Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Failure to Start


  • Please log in to reply
8 replies to this topic

#1 Rollick

Rollick

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 19 April 2013 - 11:20 AM

Started getting crashes and auto restarts yesterday - then the BSOD etc.  Did the F8 at startup and went into startup with networking.  Downloaded Microsoft Security Essentials last night - ran and it found 3 items.  This morning, computer went into a shut down again so I downloaded Malwarebytes (Rootkit).  Ran program and found 27 items, quarintined stuff and I removed it.  As soon as I hit restart the computer said it couldn't start.  Got a blue screen (only for a moment) and noticed it said ataport.sys was a problem (saw that yesterday also).  Then screen disappeared and computer went into restart.  Now I get "Computer unable to start" and it automatically brings up a black screen and goes into start up repair.  Has auto-run this several times and concluded it can't fix the problem.  Now i'm in a loop of black screen/start up repair/cannot fix, etc.

 

 

Mod Edit:  Added to Unbootable List - Hamluis.


Edited by hamluis, 19 April 2013 - 12:37 PM.
Moved to Am I Infected from Vista - Hamluis.


BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:14 PM

Posted 19 April 2013 - 01:01 PM

Hi and welcome.
 

  • Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flash drive into the infected PC.
  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.
    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html



    To enter System Recovery Options by using Windows installation disc:
    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
    •  
      • Startup Repair
      • System Restore
      • Windows Complete PC Restore
      • Windows Memory Diagnostic Tool
      • Command Prompt
      Select Command Prompt

      Once in the Command Prompt:
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

 

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,058 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:14 PM

Posted 19 April 2013 - 01:17 PM

Hello, Just letting you know I moved this to the Virus, Trojan, Spyware, and Malware Removal Logs forum,where it will stay.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Rollick

Rollick
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 19 April 2013 - 05:20 PM

Here's the report from your suggestion.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 18-04-2013
Ran by SYSTEM at 19-04-2013 16:14:20
Running from G:\
Windows 7 Professional Service Pack 1 (X86) OS Language: English(US)
The current controlset is ControlSet001

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Run: [] [x]
HKLM\...\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" [1561768 2012-05-04] (Ask)
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421776 2012-09-09] (Apple Inc.)
HKU\School #1\...\Run: [cdloader] "C:\Users\School #1\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK [50592 2012-02-01] (magicJack L.P.)
HKU\School #1\...\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun [3673728 2012-11-06] (DT Soft Ltd)
Winlogon\Notify\PFW:
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Startup: C:\ProgramData\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files\NETGEAR\WNA3100\WNA3100.exe ()

==================== Services (Whitelisted) ===================

3 MozillaMaintenance; "C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe" [115608 2013-03-10] (Mozilla Foundation)
2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [303360 2011-12-07] ()
2 MSSQL$SOSHOME309; "c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sSOSHOME309 [x]
4 MSSQLServerADHelper; "c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe" [x]
2 SQLBrowser; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe" [x]
2 SQLWriter; "c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [x]

==================== Drivers (Whitelisted) ====================

3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [1093888 2011-12-12] (Broadcom Corporation)
1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-12-19] (DT Soft Ltd)
3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [164864 2009-07-13] (Intel Corporation)
3 NPF; C:\Windows\System32\DRIVERS\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21472 2011-07-22] (Windows ® Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-04-19 16:14 - 2013-04-19 16:14 - 00000000 ____D C:\FRST
2013-04-19 07:02 - 2013-04-19 07:02 - 00000000 ____D C:\Users\School #1\Downloads\mbar-1.05.0.1001
2013-04-19 07:01 - 2013-04-19 07:01 - 12917756 ____A C:\Users\School #1\Downloads\mbar-1.05.0.1001.zip
2013-04-17 11:47 - 2013-04-17 11:47 - 00000000 ____D C:\ProgramData\Browser Manager
2013-04-17 09:00 - 2013-04-18 18:34 - 00000000 ____D C:\Program Files\FGIcon
2013-04-17 07:38 - 2013-04-17 07:38 - 00000000 ____D C:\Users\School #1\AppData\Roaming\Malwarebytes
2013-04-17 07:37 - 2013-04-18 18:34 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-04-17 07:37 - 2013-04-17 07:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-04-17 06:41 - 2013-04-19 09:13 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-04-07 13:56 - 2013-04-07 13:56 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-04-06 09:09 - 2013-04-06 09:09 - 00004058 ____A C:\Users\School #1\AppData\Local\recently-used.xbel
2013-04-02 09:46 - 2013-04-09 10:57 - 00000000 ____D C:\Users\School #1\Desktop\BIO
2013-03-29 15:31 - 2013-04-18 18:34 - 00000000 ____D C:\ProgramData\WeCareReminder
2013-03-29 15:31 - 2013-04-18 18:34 - 00000000 ____D C:\Program Files\7-zip
2013-03-29 15:31 - 2013-04-18 18:33 - 00000000 ____D C:\ProgramData\W3i
2013-03-29 15:31 - 2013-04-18 18:33 - 00000000 ____D C:\Program Files\W3i
2013-03-29 15:31 - 2013-03-29 15:31 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin
2013-03-29 08:06 - 2013-03-29 08:06 - 00146712 ____A C:\Windows\Minidump\032913-15381-01.dmp
2013-03-28 19:49 - 2013-03-28 19:49 - 00000000 ____D C:\ProgramData\Real
2013-03-28 19:45 - 2013-04-18 18:33 - 00000000 ____D C:\Program Files\GameTop.com
2013-03-27 16:19 - 2013-03-27 16:19 - 00131072 ____A C:\Windows\Minidump\032713-14726-01.dmp
2013-03-26 07:22 - 2013-03-26 07:22 - 00146712 ____A C:\Windows\Minidump\032613-14336-01.dmp
2013-03-25 15:29 - 2013-02-11 19:32 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usb8023.sys

==================== One Month Modified Files and Folders ========

2013-04-19 09:13 - 2013-04-17 06:41 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-04-19 09:13 - 2013-03-10 19:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-04-19 09:13 - 2013-03-08 06:44 - 00000000 ____D C:\Users\School #1\AppData\Local\Playtopus
2013-04-19 09:13 - 2012-09-07 19:35 - 00000000 ____D C:\Windows\Minidump
2013-04-19 09:13 - 2012-09-07 13:00 - 00000000 ____D C:\users\School #1
2013-04-19 09:13 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\wfp
2013-04-19 09:13 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\DriverStore
2013-04-19 09:13 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
2013-04-19 09:13 - 2009-07-13 18:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-04-19 09:11 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-04-19 07:02 - 2013-04-19 07:02 - 00000000 ____D C:\Users\School #1\Downloads\mbar-1.05.0.1001
2013-04-19 07:01 - 2013-04-19 07:01 - 12917756 ____A C:\Users\School #1\Downloads\mbar-1.05.0.1001.zip
2013-04-18 18:39 - 2012-09-07 15:58 - 01108672 ____A C:\Windows\WindowsUpdate.log
2013-04-18 18:38 - 2009-07-13 20:34 - 00021920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-04-18 18:38 - 2009-07-13 20:34 - 00021920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-04-18 18:36 - 2009-07-13 20:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-04-18 18:36 - 2009-07-13 20:39 - 00047069 ____A C:\Windows\setupact.log
2013-04-18 18:34 - 2013-04-17 09:00 - 00000000 ____D C:\Program Files\FGIcon
2013-04-18 18:34 - 2013-04-17 07:37 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-04-18 18:34 - 2013-03-29 15:31 - 00000000 ____D C:\ProgramData\WeCareReminder
2013-04-18 18:34 - 2013-03-29 15:31 - 00000000 ____D C:\Program Files\7-zip
2013-04-18 18:34 - 2012-11-17 20:17 - 00000000 ____D C:\Download
2013-04-18 18:34 - 2012-11-13 16:20 - 00000000 ____D C:\ProgramData\Big Fish Games
2013-04-18 18:34 - 2012-11-13 16:20 - 00000000 ____D C:\Program Files\bfgclient
2013-04-18 18:34 - 2012-11-13 16:19 - 00000000 ____D C:\BigFishGamesCache
2013-04-18 18:34 - 2012-09-10 11:12 - 00000000 ____D C:\Users\School #1\AppData\Roaming\mjusbsp
2013-04-18 18:34 - 2012-09-07 14:14 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-04-18 18:34 - 2012-09-07 13:42 - 00000000 ____D C:\Users\School #1\AppData\Roaming\Mozilla
2013-04-18 18:34 - 2012-09-07 13:41 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-04-18 18:34 - 2012-09-07 13:00 - 00000000 ____D C:\Users\School #1\AppData\Local\VirtualStore
2013-04-18 18:34 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\AppCompat
2013-04-18 18:33 - 2013-03-29 15:31 - 00000000 ____D C:\ProgramData\W3i
2013-04-18 18:33 - 2013-03-29 15:31 - 00000000 ____D C:\Program Files\W3i
2013-04-18 18:33 - 2013-03-28 19:45 - 00000000 ____D C:\Program Files\GameTop.com
2013-04-18 18:33 - 2012-09-08 15:10 - 00000000 ____D C:\Users\Public\Documents\Davids School Stuff
2013-04-17 11:47 - 2013-04-17 11:47 - 00000000 ____D C:\ProgramData\Browser Manager
2013-04-17 08:22 - 2010-11-20 16:47 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-04-17 07:38 - 2013-04-17 07:38 - 00000000 ____D C:\Users\School #1\AppData\Roaming\Malwarebytes
2013-04-17 07:37 - 2013-04-17 07:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-04-16 16:23 - 2012-09-07 14:51 - 00000000 ____D C:\Users\Public\Documents\TT Algebra 2
2013-04-09 10:57 - 2013-04-02 09:46 - 00000000 ____D C:\Users\School #1\Desktop\BIO
2013-04-07 13:56 - 2013-04-07 13:56 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2013-04-06 09:09 - 2013-04-06 09:09 - 00004058 ____A C:\Users\School #1\AppData\Local\recently-used.xbel
2013-04-06 09:09 - 2012-09-20 04:50 - 00000000 ____D C:\Users\School #1\.gimp-2.8
2013-04-03 06:02 - 2010-11-20 13:01 - 00844642 ____A C:\Windows\System32\PerfStringBackup.INI
2013-04-03 05:56 - 2012-12-20 08:01 - 00001013 ____A C:\Users\School #1\Desktop\magicJack.lnk
2013-04-02 19:54 - 2013-03-08 06:44 - 00000364 ____A C:\Windows\Tasks\Playtopus Updater.job
2013-03-31 18:09 - 2012-09-07 19:34 - 288229160 ____A C:\Windows\MEMORY.DMP
2013-03-31 18:09 - 2010-11-20 13:48 - 00024132 ____A C:\Windows\PFRO.log
2013-03-29 15:31 - 2013-03-29 15:31 - 00000000 __SHD C:\Windows\System32\AI_RecycleBin
2013-03-29 08:06 - 2013-03-29 08:06 - 00146712 ____A C:\Windows\Minidump\032913-15381-01.dmp
2013-03-28 19:49 - 2013-03-28 19:49 - 00000000 ____D C:\ProgramData\Real
2013-03-28 14:03 - 2013-03-07 20:32 - 00000000 ____D C:\Users\School #1\Desktop\New folder (3)
2013-03-27 16:19 - 2013-03-27 16:19 - 00131072 ____A C:\Windows\Minidump\032713-14726-01.dmp
2013-03-26 07:22 - 2013-03-26 07:22 - 00146712 ____A C:\Windows\Minidump\032613-14336-01.dmp


==================== Known DLLs (Whitelisted) =================


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

TDL4: custom:26000022 <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points =========================

Restore point made on: 2013-04-03 06:21:23
Restore point made on: 2013-04-07 14:01:17
Restore point made on: 2013-04-15 07:27:49
Restore point made on: 2013-04-17 09:02:29
Restore point made on: 2013-04-18 18:39:56

==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 3927.32 MB
Available physical RAM: 3449.39 MB
Total Pagefile: 3925.6 MB
Available Pagefile: 3455.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1960.72 MB

==================== Partitions =============================

1 Drive c: (Windows) (Fixed) (Total:232.84 GB) (Free:194.76 GB) NTFS
3 Drive f: (U3System) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
4 Drive g: () (Removable) (Total:0.96 GB) (Free:0.1 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (System) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive y: detected. Check for MBR/Partition infection.

