
18:02:43.0712 5848 C:\Windows\System32\cscdll.dll - ok
18:02:43.0712 5848 [ 8BC6586331EFED05777327C37376177E ] C:\Windows\System32\cscobj.dll
18:02:43.0712 5848 C:\Windows\System32\cscobj.dll - ok
18:02:43.0712 5848 [ 0208CAE5E09FA01DA2649702AE9616F6 ] C:\Windows\System32\srchadmin.dll
18:02:43.0712 5848 C:\Windows\System32\srchadmin.dll - ok
18:02:43.0712 5848 [ E7BE2296105069DA0C8F9206F070C6EF ] C:\Windows\System32\SearchIndexer.exe
18:02:43.0712 5848 C:\Windows\System32\SearchIndexer.exe - ok
18:02:43.0712 5848 [ D9309C43C47D40315585871D9C6FED3C ] C:\Windows\System32\tquery.dll
18:02:43.0712 5848 C:\Windows\System32\tquery.dll - ok
18:02:43.0727 5848 [ 78E10345A0A592BDDACFB40EB8444B5B ] C:\Windows\System32\mssrch.dll
18:02:43.0727 5848 C:\Windows\System32\mssrch.dll - ok
18:02:43.0727 5848 [ C3C9A444FA26DB4B993AE3DA6C3DD683 ] C:\Windows\System32\mssprxy.dll
18:02:43.0727 5848 C:\Windows\System32\mssprxy.dll - ok
18:02:43.0727 5848 [ 7C3B449F661D99A9B1033A14033D2987 ] C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x64__8wekyb3d8bbwe\msvcr110.dll
18:02:43.0727 5848 C:\Program Files\WindowsApps\Microsoft.VCLibs.110.00_11.0.51106.1_x64__8wekyb3d8bbwe\msvcr110.dll - ok
18:02:43.0727 5848 [ EB003CF63697C3B6AFA9CF769759A5B2 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\wllog.dll
18:02:43.0727 5848 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\wllog.dll - ok
18:02:43.0727 5848 [ F98FAED087C12A4D94D6ECDA0618C918 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.Service.dll
18:02:43.0727 5848 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.Service.dll - ok
18:02:43.0727 5848 [ CB7242A05FFD365BBBBE102D24786DEE ] C:\Windows\System32\Windows.Storage.ApplicationData.dll
18:02:43.0727 5848 C:\Windows\System32\Windows.Storage.ApplicationData.dll - ok
18:02:43.0743 5848 [ D240CBB72679D6B4B5B07619F0A07F06 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\shared\bici.dll
18:02:43.0743 5848 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\shared\bici.dll - ok
18:02:43.0743 5848 [ 3E4CC1E808A0FC8F487036349F4E6810 ] C:\Windows\System32\threadpoolwinrt.dll
18:02:43.0743 5848 C:\Windows\System32\threadpoolwinrt.dll - ok
18:02:43.0743 5848 [ 797769FC191B03A01661CB5F855CFD30 ] C:\Windows\System32\biwinrt.dll
18:02:43.0743 5848 C:\Windows\System32\biwinrt.dll - ok
18:02:43.0743 5848 [ 924DAF97890A77590835B83E53CEC382 ] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.dll
18:02:43.0743 5848 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\Microsoft.WindowsLive.Platform.dll - ok
18:02:43.0743 5848 [ E893246F1276ED4727A8F3307B75CBA6 ] C:\Windows\System32\Utilman.exe
18:02:43.0743 5848 C:\Windows\System32\Utilman.exe - ok
18:02:43.0743 5848 [ 16B0D0C1D0CFDB8F5F3DE9849487B509 ] C:\Windows\System32\SyncCenter.dll
18:02:43.0743 5848 C:\Windows\System32\SyncCenter.dll - ok
18:02:43.0759 5848 [ D598C44A7072D3108D8D8102EC5E07F7 ] C:\Windows\System32\qmgr.dll
18:02:43.0759 5848 C:\Windows\System32\qmgr.dll - ok
18:02:43.0759 5848 [ 805AD714EF4126BE2D2390D446CA4280 ] C:\Windows\System32\imapi2.dll
18:02:43.0759 5848 C:\Windows\System32\imapi2.dll - ok
18:02:43.0759 5848 [ 7CD252214BC8C4004FB0814B1DBB1E0F ] C:\Windows\System32\bitsperf.dll
18:02:43.0759 5848 C:\Windows\System32\bitsperf.dll - ok
18:02:43.0759 5848 [ 357CA105C57C860526342C3F35A7C4E6 ] C:\Windows\System32\bitsigd.dll
18:02:43.0759 5848 C:\Windows\System32\bitsigd.dll - ok
