Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Videos take too long to stream and some programs are crashing


  • Please log in to reply
29 replies to this topic

#1 Fementality

Fementality

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 19 February 2013 - 05:34 PM

 I clicked on a website that gave me multiple viruses last week. Malwarebytes picked up about 23 counts of malware when I scanned my computer. Ever since then Hack Shield Pro (a program used with my online game) crashes, Razor Game Booster crashes, and videos take forever to stream. The error I receive when I try to load the game up is this: "[H:06] An Error occured in the hackshield prevention feature. (Error code = 204)," followed by the "H:17 Hackshield could not be activated properly." I have looked this error up online to try and troubleshoot it vy myself and none of the solutions work. However, I believe there is something blocking it from loading (its not an antivirus program blocking it by the way).  I would also like to mention that I have been in contact with the Tech Support team for the online game I play but so far none of their solutions are working. In addition to this, I have done multiple scans since then and Malwarebytes is not picking anything else up. I am starting to believe my system may still be infected. Please help at your earliest convenience I think I am still infected.



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 PM

Posted 19 February 2013 - 08:31 PM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results


 



#3 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 07:55 AM

C:\Downloads\unlocker-setup.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files (x86)\BrowseToSave\sprotector.dll a variant of Win32/SProtector.A application cleaned by deleting (after the next restart) - quarantined
C:\ProgramData\Browse2save\511f21c7532a7.dll a variant of Win32/Adware.MultiPlug.I application cleaned by deleting (after the next restart) - quarantined
C:\Users\AmaniArk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmmoeiofdfffafogjgcdikphkckahhje\1\511f21c75308e8.95360789.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\AmaniArk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\1a45a95f-17324956 multiple threats deleted - quarantined
C:\Users\AmaniArk\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\4b24f07c-63e7bbfa multiple threats deleted - quarantined
 



#4 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 07:56 AM

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-19 21:14:22
-----------------------------
21:14:22.235    OS Version: Windows x64 6.1.7601 Service Pack 1
21:14:22.235    Number of processors: 4 586 0x2502
21:14:22.235    ComputerName: AMANIARK-PC  UserName: AmaniArk
21:14:22.360    Initialze error C0000001 - driver not loaded
21:15:04.931    AVAST engine defs: 13021902
21:16:06.507    Service scanning
21:16:07.147    Modules scanning
21:16:07.147    Disk 0 trace - called modules:
21:16:07.147   
21:16:07.187    AVAST engine scan C:\Windows
21:16:07.227    AVAST engine scan C:\Windows\system32
21:16:07.287    AVAST engine scan C:\Windows\system32\drivers
21:16:07.307    AVAST engine scan C:\Users\AmaniArk
21:16:07.327    AVAST engine scan C:\ProgramData
21:16:07.337    Scan finished successfully
21:17:31.807    The log file has been saved successfully to "C:\Users\AmaniArk\Desktop\aswMBR.txt"


 



#5 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 07:59 AM

The TDSKiller log is very long and it's having issues posting it on here but I will try to break it up



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 PM

Posted 20 February 2013 - 08:00 AM

You can post the last few lines of log alone.



#7 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 08:03 AM

21:06:05.0616 4224  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:06:05.0975 4224  ============================================================
21:06:05.0975 4224  Current date / time: 2013/02/19 21:06:05.0975
21:06:05.0975 4224  SystemInfo:
21:06:05.0975 4224 
21:06:05.0975 4224  OS Version: 6.1.7601 ServicePack: 1.0
21:06:05.0975 4224  Product type: Workstation
21:06:05.0975 4224  ComputerName: AMANIARK-PC
21:06:05.0975 4224  UserName: AmaniArk
21:06:05.0975 4224  Windows directory: C:\Windows
21:06:05.0975 4224  System windows directory: C:\Windows
21:06:05.0975 4224  Running under WOW64
21:06:05.0975 4224  Processor architecture: Intel x64
21:06:05.0975 4224  Number of processors: 4
21:06:05.0975 4224  Page size: 0x1000
21:06:05.0975 4224  Boot type: Normal boot
21:06:05.0975 4224  ============================================================
21:06:07.0707 4224  BG loaded
21:06:09.0033 4224  !crdlk
21:06:09.0048 4224  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
21:06:09.0064 4224  ============================================================
21:06:09.0064 4224  \Device\Harddisk0\DR0:
21:06:09.0064 4224  MBR partitions:
21:06:09.0064 4224  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
21:06:09.0064 4224  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x37D67000
21:06:09.0064 4224  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37DCB000, BlocksNum 0x2587000
21:06:09.0064 4224  ============================================================
21:06:09.0080 4224  C: <-> \Device\Harddisk0\DR0\Partition2
21:06:09.0126 4224  D: <-> \Device\Harddisk0\DR0\Partition3
21:06:09.0126 4224  ============================================================
21:06:09.0126 4224  Initialize success
21:06:09.0126 4224  ============================================================
21:06:17.0753 4276  ============================================================
21:06:17.0753 4276  Scan started
21:06:17.0753 4276  Mode: Manual; TDLFS;
21:06:17.0753 4276  ============================================================
21:06:17.0940 4276  ================ Scan system memory ========================
21:06:17.0940 4276  System memory - ok
21:06:17.0940 4276  ================ Scan services =============================
21:06:18.0221 4276  [ F146E2BA475893DD77B2370DC1211FC6 ] 01745425        C:\Windows\system32\drivers\04685384.sys
21:06:18.0237 4276  01745425 - ok
21:06:18.0284 4276  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:06:18.0284 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\1394ohci.sys. md5: A87D604AEA360176311474C87A63BB88
21:06:18.0330 4276  1394ohci ( LockedFile.Multi.Generic ) - warning
21:06:18.0330 4276  1394ohci - detected LockedFile.Multi.Generic (1)
21:06:18.0330 4276  Suspicious service (NoAccess): 4b979cd4a5f87389
21:06:18.0393 4276  [ B69D17DF03E4D8726AB1266E6F67463F ] 4b979cd4a5f87389 C:\Windows\System32\Drivers\4b979cd4a5f87389.sys
21:06:18.0393 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\4b979cd4a5f87389.sys. md5: B69D17DF03E4D8726AB1266E6F67463F
21:06:18.0486 4276  4b979cd4a5f87389 ( Rootkit.Win32.Necurs.gen ) - infected
21:06:18.0486 4276  4b979cd4a5f87389 - detected Rootkit.Win32.Necurs.gen (0)
21:06:18.0533 4276  [ 1CFFE9C06E66A57DAE1452E449A58240 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
21:06:18.0533 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Accelerometer.sys. md5: 1CFFE9C06E66A57DAE1452E449A58240
21:06:18.0564 4276  Accelerometer ( LockedFile.Multi.Generic ) - warning
21:06:18.0564 4276  Accelerometer - detected LockedFile.Multi.Generic (1)
21:06:18.0611 4276  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:06:18.0611 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ACPI.sys. md5: D81D9E70B8A6DD14D42D7B4EFA65D5F2
21:06:18.0627 4276  ACPI ( LockedFile.Multi.Generic ) - warning
21:06:18.0627 4276  ACPI - detected LockedFile.Multi.Generic (1)
21:06:18.0658 4276  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:06:18.0658 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\acpipmi.sys. md5: 99F8E788246D495CE3794D7E7821D2CA
21:06:18.0658 4276  AcpiPmi ( LockedFile.Multi.Generic ) - warning
21:06:18.0658 4276  AcpiPmi - detected LockedFile.Multi.Generic (1)
21:06:18.0767 4276  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:06:18.0783 4276  AdobeFlashPlayerUpdateSvc - ok
21:06:18.0830 4276  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:06:18.0830 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\adp94xx.sys. md5: 2F6B34B83843F0C5118B63AC634F5BF4
21:06:18.0861 4276  adp94xx ( LockedFile.Multi.Generic ) - warning
21:06:18.0861 4276  adp94xx - detected LockedFile.Multi.Generic (1)
21:06:18.0876 4276  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:06:18.0876 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\adpahci.sys. md5: 597F78224EE9224EA1A13D6350CED962
21:06:18.0892 4276  adpahci ( LockedFile.Multi.Generic ) - warning
21:06:18.0892 4276  adpahci - detected LockedFile.Multi.Generic (1)
21:06:18.0923 4276  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:06:18.0923 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\adpu320.sys. md5: E109549C90F62FB570B9540C4B148E54
21:06:18.0923 4276  adpu320 ( LockedFile.Multi.Generic ) - warning
21:06:18.0923 4276  adpu320 - detected LockedFile.Multi.Generic (1)
21:06:18.0986 4276  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:06:18.0986 4276  AeLookupSvc - ok
21:06:19.0079 4276  [ A6FB9DB8F1A86861D955FD6975977AE0 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
21:06:19.0095 4276  AESTFilters - ok
21:06:19.0142 4276  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
21:06:19.0142 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\afd.sys. md5: 1C7857B62DE5994A75B054A9FD4C3825
21:06:19.0142 4276  AFD ( LockedFile.Multi.Generic ) - warning
21:06:19.0142 4276  AFD - detected LockedFile.Multi.Generic (1)
21:06:19.0204 4276  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:06:19.0204 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\agrsm64.sys. md5: 98022774D9930ECBB292E70DB7601DF6
21:06:19.0251 4276  AgereSoftModem ( LockedFile.Multi.Generic ) - warning
21:06:19.0251 4276  AgereSoftModem - detected LockedFile.Multi.Generic (1)
21:06:19.0298 4276  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:06:19.0298 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\agp440.sys. md5: 608C14DBA7299D8CB6ED035A68A15799
21:06:19.0313 4276  agp440 ( LockedFile.Multi.Generic ) - warning
21:06:19.0313 4276  agp440 - detected LockedFile.Multi.Generic (1)
21:06:19.0344 4276  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
21:06:19.0360 4276  ALG - ok
21:06:19.0391 4276  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:06:19.0391 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\aliide.sys. md5: 5812713A477A3AD7363C7438CA2EE038
21:06:19.0391 4276  aliide ( LockedFile.Multi.Generic ) - warning
21:06:19.0391 4276  aliide - detected LockedFile.Multi.Generic (1)
21:06:19.0407 4276  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
21:06:19.0407 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\amdide.sys. md5: 1FF8B4431C353CE385C875F194924C0C
21:06:19.0422 4276  amdide ( LockedFile.Multi.Generic ) - warning
21:06:19.0422 4276  amdide - detected LockedFile.Multi.Generic (1)
21:06:19.0469 4276  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:06:19.0469 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\amdk8.sys. md5: 7024F087CFF1833A806193EF9D22CDA9
21:06:19.0469 4276  AmdK8 ( LockedFile.Multi.Generic ) - warning
21:06:19.0469 4276  AmdK8 - detected LockedFile.Multi.Generic (1)
21:06:19.0500 4276  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:06:19.0500 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\amdppm.sys. md5: 1E56388B3FE0D031C44144EB8C4D6217
21:06:19.0500 4276  AmdPPM ( LockedFile.Multi.Generic ) - warning
21:06:19.0500 4276  AmdPPM - detected LockedFile.Multi.Generic (1)
21:06:19.0563 4276  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:06:19.0563 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\amdsata.sys. md5: D4121AE6D0C0E7E13AA221AA57EF2D49
21:06:19.0563 4276  amdsata ( LockedFile.Multi.Generic ) - warning
21:06:19.0578 4276  amdsata - detected LockedFile.Multi.Generic (1)
21:06:19.0610 4276  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:06:19.0610 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\amdsbs.sys. md5: F67F933E79241ED32FF46A4F29B5120B
21:06:19.0610 4276  amdsbs ( LockedFile.Multi.Generic ) - warning
21:06:19.0610 4276  amdsbs - detected LockedFile.Multi.Generic (1)
21:06:19.0641 4276  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:06:19.0641 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\amdxata.sys. md5: 540DAF1CEA6094886D72126FD7C33048
21:06:19.0688 4276  amdxata ( LockedFile.Multi.Generic ) - warning
21:06:19.0688 4276  amdxata - detected LockedFile.Multi.Generic (1)
21:06:19.0719 4276  [ 05F1A0A81A98CF27E3F028213FB6C36A ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
21:06:19.0719 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Apfiltr.sys. md5: 05F1A0A81A98CF27E3F028213FB6C36A
21:06:19.0719 4276  ApfiltrService ( LockedFile.Multi.Generic ) - warning
21:06:19.0719 4276  ApfiltrService - detected LockedFile.Multi.Generic (1)
21:06:19.0781 4276  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
21:06:19.0781 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\appid.sys. md5: 89A69C3F2F319B43379399547526D952
21:06:19.0797 4276  AppID ( LockedFile.Multi.Generic ) - warning
21:06:19.0797 4276  AppID - detected LockedFile.Multi.Generic (1)
21:06:19.0844 4276  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:06:19.0859 4276  AppIDSvc - ok
21:06:19.0922 4276  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
21:06:19.0922 4276  Appinfo - ok
21:06:20.0031 4276  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:06:20.0031 4276  Apple Mobile Device - ok
21:06:20.0078 4276  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:06:20.0078 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\arc.sys. md5: C484F8CEB1717C540242531DB7845C4E
21:06:20.0093 4276  arc ( LockedFile.Multi.Generic ) - warning
21:06:20.0093 4276  arc - detected LockedFile.Multi.Generic (1)
21:06:20.0124 4276  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:06:20.0124 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\arcsas.sys. md5: 019AF6924AEFE7839F61C830227FE79C
21:06:20.0124 4276  arcsas ( LockedFile.Multi.Generic ) - warning
21:06:20.0124 4276  arcsas - detected LockedFile.Multi.Generic (1)
21:06:20.0156 4276  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:06:20.0156 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\asyncmac.sys. md5: 769765CE2CC62867468CEA93969B2242
21:06:20.0171 4276  AsyncMac ( LockedFile.Multi.Generic ) - warning
21:06:20.0171 4276  AsyncMac - detected LockedFile.Multi.Generic (1)
21:06:20.0218 4276  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
21:06:20.0218 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\atapi.sys. md5: 02062C0B390B7729EDC9E69C680A6F3C
21:06:20.0218 4276  atapi ( LockedFile.Multi.Generic ) - warning
21:06:20.0218 4276  atapi - detected LockedFile.Multi.Generic (1)
21:06:20.0296 4276  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
21:06:20.0296 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\athrx.sys. md5: 0ACC06FCF46F64ED4F11E57EE461C1F4
21:06:20.0312 4276  athr ( LockedFile.Multi.Generic ) - warning
21:06:20.0312 4276  athr - detected LockedFile.Multi.Generic (1)
21:06:20.0374 4276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:06:20.0390 4276  AudioEndpointBuilder - ok
21:06:20.0436 4276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:06:20.0436 4276  AudioSrv - ok
21:06:20.0514 4276  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:06:20.0514 4276  AxInstSV - ok
21:06:20.0577 4276  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:06:20.0577 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bxvbda.sys. md5: 3E5B191307609F7514148C6832BB0842
21:06:20.0577 4276  b06bdrv ( LockedFile.Multi.Generic ) - warning
21:06:20.0577 4276  b06bdrv - detected LockedFile.Multi.Generic (1)
21:06:20.0608 4276  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:06:20.0608 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\b57nd60a.sys. md5: B5ACE6968304A3900EEB1EBFD9622DF2
21:06:20.0624 4276  b57nd60a ( LockedFile.Multi.Generic ) - warning
21:06:20.0624 4276  b57nd60a - detected LockedFile.Multi.Generic (1)
21:06:20.0670 4276  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:06:20.0686 4276  BDESVC - ok
21:06:20.0717 4276  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:06:20.0717 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Beep.sys. md5: 16A47CE2DECC9B099349A5F840654746
21:06:20.0717 4276  Beep ( LockedFile.Multi.Generic ) - warning
21:06:20.0717 4276  Beep - detected LockedFile.Multi.Generic (1)
21:06:20.0780 4276  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
21:06:20.0795 4276  BFE - ok
21:06:20.0889 4276  BITCOMET_HELPER_SERVICE - ok
21:06:20.0967 4276  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
21:06:20.0967 4276  BITS - ok
21:06:21.0014 4276  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:06:21.0014 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\blbdrive.sys. md5: 61583EE3C3A17003C4ACD0475646B4D3
21:06:21.0029 4276  blbdrive ( LockedFile.Multi.Generic ) - warning
21:06:21.0029 4276  blbdrive - detected LockedFile.Multi.Generic (1)
21:06:21.0076 4276  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:06:21.0092 4276  Bonjour Service - ok
21:06:21.0154 4276  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:06:21.0154 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bowser.sys. md5: 6C02A83164F5CC0A262F4199F0871CF5
21:06:21.0170 4276  bowser ( LockedFile.Multi.Generic ) - warning
21:06:21.0170 4276  bowser - detected LockedFile.Multi.Generic (1)
21:06:21.0201 4276  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:06:21.0201 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\BrFiltLo.sys. md5: F09EEE9EDC320B5E1501F749FDE686C8
21:06:21.0216 4276  BrFiltLo ( LockedFile.Multi.Generic ) - warning
21:06:21.0216 4276  BrFiltLo - detected LockedFile.Multi.Generic (1)
21:06:21.0248 4276  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:06:21.0248 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\BrFiltUp.sys. md5: B114D3098E9BDB8BEA8B053685831BE6
21:06:21.0263 4276  BrFiltUp ( LockedFile.Multi.Generic ) - warning
21:06:21.0263 4276  BrFiltUp - detected LockedFile.Multi.Generic (1)
21:06:21.0294 4276  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
21:06:21.0294 4276  Browser - ok
21:06:21.0341 4276  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:06:21.0341 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\Brserid.sys. md5: 43BEA8D483BF1870F018E2D02E06A5BD
21:06:21.0341 4276  Brserid ( LockedFile.Multi.Generic ) - warning
21:06:21.0341 4276  Brserid - detected LockedFile.Multi.Generic (1)
21:06:21.0372 4276  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:06:21.0372 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrSerWdm.sys. md5: A6ECA2151B08A09CACECA35C07F05B42
21:06:21.0372 4276  BrSerWdm ( LockedFile.Multi.Generic ) - warning
21:06:21.0372 4276  BrSerWdm - detected LockedFile.Multi.Generic (1)
21:06:21.0404 4276  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:06:21.0404 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrUsbMdm.sys. md5: B79968002C277E869CF38BD22CD61524
21:06:21.0404 4276  BrUsbMdm ( LockedFile.Multi.Generic ) - warning
21:06:21.0404 4276  BrUsbMdm - detected LockedFile.Multi.Generic (1)
21:06:21.0435 4276  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:06:21.0435 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\BrUsbSer.sys. md5: A87528880231C54E75EA7A44943B38BF
21:06:21.0435 4276  BrUsbSer ( LockedFile.Multi.Generic ) - warning
21:06:21.0435 4276  BrUsbSer - detected LockedFile.Multi.Generic (1)
21:06:21.0466 4276  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:06:21.0466 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\bthmodem.sys. md5: 9DA669F11D1F894AB4EB69BF546A42E8
21:06:21.0466 4276  BTHMODEM ( LockedFile.Multi.Generic ) - warning
21:06:21.0466 4276  BTHMODEM - detected LockedFile.Multi.Generic (1)
21:06:21.0544 4276  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
21:06:21.0544 4276  bthserv - ok
21:06:21.0591 4276  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:06:21.0591 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\cdfs.sys. md5: B8BD2BB284668C84865658C77574381A
21:06:21.0591 4276  cdfs ( LockedFile.Multi.Generic ) - warning
21:06:21.0591 4276  cdfs - detected LockedFile.Multi.Generic (1)
21:06:21.0669 4276  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:06:21.0669 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\cdrom.sys. md5: F036CE71586E93D94DAB220D7BDF4416
21:06:21.0700 4276  cdrom ( LockedFile.Multi.Generic ) - warning
21:06:21.0700 4276  cdrom - detected LockedFile.Multi.Generic (1)
21:06:21.0747 4276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
21:06:21.0747 4276  CertPropSvc - ok
21:06:21.0794 4276  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:06:21.0794 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\circlass.sys. md5: D7CD5C4E1B71FA62050515314CFB52CF
21:06:21.0809 4276  circlass ( LockedFile.Multi.Generic ) - warning
21:06:21.0809 4276  circlass - detected LockedFile.Multi.Generic (1)
21:06:21.0856 4276  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
21:06:21.0856 4276  Suspicious file (NoAccess): C:\Windows\system32\CLFS.sys. md5: FE1EC06F2253F691FE36217C592A0206
21:06:21.0856 4276  CLFS ( LockedFile.Multi.Generic ) - warning
21:06:21.0856 4276  CLFS - detected LockedFile.Multi.Generic (1)
21:06:21.0934 4276  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:06:21.0934 4276  clr_optimization_v2.0.50727_32 - ok
21:06:21.0981 4276  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:06:21.0981 4276  clr_optimization_v2.0.50727_64 - ok
21:06:22.0074 4276  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:06:22.0090 4276  clr_optimization_v4.0.30319_32 - ok
21:06:22.0152 4276  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:06:22.0152 4276  clr_optimization_v4.0.30319_64 - ok
21:06:22.0215 4276  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:06:22.0215 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\CmBatt.sys. md5: 0840155D0BDDF1190F84A663C284BD33
21:06:22.0230 4276  CmBatt ( LockedFile.Multi.Generic ) - warning
21:06:22.0230 4276  CmBatt - detected LockedFile.Multi.Generic (1)
21:06:22.0277 4276  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:06:22.0277 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\cmdide.sys. md5: E19D3F095812725D88F9001985B94EDD
21:06:22.0277 4276  cmdide ( LockedFile.Multi.Generic ) - warning
21:06:22.0277 4276  cmdide - detected LockedFile.Multi.Generic (1)
21:06:22.0340 4276  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
21:06:22.0340 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\cng.sys. md5: 9AC4F97C2D3E93367E2148EA940CD2CD
21:06:22.0355 4276  CNG ( LockedFile.Multi.Generic ) - warning
21:06:22.0355 4276  CNG - detected LockedFile.Multi.Generic (1)
21:06:22.0418 4276  [ F9A79C5B27037821112C50A9C8FB367A ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:06:22.0433 4276  Com4QLBEx - ok
21:06:22.0464 4276  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:06:22.0464 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\compbatt.sys. md5: 102DE219C3F61415F964C88E9085AD14
21:06:22.0464 4276  Compbatt ( LockedFile.Multi.Generic ) - warning
21:06:22.0464 4276  Compbatt - detected LockedFile.Multi.Generic (1)
21:06:22.0527 4276  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:06:22.0527 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\CompositeBus.sys. md5: 03EDB043586CCEBA243D689BDDA370A8
21:06:22.0527 4276  CompositeBus ( LockedFile.Multi.Generic ) - warning
21:06:22.0527 4276  CompositeBus - detected LockedFile.Multi.Generic (1)
21:06:22.0558 4276  COMSysApp - ok
21:06:22.0605 4276  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:06:22.0605 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\crcdisk.sys. md5: 1C827878A998C18847245FE1F34EE597
21:06:22.0620 4276  crcdisk ( LockedFile.Multi.Generic ) - warning
21:06:22.0620 4276  crcdisk - detected LockedFile.Multi.Generic (1)
21:06:22.0698 4276  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:06:22.0698 4276  CryptSvc - ok
21:06:22.0792 4276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:06:22.0792 4276  DcomLaunch - ok
21:06:22.0854 4276  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
21:06:22.0854 4276  defragsvc - ok
21:06:22.0917 4276  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:06:22.0917 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\dfsc.sys. md5: 9BB2EF44EAA163B29C4A4587887A0FE4
21:06:22.0917 4276  DfsC ( LockedFile.Multi.Generic ) - warning
21:06:22.0932 4276  DfsC - detected LockedFile.Multi.Generic (1)
21:06:22.0995 4276  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:06:22.0995 4276  Dhcp - ok
21:06:23.0042 4276  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
21:06:23.0042 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\discache.sys. md5: 13096B05847EC78F0977F2C0F79E9AB3
21:06:23.0073 4276  discache ( LockedFile.Multi.Generic ) - warning
21:06:23.0073 4276  discache - detected LockedFile.Multi.Generic (1)
21:06:23.0104 4276  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:06:23.0104 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\disk.sys. md5: 9819EEE8B5EA3784EC4AF3B137A5244C
21:06:23.0120 4276  Disk ( LockedFile.Multi.Generic ) - warning
21:06:23.0120 4276  Disk - detected LockedFile.Multi.Generic (1)
21:06:23.0198 4276  [ AE3D76825152764EF016370FDAC219F9 ] DMService       C:\Windows\Downloaded Program Files\DM.0\DMService.exe
21:06:23.0213 4276  DMService - ok
21:06:23.0291 4276  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:06:23.0291 4276  Dnscache - ok
21:06:23.0354 4276  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:06:23.0354 4276  dot3svc - ok
21:06:23.0416 4276  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
21:06:23.0416 4276  DPS - ok
21:06:23.0447 4276  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:06:23.0447 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\drmkaud.sys. md5: 9B19F34400D24DF84C858A421C205754
21:06:23.0463 4276  drmkaud ( LockedFile.Multi.Generic ) - warning
21:06:23.0463 4276  drmkaud - detected LockedFile.Multi.Generic (1)
21:06:23.0525 4276  [ F9F437B39CC0FCACCE8AC7CE422F537F ] DVMIO           C:\SPLASH.SYS\config\dvmio.sys
21:06:23.0525 4276  Suspicious file (NoAccess): C:\SPLASH.SYS\config\dvmio.sys. md5: F9F437B39CC0FCACCE8AC7CE422F537F
21:06:23.0541 4276  DVMIO ( LockedFile.Multi.Generic ) - warning
21:06:23.0541 4276  DVMIO - detected LockedFile.Multi.Generic (1)
21:06:23.0588 4276  [ 577582D57D90FB64276ACFEE958DBFD3 ] DvmMDES         C:\SPLASH.SYS\config\DVMExportService.exe
21:06:23.0588 4276  DvmMDES - ok
21:06:23.0666 4276  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:06:23.0666 4276  Suspicious file (NoAccess): C:\Windows\System32\drivers\dxgkrnl.sys. md5: F5BEE30450E18E6B83A5012C100616FD
21:06:23.0681 4276  DXGKrnl ( LockedFile.Multi.Generic ) - warning
21:06:23.0681 4276  DXGKrnl - detected LockedFile.Multi.Generic (1)
21:06:23.0775 4276  EagleX64 - ok
21:06:23.0822 4276  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
21:06:23.0822 4276  EapHost - ok
21:06:23.0931 4276  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:06:23.0931 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\evbda.sys. md5: DC5D737F51BE844D8C82C695EB17372F
21:06:23.0962 4276  ebdrv ( LockedFile.Multi.Generic ) - warning
21:06:23.0962 4276  ebdrv - detected LockedFile.Multi.Generic (1)
21:06:24.0024 4276  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
21:06:24.0024 4276  EFS - ok
21:06:24.0118 4276  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:06:24.0134 4276  ehRecvr - ok
21:06:24.0165 4276  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
21:06:24.0165 4276  ehSched - ok
21:06:24.0227 4276  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:06:24.0227 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\elxstor.sys. md5: 0E5DA5369A0FCAEA12456DD852545184
21:06:24.0243 4276  elxstor ( LockedFile.Multi.Generic ) - warning
21:06:24.0243 4276  elxstor - detected LockedFile.Multi.Generic (1)
21:06:24.0274 4276  [ 524C79054636D2E5751169005006460B ] enecir          C:\Windows\system32\DRIVERS\enecir.sys
21:06:24.0274 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\enecir.sys. md5: 524C79054636D2E5751169005006460B
21:06:24.0305 4276  enecir ( LockedFile.Multi.Generic ) - warning
21:06:24.0305 4276  enecir - detected LockedFile.Multi.Generic (1)
21:06:24.0336 4276  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:06:24.0336 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\errdev.sys. md5: 34A3C54752046E79A126E15C51DB409B
21:06:24.0352 4276  ErrDev ( LockedFile.Multi.Generic ) - warning
21:06:24.0352 4276  ErrDev - detected LockedFile.Multi.Generic (1)
21:06:24.0446 4276  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
21:06:24.0461 4276  EventSystem - ok
21:06:24.0492 4276  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
21:06:24.0492 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\exfat.sys. md5: A510C654EC00C1E9BDD91EEB3A59823B
21:06:24.0508 4276  exfat ( LockedFile.Multi.Generic ) - warning
21:06:24.0508 4276  exfat - detected LockedFile.Multi.Generic (1)
21:06:24.0539 4276  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:06:24.0539 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\fastfat.sys. md5: 0ADC83218B66A6DB380C330836F3E36D
21:06:24.0539 4276  fastfat ( LockedFile.Multi.Generic ) - warning
21:06:24.0539 4276  fastfat - detected LockedFile.Multi.Generic (1)
21:06:24.0602 4276  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
21:06:24.0602 4276  Fax - ok
21:06:24.0648 4276  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:06:24.0648 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fdc.sys. md5: D765D19CD8EF61F650C384F62FAC00AB
21:06:24.0648 4276  fdc ( LockedFile.Multi.Generic ) - warning
21:06:24.0648 4276  fdc - detected LockedFile.Multi.Generic (1)
21:06:24.0680 4276  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:06:24.0680 4276  fdPHost - ok
21:06:24.0711 4276  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:06:24.0726 4276  FDResPub - ok
21:06:24.0758 4276  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:06:24.0758 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\fileinfo.sys. md5: 655661BE46B5F5F3FD454E2C3095B930
21:06:24.0789 4276  FileInfo ( LockedFile.Multi.Generic ) - warning
21:06:24.0789 4276  FileInfo - detected LockedFile.Multi.Generic (1)
21:06:24.0820 4276  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:06:24.0820 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\filetrace.sys. md5: 5F671AB5BC87EEA04EC38A6CD5962A47
21:06:24.0836 4276  Filetrace ( LockedFile.Multi.Generic ) - warning
21:06:24.0836 4276  Filetrace - detected LockedFile.Multi.Generic (1)
21:06:24.0867 4276  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:06:24.0867 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\flpydisk.sys. md5: C172A0F53008EAEB8EA33FE10E177AF5
21:06:24.0867 4276  flpydisk ( LockedFile.Multi.Generic ) - warning
21:06:24.0867 4276  flpydisk - detected LockedFile.Multi.Generic (1)
21:06:24.0929 4276  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:06:24.0929 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\fltmgr.sys. md5: DA6B67270FD9DB3697B20FCE94950741
21:06:24.0945 4276  FltMgr ( LockedFile.Multi.Generic ) - warning
21:06:24.0945 4276  FltMgr - detected LockedFile.Multi.Generic (1)
21:06:25.0023 4276  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
21:06:25.0038 4276  FontCache - ok
21:06:25.0101 4276  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:06:25.0101 4276  FontCache3.0.0.0 - ok
21:06:25.0148 4276  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:06:25.0148 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\FsDepends.sys. md5: D43703496149971890703B4B1B723EAC
21:06:25.0163 4276  FsDepends ( LockedFile.Multi.Generic ) - warning
21:06:25.0163 4276  FsDepends - detected LockedFile.Multi.Generic (1)
21:06:25.0226 4276  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:06:25.0226 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Fs_Rec.sys. md5: 6BD9295CC032DD3077C671FCCF579A7B
21:06:25.0241 4276  Fs_Rec ( LockedFile.Multi.Generic ) - warning
21:06:25.0241 4276  Fs_Rec - detected LockedFile.Multi.Generic (1)
21:06:25.0304 4276  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:06:25.0304 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\fvevol.sys. md5: 1F7B25B858FA27015169FE95E54108ED
21:06:25.0304 4276  fvevol ( LockedFile.Multi.Generic ) - warning
21:06:25.0304 4276  fvevol - detected LockedFile.Multi.Generic (1)
21:06:25.0335 4276  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:06:25.0335 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\gagp30kx.sys. md5: 8C778D335C9D272CFD3298AB02ABE3B6
21:06:25.0350 4276  gagp30kx ( LockedFile.Multi.Generic ) - warning
21:06:25.0350 4276  gagp30kx - detected LockedFile.Multi.Generic (1)
21:06:25.0428 4276  [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
21:06:25.0428 4276  GameConsoleService - ok
21:06:25.0475 4276  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:06:25.0475 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\GEARAspiWDM.sys. md5: 8E98D21EE06192492A5671A6144D092F
21:06:25.0491 4276  GEARAspiWDM ( LockedFile.Multi.Generic ) - warning
21:06:25.0491 4276  GEARAspiWDM - detected LockedFile.Multi.Generic (1)
21:06:25.0584 4276  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
21:06:25.0584 4276  gpsvc - ok
21:06:25.0694 4276  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:06:25.0694 4276  gupdate - ok
21:06:25.0756 4276  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:06:25.0756 4276  gupdatem - ok
21:06:25.0818 4276  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:06:25.0818 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\hcw85cir.sys. md5: F2523EF6460FC42405B12248338AB2F0
21:06:25.0834 4276  hcw85cir ( LockedFile.Multi.Generic ) - warning
21:06:25.0834 4276  hcw85cir - detected LockedFile.Multi.Generic (1)
21:06:25.0881 4276  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:06:25.0881 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\HdAudio.sys. md5: 975761C778E33CD22498059B91E7373A
21:06:25.0896 4276  HdAudAddService ( LockedFile.Multi.Generic ) - warning
21:06:25.0896 4276  HdAudAddService - detected LockedFile.Multi.Generic (1)
21:06:25.0943 4276  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys



21:06:25.0943 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\HDAudBus.sys. md5: 97BFED39B6B79EB12CDDBFEED51F56BB
21:06:25.0959 4276  HDAudBus ( LockedFile.Multi.Generic ) - warning
21:06:25.0959 4276  HDAudBus - detected LockedFile.Multi.Generic (1)
21:06:25.0990 4276  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
21:06:25.0990 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HECIx64.sys. md5: B6AC71AAA2B10848F57FC49D55A651AF
21:06:25.0990 4276  HECIx64 ( LockedFile.Multi.Generic ) - warning
21:06:25.0990 4276  HECIx64 - detected LockedFile.Multi.Generic (1)
21:06:26.0021 4276  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:06:26.0021 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HidBatt.sys. md5: 78E86380454A7B10A5EB255DC44A355F
21:06:26.0037 4276  HidBatt ( LockedFile.Multi.Generic ) - warning
21:06:26.0037 4276  HidBatt - detected LockedFile.Multi.Generic (1)
21:06:26.0068 4276  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:06:26.0068 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidbth.sys. md5: 7FD2A313F7AFE5C4DAB14798C48DD104
21:06:26.0068 4276  HidBth ( LockedFile.Multi.Generic ) - warning
21:06:26.0068 4276  HidBth - detected LockedFile.Multi.Generic (1)
21:06:26.0099 4276  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:06:26.0099 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidir.sys. md5: 0A77D29F311B88CFAE3B13F9C1A73825
21:06:26.0115 4276  HidIr ( LockedFile.Multi.Generic ) - warning
21:06:26.0115 4276  HidIr - detected LockedFile.Multi.Generic (1)
21:06:26.0162 4276  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
21:06:26.0162 4276  hidserv - ok
21:06:26.0193 4276  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:06:26.0193 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hidusb.sys. md5: 9592090A7E2B61CD582B612B6DF70536
21:06:26.0224 4276  HidUsb ( LockedFile.Multi.Generic ) - warning
21:06:26.0224 4276  HidUsb - detected LockedFile.Multi.Generic (1)
21:06:26.0271 4276  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:06:26.0271 4276  hkmsvc - ok
21:06:26.0333 4276  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:06:26.0333 4276  HomeGroupListener - ok
21:06:26.0396 4276  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:06:26.0396 4276  HomeGroupProvider - ok
21:06:26.0458 4276  [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:06:26.0458 4276  HP Health Check Service - ok
21:06:26.0489 4276  [ 05712FDDBD45A5864EB326FAABC6A4E3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
21:06:26.0489 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\hpdskflt.sys. md5: 05712FDDBD45A5864EB326FAABC6A4E3
21:06:26.0505 4276  hpdskflt ( LockedFile.Multi.Generic ) - warning
21:06:26.0505 4276  hpdskflt - detected LockedFile.Multi.Generic (1)
21:06:26.0536 4276  [ 9AF482D058BE59CC28BCE52E7C4B747C ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:06:26.0536 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\HpqKbFiltr.sys. md5: 9AF482D058BE59CC28BCE52E7C4B747C
21:06:26.0552 4276  HpqKbFiltr ( LockedFile.Multi.Generic ) - warning
21:06:26.0552 4276  HpqKbFiltr - detected LockedFile.Multi.Generic (1)
21:06:26.0614 4276  [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
21:06:26.0614 4276  hpqwmiex - ok
21:06:26.0692 4276  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:06:26.0692 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\HpSAMD.sys. md5: 39D2ABCD392F3D8A6DCE7B60AE7B8EFC
21:06:26.0708 4276  HpSAMD ( LockedFile.Multi.Generic ) - warning
21:06:26.0708 4276  HpSAMD - detected LockedFile.Multi.Generic (1)
21:06:26.0739 4276  [ AA036CC5F5221D9B915F4D4DCE74BA9A ] hpsrv           C:\Windows\system32\Hpservice.exe
21:06:26.0739 4276  hpsrv - ok
21:06:26.0801 4276  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:06:26.0801 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\HTTP.sys. md5: 0EA7DE1ACB728DD5A369FD742D6EEE28
21:06:26.0817 4276  HTTP ( LockedFile.Multi.Generic ) - warning
21:06:26.0817 4276  HTTP - detected LockedFile.Multi.Generic (1)
21:06:26.0864 4276  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:06:26.0864 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\hwpolicy.sys. md5: A5462BD6884960C9DC85ED49D34FF392
21:06:26.0879 4276  hwpolicy ( LockedFile.Multi.Generic ) - warning
21:06:26.0879 4276  hwpolicy - detected LockedFile.Multi.Generic (1)
21:06:26.0926 4276  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:06:26.0942 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\i8042prt.sys. md5: FA55C73D4AFFA7EE23AC4BE53B4592D3
21:06:26.0942 4276  i8042prt ( LockedFile.Multi.Generic ) - warning
21:06:26.0942 4276  i8042prt - detected LockedFile.Multi.Generic (1)
21:06:27.0051 4276  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:06:27.0051 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\iaStor.sys. md5: BBB3B6DF1ABB0FE35802EDE85CC1C011
21:06:27.0066 4276  iaStor ( LockedFile.Multi.Generic ) - warning
21:06:27.0066 4276  iaStor - detected LockedFile.Multi.Generic (1)
21:06:27.0113 4276  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:06:27.0113 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\iaStorV.sys. md5: AAAF44DB3BD0B9D1FB6969B23ECC8366
21:06:27.0129 4276  iaStorV ( LockedFile.Multi.Generic ) - warning
21:06:27.0129 4276  iaStorV - detected LockedFile.Multi.Generic (1)
21:06:27.0207 4276  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:06:27.0222 4276  idsvc - ok
21:06:27.0378 4276  [ 0372C154226F7074CD150F475A4870A6 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:06:27.0378 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\igdkmd64.sys. md5: 0372C154226F7074CD150F475A4870A6
21:06:27.0441 4276  igfx ( LockedFile.Multi.Generic ) - warning
21:06:27.0441 4276  igfx - detected LockedFile.Multi.Generic (1)
21:06:27.0488 4276  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:06:27.0488 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\iirsp.sys. md5: 5C18831C61933628F5BB0EA2675B9D21
21:06:27.0503 4276  iirsp ( LockedFile.Multi.Generic ) - warning
21:06:27.0503 4276  iirsp - detected LockedFile.Multi.Generic (1)
21:06:27.0597 4276  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:06:27.0597 4276  IKEEXT - ok
21:06:27.0644 4276  [ 4FF8A2082D78255D2EB169F986BCC981 ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:06:27.0644 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Impcd.sys. md5: 4FF8A2082D78255D2EB169F986BCC981
21:06:27.0659 4276  Impcd ( LockedFile.Multi.Generic ) - warning
21:06:27.0659 4276  Impcd - detected LockedFile.Multi.Generic (1)
21:06:27.0690 4276  [ 49072EDBC5C2F964917D1B585C90ED0A ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:06:27.0690 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\IntcDAud.sys. md5: 49072EDBC5C2F964917D1B585C90ED0A
21:06:27.0706 4276  IntcDAud ( LockedFile.Multi.Generic ) - warning
21:06:27.0706 4276  IntcDAud - detected LockedFile.Multi.Generic (1)
21:06:27.0722 4276  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
21:06:27.0722 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\intelide.sys. md5: F00F20E70C6EC3AA366910083A0518AA
21:06:27.0737 4276  intelide ( LockedFile.Multi.Generic ) - warning
21:06:27.0737 4276  intelide - detected LockedFile.Multi.Generic (1)
21:06:27.0768 4276  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:06:27.0768 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\intelppm.sys. md5: ADA036632C664CAA754079041CF1F8C1
21:06:27.0815 4276  intelppm ( LockedFile.Multi.Generic ) - warning
21:06:27.0815 4276  intelppm - detected LockedFile.Multi.Generic (1)
21:06:27.0862 4276  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:06:27.0862 4276  IPBusEnum - ok
21:06:27.0909 4276  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:06:27.0909 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ipfltdrv.sys. md5: C9F0E1BD74365A8771590E9008D22AB6
21:06:27.0924 4276  IpFilterDriver ( LockedFile.Multi.Generic ) - warning
21:06:27.0924 4276  IpFilterDriver - detected LockedFile.Multi.Generic (1)
21:06:27.0987 4276  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:06:28.0002 4276  iphlpsvc - ok
21:06:28.0065 4276  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:06:28.0065 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\IPMIDrv.sys. md5: 0FC1AEA580957AA8817B8F305D18CA3A
21:06:28.0065 4276  IPMIDRV ( LockedFile.Multi.Generic ) - warning
21:06:28.0065 4276  IPMIDRV - detected LockedFile.Multi.Generic (1)
21:06:28.0112 4276  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:06:28.0112 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ipnat.sys. md5: AF9B39A7E7B6CAA203B3862582E9F2D0
21:06:28.0112 4276  IPNAT ( LockedFile.Multi.Generic ) - warning
21:06:28.0112 4276  IPNAT - detected LockedFile.Multi.Generic (1)
21:06:28.0174 4276  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:06:28.0174 4276  iPod Service - ok
21:06:28.0221 4276  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:06:28.0221 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\irenum.sys. md5: 3ABF5E7213EB28966D55D58B515D5CE9
21:06:28.0237 4276  IRENUM ( LockedFile.Multi.Generic ) - warning
21:06:28.0237 4276  IRENUM - detected LockedFile.Multi.Generic (1)
21:06:28.0299 4276  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:06:28.0299 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\isapnp.sys. md5: 2F7B28DC3E1183E5EB418DF55C204F38
21:06:28.0299 4276  isapnp ( LockedFile.Multi.Generic ) - warning
21:06:28.0299 4276  isapnp - detected LockedFile.Multi.Generic (1)
21:06:28.0346 4276  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:06:28.0346 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\msiscsi.sys. md5: D931D7309DEB2317035B07C9F9E6B0BD
21:06:28.0346 4276  iScsiPrt ( LockedFile.Multi.Generic ) - warning
21:06:28.0346 4276  iScsiPrt - detected LockedFile.Multi.Generic (1)
21:06:28.0393 4276  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:06:28.0393 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdclass.sys. md5: BC02336F1CBA7DCC7D1213BB588A68A5
21:06:28.0408 4276  kbdclass ( LockedFile.Multi.Generic ) - warning
21:06:28.0408 4276  kbdclass - detected LockedFile.Multi.Generic (1)
21:06:28.0439 4276  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:06:28.0439 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\kbdhid.sys. md5: 0705EFF5B42A9DB58548EEC3B26BB484
21:06:28.0455 4276  kbdhid ( LockedFile.Multi.Generic ) - warning
21:06:28.0455 4276  kbdhid - detected LockedFile.Multi.Generic (1)
21:06:28.0502 4276  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
21:06:28.0502 4276  KeyIso - ok
21:06:28.0549 4276  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:06:28.0549 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecdd.sys. md5: 97A7070AEA4C058B6418519E869A63B4
21:06:28.0564 4276  KSecDD ( LockedFile.Multi.Generic ) - warning
21:06:28.0564 4276  KSecDD - detected LockedFile.Multi.Generic (1)
21:06:28.0580 4276  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:06:28.0580 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\ksecpkg.sys. md5: 26C43A7C2862447EC59DEDA188D1DA07
21:06:28.0595 4276  KSecPkg ( LockedFile.Multi.Generic ) - warning
21:06:28.0595 4276  KSecPkg - detected LockedFile.Multi.Generic (1)
21:06:28.0642 4276  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:06:28.0642 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ksthunk.sys. md5: 6869281E78CB31A43E969F06B57347C4
21:06:28.0658 4276  ksthunk ( LockedFile.Multi.Generic ) - warning
21:06:28.0658 4276  ksthunk - detected LockedFile.Multi.Generic (1)
21:06:28.0705 4276  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:06:28.0720 4276  KtmRm - ok
21:06:28.0783 4276  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:06:28.0783 4276  LanmanServer - ok
21:06:28.0845 4276  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:06:28.0845 4276  LanmanWorkstation - ok
21:06:28.0923 4276  [ 0EE66BDF485C6828AA65C0EF5D591133 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:06:28.0923 4276  LightScribeService - ok
21:06:28.0970 4276  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:06:28.0970 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lltdio.sys. md5: 1538831CF8AD2979A04C423779465827
21:06:28.0985 4276  lltdio ( LockedFile.Multi.Generic ) - warning
21:06:28.0985 4276  lltdio - detected LockedFile.Multi.Generic (1)
21:06:29.0048 4276  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:06:29.0048 4276  lltdsvc - ok
21:06:29.0110 4276  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:06:29.0110 4276  lmhosts - ok
21:06:29.0188 4276  [ 7485FBCEF9136F530953575E2977859D ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:06:29.0188 4276  LMS - ok
21:06:29.0235 4276  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:06:29.0235 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_fc.sys. md5: 1A93E54EB0ECE102495A51266DCDB6A6
21:06:29.0251 4276  LSI_FC ( LockedFile.Multi.Generic ) - warning
21:06:29.0251 4276  LSI_FC - detected LockedFile.Multi.Generic (1)
21:06:29.0282 4276  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:06:29.0282 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas.sys. md5: 1047184A9FDC8BDBFF857175875EE810
21:06:29.0282 4276  LSI_SAS ( LockedFile.Multi.Generic ) - warning
21:06:29.0282 4276  LSI_SAS - detected LockedFile.Multi.Generic (1)
21:06:29.0313 4276  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:06:29.0313 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_sas2.sys. md5: 30F5C0DE1EE8B5BC9306C1F0E4A75F93
21:06:29.0329 4276  LSI_SAS2 ( LockedFile.Multi.Generic ) - warning
21:06:29.0329 4276  LSI_SAS2 - detected LockedFile.Multi.Generic (1)
21:06:29.0360 4276  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:06:29.0360 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\lsi_scsi.sys. md5: 0504EACAFF0D3C8AED161C4B0D369D4A
21:06:29.0391 4276  LSI_SCSI ( LockedFile.Multi.Generic ) - warning
21:06:29.0391 4276  LSI_SCSI - detected LockedFile.Multi.Generic (1)
21:06:29.0422 4276  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
21:06:29.0422 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\luafv.sys. md5: 43D0F98E1D56CCDDB0D5254CFF7B356E
21:06:29.0422 4276  luafv ( LockedFile.Multi.Generic ) - warning
21:06:29.0422 4276  luafv - detected LockedFile.Multi.Generic (1)
21:06:29.0485 4276  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
21:06:29.0485 4276  MBAMProtector - ok
21:06:29.0547 4276  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:06:29.0563 4276  MBAMScheduler - ok
21:06:29.0609 4276  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
21:06:29.0625 4276  MBAMService - ok
21:06:29.0703 4276  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:06:29.0703 4276  Mcx2Svc - ok
21:06:29.0734 4276  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:06:29.0734 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\megasas.sys. md5: A55805F747C6EDB6A9080D7C633BD0F4
21:06:29.0781 4276  megasas ( LockedFile.Multi.Generic ) - warning
21:06:29.0781 4276  megasas - detected LockedFile.Multi.Generic (1)
21:06:29.0828 4276  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:06:29.0828 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MegaSR.sys. md5: BAF74CE0072480C3B6B7C13B2A94D6B3
21:06:29.0843 4276  MegaSR ( LockedFile.Multi.Generic ) - warning
21:06:29.0843 4276  MegaSR - detected LockedFile.Multi.Generic (1)
21:06:29.0875 4276  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
21:06:29.0875 4276  MMCSS - ok
21:06:29.0906 4276  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
21:06:29.0906 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\modem.sys. md5: 800BA92F7010378B09F9ED9270F07137
21:06:29.0921 4276  Modem ( LockedFile.Multi.Generic ) - warning
21:06:29.0921 4276  Modem - detected LockedFile.Multi.Generic (1)
21:06:29.0953 4276  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:06:29.0953 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\monitor.sys. md5: B03D591DC7DA45ECE20B3B467E6AADAA
21:06:29.0953 4276  monitor ( LockedFile.Multi.Generic ) - warning
21:06:29.0953 4276  monitor - detected LockedFile.Multi.Generic (1)
21:06:29.0999 4276  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:06:29.0999 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouclass.sys. md5: 7D27EA49F3C1F687D357E77A470AEA99
21:06:30.0031 4276  mouclass ( LockedFile.Multi.Generic ) - warning
21:06:30.0031 4276  mouclass - detected LockedFile.Multi.Generic (1)
21:06:30.0046 4276  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:06:30.0046 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mouhid.sys. md5: D3BF052C40B0C4166D9FD86A4288C1E6
21:06:30.0062 4276  mouhid ( LockedFile.Multi.Generic ) - warning
21:06:30.0062 4276  mouhid - detected LockedFile.Multi.Generic (1)
21:06:30.0124 4276  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:06:30.0124 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\mountmgr.sys. md5: 32E7A3D591D671A6DF2DB515A5CBE0FA
21:06:30.0124 4276  mountmgr ( LockedFile.Multi.Generic ) - warning
21:06:30.0124 4276  mountmgr - detected LockedFile.Multi.Generic (1)
21:06:30.0155 4276  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:06:30.0155 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\mpio.sys. md5: A44B420D30BD56E145D6A2BC8768EC58
21:06:30.0155 4276  mpio ( LockedFile.Multi.Generic ) - warning
21:06:30.0155 4276  mpio - detected LockedFile.Multi.Generic (1)
21:06:30.0202 4276  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:06:30.0202 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\mpsdrv.sys. md5: 6C38C9E45AE0EA2FA5E551F2ED5E978F
21:06:30.0233 4276  mpsdrv ( LockedFile.Multi.Generic ) - warning
21:06:30.0233 4276  mpsdrv - detected LockedFile.Multi.Generic (1)
21:06:30.0327 4276  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:06:30.0343 4276  MpsSvc - ok
21:06:30.0389 4276  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:06:30.0389 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\mrxdav.sys. md5: DC722758B8261E1ABAFD31A3C0A66380
21:06:30.0405 4276  MRxDAV ( LockedFile.Multi.Generic ) - warning
21:06:30.0405 4276  MRxDAV - detected LockedFile.Multi.Generic (1)
21:06:30.0467 4276  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:06:30.0467 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb.sys. md5: A5D9106A73DC88564C825D317CAC68AC
21:06:30.0483 4276  mrxsmb ( LockedFile.Multi.Generic ) - warning
21:06:30.0483 4276  mrxsmb - detected LockedFile.Multi.Generic (1)
21:06:30.0514 4276  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:06:30.0514 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb10.sys. md5: D711B3C1D5F42C0C2415687BE09FC163
21:06:30.0530 4276  mrxsmb10 ( LockedFile.Multi.Generic ) - warning
21:06:30.0530 4276  mrxsmb10 - detected LockedFile.Multi.Generic (1)
21:06:30.0561 4276  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:06:30.0561 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\mrxsmb20.sys. md5: 9423E9D355C8D303E76B8CFBD8A5C30C
21:06:30.0577 4276  mrxsmb20 ( LockedFile.Multi.Generic ) - warning
21:06:30.0577 4276  mrxsmb20 - detected LockedFile.Multi.Generic (1)
21:06:30.0623 4276  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:06:30.0623 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\msahci.sys. md5: C25F0BAFA182CBCA2DD3C851C2E75796
21:06:30.0639 4276  msahci ( LockedFile.Multi.Generic ) - warning
21:06:30.0639 4276  msahci - detected LockedFile.Multi.Generic (1)
21:06:30.0686 4276  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:06:30.0686 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\msdsm.sys. md5: DB801A638D011B9633829EB6F663C900
21:06:30.0701 4276  msdsm ( LockedFile.Multi.Generic ) - warning
21:06:30.0701 4276  msdsm - detected LockedFile.Multi.Generic (1)
21:06:30.0733 4276  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
21:06:30.0748 4276  MSDTC - ok
21:06:30.0795 4276  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:06:30.0795 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Msfs.sys. md5: AA3FB40E17CE1388FA1BEDAB50EA8F96
21:06:30.0811 4276  Msfs ( LockedFile.Multi.Generic ) - warning
21:06:30.0811 4276  Msfs - detected LockedFile.Multi.Generic (1)
21:06:30.0842 4276  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:06:30.0842 4276  Suspicious file (NoAccess): C:\Windows\System32\drivers\mshidkmdf.sys. md5: F9D215A46A8B9753F61767FA72A20326
21:06:30.0857 4276  mshidkmdf ( LockedFile.Multi.Generic ) - warning
21:06:30.0857 4276  mshidkmdf - detected LockedFile.Multi.Generic (1)
21:06:30.0904 4276  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:06:30.0904 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\msisadrv.sys. md5: D916874BBD4F8B07BFB7FA9B3CCAE29D
21:06:30.0904 4276  msisadrv ( LockedFile.Multi.Generic ) - warning
21:06:30.0904 4276  msisadrv - detected LockedFile.Multi.Generic (1)
21:06:30.0982 4276  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:06:30.0982 4276  MSiSCSI - ok
21:06:30.0998 4276  msiserver - ok
21:06:31.0060 4276  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:06:31.0060 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\MSKSSRV.sys. md5: 49CCF2C4FEA34FFAD8B1B59D49439366
21:06:31.0076 4276  MSKSSRV ( LockedFile.Multi.Generic ) - warning
21:06:31.0076 4276  MSKSSRV - detected LockedFile.Multi.Generic (1)
21:06:31.0107 4276  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:06:31.0107 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPCLOCK.sys. md5: BDD71ACE35A232104DDD349EE70E1AB3
21:06:31.0123 4276  MSPCLOCK ( LockedFile.Multi.Generic ) - warning
21:06:31.0123 4276  MSPCLOCK - detected LockedFile.Multi.Generic (1)
21:06:31.0138 4276  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:06:31.0138 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\MSPQM.sys. md5: 4ED981241DB27C3383D72092B618A1D0
21:06:31.0154 4276  MSPQM ( LockedFile.Multi.Generic ) - warning
21:06:31.0154 4276  MSPQM - detected LockedFile.Multi.Generic (1)
21:06:31.0201 4276  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:06:31.0201 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\MsRPC.sys. md5: 759A9EEB0FA9ED79DA1FB7D4EF78866D
21:06:31.0216 4276  MsRPC ( LockedFile.Multi.Generic ) - warning
21:06:31.0216 4276  MsRPC - detected LockedFile.Multi.Generic (1)
21:06:31.0263 4276  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:06:31.0263 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\mssmbios.sys. md5: 0EED230E37515A0EAEE3C2E1BC97B288
21:06:31.0263 4276  mssmbios ( LockedFile.Multi.Generic ) - warning
21:06:31.0263 4276  mssmbios - detected LockedFile.Multi.Generic (1)
21:06:31.0294 4276  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:06:31.0294 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\MSTEE.sys. md5: 2E66F9ECB30B4221A318C92AC2250779
21:06:31.0310 4276  MSTEE ( LockedFile.Multi.Generic ) - warning
21:06:31.0310 4276  MSTEE - detected LockedFile.Multi.Generic (1)
21:06:31.0341 4276  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:06:31.0341 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\MTConfig.sys. md5: 7EA404308934E675BFFDE8EDF0757BCD
21:06:31.0341 4276  MTConfig ( LockedFile.Multi.Generic ) - warning
21:06:31.0341 4276  MTConfig - detected LockedFile.Multi.Generic (1)
21:06:31.0388 4276  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:06:31.0388 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\mup.sys. md5: F9A18612FD3526FE473C1BDA678D61C8
21:06:31.0388 4276  Mup ( LockedFile.Multi.Generic ) - warning
21:06:31.0388 4276  Mup - detected LockedFile.Multi.Generic (1)
21:06:31.0466 4276  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
21:06:31.0466 4276  napagent - ok
21:06:31.0513 4276  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:06:31.0513 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nwifi.sys. md5: 1EA3749C4114DB3E3161156FFFFA6B33
21:06:31.0559 4276  NativeWifiP ( LockedFile.Multi.Generic ) - warning
21:06:31.0559 4276  NativeWifiP - detected LockedFile.Multi.Generic (1)
21:06:31.0606 4276  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:06:31.0606 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ndis.sys. md5: 79B47FD40D9A817E932F9D26FAC0A81C
21:06:31.0637 4276  NDIS ( LockedFile.Multi.Generic ) - warning
21:06:31.0637 4276  NDIS - detected LockedFile.Multi.Generic (1)
21:06:31.0669 4276  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:06:31.0669 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiscap.sys. md5: 9F9A1F53AAD7DA4D6FEF5BB73AB811AC
21:06:31.0684 4276  NdisCap ( LockedFile.Multi.Generic ) - warning
21:06:31.0684 4276  NdisCap - detected LockedFile.Multi.Generic (1)
21:06:31.0731 4276  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:06:31.0731 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndistapi.sys. md5: 30639C932D9FEF22B31268FE25A1B6E5
21:06:31.0747 4276  NdisTapi ( LockedFile.Multi.Generic ) - warning
21:06:31.0747 4276  NdisTapi - detected LockedFile.Multi.Generic (1)
21:06:31.0793 4276  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:06:31.0793 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndisuio.sys. md5: 136185F9FB2CC61E573E676AA5402356
21:06:31.0793 4276  Ndisuio ( LockedFile.Multi.Generic ) - warning
21:06:31.0793 4276  Ndisuio - detected LockedFile.Multi.Generic (1)
21:06:31.0840 4276  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:06:31.0840 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ndiswan.sys. md5: 53F7305169863F0A2BDDC49E116C2E11
21:06:31.0856 4276  NdisWan ( LockedFile.Multi.Generic ) - warning
21:06:31.0856 4276  NdisWan - detected LockedFile.Multi.Generic (1)
21:06:31.0903 4276  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:06:31.0903 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\NDProxy.sys. md5: 015C0D8E0E0421B4CFD48CFFE2825879
21:06:31.0903 4276  NDProxy ( LockedFile.Multi.Generic ) - warning
21:06:31.0903 4276  NDProxy - detected LockedFile.Multi.Generic (1)
21:06:31.0934 4276  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:06:31.0934 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbios.sys. md5: 86743D9F5D2B1048062B14B1D84501C4
21:06:31.0949 4276  NetBIOS ( LockedFile.Multi.Generic ) - warning
21:06:31.0949 4276  NetBIOS - detected LockedFile.Multi.Generic (1)
21:06:32.0012 4276  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:06:32.0012 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netbt.sys. md5: 09594D1089C523423B32A4229263F068
21:06:32.0043 4276  NetBT ( LockedFile.Multi.Generic ) - warning
21:06:32.0043 4276  NetBT - detected LockedFile.Multi.Generic (1)
21:06:32.0074 4276  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
21:06:32.0090 4276  Netlogon - ok
21:06:32.0121 4276  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
21:06:32.0137 4276  Netman - ok
21:06:32.0168 4276  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
21:06:32.0183 4276  netprofm - ok
21:06:32.0230 4276  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:06:32.0230 4276  NetTcpPortSharing - ok
21:06:32.0386 4276  [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
21:06:32.0386 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\netw5v64.sys. md5: 64428DFDAF6E88366CB51F45A79C5F69
21:06:32.0433 4276  netw5v64 ( LockedFile.Multi.Generic ) - warning
21:06:32.0433 4276  netw5v64 - detected LockedFile.Multi.Generic (1)
21:06:32.0464 4276  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:06:32.0464 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\nfrd960.sys. md5: 77889813BE4D166CDAB78DDBA990DA92
21:06:32.0480 4276  nfrd960 ( LockedFile.Multi.Generic ) - warning
21:06:32.0480 4276  nfrd960 - detected LockedFile.Multi.Generic (1)
21:06:32.0558 4276  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:06:32.0558 4276  NlaSvc - ok
21:06:32.0589 4276  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:06:32.0589 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Npfs.sys. md5: 1E4C4AB5C9B8DD13179BBDC75A2A01F7
21:06:32.0605 4276  Npfs ( LockedFile.Multi.Generic ) - warning
21:06:32.0605 4276  Npfs - detected LockedFile.Multi.Generic (1)
21:06:32.0651 4276  npggsvc - ok
21:06:32.0698 4276  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
21:06:32.0698 4276  nsi - ok
21:06:32.0745 4276  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:06:32.0745 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\nsiproxy.sys. md5: E7F5AE18AF4168178A642A9247C63001
21:06:32.0745 4276  nsiproxy ( LockedFile.Multi.Generic ) - warning
21:06:32.0745 4276  nsiproxy - detected LockedFile.Multi.Generic (1)
21:06:32.0839 4276  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:06:32.0839 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Ntfs.sys. md5: A2F74975097F52A00745F9637451FDD8
21:06:32.0885 4276  Ntfs ( LockedFile.Multi.Generic ) - warning
21:06:32.0885 4276  Ntfs - detected LockedFile.Multi.Generic (1)
21:06:32.0917 4276  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
21:06:32.0917 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Null.sys. md5: 9899284589F75FA8724FF3D16AED75C1
21:06:32.0917 4276  Null ( LockedFile.Multi.Generic ) - warning
21:06:32.0917 4276  Null - detected LockedFile.Multi.Generic (1)
21:06:32.0979 4276  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:06:32.0979 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\nvraid.sys. md5: 0A92CB65770442ED0DC44834632F66AD
21:06:32.0979 4276  nvraid ( LockedFile.Multi.Generic ) - warning
21:06:32.0979 4276  nvraid - detected LockedFile.Multi.Generic (1)
21:06:33.0010 4276  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:06:33.0010 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\nvstor.sys. md5: DAB0E87525C10052BF65F06152F37E4A
21:06:33.0026 4276  nvstor ( LockedFile.Multi.Generic ) - warning
21:06:33.0026 4276  nvstor - detected LockedFile.Multi.Generic (1)
21:06:33.0073 4276  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:06:33.0073 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\nv_agp.sys. md5: 270D7CD42D6E3979F6DD0146650F0E05
21:06:33.0073 4276  nv_agp ( LockedFile.Multi.Generic ) - warning
21:06:33.0073 4276  nv_agp - detected LockedFile.Multi.Generic (1)
21:06:33.0151 4276  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:06:33.0151 4276  odserv - ok
21:06:33.0182 4276  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:06:33.0182 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ohci1394.sys. md5: 3589478E4B22CE21B41FA1BFC0B8B8A0
21:06:33.0197 4276  ohci1394 ( LockedFile.Multi.Generic ) - warning
21:06:33.0197 4276  ohci1394 - detected LockedFile.Multi.Generic (1)
21:06:33.0229 4276  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:06:33.0244 4276  ose - ok
21:06:33.0307 4276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:06:33.0307 4276  p2pimsvc - ok
21:06:33.0369 4276  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:06:33.0369 4276  p2psvc - ok
21:06:33.0416 4276  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:06:33.0416 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\parport.sys. md5: 0086431C29C35BE1DBC43F52CC273887
21:06:33.0431 4276  Parport ( LockedFile.Multi.Generic ) - warning
21:06:33.0431 4276  Parport - detected LockedFile.Multi.Generic (1)
21:06:33.0478 4276  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:06:33.0478 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\partmgr.sys. md5: E9766131EEADE40A27DC27D2D68FBA9C
21:06:33.0494 4276  partmgr ( LockedFile.Multi.Generic ) - warning
21:06:33.0494 4276  partmgr - detected LockedFile.Multi.Generic (1)
21:06:33.0556 4276  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:06:33.0556 4276  PcaSvc - ok
21:06:33.0603 4276  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
21:06:33.0603 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\pci.sys. md5: 94575C0571D1462A0F70BDE6BD6EE6B3
21:06:33.0619 4276  pci ( LockedFile.Multi.Generic ) - warning
21:06:33.0619 4276  pci - detected LockedFile.Multi.Generic (1)
21:06:33.0634 4276  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
21:06:33.0634 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\pciide.sys. md5: B5B8B5EF2E5CB34DF8DCF8831E3534FA
21:06:33.0650 4276  pciide ( LockedFile.Multi.Generic ) - warning
21:06:33.0650 4276  pciide - detected LockedFile.Multi.Generic (1)
21:06:33.0681 4276  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:06:33.0681 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pcmcia.sys. md5: B2E81D4E87CE48589F98CB8C05B01F2F
21:06:33.0681 4276  pcmcia ( LockedFile.Multi.Generic ) - warning
21:06:33.0681 4276  pcmcia - detected LockedFile.Multi.Generic (1)
21:06:33.0712 4276  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:06:33.0712 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\pcw.sys. md5: D6B9C2E1A11A3A4B26A182FFEF18F603
21:06:33.0728 4276  pcw ( LockedFile.Multi.Generic ) - warning
21:06:33.0728 4276  pcw - detected LockedFile.Multi.Generic (1)
21:06:33.0775 4276  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:06:33.0775 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\peauth.sys. md5: 68769C3356B3BE5D1C732C97B9A80D6E
21:06:33.0790 4276  PEAUTH ( LockedFile.Multi.Generic ) - warning
21:06:33.0790 4276  PEAUTH - detected LockedFile.Multi.Generic (1)
21:06:33.0899 4276  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:06:33.0899 4276  PerfHost - ok
21:06:34.0009 4276  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
21:06:34.0040 4276  pla - ok
21:06:34.0102 4276  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:06:34.0102 4276  PlugPlay - ok
21:06:34.0149 4276  [ A010F13D27C1033A8BE09D5FA9BF348B ] pneteth         C:\Windows\system32\DRIVERS\pneteth.sys
21:06:34.0149 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pneteth.sys. md5: A010F13D27C1033A8BE09D5FA9BF348B
21:06:34.0180 4276  pneteth ( LockedFile.Multi.Generic ) - warning
21:06:34.0180 4276  pneteth - detected LockedFile.Multi.Generic (1)
21:06:34.0227 4276  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:06:34.0227 4276  PNRPAutoReg - ok
21:06:34.0274 4276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:06:34.0289 4276  PNRPsvc - ok
21:06:34.0352 4276  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:06:34.0367 4276  PolicyAgent - ok
21:06:34.0430 4276  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
21:06:34.0430 4276  Power - ok
21:06:34.0477 4276  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:06:34.0477 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspptp.sys. md5: F92A2C41117A11A00BE01CA01A7FCDE9
21:06:34.0477 4276  PptpMiniport ( LockedFile.Multi.Generic ) - warning
21:06:34.0477 4276  PptpMiniport - detected LockedFile.Multi.Generic (1)
21:06:34.0539 4276  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:06:34.0539 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\processr.sys. md5: 0D922E23C041EFB1C3FAC2A6F943C9BF