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 232 GB 0 B
Disk 1 Online 983 MB 0 B

Partitions of Disk 0:
===============

Disk ID: C3533F3F

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 48 MB 1024 KB
Partition 2 Primary 232 GB 49 MB

=========================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 Y System NTFS Partition 48 MB Healthy

=========================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C Windows NTFS Partition 232 GB Healthy

=========================================================

Partitions of Disk 1:
===============

Disk ID: 00000000

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 988 MB 119 KB

=========================================================

Disk: 1
Partition 1
Type : 06
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT Removable 988 MB Healthy

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: C3533F3F

Partition 1:
=========
Hex: 8020210007FEFFFF0008000000800100
Active: YES
Type: 07 (NTFS)
Size: 48 MB

Partition 2:
=========
Hex: 003E390607FEFFFF0088010000D01A1D
Active: NO
Type: 07 (NTFS)
Size: 233 GB

==============================
Partitions of Disk 1:
===============
Disk ID: 00000000

Partition 1:
=========
Hex: 00033300061FFFEBEF00000091E11E00
Active: NO
Type: 06
Size: 988 MB


Last Boot: 2013-04-14 07:24

==================== End Of Log ============================



#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:14 PM

Posted 19 April 2013 - 06:21 PM

Download the enclosed file. [attachment=136979:fixlist.txt]

 

Save it next to FRST in the flash drive.

 

Run FRST as you did before, except that this time around, click on the Fix button and wait.

 

The tool will make a log in the flashdrive (Fixlog.txt) please post it to your reply.

 

Attempt to boot in Normal Mode. If successful run TDSKiller as follows:

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 Rollick

Rollick
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 19 April 2013 - 07:18 PM

Ran suggestions;  result of FRST below

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 18-04-2013
Ran by SYSTEM at 2013-04-19 18:03:18 Run:1
Running from G:\

==============================================


The operation completed successfully.
The operation completed successfully.

 

Ran TDDS - results below.  Nothing was found.  Zero threats.

 