18:02:43.0774 5848 [ E9B9C28A237D8FEF1FCD2C0D08E7D3C4 ] C:\Windows\System32\upnp.dll
18:02:43.0774 5848 C:\Windows\System32\upnp.dll - ok
18:02:43.0774 5848 [ B24AA0AC52483A412107B5B246A1C427 ] C:\Windows\System32\qmgrprxy.dll
18:02:43.0774 5848 C:\Windows\System32\qmgrprxy.dll - ok
18:02:43.0774 5848 [ B16BA8C18B51D0FDF120B1ED4E07C399 ] C:\Windows\System32\hgcpl.dll
18:02:43.0774 5848 C:\Windows\System32\hgcpl.dll - ok
18:02:43.0774 5848 [ 4A62D39EFBD3AA5E7ECE5E0082B32DA1 ] C:\Windows\System32\bitsprx7.dll
18:02:43.0774 5848 C:\Windows\System32\bitsprx7.dll - ok
18:02:43.0774 5848 [ 066FCDCBFF294CFD6B8F74863DDA72EC ] C:\Windows\System32\bitsprx5.dll
18:02:43.0774 5848 C:\Windows\System32\bitsprx5.dll - ok
18:02:43.0774 5848 [ 9C5C6526AA212D84EB1A291DE63ED4EE ] C:\Windows\System32\bitsprx3.dll
18:02:43.0774 5848 C:\Windows\System32\bitsprx3.dll - ok
18:02:43.0790 5848 [ F3F9FB5F953B2DEB36565F8EEB35784F ] C:\Windows\System32\bitsprx2.dll
18:02:43.0790 5848 C:\Windows\System32\bitsprx2.dll - ok
18:02:43.0790 5848 [ 5F0849B64B014098A84813D6653009A8 ] C:\Windows\System32\bitsprx6.dll
18:02:43.0790 5848 C:\Windows\System32\bitsprx6.dll - ok
18:02:43.0790 5848 [ CF4657A43B56ED26875C26DFE698DCCB ] C:\Windows\System32\SearchProtocolHost.exe
18:02:43.0790 5848 C:\Windows\System32\SearchProtocolHost.exe - ok
18:02:43.0790 5848 [ 9AFF71FCC5424D72DB0E2D3E4804ABF0 ] C:\Windows\System32\apprepapi.dll
18:02:43.0790 5848 C:\Windows\System32\apprepapi.dll - ok
18:02:43.0790 5848 [ 255F0624A5A33EBB0FC545BDD2A9CB36 ] C:\Windows\System32\msshooks.dll
18:02:43.0790 5848 C:\Windows\System32\msshooks.dll - ok
18:02:43.0790 5848 [ EC65798B20CF6B9D9581B0F896A72AB2 ] C:\Windows\System32\SearchFilterHost.exe
18:02:43.0790 5848 C:\Windows\System32\SearchFilterHost.exe - ok
18:02:43.0806 5848 [ 0D549EF461685EC23BB111CDAE7A91AE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
18:02:43.0806 5848 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
18:02:43.0806 5848 [ 2EBA0464A93CA18F50269DC10CEB3CFE ] C:\Windows\System32\mssph.dll
18:02:43.0806 5848 C:\Windows\System32\mssph.dll - ok
18:02:43.0806 5848 [ 94E6DF548F95C6E25F3B9F2A3DDC6900 ] C:\Windows\System32\SynCOM.dll
18:02:43.0806 5848 C:\Windows\System32\SynCOM.dll - ok
18:02:43.0806 5848 [ 18569B47009922690E7CBD249C176B7F ] C:\Windows\System32\SynTPAPI.dll
18:02:43.0806 5848 C:\Windows\System32\SynTPAPI.dll - ok
18:02:43.0806 5848 ============================================================
18:02:43.0806 5848 Scan finished
18:02:43.0806 5848 ============================================================
18:02:43.0821 6020 Detected object count: 0
18:02:43.0821 6020 Actual detected object count: 0

#13 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 03 February 2013 - 12:06 AM

Attached File  roguekiller.JPG   76.87KB   1 downloadsFinally!! I got rogue killer to find something but then it stopped.

#14 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 03 February 2013 - 12:06 AM

Attached File  roguekiller.JPG   76.87KB   1 downloadsFinally!! I got rogue killer to find something but then it stopped.

#15 michael_brancato

michael_brancato
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago
  • Local time:12:38 AM

Posted 03 February 2013 - 12:06 AM

Attached File  roguekiller.JPG   76.87KB   1 downloadsFinally!! I got rogue killer to find something but then it stopped.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users