21:06:34.0555 4276  Processor ( LockedFile.Multi.Generic ) - warning
21:06:34.0555 4276  Processor - detected LockedFile.Multi.Generic (1)
21:06:34.0633 4276  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:06:34.0633 4276  ProfSvc - ok
21:06:34.0679 4276  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:06:34.0679 4276  ProtectedStorage - ok
21:06:34.0742 4276  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:06:34.0742 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\pacer.sys. md5: 0557CF5A2556BD58E26384169D72438D
21:06:34.0757 4276  Psched ( LockedFile.Multi.Generic ) - warning
21:06:34.0757 4276  Psched - detected LockedFile.Multi.Generic (1)
21:06:34.0820 4276  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:06:34.0820 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql2300.sys. md5: A53A15A11EBFD21077463EE2C7AFEEF0
21:06:34.0820 4276  ql2300 ( LockedFile.Multi.Generic ) - warning
21:06:34.0820 4276  ql2300 - detected LockedFile.Multi.Generic (1)
21:06:34.0867 4276  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:06:34.0867 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\ql40xx.sys. md5: 4F6D12B51DE1AAEFF7DC58C4D75423C8
21:06:34.0867 4276  ql40xx ( LockedFile.Multi.Generic ) - warning
21:06:34.0867 4276  ql40xx - detected LockedFile.Multi.Generic (1)
21:06:34.0929 4276  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
21:06:34.0929 4276  QWAVE - ok
21:06:34.0960 4276  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:06:34.0960 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\qwavedrv.sys. md5: 76707BB36430888D9CE9D705398ADB6C
21:06:34.0991 4276  QWAVEdrv ( LockedFile.Multi.Generic ) - warning
21:06:34.0991 4276  QWAVEdrv - detected LockedFile.Multi.Generic (1)
21:06:35.0023 4276  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:06:35.0023 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasacd.sys. md5: 5A0DA8AD5762FA2D91678A8A01311704
21:06:35.0038 4276  RasAcd ( LockedFile.Multi.Generic ) - warning
21:06:35.0038 4276  RasAcd - detected LockedFile.Multi.Generic (1)
21:06:35.0069 4276  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:06:35.0069 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\AgileVpn.sys. md5: 7ECFF9B22276B73F43A99A15A6094E90
21:06:35.0085 4276  RasAgileVpn ( LockedFile.Multi.Generic ) - warning
21:06:35.0085 4276  RasAgileVpn - detected LockedFile.Multi.Generic (1)
21:06:35.0132 4276  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
21:06:35.0132 4276  RasAuto - ok
21:06:35.0179 4276  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:06:35.0179 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rasl2tp.sys. md5: 471815800AE33E6F1C32FB1B97C490CA
21:06:35.0194 4276  Rasl2tp ( LockedFile.Multi.Generic ) - warning
21:06:35.0194 4276  Rasl2tp - detected LockedFile.Multi.Generic (1)
21:06:35.0257 4276  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
21:06:35.0272 4276  RasMan - ok
21:06:35.0288 4276  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:06:35.0288 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\raspppoe.sys. md5: 855C9B1CD4756C5E9A2AA58A15F58C25
21:06:35.0303 4276  RasPppoe ( LockedFile.Multi.Generic ) - warning
21:06:35.0303 4276  RasPppoe - detected LockedFile.Multi.Generic (1)
21:06:35.0335 4276  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:06:35.0335 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rassstp.sys. md5: E8B1E447B008D07FF47D016C2B0EEECB
21:06:35.0335 4276  RasSstp ( LockedFile.Multi.Generic ) - warning
21:06:35.0335 4276  RasSstp - detected LockedFile.Multi.Generic (1)
21:06:35.0397 4276  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:06:35.0397 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdbss.sys. md5: 77F665941019A1594D887A74F301FA2F
21:06:35.0397 4276  rdbss ( LockedFile.Multi.Generic ) - warning
21:06:35.0397 4276  rdbss - detected LockedFile.Multi.Generic (1)
21:06:35.0413 4276  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:06:35.0428 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rdpbus.sys. md5: 302DA2A0539F2CF54D7C6CC30C1F2D8D
21:06:35.0428 4276  rdpbus ( LockedFile.Multi.Generic ) - warning
21:06:35.0428 4276  rdpbus - detected LockedFile.Multi.Generic (1)
21:06:35.0459 4276  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:06:35.0459 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RDPCDD.sys. md5: CEA6CC257FC9B7715F1C2B4849286D24
21:06:35.0475 4276  RDPCDD ( LockedFile.Multi.Generic ) - warning
21:06:35.0475 4276  RDPCDD - detected LockedFile.Multi.Generic (1)
21:06:35.0522 4276  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:06:35.0522 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\rdpencdd.sys. md5: BB5971A4F00659529A5C44831AF22365
21:06:35.0553 4276  RDPENCDD ( LockedFile.Multi.Generic ) - warning
21:06:35.0553 4276  RDPENCDD - detected LockedFile.Multi.Generic (1)
21:06:35.0615 4276  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:06:35.0615 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\rdprefmp.sys. md5: 216F3FA57533D98E1F74DED70113177A
21:06:35.0615 4276  RDPREFMP ( LockedFile.Multi.Generic ) - warning
21:06:35.0615 4276  RDPREFMP - detected LockedFile.Multi.Generic (1)
21:06:35.0662 4276  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:06:35.0662 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\RDPWD.sys. md5: E61608AA35E98999AF9AAEEEA6114B0A
21:06:35.0678 4276  RDPWD ( LockedFile.Multi.Generic ) - warning
21:06:35.0678 4276  RDPWD - detected LockedFile.Multi.Generic (1)
21:06:35.0740 4276  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:06:35.0740 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\rdyboost.sys. md5: 34ED295FA0121C241BFEF24764FC4520
21:06:35.0771 4276  rdyboost ( LockedFile.Multi.Generic ) - warning
21:06:35.0771 4276  rdyboost - detected LockedFile.Multi.Generic (1)
21:06:35.0818 4276  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:06:35.0818 4276  RemoteAccess - ok
21:06:35.0849 4276  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:06:35.0865 4276  RemoteRegistry - ok
21:06:35.0912 4276  [ 498EB62A160674E793FA40FD65390625 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:06:35.0912 4276  RichVideo - ok
21:06:35.0974 4276  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:06:35.0974 4276  RpcEptMapper - ok
21:06:36.0021 4276  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
21:06:36.0021 4276  RpcLocator - ok
21:06:36.0083 4276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
21:06:36.0083 4276  RpcSs - ok
21:06:36.0130 4276  [ 48C4D7895B5B6A655CA9F8C480DB293B ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
21:06:36.0130 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\RtsPStor.sys. md5: 48C4D7895B5B6A655CA9F8C480DB293B
21:06:36.0161 4276  RSPCIESTOR ( LockedFile.Multi.Generic ) - warning
21:06:36.0161 4276  RSPCIESTOR - detected LockedFile.Multi.Generic (1)
21:06:36.0208 4276  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:06:36.0208 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\rspndr.sys. md5: DDC86E4F8E7456261E637E3552E804FF
21:06:36.0224 4276  rspndr ( LockedFile.Multi.Generic ) - warning
21:06:36.0224 4276  rspndr - detected LockedFile.Multi.Generic (1)
21:06:36.0255 4276  [ 9AA2048CAB0B57DC408BB119AD52F70D ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
21:06:36.0255 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\RtsUStor.sys. md5: 9AA2048CAB0B57DC408BB119AD52F70D
21:06:36.0271 4276  RSUSBSTOR ( LockedFile.Multi.Generic ) - warning
21:06:36.0271 4276  RSUSBSTOR - detected LockedFile.Multi.Generic (1)
21:06:36.0317 4276  [ 365ED58B47B46DE8B1C5FA759B6FCD6E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:06:36.0317 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\Rt64win7.sys. md5: 365ED58B47B46DE8B1C5FA759B6FCD6E
21:06:36.0333 4276  RTL8167 ( LockedFile.Multi.Generic ) - warning
21:06:36.0333 4276  RTL8167 - detected LockedFile.Multi.Generic (1)
21:06:36.0349 4276  RTSTOR - ok
21:06:36.0395 4276  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
21:06:36.0395 4276  SamSs - ok
21:06:36.0458 4276  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:06:36.0458 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\sbp2port.sys. md5: AC03AF3329579FFFB455AA2DAABBE22B
21:06:36.0458 4276  sbp2port ( LockedFile.Multi.Generic ) - warning
21:06:36.0458 4276  sbp2port - detected LockedFile.Multi.Generic (1)
21:06:36.0520 4276  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:06:36.0520 4276  SCardSvr - ok
21:06:36.0583 4276  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:06:36.0583 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\scfilter.sys. md5: 253F38D0D7074C02FF8DEB9836C97D2B
21:06:36.0614 4276  scfilter ( LockedFile.Multi.Generic ) - warning
21:06:36.0614 4276  scfilter - detected LockedFile.Multi.Generic (1)
21:06:36.0692 4276  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
21:06:36.0707 4276  Schedule - ok
21:06:36.0770 4276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:06:36.0770 4276  SCPolicySvc - ok
21:06:36.0817 4276  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:06:36.0817 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\sdbus.sys. md5: 111E0EBC0AD79CB0FA014B907B231CF0
21:06:36.0832 4276  sdbus ( LockedFile.Multi.Generic ) - warning
21:06:36.0832 4276  sdbus - detected LockedFile.Multi.Generic (1)
21:06:36.0863 4276  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:06:36.0879 4276  SDRSVC - ok
21:06:37.0004 4276  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:06:37.0019 4276  SDScannerService - ok
21:06:37.0113 4276  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:06:37.0129 4276  SDUpdateService - ok
21:06:37.0175 4276  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:06:37.0175 4276  SDWSCService - ok
21:06:37.0238 4276  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:06:37.0238 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\secdrv.sys. md5: 3EA8A16169C26AFBEB544E0E48421186
21:06:37.0269 4276  secdrv ( LockedFile.Multi.Generic ) - warning
21:06:37.0269 4276  secdrv - detected LockedFile.Multi.Generic (1)
21:06:37.0316 4276  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
21:06:37.0331 4276  seclogon - ok
21:06:37.0363 4276  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
21:06:37.0363 4276  SENS - ok
21:06:37.0409 4276  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:06:37.0409 4276  SensrSvc - ok
21:06:37.0456 4276  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:06:37.0456 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serenum.sys. md5: CB624C0035412AF0DEBEC78C41F5CA1B
21:06:37.0456 4276  Serenum ( LockedFile.Multi.Generic ) - warning
21:06:37.0456 4276  Serenum - detected LockedFile.Multi.Generic (1)
21:06:37.0487 4276  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:06:37.0487 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\serial.sys. md5: C1D8E28B2C2ADFAEC4BA89E9FDA69BD6
21:06:37.0487 4276  Serial ( LockedFile.Multi.Generic ) - warning
21:06:37.0487 4276  Serial - detected LockedFile.Multi.Generic (1)
21:06:37.0550 4276  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:06:37.0550 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sermouse.sys. md5: 1C545A7D0691CC4A027396535691C3E3
21:06:37.0550 4276  sermouse ( LockedFile.Multi.Generic ) - warning
21:06:37.0550 4276  sermouse - detected LockedFile.Multi.Generic (1)
21:06:37.0643 4276  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:06:37.0643 4276  SessionEnv - ok
21:06:37.0690 4276  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:06:37.0690 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\sffdisk.sys. md5: A554811BCD09279536440C964AE35BBF
21:06:37.0706 4276  sffdisk ( LockedFile.Multi.Generic ) - warning
21:06:37.0706 4276  sffdisk - detected LockedFile.Multi.Generic (1)
21:06:37.0737 4276  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:06:37.0737 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_mmc.sys. md5: FF414F0BAEFEBA59BC6C04B3DB0B87BF
21:06:37.0753 4276  sffp_mmc ( LockedFile.Multi.Generic ) - warning
21:06:37.0753 4276  sffp_mmc - detected LockedFile.Multi.Generic (1)
21:06:37.0768 4276  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:06:37.0768 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\sffp_sd.sys. md5: DD85B78243A19B59F0637DCF284DA63C
21:06:37.0799 4276  sffp_sd ( LockedFile.Multi.Generic ) - warning
21:06:37.0799 4276  sffp_sd - detected LockedFile.Multi.Generic (1)
21:06:37.0815 4276  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:06:37.0815 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sfloppy.sys. md5: A9D601643A1647211A1EE2EC4E433FF4
21:06:37.0831 4276  sfloppy ( LockedFile.Multi.Generic ) - warning
21:06:37.0831 4276  sfloppy - detected LockedFile.Multi.Generic (1)
21:06:37.0893 4276  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:06:37.0893 4276  SharedAccess - ok
21:06:37.0955 4276  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:06:37.0955 4276  ShellHWDetection - ok
21:06:38.0002 4276  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:06:38.0002 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\SiSRaid2.sys. md5: 843CAF1E5FDE1FFD5FF768F23A51E2E1
21:06:38.0018 4276  SiSRaid2 ( LockedFile.Multi.Generic ) - warning
21:06:38.0018 4276  SiSRaid2 - detected LockedFile.Multi.Generic (1)
21:06:38.0049 4276  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:06:38.0049 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\sisraid4.sys. md5: 6A6C106D42E9FFFF8B9FCB4F754F6DA4
21:06:38.0065 4276  SiSRaid4 ( LockedFile.Multi.Generic ) - warning
21:06:38.0065 4276  SiSRaid4 - detected LockedFile.Multi.Generic (1)
21:06:38.0096 4276  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:06:38.0096 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\smb.sys. md5: 548260A7B8654E024DC30BF8A7C5BAA4
21:06:38.0127 4276  Smb ( LockedFile.Multi.Generic ) - warning
21:06:38.0127 4276  Smb - detected LockedFile.Multi.Generic (1)
21:06:38.0189 4276  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:06:38.0189 4276  SNMPTRAP - ok
21:06:38.0236 4276  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:06:38.0236 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\spldr.sys. md5: B9E31E5CACDFE584F34F730A677803F9
21:06:38.0252 4276  spldr ( LockedFile.Multi.Generic ) - warning
21:06:38.0252 4276  spldr - detected LockedFile.Multi.Generic (1)
21:06:38.0299 4276  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
21:06:38.0314 4276  Spooler - ok
21:06:38.0439 4276  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
21:06:38.0455 4276  sppsvc - ok
21:06:38.0501 4276  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:06:38.0501 4276  sppuinotify - ok
21:06:38.0548 4276  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:06:38.0548 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv.sys. md5: 441FBA48BFF01FDB9D5969EBC1838F0B
21:06:38.0579 4276  srv ( LockedFile.Multi.Generic ) - warning
21:06:38.0579 4276  srv - detected LockedFile.Multi.Generic (1)
21:06:38.0626 4276  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:06:38.0626 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srv2.sys. md5: B4ADEBBF5E3677CCE9651E0F01F7CC28
21:06:38.0626 4276  srv2 ( LockedFile.Multi.Generic ) - warning
21:06:38.0626 4276  srv2 - detected LockedFile.Multi.Generic (1)
21:06:38.0689 4276  [ 0C4540311E11664B245A263E1154CEF8 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
21:06:38.0689 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\VSTAZL6.SYS. md5: 0C4540311E11664B245A263E1154CEF8
21:06:38.0689 4276  SrvHsfHDA ( LockedFile.Multi.Generic ) - warning
21:06:38.0689 4276  SrvHsfHDA - detected LockedFile.Multi.Generic (1)
21:06:38.0751 4276  [ 02071D207A9858FBE3A48CBFD59C4A04 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
21:06:38.0751 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\VSTDPV6.SYS. md5: 02071D207A9858FBE3A48CBFD59C4A04
21:06:38.0751 4276  SrvHsfV92 ( LockedFile.Multi.Generic ) - warning
21:06:38.0751 4276  SrvHsfV92 - detected LockedFile.Multi.Generic (1)
21:06:38.0798 4276  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
21:06:38.0798 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\VSTCNXT6.SYS. md5: 18E40C245DBFAF36FD0134A7EF2DF396
21:06:38.0798 4276  SrvHsfWinac ( LockedFile.Multi.Generic ) - warning
21:06:38.0798 4276  SrvHsfWinac - detected LockedFile.Multi.Generic (1)
21:06:38.0845 4276  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:06:38.0845 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\srvnet.sys. md5: 27E461F0BE5BFF5FC737328F749538C3
21:06:38.0860 4276  srvnet ( LockedFile.Multi.Generic ) - warning
21:06:38.0860 4276  srvnet - detected LockedFile.Multi.Generic (1)
21:06:38.0907 4276  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:06:38.0907 4276  SSDPSRV - ok
21:06:38.0954 4276  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:06:38.0954 4276  SstpSvc - ok
21:06:39.0063 4276  [ 57BEB4500716DD30B65DFA85A35CC3D7 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\STacSV64.exe
21:06:39.0063 4276  STacSV - ok
21:06:39.0125 4276  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:06:39.0125 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\stexstor.sys. md5: F3817967ED533D08327DC73BC4D5542A
21:06:39.0157 4276  stexstor ( LockedFile.Multi.Generic ) - warning
21:06:39.0157 4276  stexstor - detected LockedFile.Multi.Generic (1)
21:06:39.0203 4276  [ 1FEDF8D130CE221521B9BAD6703B92DE ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
21:06:39.0203 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\stwrt64.sys. md5: 1FEDF8D130CE221521B9BAD6703B92DE
21:06:39.0219 4276  STHDA ( LockedFile.Multi.Generic ) - warning
21:06:39.0219 4276  STHDA - detected LockedFile.Multi.Generic (1)
21:06:39.0281 4276  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
21:06:39.0297 4276  stisvc - ok
21:06:39.0344 4276  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:06:39.0344 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\swenum.sys. md5: D01EC09B6711A5F8E7E6564A4D0FBC90
21:06:39.0344 4276  swenum ( LockedFile.Multi.Generic ) - warning
21:06:39.0344 4276  swenum - detected LockedFile.Multi.Generic (1)
21:06:39.0406 4276  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
21:06:39.0422 4276  swprv - ok
21:06:39.0515 4276  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
21:06:39.0531 4276  SysMain - ok
21:06:39.0593 4276  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:06:39.0593 4276  TabletInputService - ok
21:06:39.0640 4276  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:06:39.0656 4276  TapiSrv - ok
21:06:39.0703 4276  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
21:06:39.0703 4276  TBS - ok
21:06:39.0796 4276  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:06:39.0796 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpip.sys. md5: ACB82BDA8F46C84F465C1AFA517DC4B9
21:06:39.0827 4276  Tcpip ( LockedFile.Multi.Generic ) - warning
21:06:39.0827 4276  Tcpip - detected LockedFile.Multi.Generic (1)
21:06:39.0874 4276  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:06:39.0874 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tcpip.sys. md5: ACB82BDA8F46C84F465C1AFA517DC4B9
21:06:39.0905 4276  TCPIP6 ( LockedFile.Multi.Generic ) - warning
21:06:39.0905 4276  TCPIP6 - detected LockedFile.Multi.Generic (1)
21:06:39.0968 4276  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:06:39.0968 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\tcpipreg.sys. md5: DF687E3D8836BFB04FCC0615BF15A519
21:06:39.0983 4276  tcpipreg ( LockedFile.Multi.Generic ) - warning
21:06:39.0983 4276  tcpipreg - detected LockedFile.Multi.Generic (1)
21:06:40.0046 4276  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:06:40.0046 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\tdpipe.sys. md5: 3371D21011695B16333A3934340C4E7C
21:06:40.0046 4276  TDPIPE ( LockedFile.Multi.Generic ) - warning
21:06:40.0046 4276  TDPIPE - detected LockedFile.Multi.Generic (1)
21:06:40.0093 4276  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:06:40.0093 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\tdtcp.sys. md5: 51C5ECEB1CDEE2468A1748BE550CFBC8
21:06:40.0108 4276  TDTCP ( LockedFile.Multi.Generic ) - warning
21:06:40.0108 4276  TDTCP - detected LockedFile.Multi.Generic (1)
21:06:40.0155 4276  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:06:40.0155 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tdx.sys. md5: DDAD5A7AB24D8B65F8D724F5C20FD806
21:06:40.0171 4276  tdx ( LockedFile.Multi.Generic ) - warning
21:06:40.0171 4276  tdx - detected LockedFile.Multi.Generic (1)
21:06:40.0217 4276  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:06:40.0217 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\termdd.sys. md5: 561E7E1F06895D78DE991E01DD0FB6E5
21:06:40.0233 4276  TermDD ( LockedFile.Multi.Generic ) - warning
21:06:40.0233 4276  TermDD - detected LockedFile.Multi.Generic (1)
21:06:40.0280 4276  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
21:06:40.0280 4276  TermService - ok
21:06:40.0327 4276  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
21:06:40.0342 4276  Themes - ok
21:06:40.0373 4276  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:06:40.0373 4276  THREADORDER - ok
21:06:40.0436 4276  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
21:06:40.0436 4276  TrkWks - ok
21:06:40.0514 4276  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:06:40.0529 4276  TrustedInstaller - ok
21:06:40.0592 4276  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:06:40.0592 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tssecsrv.sys. md5: CE18B2CDFC837C99E5FAE9CA6CBA5D30
21:06:40.0607 4276  tssecsrv ( LockedFile.Multi.Generic ) - warning
21:06:40.0607 4276  tssecsrv - detected LockedFile.Multi.Generic (1)
21:06:40.0670 4276  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:06:40.0670 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\tsusbflt.sys. md5: D11C783E3EF9A3C52C0EBE83CC5000E9
21:06:40.0685 4276  TsUsbFlt ( LockedFile.Multi.Generic ) - warning
21:06:40.0685 4276  TsUsbFlt - detected LockedFile.Multi.Generic (1)
21:06:40.0748 4276  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:06:40.0748 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\tunnel.sys. md5: 3566A8DAAFA27AF944F5D705EAA64894
21:06:40.0763 4276  tunnel ( LockedFile.Multi.Generic ) - warning
21:06:40.0763 4276  tunnel - detected LockedFile.Multi.Generic (1)
21:06:40.0795 4276  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:06:40.0795 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\uagp35.sys. md5: B4DD609BD7E282BFC683CEC7EAAAAD67
21:06:40.0810 4276  uagp35 ( LockedFile.Multi.Generic ) - warning
21:06:40.0810 4276  uagp35 - detected LockedFile.Multi.Generic (1)
21:06:40.0919 4276  [ 3BD865754624EEA5AF13C4A114A7CAB8 ] uagqecsvc       C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
21:06:40.0919 4276  uagqecsvc - ok
21:06:40.0982 4276  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:06:40.0982 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\udfs.sys. md5: FF4232A1A64012BAA1FD97C7B67DF593
21:06:40.0982 4276  udfs ( LockedFile.Multi.Generic ) - warning
21:06:40.0982 4276  udfs - detected LockedFile.Multi.Generic (1)
21:06:41.0060 4276  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:06:41.0060 4276  UI0Detect - ok
21:06:41.0122 4276  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:06:41.0122 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\uliagpkx.sys. md5: 4BFE1BC28391222894CBF1E7D0E42320
21:06:41.0138 4276  uliagpkx ( LockedFile.Multi.Generic ) - warning
21:06:41.0138 4276  uliagpkx - detected LockedFile.Multi.Generic (1)
21:06:41.0185 4276  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:06:41.0185 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\umbus.sys. md5: DC54A574663A895C8763AF0FA1FF7561
21:06:41.0200 4276  umbus ( LockedFile.Multi.Generic ) - warning
21:06:41.0200 4276  umbus - detected LockedFile.Multi.Generic (1)
21:06:41.0247 4276  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:06:41.0247 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\umpass.sys. md5: B2E8E8CB557B156DA5493BBDDCC1474D
21:06:41.0247 4276  UmPass ( LockedFile.Multi.Generic ) - warning
21:06:41.0247 4276  UmPass - detected LockedFile.Multi.Generic (1)
21:06:41.0372 4276  [ 765F2DD351BA064F657751D8D75E58C0 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:06:41.0387 4276  UNS - ok
21:06:41.0450 4276  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
21:06:41.0465 4276  upnphost - ok
21:06:41.0528 4276  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:06:41.0528 4276  Suspicious file (NoAccess): C:\Windows\system32\Drivers\usbaapl64.sys. md5: AF1B9474D67897D0C2CFF58E0ACEACCC
21:06:41.0543 4276  USBAAPL64 ( LockedFile.Multi.Generic ) - warning
21:06:41.0543 4276  USBAAPL64 - detected LockedFile.Multi.Generic (1)
21:06:41.0621 4276  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:06:41.0621 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbccgp.sys. md5: 6F1A3157A1C89435352CEB543CDB359C
21:06:41.0621 4276  usbccgp ( LockedFile.Multi.Generic ) - warning
21:06:41.0621 4276  usbccgp - detected LockedFile.Multi.Generic (1)
21:06:41.0668 4276  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:06:41.0668 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\usbcir.sys. md5: AF0892A803FDDA7492F595368E3B68E7
21:06:41.0684 4276  usbcir ( LockedFile.Multi.Generic ) - warning
21:06:41.0684 4276  usbcir - detected LockedFile.Multi.Generic (1)
21:06:41.0715 4276  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:06:41.0715 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\usbehci.sys. md5: C025055FE7B87701EB042095DF1A2D7B
21:06:41.0731 4276  usbehci ( LockedFile.Multi.Generic ) - warning