18:07:55.0869 2708 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:07:56.0493 2708 ============================================================
18:07:56.0493 2708 Current date / time: 2013/04/19 18:07:56.0493
18:07:56.0493 2708 SystemInfo:
18:07:56.0493 2708
18:07:56.0493 2708 OS Version: 6.1.7601 ServicePack: 1.0
18:07:56.0493 2708 Product type: Workstation
18:07:56.0493 2708 ComputerName: SCHOOL1-PC
18:07:56.0493 2708 UserName: School #1
18:07:56.0493 2708 Windows directory: C:\Windows
18:07:56.0493 2708 System windows directory: C:\Windows
18:07:56.0493 2708 Processor architecture: Intel x86
18:07:56.0493 2708 Number of processors: 2
18:07:56.0493 2708 Page size: 0x1000
18:07:56.0493 2708 Boot type: Normal boot
18:07:56.0493 2708 ============================================================
18:07:59.0956 2708 BG loaded
18:08:00.0471 2708 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:08:00.0471 2708 Drive \Device\Harddisk1\DR1 - Size: 0x3D76FE00 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:08:00.0471 2708 ============================================================
18:08:00.0471 2708 \Device\Harddisk0\DR0:
18:08:00.0486 2708 MBR partitions:
18:08:00.0486 2708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x18000
18:08:00.0486 2708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18800, BlocksNum 0x1D1AD000
18:08:00.0486 2708 \Device\Harddisk1\DR1:
18:08:00.0486 2708 MBR partitions:
18:08:00.0486 2708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xEF, BlocksNum 0x1EE191
18:08:00.0486 2708 ============================================================
18:08:00.0580 2708 C: <-> \Device\Harddisk0\DR0\Partition2
18:08:00.0580 2708 ============================================================
18:08:00.0580 2708 Initialize success
18:08:00.0580 2708 ============================================================
18:08:35.0014 1260 ============================================================
18:08:35.0014 1260 Scan started
18:08:35.0014 1260 Mode: Manual; SigCheck; TDLFS;
18:08:35.0014 1260 ============================================================
18:08:36.0652 1260 ================ Scan system memory ========================
18:08:36.0652 1260 System memory - ok
18:08:36.0652 1260 ================ Scan services =============================
18:08:36.0870 1260 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:08:36.0979 1260 1394ohci - ok
18:08:37.0042 1260 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:08:37.0042 1260 ACPI - ok
18:08:37.0151 1260 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:08:37.0244 1260 AcpiPmi - ok
18:08:37.0369 1260 [ 6C61BCEB60C2C187E6F96001FD69493E ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
18:08:37.0494 1260 ADIHdAudAddService - ok
18:08:37.0806 1260 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:08:37.0806 1260 AdobeARMservice - ok
18:08:37.0978 1260 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:08:37.0993 1260 adp94xx - ok
18:08:38.0071 1260 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:08:38.0071 1260 adpahci - ok
18:08:38.0212 1260 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:08:38.0243 1260 adpu320 - ok
18:08:38.0305 1260 [ 4DC6B0772D1698F04FC79053A21C8260 ] AEADIFilters C:\Windows\system32\AEADISRV.EXE
18:08:38.0352 1260 AEADIFilters - ok
18:08:38.0383 1260 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:08:39.0553 1260 AeLookupSvc - ok
18:08:39.0694 1260 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:08:39.0772 1260 AFD - ok
18:08:39.0818 1260 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:08:39.0834 1260 agp440 - ok
18:08:39.0912 1260 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
18:08:39.0928 1260 aic78xx - ok
18:08:40.0037 1260 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:08:40.0146 1260 ALG - ok
18:08:40.0208 1260 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:08:40.0224 1260 aliide - ok
18:08:40.0240 1260 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:08:40.0255 1260 amdagp - ok
18:08:40.0302 1260 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:08:40.0333 1260 amdide - ok
18:08:40.0380 1260 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:08:40.0442 1260 AmdK8 - ok
18:08:40.0474 1260 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:08:40.0552 1260 AmdPPM - ok
18:08:40.0692 1260 [ E7F4D42D8076EC60E21715CD11743A0D ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:08:40.0739 1260 amdsata - ok
18:08:40.0786 1260 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:08:40.0817 1260 amdsbs - ok
18:08:40.0832 1260 [ 146459D2B08BFDCBFA856D9947043C81 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:08:40.0832 1260 amdxata - ok
18:08:40.0942 1260 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:08:41.0004 1260 AppID - ok
18:08:41.0066 1260 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:08:41.0144 1260 AppIDSvc - ok
18:08:41.0191 1260 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
18:08:41.0238 1260 Appinfo - ok
18:08:41.0363 1260 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:08:41.0378 1260 Apple Mobile Device - ok
18:08:41.0566 1260 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:08:41.0628 1260 AppMgmt - ok
18:08:41.0706 1260 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
18:08:41.0722 1260 arc - ok
18:08:41.0753 1260 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:08:41.0768 1260 arcsas - ok
18:08:41.0924 1260 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:08:41.0940 1260 aspnet_state - ok
18:08:42.0049 1260 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:08:42.0424 1260 AsyncMac - ok
18:08:42.0486 1260 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:08:42.0486 1260 atapi - ok
18:08:42.0580 1260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:08:42.0611 1260 AudioEndpointBuilder - ok
18:08:42.0626 1260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:08:42.0642 1260 Audiosrv - ok
18:08:42.0720 1260 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:08:42.0860 1260 AxInstSV - ok
18:08:43.0016 1260 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
18:08:43.0094 1260 b06bdrv - ok
18:08:43.0219 1260 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:08:43.0235 1260 b57nd60x - ok
18:08:43.0453 1260 [ B172E759651C4FBD77C009F8E1571EB3 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh6.sys
18:08:43.0812 1260 BCMH43XX - ok
18:08:43.0843 1260 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:08:43.0968 1260 BDESVC - ok
18:08:44.0030 1260 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:08:44.0062 1260 Beep - ok
18:08:44.0108 1260 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:08:44.0155 1260 BFE - ok
18:08:44.0218 1260 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:08:44.0233 1260 BITS - ok
18:08:44.0264 1260 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:08:44.0296 1260 blbdrive - ok
18:08:44.0436 1260 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:08:44.0436 1260 Bonjour Service - ok
18:08:44.0514 1260 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:08:44.0530 1260 bowser - ok
18:08:44.0561 1260 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:08:44.0592 1260 BrFiltLo - ok
18:08:44.0623 1260 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:08:44.0654 1260 BrFiltUp - ok
18:08:44.0686 1260 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:08:44.0732 1260 Browser - ok
18:08:44.0748 1260 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:08:44.0764 1260 Brserid - ok
18:08:44.0795 1260 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:08:44.0842 1260 BrSerWdm - ok
18:08:44.0857 1260 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:08:44.0888 1260 BrUsbMdm - ok
18:08:44.0935 1260 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:08:44.0982 1260 BrUsbSer - ok
18:08:44.0998 1260 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:08:45.0044 1260 BTHMODEM - ok
18:08:45.0091 1260 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:08:45.0138 1260 bthserv - ok
18:08:45.0169 1260 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:08:45.0216 1260 cdfs - ok
18:08:45.0263 1260 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:08:45.0294 1260 cdrom - ok
18:08:45.0325 1260 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:08:45.0356 1260 CertPropSvc - ok
18:08:45.0372 1260 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
18:08:45.0388 1260 circlass - ok
18:08:45.0403 1260 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:08:45.0419 1260 CLFS - ok
18:08:45.0481 1260 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:08:45.0512 1260 clr_optimization_v2.0.50727_32 - ok
18:08:45.0575 1260 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:08:45.0637 1260 clr_optimization_v4.0.30319_32 - ok
18:08:45.0653 1260 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:08:45.0700 1260 CmBatt - ok
18:08:45.0731 1260 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:08:45.0746 1260 cmdide - ok
18:08:45.0778 1260 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
18:08:45.0793 1260 CNG - ok
18:08:45.0809 1260 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:08:45.0824 1260 Compbatt - ok
18:08:45.0871 1260 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:08:45.0902 1260 CompositeBus - ok
18:08:45.0902 1260 COMSysApp - ok
18:08:45.0934 1260 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:08:45.0949 1260 crcdisk - ok
18:08:46.0043 1260 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:08:46.0090 1260 CryptSvc - ok
18:08:46.0121 1260 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:08:46.0168 1260 CSC - ok
18:08:46.0230 1260 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:08:46.0261 1260 CscService - ok
18:08:46.0370 1260 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:08:46.0402 1260 DcomLaunch - ok
18:08:46.0448 1260 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:08:46.0495 1260 defragsvc - ok
18:08:46.0526 1260 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:08:46.0573 1260 DfsC - ok
18:08:46.0604 1260 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:08:46.0636 1260 Dhcp - ok
18:08:46.0667 1260 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:08:46.0714 1260 discache - ok
18:08:46.0776 1260 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
18:08:46.0776 1260 Disk - ok
18:08:46.0792 1260 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:08:46.0838 1260 dmvsc - ok
18:08:46.0885 1260 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:08:46.0932 1260 Dnscache - ok
18:08:46.0963 1260 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:08:47.0010 1260 dot3svc - ok
18:08:47.0041 1260 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:08:47.0088 1260 DPS - ok
18:08:47.0119 1260 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:08:47.0150 1260 drmkaud - ok
18:08:47.0197 1260 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:08:47.0213 1260 dtsoftbus01 - ok
18:08:47.0244 1260 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:08:47.0260 1260 DXGKrnl - ok
18:08:47.0306 1260 [ 3EA531906572FFD549B72A10F828E58C ] e1kexpress C:\Windows\system32\DRIVERS\e1k6032.sys
18:08:47.0338 1260 e1kexpress - ok
18:08:47.0369 1260 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:08:47.0416 1260 EapHost - ok
18:08:47.0525 1260 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
18:08:47.0587 1260 ebdrv - ok
18:08:47.0618 1260 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:08:47.0681 1260 EFS - ok
18:08:47.0759 1260 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:08:47.0790 1260 ehRecvr - ok
18:08:47.0806 1260 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:08:47.0837 1260 ehSched - ok
18:08:47.0868 1260 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:08:47.0884 1260 elxstor - ok
18:08:47.0915 1260 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:08:47.0946 1260 ErrDev - ok
18:08:47.0993 1260 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:08:48.0024 1260 EventSystem - ok
18:08:48.0086 1260 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:08:48.0102 1260 exfat - ok
18:08:48.0118 1260 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:08:48.0149 1260 fastfat - ok
18:08:48.0196 1260 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:08:48.0258 1260 Fax - ok
18:08:48.0274 1260 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
18:08:48.0320 1260 fdc - ok
18:08:48.0352 1260 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:08:48.0383 1260 fdPHost - ok
18:08:48.0430 1260 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:08:48.0445 1260 FDResPub - ok
18:08:48.0476 1260 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:08:48.0508 1260 FileInfo - ok
18:08:48.0523 1260 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:08:48.0570 1260 Filetrace - ok
18:08:48.0586 1260 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:08:48.0632 1260 flpydisk - ok
18:08:48.0648 1260 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:08:48.0664 1260 FltMgr - ok
18:08:48.0695 1260 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] FontCache C:\Windows\system32\FntCache.dll
18:08:48.0710 1260 FontCache - ok
18:08:48.0773 1260 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:08:48.0804 1260 FontCache3.0.0.0 - ok
18:08:48.0820 1260 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:08:48.0835 1260 FsDepends - ok
18:08:48.0866 1260 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:08:48.0866 1260 Fs_Rec - ok
18:08:48.0913 1260 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:08:48.0929 1260 fvevol - ok
18:08:48.0976 1260 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:08:48.0976 1260 gagp30kx - ok
18:08:49.0038 1260 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:08:49.0038 1260 GEARAspiWDM - ok
18:08:49.0085 1260 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:08:49.0116 1260 gpsvc - ok
18:08:49.0163 1260 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:08:49.0210 1260 hcw85cir - ok
18:08:49.0241 1260 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:08:49.0272 1260 HdAudAddService - ok
18:08:49.0319 1260 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:08:49.0350 1260 HDAudBus - ok
18:08:49.0428 1260 [ 88A67C34E37186665E916FD347B50D19 ] HECI C:\Windows\system32\drivers\HECI.sys
18:08:49.0475 1260 HECI - ok
18:08:49.0490 1260 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:08:49.0522 1260 HidBatt - ok
18:08:49.0553 1260 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:08:49.0584 1260 HidBth - ok
18:08:49.0615 1260 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
18:08:49.0646 1260 HidIr - ok
18:08:49.0678 1260 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:08:49.0724 1260 hidserv - ok
18:08:49.0818 1260 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:08:49.0849 1260 HidUsb - ok
18:08:49.0896 1260 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:08:49.0912 1260 hkmsvc - ok
18:08:49.0927 1260 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:08:49.0990 1260 HomeGroupListener - ok
18:08:50.0005 1260 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:08:50.0052 1260 HomeGroupProvider - ok
18:08:50.0099 1260 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:08:50.0114 1260 HpSAMD - ok
18:08:50.0146 1260 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:08:50.0177 1260 HTTP - ok
18:08:50.0192 1260 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:08:50.0192 1260 hwpolicy - ok
18:08:50.0270 1260 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:08:50.0302 1260 i8042prt - ok
18:08:50.0333 1260 [ A3CAE5D281DB4CFF7CFF8233507EE5AD ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:08:50.0348 1260 iaStorV - ok
18:08:50.0426 1260 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:08:50.0458 1260 idsvc - ok
18:08:50.0723 1260 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
18:08:50.0801 1260 igfx - ok
18:08:50.0848 1260 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:08:50.0863 1260 iirsp - ok
18:08:50.0926 1260 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:08:50.0988 1260 IKEEXT - ok
18:08:51.0019 1260 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:08:51.0050 1260 intelide - ok
18:08:51.0113 1260 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:08:51.0113 1260 intelppm - ok
18:08:51.0191 1260 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:08:51.0222 1260 IPBusEnum - ok
18:08:51.0238 1260 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:08:51.0253 1260 IpFilterDriver - ok
18:08:51.0316 1260 [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:08:51.0347 1260 iphlpsvc - ok
18:08:51.0362 1260 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:08:51.0378 1260 IPMIDRV - ok
18:08:51.0394 1260 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:08:51.0409 1260 IPNAT - ok
18:08:51.0534 1260 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:08:51.0550 1260 iPod Service - ok
18:08:51.0612 1260 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:08:51.0643 1260 IRENUM - ok
18:08:51.0690 1260 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:08:51.0706 1260 isapnp - ok
18:08:51.0706 1260 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:08:51.0721 1260 iScsiPrt - ok
18:08:51.0768 1260 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:08:51.0784 1260 kbdclass - ok
18:08:51.0830 1260 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:08:51.0877 1260 kbdhid - ok
18:08:51.0893 1260 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:08:51.0908 1260 KeyIso - ok
18:08:51.0940 1260 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:08:51.0955 1260 KSecDD - ok
18:08:51.0971 1260 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:08:51.0986 1260 KSecPkg - ok
18:08:52.0002 1260 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:08:52.0064 1260 KtmRm - ok
18:08:52.0142 1260 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:08:52.0205 1260 LanmanServer - ok
18:08:52.0252 1260 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:08:52.0267 1260 LanmanWorkstation - ok
18:08:52.0330 1260 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:08:52.0376 1260 lltdio - ok
18:08:52.0423 1260 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:08:52.0454 1260 lltdsvc - ok
18:08:52.0470 1260 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:08:52.0501 1260 lmhosts - ok
18:08:52.0548 1260 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:08:52.0564 1260 LSI_FC - ok
18:08:52.0610 1260 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:08:52.0626 1260 LSI_SAS - ok
18:08:52.0657 1260 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:08:52.0657 1260 LSI_SAS2 - ok
18:08:52.0673 1260 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:08:52.0688 1260 LSI_SCSI - ok
18:08:52.0751 1260 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:08:52.0798 1260 luafv - ok
18:08:52.0829 1260 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:08:52.0844 1260 Mcx2Svc - ok
18:08:52.0860 1260 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
18:08:52.0860 1260 megasas - ok
18:08:52.0922 1260 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:08:52.0938 1260 MegaSR - ok
18:08:52.0954 1260 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:08:53.0000 1260 MMCSS - ok
18:08:53.0032 1260 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:08:53.0094 1260 Modem - ok
18:08:53.0141 1260 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:08:53.0172 1260 monitor - ok
18:08:53.0219 1260 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:08:53.0219 1260 mouclass - ok
18:08:53.0266 1260 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:08:53.0312 1260 mouhid - ok
18:08:53.0359 1260 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:08:53.0375 1260 mountmgr - ok
18:08:53.0484 1260 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:08:53.0500 1260 MozillaMaintenance - ok
18:08:53.0531 1260 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:08:53.0546 1260 mpio - ok
18:08:53.0609 1260 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:08:53.0656 1260 mpsdrv - ok
18:08:53.0702 1260 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:08:53.0749 1260 MpsSvc - ok
18:08:53.0796 1260 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:08:53.0936 1260 MRxDAV - ok
18:08:53.0983 1260 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:08:53.0999 1260 mrxsmb - ok
18:08:54.0014 1260 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:08:54.0030 1260 mrxsmb10 - ok
18:08:54.0046 1260 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:08:54.0061 1260 mrxsmb20 - ok
18:08:54.0092 1260 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:08:54.0108 1260 msahci - ok
18:08:54.0124 1260 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:08:54.0139 1260 msdsm - ok
18:08:54.0186 1260 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:08:54.0217 1260 MSDTC - ok
18:08:54.0264 1260 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:08:54.0280 1260 Msfs - ok
18:08:54.0295 1260 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:08:54.0311 1260 mshidkmdf - ok
18:08:54.0326 1260 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:08:54.0342 1260 msisadrv - ok
18:08:54.0389 1260 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:08:54.0436 1260 MSiSCSI - ok
18:08:54.0451 1260 msiserver - ok
18:08:54.0498 1260 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:08:54.0545 1260 MSKSSRV - ok
18:08:54.0560 1260 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:08:54.0623 1260 MSPCLOCK - ok
18:08:54.0623 1260 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:08:54.0638 1260 MSPQM - ok
18:08:54.0685 1260 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:08:54.0701 1260 MsRPC - ok
18:08:54.0732 1260 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:08:54.0748 1260 mssmbios - ok
18:08:54.0810 1260 MSSQL$SOSHOME309 - ok
18:08:54.0857 1260 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
18:08:54.0857 1260 MSSQLServerADHelper - ok
18:08:54.0919 1260 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:08:54.0950 1260 MSTEE - ok
18:08:54.0950 1260 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:08:54.0982 1260 MTConfig - ok
18:08:55.0013 1260 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:08:55.0013 1260 Mup - ok
18:08:55.0044 1260 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:08:55.0091 1260 napagent - ok
18:08:55.0122 1260 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:08:55.0138 1260 NativeWifiP - ok
18:08:55.0262 1260 [ E7C54812A2AAF43316EB6930C1FFA108 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:08:55.0309 1260 NDIS - ok
18:08:55.0356 1260 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:08:55.0403 1260 NdisCap - ok
18:08:55.0450 1260 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:08:55.0496 1260 NdisTapi - ok
18:08:55.0528 1260 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:08:55.0574 1260 Ndisuio - ok
18:08:55.0606 1260 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:08:55.0652 1260 NdisWan - ok
18:08:55.0684 1260 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:08:55.0699 1260 NDProxy - ok
18:08:55.0746 1260 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:08:55.0793 1260 NetBIOS - ok
18:08:55.0840 1260 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:08:55.0871 1260 NetBT - ok
18:08:55.0886 1260 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:08:55.0886 1260 Netlogon - ok
18:08:55.0949 1260 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:08:55.0980 1260 Netman - ok
18:08:56.0027 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:08:56.0058 1260 NetMsmqActivator - ok
18:08:56.0058 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:08:56.0074 1260 NetPipeActivator - ok
18:08:56.0105 1260 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:08:56.0152 1260 netprofm - ok
18:08:56.0152 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:08:56.0167 1260 NetTcpActivator - ok
18:08:56.0167 1260 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:08:56.0167 1260 NetTcpPortSharing - ok
18:08:56.0214 1260 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:08:56.0230 1260 nfrd960 - ok
18:08:56.0245 1260 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:08:56.0308 1260 NlaSvc - ok
18:08:56.0339 1260 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\Windows\system32\DRIVERS\npf.sys
18:08:56.0339 1260 NPF - ok
18:08:56.0386 1260 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:08:56.0448 1260 Npfs - ok
18:08:56.0479 1260 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:08:56.0495 1260 nsi - ok
18:08:56.0495 1260 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:08:56.0542 1260 nsiproxy - ok
18:08:56.0713 1260 [ 33C3093D09017CFE2E219F2472BFF6EB ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:08:56.0776 1260 Ntfs - ok
18:08:56.0807 1260 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:08:56.0869 1260 Null - ok
18:08:56.0900 1260 [ AF2EEC9580C1D32FB7EAF105D9784061 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:08:56.0916 1260 nvraid - ok
18:08:56.0947 1260 [ 9283C58EBAA2618F93482EB5DABCEC82 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:08:56.0947 1260 nvstor - ok
18:08:56.0978 1260 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:08:56.0994 1260 nv_agp - ok
18:08:57.0025 1260 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:08:57.0056 1260 ohci1394 - ok
18:08:57.0103 1260 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:08:57.0212 1260 p2pimsvc - ok
18:08:57.0228 1260 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:08:57.0244 1260 p2psvc - ok
18:08:57.0306 1260 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
18:08:57.0322 1260 Parport - ok
18:08:57.0353 1260 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:08:57.0353 1260 partmgr - ok
18:08:57.0368 1260 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
18:08:57.0400 1260 Parvdm - ok
18:08:57.0446 1260 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:08:57.0462 1260 PcaSvc - ok
18:08:57.0478 1260 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:08:57.0493 1260 pci - ok
18:08:57.0509 1260 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:08:57.0524 1260 pciide - ok
18:08:57.0540 1260 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:08:57.0556 1260 pcmcia - ok
18:08:57.0571 1260 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:08:57.0587 1260 pcw - ok
18:08:57.0649 1260 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:08:57.0696 1260 PEAUTH - ok
18:08:57.0774 1260 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:08:57.0836 1260 PeerDistSvc - ok
18:08:57.0899 1260 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:08:57.0961 1260 pla - ok
18:08:58.0008 1260 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:08:58.0070 1260 PlugPlay - ok
18:08:58.0102 1260 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:08:58.0133 1260 PNRPAutoReg - ok
18:08:58.0180 1260 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:08:58.0195 1260 PNRPsvc - ok
18:08:58.0242 1260 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:08:58.0320 1260 PolicyAgent - ok
18:08:58.0367 1260 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:08:58.0398 1260 Power - ok
18:08:58.0460 1260 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:08:58.0523 1260 PptpMiniport - ok
18:08:58.0554 1260 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
18:08:58.0601 1260 Processor - ok
18:08:58.0632 1260 [ 43CA4CCC22D52FB58E8988F0198851D0 ] ProfSvc C:\Windows\system32\profsvc.dll