#8 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 08:06 AM

21:06:41.0731 4276  usbehci - detected LockedFile.Multi.Generic (1)
21:06:41.0777 4276  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:06:41.0777 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbhub.sys. md5: 287C6C9410B111B68B52CA298F7B8C24
21:06:41.0793 4276  usbhub ( LockedFile.Multi.Generic ) - warning
21:06:41.0793 4276  usbhub - detected LockedFile.Multi.Generic (1)
21:06:41.0824 4276  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:06:41.0824 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\usbohci.sys. md5: 9840FC418B4CBD632D3D0A667A725C31
21:06:41.0840 4276  usbohci ( LockedFile.Multi.Generic ) - warning
21:06:41.0840 4276  usbohci - detected LockedFile.Multi.Generic (1)
21:06:41.0871 4276  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:06:41.0871 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: 73188F58FB384E75C4063D29413CEE3D
21:06:41.0887 4276  usbprint ( LockedFile.Multi.Generic ) - warning
21:06:41.0887 4276  usbprint - detected LockedFile.Multi.Generic (1)
21:06:41.0918 4276  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:06:41.0918 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: FED648B01349A3C8395A5169DB5FB7D6
21:06:41.0933 4276  USBSTOR ( LockedFile.Multi.Generic ) - warning
21:06:41.0933 4276  USBSTOR - detected LockedFile.Multi.Generic (1)
21:06:41.0949 4276  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:06:41.0965 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\usbuhci.sys. md5: 62069A34518BCF9C1FD9E74B3F6DB7CD
21:06:41.0980 4276  usbuhci ( LockedFile.Multi.Generic ) - warning
21:06:41.0980 4276  usbuhci - detected LockedFile.Multi.Generic (1)
21:06:42.0011 4276  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:06:42.0011 4276  Suspicious file (NoAccess): C:\Windows\System32\Drivers\usbvideo.sys. md5: 454800C2BC7F3927CE030141EE4F4C50
21:06:42.0027 4276  usbvideo ( LockedFile.Multi.Generic ) - warning
21:06:42.0027 4276  usbvideo - detected LockedFile.Multi.Generic (1)
21:06:42.0074 4276  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
21:06:42.0089 4276  UxSms - ok
21:06:42.0121 4276  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
21:06:42.0121 4276  VaultSvc - ok
21:06:42.0167 4276  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:06:42.0167 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\vdrvroot.sys. md5: C5C876CCFC083FF3B128F933823E87BD
21:06:42.0199 4276  vdrvroot ( LockedFile.Multi.Generic ) - warning
21:06:42.0199 4276  vdrvroot - detected LockedFile.Multi.Generic (1)
21:06:42.0245 4276  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
21:06:42.0261 4276  vds - ok
21:06:42.0308 4276  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:06:42.0308 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: DA4DA3F5E02943C2DC8C6ED875DE68DD
21:06:42.0339 4276  vga ( LockedFile.Multi.Generic ) - warning
21:06:42.0339 4276  vga - detected LockedFile.Multi.Generic (1)
21:06:42.0370 4276  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:06:42.0386 4276  Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 53E92A310193CB3C03BEA963DE7D9CFC
21:06:42.0386 4276  VgaSave ( LockedFile.Multi.Generic ) - warning
21:06:42.0386 4276  VgaSave - detected LockedFile.Multi.Generic (1)
21:06:42.0448 4276  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:06:42.0448 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\vhdmp.sys. md5: 2CE2DF28C83AEAF30084E1B1EB253CBB
21:06:42.0479 4276  vhdmp ( LockedFile.Multi.Generic ) - warning
21:06:42.0479 4276  vhdmp - detected LockedFile.Multi.Generic (1)
21:06:42.0511 4276  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:06:42.0511 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: E5689D93FFE4E5D66C0178761240DD54
21:06:42.0526 4276  viaide ( LockedFile.Multi.Generic ) - warning
21:06:42.0526 4276  viaide - detected LockedFile.Multi.Generic (1)
21:06:42.0542 4276  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:06:42.0542 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: D2AAFD421940F640B407AEFAAEBD91B0
21:06:42.0557 4276  volmgr ( LockedFile.Multi.Generic ) - warning
21:06:42.0557 4276  volmgr - detected LockedFile.Multi.Generic (1)
21:06:42.0620 4276  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:06:42.0620 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: A255814907C89BE58B79EF2F189B843B
21:06:42.0635 4276  volmgrx ( LockedFile.Multi.Generic ) - warning
21:06:42.0635 4276  volmgrx - detected LockedFile.Multi.Generic (1)
21:06:42.0682 4276  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:06:42.0682 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: 0D08D2F3B3FF84E433346669B5E0F639
21:06:42.0698 4276  volsnap ( LockedFile.Multi.Generic ) - warning
21:06:42.0698 4276  volsnap - detected LockedFile.Multi.Generic (1)
21:06:42.0729 4276  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:06:42.0729 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vsmraid.sys. md5: 5E2016EA6EBACA03C04FEAC5F330D997
21:06:42.0729 4276  vsmraid ( LockedFile.Multi.Generic ) - warning
21:06:42.0729 4276  vsmraid - detected LockedFile.Multi.Generic (1)
21:06:42.0823 4276  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
21:06:42.0838 4276  VSS - ok
21:06:42.0869 4276  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:06:42.0869 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 36D4720B72B5C5D9CB2B9C29E9DF67A1
21:06:42.0885 4276  vwifibus ( LockedFile.Multi.Generic ) - warning
21:06:42.0885 4276  vwifibus - detected LockedFile.Multi.Generic (1)
21:06:42.0932 4276  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:06:42.0932 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 6A3D66263414FF0D6FA754C646612F3F
21:06:42.0947 4276  vwififlt ( LockedFile.Multi.Generic ) - warning
21:06:42.0947 4276  vwififlt - detected LockedFile.Multi.Generic (1)
21:06:43.0010 4276  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
21:06:43.0025 4276  W32Time - ok
21:06:43.0057 4276  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:06:43.0057 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wacompen.sys. md5: 4E9440F4F152A7B944CB1663D3935A3E
21:06:43.0072 4276  WacomPen ( LockedFile.Multi.Generic ) - warning
21:06:43.0072 4276  WacomPen - detected LockedFile.Multi.Generic (1)
21:06:43.0119 4276  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:06:43.0119 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 356AFD78A6ED4457169241AC3965230C
21:06:43.0150 4276  WANARP ( LockedFile.Multi.Generic ) - warning
21:06:43.0150 4276  WANARP - detected LockedFile.Multi.Generic (1)
21:06:43.0166 4276  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:06:43.0166 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 356AFD78A6ED4457169241AC3965230C
21:06:43.0181 4276  Wanarpv6 ( LockedFile.Multi.Generic ) - warning
21:06:43.0181 4276  Wanarpv6 - detected LockedFile.Multi.Generic (1)
21:06:43.0259 4276  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:06:43.0275 4276  WatAdminSvc - ok
21:06:43.0353 4276  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
21:06:43.0369 4276  wbengine - ok
21:06:43.0415 4276  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:06:43.0415 4276  WbioSrvc - ok
21:06:43.0478 4276  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:06:43.0493 4276  wcncsvc - ok
21:06:43.0556 4276  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:06:43.0556 4276  WcsPlugInService - ok
21:06:43.0618 4276  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:06:43.0618 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wd.sys. md5: 72889E16FF12BA0F235467D6091B17DC
21:06:43.0618 4276  Wd ( LockedFile.Multi.Generic ) - warning
21:06:43.0618 4276  Wd - detected LockedFile.Multi.Generic (1)
21:06:43.0665 4276  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:06:43.0665 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 441BD2D7B4F98134C3A4F9FA570FD250
21:06:43.0681 4276  Wdf01000 ( LockedFile.Multi.Generic ) - warning
21:06:43.0681 4276  Wdf01000 - detected LockedFile.Multi.Generic (1)
21:06:43.0712 4276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:06:43.0712 4276  WdiServiceHost - ok
21:06:43.0759 4276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:06:43.0759 4276  WdiSystemHost - ok
21:06:43.0837 4276  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
21:06:43.0837 4276  WebClient - ok
21:06:43.0883 4276  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:06:43.0899 4276  Wecsvc - ok
21:06:43.0930 4276  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:06:43.0946 4276  wercplsupport - ok
21:06:43.0993 4276  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:06:43.0993 4276  WerSvc - ok
21:06:44.0039 4276  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:06:44.0039 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 611B23304BF067451A9FDEE01FBDD725
21:06:44.0071 4276  WfpLwf ( LockedFile.Multi.Generic ) - warning
21:06:44.0071 4276  WfpLwf - detected LockedFile.Multi.Generic (1)
21:06:44.0102 4276  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:06:44.0102 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 05ECAEC3E4529A7153B3136CEB49F0EC
21:06:44.0102 4276  WIMMount ( LockedFile.Multi.Generic ) - warning
21:06:44.0102 4276  WIMMount - detected LockedFile.Multi.Generic (1)
21:06:44.0164 4276  WinDefend - ok
21:06:44.0227 4276  WinHttpAutoProxySvc - ok
21:06:44.0305 4276  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:06:44.0305 4276  Winmgmt - ok
21:06:44.0429 4276  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys
21:06:44.0429 4276  WinRing0_1_2_0 - ok
21:06:44.0523 4276  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:06:44.0539 4276  WinRM - ok
21:06:44.0648 4276  [ FE88B288356E7B47B74B13372ADD906D ] WinUSB          C:\Windows\system32\DRIVERS\WinUSB.sys
21:06:44.0648 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WinUSB.sys. md5: FE88B288356E7B47B74B13372ADD906D
21:06:44.0663 4276  WinUSB ( LockedFile.Multi.Generic ) - warning
21:06:44.0663 4276  WinUSB - detected LockedFile.Multi.Generic (1)
21:06:44.0741 4276  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:06:44.0741 4276  Wlansvc - ok
21:06:44.0804 4276  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:06:44.0804 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\wmiacpi.sys. md5: F6FF8944478594D0E414D3F048F0D778
21:06:44.0804 4276  WmiAcpi ( LockedFile.Multi.Generic ) - warning
21:06:44.0804 4276  WmiAcpi - detected LockedFile.Multi.Generic (1)
21:06:44.0882 4276  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:06:44.0882 4276  wmiApSrv - ok
21:06:44.0929 4276  WMPNetworkSvc - ok
21:06:44.0960 4276  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:06:44.0975 4276  WPCSvc - ok
21:06:45.0022 4276  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:06:45.0022 4276  WPDBusEnum - ok
21:06:45.0069 4276  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:06:45.0069 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6BCC1D7D2FD2453957C5479A32364E52
21:06:45.0100 4276  ws2ifsl ( LockedFile.Multi.Generic ) - warning
21:06:45.0100 4276  ws2ifsl - detected LockedFile.Multi.Generic (1)
21:06:45.0178 4276  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
21:06:45.0178 4276  wscsvc - ok
21:06:45.0209 4276  WSearch - ok
21:06:45.0319 4276  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:06:45.0350 4276  wuauserv - ok
21:06:45.0397 4276  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:06:45.0397 4276  Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: D3381DC54C34D79B22CEE0D65BA91B7C
21:06:45.0412 4276  WudfPf ( LockedFile.Multi.Generic ) - warning
21:06:45.0412 4276  WudfPf - detected LockedFile.Multi.Generic (1)
21:06:45.0459 4276  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:06:45.0475 4276  wudfsvc - ok
21:06:45.0521 4276  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:06:45.0521 4276  WwanSvc - ok
21:06:45.0599 4276  [ B3EEACF62445E24FBB2CD4B0FB4DB026 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
21:06:45.0599 4276  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\yk62x64.sys. md5: B3EEACF62445E24FBB2CD4B0FB4DB026
21:06:45.0646 4276  yukonw7 ( LockedFile.Multi.Generic ) - warning
21:06:45.0646 4276  yukonw7 - detected LockedFile.Multi.Generic (1)
21:06:45.0693 4276  ================ Scan global ===============================
21:06:45.0724 4276  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
21:06:45.0755 4276  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:06:45.0771 4276  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
21:06:45.0787 4276  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
21:06:45.0818 4276  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
21:06:45.0818 4276  [Global] - ok
21:06:45.0818 4276  ================ Scan MBR ==================================
21:06:45.0849 4276  [ 083EBF71AAB045AE6C5F3F9189F8327B ] \Device\Harddisk0\DR0
21:06:46.0769 4276  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:06:46.0769 4276  \Device\Harddisk0\DR0 - detected TDSS File System (1)
21:06:46.0769 4276  ================ Scan VBR ==================================
21:06:46.0801 4276  [ E4C0ED6F929F96B32ED55215570E9AAE ] \Device\Harddisk0\DR0\Partition1
21:06:46.0801 4276  \Device\Harddisk0\DR0\Partition1 - ok
21:06:46.0816 4276  [ 23B451B7808B0C82C3901D10BD76652C ] \Device\Harddisk0\DR0\Partition2
21:06:46.0816 4276  \Device\Harddisk0\DR0\Partition2 - ok
21:06:46.0847 4276  [ B3DD5C2CAFF02754F8827E65E3BEF816 ] \Device\Harddisk0\DR0\Partition3
21:06:46.0847 4276  \Device\Harddisk0\DR0\Partition3 - ok
21:06:46.0847 4276  ================ Scan active images ========================
21:06:46.0847 4276  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
21:06:46.0847 4276  C:\Windows\System32\drivers\crashdmp.sys - ok
21:06:46.0863 4276  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] C:\Windows\System32\drivers\iaStor.sys
21:06:46.0863 4276  C:\Windows\System32\drivers\iaStor.sys - ok
21:06:46.0863 4276  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
21:06:46.0863 4276  C:\Windows\System32\drivers\dumpfve.sys - ok
21:06:46.0863 4276  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
21:06:46.0863 4276  C:\Windows\System32\drivers\beep.sys - ok
21:06:46.0879 4276  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
21:06:46.0879 4276  C:\Windows\System32\drivers\cdrom.sys - ok
21:06:46.0879 4276  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
21:06:46.0879 4276  C:\Windows\System32\drivers\null.sys - ok
21:06:46.0879 4276  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
21:06:46.0879 4276  C:\Windows\System32\drivers\watchdog.sys - ok
21:06:46.0879 4276  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
21:06:46.0894 4276  C:\Windows\System32\drivers\RDPCDD.sys - ok
21:06:46.0894 4276  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
21:06:46.0894 4276  C:\Windows\System32\drivers\vga.sys - ok
21:06:46.0894 4276  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
21:06:46.0894 4276  C:\Windows\System32\drivers\videoprt.sys - ok
21:06:46.0894 4276  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
21:06:46.0894 4276  C:\Windows\System32\drivers\RDPENCDD.sys - ok
21:06:46.0910 4276  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
21:06:46.0910 4276  C:\Windows\System32\drivers\RDPREFMP.sys - ok
21:06:46.0910 4276  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
21:06:46.0910 4276  C:\Windows\System32\drivers\msfs.sys - ok
21:06:46.0910 4276  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
21:06:46.0910 4276  C:\Windows\System32\drivers\npfs.sys - ok
21:06:46.0910 4276  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
21:06:46.0910 4276  C:\Windows\System32\drivers\tdi.sys - ok
21:06:46.0925 4276  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
21:06:46.0925 4276  C:\Windows\System32\drivers\tdx.sys - ok
21:06:46.0925 4276  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
21:06:46.0925 4276  C:\Windows\System32\drivers\afd.sys - ok
21:06:46.0925 4276  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
21:06:46.0925 4276  C:\Windows\System32\drivers\netbt.sys - ok
21:06:46.0925 4276  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
21:06:46.0925 4276  C:\Windows\System32\drivers\pacer.sys - ok
21:06:46.0941 4276  [ 6A3D66263414FF0D6FA754C646612F3F ] C:\Windows\System32\drivers\vwififlt.sys
21:06:46.0941 4276  C:\Windows\System32\drivers\vwififlt.sys - ok
21:06:46.0941 4276  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
21:06:46.0941 4276  C:\Windows\System32\drivers\wfplwf.sys - ok
21:06:46.0941 4276  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
21:06:46.0941 4276  C:\Windows\System32\drivers\netbios.sys - ok
21:06:46.0941 4276  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
21:06:46.0941 4276  C:\Windows\System32\drivers\rdbss.sys - ok
21:06:46.0957 4276  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] C:\Windows\System32\drivers\serial.sys
21:06:46.0957 4276  C:\Windows\System32\drivers\serial.sys - ok
21:06:46.0957 4276  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
21:06:46.0957 4276  C:\Windows\System32\drivers\termdd.sys - ok
21:06:46.0957 4276  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
21:06:46.0957 4276  C:\Windows\System32\drivers\wanarp.sys - ok
21:06:46.0957 4276  [ F9F437B39CC0FCACCE8AC7CE422F537F ] C:\SPLASH.SYS\config\dvmio.sys
21:06:46.0957 4276  C:\SPLASH.SYS\config\dvmio.sys - ok
21:06:46.0972 4276  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
21:06:46.0972 4276  C:\Windows\System32\drivers\dfsc.sys - ok
21:06:46.0972 4276  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
21:06:46.0972 4276  C:\Windows\System32\drivers\discache.sys - ok
21:06:46.0972 4276  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
21:06:46.0972 4276  C:\Windows\System32\drivers\mssmbios.sys - ok
21:06:46.0972 4276  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
21:06:46.0972 4276  C:\Windows\System32\drivers\nsiproxy.sys - ok
21:06:46.0988 4276  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
21:06:46.0988 4276  C:\Windows\System32\drivers\blbdrive.sys - ok
21:06:46.0988 4276  [ 0840155D0BDDF1190F84A663C284BD33 ] C:\Windows\System32\drivers\CmBatt.sys
21:06:46.0988 4276  C:\Windows\System32\drivers\CmBatt.sys - ok
21:06:46.0988 4276  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
21:06:46.0988 4276  C:\Windows\System32\drivers\tunnel.sys - ok
21:06:46.0988 4276  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
21:06:46.0988 4276  C:\Windows\System32\smss.exe - ok
21:06:47.0003 4276  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
21:06:47.0003 4276  C:\Windows\System32\ntdll.dll - ok
21:06:47.0003 4276  [ 0372C154226F7074CD150F475A4870A6 ] C:\Windows\System32\drivers\igdkmd64.sys
21:06:47.0003 4276  C:\Windows\System32\drivers\igdkmd64.sys - ok
21:06:47.0003 4276  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
21:06:47.0003 4276  C:\Windows\System32\drivers\dxgkrnl.sys - ok
21:06:47.0003 4276  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
21:06:47.0003 4276  C:\Windows\System32\drivers\dxgmms1.sys - ok
21:06:47.0019 4276  [ B6AC71AAA2B10848F57FC49D55A651AF ] C:\Windows\System32\drivers\HECIx64.sys
21:06:47.0019 4276  C:\Windows\System32\drivers\HECIx64.sys - ok
21:06:47.0019 4276  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
21:06:47.0019 4276  C:\Windows\System32\drivers\usbehci.sys - ok
21:06:47.0019 4276  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
21:06:47.0019 4276  C:\Windows\System32\drivers\usbport.sys - ok
21:06:47.0035 4276  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
21:06:47.0035 4276  C:\Windows\System32\drivers\hdaudbus.sys - ok
21:06:47.0035 4276  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] C:\Windows\System32\drivers\athrx.sys
21:06:47.0035 4276  C:\Windows\System32\drivers\athrx.sys - ok
21:06:47.0035 4276  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] C:\Windows\System32\drivers\vwifibus.sys
21:06:47.0035 4276  C:\Windows\System32\drivers\vwifibus.sys - ok
21:06:47.0035 4276  [ 365ED58B47B46DE8B1C5FA759B6FCD6E ] C:\Windows\System32\drivers\Rt64win7.sys
21:06:47.0035 4276  C:\Windows\System32\drivers\Rt64win7.sys - ok
21:06:47.0050 4276  [ 48C4D7895B5B6A655CA9F8C480DB293B ] C:\Windows\System32\drivers\RtsPStor.sys
21:06:47.0050 4276  C:\Windows\System32\drivers\RtsPStor.sys - ok
21:06:47.0050 4276  [ 111E0EBC0AD79CB0FA014B907B231CF0 ] C:\Windows\System32\drivers\sdbus.sys
21:06:47.0050 4276  C:\Windows\System32\drivers\sdbus.sys - ok
21:06:47.0050 4276  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] C:\Windows\System32\drivers\i8042prt.sys
21:06:47.0050 4276  C:\Windows\System32\drivers\i8042prt.sys - ok
21:06:47.0050 4276  [ 9AF482D058BE59CC28BCE52E7C4B747C ] C:\Windows\System32\drivers\HpqKbFiltr.sys
21:06:47.0050 4276  C:\Windows\System32\drivers\HpqKbFiltr.sys - ok
21:06:47.0066 4276  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
21:06:47.0066 4276  C:\Windows\System32\drivers\kbdclass.sys - ok
21:06:47.0066 4276  [ 05F1A0A81A98CF27E3F028213FB6C36A ] C:\Windows\System32\drivers\Apfiltr.sys
21:06:47.0066 4276  C:\Windows\System32\drivers\Apfiltr.sys - ok
21:06:47.0066 4276  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
21:06:47.0066 4276  C:\Windows\System32\drivers\mouclass.sys - ok
21:06:47.0066 4276  [ 8E98D21EE06192492A5671A6144D092F ] C:\Windows\System32\drivers\GEARAspiWDM.sys
21:06:47.0066 4276  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
21:06:47.0081 4276  [ 4FF8A2082D78255D2EB169F986BCC981 ] C:\Windows\System32\drivers\Impcd.sys
21:06:47.0081 4276  C:\Windows\System32\drivers\Impcd.sys - ok
21:06:47.0081 4276  [ 524C79054636D2E5751169005006460B ] C:\Windows\System32\drivers\enecir.sys
21:06:47.0081 4276  C:\Windows\System32\drivers\enecir.sys - ok
21:06:47.0081 4276  [ 1CFFE9C06E66A57DAE1452E449A58240 ] C:\Windows\System32\drivers\Accelerometer.sys
21:06:47.0081 4276  C:\Windows\System32\drivers\Accelerometer.sys - ok
21:06:47.0081 4276  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
21:06:47.0081 4276  C:\Windows\System32\drivers\CompositeBus.sys - ok
21:06:47.0097 4276  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
21:06:47.0097 4276  C:\Windows\System32\drivers\intelppm.sys - ok
21:06:47.0097 4276  [ F6FF8944478594D0E414D3F048F0D778 ] C:\Windows\System32\drivers\wmiacpi.sys
21:06:47.0097 4276  C:\Windows\System32\drivers\wmiacpi.sys - ok
21:06:47.0097 4276  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
21:06:47.0097 4276  C:\Windows\System32\drivers\agilevpn.sys - ok
21:06:47.0097 4276  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
21:06:47.0097 4276  C:\Windows\System32\drivers\rasl2tp.sys - ok
21:06:47.0113 4276  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
21:06:47.0113 4276  C:\Windows\System32\drivers\ndistapi.sys - ok
21:06:47.0113 4276  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
21:06:47.0113 4276  C:\Windows\System32\drivers\ndiswan.sys - ok
21:06:47.0113 4276  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
21:06:47.0113 4276  C:\Windows\System32\drivers\raspppoe.sys - ok
21:06:47.0113 4276  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
21:06:47.0113 4276  C:\Windows\System32\drivers\raspptp.sys - ok
21:06:47.0128 4276  [ A010F13D27C1033A8BE09D5FA9BF348B ] C:\Windows\System32\drivers\pneteth.sys
21:06:47.0128 4276  C:\Windows\System32\drivers\pneteth.sys - ok
21:06:47.0128 4276  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
21:06:47.0128 4276  C:\Windows\System32\drivers\rassstp.sys - ok
21:06:47.0128 4276  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
21:06:47.0128 4276  C:\Windows\System32\drivers\ks.sys - ok
21:06:47.0144 4276  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
21:06:47.0144 4276  C:\Windows\System32\drivers\swenum.sys - ok
21:06:47.0144 4276  [ D7CD5C4E1B71FA62050515314CFB52CF ] C:\Windows\System32\drivers\circlass.sys
21:06:47.0144 4276  C:\Windows\System32\drivers\circlass.sys - ok
21:06:47.0144 4276  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
21:06:47.0144 4276  C:\Windows\System32\drivers\umbus.sys - ok
21:06:47.0144 4276  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
21:06:47.0144 4276  C:\Windows\System32\drivers\usbhub.sys - ok
21:06:47.0159 4276  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
21:06:47.0159 4276  C:\Windows\System32\drivers\ndproxy.sys - ok
21:06:47.0159 4276  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
21:06:47.0159 4276  C:\Windows\System32\drivers\drmk.sys - ok
21:06:47.0159 4276  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
21:06:47.0159 4276  C:\Windows\System32\drivers\portcls.sys - ok
21:06:47.0159 4276  [ 1FEDF8D130CE221521B9BAD6703B92DE ] C:\Windows\System32\drivers\stwrt64.sys
21:06:47.0159 4276  C:\Windows\System32\drivers\stwrt64.sys - ok
21:06:47.0175 4276  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
21:06:47.0175 4276  C:\Windows\System32\drivers\ksthunk.sys - ok
21:06:47.0175 4276  [ 49072EDBC5C2F964917D1B585C90ED0A ] C:\Windows\System32\drivers\IntcDAud.sys
21:06:47.0175 4276  C:\Windows\System32\drivers\IntcDAud.sys - ok
21:06:47.0175 4276  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
21:06:47.0175 4276  C:\Windows\System32\drivers\hidclass.sys - ok
21:06:47.0175 4276  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] C:\Windows\System32\drivers\hidir.sys
21:06:47.0175 4276  C:\Windows\System32\drivers\hidir.sys - ok
21:06:47.0191 4276  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
21:06:47.0191 4276  C:\Windows\System32\drivers\hidparse.sys - ok
21:06:47.0191 4276  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
21:06:47.0191 4276  C:\Windows\System32\drivers\kbdhid.sys - ok
21:06:47.0191 4276  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
21:06:47.0191 4276  C:\Windows\System32\drivers\mouhid.sys - ok
21:06:47.0191 4276  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
21:06:47.0191 4276  C:\Windows\System32\autochk.exe - ok
21:06:47.0206 4276  [ 23948829C6D049B8ADE0E0FB87305AC3 ] C:\Windows\System32\sdnclean64.exe
21:06:47.0206 4276  C:\Windows\System32\sdnclean64.exe - ok
21:06:47.0206 4276  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
21:06:47.0206 4276  C:\Windows\System32\clbcatq.dll - ok
21:06:47.0206 4276  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
21:06:47.0206 4276  C:\Windows\System32\advapi32.dll - ok
21:06:47.0206 4276  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
21:06:47.0206 4276  C:\Windows\System32\drivers\usbccgp.sys - ok
21:06:47.0222 4276  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
21:06:47.0222 4276  C:\Windows\System32\drivers\usbd.sys - ok
21:06:47.0222 4276  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
21:06:47.0222 4276  C:\Windows\System32\oleaut32.dll - ok
21:06:47.0222 4276  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
21:06:47.0222 4276  C:\Windows\System32\drivers\hidusb.sys - ok
21:06:47.0222 4276  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
21:06:47.0222 4276  C:\Windows\System32\ole32.dll - ok
21:06:47.0237 4276  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
21:06:47.0237 4276  C:\Windows\System32\imagehlp.dll - ok
21:06:47.0237 4276  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
21:06:47.0237 4276  C:\Windows\System32\imm32.dll - ok
21:06:47.0237 4276  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
21:06:47.0237 4276  C:\Windows\System32\nsi.dll - ok
21:06:47.0237 4276  [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
21:06:47.0237 4276  C:\Windows\System32\kernel32.dll - ok
21:06:47.0253 4276  [ 454800C2BC7F3927CE030141EE4F4C50 ] C:\Windows\System32\drivers\usbvideo.sys
21:06:47.0253 4276  C:\Windows\System32\drivers\usbvideo.sys - ok
21:06:47.0253 4276  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
21:06:47.0253 4276  C:\Windows\System32\psapi.dll - ok
21:06:47.0253 4276  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
21:06:47.0253 4276  C:\Windows\System32\shell32.dll - ok
21:06:47.0253 4276  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
21:06:47.0253 4276  C:\Windows\System32\setupapi.dll - ok
21:06:47.0269 4276  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
21:06:47.0269 4276  C:\Windows\System32\msctf.dll - ok
21:06:47.0269 4276  [ E10A0704318A6F7E52787D09717D7C2C ] C:\Windows\System32\iertutil.dll
21:06:47.0269 4276  C:\Windows\System32\iertutil.dll - ok
21:06:47.0269 4276  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
21:06:47.0269 4276  C:\Windows\System32\Wldap32.dll - ok
21:06:47.0269 4276  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
21:06:47.0269 4276  C:\Windows\System32\normaliz.dll - ok
21:06:47.0284 4276  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
21:06:47.0284 4276  C:\Windows\System32\shlwapi.dll - ok
21:06:47.0284 4276  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
21:06:47.0284 4276  C:\Windows\System32\comdlg32.dll - ok
21:06:47.0284 4276  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
21:06:47.0284 4276  C:\Windows\System32\ws2_32.dll - ok
21:06:47.0284 4276  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
21:06:47.0284 4276  C:\Windows\System32\gdi32.dll - ok
21:06:47.0300 4276  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
21:06:47.0300 4276  C:\Windows\System32\rpcrt4.dll - ok
21:06:47.0300 4276  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
21:06:47.0300 4276  C:\Windows\System32\usp10.dll - ok
21:06:47.0300 4276  [ 7F7FE11DF2D67B36DFE5013881619A94 ] C:\Windows\System32\urlmon.dll
21:06:47.0300 4276  C:\Windows\System32\urlmon.dll - ok
21:06:47.0300 4276  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
21:06:47.0300 4276  C:\Windows\System32\user32.dll - ok
21:06:47.0315 4276  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
21:06:47.0315 4276  C:\Windows\System32\msvcrt.dll - ok
21:06:47.0315 4276  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
21:06:47.0315 4276  C:\Windows\System32\lpk.dll - ok
21:06:47.0315 4276  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
21:06:47.0315 4276  C:\Windows\System32\difxapi.dll - ok
21:06:47.0331 4276  [ 8EA68FD3780DDDD5072F8CB830B3CB3D ] C:\Windows\System32\wininet.dll
21:06:47.0331 4276  C:\Windows\System32\wininet.dll - ok
21:06:47.0331 4276  [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
21:06:47.0331 4276  C:\Windows\System32\crypt32.dll - ok
21:06:47.0331 4276  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
21:06:47.0331 4276  C:\Windows\System32\sechost.dll - ok
21:06:47.0331 4276  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
21:06:47.0331 4276  C:\Windows\System32\cfgmgr32.dll - ok
21:06:47.0347 4276  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
21:06:47.0347 4276  C:\Windows\System32\comctl32.dll - ok
21:06:47.0347 4276  [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
21:06:47.0347 4276  C:\Windows\System32\KernelBase.dll - ok
21:06:47.0347 4276  [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
21:06:47.0347 4276  C:\Windows\System32\wintrust.dll - ok
21:06:47.0347 4276  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
21:06:47.0347 4276  C:\Windows\System32\devobj.dll - ok
21:06:47.0362 4276  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
21:06:47.0362 4276  C:\Windows\System32\msasn1.dll - ok
21:06:47.0362 4276  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
21:06:47.0362 4276  C:\Windows\SysWOW64\normaliz.dll - ok
21:06:47.0362 4276  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
21:06:47.0362 4276  C:\Windows\System32\drivers\dxapi.sys - ok
21:06:47.0362 4276  [ F0D6864A7D52CE137E0A9D24795C3F0E ] C:\Windows\System32\win32k.sys
21:06:47.0362 4276  C:\Windows\System32\win32k.sys - ok
21:06:47.0378 4276  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
21:06:47.0378 4276  C:\Windows\System32\csrsrv.dll - ok
21:06:47.0378 4276  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
21:06:47.0378 4276  C:\Windows\System32\csrss.exe - ok
21:06:47.0378 4276  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
21:06:47.0378 4276  C:\Windows\System32\basesrv.dll - ok
21:06:47.0378 4276  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
21:06:47.0378 4276  C:\Windows\System32\winsrv.dll - ok
21:06:47.0393 4276  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
21:06:47.0393 4276  C:\Windows\System32\drivers\monitor.sys - ok
21:06:47.0393 4276  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
21:06:47.0393 4276  C:\Windows\System32\tsddd.dll - ok
21:06:47.0393 4276  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
21:06:47.0393 4276  C:\Windows\System32\sxssrv.dll - ok
21:06:47.0393 4276  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
21:06:47.0393 4276  C:\Windows\System32\wininit.exe - ok
21:06:47.0409 4276  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
21:06:47.0409 4276  C:\Windows\System32\profapi.dll - ok
21:06:47.0409 4276  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
21:06:47.0409 4276  C:\Windows\System32\RpcRtRemote.dll - ok
21:06:47.0409 4276  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
21:06:47.0409 4276  C:\Windows\System32\cdd.dll - ok
21:06:47.0409 4276  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
21:06:47.0409 4276  C:\Windows\System32\KBDUS.DLL - ok
21:06:47.0425 4276  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
21:06:47.0425 4276  C:\Windows\System32\sxs.dll - ok
21:06:47.0425 4276  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
21:06:47.0425 4276  C:\Windows\System32\WlS0WndH.dll - ok
21:06:47.0425 4276  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
21:06:47.0425 4276  C:\Windows\System32\cryptbase.dll - ok
21:06:47.0425 4276  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
21:06:47.0425 4276  C:\Windows\System32\apphelp.dll - ok
21:06:47.0440 4276  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
21:06:47.0440 4276  C:\Windows\System32\lsasrv.dll - ok
21:06:47.0440 4276  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
21:06:47.0440 4276  C:\Windows\System32\lsass.exe - ok
21:06:47.0440 4276  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
21:06:47.0440 4276  C:\Windows\System32\lsm.exe - ok
21:06:47.0440 4276  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
21:06:47.0440 4276  C:\Windows\System32\services.exe - ok
21:06:47.0456 4276  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
21:06:47.0456 4276  C:\Windows\System32\sspisrv.dll - ok
21:06:47.0456 4276  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
21:06:47.0456 4276  C:\Windows\System32\sspicli.dll - ok
21:06:47.0456 4276  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
21:06:47.0456 4276  C:\Windows\System32\scext.dll - ok
21:06:47.0456 4276  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
21:06:47.0456 4276  C:\Windows\System32\secur32.dll - ok
21:06:47.0471 4276  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
21:06:47.0471 4276  C:\Windows\System32\sysntfy.dll - ok
21:06:47.0471 4276  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
21:06:47.0471 4276  C:\Windows\System32\wmsgapi.dll - ok
21:06:47.0471 4276  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
21:06:47.0471 4276  C:\Windows\System32\scesrv.dll - ok
21:06:47.0471 4276  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
21:06:47.0471 4276  C:\Windows\System32\samsrv.dll - ok
21:06:47.0487 4276  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
21:06:47.0487 4276  C:\Windows\System32\srvcli.dll - ok
21:06:47.0487 4276  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
21:06:47.0487 4276  C:\Windows\System32\aelupsvc.dll - ok
21:06:47.0487 4276  [ 3290D6946B5E30E70414990574883DDB ] C:\Windows\System32\alg.exe
21:06:47.0487 4276  C:\Windows\System32\alg.exe - ok
21:06:47.0487 4276  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
21:06:47.0487 4276  C:\Windows\System32\cryptdll.dll - ok
21:06:47.0503 4276  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
21:06:47.0503 4276  C:\Windows\System32\wevtapi.dll - ok
21:06:47.0503 4276  [ 0BC381A15355A3982216F7172F545DE1 ] C:\Windows\System32\appidsvc.dll
21:06:47.0503 4276  C:\Windows\System32\appidsvc.dll - ok
21:06:47.0503 4276  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
21:06:47.0503 4276  C:\Windows\System32\appinfo.dll - ok
21:06:47.0503 4276  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
21:06:47.0503 4276  C:\Windows\System32\authz.dll - ok
21:06:47.0518 4276  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
21:06:47.0518 4276  C:\Windows\System32\cngaudit.dll - ok
21:06:47.0518 4276  [ 3D6AF45673C4B31CDECD7F80AF09D443 ] C:\Windows\System32\rascfg.dll
21:06:47.0518 4276  C:\Windows\System32\rascfg.dll - ok
21:06:47.0518 4276  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
21:06:47.0518 4276  C:\Windows\System32\ncrypt.dll - ok
21:06:47.0534 4276  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
21:06:47.0534 4276  C:\Windows\System32\audiosrv.dll - ok
21:06:47.0534 4276  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] C:\Windows\System32\AxInstSv.dll
21:06:47.0534 4276  C:\Windows\System32\AxInstSv.dll - ok
21:06:47.0534 4276  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
21:06:47.0534 4276  C:\Windows\System32\bcrypt.dll - ok
21:06:47.0534 4276  [ FDE360167101B4E45A96F939F388AEB0 ] C:\Windows\System32\bdesvc.dll
21:06:47.0534 4276  C:\Windows\System32\bdesvc.dll - ok
21:06:47.0549 4276  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
21:06:47.0549 4276  C:\Windows\System32\msprivs.dll - ok
21:06:47.0549 4276  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
21:06:47.0549 4276  C:\Windows\System32\netjoin.dll - ok
21:06:47.0549 4276  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
21:06:47.0549 4276  C:\Windows\System32\BFE.DLL - ok
21:06:47.0565 4276  [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
21:06:47.0565 4276  C:\Windows\System32\kerberos.dll - ok
21:06:47.0565 4276  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
21:06:47.0565 4276  C:\Windows\System32\negoexts.dll - ok
21:06:47.0565 4276  [ 4AC74A462F3A0506B929F599B5E1B1FB ] C:\Windows\System32\atmfd.dll
21:06:47.0565 4276  C:\Windows\System32\atmfd.dll - ok
21:06:47.0565 4276  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
21:06:47.0565 4276  C:\Windows\System32\browser.dll - ok
21:06:47.0581 4276  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
21:06:47.0581 4276  C:\Windows\System32\cryptsp.dll - ok
21:06:47.0581 4276  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
21:06:47.0581 4276  C:\Windows\System32\mswsock.dll - ok
21:06:47.0581 4276  [ 95F9C2976059462CBBF227F7AAB10DE9 ] C:\Windows\System32\bthserv.dll
21:06:47.0581 4276  C:\Windows\System32\bthserv.dll - ok
21:06:47.0581 4276  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
21:06:47.0581 4276  C:\Windows\System32\msv1_0.dll - ok
21:06:47.0596 4276  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
21:06:47.0596 4276  C:\Windows\System32\wship6.dll - ok
21:06:47.0596 4276  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
21:06:47.0596 4276  C:\Windows\System32\netlogon.dll - ok
21:06:47.0596 4276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] C:\Windows\System32\certprop.dll
21:06:47.0596 4276  C:\Windows\System32\certprop.dll - ok
21:06:47.0596 4276  [ FE1EC06F2253F691FE36217C592A0206 ] C:\Windows\System32\clfs.sys
21:06:47.0596 4276  C:\Windows\System32\clfs.sys - ok
21:06:47.0612 4276  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
21:06:47.0612 4276  C:\Windows\System32\comres.dll - ok
21:06:47.0612 4276  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
21:06:47.0612 4276  C:\Windows\System32\winlogon.exe - ok
21:06:47.0612 4276  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
21:06:47.0612 4276  C:\Windows\System32\winsta.dll - ok
21:06:47.0612 4276  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
21:06:47.0612 4276  C:\Windows\System32\dnsapi.dll - ok
21:06:47.0627 4276  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
21:06:47.0627 4276  C:\Windows\System32\logoncli.dll - ok
21:06:47.0627 4276  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
21:06:47.0627 4276  C:\Windows\System32\schannel.dll - ok
21:06:47.0627 4276  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
21:06:47.0627 4276  C:\Windows\System32\wdigest.dll - ok
21:06:47.0627 4276  [ 4F5414602E2544A4554D95517948B705 ] C:\Windows\System32\cryptsvc.dll
21:06:47.0627 4276  C:\Windows\System32\cryptsvc.dll - ok
21:06:47.0643 4276  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
21:06:47.0643 4276  C:\Windows\System32\rsaenh.dll - ok
21:06:47.0643 4276  [ 732E668096B1A37B7BFD4B9021E69A8E ] C:\Windows\System32\oleres.dll
21:06:47.0643 4276  C:\Windows\System32\oleres.dll - ok
21:06:47.0643 4276  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
21:06:47.0643 4276  C:\Windows\System32\pku2u.dll - ok
21:06:47.0643 4276  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
21:06:47.0643 4276  C:\Windows\System32\TSpkg.dll - ok
21:06:47.0659 4276  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
21:06:47.0659 4276  C:\Windows\System32\bcryptprimitives.dll - ok
21:06:47.0659 4276  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
21:06:47.0659 4276  C:\Windows\System32\credssp.dll - ok
21:06:47.0659 4276  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
21:06:47.0659 4276  C:\Windows\System32\efslsaext.dll - ok
21:06:47.0659 4276  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] C:\Windows\System32\defragsvc.dll
21:06:47.0659 4276  C:\Windows\System32\defragsvc.dll - ok
21:06:47.0674 4276  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
21:06:47.0674 4276  C:\Windows\System32\scecli.dll - ok
21:06:47.0674 4276  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
21:06:47.0674 4276  C:\Windows\System32\dhcpcore.dll - ok
21:06:47.0674 4276  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] C:\Windows\System32\dot3svc.dll
21:06:47.0674 4276  C:\Windows\System32\dot3svc.dll - ok
21:06:47.0690 4276  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
21:06:47.0690 4276  C:\Windows\System32\dps.dll - ok
21:06:47.0690 4276  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] C:\Windows\System32\eapsvc.dll
21:06:47.0690 4276  C:\Windows\System32\eapsvc.dll - ok
21:06:47.0690 4276  [ 0C043B0ABBB5E14E68906AB80365395B ] C:\Windows\System32\efssvc.dll
21:06:47.0690 4276  C:\Windows\System32\efssvc.dll - ok
21:06:47.0690 4276  [ C4002B6B41975F057D98C439030CEA07 ] C:\Windows\ehome\ehrecvr.exe
21:06:47.0690 4276  C:\Windows\ehome\ehrecvr.exe - ok
21:06:47.0690 4276  [ 4705E8EF9934482C5BB488CE28AFC681 ] C:\Windows\ehome\ehsched.exe
21:06:47.0690 4276  C:\Windows\ehome\ehsched.exe - ok
21:06:47.0705 4276  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
21:06:47.0705 4276  C:\Windows\System32\wevtsvc.dll - ok
21:06:47.0705 4276  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
21:06:47.0705 4276  C:\Windows\System32\FXSRESM.dll - ok
21:06:47.0705 4276  [ 0438CAB2E03F4FB61455A7956026FE86 ] C:\Windows\System32\fdPHost.dll
21:06:47.0705 4276  C:\Windows\System32\fdPHost.dll - ok
21:06:47.0705 4276  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
21:06:47.0705 4276  C:\Windows\System32\FDResPub.dll - ok
21:06:47.0721 4276  [ 655661BE46B5F5F3FD454E2C3095B930 ] C:\Windows\System32\drivers\fileinfo.sys
21:06:47.0721 4276  C:\Windows\System32\drivers\fileinfo.sys - ok
21:06:47.0721 4276  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] C:\Windows\System32\drivers\filetrace.sys
21:06:47.0721 4276  C:\Windows\System32\drivers\filetrace.sys - ok
21:06:47.0721 4276  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
21:06:47.0721 4276  C:\Windows\System32\drivers\fltMgr.sys - ok
21:06:47.0721 4276  [ 5C4CB4086FB83115B153E47ADD961A0C ] C:\Windows\System32\FntCache.dll
21:06:47.0721 4276  C:\Windows\System32\FntCache.dll - ok
21:06:47.0737 4276  [ 8A1846C0817513AD18BA48B4427771FC ] C:\Windows\System32\PresentationHost.exe
21:06:47.0737 4276  C:\Windows\System32\PresentationHost.exe - ok
21:06:47.0737 4276  [ D43703496149971890703B4B1B723EAC ] C:\Windows\System32\drivers\fsdepends.sys
21:06:47.0737 4276  C:\Windows\System32\drivers\fsdepends.sys - ok
21:06:47.0737 4276  [ 1F7B25B858FA27015169FE95E54108ED ] C:\Windows\System32\drivers\fvevol.sys