18:08:58.0663 1260 ProfSvc - ok
18:08:58.0679 1260 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:08:58.0679 1260 ProtectedStorage - ok
18:08:58.0741 1260 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:08:58.0804 1260 Psched - ok
18:08:58.0944 1260 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:08:59.0038 1260 ql2300 - ok
18:08:59.0038 1260 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:08:59.0053 1260 ql40xx - ok
18:08:59.0100 1260 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:08:59.0147 1260 QWAVE - ok
18:08:59.0225 1260 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:08:59.0256 1260 QWAVEdrv - ok
18:08:59.0287 1260 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:08:59.0334 1260 RasAcd - ok
18:08:59.0412 1260 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:08:59.0428 1260 RasAgileVpn - ok
18:08:59.0459 1260 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:08:59.0506 1260 RasAuto - ok
18:08:59.0552 1260 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:08:59.0599 1260 Rasl2tp - ok
18:08:59.0630 1260 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:08:59.0662 1260 RasMan - ok
18:08:59.0708 1260 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:08:59.0740 1260 RasPppoe - ok
18:08:59.0771 1260 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:08:59.0818 1260 RasSstp - ok
18:08:59.0896 1260 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:08:59.0942 1260 rdbss - ok
18:08:59.0974 1260 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:08:59.0989 1260 rdpbus - ok
18:09:00.0020 1260 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:00.0067 1260 RDPCDD - ok
18:09:00.0098 1260 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:09:00.0114 1260 RDPDR - ok
18:09:00.0161 1260 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:09:00.0223 1260 RDPENCDD - ok
18:09:00.0254 1260 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:09:00.0286 1260 RDPREFMP - ok
18:09:00.0332 1260 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:09:00.0379 1260 RDPWD - ok
18:09:00.0426 1260 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:09:00.0442 1260 rdyboost - ok
18:09:00.0473 1260 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:09:00.0520 1260 RemoteAccess - ok
18:09:00.0566 1260 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:09:00.0613 1260 RemoteRegistry - ok
18:09:00.0644 1260 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:09:00.0691 1260 RpcEptMapper - ok
18:09:00.0722 1260 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:09:00.0769 1260 RpcLocator - ok
18:09:00.0800 1260 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:09:00.0832 1260 RpcSs - ok
18:09:00.0894 1260 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:09:00.0941 1260 rspndr - ok
18:09:00.0988 1260 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:09:01.0034 1260 s3cap - ok
18:09:01.0050 1260 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:09:01.0066 1260 SamSs - ok
18:09:01.0112 1260 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:09:01.0128 1260 sbp2port - ok
18:09:01.0175 1260 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:09:01.0222 1260 SCardSvr - ok
18:09:01.0268 1260 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:09:01.0331 1260 scfilter - ok
18:09:01.0378 1260 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:09:01.0440 1260 Schedule - ok
18:09:01.0487 1260 [ 46FB343BA8538009D5A24B110E8C7724 ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
18:09:01.0487 1260 SCMNdisP - ok
18:09:01.0502 1260 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:09:01.0534 1260 SCPolicySvc - ok
18:09:01.0549 1260 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:09:01.0612 1260 SDRSVC - ok
18:09:01.0674 1260 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:09:01.0690 1260 secdrv - ok
18:09:01.0705 1260 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:09:01.0752 1260 seclogon - ok
18:09:01.0799 1260 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:09:01.0846 1260 SENS - ok
18:09:01.0877 1260 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:09:01.0924 1260 SensrSvc - ok
18:09:01.0955 1260 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:09:01.0970 1260 Serenum - ok
18:09:01.0970 1260 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
18:09:02.0017 1260 Serial - ok
18:09:02.0033 1260 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:09:02.0064 1260 sermouse - ok
18:09:02.0080 1260 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:09:02.0126 1260 SessionEnv - ok
18:09:02.0158 1260 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:09:02.0189 1260 sffdisk - ok
18:09:02.0236 1260 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:09:02.0251 1260 sffp_mmc - ok
18:09:02.0267 1260 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:09:02.0298 1260 sffp_sd - ok
18:09:02.0329 1260 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:09:02.0360 1260 sfloppy - ok
18:09:02.0392 1260 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:09:02.0454 1260 SharedAccess - ok
18:09:02.0485 1260 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:02.0548 1260 ShellHWDetection - ok
18:09:02.0579 1260 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:09:02.0610 1260 sisagp - ok
18:09:02.0672 1260 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:09:02.0688 1260 SiSRaid2 - ok
18:09:02.0719 1260 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:09:02.0735 1260 SiSRaid4 - ok
18:09:02.0782 1260 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:09:02.0813 1260 Smb - ok
18:09:02.0875 1260 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:09:02.0891 1260 SNMPTRAP - ok
18:09:02.0906 1260 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:09:02.0922 1260 spldr - ok
18:09:02.0969 1260 [ 866A43013535DC8587C258E43579C764 ] Spooler C:\Windows\System32\spoolsv.exe
18:09:03.0031 1260 Spooler - ok
18:09:03.0312 1260 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:09:03.0437 1260 sppsvc - ok
18:09:03.0484 1260 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:09:03.0530 1260 sppuinotify - ok
18:09:03.0608 1260 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:09:03.0624 1260 SQLBrowser - ok
18:09:03.0671 1260 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:09:03.0671 1260 SQLWriter - ok
18:09:03.0796 1260 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:09:03.0858 1260 srv - ok
18:09:03.0889 1260 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:09:03.0936 1260 srv2 - ok
18:09:03.0967 1260 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:09:03.0998 1260 srvnet - ok
18:09:04.0061 1260 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:09:04.0092 1260 SSDPSRV - ok
18:09:04.0108 1260 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:09:04.0170 1260 SstpSvc - ok
18:09:04.0217 1260 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:09:04.0232 1260 stexstor - ok
18:09:04.0248 1260 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:09:04.0295 1260 StiSvc - ok
18:09:04.0310 1260 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:09:04.0326 1260 storflt - ok
18:09:04.0357 1260 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:09:04.0373 1260 StorSvc - ok
18:09:04.0420 1260 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:09:04.0451 1260 storvsc - ok
18:09:04.0466 1260 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:09:04.0498 1260 swenum - ok
18:09:04.0513 1260 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:09:04.0560 1260 swprv - ok
18:09:04.0810 1260 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:09:04.0841 1260 SysMain - ok
18:09:04.0872 1260 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:04.0934 1260 TabletInputService - ok
18:09:04.0981 1260 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:09:05.0028 1260 TapiSrv - ok
18:09:05.0059 1260 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:09:05.0075 1260 TBS - ok
18:09:05.0418 1260 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:09:05.0496 1260 Tcpip - ok
18:09:05.0543 1260 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:09:05.0574 1260 TCPIP6 - ok
18:09:05.0652 1260 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:09:05.0714 1260 tcpipreg - ok
18:09:05.0746 1260 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:09:05.0808 1260 TDPIPE - ok
18:09:05.0824 1260 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:09:05.0839 1260 TDTCP - ok
18:09:05.0839 1260 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:09:05.0902 1260 tdx - ok
18:09:05.0948 1260 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:09:05.0964 1260 TermDD - ok
18:09:06.0073 1260 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:09:06.0120 1260 TermService - ok
18:09:06.0136 1260 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:09:06.0182 1260 Themes - ok
18:09:06.0214 1260 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:09:06.0229 1260 THREADORDER - ok
18:09:06.0276 1260 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] TPM C:\Windows\system32\drivers\tpm.sys
18:09:06.0323 1260 TPM - ok
18:09:06.0370 1260 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:09:06.0416 1260 TrkWks - ok
18:09:06.0588 1260 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:06.0635 1260 TrustedInstaller - ok
18:09:06.0682 1260 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:06.0728 1260 tssecsrv - ok
18:09:06.0744 1260 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:09:06.0791 1260 TsUsbFlt - ok
18:09:06.0806 1260 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:09:06.0838 1260 TsUsbGD - ok
18:09:06.0869 1260 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:09:06.0900 1260 tunnel - ok
18:09:06.0947 1260 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:09:06.0978 1260 uagp35 - ok
18:09:07.0009 1260 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:09:07.0056 1260 udfs - ok
18:09:07.0087 1260 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:09:07.0118 1260 UI0Detect - ok
18:09:07.0165 1260 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:09:07.0165 1260 uliagpkx - ok
18:09:07.0228 1260 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:09:07.0259 1260 umbus - ok
18:09:07.0290 1260 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
18:09:07.0321 1260 UmPass - ok
18:09:07.0368 1260 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:09:07.0415 1260 UmRdpService - ok
18:09:07.0509 1260 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:09:07.0571 1260 upnphost - ok
18:09:07.0618 1260 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:09:07.0633 1260 usbaudio - ok
18:09:07.0649 1260 [ 7E72E7D7E0757D59481D530FD2B0BFAE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:07.0680 1260 usbccgp - ok
18:09:07.0696 1260 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:09:07.0743 1260 usbcir - ok
18:09:07.0789 1260 [ CFBCE999C057D78979A181C9C60F208E ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:09:07.0821 1260 usbehci - ok
18:09:07.0914 1260 [ 9D22AAD9AC6A07C691A1113E5F860868 ] usbhub C:\Windows\system32\drivers\usbhub.sys
18:09:07.0930 1260 usbhub - ok
18:09:07.0961 1260 [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:09:07.0977 1260 usbohci - ok
18:09:08.0023 1260 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:09:08.0039 1260 usbprint - ok
18:09:08.0070 1260 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:08.0070 1260 USBSTOR - ok
18:09:08.0117 1260 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:09:08.0164 1260 usbuhci - ok
18:09:08.0211 1260 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:09:08.0242 1260 UxSms - ok
18:09:08.0257 1260 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:09:08.0273 1260 VaultSvc - ok
18:09:08.0335 1260 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:09:08.0367 1260 vdrvroot - ok
18:09:08.0429 1260 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:09:08.0491 1260 vds - ok
18:09:08.0554 1260 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:08.0601 1260 vga - ok
18:09:08.0632 1260 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:09:08.0663 1260 VgaSave - ok
18:09:08.0725 1260 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:09:08.0757 1260 vhdmp - ok
18:09:08.0850 1260 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:09:08.0881 1260 viaagp - ok
18:09:08.0897 1260 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
18:09:08.0959 1260 ViaC7 - ok
18:09:09.0006 1260 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:09:09.0037 1260 viaide - ok
18:09:09.0084 1260 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:09:09.0115 1260 vmbus - ok
18:09:09.0131 1260 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:09:09.0178 1260 VMBusHID - ok
18:09:09.0225 1260 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:09:09.0256 1260 volmgr - ok
18:09:09.0349 1260 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:09:09.0381 1260 volmgrx - ok
18:09:09.0443 1260 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:09:09.0474 1260 volsnap - ok
18:09:09.0537 1260 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:09:09.0568 1260 vsmraid - ok
18:09:09.0755 1260 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:09:09.0849 1260 VSS - ok
18:09:09.0880 1260 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:09:09.0895 1260 vwifibus - ok
18:09:09.0958 1260 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:10.0020 1260 vwififlt - ok
18:09:10.0114 1260 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:09:10.0129 1260 vwifimp - ok
18:09:10.0192 1260 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:09:10.0239 1260 W32Time - ok
18:09:10.0270 1260 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:09:10.0317 1260 WacomPen - ok
18:09:10.0395 1260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:09:10.0457 1260 WANARP - ok
18:09:10.0473 1260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:09:10.0488 1260 Wanarpv6 - ok
18:09:10.0831 1260 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:09:10.0909 1260 WatAdminSvc - ok
18:09:11.0112 1260 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:09:11.0190 1260 wbengine - ok
18:09:11.0206 1260 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:09:11.0253 1260 WbioSrvc - ok
18:09:11.0299 1260 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:09:11.0315 1260 wcncsvc - ok
18:09:11.0331 1260 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:11.0393 1260 WcsPlugInService - ok
18:09:11.0409 1260 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
18:09:11.0424 1260 Wd - ok
18:09:11.0487 1260 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam.sys
18:09:11.0549 1260 WDC_SAM - ok
18:09:11.0689 1260 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:09:11.0721 1260 Wdf01000 - ok
18:09:11.0783 1260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:09:12.0064 1260 WdiServiceHost - ok
18:09:12.0095 1260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:09:12.0111 1260 WdiSystemHost - ok
18:09:12.0189 1260 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:09:12.0235 1260 WebClient - ok
18:09:12.0298 1260 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:09:12.0360 1260 Wecsvc - ok
18:09:12.0376 1260 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:09:12.0391 1260 wercplsupport - ok
18:09:12.0501 1260 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:09:12.0547 1260 WerSvc - ok
18:09:12.0641 1260 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:12.0657 1260 WfpLwf - ok
18:09:12.0688 1260 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:09:12.0719 1260 WIMMount - ok
18:09:12.0844 1260 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:09:12.0906 1260 WinDefend - ok
18:09:12.0937 1260 WinHttpAutoProxySvc - ok
18:09:13.0015 1260 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:09:13.0047 1260 Winmgmt - ok
18:09:13.0078 1260 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:09:13.0140 1260 WinRM - ok
18:09:13.0187 1260 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:09:13.0249 1260 Wlansvc - ok
18:09:13.0296 1260 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:09:13.0312 1260 WmiAcpi - ok
18:09:13.0327 1260 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:09:13.0359 1260 wmiApSrv - ok
18:09:13.0437 1260 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:09:13.0530 1260 WMPNetworkSvc - ok
18:09:13.0546 1260 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:09:13.0608 1260 WPCSvc - ok
18:09:13.0624 1260 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:09:13.0655 1260 WPDBusEnum - ok
18:09:13.0702 1260 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:09:13.0749 1260 ws2ifsl - ok
18:09:13.0795 1260 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:09:13.0827 1260 wscsvc - ok
18:09:13.0842 1260 WSearch - ok
18:09:13.0905 1260 [ E7C84A8A763C460FE182F4DCBC17B9DC ] WSWNA3100 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
18:09:13.0920 1260 WSWNA3100 - ok
18:09:14.0061 1260 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:09:14.0154 1260 wuauserv - ok
18:09:14.0170 1260 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:09:14.0232 1260 WudfPf - ok
18:09:14.0279 1260 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:14.0357 1260 WUDFRd - ok
18:09:14.0388 1260 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:09:14.0404 1260 wudfsvc - ok
18:09:14.0419 1260 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:09:14.0435 1260 WwanSvc - ok
18:09:14.0482 1260 ================ Scan global ===============================
18:09:14.0513 1260 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:09:14.0560 1260 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:09:14.0607 1260 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:09:14.0638 1260 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:09:14.0685 1260 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:09:14.0685 1260 [Global] - ok
18:09:14.0685 1260 ================ Scan MBR ==================================
18:09:14.0685 1260 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:09:15.0792 1260 \Device\Harddisk0\DR0 - ok
18:09:15.0792 1260 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR1
18:09:15.0901 1260 \Device\Harddisk1\DR1 - ok
18:09:15.0901 1260 ================ Scan VBR ==================================
18:09:15.0917 1260 [ 7C861821C8D2CD35A1B46F97370E38CD ] \Device\Harddisk0\DR0\Partition1
18:09:15.0948 1260 \Device\Harddisk0\DR0\Partition1 - ok
18:09:15.0979 1260 [ 5CB881A6937E285DCA092B1E77F4D896 ] \Device\Harddisk0\DR0\Partition2
18:09:16.0011 1260 \Device\Harddisk0\DR0\Partition2 - ok
18:09:16.0011 1260 [ E99F9A5DBC703F8B64781CFBFE1394CE ] \Device\Harddisk1\DR1\Partition1
18:09:16.0011 1260 \Device\Harddisk1\DR1\Partition1 - ok
18:09:16.0011 1260 ================ Scan active images ========================
18:09:16.0011 1260 [ B7EFEF22FF426EC4158A177CB3B558D3 ] C:\Windows\System32\drivers\crashdmp.sys
18:09:16.0011 1260 C:\Windows\System32\drivers\crashdmp.sys - ok
18:09:16.0011 1260 [ 5428227D4730EBDFC842E9FB593F8C8A ] C:\Windows\System32\drivers\Dumpata.sys
18:09:16.0011 1260 C:\Windows\System32\drivers\Dumpata.sys - ok
18:09:16.0026 1260 [ 012C5F4E9349E711E11E0F19A8589F0A ] C:\Windows\System32\drivers\msahci.sys
18:09:16.0026 1260 C:\Windows\System32\drivers\msahci.sys - ok
18:09:16.0026 1260 [ 62A63EF2F3053B461CB327E4D69AAA74 ] C:\Windows\System32\drivers\dumpfve.sys
18:09:16.0026 1260 C:\Windows\System32\drivers\dumpfve.sys - ok
18:09:16.0026 1260 [ 687AF6BB383885FF6A64071B189A7F3E ] C:\Windows\System32\drivers\dtsoftbus01.sys
18:09:16.0026 1260 C:\Windows\System32\drivers\dtsoftbus01.sys - ok
18:09:16.0026 1260 [ 505506526A9D467307B3C393DEDAF858 ] C:\Windows\System32\drivers\beep.sys
18:09:16.0026 1260 C:\Windows\System32\drivers\beep.sys - ok
18:09:16.0042 1260 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] C:\Windows\System32\drivers\cdrom.sys
18:09:16.0042 1260 C:\Windows\System32\drivers\cdrom.sys - ok
18:09:16.0042 1260 [ F9756A98D69098DCA8945D62858A812C ] C:\Windows\System32\drivers\null.sys
18:09:16.0042 1260 C:\Windows\System32\drivers\null.sys - ok
18:09:16.0042 1260 [ 8E38096AD5C8570A6F1570A61E251561 ] C:\Windows\System32\drivers\vga.sys
18:09:16.0042 1260 C:\Windows\System32\drivers\vga.sys - ok
18:09:16.0042 1260 [ 15C126D1B55814B9E5CAB10A9C1F4C67 ] C:\Windows\System32\drivers\videoprt.sys
18:09:16.0042 1260 C:\Windows\System32\drivers\videoprt.sys - ok
18:09:16.0042 1260 [ CB45A417C8EF7BA6BAC67EDCDDED8700 ] C:\Windows\System32\drivers\watchdog.sys
18:09:16.0042 1260 C:\Windows\System32\drivers\watchdog.sys - ok
18:09:16.0057 1260 [ 23DAE03F29D253AE74C44F99E515F9A1 ] C:\Windows\System32\drivers\RDPCDD.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\RDPCDD.sys - ok
18:09:16.0057 1260 [ 5A53CA1598DD4156D44196D200C94B8A ] C:\Windows\System32\drivers\RDPENCDD.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\RDPENCDD.sys - ok
18:09:16.0057 1260 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] C:\Windows\System32\drivers\RDPREFMP.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\RDPREFMP.sys - ok
18:09:16.0057 1260 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] C:\Windows\System32\drivers\msfs.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\msfs.sys - ok
18:09:16.0057 1260 [ 1DB262A9F8C087E8153D89BEF3D2235F ] C:\Windows\System32\drivers\npfs.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\npfs.sys - ok
18:09:16.0057 1260 [ 2F885864D5BC8A16C86BEE595969A48A ] C:\Windows\System32\drivers\tdi.sys
18:09:16.0057 1260 C:\Windows\System32\drivers\tdi.sys - ok
18:09:16.0073 1260 [ B459575348C20E8121D6039DA063C704 ] C:\Windows\System32\drivers\tdx.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\tdx.sys - ok
18:09:16.0073 1260 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] C:\Windows\System32\drivers\afd.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\afd.sys - ok
18:09:16.0073 1260 [ 280122DDCF04B378EDD1AD54D71C1E54 ] C:\Windows\System32\drivers\netbt.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\netbt.sys - ok
18:09:16.0073 1260 [ 8B9A943F3B53861F2BFAF6C186168F79 ] C:\Windows\System32\drivers\wfplwf.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\wfplwf.sys - ok
18:09:16.0073 1260 [ 6270CCAE2A86DE6D146529FE55B3246A ] C:\Windows\System32\drivers\pacer.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\pacer.sys - ok
18:09:16.0073 1260 [ 7090D3436EEB4E7DA3373090A23448F7 ] C:\Windows\System32\drivers\vwififlt.sys
18:09:16.0073 1260 C:\Windows\System32\drivers\vwififlt.sys - ok
18:09:16.0089 1260 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] C:\Windows\System32\drivers\netbios.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\netbios.sys - ok
18:09:16.0089 1260 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] C:\Windows\System32\drivers\termdd.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\termdd.sys - ok
18:09:16.0089 1260 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] C:\Windows\System32\drivers\wanarp.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\wanarp.sys - ok
18:09:16.0089 1260 [ D528BC58A489409BA40334EBF96A311B ] C:\Windows\System32\drivers\rdbss.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\rdbss.sys - ok
18:09:16.0089 1260 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] C:\Windows\System32\drivers\nsiproxy.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\nsiproxy.sys - ok
18:09:16.0089 1260 [ 1A050B0274BFB3890703D490F330C0DA ] C:\Windows\System32\drivers\discache.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\discache.sys - ok
18:09:16.0089 1260 [ FC6B9FF600CC585EA38B12589BD4E246 ] C:\Windows\System32\drivers\mssmbios.sys
18:09:16.0089 1260 C:\Windows\System32\drivers\mssmbios.sys - ok
18:09:16.0104 1260 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] C:\Windows\System32\drivers\csc.sys
18:09:16.0104 1260 C:\Windows\System32\drivers\csc.sys - ok
18:09:16.0104 1260 [ F024449C97EC1E464AAFFDA18593DB88 ] C:\Windows\System32\drivers\dfsc.sys
18:09:16.0104 1260 C:\Windows\System32\drivers\dfsc.sys - ok
18:09:16.0104 1260 [ 2287078ED48FCFC477B05B20CF38F36F ] C:\Windows\System32\drivers\blbdrive.sys
18:09:16.0104 1260 C:\Windows\System32\drivers\blbdrive.sys - ok
18:09:16.0104 1260 [ B2FA25D9B17A68BB93D58B0556E8C90D ] C:\Windows\System32\drivers\tunnel.sys
18:09:16.0104 1260 C:\Windows\System32\drivers\tunnel.sys - ok
18:09:16.0104 1260 [ C30A91ADE8C9CB91E4281EC83C4500C6 ] C:\Windows\System32\ntdll.dll
18:09:16.0104 1260 C:\Windows\System32\ntdll.dll - ok
18:09:16.0104 1260 [ 16742790895960690237A5143CEDEC8B ] C:\Windows\System32\smss.exe
18:09:16.0104 1260 C:\Windows\System32\smss.exe - ok
18:09:16.0120 1260 [ AD626F6964F4D364D226C39E06872DD3 ] C:\Windows\System32\drivers\igdkmd32.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\igdkmd32.sys - ok
18:09:16.0120 1260 [ 23F5D28378A160352BA8F817BD8C71CB ] C:\Windows\System32\drivers\dxgkrnl.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\dxgkrnl.sys - ok
18:09:16.0120 1260 [ 1893ACD253854AC385042DB594FA23FF ] C:\Windows\System32\drivers\dxgmms1.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\dxgmms1.sys - ok
18:09:16.0120 1260 [ 88A67C34E37186665E916FD347B50D19 ] C:\Windows\System32\drivers\HECI.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\HECI.sys - ok
18:09:16.0120 1260 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] C:\Windows\System32\drivers\serenum.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\serenum.sys - ok
18:09:16.0120 1260 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] C:\Windows\System32\drivers\serial.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\serial.sys - ok
18:09:16.0120 1260 [ 3EA531906572FFD549B72A10F828E58C ] C:\Windows\System32\drivers\e1k6032.sys
18:09:16.0120 1260 C:\Windows\System32\drivers\e1k6032.sys - ok
18:09:16.0135 1260 [ F3ADCFB2F0BA791A26AC8E9C33D7E20E ] C:\Windows\System32\drivers\usbport.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\usbport.sys - ok
18:09:16.0135 1260 [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] C:\Windows\System32\drivers\usbuhci.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\usbuhci.sys - ok
18:09:16.0135 1260 [ 9036377B8A6C15DC2EEC53E489D159B5 ] C:\Windows\System32\drivers\hdaudbus.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\hdaudbus.sys - ok
18:09:16.0135 1260 [ CFBCE999C057D78979A181C9C60F208E ] C:\Windows\System32\drivers\usbehci.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\usbehci.sys - ok
18:09:16.0135 1260 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] C:\Windows\System32\drivers\i8042prt.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\i8042prt.sys - ok
18:09:16.0135 1260 [ ADEF52CA1AEAE82B50DF86B56413107E ] C:\Windows\System32\drivers\kbdclass.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\kbdclass.sys - ok
18:09:16.0135 1260 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] C:\Windows\System32\drivers\mouclass.sys
18:09:16.0135 1260 C:\Windows\System32\drivers\mouclass.sys - ok
18:09:16.0151 1260 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] C:\Windows\System32\drivers\parport.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\parport.sys - ok
18:09:16.0151 1260 [ E817A017F82DF2A1F8CFDBDA29388B29 ] C:\Windows\System32\drivers\fdc.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\fdc.sys - ok
18:09:16.0151 1260 [ 5AD05191DC8B444A7BA4D79B76C42A30 ] C:\Windows\System32\drivers\tpm.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\tpm.sys - ok