21:06:47.0737 4276  C:\Windows\System32\drivers\fvevol.sys - ok
21:06:47.0752 4276  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
21:06:47.0752 4276  C:\Windows\System32\gpapi.dll - ok
21:06:47.0752 4276  [ BD9EB3958F213F96B97B1D897DEE006D ] C:\Windows\System32\hidserv.dll
21:06:47.0752 4276  C:\Windows\System32\hidserv.dll - ok
21:06:47.0752 4276  [ 387E72E739E15E3D37907A86D9FF98E2 ] C:\Windows\System32\KMSVC.DLL
21:06:47.0752 4276  C:\Windows\System32\KMSVC.DLL - ok
21:06:47.0752 4276  [ EFDFB3DD38A4376F93E7985173813ABD ] C:\Windows\System32\ListSvc.dll
21:06:47.0752 4276  C:\Windows\System32\ListSvc.dll - ok
21:06:47.0768 4276  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
21:06:47.0768 4276  C:\Windows\System32\provsvc.dll - ok
21:06:47.0768 4276  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
21:06:47.0768 4276  C:\Windows\System32\drivers\http.sys - ok
21:06:47.0768 4276  [ B9E2DAF71E44626011D70B4889171504 ] C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
21:06:47.0768 4276  C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
21:06:47.0768 4276  [ A5462BD6884960C9DC85ED49D34FF392 ] C:\Windows\System32\drivers\hwpolicy.sys
21:06:47.0768 4276  C:\Windows\System32\drivers\hwpolicy.sys - ok
21:06:47.0783 4276  [ FCD84C381E0140AF901E58D48882D26B ] C:\Windows\System32\IKEEXT.DLL
21:06:47.0783 4276  C:\Windows\System32\IKEEXT.DLL - ok
21:06:47.0783 4276  [ 098A91C54546A3B878DAD6A7E90A455B ] C:\Windows\System32\IPBusEnum.dll
21:06:47.0783 4276  C:\Windows\System32\IPBusEnum.dll - ok
21:06:47.0783 4276  [ A34A587FFFD45FA649FBA6D03784D257 ] C:\Windows\System32\iphlpsvc.dll
21:06:47.0783 4276  C:\Windows\System32\iphlpsvc.dll - ok
21:06:47.0783 4276  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] C:\Windows\System32\drivers\irenum.sys
21:06:47.0783 4276  C:\Windows\System32\drivers\irenum.sys - ok
21:06:47.0799 4276  [ F9EC845C5EECF20E9A67F9F805F2EF1F ] C:\Windows\System32\keyiso.dll
21:06:47.0799 4276  C:\Windows\System32\keyiso.dll - ok
21:06:47.0799 4276  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
21:06:47.0799 4276  C:\Windows\System32\srvsvc.dll - ok
21:06:47.0799 4276  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
21:06:47.0799 4276  C:\Windows\System32\wkssvc.dll - ok
21:06:47.0799 4276  [ 7A757C41C3879CD34BDE15F0563C0CE2 ] C:\Windows\System32\lltdres.dll
21:06:47.0799 4276  C:\Windows\System32\lltdres.dll - ok
21:06:47.0815 4276  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
21:06:47.0815 4276  C:\Windows\System32\drivers\luafv.sys - ok
21:06:47.0815 4276  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
21:06:47.0815 4276  C:\Windows\System32\lmhsvc.dll - ok
21:06:47.0815 4276  [ E5DE3FFD785B6730291AD98E491D58BA ] C:\Windows\ehome\ehres.dll
21:06:47.0815 4276  C:\Windows\ehome\ehres.dll - ok
21:06:47.0815 4276  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
21:06:47.0815 4276  C:\Windows\System32\mmcss.dll - ok
21:06:47.0830 4276  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] C:\Windows\System32\drivers\mountmgr.sys
21:06:47.0830 4276  C:\Windows\System32\drivers\mountmgr.sys - ok
21:06:47.0830 4276  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
21:06:47.0830 4276  C:\Windows\System32\FirewallAPI.dll - ok
21:06:47.0830 4276  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] C:\Windows\System32\WebClnt.dll
21:06:47.0830 4276  C:\Windows\System32\WebClnt.dll - ok
21:06:47.0830 4276  [ F9D215A46A8B9753F61767FA72A20326 ] C:\Windows\System32\drivers\mshidkmdf.sys
21:06:47.0830 4276  C:\Windows\System32\drivers\mshidkmdf.sys - ok
21:06:47.0846 4276  [ E11E3F3BBEFDC5C0C160BE13B65E25E4 ] C:\Windows\System32\iscsidsc.dll
21:06:47.0846 4276  C:\Windows\System32\iscsidsc.dll - ok
21:06:47.0846 4276  [ 8EE1C893C50D1C02D4675978BAC756BA ] C:\Windows\System32\msimsg.dll
21:06:47.0846 4276  C:\Windows\System32\msimsg.dll - ok
21:06:47.0846 4276  [ F9A18612FD3526FE473C1BDA678D61C8 ] C:\Windows\System32\drivers\mup.sys
21:06:47.0846 4276  C:\Windows\System32\drivers\mup.sys - ok
21:06:47.0846 4276  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
21:06:47.0846 4276  C:\Windows\System32\QAGENTRT.DLL - ok
21:06:47.0861 4276  [ 79B47FD40D9A817E932F9D26FAC0A81C ] C:\Windows\System32\drivers\ndis.sys
21:06:47.0861 4276  C:\Windows\System32\drivers\ndis.sys - ok
21:06:47.0861 4276  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
21:06:47.0861 4276  C:\Windows\System32\netman.dll - ok
21:06:47.0861 4276  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
21:06:47.0861 4276  C:\Windows\System32\netprofm.dll - ok
21:06:47.0861 4276  [ 1EE99A89CC788ADA662441D1E9830529 ] C:\Windows\System32\nlasvc.dll
21:06:47.0861 4276  C:\Windows\System32\nlasvc.dll - ok
21:06:47.0877 4276  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
21:06:47.0877 4276  C:\Windows\System32\nsisvc.dll - ok
21:06:47.0877 4276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] C:\Windows\System32\pnrpsvc.dll
21:06:47.0877 4276  C:\Windows\System32\pnrpsvc.dll - ok
21:06:47.0877 4276  [ 927463ECB02179F88E4B9A17568C63C3 ] C:\Windows\System32\p2psvc.dll
21:06:47.0877 4276  C:\Windows\System32\p2psvc.dll - ok
21:06:47.0877 4276  [ E9766131EEADE40A27DC27D2D68FBA9C ] C:\Windows\System32\drivers\partmgr.sys
21:06:47.0877 4276  C:\Windows\System32\drivers\partmgr.sys - ok
21:06:47.0893 4276  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
21:06:47.0893 4276  C:\Windows\System32\pcasvc.dll - ok
21:06:47.0893 4276  [ C7CF6A6E137463219E1259E3F0F0DD6C ] C:\Windows\System32\pla.dll
21:06:47.0893 4276  C:\Windows\System32\pla.dll - ok
21:06:47.0893 4276  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
21:06:47.0893 4276  C:\Windows\System32\umpnpmgr.dll - ok
21:06:47.0893 4276  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] C:\Windows\System32\pnrpauto.dll
21:06:47.0893 4276  C:\Windows\System32\pnrpauto.dll - ok
21:06:47.0908 4276  [ 8DEC9C6DD13C4B3B62CD8D5A0FEF1650 ] C:\Windows\System32\polstore.dll
21:06:47.0908 4276  C:\Windows\System32\polstore.dll - ok
21:06:47.0908 4276  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] C:\Windows\System32\umpo.dll
21:06:47.0908 4276  C:\Windows\System32\umpo.dll - ok
21:06:47.0908 4276  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
21:06:47.0908 4276  C:\Windows\System32\profsvc.dll - ok
21:06:47.0908 4276  [ AB95FBAE4F9A5A56B177CEC427B2B35E ] C:\Windows\System32\psbase.dll
21:06:47.0908 4276  C:\Windows\System32\psbase.dll - ok
21:06:47.0924 4276  [ 906191634E99AEA92C4816150BDA3732 ] C:\Windows\System32\qwave.dll
21:06:47.0924 4276  C:\Windows\System32\qwave.dll - ok
21:06:47.0924 4276  [ 76707BB36430888D9CE9D705398ADB6C ] C:\Windows\System32\drivers\qwavedrv.sys
21:06:47.0924 4276  C:\Windows\System32\drivers\qwavedrv.sys - ok
21:06:47.0924 4276  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] C:\Windows\System32\rasauto.dll
21:06:47.0924 4276  C:\Windows\System32\rasauto.dll - ok
21:06:47.0924 4276  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
21:06:47.0924 4276  C:\Windows\System32\rasmans.dll - ok
21:06:47.0939 4276  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
21:06:47.0939 4276  C:\Windows\System32\sstpsvc.dll - ok
21:06:47.0939 4276  [ E4D94F24081440B5FC5AA556C7C62702 ] C:\Windows\System32\regsvc.dll
21:06:47.0939 4276  C:\Windows\System32\regsvc.dll - ok
21:06:47.0939 4276  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] C:\Windows\System32\Locator.exe
21:06:47.0939 4276  C:\Windows\System32\Locator.exe - ok
21:06:47.0939 4276  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
21:06:47.0939 4276  C:\Windows\System32\RpcEpMap.dll - ok
21:06:47.0955 4276  [ 9B7395789E3791A3B6D000FE6F8B131E ] C:\Windows\System32\SCardSvr.dll
21:06:47.0955 4276  C:\Windows\System32\SCardSvr.dll - ok
21:06:47.0955 4276  [ 253F38D0D7074C02FF8DEB9836C97D2B ] C:\Windows\System32\drivers\scfilter.sys
21:06:47.0955 4276  C:\Windows\System32\drivers\scfilter.sys - ok
21:06:47.0955 4276  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
21:06:47.0955 4276  C:\Windows\System32\schedsvc.dll - ok
21:06:47.0955 4276  [ 6EA4234DC55346E0709560FE7C2C1972 ] C:\Windows\System32\sdrsvc.dll
21:06:47.0955 4276  C:\Windows\System32\sdrsvc.dll - ok
21:06:47.0971 4276  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
21:06:47.0971 4276  C:\Windows\System32\seclogon.dll - ok
21:06:47.0971 4276  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
21:06:47.0971 4276  C:\Windows\System32\Sens.dll - ok
21:06:47.0971 4276  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] C:\Windows\System32\sensrsvc.dll
21:06:47.0971 4276  C:\Windows\System32\sensrsvc.dll - ok
21:06:47.0986 4276  [ 0B6231BF38174A1628C4AC812CC75804 ] C:\Windows\System32\SessEnv.dll
21:06:47.0986 4276  C:\Windows\System32\SessEnv.dll - ok
21:06:47.0986 4276  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
21:06:47.0986 4276  C:\Windows\System32\ipnathlp.dll - ok
21:06:47.0986 4276  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
21:06:47.0986 4276  C:\Windows\System32\shsvcs.dll - ok
21:06:47.0986 4276  [ 55DE45B116711881C852D2841E4C84DD ] C:\Windows\System32\tcpipcfg.dll
21:06:47.0986 4276  C:\Windows\System32\tcpipcfg.dll - ok
21:06:47.0986 4276  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
21:06:47.0986 4276  C:\Windows\System32\snmptrap.exe - ok
21:06:48.0002 4276  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
21:06:48.0002 4276  C:\Windows\System32\spoolsv.exe - ok
21:06:48.0002 4276  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
21:06:48.0002 4276  C:\Windows\System32\sppsvc.exe - ok
21:06:48.0002 4276  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] C:\Windows\System32\sppuinotify.dll
21:06:48.0002 4276  C:\Windows\System32\sppuinotify.dll - ok
21:06:48.0002 4276  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
21:06:48.0002 4276  C:\Windows\System32\ssdpsrv.dll - ok
21:06:48.0017 4276  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
21:06:48.0017 4276  C:\Windows\System32\wiaservc.dll - ok
21:06:48.0017 4276  [ E08E46FDD841B7184194011CA1955A0B ] C:\Windows\System32\swprv.dll
21:06:48.0017 4276  C:\Windows\System32\swprv.dll - ok
21:06:48.0017 4276  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
21:06:48.0017 4276  C:\Windows\System32\sysmain.dll - ok
21:06:48.0017 4276  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] C:\Windows\System32\TabSvc.dll
21:06:48.0017 4276  C:\Windows\System32\TabSvc.dll - ok
21:06:48.0033 4276  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
21:06:48.0033 4276  C:\Windows\System32\tapisrv.dll - ok
21:06:48.0033 4276  [ 1BE03AC720F4D302EA01D40F588162F6 ] C:\Windows\System32\tbssvc.dll
21:06:48.0033 4276  C:\Windows\System32\tbssvc.dll - ok
21:06:48.0033 4276  [ 2E648163254233755035B46DD7B89123 ] C:\Windows\System32\termsrv.dll
21:06:48.0033 4276  C:\Windows\System32\termsrv.dll - ok
21:06:48.0033 4276  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
21:06:48.0033 4276  C:\Windows\System32\themeservice.dll - ok
21:06:48.0049 4276  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
21:06:48.0049 4276  C:\Windows\System32\trkwks.dll - ok
21:06:48.0049 4276  [ 773212B2AAA24C1E31F10246B15B276C ] C:\Windows\servicing\TrustedInstaller.exe
21:06:48.0049 4276  C:\Windows\servicing\TrustedInstaller.exe - ok
21:06:48.0049 4276  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] C:\Windows\System32\drivers\tssecsrv.sys
21:06:48.0049 4276  C:\Windows\System32\drivers\tssecsrv.sys - ok
21:06:48.0049 4276  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] C:\Windows\System32\UI0Detect.exe
21:06:48.0049 4276  C:\Windows\System32\UI0Detect.exe - ok
21:06:48.0064 4276  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
21:06:48.0064 4276  C:\Windows\System32\dwm.exe - ok
21:06:48.0064 4276  [ D47EC6A8E81633DD18D2436B19BAF6DE ] C:\Windows\System32\upnphost.dll
21:06:48.0064 4276  C:\Windows\System32\upnphost.dll - ok
21:06:48.0064 4276  [ 567BC1309E05FCFA680ADB6E02260736 ] C:\Windows\System32\vaultsvc.dll
21:06:48.0064 4276  C:\Windows\System32\vaultsvc.dll - ok
21:06:48.0064 4276  [ 8D6B481601D01A456E75C3210F1830BE ] C:\Windows\System32\vds.exe
21:06:48.0064 4276  C:\Windows\System32\vds.exe - ok
21:06:48.0080 4276  [ A255814907C89BE58B79EF2F189B843B ] C:\Windows\System32\drivers\volmgrx.sys
21:06:48.0080 4276  C:\Windows\System32\drivers\volmgrx.sys - ok
21:06:48.0080 4276  [ B60BA0BC31B0CB414593E169F6F21CC2 ] C:\Windows\System32\VSSVC.exe
21:06:48.0080 4276  C:\Windows\System32\VSSVC.exe - ok
21:06:48.0080 4276  [ 1C9D80CC3849B3788048078C26486E1A ] C:\Windows\System32\w32time.dll
21:06:48.0080 4276  C:\Windows\System32\w32time.dll - ok
21:06:48.0080 4276  [ 05E9265E2228799B68DC0F58A94E1AB8 ] C:\Windows\System32\Wat\WatUX.exe
21:06:48.0080 4276  C:\Windows\System32\Wat\WatUX.exe - ok
21:06:48.0095 4276  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] C:\Windows\System32\wbengine.exe
21:06:48.0095 4276  C:\Windows\System32\wbengine.exe - ok
21:06:48.0095 4276  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] C:\Windows\System32\wbiosrvc.dll
21:06:48.0095 4276  C:\Windows\System32\wbiosrvc.dll - ok
21:06:48.0095 4276  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] C:\Windows\System32\wcncsvc.dll
21:06:48.0095 4276  C:\Windows\System32\wcncsvc.dll - ok
21:06:48.0095 4276  [ 20F7441334B18CEE52027661DF4A6129 ] C:\Windows\System32\WcsPlugInService.dll
21:06:48.0111 4276  C:\Windows\System32\WcsPlugInService.dll - ok
21:06:48.0111 4276  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
21:06:48.0111 4276  C:\Windows\System32\wdi.dll - ok
21:06:48.0111 4276  [ C749025A679C5103E575E3B48E092C43 ] C:\Windows\System32\wecsvc.dll
21:06:48.0111 4276  C:\Windows\System32\wecsvc.dll - ok
21:06:48.0111 4276  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
21:06:48.0111 4276  C:\Windows\System32\wercplsupport.dll - ok
21:06:48.0127 4276  [ 6D137963730144698CBD10F202E9F251 ] C:\Windows\System32\wersvc.dll
21:06:48.0127 4276  C:\Windows\System32\wersvc.dll - ok
21:06:48.0127 4276  [ 2DA738A0A6BEE483A5647A76695AF3B0 ] C:\Program Files\Windows Defender\MsMpRes.dll
21:06:48.0127 4276  C:\Program Files\Windows Defender\MsMpRes.dll - ok
21:06:48.0127 4276  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
21:06:48.0127 4276  C:\Windows\System32\winhttp.dll - ok
21:06:48.0127 4276  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
21:06:48.0127 4276  C:\Windows\System32\wbem\WMIsvc.dll - ok
21:06:48.0142 4276  [ BCB1310604AA415C4508708975B3931E ] C:\Windows\System32\WsmSvc.dll
21:06:48.0142 4276  C:\Windows\System32\WsmSvc.dll - ok
21:06:48.0142 4276  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] C:\Windows\System32\wlansvc.dll
21:06:48.0142 4276  C:\Windows\System32\wlansvc.dll - ok
21:06:48.0142 4276  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] C:\Windows\System32\wbem\WmiApSrv.exe
21:06:48.0142 4276  C:\Windows\System32\wbem\WmiApSrv.exe - ok
21:06:48.0142 4276  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
21:06:48.0142 4276  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
21:06:48.0158 4276  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] C:\Windows\System32\wpcsvc.dll
21:06:48.0158 4276  C:\Windows\System32\wpcsvc.dll - ok
21:06:48.0158 4276  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
21:06:48.0158 4276  C:\Windows\System32\wpdbusenum.dll - ok
21:06:48.0158 4276  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
21:06:48.0158 4276  C:\Windows\System32\drivers\ws2ifsl.sys - ok
21:06:48.0158 4276  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
21:06:48.0158 4276  C:\Windows\System32\wscsvc.dll - ok
21:06:48.0173 4276  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
21:06:48.0173 4276  C:\Windows\System32\SearchIndexer.exe - ok
21:06:48.0173 4276  [ 7A95C95B6C4CF292D689106BCAE49543 ] C:\Windows\System32\WUDFSvc.dll
21:06:48.0173 4276  C:\Windows\System32\WUDFSvc.dll - ok
21:06:48.0173 4276  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] C:\Windows\System32\wwansvc.dll
21:06:48.0173 4276  C:\Windows\System32\wwansvc.dll - ok
21:06:48.0173 4276  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
21:06:48.0173 4276  C:\Windows\System32\ubpm.dll - ok
21:06:48.0189 4276  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
21:06:48.0189 4276  C:\Windows\System32\SPInf.dll - ok
21:06:48.0189 4276  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
21:06:48.0189 4276  C:\Windows\System32\svchost.exe - ok
21:06:48.0189 4276  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
21:06:48.0189 4276  C:\Windows\System32\devrtl.dll - ok
21:06:48.0189 4276  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
21:06:48.0189 4276  C:\Windows\System32\userenv.dll - ok
21:06:48.0205 4276  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
21:06:48.0205 4276  C:\Windows\System32\pcwum.dll - ok
21:06:48.0205 4276  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
21:06:48.0205 4276  C:\Windows\System32\powrprof.dll - ok
21:06:48.0205 4276  [ 92EB844D90615CB266F84C3202B8786E ] C:\Windows\System32\drivers\mbam.sys
21:06:48.0205 4276  C:\Windows\System32\drivers\mbam.sys - ok
21:06:48.0205 4276  [ D3381DC54C34D79B22CEE0D65BA91B7C ] C:\Windows\System32\drivers\WUDFPf.sys
21:06:48.0205 4276  C:\Windows\System32\drivers\WUDFPf.sys - ok
21:06:48.0220 4276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
21:06:48.0220 4276  C:\Windows\System32\rpcss.dll - ok
21:06:48.0220 4276  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
21:06:48.0220 4276  C:\Windows\System32\WSHTCPIP.DLL - ok
21:06:48.0220 4276  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
21:06:48.0220 4276  C:\Windows\System32\wshqos.dll - ok
21:06:48.0220 4276  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
21:06:48.0220 4276  C:\Windows\System32\version.dll - ok
21:06:48.0236 4276  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
21:06:48.0236 4276  C:\Windows\System32\LogonUI.exe - ok
21:06:48.0236 4276  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
21:06:48.0236 4276  C:\Windows\System32\authui.dll - ok
21:06:48.0236 4276  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
21:06:48.0236 4276  C:\Windows\System32\adtschema.dll - ok
21:06:48.0236 4276  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
21:06:48.0236 4276  C:\Windows\System32\MMDevAPI.dll - ok
21:06:48.0251 4276  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
21:06:48.0251 4276  C:\Windows\System32\avrt.dll - ok
21:06:48.0251 4276  [ 57BEB4500716DD30B65DFA85A35CC3D7 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe
21:06:48.0251 4276  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\stacsv64.exe - ok
21:06:48.0251 4276  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
21:06:48.0251 4276  C:\Windows\System32\propsys.dll - ok
21:06:48.0251 4276  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
21:06:48.0251 4276  C:\Windows\System32\MPSSVC.dll - ok
21:06:48.0267 4276  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
21:06:48.0267 4276  C:\Windows\System32\dsound.dll - ok
21:06:48.0267 4276  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
21:06:48.0267 4276  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
21:06:48.0267 4276  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
21:06:48.0267 4276  C:\Windows\System32\PSHED.DLL - ok
21:06:48.0267 4276  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
21:06:48.0267 4276  C:\Windows\System32\cryptui.dll - ok
21:06:48.0283 4276  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
21:06:48.0283 4276  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
21:06:48.0283 4276  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
21:06:48.0283 4276  C:\Windows\System32\winmm.dll - ok
21:06:48.0283 4276  [ 76DA443051A2366AF9DBCA34A2614E9A ] C:\Windows\System32\stapi64.dll
21:06:48.0283 4276  C:\Windows\System32\stapi64.dll - ok
21:06:48.0298 4276  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
21:06:48.0298 4276  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
21:06:48.0298 4276  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
21:06:48.0298 4276  C:\Windows\System32\audiodg.exe - ok
21:06:48.0298 4276  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
21:06:48.0298 4276  C:\Windows\System32\shacct.dll - ok
21:06:48.0298 4276  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
21:06:48.0298 4276  C:\Windows\System32\samlib.dll - ok
21:06:48.0314 4276  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
21:06:48.0314 4276  C:\Windows\System32\ntmarta.dll - ok
21:06:48.0314 4276  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
21:06:48.0314 4276  C:\Windows\System32\uxtheme.dll - ok
21:06:48.0314 4276  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
21:06:48.0314 4276  C:\Windows\System32\AudioSes.dll - ok
21:06:48.0314 4276  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
21:06:48.0314 4276  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
21:06:48.0329 4276  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
21:06:48.0329 4276  C:\Windows\System32\AudioEng.dll - ok
21:06:48.0329 4276  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
21:06:48.0329 4276  C:\Windows\System32\AUDIOKSE.dll - ok
21:06:48.0329 4276  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
21:06:48.0329 4276  C:\Windows\System32\dui70.dll - ok
21:06:48.0329 4276  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
21:06:48.0329 4276  C:\Windows\System32\ksuser.dll - ok
21:06:48.0345 4276  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
21:06:48.0345 4276  C:\Windows\System32\wdmaud.drv - ok
21:06:48.0345 4276  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
21:06:48.0345 4276  C:\Windows\System32\duser.dll - ok
21:06:48.0345 4276  [ E179A291A04EC856741A66D44A0D29CA ] C:\Windows\System32\stapo64.dll
21:06:48.0345 4276  C:\Windows\System32\stapo64.dll - ok
21:06:48.0345 4276  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
21:06:48.0345 4276  C:\Windows\System32\SndVolSSO.dll - ok
21:06:48.0361 4276  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
21:06:48.0361 4276  C:\Windows\System32\dwmapi.dll - ok
21:06:48.0361 4276  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
21:06:48.0361 4276  C:\Windows\System32\hid.dll - ok
21:06:48.0361 4276  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
21:06:48.0361 4276  C:\Windows\System32\xmllite.dll - ok
21:06:48.0361 4276  [ F45843C30B6AFE40F524B7B2D8141143 ] C:\Windows\System32\AESTAC64.dll
21:06:48.0361 4276  C:\Windows\System32\AESTAC64.dll - ok
21:06:48.0376 4276  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
21:06:48.0376 4276  C:\Windows\System32\msacm32.dll - ok
21:06:48.0376 4276  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
21:06:48.0376 4276  C:\Windows\System32\msacm32.drv - ok
21:06:48.0376 4276  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
21:06:48.0376 4276  C:\Windows\System32\midimap.dll - ok
21:06:48.0376 4276  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
21:06:48.0376 4276  C:\Windows\System32\WMALFXGFXDSP.dll - ok
21:06:48.0392 4276  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
21:06:48.0392 4276  C:\Windows\System32\WindowsCodecs.dll - ok
21:06:48.0392 4276  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
21:06:48.0392 4276  C:\Windows\System32\mfplat.dll - ok
21:06:48.0392 4276  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
21:06:48.0392 4276  C:\Windows\System32\gpsvc.dll - ok
21:06:48.0392 4276  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll



21:06:48.0392 4276  C:\Windows\System32\VaultCredProvider.dll - ok
21:06:48.0407 4276  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
21:06:48.0407 4276  C:\Windows\System32\winbrand.dll - ok
21:06:48.0407 4276  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
21:06:48.0407 4276  C:\Windows\System32\nlaapi.dll - ok
21:06:48.0407 4276  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
21:06:48.0407 4276  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
21:06:48.0407 4276  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
21:06:48.0407 4276  C:\Windows\System32\wtsapi32.dll - ok
21:06:48.0423 4276  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
21:06:48.0423 4276  C:\Windows\System32\atl.dll - ok
21:06:48.0423 4276  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
21:06:48.0423 4276  C:\Windows\System32\BioCredProv.dll - ok
21:06:48.0423 4276  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
21:06:48.0423 4276  C:\Windows\System32\dsrole.dll - ok
21:06:48.0423 4276  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
21:06:48.0423 4276  C:\Windows\System32\slc.dll - ok
21:06:48.0439 4276  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
21:06:48.0439 4276  C:\Windows\System32\credui.dll - ok
21:06:48.0439 4276  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
21:06:48.0439 4276  C:\Windows\System32\es.dll - ok
21:06:48.0439 4276  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
21:06:48.0439 4276  C:\Windows\System32\winbio.dll - ok
21:06:48.0439 4276  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
21:06:48.0439 4276  C:\Windows\System32\netapi32.dll - ok
21:06:48.0454 4276  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
21:06:48.0454 4276  C:\Windows\System32\vaultcli.dll - ok
21:06:48.0454 4276  [ AA036CC5F5221D9B915F4D4DCE74BA9A ] C:\Windows\System32\hpservice.exe
21:06:48.0454 4276  C:\Windows\System32\hpservice.exe - ok
21:06:48.0454 4276  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
21:06:48.0454 4276  C:\Windows\System32\netutils.dll - ok
21:06:48.0454 4276  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
21:06:48.0454 4276  C:\Windows\System32\wkscli.dll - ok
21:06:48.0470 4276  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
21:06:48.0470 4276  C:\Windows\System32\samcli.dll - ok
21:06:48.0470 4276  [ 19F9B524A525D202194247E96656CB88 ] C:\Windows\System32\mfc42u.dll
21:06:48.0470 4276  C:\Windows\System32\mfc42u.dll - ok
21:06:48.0470 4276  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
21:06:48.0470 4276  C:\Windows\System32\certCredProvider.dll - ok
21:06:48.0470 4276  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
21:06:48.0470 4276  C:\Windows\System32\rasplap.dll - ok
21:06:48.0485 4276  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
21:06:48.0485 4276  C:\Windows\System32\rasapi32.dll - ok
21:06:48.0485 4276  [ 7FF8E121AFA05BDAB23B9FEDCDAB7A33 ] C:\Windows\System32\odbc32.dll
21:06:48.0485 4276  C:\Windows\System32\odbc32.dll - ok
21:06:48.0485 4276  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
21:06:48.0485 4276  C:\Windows\System32\rasman.dll - ok
21:06:48.0485 4276  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
21:06:48.0485 4276  C:\Windows\System32\rtutils.dll - ok
21:06:48.0501 4276  [ E4534381D36D42EBF3A5E9B17DEBC707 ] C:\Windows\System32\accelerometerdll.DLL
21:06:48.0501 4276  C:\Windows\System32\accelerometerdll.DLL - ok
21:06:48.0501 4276  [ 3E466073C3B1033FF92ADE9031E3D4A2 ] C:\Windows\System32\odbcint.dll
21:06:48.0501 4276  C:\Windows\System32\odbcint.dll - ok
21:06:48.0501 4276  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
21:06:48.0501 4276  C:\Windows\System32\UXInit.dll - ok
21:06:48.0501 4276  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
21:06:48.0501 4276  C:\Windows\System32\uxsms.dll - ok
21:06:48.0517 4276  [ 80E69670BDA10F32A941BA7358E33012 ] C:\Windows\System32\WUDFPlatform.dll
21:06:48.0517 4276  C:\Windows\System32\WUDFPlatform.dll - ok
21:06:48.0517 4276  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
21:06:48.0517 4276  C:\Windows\System32\drivers\lltdio.sys - ok
21:06:48.0517 4276  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] C:\Windows\System32\drivers\nwifi.sys
21:06:48.0517 4276  C:\Windows\System32\drivers\nwifi.sys - ok
21:06:48.0517 4276  [ 136185F9FB2CC61E573E676AA5402356 ] C:\Windows\System32\drivers\ndisuio.sys
21:06:48.0517 4276  C:\Windows\System32\drivers\ndisuio.sys - ok
21:06:48.0532 4276  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
21:06:48.0532 4276  C:\Windows\System32\drivers\rspndr.sys - ok
21:06:48.0532 4276  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
21:06:48.0532 4276  C:\Windows\System32\IPHLPAPI.DLL - ok
21:06:48.0532 4276  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
21:06:48.0532 4276  C:\Windows\System32\wbemcomn.dll - ok
21:06:48.0532 4276  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
21:06:48.0532 4276  C:\Windows\System32\wbem\wbemprox.dll - ok
21:06:48.0548 4276  [ 71C7B65B6557B75B99907E76956AE4B8 ] C:\Windows\System32\dhcpcore6.dll
21:06:48.0548 4276  C:\Windows\System32\dhcpcore6.dll - ok
21:06:48.0548 4276  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
21:06:48.0548 4276  C:\Windows\System32\nrpsrv.dll - ok
21:06:48.0548 4276  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
21:06:48.0548 4276  C:\Windows\System32\winnsi.dll - ok
21:06:48.0548 4276  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
21:06:48.0548 4276  C:\Windows\System32\dnsrslvr.dll - ok
21:06:48.0563 4276  [ 87356377F31DA5F20A833811CD59499C ] C:\Windows\System32\eapphost.dll
21:06:48.0563 4276  C:\Windows\System32\eapphost.dll - ok
21:06:48.0563 4276  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
21:06:48.0563 4276  C:\Windows\System32\FWPUCLNT.DLL - ok
21:06:48.0563 4276  [ 7373DE70D405FF08DC53336B83989138 ] C:\Windows\System32\rastls.dll
21:06:48.0563 4276  C:\Windows\System32\rastls.dll - ok
21:06:48.0563 4276  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
21:06:48.0563 4276  C:\Windows\System32\dnsext.dll - ok
21:06:48.0579 4276  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
21:06:48.0579 4276  C:\Windows\System32\dhcpcsvc.dll - ok
21:06:48.0579 4276  [ 4CBCC37856EA2039C27A2FB661DDA0E5 ] C:\Windows\System32\dhcpcsvc6.dll
21:06:48.0579 4276  C:\Windows\System32\dhcpcsvc6.dll - ok
21:06:48.0579 4276  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
21:06:48.0579 4276  C:\Windows\System32\imageres.dll - ok
21:06:48.0579 4276  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
21:06:48.0579 4276  C:\Windows\System32\raschap.dll - ok
21:06:48.0595 4276  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
21:06:48.0595 4276  C:\Windows\System32\umb.dll - ok
21:06:48.0595 4276  [ A648C4A06DE367065B24056D067B4460 ] C:\Windows\System32\wlanmsm.dll
21:06:48.0595 4276  C:\Windows\System32\wlanmsm.dll - ok
21:06:48.0595 4276  [ 06A1386B6E3A0CBC368665C1840906F4 ] C:\Windows\System32\wlansec.dll
21:06:48.0595 4276  C:\Windows\System32\wlansec.dll - ok
21:06:48.0595 4276  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
21:06:48.0595 4276  C:\Windows\System32\onex.dll - ok
21:06:48.0610 4276  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
21:06:48.0610 4276  C:\Windows\System32\eappprxy.dll - ok
21:06:48.0610 4276  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
21:06:48.0610 4276  C:\Windows\System32\eappcfg.dll - ok
21:06:48.0610 4276  [ 97E43F324BE1503CB2FFB058534688DA ] C:\Windows\System32\l2gpstore.dll
21:06:48.0610 4276  C:\Windows\System32\l2gpstore.dll - ok
21:06:48.0610 4276  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
21:06:48.0610 4276  C:\Windows\System32\WinSCard.dll - ok
21:06:48.0626 4276  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
21:06:48.0626 4276  C:\Windows\System32\wlanutil.dll - ok
21:06:48.0626 4276  [ 730BF204A595D5B6D7DC57A247CC741C ] C:\Windows\System32\wlgpclnt.dll
21:06:48.0626 4276  C:\Windows\System32\wlgpclnt.dll - ok
21:06:48.0626 4276  [ 4FFDE68C4B7C9993FA551E7E36DDB34D ] C:\Windows\System32\msxml6.dll
21:06:48.0626 4276  C:\Windows\System32\msxml6.dll - ok
21:06:48.0626 4276  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
21:06:48.0626 4276  C:\Windows\System32\ktmw32.dll - ok
21:06:48.0641 4276  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
21:06:48.0641 4276  C:\Windows\System32\fveapi.dll - ok
21:06:48.0641 4276  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
21:06:48.0641 4276  C:\Windows\System32\tbs.dll - ok
21:06:48.0641 4276  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
21:06:48.0641 4276  C:\Windows\System32\fvecerts.dll - ok
21:06:48.0641 4276  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
21:06:48.0641 4276  C:\Windows\System32\netcfgx.dll - ok
21:06:48.0657 4276  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
21:06:48.0657 4276  C:\Windows\System32\wiarpc.dll - ok
21:06:48.0657 4276  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
21:06:48.0657 4276  C:\Windows\System32\taskcomp.dll - ok
21:06:48.0657 4276  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
21:06:48.0657 4276  C:\Windows\System32\drivers\bowser.sys - ok
21:06:48.0657 4276  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
21:06:48.0657 4276  C:\Windows\System32\drivers\mpsdrv.sys - ok
21:06:48.0673 4276  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
21:06:48.0673 4276  C:\Windows\System32\drivers\mrxsmb.sys - ok
21:06:48.0673 4276  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
21:06:48.0673 4276  C:\Windows\System32\drivers\mrxsmb10.sys - ok
21:06:48.0673 4276  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
21:06:48.0673 4276  C:\Windows\System32\drivers\mrxsmb20.sys - ok
21:06:48.0673 4276  [ A6FB9DB8F1A86861D955FD6975977AE0 ] C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe
21:06:48.0673 4276  C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d15ed671de43d681\AESTSr64.exe - ok
21:06:48.0688 4276  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
21:06:48.0688 4276  C:\Windows\System32\wfapigp.dll - ok
21:06:48.0688 4276  [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:06:48.0688 4276  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
21:06:48.0688 4276  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
21:06:48.0688 4276  C:\Windows\System32\mscms.dll - ok
21:06:48.0704 4276  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
21:06:48.0704 4276  C:\Windows\SysWOW64\ntdll.dll - ok
21:06:48.0704 4276  [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
21:06:48.0704 4276  C:\Windows\System32\wow64.dll - ok
21:06:48.0704 4276  [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
21:06:48.0704 4276  C:\Windows\System32\wow64win.dll - ok
21:06:48.0704 4276  [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
21:06:48.0704 4276  C:\Windows\System32\wow64cpu.dll - ok
21:06:48.0719 4276  [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
21:06:48.0719 4276  C:\Windows\SysWOW64\kernel32.dll - ok
21:06:48.0719 4276  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
21:06:48.0719 4276  C:\Windows\SysWOW64\advapi32.dll - ok
21:06:48.0719 4276  [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
21:06:48.0719 4276  C:\Windows\SysWOW64\KernelBase.dll - ok
21:06:48.0719 4276  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
21:06:48.0719 4276  C:\Windows\SysWOW64\msvcrt.dll - ok
21:06:48.0735 4276  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
21:06:48.0735 4276  C:\Windows\SysWOW64\rpcrt4.dll - ok
21:06:48.0735 4276  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
21:06:48.0735 4276  C:\Windows\SysWOW64\sechost.dll - ok
21:06:48.0735 4276  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
21:06:48.0735 4276  C:\Windows\SysWOW64\cryptbase.dll - ok
21:06:48.0735 4276  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
21:06:48.0735 4276  C:\Windows\SysWOW64\sspicli.dll - ok
21:06:48.0751 4276  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
21:06:48.0751 4276  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
21:06:48.0751 4276  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
21:06:48.0751 4276  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
21:06:48.0751 4276  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
21:06:48.0751 4276  C:\Windows\SysWOW64\shlwapi.dll - ok
21:06:48.0751 4276  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
21:06:48.0751 4276  C:\Windows\SysWOW64\gdi32.dll - ok
21:06:48.0766 4276  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
21:06:48.0766 4276  C:\Windows\SysWOW64\user32.dll - ok
21:06:48.0766 4276  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
21:06:48.0766 4276  C:\Windows\SysWOW64\lpk.dll - ok
21:06:48.0766 4276  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
21:06:48.0766 4276  C:\Windows\SysWOW64\usp10.dll - ok
21:06:48.0766 4276  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
21:06:48.0766 4276  C:\Windows\SysWOW64\imm32.dll - ok
21:06:48.0782 4276  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
21:06:48.0782 4276  C:\Windows\SysWOW64\msctf.dll - ok
21:06:48.0782 4276  [ 2E705785860F95358DC9AA6ED402198B ] C:\PROGRA~2\BROWSE~1\SPROTE~1.DLL
21:06:48.0782 4276  C:\PROGRA~2\BROWSE~1\SPROTE~1.DLL - ok
21:06:48.0782 4276  [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
21:06:48.0782 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
21:06:48.0782 4276  [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
21:06:48.0782 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
21:06:48.0797 4276  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
21:06:48.0797 4276  C:\Windows\SysWOW64\version.dll - ok
21:06:48.0797 4276  [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
21:06:48.0797 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
21:06:48.0797 4276  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
21:06:48.0797 4276  C:\Windows\SysWOW64\shell32.dll - ok
21:06:48.0797 4276  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
21:06:48.0797 4276  C:\Windows\SysWOW64\ws2_32.dll - ok
21:06:48.0813 4276  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
21:06:48.0813 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
21:06:48.0813 4276  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
21:06:48.0813 4276  C:\Windows\SysWOW64\nsi.dll - ok
21:06:48.0813 4276  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
21:06:48.0813 4276  C:\Windows\SysWOW64\wsock32.dll - ok
21:06:48.0813 4276  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
21:06:48.0813 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
21:06:48.0829 4276  [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
21:06:48.0829 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
21:06:48.0829 4276  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
21:06:48.0829 4276  C:\Windows\SysWOW64\winmm.dll - ok
21:06:48.0829 4276  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
21:06:48.0829 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
21:06:48.0829 4276  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
21:06:48.0829 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
21:06:48.0844 4276  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll
21:06:48.0844 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll - ok
21:06:48.0844 4276  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
21:06:48.0844 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
21:06:48.0844 4276  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
21:06:48.0844 4276  C:\Windows\SysWOW64\ole32.dll - ok
21:06:48.0844 4276  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
21:06:48.0844 4276  C:\Windows\SysWOW64\profapi.dll - ok
21:06:48.0860 4276  [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
21:06:48.0860 4276  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
21:06:48.0860 4276  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
21:06:48.0860 4276  C:\Windows\SysWOW64\setupapi.dll - ok
21:06:48.0860 4276  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
21:06:48.0860 4276  C:\Windows\SysWOW64\cfgmgr32.dll - ok
21:06:48.0875 4276  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
21:06:48.0875 4276  C:\Windows\SysWOW64\oleaut32.dll - ok
21:06:48.0875 4276  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
21:06:48.0875 4276  C:\Windows\SysWOW64\devobj.dll - ok
21:06:48.0875 4276  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
21:06:48.0875 4276  C:\Windows\SysWOW64\userenv.dll - ok
21:06:48.0875 4276  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
21:06:48.0875 4276  C:\Windows\SysWOW64\wtsapi32.dll - ok
21:06:48.0891 4276  [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\SysWOW64\dnssd.dll
21:06:48.0891 4276  C:\Windows\SysWOW64\dnssd.dll - ok
21:06:48.0891 4276  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
21:06:48.0891 4276  C:\Windows\SysWOW64\ntmarta.dll - ok
21:06:48.0891 4276  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
21:06:48.0891 4276  C:\Windows\SysWOW64\Wldap32.dll - ok
21:06:48.0891 4276  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] C:\Program Files\Bonjour\mDNSResponder.exe
21:06:48.0891 4276  C:\Program Files\Bonjour\mDNSResponder.exe - ok
21:06:48.0907 4276  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
21:06:48.0907 4276  C:\Windows\SysWOW64\mswsock.dll - ok
21:06:48.0907 4276  [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
21:06:48.0907 4276  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
21:06:48.0907 4276  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
21:06:48.0907 4276  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
21:06:48.0907 4276  [ 577582D57D90FB64276ACFEE958DBFD3 ] C:\SPLASH.SYS\config\DVMExportService.exe
21:06:48.0907 4276  C:\SPLASH.SYS\config\DVMExportService.exe - ok
21:06:48.0922 4276  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
21:06:48.0922 4276  C:\Windows\System32\taskschd.dll - ok
21:06:48.0922 4276  [ 75A97A2C060E72AB49E071E08C7DD2BA ] C:\Windows\SysWOW64\wininet.dll
21:06:48.0922 4276  C:\Windows\SysWOW64\wininet.dll - ok
21:06:48.0922 4276  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
21:06:48.0922 4276  C:\Windows\SysWOW64\comdlg32.dll - ok
21:06:48.0922 4276  [ B17ADBBBDC97148D28F995F32C380F2E ] C:\Windows\SysWOW64\iertutil.dll
21:06:48.0922 4276  C:\Windows\SysWOW64\iertutil.dll - ok
21:06:48.0938 4276  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
21:06:48.0938 4276  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
21:06:48.0938 4276  [ 667981F2E7C26275F0694B58EEE303B9 ] C:\Windows\SysWOW64\urlmon.dll
21:06:48.0938 4276  C:\Windows\SysWOW64\urlmon.dll - ok
21:06:48.0938 4276  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
21:06:48.0938 4276  C:\Windows\SysWOW64\winspool.drv - ok
21:06:48.0938 4276  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
21:06:48.0938 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
21:06:48.0953 4276  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
21:06:48.0953 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
21:06:48.0953 4276  [ 0EE66BDF485C6828AA65C0EF5D591133 ] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:06:48.0953 4276  C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe - ok
21:06:48.0953 4276  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
21:06:48.0953 4276  C:\Windows\System32\WSDApi.dll - ok
21:06:48.0953 4276  [ 77B5035BC6EDF4D1B6265391AECEE4C0 ] C:\Windows\System32\vpnikeapi.dll
21:06:48.0969 4276  C:\Windows\System32\vpnikeapi.dll - ok
21:06:48.0969 4276  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
21:06:48.0969 4276  C:\Windows\System32\webservices.dll - ok
21:06:48.0969 4276  [ B918E1DB3D9F6C98A8BC9F71E6F38603 ] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll
21:06:48.0969 4276  C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll - ok
21:06:48.0969 4276  [ B5CBB268B6833E1AD77052BA445AB8D4 ] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll
21:06:48.0969 4276  C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll - ok
21:06:48.0985 4276  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
21:06:48.0985 4276  C:\Windows\SysWOW64\psapi.dll - ok
21:06:48.0985 4276  [ 7485FBCEF9136F530953575E2977859D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
21:06:48.0985 4276  C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe - ok
21:06:48.0985 4276  [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
21:06:48.0985 4276  C:\Windows\SysWOW64\crypt32.dll - ok
21:06:48.0985 4276  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
21:06:48.0985 4276  C:\Windows\SysWOW64\dnsapi.dll - ok
21:06:49.0000 4276  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
21:06:49.0000 4276  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
21:06:49.0000 4276  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
21:06:49.0000 4276  C:\Windows\SysWOW64\winnsi.dll - ok
21:06:49.0000 4276  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
21:06:49.0000 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
21:06:49.0000 4276  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
21:06:49.0000 4276  C:\Windows\SysWOW64\msasn1.dll - ok
21:06:49.0016 4276  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
21:06:49.0016 4276  C:\Windows\System32\fundisc.dll - ok
21:06:49.0016 4276  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:06:49.0016 4276  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
21:06:49.0016 4276  [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
21:06:49.0016 4276  C:\Windows\SysWOW64\wintrust.dll - ok
21:06:49.0016 4276  [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
21:06:49.0016 4276  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
21:06:49.0031 4276  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
21:06:49.0031 4276  C:\Windows\System32\webio.dll - ok
21:06:49.0031 4276  [ 8624E0E2418413614EE1FECDB7B76B88 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
21:06:49.0031 4276  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
21:06:49.0031 4276  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
21:06:49.0031 4276  C:\Windows\System32\httpapi.dll - ok
21:06:49.0031 4276  [ D4467A285C91752018F67CDBA8680BAB ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
21:06:49.0031 4276  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
21:06:49.0047 4276  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
21:06:49.0047 4276  C:\Windows\System32\aepic.dll - ok
21:06:49.0047 4276  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
21:06:49.0047 4276  C:\Windows\System32\QUTIL.DLL - ok
21:06:49.0047 4276  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
21:06:49.0047 4276  C:\Windows\System32\drivers\PEAuth.sys - ok
21:06:49.0047 4276  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
21:06:49.0047 4276  C:\Windows\System32\sfc.dll - ok
21:06:49.0063 4276  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
21:06:49.0063 4276  C:\Windows\System32\sfc_os.dll - ok
21:06:49.0063 4276  [ 498EB62A160674E793FA40FD65390625 ] C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:06:49.0063 4276  C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe - ok
21:06:49.0063 4276  [ 4A435F95B940E93A88FEC144BD409789 ] C:\Windows\System32\ncsi.dll
21:06:49.0063 4276  C:\Windows\System32\ncsi.dll - ok
21:06:49.0063 4276  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
21:06:49.0063 4276  C:\Windows\System32\ssdpapi.dll - ok
21:06:49.0078 4276  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
21:06:49.0078 4276  C:\Windows\SysWOW64\cryptsp.dll - ok
21:06:49.0078 4276  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
21:06:49.0078 4276  C:\Windows\SysWOW64\rsaenh.dll - ok
21:06:49.0078 4276  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
21:06:49.0078 4276  C:\Windows\System32\QAGENT.DLL - ok
21:06:49.0078 4276  [ 206387AB881E93A1A6EB89966C8651F1 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
21:06:49.0078 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe - ok
21:06:49.0094 4276  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
21:06:49.0094 4276  C:\Windows\SysWOW64\clbcatq.dll - ok
21:06:49.0094 4276  [ FF819F4345099B8FA6F6B3C5D0BF1F68 ] C:\Windows\System32\mssha.dll
21:06:49.0094 4276  C:\Windows\System32\mssha.dll - ok
21:06:49.0094 4276  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
21:06:49.0094 4276  C:\Windows\System32\wscapi.dll - ok
21:06:49.0094 4276  [ CB06D9EDB2A0C225C25A3B33BEDF4DD7 ] C:\Windows\System32\DHCPQEC.DLL
21:06:49.0094 4276  C:\Windows\System32\DHCPQEC.DLL - ok
21:06:49.0109 4276  [ B07F39F281A1A1DECD4B8E2F1BB46299 ] C:\Windows\System32\EAPQEC.DLL
21:06:49.0109 4276  C:\Windows\System32\EAPQEC.DLL - ok
21:06:49.0109 4276  [ F36BDE3923E9C7B37AF0F800E4994E36 ] C:\Windows\System32\napipsec.dll
21:06:49.0109 4276  C:\Windows\System32\napipsec.dll - ok
21:06:49.0109 4276  [ 3834D69D6D189AC08B52BD8DF8CB06A6 ] C:\Windows\System32\tsgqec.dll
21:06:49.0109 4276  C:\Windows\System32\tsgqec.dll - ok
21:06:49.0109 4276  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
21:06:49.0109 4276  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
21:06:49.0125 4276  [ 4C867B62F6100C107A3A8F5E7A10461D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl
21:06:49.0125 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\rtl150.bpl - ok
21:06:49.0125 4276  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
21:06:49.0125 4276  C:\Windows\System32\aeevts.dll - ok
21:06:49.0125 4276  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
21:06:49.0125 4276  C:\Windows\SysWOW64\imagehlp.dll - ok
21:06:49.0125 4276  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
21:06:49.0125 4276  C:\Windows\SysWOW64\mpr.dll - ok
21:06:49.0141 4276  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
21:06:49.0141 4276  C:\Windows\SysWOW64\oleacc.dll - ok
21:06:49.0141 4276  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
21:06:49.0141 4276  C:\Windows\SysWOW64\shfolder.dll - ok
21:06:49.0141 4276  [ D9AF104F7E21FA859EFA3C67E5522E88 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl
21:06:49.0141 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\vcl150.bpl - ok
21:06:49.0141 4276  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
21:06:49.0141 4276  C:\Windows\SysWOW64\msimg32.dll - ok
21:06:49.0156 4276  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
21:06:49.0156 4276  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
21:06:49.0156 4276  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
21:06:49.0156 4276  C:\Windows\SysWOW64\oledlg.dll - ok
21:06:49.0156 4276  [ 105ED75F4CEE9E58152061520DAA4ABD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl
21:06:49.0156 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\Jcl150.bpl - ok
21:06:49.0172 4276  [ 0FDABB1FD68CBC557084E16B0EA2F731 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl
21:06:49.0172 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlBase150.bpl - ok
21:06:49.0172 4276  [ FA27F4DF4015B22F04B5D18044A24322 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
21:06:49.0172 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl - ok
21:06:49.0172 4276  [ 86E99E1222E671408ED5E8618521AEEB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
21:06:49.0172 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl - ok
21:06:49.0187 4276  [ 9244E0240A1D150581C3BAA89D8AA154 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
21:06:49.0187 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl - ok
21:06:49.0187 4276  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
21:06:49.0187 4276  C:\Windows\SysWOW64\netapi32.dll - ok
21:06:49.0187 4276  [ 14361FB2FD630988816A4F46AEAF0684 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
21:06:49.0187 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll - ok
21:06:49.0187 4276  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
21:06:49.0187 4276  C:\Windows\SysWOW64\netutils.dll - ok
21:06:49.0203 4276  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
21:06:49.0203 4276  C:\Windows\SysWOW64\samcli.dll - ok
21:06:49.0203 4276  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
21:06:49.0203 4276  C:\Windows\SysWOW64\srvcli.dll - ok
21:06:49.0203 4276  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
21:06:49.0203 4276  C:\Windows\SysWOW64\wkscli.dll - ok
21:06:49.0203 4276  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
21:06:49.0203 4276  C:\Windows\SysWOW64\propsys.dll - ok
21:06:49.0219 4276  [ 326347CFA78559622928E0BA3DFAF00A ] C:\Windows\SysWOW64\jsproxy.dll
21:06:49.0219 4276  C:\Windows\SysWOW64\jsproxy.dll - ok
21:06:49.0219 4276  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
21:06:49.0219 4276  C:\Windows\SysWOW64\secur32.dll - ok
21:06:49.0219 4276  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
21:06:49.0219 4276  C:\Windows\System32\drivers\secdrv.sys - ok
21:06:49.0219 4276  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
21:06:49.0219 4276  C:\Windows\System32\drivers\srvnet.sys - ok
21:06:49.0234 4276  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
21:06:49.0234 4276  C:\Windows\System32\drivers\tcpipreg.sys - ok
21:06:49.0234 4276  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
21:06:49.0234 4276  C:\Windows\System32\wiatrace.dll - ok
21:06:49.0234 4276  [ 3BD865754624EEA5AF13C4A114A7CAB8 ] C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe
21:06:49.0234 4276  C:\Program Files\Microsoft Forefront UAG\Endpoint Components\3.1.0\uagqecsvc.exe - ok
21:06:49.0234 4276  [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\SysWOW64\QUTIL.DLL
21:06:49.0234 4276  C:\Windows\SysWOW64\QUTIL.DLL - ok
21:06:49.0250 4276  [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\SysWOW64\wevtapi.dll
21:06:49.0250 4276  C:\Windows\SysWOW64\wevtapi.dll - ok
21:06:49.0250 4276  [ A529CFE32565C0B145578FFB2B32C9A5 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:06:49.0250 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe - ok
21:06:49.0250 4276  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
21:06:49.0250 4276  C:\Windows\System32\npmproxy.dll - ok
21:06:49.0265 4276  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
21:06:49.0265 4276  C:\Windows\System32\rastapi.dll - ok
21:06:49.0265 4276  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
21:06:49.0265 4276  C:\Windows\System32\tapi32.dll - ok
21:06:49.0265 4276  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
21:06:49.0265 4276  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
21:06:49.0265 4276  [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\SysWOW64\QAGENT.DLL
21:06:49.0265 4276  C:\Windows\SysWOW64\QAGENT.DLL - ok
21:06:49.0281 4276  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
21:06:49.0281 4276  C:\Windows\System32\wbem\fastprox.dll - ok
21:06:49.0281 4276  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
21:06:49.0281 4276  C:\Windows\SysWOW64\cabinet.dll - ok
21:06:49.0281 4276  [ 2765B91A9EE086C20B451E80D2709CC9 ] C:\Windows\SysWOW64\DHCPQEC.DLL
21:06:49.0281 4276  C:\Windows\SysWOW64\DHCPQEC.DLL - ok
21:06:49.0281 4276  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
21:06:49.0281 4276  C:\Windows\SysWOW64\apphelp.dll - ok
21:06:49.0297 4276  [ 929759E0775E6D00B4B2F4A08042439F ] C:\Windows\SysWOW64\napipsec.dll
21:06:49.0297 4276  C:\Windows\SysWOW64\napipsec.dll - ok
21:06:49.0297 4276  [ 9C17DCD6DDFEB1A012544FAF4F2789F6 ] C:\Windows\AppPatch\AcGenral.dll
21:06:49.0297 4276  C:\Windows\AppPatch\AcGenral.dll - ok
21:06:49.0297 4276  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
21:06:49.0297 4276  C:\Windows\System32\ntdsapi.dll - ok
21:06:49.0297 4276  [ C555046481601ED19920F2D3E76B8A36 ] C:\Windows\SysWOW64\tsgqec.dll
21:06:49.0297 4276  C:\Windows\SysWOW64\tsgqec.dll - ok
21:06:49.0312 4276  [ 9FA14FFC9150B48C5D582DCF6A79D6F2 ] C:\Windows\SysWOW64\EAPQEC.DLL
21:06:49.0312 4276  C:\Windows\SysWOW64\EAPQEC.DLL - ok
21:06:49.0312 4276  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
21:06:49.0312 4276  C:\Windows\System32\vssapi.dll - ok
21:06:49.0312 4276  [ 04C20DBC09884A27F65EBD721B42F073 ] C:\Windows\SysWOW64\mssha.dll
21:06:49.0312 4276  C:\Windows\SysWOW64\mssha.dll - ok
21:06:49.0312 4276  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
21:06:49.0312 4276  C:\Windows\System32\vsstrace.dll - ok
21:06:49.0312 4276  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
21:06:49.0312 4276  C:\Windows\SysWOW64\uxtheme.dll - ok
21:06:49.0328 4276  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
21:06:49.0328 4276  C:\Windows\System32\wbem\WinMgmtR.dll - ok
21:06:49.0328 4276  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
21:06:49.0328 4276  C:\Windows\SysWOW64\credssp.dll - ok
21:06:49.0328 4276  [ A8CDF3768604FF95B54669E20053D569 ] C:\Windows\SysWOW64\wscapi.dll
21:06:49.0328 4276  C:\Windows\SysWOW64\wscapi.dll - ok
21:06:49.0328 4276  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
21:06:49.0328 4276  C:\Windows\System32\unimdm.tsp - ok
21:06:49.0343 4276  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
21:06:49.0343 4276  C:\Windows\SysWOW64\dwmapi.dll - ok
21:06:49.0343 4276  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
21:06:49.0343 4276  C:\Windows\SysWOW64\msacm32.dll - ok
21:06:49.0343 4276  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
21:06:49.0343 4276  C:\Windows\SysWOW64\sfc.dll - ok
21:06:49.0359 4276  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
21:06:49.0359 4276  C:\Windows\SysWOW64\sfc_os.dll - ok
21:06:49.0359 4276  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
21:06:49.0359 4276  C:\Windows\System32\hidphone.tsp - ok
21:06:49.0359 4276  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
21:06:49.0359 4276  C:\Windows\System32\kmddsp.tsp - ok
21:06:49.0359 4276  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
21:06:49.0359 4276  C:\Windows\System32\ndptsp.tsp - ok
21:06:49.0375 4276  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
21:06:49.0375 4276  C:\Windows\System32\uniplat.dll - ok
21:06:49.0375 4276  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
21:06:49.0375 4276  C:\Windows\System32\wbem\wbemcore.dll - ok
21:06:49.0375 4276  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
21:06:49.0375 4276  C:\Windows\System32\wbem\esscli.dll - ok
21:06:49.0375 4276  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
21:06:49.0375 4276  C:\Windows\System32\rasppp.dll - ok
21:06:49.0390 4276  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
21:06:49.0390 4276  C:\Windows\System32\wbem\wbemsvc.dll - ok
21:06:49.0390 4276  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
21:06:49.0390 4276  C:\Windows\System32\vpnike.dll - ok
21:06:49.0390 4276  [ D21AB32F16E8DE67D45E5A383B5E52BA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll
21:06:49.0390 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\ssleay32.dll - ok
21:06:49.0390 4276  [ B009D6171147BE129636A49C4178E487 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll
21:06:49.0390 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\libeay32.dll - ok
21:06:49.0406 4276  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
21:06:49.0406 4276  C:\Windows\System32\wbem\wmiutils.dll - ok
21:06:49.0406 4276  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
21:06:49.0406 4276  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
21:06:49.0406 4276  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
21:06:49.0406 4276  C:\Windows\System32\wbem\repdrvfs.dll - ok
21:06:49.0421 4276  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
21:06:49.0421 4276  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
21:06:49.0421 4276  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
21:06:49.0421 4276  C:\Windows\System32\ncobjapi.dll - ok
21:06:49.0421 4276  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
21:06:49.0421 4276  C:\Windows\System32\wbem\wbemess.dll - ok
21:06:49.0421 4276  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
21:06:49.0421 4276  C:\Windows\System32\dbghelp.dll - ok
21:06:49.0437 4276  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
21:06:49.0437 4276  C:\Windows\System32\drivers\srv2.sys - ok
21:06:49.0437 4276  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
21:06:49.0437 4276  C:\Windows\System32\sqmapi.dll - ok
21:06:49.0437 4276  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
21:06:49.0437 4276  C:\Windows\System32\wdscore.dll - ok
21:06:49.0437 4276  [ 05F620B4B2E7DEB9409C0C6A4FEDD2A4 ] C:\Windows\System32\adsldpc.dll
21:06:49.0437 4276  C:\Windows\System32\adsldpc.dll - ok
21:06:49.0453 4276  [ 254FB7A22D74E5511C73A3F6D802F192 ] C:\Windows\System32\mprdim.dll
21:06:49.0453 4276  C:\Windows\System32\mprdim.dll - ok
21:06:49.0453 4276  [ CB63BDB77BB86549FC3303C2F11EDC18 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:06:49.0453 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe - ok
21:06:49.0453 4276  [ 40308014B44489795DA132D3F2CC13DA ] C:\Windows\System32\iprtrmgr.dll
21:06:49.0453 4276  C:\Windows\System32\iprtrmgr.dll - ok
21:06:49.0453 4276  [ 2B19CB7DF98C4DB3900E77C97CAABEAF ] C:\Windows\System32\iprtprio.dll
21:06:49.0453 4276  C:\Windows\System32\iprtprio.dll - ok
21:06:49.0468 4276  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
21:06:49.0468 4276  C:\Windows\System32\perftrack.dll - ok
21:06:49.0468 4276  [ 80014469803E6D9CC89F03907262B1F8 ] C:\Windows\System32\rtm.dll
21:06:49.0468 4276  C:\Windows\System32\rtm.dll - ok
21:06:49.0468 4276  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
21:06:49.0468 4276  C:\Windows\System32\diagperf.dll - ok
21:06:49.0468 4276  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
21:06:49.0468 4276  C:\Windows\System32\PortableDeviceApi.dll - ok
21:06:49.0484 4276  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
21:06:49.0484 4276  C:\Windows\System32\nci.dll - ok
21:06:49.0484 4276  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
21:06:49.0484 4276  C:\Windows\System32\hnetcfg.dll - ok
21:06:49.0484 4276  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
21:06:49.0484 4276  C:\Windows\System32\wer.dll - ok
21:06:49.0484 4276  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
21:06:49.0484 4276  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
21:06:49.0499 4276  [ A87EC5A9714CE350D2E893C254355E40 ] C:\Windows\System32\iashlpr.dll
21:06:49.0499 4276  C:\Windows\System32\iashlpr.dll - ok
21:06:49.0499 4276  [ 621B74BFCE49F9372AED2859FD87343C ] C:\Windows\System32\mprddm.dll
21:06:49.0499 4276  C:\Windows\System32\mprddm.dll - ok
21:06:49.0499 4276  [ 047AD05DE61C166A1BED4CF5A9083ED8 ] C:\Windows\System32\iasrad.dll
21:06:49.0499 4276  C:\Windows\System32\iasrad.dll - ok
21:06:49.0499 4276  [ A6F3F67F9652EA07210188E2B07FFEE8 ] C:\Windows\System32\iassvcs.dll
21:06:49.0499 4276  C:\Windows\System32\iassvcs.dll - ok
21:06:49.0515 4276  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
21:06:49.0515 4276  C:\Windows\System32\NapiNSP.dll - ok
21:06:49.0515 4276  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
21:06:49.0515 4276  C:\Windows\System32\Apphlpdm.dll - ok
21:06:49.0515 4276  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
21:06:49.0515 4276  C:\Windows\System32\pnpts.dll - ok
21:06:49.0515 4276  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
21:06:49.0515 4276  C:\Windows\System32\pnrpnsp.dll - ok
21:06:49.0531 4276  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
21:06:49.0531 4276  C:\Windows\System32\wdiasqmmodule.dll - ok
21:06:49.0531 4276  [ F9D908DE6B166DAC9B89BF62FA291CE8 ] C:\Program Files\Bonjour\mdnsNSP.dll
21:06:49.0531 4276  C:\Program Files\Bonjour\mdnsNSP.dll - ok
21:06:49.0531 4276  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
21:06:49.0531 4276  C:\Windows\System32\p2pcollab.dll - ok
21:06:49.0531 4276  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
21:06:49.0531 4276  C:\Windows\System32\rasadhlp.dll - ok
21:06:49.0546 4276  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
21:06:49.0546 4276  C:\Windows\System32\wbem\NCProv.dll - ok
21:06:49.0546 4276  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
21:06:49.0546 4276  C:\Windows\System32\winrnr.dll - ok
21:06:49.0546 4276  [ 566C42BA91A46FA007FC892E7FAFEA7C ] C:\Windows\System32\iassdo.dll
21:06:49.0546 4276  C:\Windows\System32\iassdo.dll - ok
21:06:49.0546 4276  [ 011F0B067E47612F57C4ECE377D9C9DF ] C:\Windows\System32\activeds.dll
21:06:49.0546 4276  C:\Windows\System32\activeds.dll - ok
21:06:49.0562 4276  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
21:06:49.0562 4276  C:\Windows\System32\fveui.dll - ok
21:06:49.0562 4276  [ 4C6F525A346E80A8834CE2E7A870B203 ] C:\Windows\System32\iasrecst.dll
21:06:49.0562 4276  C:\Windows\System32\iasrecst.dll - ok
21:06:49.0562 4276  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
21:06:49.0562 4276  C:\Windows\System32\dllhost.exe - ok
21:06:49.0562 4276  [ 313A1B21DA0FBCFBF557247C81C803D6 ] C:\Windows\System32\iasdatastore.dll
21:06:49.0562 4276  C:\Windows\System32\iasdatastore.dll - ok
21:06:49.0577 4276  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
21:06:49.0577 4276  C:\Windows\System32\wuapi.dll - ok
21:06:49.0577 4276  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
21:06:49.0577 4276  C:\Windows\System32\cabinet.dll - ok
21:06:49.0577 4276  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
21:06:49.0577 4276  C:\Windows\System32\wups.dll - ok
21:06:49.0577 4276  [ 8426E4F80F91E698ABE65A5945EC317E ] C:\Windows\System32\iasnap.dll
21:06:49.0577 4276  C:\Windows\System32\iasnap.dll - ok
21:06:49.0593 4276  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
21:06:49.0593 4276  C:\Windows\System32\drivers\srv.sys - ok
21:06:49.0593 4276  [ DD853B7E91F22F842B8C8CB5096EE3B3 ] C:\Windows\System32\QSHVHOST.DLL
21:06:49.0593 4276  C:\Windows\System32\QSHVHOST.DLL - ok
21:06:49.0593 4276  [ 8258362DDB18B644A82D8B5061AD9426 ] C:\Windows\SysWOW64\wscisvif.dll
21:06:49.0593 4276  C:\Windows\SysWOW64\wscisvif.dll - ok
21:06:49.0593 4276  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
21:06:49.0593 4276  C:\Windows\System32\clusapi.dll - ok
21:06:49.0609 4276  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
21:06:49.0609 4276  C:\Windows\System32\netmsg.dll - ok
21:06:49.0609 4276  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
21:06:49.0609 4276  C:\Windows\System32\sscore.dll - ok
21:06:49.0609 4276  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
21:06:49.0609 4276  C:\Windows\System32\resutils.dll - ok
21:06:49.0609 4276  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
21:06:49.0609 4276  C:\Windows\System32\IPSECSVC.DLL - ok
21:06:49.0624 4276  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
21:06:49.0624 4276  C:\Windows\System32\FwRemoteSvr.dll - ok
21:06:49.0624 4276  [ DDC0B23D7EB77356E8D32FFE05718C6E ] C:\Windows\System32\vbscript.dll
21:06:49.0624 4276  C:\Windows\System32\vbscript.dll - ok
21:06:49.0624 4276  [ 7F9AAEEE01CE2DDBEA4ABEF0910A7ADA ] C:\Windows\System32\iassam.dll
21:06:49.0624 4276  C:\Windows\System32\iassam.dll - ok
21:06:49.0624 4276  [ A6F309DD01DC5BD7BFB3E3C1C413573F ] C:\Windows\System32\iasacct.dll
21:06:49.0624 4276  C:\Windows\System32\iasacct.dll - ok
21:06:49.0640 4276  [ EC5F6EE00337DB400229B69FB43F92C5 ] C:\Windows\System32\QSVRMGMT.DLL
21:06:49.0640 4276  C:\Windows\System32\QSVRMGMT.DLL - ok
21:06:49.0640 4276  [ 82A966D90A3AC50BCFA70B03D38A4A7A ] C:\Windows\System32\iaspolcy.dll
21:06:49.0640 4276  C:\Windows\System32\iaspolcy.dll - ok
21:06:49.0640 4276  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
21:06:49.0640 4276  C:\Windows\System32\netshell.dll - ok
21:06:49.0640 4276  [ 517110BD83835338C037269E603DB55D ] C:\Windows\System32\taskhost.exe
21:06:49.0640 4276  C:\Windows\System32\taskhost.exe - ok
21:06:49.0655 4276  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
21:06:49.0655 4276  C:\Windows\System32\dimsjob.dll - ok
21:06:49.0655 4276  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
21:06:49.0655 4276  C:\Windows\System32\pautoenr.dll - ok
21:06:49.0655 4276  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
21:06:49.0655 4276  C:\Windows\System32\certcli.dll - ok
21:06:49.0655 4276  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
21:06:49.0655 4276  C:\Windows\System32\CertEnroll.dll - ok