18:09:16.0151 1260 [ 185ADA973B5020655CEE342059A86CBB ] C:\Windows\System32\drivers\GEARAspiWDM.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
18:09:16.0151 1260 [ 57EC4AEF73660166074D8F7F31C0D4FD ] C:\Windows\System32\drivers\agilevpn.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\agilevpn.sys - ok
18:09:16.0151 1260 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] C:\Windows\System32\drivers\CompositeBus.sys
18:09:16.0151 1260 C:\Windows\System32\drivers\CompositeBus.sys - ok
18:09:16.0167 1260 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] C:\Windows\System32\drivers\intelppm.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\intelppm.sys - ok
18:09:16.0167 1260 [ 0217679B8FCA58714C3BF2726D2CA84E ] C:\Windows\System32\drivers\wmiacpi.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\wmiacpi.sys - ok
18:09:16.0167 1260 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] C:\Windows\System32\drivers\ndistapi.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\ndistapi.sys - ok
18:09:16.0167 1260 [ D9F91EAFEC2815365CBE6D167E4E332A ] C:\Windows\System32\drivers\rasl2tp.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\rasl2tp.sys - ok
18:09:16.0167 1260 [ 38FBE267E7E6983311179230FACB1017 ] C:\Windows\System32\drivers\ndiswan.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\ndiswan.sys - ok
18:09:16.0167 1260 [ 0FE8B15916307A6AC12BFB6A63E45507 ] C:\Windows\System32\drivers\raspppoe.sys
18:09:16.0167 1260 C:\Windows\System32\drivers\raspppoe.sys - ok
18:09:16.0182 1260 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] C:\Windows\System32\drivers\raspptp.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\raspptp.sys - ok
18:09:16.0182 1260 [ 44101F495A83EA6401D886E7FD70096B ] C:\Windows\System32\drivers\rassstp.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\rassstp.sys - ok
18:09:16.0182 1260 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] C:\Windows\System32\drivers\rdpbus.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\rdpbus.sys - ok
18:09:16.0182 1260 [ F88A52EB62019D6A62FDD9E08034DBD8 ] C:\Windows\System32\autochk.exe
18:09:16.0182 1260 C:\Windows\System32\autochk.exe - ok
18:09:16.0182 1260 [ 5DCEF0C32BE0F33277326586FA503689 ] C:\Windows\System32\drivers\ks.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\ks.sys - ok
18:09:16.0182 1260 [ E58C78A848ADD9610A4DB6D214AF5224 ] C:\Windows\System32\drivers\swenum.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\swenum.sys - ok
18:09:16.0182 1260 [ D295BED4B898F0FD999FCFA9B32B071B ] C:\Windows\System32\drivers\umbus.sys
18:09:16.0182 1260 C:\Windows\System32\drivers\umbus.sys - ok
18:09:16.0198 1260 [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\System32\ws2_32.dll
18:09:16.0198 1260 C:\Windows\System32\ws2_32.dll - ok
18:09:16.0198 1260 [ 4A8E2F20809CC161107FAA94F6CF2685 ] C:\Windows\System32\imm32.dll
18:09:16.0198 1260 C:\Windows\System32\imm32.dll - ok
18:09:16.0198 1260 [ 9D22AAD9AC6A07C691A1113E5F860868 ] C:\Windows\System32\drivers\usbhub.sys
18:09:16.0198 1260 C:\Windows\System32\drivers\usbhub.sys - ok
18:09:16.0198 1260 [ 03728C624D05C2F157BBD46F6B7F6EA0 ] C:\Windows\System32\wininet.dll
18:09:16.0198 1260 C:\Windows\System32\wininet.dll - ok
18:09:16.0198 1260 [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\System32\oleaut32.dll
18:09:16.0198 1260 C:\Windows\System32\oleaut32.dll - ok
18:09:16.0198 1260 [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\System32\sechost.dll
18:09:16.0198 1260 C:\Windows\System32\sechost.dll - ok
18:09:16.0213 1260 [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\System32\msctf.dll
18:09:16.0213 1260 C:\Windows\System32\msctf.dll - ok
18:09:16.0213 1260 [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\System32\ole32.dll
18:09:16.0213 1260 C:\Windows\System32\ole32.dll - ok
18:09:16.0213 1260 [ FF5688D309347F2720911D8796912834 ] C:\Windows\System32\clbcatq.dll
18:09:16.0213 1260 C:\Windows\System32\clbcatq.dll - ok
18:09:16.0213 1260 [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\System32\advapi32.dll
18:09:16.0213 1260 C:\Windows\System32\advapi32.dll - ok
18:09:16.0213 1260 [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\System32\imagehlp.dll
18:09:16.0213 1260 C:\Windows\System32\imagehlp.dll - ok
18:09:16.0213 1260 [ 3ED262888758E350C29E02207AF9AC59 ] C:\Windows\System32\kernel32.dll
18:09:16.0213 1260 C:\Windows\System32\kernel32.dll - ok
18:09:16.0213 1260 [ 4F154D2C9C6DF951FD6E5AABBAE6B5EE ] C:\Windows\System32\lpk.dll
18:09:16.0213 1260 C:\Windows\System32\lpk.dll - ok
18:09:16.0229 1260 [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\System32\nsi.dll
18:09:16.0229 1260 C:\Windows\System32\nsi.dll - ok
18:09:16.0229 1260 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] C:\Windows\System32\drivers\ndproxy.sys
18:09:16.0229 1260 C:\Windows\System32\drivers\ndproxy.sys - ok
18:09:16.0229 1260 [ 6C61BCEB60C2C187E6F96001FD69493E ] C:\Windows\System32\drivers\ADIHdAud.sys
18:09:16.0229 1260 C:\Windows\System32\drivers\ADIHdAud.sys - ok
18:09:16.0229 1260 [ 27F9288AF019E6DACA281EDE51FF5928 ] C:\Windows\System32\drivers\drmk.sys
18:09:16.0229 1260 C:\Windows\System32\drivers\drmk.sys - ok
18:09:16.0229 1260 [ D72708C9F49500C13D7D067E169B7715 ] C:\Windows\System32\drivers\portcls.sys
18:09:16.0229 1260 C:\Windows\System32\drivers\portcls.sys - ok
18:09:16.0229 1260 [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\System32\msvcrt.dll
18:09:16.0229 1260 C:\Windows\System32\msvcrt.dll - ok
18:09:16.0245 1260 [ 6400774E903729ADD0A62A24A334EE56 ] C:\Windows\System32\rpcrt4.dll
18:09:16.0245 1260 C:\Windows\System32\rpcrt4.dll - ok
18:09:16.0245 1260 [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\System32\psapi.dll
18:09:16.0245 1260 C:\Windows\System32\psapi.dll - ok
18:09:16.0245 1260 [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\System32\setupapi.dll
18:09:16.0245 1260 C:\Windows\System32\setupapi.dll - ok
18:09:16.0245 1260 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 ] C:\Windows\System32\user32.dll
18:09:16.0245 1260 C:\Windows\System32\user32.dll - ok
18:09:16.0245 1260 [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\System32\Wldap32.dll
18:09:16.0245 1260 C:\Windows\System32\Wldap32.dll - ok
18:09:16.0245 1260 [ 070C5B9D3006602A07757179D9B56F5D ] C:\Windows\System32\difxapi.dll
18:09:16.0245 1260 C:\Windows\System32\difxapi.dll - ok
18:09:16.0245 1260 [ 180D098704551DE37C6299AA888D6821 ] C:\Windows\System32\urlmon.dll
18:09:16.0245 1260 C:\Windows\System32\urlmon.dll - ok
18:09:16.0260 1260 [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\System32\shlwapi.dll
18:09:16.0260 1260 C:\Windows\System32\shlwapi.dll - ok
18:09:16.0260 1260 [ E87F5393F7D8CE2FACC4DFF703531392 ] C:\Windows\System32\gdi32.dll
18:09:16.0260 1260 C:\Windows\System32\gdi32.dll - ok
18:09:16.0260 1260 [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\System32\comdlg32.dll
18:09:16.0260 1260 C:\Windows\System32\comdlg32.dll - ok
18:09:16.0260 1260 [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\System32\shell32.dll
18:09:16.0260 1260 C:\Windows\System32\shell32.dll - ok
18:09:16.0260 1260 [ 6C26122F1931D4D7810240F32DDCE890 ] C:\Windows\System32\drivers\hidparse.sys
18:09:16.0260 1260 C:\Windows\System32\drivers\hidparse.sys - ok
18:09:16.0276 1260 [ 931A1DF1520ABC6E84BA4A75E6957025 ] C:\Windows\System32\drivers\hidclass.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\hidclass.sys - ok
18:09:16.0276 1260 [ 18E71EA0E063037A5C3C8272A5262B7C ] C:\Windows\System32\drivers\usbd.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\usbd.sys - ok
18:09:16.0276 1260 [ 10C19F8290891AF023EAEC0832E1EB4D ] C:\Windows\System32\drivers\hidusb.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\hidusb.sys - ok
18:09:16.0276 1260 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] C:\Windows\System32\drivers\mouhid.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\mouhid.sys - ok
18:09:16.0276 1260 [ BF63EBFC6979FEFB2BC03DF7989A0C1A ] C:\Windows\System32\drivers\USBSTOR.SYS
18:09:16.0276 1260 C:\Windows\System32\drivers\USBSTOR.SYS - ok
18:09:16.0276 1260 [ B172E759651C4FBD77C009F8E1571EB3 ] C:\Windows\System32\drivers\bcmwlhigh6.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\bcmwlhigh6.sys - ok
18:09:16.0276 1260 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] C:\Windows\System32\drivers\vwifibus.sys
18:09:16.0276 1260 C:\Windows\System32\drivers\vwifibus.sys - ok
18:09:16.0291 1260 [ 73BDB1C0801D44BEA5F6749FD340CC0F ] C:\Windows\System32\iertutil.dll
18:09:16.0291 1260 C:\Windows\System32\iertutil.dll - ok
18:09:16.0291 1260 [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\System32\normaliz.dll
18:09:16.0291 1260 C:\Windows\System32\normaliz.dll - ok
18:09:16.0291 1260 [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\System32\usp10.dll
18:09:16.0291 1260 C:\Windows\System32\usp10.dll - ok
18:09:16.0291 1260 [ 3FFAEA12666E565FF51BF2FCA674F543 ] C:\Windows\System32\cfgmgr32.dll
18:09:16.0291 1260 C:\Windows\System32\cfgmgr32.dll - ok
18:09:16.0291 1260 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\System32\comctl32.dll
18:09:16.0291 1260 C:\Windows\System32\comctl32.dll - ok
18:09:16.0291 1260 [ E40ADC3B848650F1D5A932FD7DE0D018 ] C:\Windows\System32\KernelBase.dll
18:09:16.0291 1260 C:\Windows\System32\KernelBase.dll - ok
18:09:16.0307 1260 [ 60D21799A4AF4EDCE65FB98830E4B0C8 ] C:\Windows\System32\crypt32.dll
18:09:16.0307 1260 C:\Windows\System32\crypt32.dll - ok
18:09:16.0307 1260 [ CC4ED8BEA78B0DCA6F217E014C3291A7 ] C:\Windows\System32\devobj.dll
18:09:16.0307 1260 C:\Windows\System32\devobj.dll - ok
18:09:16.0307 1260 [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\System32\wintrust.dll
18:09:16.0307 1260 C:\Windows\System32\wintrust.dll - ok
18:09:16.0307 1260 [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\System32\msasn1.dll
18:09:16.0307 1260 C:\Windows\System32\msasn1.dll - ok
18:09:16.0307 1260 [ 5FCD3320AAE71506B43F9E12E4E72172 ] C:\Windows\System32\drivers\dxapi.sys
18:09:16.0307 1260 C:\Windows\System32\drivers\dxapi.sys - ok
18:09:16.0307 1260 [ D45B118114C9B18814CE18F72A34E934 ] C:\Windows\System32\win32k.sys
18:09:16.0307 1260 C:\Windows\System32\win32k.sys - ok
18:09:16.0307 1260 [ 342271F6142E7C70805B8A81E1BA5F5C ] C:\Windows\System32\csrss.exe
18:09:16.0307 1260 C:\Windows\System32\csrss.exe - ok
18:09:16.0323 1260 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\System32\basesrv.dll
18:09:16.0323 1260 C:\Windows\System32\basesrv.dll - ok
18:09:16.0323 1260 [ 6C062EA09313872D2235027EF7A4554E ] C:\Windows\System32\csrsrv.dll
18:09:16.0323 1260 C:\Windows\System32\csrsrv.dll - ok
18:09:16.0323 1260 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\System32\winsrv.dll
18:09:16.0323 1260 C:\Windows\System32\winsrv.dll - ok
18:09:16.0323 1260 [ 79D10964DE86B292320E9DFE02282A23 ] C:\Windows\System32\drivers\monitor.sys
18:09:16.0323 1260 C:\Windows\System32\drivers\monitor.sys - ok
18:09:16.0323 1260 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\System32\sxssrv.dll
18:09:16.0323 1260 C:\Windows\System32\sxssrv.dll - ok
18:09:16.0323 1260 [ 7C76B61A5E1EF5D1FA554CF134100F18 ] C:\Windows\System32\tsddd.dll
18:09:16.0323 1260 C:\Windows\System32\tsddd.dll - ok
18:09:16.0323 1260 [ B5C5DCAD3899512020D135600129D665 ] C:\Windows\System32\wininit.exe
18:09:16.0323 1260 C:\Windows\System32\wininit.exe - ok
18:09:16.0338 1260 [ CAEF9CD6C10B1017E2C298D849CD31DB ] C:\Windows\System32\cdd.dll
18:09:16.0338 1260 C:\Windows\System32\cdd.dll - ok
18:09:16.0338 1260 [ 357B990A4249D7F7485B230C0CC8825A ] C:\Windows\System32\KBDUS.DLL
18:09:16.0338 1260 C:\Windows\System32\KBDUS.DLL - ok
18:09:16.0338 1260 [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\System32\profapi.dll
18:09:16.0338 1260 C:\Windows\System32\profapi.dll - ok
18:09:16.0338 1260 [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\System32\RpcRtRemote.dll
18:09:16.0338 1260 C:\Windows\System32\RpcRtRemote.dll - ok
18:09:16.0338 1260 [ 633C2C060CF857099F6C4F8D75C952B1 ] C:\Windows\System32\WlS0WndH.dll
18:09:16.0338 1260 C:\Windows\System32\WlS0WndH.dll - ok
18:09:16.0338 1260 [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\System32\sxs.dll
18:09:16.0338 1260 C:\Windows\System32\sxs.dll - ok
18:09:16.0338 1260 [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\System32\cryptbase.dll
18:09:16.0338 1260 C:\Windows\System32\cryptbase.dll - ok
18:09:16.0354 1260 [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\System32\apphelp.dll
18:09:16.0354 1260 C:\Windows\System32\apphelp.dll - ok
18:09:16.0354 1260 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\System32\services.exe
18:09:16.0354 1260 C:\Windows\System32\services.exe - ok
18:09:16.0354 1260 [ 81951F51E318AECC2D68559E47485CC4 ] C:\Windows\System32\lsass.exe
18:09:16.0354 1260 C:\Windows\System32\lsass.exe - ok
18:09:16.0354 1260 [ 8AEA9A37C1A3565A204D37C5E72AB791 ] C:\Windows\System32\lsm.exe
18:09:16.0354 1260 C:\Windows\System32\lsm.exe - ok
18:09:16.0354 1260 [ 4A054C853031616D161A84BECF281F47 ] C:\Windows\System32\sspicli.dll
18:09:16.0354 1260 C:\Windows\System32\sspicli.dll - ok
18:09:16.0354 1260 [ 6D13E1406F50C66E2A95D97F22C47560 ] C:\Windows\System32\winlogon.exe
18:09:16.0354 1260 C:\Windows\System32\winlogon.exe - ok
18:09:16.0354 1260 [ 3369D021265E369D57317D61FA86DD79 ] C:\Windows\System32\scext.dll
18:09:16.0354 1260 C:\Windows\System32\scext.dll - ok
18:09:16.0369 1260 [ 69678722290C78D5D7198C60B5A4E3E8 ] C:\Windows\System32\secur32.dll
18:09:16.0369 1260 C:\Windows\System32\secur32.dll - ok
18:09:16.0369 1260 [ 250AA41DE690561AF1282D598914564C ] C:\Windows\System32\scesrv.dll
18:09:16.0369 1260 C:\Windows\System32\scesrv.dll - ok
18:09:16.0369 1260 [ E361AE3010EA4B3123DAB5BDAE21798F ] C:\Windows\System32\sspisrv.dll
18:09:16.0369 1260 C:\Windows\System32\sspisrv.dll - ok