21:06:49.0671 4276  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
21:06:49.0671 4276  C:\Windows\System32\mprapi.dll - ok
21:06:49.0671 4276  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C ] C:\Windows\System32\ndiscapCfg.dll
21:06:49.0671 4276  C:\Windows\System32\ndiscapCfg.dll - ok
21:06:49.0671 4276  [ 1CF21800E337F4039AAD4C94B4280EE4 ] C:\Windows\System32\mprmsg.dll
21:06:49.0671 4276  C:\Windows\System32\mprmsg.dll - ok
21:06:49.0671 4276  [ 198803E5E93E29967DFB0BCFD0186151 ] C:\Windows\System32\spfileq.dll
21:06:49.0671 4276  C:\Windows\System32\spfileq.dll - ok
21:06:49.0687 4276  [ AC0C9CEA1218DAB1994AF8B28E680BD9 ] C:\Windows\System32\wlaninst.dll
21:06:49.0687 4276  C:\Windows\System32\wlaninst.dll - ok
21:06:49.0687 4276  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE ] C:\Windows\System32\wwaninst.dll
21:06:49.0687 4276  C:\Windows\System32\wwaninst.dll - ok
21:06:49.0687 4276  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
21:06:49.0687 4276  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
21:06:49.0687 4276  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
21:06:49.0687 4276  C:\Windows\System32\IDStore.dll - ok
21:06:49.0702 4276  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
21:06:49.0702 4276  C:\Windows\SysWOW64\winsta.dll - ok
21:06:49.0702 4276  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
21:06:49.0702 4276  C:\Windows\System32\mpr.dll - ok
21:06:49.0702 4276  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
21:06:49.0702 4276  C:\Windows\System32\PlaySndSrv.dll - ok
21:06:49.0702 4276  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
21:06:49.0702 4276  C:\Windows\System32\taskeng.exe - ok
21:06:49.0718 4276  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
21:06:49.0718 4276  C:\Windows\System32\userinit.exe - ok
21:06:49.0718 4276  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
21:06:49.0718 4276  C:\Windows\System32\dwmredir.dll - ok
21:06:49.0718 4276  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
21:06:49.0718 4276  C:\Windows\System32\localspl.dll - ok
21:06:49.0718 4276  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
21:06:49.0718 4276  C:\Windows\System32\dwmcore.dll - ok
21:06:49.0733 4276  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
21:06:49.0733 4276  C:\Windows\System32\HotStartUserAgent.dll - ok
21:06:49.0733 4276  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
21:06:49.0733 4276  C:\Windows\System32\MsCtfMonitor.dll - ok
21:06:49.0733 4276  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
21:06:49.0733 4276  C:\Windows\System32\msutb.dll - ok
21:06:49.0733 4276  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
21:06:49.0733 4276  C:\Windows\System32\spoolss.dll - ok
21:06:49.0749 4276  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
21:06:49.0749 4276  C:\Windows\System32\winspool.drv - ok
21:06:49.0749 4276  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
21:06:49.0749 4276  C:\Windows\System32\PrintIsolationProxy.dll - ok
21:06:49.0749 4276  [ D63BEE2A8B22482F7080A8D3F2E1A733 ] C:\Windows\System32\d3d10_1.dll
21:06:49.0749 4276  C:\Windows\System32\d3d10_1.dll - ok
21:06:49.0749 4276  [ 426BA4E737A7988FD1202AF2F2B2F4A6 ] C:\Windows\System32\d3d10_1core.dll
21:06:49.0749 4276  C:\Windows\System32\d3d10_1core.dll - ok
21:06:49.0765 4276  [ F404E59DB6A0F122AB26BF4F3E2FD0FA ] C:\Windows\System32\dxgi.dll
21:06:49.0765 4276  C:\Windows\System32\dxgi.dll - ok
21:06:49.0765 4276  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
21:06:49.0765 4276  C:\Windows\System32\TSChannel.dll - ok
21:06:49.0765 4276  [ 2960400094498DAE47B36173286D76A0 ] C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe
21:06:49.0765 4276  C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe - ok
21:06:49.0765 4276  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
21:06:49.0765 4276  C:\Windows\System32\FXSMON.dll - ok
21:06:49.0780 4276  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
21:06:49.0780 4276  C:\Windows\System32\tcpmon.dll - ok
21:06:49.0780 4276  [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:06:49.0780 4276  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
21:06:49.0780 4276  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
21:06:49.0780 4276  C:\Windows\explorer.exe - ok
21:06:49.0780 4276  [ 16C40D0D1F2599E8A93CEFB72CA6ABEA ] C:\Windows\System32\igd10umd64.dll
21:06:49.0780 4276  C:\Windows\System32\igd10umd64.dll - ok
21:06:49.0796 4276  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
21:06:49.0796 4276  C:\Windows\System32\snmpapi.dll - ok
21:06:49.0796 4276  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
21:06:49.0796 4276  C:\Windows\System32\ExplorerFrame.dll - ok
21:06:49.0796 4276  [ 2E5672EEA419A4DC9DACD714632E1DC3 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll
21:06:49.0796 4276  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll - ok
21:06:49.0796 4276  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
21:06:49.0796 4276  C:\Windows\System32\wsnmp32.dll - ok
21:06:49.0811 4276  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
21:06:49.0811 4276  C:\Windows\SysWOW64\msi.dll - ok
21:06:49.0811 4276  [ 8D8AC342EF097CDEE62CC8BF495F7752 ] C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
21:06:49.0811 4276  C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe - ok
21:06:49.0811 4276  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
21:06:49.0811 4276  C:\Windows\System32\usbmon.dll - ok
21:06:49.0811 4276  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
21:06:49.0811 4276  C:\Windows\System32\uDWM.dll - ok
21:06:49.0827 4276  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
21:06:49.0827 4276  C:\Windows\System32\fdPnp.dll - ok
21:06:49.0827 4276  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
21:06:49.0827 4276  C:\Windows\System32\WSDMon.dll - ok
21:06:49.0827 4276  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
21:06:49.0827 4276  C:\Windows\SysWOW64\cscapi.dll - ok
21:06:49.0827 4276  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
21:06:49.0827 4276  C:\Windows\SysWOW64\dbghelp.dll - ok
21:06:49.0843 4276  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
21:06:49.0843 4276  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
21:06:49.0843 4276  [ 548CB980D7876E207CC9F8B60C1587A3 ] C:\Windows\System32\win32spl.dll
21:06:49.0843 4276  C:\Windows\System32\win32spl.dll - ok
21:06:49.0843 4276  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
21:06:49.0843 4276  C:\Windows\System32\inetpp.dll - ok
21:06:49.0843 4276  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
21:06:49.0843 4276  C:\Windows\System32\EhStorShell.dll - ok
21:06:49.0858 4276  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
21:06:49.0858 4276  C:\Windows\System32\ntshrui.dll - ok
21:06:49.0858 4276  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
21:06:49.0858 4276  C:\Windows\System32\cscapi.dll - ok
21:06:49.0858 4276  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
21:06:49.0858 4276  C:\Windows\System32\IconCodecService.dll - ok
21:06:49.0858 4276  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
21:06:49.0858 4276  C:\Windows\System32\runonce.exe - ok
21:06:49.0874 4276  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
21:06:49.0874 4276  C:\Windows\SysWOW64\runonce.exe - ok
21:06:49.0874 4276  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
21:06:49.0874 4276  C:\Windows\System32\radardt.dll - ok
21:06:49.0874 4276  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
21:06:49.0874 4276  C:\Windows\SysWOW64\cmd.exe - ok
21:06:49.0874 4276  [ BECDDA0990DEBD72A30096533521AD73 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
21:06:49.0874 4276  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe - ok
21:06:49.0889 4276  [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
21:06:49.0889 4276  C:\Windows\System32\conhost.exe - ok
21:06:49.0889 4276  [ DD82EB68D97944B192C7803EB585B03C ] C:\Program Files (x86)\Razer\Razer Game Booster\rtl120.bpl
21:06:49.0889 4276  C:\Program Files (x86)\Razer\Razer Game Booster\rtl120.bpl - ok
21:06:49.0889 4276  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
21:06:49.0889 4276  C:\Windows\SysWOW64\winbrand.dll - ok
21:06:49.0889 4276  [ 32E15ECF5854F5610BC895490BC3246A ] C:\Windows\SysWOW64\ieframe.dll
21:06:49.0889 4276  C:\Windows\SysWOW64\ieframe.dll - ok
21:06:49.0905 4276  [ B676429E44F2F8ACC3BAE7C89F46B212 ] C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
21:06:49.0905 4276  C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe - ok
21:06:49.0905 4276  [ 773EBD87010A6F644869A59D98792C9C ] C:\Program Files (x86)\Razer\Razer Game Booster\vcl120.bpl
21:06:49.0905 4276  C:\Program Files (x86)\Razer\Razer Game Booster\vcl120.bpl - ok
21:06:49.0905 4276  [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\SysWOW64\mstask.dll
21:06:49.0905 4276  C:\Windows\SysWOW64\mstask.dll - ok
21:06:49.0905 4276  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
21:06:49.0905 4276  C:\Windows\SysWOW64\shdocvw.dll - ok
21:06:49.0921 4276  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\AmaniArk\AppData\Local\Temp\388F0014-8A4F-4883-9228-C4A668288D52.exe
21:06:49.0921 4276  C:\Users\AmaniArk\AppData\Local\Temp\388F0014-8A4F-4883-9228-C4A668288D52.exe - ok
21:06:49.0921 4276  [ 591FE0A6CEB19BF886CEB1331F591940 ] C:\Windows\SysWOW64\ncrypt.dll
21:06:49.0921 4276  C:\Windows\SysWOW64\ncrypt.dll - ok
21:06:49.0921 4276  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
21:06:49.0921 4276  C:\Windows\SysWOW64\bcrypt.dll - ok
21:06:49.0936 4276  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
21:06:49.0936 4276  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
21:06:49.0936 4276  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
21:06:49.0936 4276  C:\Windows\SysWOW64\gpapi.dll - ok
21:06:49.0936 4276  [ 6316957BB3431DFB06BFFA98C0F1926E ] C:\Windows\SysWOW64\cryptnet.dll
21:06:49.0936 4276  C:\Windows\SysWOW64\cryptnet.dll - ok
21:06:49.0936 4276  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
21:06:49.0936 4276  C:\Windows\SysWOW64\SensApi.dll - ok
21:06:49.0952 4276  [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
21:06:49.0952 4276  C:\Windows\System32\cryptnet.dll - ok
21:06:49.0952 4276  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
21:06:49.0952 4276  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
21:06:49.0952 4276  [ 0671A791C292F46423CFE37B53D598D0 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll
21:06:49.0952 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFileScanLibrary.dll - ok
21:06:49.0952 4276  [ 9C2543A7AC524CAA63B26A16D4E3AD39 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
21:06:49.0952 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl - ok
21:06:49.0967 4276  [ 5422CB64444C33F029483552A8FACE37 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl
21:06:49.0967 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\vclx150.bpl - ok
21:06:49.0967 4276  [ AEB9DD47B76075B05E27874384544F39 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclie150.bpl
21:06:49.0967 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\vclie150.bpl - ok
21:06:49.0967 4276  [ FAD9807ACDE89A34D2EB4743D57016D7 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll
21:06:49.0967 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDAdvancedCheckLibrary.dll - ok
21:06:49.0983 4276  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
21:06:49.0983 4276  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
21:06:49.0983 4276  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
21:06:49.0983 4276  C:\Windows\SysWOW64\EhStorShell.dll - ok
21:06:49.0983 4276  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
21:06:49.0983 4276  C:\Windows\SysWOW64\ntshrui.dll - ok
21:06:49.0983 4276  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
21:06:49.0983 4276  C:\Windows\SysWOW64\slc.dll - ok
21:06:49.0999 4276  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
21:06:49.0999 4276  C:\Windows\SysWOW64\imageres.dll - ok
21:06:49.0999 4276  [ C6331D11F80B3AFFD91A9B3858E00F23 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
21:06:49.0999 4276  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe - ok
21:06:49.0999 4276  [ 1CE55AE7E57826457FD56EB3C50E4E54 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
21:06:49.0999 4276  C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe - ok
21:06:49.0999 4276  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
21:06:49.0999 4276  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
21:06:50.0014 4276  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
21:06:50.0014 4276  C:\Windows\SysWOW64\msvcp71.dll - ok
21:06:50.0014 4276  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
21:06:50.0014 4276  C:\Windows\SysWOW64\ddraw.dll - ok
21:06:50.0014 4276  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
21:06:50.0014 4276  C:\Windows\SysWOW64\msvcr71.dll - ok
21:06:50.0014 4276  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
21:06:50.0014 4276  C:\Windows\SysWOW64\dciman32.dll - ok
21:06:50.0030 4276  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
21:06:50.0030 4276  C:\Windows\SysWOW64\d3d9.dll - ok
21:06:50.0030 4276  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
21:06:50.0030 4276  C:\Windows\SysWOW64\d3d8thk.dll - ok
21:06:50.0030 4276  [ 601FFAEAF926AFBD72E60EA5C9987371 ] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
21:06:50.0030 4276  C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll - ok
21:06:50.0045 4276  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\Windows\SysWOW64\MFC71.dll
21:06:50.0045 4276  C:\Windows\SysWOW64\MFC71.dll - ok
21:06:50.0045 4276  [ 6780F366154293210F661A48043CC469 ] C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll
21:06:50.0045 4276  C:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Helper.dll - ok
21:06:50.0045 4276  [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\SysWOW64\msxml3.dll
21:06:50.0045 4276  C:\Windows\SysWOW64\msxml3.dll - ok
21:06:50.0045 4276  [ 9CB289F811C802E11BF6BD8A3E566790 ] C:\Windows\SysWOW64\igdumdx32.dll
21:06:50.0045 4276  C:\Windows\SysWOW64\igdumdx32.dll - ok
21:06:50.0061 4276  [ 3D5209480C427E61DA91EB3C54DDABDB ] C:\Windows\SysWOW64\igdumd32.dll
21:06:50.0061 4276  C:\Windows\SysWOW64\igdumd32.dll - ok
21:06:50.0061 4276  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
21:06:50.0061 4276  C:\Windows\SysWOW64\powrprof.dll - ok
21:06:50.0061 4276  [ 2424231BBD703A677D115C29983B4293 ] C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
21:06:50.0061 4276  C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
21:06:50.0061 4276  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
21:06:50.0061 4276  C:\Windows\SysWOW64\xmllite.dll - ok
21:06:50.0077 4276  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
21:06:50.0077 4276  C:\Windows\SysWOW64\linkinfo.dll - ok
21:06:50.0077 4276  [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\SysWOW64\drprov.dll
21:06:50.0077 4276  C:\Windows\SysWOW64\drprov.dll - ok
21:06:50.0077 4276  [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\SysWOW64\ntlanman.dll
21:06:50.0077 4276  C:\Windows\SysWOW64\ntlanman.dll - ok
21:06:50.0077 4276  [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\SysWOW64\davclnt.dll
21:06:50.0077 4276  C:\Windows\SysWOW64\davclnt.dll - ok
21:06:50.0092 4276  [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\SysWOW64\davhlpr.dll
21:06:50.0092 4276  C:\Windows\SysWOW64\davhlpr.dll - ok
21:06:50.0092 4276  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
21:06:50.0092 4276  C:\Windows\SysWOW64\devrtl.dll - ok
21:06:50.0092 4276  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
21:06:50.0092 4276  C:\Windows\SysWOW64\winhttp.dll - ok
21:06:50.0092 4276  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
21:06:50.0092 4276  C:\Windows\System32\wmploc.DLL - ok
21:06:50.0108 4276  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
21:06:50.0108 4276  C:\Windows\SysWOW64\webio.dll - ok
21:06:50.0108 4276  [ 2C647ABE9A424E55B5F3DAE4629B4277 ] C:\Windows\System32\themeui.dll
21:06:50.0108 4276  C:\Windows\System32\themeui.dll - ok
21:06:50.0108 4276  [ B519848DFA30AE2B306576B51321D102 ] C:\Windows\System32\ie4uinit.exe
21:06:50.0108 4276  C:\Windows\System32\ie4uinit.exe - ok
21:06:50.0108 4276  [ C3E98C42EDF7EF237A4BAB91FEAC7426 ] C:\Windows\System32\iedkcs32.dll
21:06:50.0108 4276  C:\Windows\System32\iedkcs32.dll - ok
21:06:50.0108 4276  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
21:06:50.0108 4276  C:\Windows\System32\timedate.cpl - ok
21:06:50.0123 4276  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
21:06:50.0123 4276  C:\Windows\SysWOW64\wship6.dll - ok
21:06:50.0123 4276  [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
21:06:50.0123 4276  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
21:06:50.0123 4276  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
21:06:50.0123 4276  C:\Windows\SysWOW64\rasadhlp.dll - ok
21:06:50.0139 4276  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
21:06:50.0139 4276  C:\Windows\System32\actxprxy.dll - ok
21:06:50.0139 4276  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
21:06:50.0139 4276  C:\Windows\System32\shdocvw.dll - ok
21:06:50.0139 4276  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
21:06:50.0139 4276  C:\Windows\System32\linkinfo.dll - ok
21:06:50.0139 4276  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
21:06:50.0139 4276  C:\Windows\System32\msftedit.dll - ok
21:06:50.0155 4276  [ FD28E3B46F63337EAF905120F1E00070 ] C:\Windows\System32\accessibilitycpl.dll
21:06:50.0155 4276  C:\Windows\System32\accessibilitycpl.dll - ok
21:06:50.0155 4276  [ 7FCAB194F01E3403C300EB034E480B36 ] C:\Windows\System32\msls31.dll
21:06:50.0155 4276  C:\Windows\System32\msls31.dll - ok
21:06:50.0155 4276  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
21:06:50.0155 4276  C:\Windows\System32\DeviceCenter.dll - ok
21:06:50.0155 4276  [ 50EBD31C3527366FAFA468BD609F7352 ] C:\Windows\System32\wucltux.dll
21:06:50.0155 4276  C:\Windows\System32\wucltux.dll - ok
21:06:50.0170 4276  [ 1B2B3215F4B6B735813844AC1769E239 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
21:06:50.0170 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe - ok
21:06:50.0170 4276  [ B5A4EBA9487F08BECC843A87422B8052 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
21:06:50.0170 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe - ok
21:06:50.0170 4276  [ 4AA01BD5CC7DA9888AF33C5FAB5BF1DD ] C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl
21:06:50.0170 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\vclimg150.bpl - ok
21:06:50.0170 4276  [ 8F220DCB4AA4B2A12ECE5B87C701170D ] C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
21:06:50.0170 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl - ok
21:06:50.0186 4276  [ E3BF29CED96790CDAAFA981FFDDF53A3 ] C:\Program Files\Windows Sidebar\sidebar.exe
21:06:50.0186 4276  C:\Program Files\Windows Sidebar\sidebar.exe - ok
21:06:50.0186 4276  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
21:06:50.0186 4276  C:\Windows\SysWOW64\olepro32.dll - ok
21:06:50.0186 4276  [ FDA49D1D0C201F6C76BD2593F562BF80 ] C:\Windows\System32\WindowsAnytimeUpgradeui.exe
21:06:50.0186 4276  C:\Windows\System32\WindowsAnytimeUpgradeui.exe - ok
21:06:50.0201 4276  [ 9C6F3CC6A3BB310D70026AF1B4561F65 ] C:\Windows\System32\ieframe.dll
21:06:50.0201 4276  C:\Windows\System32\ieframe.dll - ok
21:06:50.0201 4276  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\04425953.sys
21:06:50.0201 4276  C:\Windows\System32\drivers\04425953.sys - ok
21:06:50.0201 4276  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
21:06:50.0201 4276  C:\Windows\SysWOW64\riched20.dll - ok
21:06:50.0201 4276  [ BB50B21FEE2A6F3E5FC92B330ECCF050 ] C:\Windows\SysWOW64\hhctrl.ocx
21:06:50.0201 4276  C:\Windows\SysWOW64\hhctrl.ocx - ok
21:06:50.0217 4276  [ 971A36C4827AD1AE2A54E6407478921A ] C:\Windows\SysWOW64\spp.dll
21:06:50.0217 4276  C:\Windows\SysWOW64\spp.dll - ok
21:06:50.0217 4276  [ A81331D7EB6C5D1F7B1E4E4FC15F3EC0 ] C:\Windows\SysWOW64\srclient.dll
21:06:50.0217 4276  C:\Windows\SysWOW64\srclient.dll - ok
21:06:50.0217 4276  [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\SysWOW64\vssapi.dll
21:06:50.0217 4276  C:\Windows\SysWOW64\vssapi.dll - ok
21:06:50.0217 4276  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
21:06:50.0217 4276  C:\Windows\System32\oleacc.dll - ok
21:06:50.0233 4276  [ E83D2495D5867E224FBF42EF40D8856C ] C:\Program Files\DVD Maker\DVDMaker.exe
21:06:50.0233 4276  C:\Program Files\DVD Maker\DVDMaker.exe - ok
21:06:50.0233 4276  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
21:06:50.0233 4276  C:\Windows\SysWOW64\atl.dll - ok
21:06:50.0233 4276  [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\SysWOW64\vsstrace.dll
21:06:50.0233 4276  C:\Windows\SysWOW64\vsstrace.dll - ok
21:06:50.0233 4276  [ 492CB6A624D5DAD73EE0294B5DB37DD6 ] C:\Windows\System32\xpsrchvw.exe
21:06:50.0233 4276  C:\Windows\System32\xpsrchvw.exe - ok
21:06:50.0248 4276  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
21:06:50.0248 4276  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
21:06:50.0248 4276  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
21:06:50.0248 4276  C:\Windows\SysWOW64\duser.dll - ok
21:06:50.0248 4276  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
21:06:50.0248 4276  C:\Windows\SysWOW64\dui70.dll - ok
21:06:50.0248 4276  [ A0E86BA4B3E56C1DC277BD7CCEC555DA ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll
21:06:50.0248 4276  C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll - ok
21:06:50.0264 4276  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
21:06:50.0264 4276  C:\Windows\System32\thumbcache.dll - ok
21:06:50.0264 4276  [ B795E6138E29A37508285FC31E92BD78 ] C:\Windows\System32\DisplaySwitch.exe
21:06:50.0264 4276  C:\Windows\System32\DisplaySwitch.exe - ok
21:06:50.0264 4276  [ FA4C36B574BF387D9582ED2C54A347A8 ] C:\Windows\System32\mblctr.exe
21:06:50.0264 4276  C:\Windows\System32\mblctr.exe - ok
21:06:50.0264 4276  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
21:06:50.0264 4276  C:\Windows\System32\networkexplorer.dll - ok
21:06:50.0279 4276  [ 50F739538EF014B2E7EC59431749D838 ] C:\Windows\System32\mstsc.exe
21:06:50.0279 4276  C:\Windows\System32\mstsc.exe - ok
21:06:50.0279 4276  [ 7633F554EEAFDE7F144B41C2FCAF5F63 ] C:\Windows\System32\SnippingTool.exe
21:06:50.0279 4276  C:\Windows\System32\SnippingTool.exe - ok
21:06:50.0279 4276  [ 47F0F526AD4982806C54B845B3289DE1 ] C:\Windows\System32\SoundRecorder.exe
21:06:50.0279 4276  C:\Windows\System32\SoundRecorder.exe - ok
21:06:50.0279 4276  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
21:06:50.0279 4276  C:\Windows\SysWOW64\rasapi32.dll - ok
21:06:50.0295 4276  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
21:06:50.0295 4276  C:\Windows\SysWOW64\rasman.dll - ok
21:06:50.0295 4276  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
21:06:50.0295 4276  C:\Windows\SysWOW64\rtutils.dll - ok
21:06:50.0295 4276  [ 0A8BEC706DBC33BEA9A919BEDA137A2D ] C:\Windows\System32\SNTSearch.dll
21:06:50.0295 4276  C:\Windows\System32\SNTSearch.dll - ok
21:06:50.0295 4276  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
21:06:50.0295 4276  C:\Windows\SysWOW64\netprofm.dll - ok
21:06:50.0311 4276  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
21:06:50.0311 4276  C:\Windows\System32\stobject.dll - ok
21:06:50.0311 4276  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
21:06:50.0311 4276  C:\Windows\System32\batmeter.dll - ok
21:06:50.0311 4276  [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
21:06:50.0311 4276  C:\Windows\SysWOW64\nlaapi.dll - ok
21:06:50.0311 4276  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
21:06:50.0311 4276  C:\Windows\SysWOW64\npmproxy.dll - ok
21:06:50.0326 4276  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
21:06:50.0326 4276  C:\Windows\System32\SyncCenter.dll - ok
21:06:50.0326 4276  [ FCF433BFE9F44C8FD2FAF1E8DED23D72 ] C:\Windows\System32\OobeFldr.dll
21:06:50.0326 4276  C:\Windows\System32\OobeFldr.dll - ok
21:06:50.0326 4276  [ F121FF27B30D62EB148E928C4769328B ] C:\Windows\System32\Speech\SpeechUX\sapi.cpl
21:06:50.0326 4276  C:\Windows\System32\Speech\SpeechUX\sapi.cpl - ok
21:06:50.0326 4276  [ C7301A1D3DB09DE86528D9D916069859 ] C:\Windows\System32\dfrgui.exe
21:06:50.0326 4276  C:\Windows\System32\dfrgui.exe - ok
21:06:50.0342 4276  [ 6E26EE228F60D75C732D209688FB546C ] C:\Windows\System32\wdc.dll
21:06:50.0342 4276  C:\Windows\System32\wdc.dll - ok
21:06:50.0342 4276  [ D291620D4C51C5F5FFA62CCDC52C5C13 ] C:\Windows\System32\msinfo32.exe
21:06:50.0342 4276  C:\Windows\System32\msinfo32.exe - ok
21:06:50.0342 4276  [ 3DB5A1EACE7F3049ECC49FA64461E254 ] C:\Windows\System32\rstrui.exe
21:06:50.0342 4276  C:\Windows\System32\rstrui.exe - ok
21:06:50.0342 4276  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
21:06:50.0342 4276  C:\Windows\System32\prnfldr.dll - ok
21:06:50.0357 4276  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
21:06:50.0357 4276  C:\Windows\System32\DXP.dll - ok
21:06:50.0357 4276  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
21:06:50.0357 4276  C:\Windows\System32\Syncreg.dll - ok
21:06:50.0357 4276  [ 51D186B582C905E49D84B70322F70B21 ] C:\Windows\System32\miguiresource.dll
21:06:50.0357 4276  C:\Windows\System32\miguiresource.dll - ok
21:06:50.0357 4276  [ A440A6EFED28AB4A8741E76BBDCF4B78 ] C:\Windows\System32\migwiz\wet.dll
21:06:50.0357 4276  C:\Windows\System32\migwiz\wet.dll - ok
21:06:50.0373 4276  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
21:06:50.0373 4276  C:\Windows\ehome\ehSSO.dll - ok
21:06:50.0373 4276  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
21:06:50.0373 4276  C:\Windows\System32\AltTab.dll - ok
21:06:50.0373 4276  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
21:06:50.0373 4276  C:\Windows\System32\pnidui.dll - ok
21:06:50.0373 4276  [ 852D67A27E454BD389FA7F02A8CBE23F ] C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
21:06:50.0373 4276  C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe - ok
21:06:50.0389 4276  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
21:06:50.0389 4276  C:\Windows\System32\WPDShServiceObj.dll - ok
21:06:50.0389 4276  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
21:06:50.0389 4276  C:\Windows\System32\PortableDeviceTypes.dll - ok
21:06:50.0389 4276  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
21:06:50.0389 4276  C:\Windows\System32\bthprops.cpl - ok
21:06:50.0389 4276  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
21:06:50.0389 4276  C:\Windows\System32\srchadmin.dll - ok
21:06:50.0404 4276  [ 06A6FE79BD96C7FEF7322AFE5B45FFFF ] C:\Windows\System32\mycomput.dll
21:06:50.0404 4276  C:\Windows\System32\mycomput.dll - ok
21:06:50.0404 4276  [ B9CE8CF2FF2D5EAFFDBAA340E7B385A5 ] C:\Windows\System32\iscsicpl.dll
21:06:50.0404 4276  C:\Windows\System32\iscsicpl.dll - ok
21:06:50.0404 4276  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
21:06:50.0404 4276  C:\Windows\System32\tquery.dll - ok
21:06:50.0404 4276  [ 3EEC0FB1DDD317AA1E8933B912439736 ] C:\Windows\System32\MdSched.exe
21:06:50.0404 4276  C:\Windows\System32\MdSched.exe - ok
21:06:50.0420 4276  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
21:06:50.0420 4276  C:\Windows\System32\rasdlg.dll - ok
21:06:50.0420 4276  [ DE038C40F3033EDA732655FA42DCBD18 ] C:\Windows\System32\filemgmt.dll
21:06:50.0420 4276  C:\Windows\System32\filemgmt.dll - ok
21:06:50.0420 4276  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
21:06:50.0420 4276  C:\Windows\System32\dot3api.dll - ok
21:06:50.0420 4276  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
21:06:50.0420 4276  C:\Windows\System32\wlanhlp.dll - ok
21:06:50.0435 4276  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
21:06:50.0435 4276  C:\Windows\System32\wlanapi.dll - ok
21:06:50.0435 4276  [ E19D102BAF266F34592F7C742FBFA886 ] C:\Windows\System32\msconfig.exe
21:06:50.0435 4276  C:\Windows\System32\msconfig.exe - ok
21:06:50.0435 4276  [ 11F174ED2050121C394C17B4F7B69983 ] C:\Windows\System32\AuthFWGP.dll
21:06:50.0435 4276  C:\Windows\System32\AuthFWGP.dll - ok
21:06:50.0435 4276  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
21:06:50.0435 4276  C:\Windows\System32\mssrch.dll - ok
21:06:50.0451 4276  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
21:06:50.0451 4276  C:\Windows\System32\gameux.dll - ok
21:06:50.0451 4276  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
21:06:50.0451 4276  C:\Windows\System32\esent.dll - ok
21:06:50.0451 4276  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
21:06:50.0451 4276  C:\Windows\System32\WWanAPI.dll - ok
21:06:50.0451 4276  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
21:06:50.0451 4276  C:\Windows\System32\wwapi.dll - ok
21:06:50.0451 4276  [ 0206B55AA57F88C52FE979EE8F7058C0 ] C:\Windows\LPRES.DLL
21:06:50.0451 4276  C:\Windows\LPRES.DLL - ok
21:06:50.0467 4276  [ FF710F4406A9F99579D814BD11BB55BF ] C:\PROGRA~2\COMMON~1\LIGHTS~1\lssmui\lssmui.dll
21:06:50.0467 4276  C:\PROGRA~2\COMMON~1\LIGHTS~1\lssmui\lssmui.dll - ok
21:06:50.0467 4276  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
21:06:50.0467 4276  C:\Windows\System32\msidle.dll - ok
21:06:50.0467 4276  [ E7B1B5D5A1D1E4C77AE995D725A1FEE5 ] C:\Windows\System32\sdcpl.dll
21:06:50.0467 4276  C:\Windows\System32\sdcpl.dll - ok
21:06:50.0467 4276  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
21:06:50.0467 4276  C:\Windows\System32\mssprxy.dll - ok
21:06:50.0482 4276  [ F3B306179F1840C0813DC6771B018358 ] C:\Windows\System32\recdisc.exe
21:06:50.0482 4276  C:\Windows\System32\recdisc.exe - ok
21:06:50.0482 4276  [ E79DF53BAD587E24B3CF965A5746C7B6 ] C:\Windows\System32\msra.exe
21:06:50.0482 4276  C:\Windows\System32\msra.exe - ok
21:06:50.0482 4276  [ 82693E5A358BEDE43185647CF5AA9ABC ] C:\PROGRA~2\HEWLET~1\Recovery\MUITRA~1\SHORTC~1.DLL
21:06:50.0482 4276  C:\PROGRA~2\HEWLET~1\Recovery\MUITRA~1\SHORTC~1.DLL - ok
21:06:50.0498 4276  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
21:06:50.0498 4276  C:\Windows\System32\en-US\tquery.dll.mui - ok
21:06:50.0498 4276  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
21:06:50.0498 4276  C:\Windows\System32\msiltcfg.dll - ok
21:06:50.0498 4276  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
21:06:50.0498 4276  C:\Windows\System32\msi.dll - ok
21:06:50.0498 4276  [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
21:06:50.0498 4276  C:\Windows\System32\UIAnimation.dll - ok
21:06:50.0513 4276  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
21:06:50.0513 4276  C:\Windows\System32\FXSST.dll - ok
21:06:50.0513 4276  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
21:06:50.0513 4276  C:\Windows\System32\FXSAPI.dll - ok
21:06:50.0513 4276  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
21:06:50.0513 4276  C:\Windows\System32\FXSSVC.exe - ok
21:06:50.0513 4276  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
21:06:50.0513 4276  C:\Windows\System32\SearchProtocolHost.exe - ok
21:06:50.0529 4276  [ D7CEAEDD5F75D2C8A2E80887D7C114CE ] C:\Windows\System32\webcheck.dll
21:06:50.0529 4276  C:\Windows\System32\webcheck.dll - ok
21:06:50.0529 4276  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
21:06:50.0529 4276  C:\Windows\System32\mlang.dll - ok
21:06:50.0529 4276  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
21:06:50.0529 4276  C:\Windows\System32\msshooks.dll - ok
21:06:50.0529 4276  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
21:06:50.0529 4276  C:\Windows\System32\hgcpl.dll - ok
21:06:50.0545 4276  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
21:06:50.0545 4276  C:\Windows\System32\SearchFilterHost.exe - ok
21:06:50.0545 4276  [ 171D7DB433314A868507C4326E8209DC ] C:\Windows\System32\fdWSD.dll
21:06:50.0545 4276  C:\Windows\System32\fdWSD.dll - ok
21:06:50.0545 4276  [ A2E5B2D20954210DCE1A75A1FC8CC36D ] C:\Windows\System32\fdSSDP.dll
21:06:50.0545 4276  C:\Windows\System32\fdSSDP.dll - ok
21:06:50.0545 4276  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
21:06:50.0545 4276  C:\Windows\System32\mscoree.dll - ok
21:06:50.0560 4276  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
21:06:50.0560 4276  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
21:06:50.0560 4276  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
21:06:50.0560 4276  C:\Windows\System32\fdProxy.dll - ok
21:06:50.0560 4276  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
21:06:50.0560 4276  C:\Windows\System32\NaturalLanguage6.dll - ok
21:06:50.0560 4276  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
21:06:50.0560 4276  C:\Windows\System32\NlsData0009.dll - ok
21:06:50.0576 4276  [ B6411CED931AFD059E48C52DBFBA95B4 ] C:\Windows\System32\P2P.dll
21:06:50.0576 4276  C:\Windows\System32\P2P.dll - ok
21:06:50.0576 4276  [ 4A82EA2807B16FF577AEAF8ADB8779FF ] C:\Windows\System32\IdListen.dll
21:06:50.0576 4276  C:\Windows\System32\IdListen.dll - ok
21:06:50.0576 4276  [ A0524499F4C63CADA7E1529FC77F5DC1 ] C:\Windows\System32\hgprint.dll
21:06:50.0576 4276  C:\Windows\System32\hgprint.dll - ok
21:06:50.0576 4276  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
21:06:50.0576 4276  C:\Windows\System32\NlsLexicons0009.dll - ok
21:06:50.0591 4276  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1 ] C:\Windows\System32\P2PGraph.dll
21:06:50.0591 4276  C:\Windows\System32\P2PGraph.dll - ok
21:06:50.0591 4276  [ 270CBAA170C7905CBA1EA6E94788D44B ] C:\Program Files\Internet Explorer\ieproxy.dll
21:06:50.0591 4276  C:\Program Files\Internet Explorer\ieproxy.dll - ok
21:06:50.0591 4276  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
21:06:50.0591 4276  C:\Windows\System32\dssenh.dll - ok
21:06:50.0591 4276  [ 484ACF6AF85A29AC52F3CF054DFDE9D3 ] C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe
21:06:50.0591 4276  C:\Windows\Installer\{91120000-002F-0000-0000-0000000FF1CE}\wordicon.exe - ok
21:06:50.0607 4276  [ 2E7ADF9B0389CD94605717784D7E416A ] C:\Windows\System32\drttransport.dll
21:06:50.0607 4276  C:\Windows\System32\drttransport.dll - ok
21:06:50.0607 4276  [ C57BC99A4467B3E8F1CC2184A3F46729 ] C:\Windows\System32\drt.dll
21:06:50.0607 4276  C:\Windows\System32\drt.dll - ok
21:06:50.0607 4276  [ 93569D46D79F9756ED077156496AFE23 ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
21:06:50.0607 4276  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
21:06:50.0607 4276  [ 5E8E869E1342308752A37A2C90CCA79D ] C:\Windows\SysWOW64\mshtml.dll
21:06:50.0607 4276  C:\Windows\SysWOW64\mshtml.dll - ok
21:06:50.0623 4276  [ 20AA5135C856C44B08333365EBFA8087 ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
21:06:50.0623 4276  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
21:06:50.0623 4276  [ 2CC34EFF09799A50FA44299599F6589F ] C:\Windows\SysWOW64\ieui.dll
21:06:50.0623 4276  C:\Windows\SysWOW64\ieui.dll - ok
21:06:50.0623 4276  [ 868722237AA095367491785E5C41EF0D ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
21:06:50.0623 4276  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
21:06:50.0623 4276  [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
21:06:50.0623 4276  C:\Windows\SysWOW64\d2d1.dll - ok
21:06:50.0638 4276  [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
21:06:50.0638 4276  C:\Windows\SysWOW64\DWrite.dll - ok
21:06:50.0638 4276  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
21:06:50.0638 4276  C:\Windows\SysWOW64\mlang.dll - ok
21:06:50.0638 4276  [ 5CF6190CD875DA6B35256FEE573E7908 ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
21:06:50.0638 4276  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
21:06:50.0638 4276  [ ECE58A352984777519D4937E41871B4C ] C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
21:06:50.0638 4276  C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
21:06:50.0654 4276  [ B7899C3E21B299D7A3C0DA96CAE340BD ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
21:06:50.0654 4276  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
21:06:50.0654 4276  [ E2E37D570AAF48781BD00DD243456E7D ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\msidcrl40.dll
21:06:50.0654 4276  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\msidcrl40.dll - ok
21:06:50.0654 4276  [ 00CE3831A16A62C6D7EA4B21049E4B22 ] C:\ProgramData\Browse2save\511f21c7532a7.dll
21:06:50.0654 4276  C:\ProgramData\Browse2save\511f21c7532a7.dll - ok
21:06:50.0669 4276  [ 9C89890FCB4256C7B64583939536CC66 ] C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
21:06:50.0669 4276  C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll - ok
21:06:50.0669 4276  [ 2BF1BA8F9A0866A3B551A076F8754929 ] C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msne.dll
21:06:50.0669 4276  C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msne.dll - ok
21:06:50.0669 4276  [ 470210E9ED3F25DA292005AC7E8805B1 ] C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneie.dll
21:06:50.0669 4276  C:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneie.dll - ok
21:06:50.0669 4276  [ EB47E405A9222CA595E5E763B4156529 ] C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
21:06:50.0669 4276  C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll - ok
21:06:50.0685 4276  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll
21:06:50.0685 4276  C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll - ok
21:06:50.0685 4276  [ 23BB24B3CC03F7788A8EB6FE64947BBD ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll
21:06:50.0685 4276  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig.dll - ok
21:06:50.0685 4276  [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files (x86)\Java\jre7\bin\deploy.dll
21:06:50.0685 4276  C:\Program Files (x86)\Java\jre7\bin\deploy.dll - ok
21:06:50.0685 4276  [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
21:06:50.0685 4276  C:\Windows\SysWOW64\dxgi.dll - ok
21:06:50.0701 4276  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
21:06:50.0701 4276  C:\Windows\SysWOW64\sxs.dll - ok
21:06:50.0701 4276  [ 9F179DA6BF972F2B8B7F90978D02D719 ] C:\Windows\SysWOW64\jscript9.dll
21:06:50.0701 4276  C:\Windows\SysWOW64\jscript9.dll - ok
21:06:50.0701 4276  [ EE9D715AF1B928982F417238B9914484 ] C:\Windows\SysWOW64\ieapfltr.dll
21:06:50.0701 4276  C:\Windows\SysWOW64\ieapfltr.dll - ok
21:06:50.0701 4276  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
21:06:50.0701 4276  C:\Windows\SysWOW64\msimtf.dll - ok
21:06:50.0716 4276  [ 6E05F39AF5B91CEE0D2A84501EEEDBD8 ] C:\Windows\SysWOW64\d3d10_1.dll
21:06:50.0716 4276  C:\Windows\SysWOW64\d3d10_1.dll - ok
21:06:50.0716 4276  [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
21:06:50.0716 4276  C:\Windows\SysWOW64\d3d10_1core.dll - ok
21:06:50.0716 4276  [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\SysWOW64\d3d10warp.dll
21:06:50.0716 4276  C:\Windows\SysWOW64\d3d10warp.dll - ok
21:06:50.0716 4276  [ 39E9AACC4C5FB3C3C0B12DE6D491553D ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
21:06:50.0716 4276  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
21:06:50.0732 4276  [ D9A9702E43A5859896F34898D5FD3FEC ] C:\Windows\SysWOW64\msxml6.dll
21:06:50.0732 4276  C:\Windows\SysWOW64\msxml6.dll - ok
21:06:50.0732 4276  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
21:06:50.0732 4276  C:\Windows\SysWOW64\mscms.dll - ok
21:06:50.0732 4276  [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\SysWOW64\msls31.dll
21:06:50.0732 4276  C:\Windows\SysWOW64\msls31.dll - ok
21:06:50.0732 4276  [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
21:06:50.0732 4276  C:\Windows\SysWOW64\icm32.dll - ok
21:06:50.0747 4276  [ 4158324326206AA3A0264842593E0F0B ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_149.ocx
21:06:50.0747 4276  C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_149.ocx - ok
21:06:50.0747 4276  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
21:06:50.0747 4276  C:\Windows\SysWOW64\dsound.dll - ok
21:06:50.0747 4276  [ 6B140B1382F1FE04BA57B196AEB19725 ] C:\Windows\SysWOW64\t2embed.dll
21:06:50.0747 4276  C:\Windows\SysWOW64\t2embed.dll - ok
21:06:50.0747 4276  [ CA493A92DA9880B6F1A89C3DBD54BA5B ] C:\Windows\SysWOW64\dxtrans.dll
21:06:50.0747 4276  C:\Windows\SysWOW64\dxtrans.dll - ok
21:06:50.0763 4276  [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
21:06:50.0763 4276  C:\Windows\SysWOW64\ddrawex.dll - ok
21:06:50.0763 4276  [ 4312DEBDACBE338F0B90E7F08E7672BE ] C:\Windows\SysWOW64\dxtmsft.dll
21:06:50.0763 4276  C:\Windows\SysWOW64\dxtmsft.dll - ok
21:06:50.0763 4276  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
21:06:50.0763 4276  C:\Windows\SysWOW64\schannel.dll - ok
21:06:50.0763 4276  [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
21:06:50.0763 4276  C:\Windows\SysWOW64\d3d10.dll - ok
21:06:50.0779 4276  [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
21:06:50.0779 4276  C:\Windows\SysWOW64\d3d10core.dll - ok
21:06:50.0779 4276  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
21:06:50.0779 4276  C:\Windows\SysWOW64\MMDevAPI.dll - ok
21:06:50.0779 4276  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
21:06:50.0779 4276  C:\Windows\SysWOW64\AudioSes.dll - ok
21:06:50.0779 4276  [ 8B57A1AD493653BB57F281FE75DD175B ] C:\Windows\SysWOW64\NaturalLanguage6.dll
21:06:50.0779 4276  C:\Windows\SysWOW64\NaturalLanguage6.dll - ok
21:06:50.0794 4276  [ 2992932C1AB1D29A1A4A9E8CB8530CBF ] C:\Windows\SysWOW64\NlsData0009.dll
21:06:50.0794 4276  C:\Windows\SysWOW64\NlsData0009.dll - ok
21:06:50.0794 4276  [ C8CB301BF896C7C556BBE963FADF5BB6 ] C:\Windows\SysWOW64\NlsLexicons0009.dll
21:06:50.0794 4276  C:\Windows\SysWOW64\NlsLexicons0009.dll - ok
21:06:50.0794 4276  [ 465DBF63A5049E4DB4BC5C12FFE781CB ] C:\Windows\SysWOW64\tquery.dll
21:06:50.0794 4276  C:\Windows\SysWOW64\tquery.dll - ok
21:06:50.0810 4276  [ 6A1E8DEB746912DF47CF651E138401D7 ] C:\Windows\SysWOW64\StructuredQuery.dll
21:06:50.0810 4276  C:\Windows\SysWOW64\StructuredQuery.dll - ok
21:06:50.0810 4276  [ 68563AC389F92EE79F1C714288BA1DCE ] C:\Windows\SysWOW64\imgutil.dll
21:06:50.0810 4276  C:\Windows\SysWOW64\imgutil.dll - ok
21:06:50.0810 4276  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
21:06:50.0810 4276  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
21:06:50.0810 4276  [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
21:06:50.0810 4276  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
21:06:50.0825 4276  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:06:50.0825 4276  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
21:06:50.0825 4276  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
21:06:50.0825 4276  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
21:06:50.0825 4276  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
21:06:50.0825 4276  C:\Windows\SysWOW64\mscoree.dll - ok
21:06:50.0825 4276  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:06:50.0825 4276  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
21:06:50.0841 4276  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
21:06:50.0841 4276  C:\Windows\System32\msvcr100_clr0400.dll - ok
21:06:50.0841 4276  [ 35DB83C4DE9FA3889E937125D115EAA0 ] C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll
21:06:50.0841 4276  C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll - ok
21:06:50.0841 4276  [ C84BCC03858DAEAC4DB1E95EFCCE1934 ] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
21:06:50.0841 4276  C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe - ok
21:06:50.0841 4276  [ 705080630151CD9E8C1950589272825A ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
21:06:50.0841 4276  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
21:06:50.0857 4276  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
21:06:50.0857 4276  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
21:06:50.0857 4276  [ 3A9CCE443B5626ADDF51D9B4BF36182A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9469491f37d9c35b596968b206615309\mscorlib.ni.dll
21:06:50.0857 4276  C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\9469491f37d9c35b596968b206615309\mscorlib.ni.dll - ok
21:06:50.0857 4276  [ 00AB8ECC3270199B744651B6F3312F80 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
21:06:50.0857 4276  C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
21:06:50.0872 4276  [ 9FEBFE872C7CC574A011FDD71061F831 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\adff7dd9fe8e541775c46b6363401b22\System.ni.dll
21:06:50.0872 4276  C:\Windows\assembly\NativeImages_v2.0.50727_64\System\adff7dd9fe8e541775c46b6363401b22\System.ni.dll - ok
21:06:50.0872 4276  [ 7F8F84B7456904CDEAE97D6798CB56E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\2df636d5fd87ba1a2cff54281e8888fe\System.ServiceProcess.ni.dll
21:06:50.0872 4276  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\2df636d5fd87ba1a2cff54281e8888fe\System.ServiceProcess.ni.dll - ok
21:06:50.0872 4276  [ 02E3A1E7C6273C83DB313EFDE9C2C215 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\0fde44651bdf14a3988b955dd94aa318\System.Runtime.Remoting.ni.dll
21:06:50.0872 4276  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Remo#\0fde44651bdf14a3988b955dd94aa318\System.Runtime.Remoting.ni.dll - ok
21:06:50.0872 4276  [ BC32C6015F18C283118E6F6611C8EF0D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\ee795155543768ea67eecddc686a1e9e\System.Xml.ni.dll
21:06:50.0872 4276  C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\ee795155543768ea67eecddc686a1e9e\System.Xml.ni.dll - ok
21:06:50.0888 4276  [ 765F2DD351BA064F657751D8D75E58C0 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
21:06:50.0888 4276  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe - ok
21:06:50.0888 4276  [ D480C9220BFE667DE65A46CDE80EA7E9 ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
21:06:50.0888 4276  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll - ok
21:06:50.0888 4276  [ 122F89E0905FC656D56F65CD7A2E9B4D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
21:06:50.0888 4276  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll - ok
21:06:50.0903 4276  [ 1CBAD5EEE017FAFEA2BF75E82330783D ] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll
21:06:50.0903 4276  C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\DTMessageLib.dll - ok
21:06:50.0903 4276  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
21:06:50.0903 4276  C:\Windows\System32\wsock32.dll - ok
21:06:50.0903 4276  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
21:06:50.0903 4276  C:\Windows\System32\wmdrmdev.dll - ok
21:06:50.0903 4276  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
21:06:50.0903 4276  C:\Windows\System32\drmv2clt.dll - ok
21:06:50.0903 4276  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
21:06:50.0903 4276  C:\Windows\System32\blackbox.dll - ok
21:06:50.0919 4276  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
21:06:50.0919 4276  C:\Windows\System32\upnp.dll - ok
21:06:50.0919 4276  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
21:06:50.0919 4276  C:\Windows\System32\wmp.dll - ok
21:06:50.0919 4276  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
21:06:50.0919 4276  C:\Windows\System32\wmpps.dll - ok
21:06:50.0919 4276  [ 0B2D65FDDE31069299AA6330F359FF9C ] C:\Windows\System32\msxml3.dll
21:06:50.0919 4276  C:\Windows\System32\msxml3.dll - ok
21:06:50.0935 4276  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
21:06:50.0935 4276  C:\Windows\SysWOW64\NapiNSP.dll - ok
21:06:50.0935 4276  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
21:06:50.0935 4276  C:\Windows\SysWOW64\pnrpnsp.dll - ok
21:06:50.0935 4276  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
21:06:50.0935 4276  C:\Windows\SysWOW64\winrnr.dll - ok
21:06:50.0935 4276  [ 19779242217D7403577C34AFD95C8626 ] C:\Windows\SysWOW64\dispex.dll
21:06:50.0935 4276  C:\Windows\SysWOW64\dispex.dll - ok
21:06:50.0950 4276  [ 005247E3057BC5D5C3F8C6F886FFC10C ] C:\Windows\System32\wbem\WMIADAP.exe
21:06:50.0950 4276  C:\Windows\System32\wbem\WMIADAP.exe - ok
21:06:50.0950 4276  [ 9FE3ED67345F0FF829A4A53B90E09672 ] C:\Windows\System32\loadperf.dll
21:06:50.0950 4276  C:\Windows\System32\loadperf.dll - ok
21:06:50.0950 4276  [ 631289583481C45C7342EFD57442B738 ] C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
21:06:50.0950 4276  C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll - ok
21:06:50.0950 4276  [ 236360CE5E4C3F063AC110533747C0A8 ] C:\Windows\SysWOW64\Wpc.dll
21:06:50.0950 4276  C:\Windows\SysWOW64\Wpc.dll - ok
21:06:50.0966 4276  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
21:06:50.0966 4276  C:\Windows\SysWOW64\samlib.dll - ok
21:06:50.0966 4276  [ 7455FE2A83979F90705062160F98A96D ] C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll
21:06:50.0966 4276  C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll - ok
21:06:50.0966 4276  [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\SysWOW64\msftedit.dll
21:06:50.0966 4276  C:\Windows\SysWOW64\msftedit.dll - ok
21:06:50.0966 4276  [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\SysWOW64\SearchFolder.dll
21:06:50.0966 4276  C:\Windows\SysWOW64\SearchFolder.dll - ok
21:06:50.0981 4276  [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll



#9 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 08:16 AM

21:06:50.0981 4276  C:\Windows\System32\SearchFolder.dll - ok
21:06:50.0981 4276  [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\SysWOW64\mssprxy.dll
21:06:50.0981 4276  C:\Windows\SysWOW64\mssprxy.dll - ok
21:06:50.0981 4276  [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\SysWOW64\thumbcache.dll
21:06:50.0981 4276  C:\Windows\SysWOW64\thumbcache.dll - ok
21:06:50.0997 4276  [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\SysWOW64\networkexplorer.dll
21:06:50.0997 4276  C:\Windows\SysWOW64\networkexplorer.dll - ok
21:06:50.0997 4276  [ 181F69BC9C406B7FB5C0ADE8031630AC ] C:\Windows\SysWOW64\wpdshext.dll
21:06:50.0997 4276  C:\Windows\SysWOW64\wpdshext.dll - ok
21:06:50.0997 4276  [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\SysWOW64\PortableDeviceApi.dll
21:06:50.0997 4276  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
21:06:50.0997 4276  [ 4634B0EE4098F0F2B972BDAC19A802E7 ] C:\Windows\SysWOW64\audiodev.dll
21:06:50.0997 4276  C:\Windows\SysWOW64\audiodev.dll - ok
21:06:51.0013 4276  [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\SysWOW64\WMVCORE.DLL
21:06:51.0013 4276  C:\Windows\SysWOW64\WMVCORE.DLL - ok
21:06:51.0013 4276  [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\SysWOW64\WMASF.DLL
21:06:51.0013 4276  C:\Windows\SysWOW64\WMASF.DLL - ok
21:06:51.0013 4276  [ 1060D60CCA69A8136A87DBE3C8F4A467 ] C:\Windows\SysWOW64\EhStorAPI.dll
21:06:51.0013 4276  C:\Windows\SysWOW64\EhStorAPI.dll - ok
21:06:51.0013 4276  [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\SysWOW64\actxprxy.dll
21:06:51.0013 4276  C:\Windows\SysWOW64\actxprxy.dll - ok
21:06:51.0028 4276  [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\SysWOW64\dllhost.exe
21:06:51.0028 4276  C:\Windows\SysWOW64\dllhost.exe - ok
21:06:51.0028 4276  [ DA756BA453C706A3DE7C93213E9621AA ] C:\Windows\SysWOW64\winshfhc.dll
21:06:51.0028 4276  C:\Windows\SysWOW64\winshfhc.dll - ok
21:06:51.0028 4276  [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\SysWOW64\wdscore.dll
21:06:51.0028 4276  C:\Windows\SysWOW64\wdscore.dll - ok
21:06:51.0028 4276  [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\AmaniArk\Desktop\tdsskiller.exe
21:06:51.0028 4276  C:\Users\AmaniArk\Desktop\tdsskiller.exe - ok
21:06:51.0044 4276  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
21:06:51.0044 4276  C:\Windows\System32\SensApi.dll - ok
21:06:51.0044 4276  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\11204521.sys
21:06:51.0044 4276  C:\Windows\System32\drivers\11204521.sys - ok
21:06:51.0044 4276  ============================================================
21:06:51.0044 4276  Scan finished
21:06:51.0044 4276  ============================================================
21:06:51.0059 4268  Detected object count: 256
21:06:51.0059 4268  Actual detected object count: 256
21:09:56.0450 4268  1394ohci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  1394ohci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0450 4268  4b979cd4a5f87389 ( Rootkit.Win32.Necurs.gen ) - skipped by user
21:09:56.0450 4268  4b979cd4a5f87389 ( Rootkit.Win32.Necurs.gen ) - User select action: Skip
21:09:56.0450 4268  Accelerometer ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  Accelerometer ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0450 4268  ACPI ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  ACPI ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0450 4268  AcpiPmi ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  AcpiPmi ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0450 4268  adp94xx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  adp94xx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0450 4268  adpahci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0450 4268  adpahci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  adpu320 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  adpu320 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  AFD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  AFD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  AgereSoftModem ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  AgereSoftModem ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  agp440 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  agp440 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  aliide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  aliide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  amdide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  amdide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0466 4268  AmdK8 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0466 4268  AmdK8 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  AmdPPM ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  AmdPPM ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  amdsata ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  amdsata ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  amdsbs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  amdsbs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  amdxata ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  amdxata ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  ApfiltrService ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  ApfiltrService ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  AppID ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  AppID ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  arc ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  arc ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  arcsas ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  arcsas ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  AsyncMac ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  AsyncMac ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0481 4268  atapi ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0481 4268  atapi ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  athr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  athr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  b06bdrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  b06bdrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  b57nd60a ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  b57nd60a ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  Beep ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  Beep ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  blbdrive ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  blbdrive ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  bowser ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  bowser ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  BrFiltLo ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  BrFiltLo ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  BrFiltUp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  BrFiltUp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  Brserid ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  Brserid ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0497 4268  BrSerWdm ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0497 4268  BrSerWdm ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  BrUsbMdm ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  BrUsbMdm ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  BrUsbSer ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  BrUsbSer ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  BTHMODEM ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  BTHMODEM ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  cdfs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  cdfs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  cdrom ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  cdrom ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  circlass ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  circlass ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  CLFS ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  CLFS ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  CmBatt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  CmBatt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  cmdide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  cmdide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  CNG ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  CNG ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  Compbatt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  Compbatt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0512 4268  CompositeBus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0512 4268  CompositeBus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  crcdisk ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  crcdisk ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  DfsC ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  DfsC ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  discache ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  discache ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  Disk ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  Disk ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  drmkaud ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  drmkaud ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  DVMIO ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  DVMIO ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  DXGKrnl ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  DXGKrnl ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  ebdrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  ebdrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  elxstor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  elxstor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0528 4268  enecir ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0528 4268  enecir ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  ErrDev ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  ErrDev ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  exfat ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  exfat ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  fastfat ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  fastfat ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  fdc ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  fdc ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  FileInfo ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  FileInfo ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  Filetrace ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  Filetrace ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  flpydisk ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  flpydisk ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  FltMgr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  FltMgr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  FsDepends ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  FsDepends ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  Fs_Rec ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  Fs_Rec ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  fvevol ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0544 4268  fvevol ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0544 4268  gagp30kx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  gagp30kx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  GEARAspiWDM ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  GEARAspiWDM ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  hcw85cir ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  hcw85cir ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HdAudAddService ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HdAudAddService ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HDAudBus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HDAudBus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HECIx64 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HECIx64 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HidBatt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HidBatt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HidBth ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HidBth ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HidIr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HidIr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HidUsb ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HidUsb ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  hpdskflt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  hpdskflt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0559 4268  HpqKbFiltr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0559 4268  HpqKbFiltr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  HpSAMD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  HpSAMD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  HTTP ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  HTTP ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  hwpolicy ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  hwpolicy ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  i8042prt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  i8042prt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  iaStor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  iaStor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  iaStorV ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  iaStorV ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  igfx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  igfx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  iirsp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  iirsp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  Impcd ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  Impcd ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  IntcDAud ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  IntcDAud ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0575 4268  intelide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0575 4268  intelide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  intelppm ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  intelppm ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  IpFilterDriver ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  IpFilterDriver ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  IPMIDRV ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  IPMIDRV ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  IPNAT ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  IPNAT ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  IRENUM ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  IRENUM ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  isapnp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  isapnp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  iScsiPrt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  iScsiPrt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  kbdclass ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  kbdclass ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  kbdhid ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  kbdhid ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  KSecDD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  KSecDD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  KSecPkg ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  KSecPkg ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0590 4268  ksthunk ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0590 4268  ksthunk ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  lltdio ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  lltdio ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  LSI_FC ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  LSI_FC ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  LSI_SAS ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  LSI_SAS ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  LSI_SAS2 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  LSI_SAS2 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  LSI_SCSI ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  LSI_SCSI ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  luafv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  luafv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  megasas ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  megasas ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  MegaSR ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  MegaSR ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  Modem ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  Modem ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  monitor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  monitor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0606 4268  mouclass ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0606 4268  mouclass ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mouhid ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mouhid ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mountmgr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mountmgr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mpio ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mpio ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mpsdrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mpsdrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  MRxDAV ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  MRxDAV ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mrxsmb ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mrxsmb ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mrxsmb10 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mrxsmb10 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mrxsmb20 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mrxsmb20 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  msahci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  msahci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  msdsm ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  msdsm ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  Msfs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  Msfs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0622 4268  mshidkmdf ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0622 4268  mshidkmdf ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  msisadrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  msisadrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MSKSSRV ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MSKSSRV ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MSPCLOCK ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MSPCLOCK ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MSPQM ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MSPQM ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MsRPC ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MsRPC ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  mssmbios ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  mssmbios ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MSTEE ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MSTEE ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  MTConfig ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  MTConfig ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  Mup ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  Mup ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  NativeWifiP ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  NativeWifiP ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0637 4268  NDIS ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0637 4268  NDIS ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NdisCap ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NdisCap ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NdisTapi ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NdisTapi ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  Ndisuio ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  Ndisuio ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NdisWan ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NdisWan ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NDProxy ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NDProxy ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NetBIOS ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NetBIOS ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  NetBT ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  NetBT ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  netw5v64 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  netw5v64 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  nfrd960 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  nfrd960 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  Npfs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  Npfs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  nsiproxy ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  nsiproxy ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0653 4268  Ntfs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0653 4268  Ntfs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  Null ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  Null ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  nvraid ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  nvraid ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  nvstor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  nvstor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  nv_agp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  nv_agp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  ohci1394 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  ohci1394 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  Parport ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  Parport ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  partmgr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  partmgr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  pci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  pci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  pciide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  pciide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0668 4268  pcmcia ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0668 4268  pcmcia ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  pcw ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  pcw ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  PEAUTH ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  PEAUTH ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  pneteth ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  pneteth ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  PptpMiniport ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  PptpMiniport ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  Processor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  Processor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  Psched ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  Psched ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  ql2300 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  ql2300 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  ql40xx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  ql40xx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  QWAVEdrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  QWAVEdrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  RasAcd ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  RasAcd ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  RasAgileVpn ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  RasAgileVpn ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0684 4268  Rasl2tp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0684 4268  Rasl2tp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RasPppoe ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RasPppoe ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RasSstp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RasSstp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  rdbss ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  rdbss ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  rdpbus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  rdpbus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RDPCDD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RDPCDD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RDPENCDD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RDPENCDD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RDPREFMP ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RDPREFMP ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RDPWD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RDPWD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  rdyboost ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  rdyboost ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  RSPCIESTOR ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  RSPCIESTOR ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0700 4268  rspndr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0700 4268  rspndr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  RSUSBSTOR ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  RSUSBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  RTL8167 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  RTL8167 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sbp2port ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sbp2port ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  scfilter ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  scfilter ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sdbus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sdbus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  secdrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  secdrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  Serenum ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  Serenum ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  Serial ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  Serial ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sermouse ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sermouse ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sffdisk ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sffdisk ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sffp_mmc ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sffp_mmc ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0715 4268  sffp_sd ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0715 4268  sffp_sd ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  sfloppy ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  sfloppy ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  SiSRaid2 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  SiSRaid2 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  SiSRaid4 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  SiSRaid4 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  Smb ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  Smb ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  spldr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  spldr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  srv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  srv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  srv2 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  srv2 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  SrvHsfHDA ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  SrvHsfHDA ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  SrvHsfV92 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  SrvHsfV92 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  SrvHsfWinac ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  SrvHsfWinac ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  srvnet ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  srvnet ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0731 4268  stexstor ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0731 4268  stexstor ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  STHDA ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  STHDA ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  swenum ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  swenum ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  Tcpip ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  Tcpip ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  TCPIP6 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  TCPIP6 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  tcpipreg ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  tcpipreg ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  TDPIPE ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  TDPIPE ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  TDTCP ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  TDTCP ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  tdx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  tdx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  TermDD ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  TermDD ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  tssecsrv ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  tssecsrv ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  TsUsbFlt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  TsUsbFlt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0746 4268  tunnel ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0746 4268  tunnel ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  uagp35 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  uagp35 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  udfs ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  udfs ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  uliagpkx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  uliagpkx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  umbus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  umbus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  UmPass ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  UmPass ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  USBAAPL64 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  USBAAPL64 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbccgp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  usbccgp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbcir ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  usbcir ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbehci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  usbehci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbhub ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  usbhub ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbohci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0762 4268  usbohci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0762 4268  usbprint ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  usbprint ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  USBSTOR ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  USBSTOR ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  usbuhci ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  usbuhci ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  usbvideo ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  usbvideo ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  vdrvroot ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  vdrvroot ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  vga ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  vga ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  VgaSave ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  VgaSave ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  vhdmp ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  vhdmp ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  viaide ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  viaide ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  volmgr ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  volmgr ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  volmgrx ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  volmgrx ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0778 4268  volsnap ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0778 4268  volsnap ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  vsmraid ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  vwifibus ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  vwififlt ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  vwififlt ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  WacomPen ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  WANARP ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  WANARP ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  Wd ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  Wd ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  WIMMount ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0793 4268  WinUSB ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0793 4268  WinUSB ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0840 4268  WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0840 4268  WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0840 4268  ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0840 4268  ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0840 4268  WudfPf ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0840 4268  WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0840 4268  yukonw7 ( LockedFile.Multi.Generic ) - skipped by user
21:09:56.0840 4268  yukonw7 ( LockedFile.Multi.Generic ) - User select action: Skip
21:09:56.0840 4268  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
21:09:56.0840 4268  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
21:19:24.0363 4240  Deinitialize success
 



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:49 PM

Posted 20 February 2013 - 08:56 AM

Restart the PC,run TDSSkiller again and make sure to remove this infection

 

21:09:56.0450 4268  4b979cd4a5f87389 ( Rootkit.Win32.Necurs.gen ) - skipped by user


Skip ,all other entries.

 

 

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#11 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 05:54 PM

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.20.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
AmaniArk :: AMANIARK-PC [administrator]

2/20/2013 5:51:11 PM
mbam-log-2013-02-20 (17-51-11).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207995
Time elapsed: 2 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#12 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 05:58 PM

MiniToolBox by Farbar  Version:10-01-2013
Ran by AmaniArk (administrator) on 20-02-2013 at 17:56:57
Running from "C:\Users\AmaniArk\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

 

========================= IP Configuration: ================================

Atheros AR9285 802.11b/g/n WiFi Adapter = Wireless Network Connection (Connected)
PdaNet Broadband Adapter = Local Area Connection 2 (Media disconnected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : AmaniArk-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : Yes
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
   System Quarantine State . . . . . : Not Restricted


Ethernet adapter Local Area Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : PdaNet Broadband Adapter
   Physical Address. . . . . . . . . : 00-26-37-BD-39-42
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 00-26-22-C1-81-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Atheros AR9285 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 90-4C-E5-B4-72-50
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::d96a:810b:991:c1c5%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, February 20, 2013 5:43:01 PM
   Lease Expires . . . . . . . . . . : Thursday, February 21, 2013 5:43:00 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 194006245
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-D8-49-E0-90-4C-E5-B4-72-50
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:341f:20af:b84c:1484(Preferred)
   Link-local IPv6 Address . . . . . : fe80::341f:20af:b84c:1484%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4004:802::1004
   74.125.228.72
   74.125.228.78
   74.125.228.71
   74.125.228.65
   74.125.228.64
   74.125.228.70
   74.125.228.68
   74.125.228.69
   74.125.228.66
   74.125.228.67
   74.125.228.73


Pinging google.com [74.125.228.78] with 32 bytes of data:
Reply from 74.125.228.78: bytes=32 time=20ms TTL=252
Reply from 74.125.228.78: bytes=32 time=23ms TTL=252

Ping statistics for 74.125.228.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 23ms, Average = 21ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.138.253.109
   98.139.183.24


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=222ms TTL=51
Reply from 98.139.183.24: bytes=32 time=308ms TTL=51

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 222ms, Maximum = 308ms, Average = 265ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 14...00 26 37 bd 39 42 ......PdaNet Broadband Adapter
 11...00 26 22 c1 81 8e ......Realtek PCIe FE Family Controller
 10...90 4c e5 b4 72 50 ......Atheros AR9285 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:953c:341f:20af:b84c:1484/128
                                    On-link
 10    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::341f:20af:b84c:1484/128
                                    On-link
 10    281 fe80::d96a:810b:991:c1c5/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 06 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/20/2013 05:33:39 PM) (Source: Application Hang) (User: )
Description: The program SDWelcome.exe version 2.0.12.126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 490

Start Time: 01ce0fb9defa8137

Termination Time: 16

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

Report Id: 878683d2-7bad-11e2-a315-002622c1818e

Error: (02/20/2013 08:06:43 AM) (Source: OptimizerProUpdater) (User: )
Description: URLMON download from http://kosher-file.info/get/?ver=1701&report_version=5&data=NP6yu5%2BiY87iqDWYSUjiQMqTmreTj3dPcLvhFcw7tM6TJRPTnJGvLMS5NZydORoxNqHI5B%2FTM%2BBh5OM7m%2BT4GkUTsdDfaul%2BvslKTgE1tYttjVNR%2FpG%2FD3L0LsR1yYmILmDWgkCMBxKgLU2nF1T0O1BY66ZFIL3paKsIYby8divlMf2Mb%2BZNQc4KdSIF6n7vqe9cNB%2FFf1fb4zC2j0OMy9nY2zXYapLvwcg446VDZM%2B4qkcbW8vOUd3%2BV0xC84XTwshtJGhDOId%2B%2FzL76OkYFYZz020gQ2G1q94kspeHfjzbMahP0XWk2P04Zau4RLd0GUKmrZUvIEAKGyh4lt7j6hmNu3Wb8bXHaO1TlONIbCThjO%2B0U7Yjg1cSwY5KwlVEgBGQ6MWHYjS7u88GMWFqOfkQFBFnGkSRl77MAZ%2BPEFDo3G7ZAHU0bYfyI6IgAlNW7w5ughr3pM%2B2JXCLs2lceVpmoH9wNXbVT%2F failed BINDSTATUS=6 (-2146697209)

Error: (02/20/2013 08:05:45 AM) (Source: OptimizerProUpdater) (User: )
Description: URLMON download from http://nanoavi.info/get/?ver=1701&report_version=5&data=NP6yu5%2BiY87iqDWYSUjiQMqTmreTj3dPcLvhFcw7tM6TJRPTnJGvLMS5NZydORoxNqHI5B%2FTM%2BBh5OM7m%2BT4GkUTsdDfaul%2BvslKTgE1tYttjVNR%2FpG%2FD3L0LsR1yYmILmDWgkCMBxKgLU2nF1T0O1BY66ZFIL3paKsIYby8divlMf2Mb%2BZNQc4KdSIF6n7vqe9cNB%2FFf1fb4zC2j0OMy9nY2zXYapLvwcg446VDZM%2B4qkcbW8vOUd3%2BV0xC84XTwshtJGhDOId%2B%2FzL76OkYFYZz020gQ2G1q94kspeHfjzbMahP0XWk2P04Zau4RLd0GUKmrZUvIEAKGyh4lt7j6hmNu3Wb8bXHaO1TlONIbCThjO%2B0U7Yjg1cSwY5KwlVEgBGQ6MWHYjS7u88GMWFqOfkQFBFnGkSRl77MAZ%2BPEFDo3G7ZAHU0bYfyI6IgAlNW7w5ughr3pM%2B2JXCLs2lceVpmoH9wNXbVT%2F failed BINDSTATUS=6 (-2146697209)

Error: (02/20/2013 08:05:44 AM) (Source: OptimizerProUpdater) (User: )
Description: InitializeBITS failed in CoCreateInstance -2147023836

Error: (02/20/2013 08:05:44 AM) (Source: OptimizerProUpdater) (User: )
Description: TryEnableBITS failed in OpenService 1060

Error: (02/20/2013 02:18:45 AM) (Source: OptimizerProUpdater) (User: )
Description: URLMON download from http://kosher-transfer.info/get/?ver=1701&report_version=5&data=NP6yu5%2BiY87iqDWYSUjiQMqTmreTj3dPcLvhFcw7tM6TJRPTnJGvLMS5NZydORoxNqHI5B%2FTM%2BBh5OM7m%2BT4GkUTsdDfaul%2BvslKTgE1tYttjVNR%2FpG%2FD3L0LsR1yYmILmDWgkCMBxKgLU2nF1T0O1BY66ZFIL3paKsIYby8divlMf2Mb%2BZNQc4KdSIF6n7vqe9cNB%2FFf1fb4zC2j0OMy9nY2zXYapLvwcg446VDZM%2B4qkcbW8vOUd3%2BV0xC84XTwshtJGhDOId%2B%2FzL76OkYFYZz020gQ2G1q94kspeHfjzbMahP0XWk2P04Zau4RLd0GUKmrZUvIEAKGyh4lt7j6hmNu3Wb8bXHaO1TlONIbCThjO%2B0U7Yjg1cSwY5KwlVEgBGQ6MWHYjS7u88GMWFqOfkQFBFnGkSRl77MAZ%2BPEFDo3G7ZAHU0bYfyI6IgAlNW7w5ughr3pM%2B2JXCLs2lceVpmoH9wNXbVT%2F failed BINDSTATUS=6 (-2146697209)

Error: (02/20/2013 02:18:32 AM) (Source: OptimizerProUpdater) (User: )
Description: URLMON download from http://nanoavi.info/get/?ver=1701&report_version=5&data=NP6yu5%2BiY87iqDWYSUjiQMqTmreTj3dPcLvhFcw7tM6TJRPTnJGvLMS5NZydORoxNqHI5B%2FTM%2BBh5OM7m%2BT4GkUTsdDfaul%2BvslKTgE1tYttjVNR%2FpG%2FD3L0LsR1yYmILmDWgkCMBxKgLU2nF1T0O1BY66ZFIL3paKsIYby8divlMf2Mb%2BZNQc4KdSIF6n7vqe9cNB%2FFf1fb4zC2j0OMy9nY2zXYapLvwcg446VDZM%2B4qkcbW8vOUd3%2BV0xC84XTwshtJGhDOId%2B%2FzL76OkYFYZz020gQ2G1q94kspeHfjzbMahP0XWk2P04Zau4RLd0GUKmrZUvIEAKGyh4lt7j6hmNu3Wb8bXHaO1TlONIbCThjO%2B0U7Yjg1cSwY5KwlVEgBGQ6MWHYjS7u88GMWFqOfkQFBFnGkSRl77MAZ%2BPEFDo3G7ZAHU0bYfyI6IgAlNW7w5ughr3pM%2B2JXCLs2lceVpmoH9wNXbVT%2F failed BINDSTATUS=6 (-2146697209)

Error: (02/20/2013 02:18:32 AM) (Source: OptimizerProUpdater) (User: )
Description: InitializeBITS failed in CoCreateInstance -2147023836

Error: (02/20/2013 02:18:32 AM) (Source: OptimizerProUpdater) (User: )
Description: TryEnableBITS failed in OpenService 1060

Error: (02/19/2013 11:57:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/20/2013 01:51:39 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/19/2013 09:02:30 PM) (Source: Service Control Manager) (User: )
Description: The Software Protection service terminated with the following error:
%%5

Error: (02/19/2013 09:00:27 PM) (Source: Service Control Manager) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%5

Error: (02/19/2013 09:00:27 PM) (Source: Service Control Manager) (User: )
Description: The Server SMB 1.xxx Driver service failed to start due to the following error:
%%5

Error: (02/19/2013 09:00:25 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%31

Error: (02/19/2013 09:00:20 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%31

Error: (02/19/2013 05:39:55 PM) (Source: Service Control Manager) (User: )
Description: The EagleX64 service failed to start due to the following error:
%%31

Error: (02/19/2013 05:39:55 PM) (Source: Service Control Manager) (User: )
Description: The EagleX64 service failed to start due to the following error:
%%31

Error: (02/19/2013 05:02:40 PM) (Source: Service Control Manager) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
%%31

Error: (02/19/2013 05:02:39 PM) (Source: Service Control Manager) (User: )
Description: The MBAMProtector service failed to start due to the following error:
%%31


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-02-13 16:58:17.015
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\2a7d1b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-02-13 16:58:16.957
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\2a7d1b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-29 10:52:17.297
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-29 10:52:17.207
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-29 10:52:00.577
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-29 10:52:00.477
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

7-Zip 9.20
Acrobat.com (Version: 1.6.65)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Reader 9.1 MUI (Version: 9.1.0)
Adobe Shockwave Player (Version: 11.5.1.601)
Alps Touch Pad Driver
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Atheros Driver Installation Program (Version: 5.2)
BitComet 1.33 64-bit (Version: 1.33)
Bonjour (Version: 3.0.0.10)
Browse2save (Version: )
BrowseToSave 1.74
CCleaner (Version: 3.27)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
CyberLink DVD Suite (Version: 7.0.2216)
DragonNest
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
ENE CIR Receiver Driver (Version: 2.7.4.0)
ESET Online Scanner v3
ESU for Microsoft Windows 7 (Version: 1.0.0)
Google Chrome (Version: 24.0.1312.57)
Google Update Helper (Version: 1.3.21.135)
HiJackThis (Version: 1.0.0)
HP 3D DriveGuard (Version: 4.0.3.1)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Games (Version: 1.0.0.71)
HP MediaSmart DVD (Version: 3.1.3509)
HP MediaSmart Internet TV (Version: 3.1.2125)
HP MediaSmart Live TV (Version: 3.1.2206)
HP MediaSmart Music/Photo/Video (Version: 3.1.3405)
HP MediaSmart SlingPlayer (Version: 3.0.1.64)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart Software Notebook Demo (Version: 1.00.0000)
HP MediaSmart Webcam (Version: 3.1.2207)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Quick Launch Buttons (Version: 6.50.7.1)
HP QuickWeb (Version: 1.1.2.3)
HP Setup (Version: 1.2.3560.3170)
HP Smart Web Printing (Version: 131.1.35898)
HP Support Assistant (Version: 4.3.1.2)
HP Update (Version: 5.001.000.014)
HP User Guides 0186 (Version: 1.00.0002)
HP Wireless Assistant (Version: 3.50.9.1)
HPAsset component for HP Active Support Library (Version: 3.0.1.0)
Hulu Desktop (Version: 0.9.10)
IDT Audio (Version: 1.0.6249.0)
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.1986)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Matrix Storage Manager
iTunes (Version: 10.7.0.21)
Java 7 Update 9 (Version: 7.0.90)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 15 (64-bit) (Version: 6.0.150)
Java™ 6 Update 15 (Version: 6.0.150)
Java™ SE Development Kit 6 Update 15 (64-bit) (Version: 1.6.0.150)
Junk Mail filter update (Version: 14.0.8089.726)
LabelPrint (Version: 2.5.2215)
LightScribe System Software (Version: 1.18.9.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Forefront UAG endpoint components v4.0.0
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft VC9 runtime libraries (Version: 2.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nexon Game Manager
Norton Online Backup (Version: 1.2.20.0)
OptimizerPro (Version: 1.0)
Pando Media Booster (Version: 2.6.0.8)
PdaNet for Android 3.50
Power2Go (Version: 6.0.3415)
PowerDirector (Version: 7.0.3420)
QLBCASL (Version: 6.40.17.2)
Razer Game Booster (Version: 3.5.6.0)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0011)
Realtek USB2.0&PCIE Card Reader (Version: 2009.11.09)
Recovery Manager (Version: 5.5.2214)
Roller Coaster Tycoon 3 Platinum  - CarlesNeo !
Spybot - Search & Destroy (Version: 2.0.12)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
WinRAR 4.20 (64-bit) (Version: 4.20.0)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 3894.84 MB
Available physical RAM: 2757.8 MB
Total Pagefile: 7787.87 MB
Available Pagefile: 6500.29 MB
Total Virtual: 4095.88 MB
Available Virtual: 3969.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:446.7 GB) (Free:378.52 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:18.76 GB) (Free:3.03 GB) NTFS

========================= Users: ========================================

User accounts for \\AMANIARK-PC

Administrator            AmaniArk                 Guest                   


**** End of log ****



#13 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 06:01 PM

Farbar Service Scanner Version: 20-02-2013
Ran by AmaniArk (administrator) on 20-02-2013 at 18:00:49
Running from "C:\Users\AmaniArk\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****



#14 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 06:08 PM

# AdwCleaner v2.112 - Logfile created 02/20/2013 at 18:06:16
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : AmaniArk - AMANIARK-PC
# Boot Mode : Normal
# Running from : C:\Users\AmaniArk\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\BetterSoft
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Deleted : C:\Program Files (x86)\Ask.com
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Browse2save
Folder Deleted : C:\ProgramData\InstallMate
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browse2save
Folder Deleted : C:\ProgramData\RightClick
Folder Deleted : C:\Users\AmaniArk\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\AmaniArk\AppData\LocalLow\AskToolbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB9DE626-016E-B9FB-8D1E-F6E52335C1B2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CB9DE626-016E-B9FB-8D1E-F6E52335C1B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7CD74AFF-3433-4E34-92E2-D98DFDB30754}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CB9DE626-016E-B9FB-8D1E-F6E52335C1B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CB9DE626-016E-B9FB-8D1E-F6E52335C1B2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16448

[OK] Registry is clean.

-\\ Google Chrome v24.0.1312.57

File : C:\Users\AmaniArk\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [327 octets] - [20/02/2013 18:06:01]
AdwCleaner[S2].txt - [2928 octets] - [20/02/2013 18:06:16]

########## EOF - C:\AdwCleaner[S2].txt - [2988 octets] ##########



#15 Fementality

Fementality
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:06:49 PM

Posted 20 February 2013 - 06:23 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.5 (02.18.2013:1)
OS: Windows 7 Home Premium x64
Ran by AmaniArk on Wed 02/20/2013 at 18:13:37.81
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\firstsearch
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\bettersoft"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 02/20/2013 at 18:20:27.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users