18:09:16.0369 1260 [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\System32\srvcli.dll
18:09:16.0369 1260 C:\Windows\System32\srvcli.dll - ok
18:09:16.0369 1260 [ C95CA687D32DDAB1C91E1122E80D5E16 ] C:\Windows\System32\lsasrv.dll
18:09:16.0369 1260 C:\Windows\System32\lsasrv.dll - ok
18:09:16.0369 1260 [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\System32\winsta.dll
18:09:16.0369 1260 C:\Windows\System32\winsta.dll - ok
18:09:16.0385 1260 [ BA51FFE170C5B3AE8EC4F5BD2581A29E ] C:\Windows\System32\sysntfy.dll
18:09:16.0385 1260 C:\Windows\System32\sysntfy.dll - ok
18:09:16.0385 1260 [ 245F4691314F42D4D1BC06442F0B2086 ] C:\Windows\System32\samsrv.dll
18:09:16.0385 1260 C:\Windows\System32\samsrv.dll - ok
18:09:16.0385 1260 [ D412B1B72C5AB020218E9A047D90CA05 ] C:\Windows\System32\wmsgapi.dll
18:09:16.0385 1260 C:\Windows\System32\wmsgapi.dll - ok
18:09:16.0385 1260 [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\System32\cryptdll.dll
18:09:16.0385 1260 C:\Windows\System32\cryptdll.dll - ok
18:09:16.0385 1260 [ 82C089EA2A3EEFADF3588EA71E8BDADA ] C:\Windows\System32\wevtapi.dll
18:09:16.0385 1260 C:\Windows\System32\wevtapi.dll - ok
18:09:16.0385 1260 [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\System32\authz.dll
18:09:16.0385 1260 C:\Windows\System32\authz.dll - ok
18:09:16.0385 1260 [ 50BA656134F78AF64E4DD3C8B6FEFD7E ] C:\Windows\System32\cngaudit.dll
18:09:16.0385 1260 C:\Windows\System32\cngaudit.dll - ok
18:09:16.0401 1260 [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\System32\ncrypt.dll
18:09:16.0401 1260 C:\Windows\System32\ncrypt.dll - ok
18:09:16.0401 1260 [ FC7650224790CAE75A5E9231961FDEC5 ] C:\Windows\System32\bcrypt.dll
18:09:16.0401 1260 C:\Windows\System32\bcrypt.dll - ok
18:09:16.0401 1260 [ C90878913DF3DC504790282043DB5F4C ] C:\Windows\System32\msprivs.dll
18:09:16.0401 1260 C:\Windows\System32\msprivs.dll - ok
18:09:16.0401 1260 [ E343CABBD8D600ABAF3F11625D33B3D0 ] C:\Windows\System32\netjoin.dll
18:09:16.0401 1260 C:\Windows\System32\netjoin.dll - ok
18:09:16.0401 1260 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF ] C:\Windows\System32\negoexts.dll
18:09:16.0401 1260 C:\Windows\System32\negoexts.dll - ok
18:09:16.0401 1260 [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\System32\kerberos.dll
18:09:16.0401 1260 C:\Windows\System32\kerberos.dll - ok
18:09:16.0401 1260 [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\System32\cryptsp.dll
18:09:16.0401 1260 C:\Windows\System32\cryptsp.dll - ok
18:09:16.0416 1260 [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\System32\mswsock.dll
18:09:16.0416 1260 C:\Windows\System32\mswsock.dll - ok
18:09:16.0416 1260 [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\System32\wship6.dll
18:09:16.0416 1260 C:\Windows\System32\wship6.dll - ok
18:09:16.0416 1260 [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\System32\msv1_0.dll
18:09:16.0416 1260 C:\Windows\System32\msv1_0.dll - ok
18:09:16.0416 1260 [ C1809B9907ADEDAF16F50C894100883B ] C:\Windows\System32\netlogon.dll
18:09:16.0416 1260 C:\Windows\System32\netlogon.dll - ok
18:09:16.0416 1260 [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\System32\dnsapi.dll
18:09:16.0416 1260 C:\Windows\System32\dnsapi.dll - ok
18:09:16.0416 1260 [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\System32\logoncli.dll
18:09:16.0416 1260 C:\Windows\System32\logoncli.dll - ok
18:09:16.0416 1260 [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\System32\schannel.dll
18:09:16.0416 1260 C:\Windows\System32\schannel.dll - ok
18:09:16.0432 1260 [ 0450CF487ECD8A67B56F59F9A96D024D ] C:\Windows\System32\wdigest.dll
18:09:16.0432 1260 C:\Windows\System32\wdigest.dll - ok
18:09:16.0432 1260 [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\System32\bcryptprimitives.dll
18:09:16.0432 1260 C:\Windows\System32\bcryptprimitives.dll - ok
18:09:16.0432 1260 [ 37CC990D4E2CDFAE12AC47F6B620FC13 ] C:\Windows\System32\pku2u.dll
18:09:16.0432 1260 C:\Windows\System32\pku2u.dll - ok
18:09:16.0432 1260 [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\System32\rsaenh.dll
18:09:16.0432 1260 C:\Windows\System32\rsaenh.dll - ok
18:09:16.0432 1260 [ D29E45078CF4020CE0AAC82EC652D1EA ] C:\Windows\System32\TSpkg.dll
18:09:16.0432 1260 C:\Windows\System32\TSpkg.dll - ok
18:09:16.0432 1260 [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\System32\credssp.dll
18:09:16.0432 1260 C:\Windows\System32\credssp.dll - ok
18:09:16.0432 1260 [ 91F434FF6606ED9BDC6A05D651B69553 ] C:\Windows\System32\efslsaext.dll
18:09:16.0432 1260 C:\Windows\System32\efslsaext.dll - ok
18:09:16.0447 1260 [ 8124944EC89D6A1815E4E53F5B96AAF4 ] C:\Windows\System32\scecli.dll
18:09:16.0447 1260 C:\Windows\System32\scecli.dll - ok
18:09:16.0447 1260 [ FD1D6C73E6333BE727CBCC6054247654 ] C:\Windows\System32\drivers\TsUsbFlt.sys
18:09:16.0447 1260 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
18:09:16.0447 1260 [ 7222995615BF93B628DCEA4BD6CCACF7 ] C:\Windows\System32\ubpm.dll
18:09:16.0447 1260 C:\Windows\System32\ubpm.dll - ok
18:09:16.0447 1260 [ 54A47F6B5E09A77E61649109C6A08866 ] C:\Windows\System32\svchost.exe
18:09:16.0447 1260 C:\Windows\System32\svchost.exe - ok
18:09:16.0447 1260 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] C:\Windows\System32\umpnpmgr.dll
18:09:16.0447 1260 C:\Windows\System32\umpnpmgr.dll - ok
18:09:16.0447 1260 [ FD07F21E0A19C27ED4E1EEC2B07452B3 ] C:\Windows\System32\devrtl.dll
18:09:16.0447 1260 C:\Windows\System32\devrtl.dll - ok
18:09:16.0463 1260 [ 4BDBBE5E4208022DD794F7EEEB0F7366 ] C:\Windows\System32\SPInf.dll
18:09:16.0463 1260 C:\Windows\System32\SPInf.dll - ok
18:09:16.0463 1260 [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\System32\userenv.dll
18:09:16.0463 1260 C:\Windows\System32\userenv.dll - ok
18:09:16.0463 1260 [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\System32\gpapi.dll
18:09:16.0463 1260 C:\Windows\System32\gpapi.dll - ok
18:09:16.0463 1260 [ 5893EBDCE371174AC89ECD7731DD6D77 ] C:\Windows\System32\pcwum.dll
18:09:16.0463 1260 C:\Windows\System32\pcwum.dll - ok
18:09:16.0463 1260 [ F87D30E72E03D579A5199CCB3831D6EA ] C:\Windows\System32\umpo.dll
18:09:16.0463 1260 C:\Windows\System32\umpo.dll - ok
18:09:16.0463 1260 [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\System32\powrprof.dll
18:09:16.0463 1260 C:\Windows\System32\powrprof.dll - ok
18:09:16.0463 1260 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] C:\Windows\System32\drivers\luafv.sys
18:09:16.0463 1260 C:\Windows\System32\drivers\luafv.sys - ok
18:09:16.0479 1260 [ E714A1C0354636837E20CCBF00888EE7 ] C:\Windows\System32\drivers\WUDFPf.sys
18:09:16.0479 1260 C:\Windows\System32\drivers\WUDFPf.sys - ok
18:09:16.0479 1260 [ 7660F01D3B38ACA1747E397D21D790AF ] C:\Windows\System32\rpcss.dll
18:09:16.0479 1260 C:\Windows\System32\rpcss.dll - ok
18:09:16.0479 1260 [ 78D072F35BC45D9E4E1B61895C152234 ] C:\Windows\System32\RpcEpMap.dll
18:09:16.0479 1260 C:\Windows\System32\RpcEpMap.dll - ok
18:09:16.0479 1260 [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\System32\wshqos.dll
18:09:16.0479 1260 C:\Windows\System32\wshqos.dll - ok
18:09:16.0479 1260 [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\System32\WSHTCPIP.DLL
18:09:16.0479 1260 C:\Windows\System32\WSHTCPIP.DLL - ok
18:09:16.0479 1260 [ 3F50200237961034FACE602373838980 ] C:\Windows\System32\FirewallAPI.dll
18:09:16.0479 1260 C:\Windows\System32\FirewallAPI.dll - ok
18:09:16.0479 1260 [ 3EF0D8AB08385AAB5802E773511A2E6A ] C:\Windows\System32\LogonUI.exe
18:09:16.0479 1260 C:\Windows\System32\LogonUI.exe - ok
18:09:16.0494 1260 [ 702254574E7E52052DE39408457B7149 ] C:\Windows\System32\version.dll
18:09:16.0494 1260 C:\Windows\System32\version.dll - ok
18:09:16.0494 1260 [ 241E015DD809CFB23242F890B1FC575B ] C:\Windows\System32\wevtsvc.dll
18:09:16.0494 1260 C:\Windows\System32\wevtsvc.dll - ok
18:09:16.0494 1260 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] C:\Windows\System32\audiosrv.dll
18:09:16.0494 1260 C:\Windows\System32\audiosrv.dll - ok
18:09:16.0494 1260 [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\System32\MMDevAPI.dll
18:09:16.0494 1260 C:\Windows\System32\MMDevAPI.dll - ok
18:09:16.0494 1260 [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\System32\avrt.dll
18:09:16.0494 1260 C:\Windows\System32\avrt.dll - ok
18:09:16.0494 1260 [ 146B6F43A673379A3C670E86D89BE5EA ] C:\Windows\System32\mmcss.dll
18:09:16.0494 1260 C:\Windows\System32\mmcss.dll - ok
18:09:16.0510 1260 [ CDD35C1CE1EBFE80C055691CDC8DF443 ] C:\Windows\System32\authui.dll
18:09:16.0510 1260 C:\Windows\System32\authui.dll - ok
18:09:16.0510 1260 [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\System32\propsys.dll
18:09:16.0510 1260 C:\Windows\System32\propsys.dll - ok
18:09:16.0510 1260 [ F68194F74350D4A2ADE98961E33F884C ] C:\Windows\System32\audiodg.exe
18:09:16.0510 1260 C:\Windows\System32\audiodg.exe - ok
18:09:16.0510 1260 [ 15F93B37F6801943360D9EB42485D5D3 ] C:\Windows\System32\cscsvc.dll
18:09:16.0510 1260 C:\Windows\System32\cscsvc.dll - ok
18:09:16.0510 1260 [ 772F44012DBE49DE894976AE2259A659 ] C:\Windows\System32\PeerDist.dll
18:09:16.0510 1260 C:\Windows\System32\PeerDist.dll - ok
18:09:16.0510 1260 [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\System32\ntmarta.dll
18:09:16.0510 1260 C:\Windows\System32\ntmarta.dll - ok
18:09:16.0510 1260 [ E897EAF5ED6BA41E081060C9B447A673 ] C:\Windows\System32\gpsvc.dll
18:09:16.0510 1260 C:\Windows\System32\gpsvc.dll - ok
18:09:16.0525 1260 [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\System32\nlaapi.dll
18:09:16.0525 1260 C:\Windows\System32\nlaapi.dll - ok
18:09:16.0525 1260 [ 43CA4CCC22D52FB58E8988F0198851D0 ] C:\Windows\System32\profsvc.dll
18:09:16.0525 1260 C:\Windows\System32\profsvc.dll - ok
18:09:16.0525 1260 [ AC8C80DC4F1A6E60C9A762C1799F0B39 ] C:\Windows\System32\adtschema.dll
18:09:16.0525 1260 C:\Windows\System32\adtschema.dll - ok
18:09:16.0525 1260 [ 16935C98FF639D185086A3529B1F2067 ] C:\Windows\System32\wlansvc.dll
18:09:16.0525 1260 C:\Windows\System32\wlansvc.dll - ok
18:09:16.0525 1260 [ 8B0B4C5927A333A05513791758350DC4 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
18:09:16.0525 1260 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
18:09:16.0525 1260 [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\System32\atl.dll
18:09:16.0525 1260 C:\Windows\System32\atl.dll - ok
18:09:16.0525 1260 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] C:\Windows\System32\themeservice.dll
18:09:16.0525 1260 C:\Windows\System32\themeservice.dll - ok
18:09:16.0541 1260 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE ] C:\Windows\System32\dsrole.dll
18:09:16.0541 1260 C:\Windows\System32\dsrole.dll - ok
18:09:16.0541 1260 [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\System32\slc.dll
18:09:16.0541 1260 C:\Windows\System32\slc.dll - ok
18:09:16.0541 1260 [ F6916EFC29D9953D5D0DF06882AE8E16 ] C:\Windows\System32\es.dll
18:09:16.0541 1260 C:\Windows\System32\es.dll - ok
18:09:16.0541 1260 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC ] C:\Windows\System32\taskschd.dll
18:09:16.0541 1260 C:\Windows\System32\taskschd.dll - ok
18:09:16.0541 1260 [ 808D8A8B2A3074002852BC856D419576 ] C:\Windows\System32\comres.dll
18:09:16.0541 1260 C:\Windows\System32\comres.dll - ok
18:09:16.0541 1260 [ C5A99A4C0DC9F0F5A95BA0C83D30A549 ] C:\Windows\System32\mstask.dll
18:09:16.0541 1260 C:\Windows\System32\mstask.dll - ok
18:09:16.0557 1260 [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
18:09:16.0557 1260 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
18:09:16.0557 1260 [ DCB7FCDCC97F87360F75D77425B81737 ] C:\Windows\System32\Sens.dll
18:09:16.0557 1260 C:\Windows\System32\Sens.dll - ok
18:09:16.0557 1260 [ 081E6E1C91AEC36758902A9F727CD23C ] C:\Windows\System32\uxsms.dll
18:09:16.0557 1260 C:\Windows\System32\uxsms.dll - ok
18:09:16.0557 1260 [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\System32\wtsapi32.dll
18:09:16.0557 1260 C:\Windows\System32\wtsapi32.dll - ok
18:09:16.0557 1260 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] C:\Windows\System32\WUDFSvc.dll
18:09:16.0557 1260 C:\Windows\System32\WUDFSvc.dll - ok
18:09:16.0557 1260 [ 9FBCFD7E88A7ACE0E94456504895DD7F ] C:\Windows\System32\WUDFPlatform.dll
18:09:16.0557 1260 C:\Windows\System32\WUDFPlatform.dll - ok
18:09:16.0572 1260 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] C:\Windows\System32\drivers\lltdio.sys
18:09:16.0572 1260 C:\Windows\System32\drivers\lltdio.sys - ok
18:09:16.0572 1260 [ D8A65DAFB3EB41CBB622745676FCD072 ] C:\Windows\System32\drivers\ndisuio.sys
18:09:16.0572 1260 C:\Windows\System32\drivers\ndisuio.sys - ok
18:09:16.0572 1260 [ 26384429FCD85D83746F63E798AB1480 ] C:\Windows\System32\drivers\nwifi.sys
18:09:16.0572 1260 C:\Windows\System32\drivers\nwifi.sys - ok
18:09:16.0572 1260 [ 032B0D36AD92B582D869879F5AF5B928 ] C:\Windows\System32\drivers\rspndr.sys
18:09:16.0572 1260 C:\Windows\System32\drivers\rspndr.sys - ok
18:09:16.0572 1260 [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\System32\IPHLPAPI.DLL
18:09:16.0572 1260 C:\Windows\System32\IPHLPAPI.DLL - ok
18:09:16.0572 1260 [ 55CA01BA19D0006C8F2639B6C045E08B ] C:\Windows\System32\lmhsvc.dll
18:09:16.0572 1260 C:\Windows\System32\lmhsvc.dll - ok
18:09:16.0572 1260 [ BA387E955E890C8A88306D9B8D06BF17 ] C:\Windows\System32\nsisvc.dll
18:09:16.0572 1260 C:\Windows\System32\nsisvc.dll - ok
18:09:16.0588 1260 [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\System32\winnsi.dll
18:09:16.0588 1260 C:\Windows\System32\winnsi.dll - ok
18:09:16.0588 1260 [ E9E01EB683C132F7FA27CD607B8A2B63 ] C:\Windows\System32\dhcpcore.dll
18:09:16.0588 1260 C:\Windows\System32\dhcpcore.dll - ok
18:09:16.0588 1260 [ 33EF4861F19A0736B11314AAD9AE28D0 ] C:\Windows\System32\dnsrslvr.dll
18:09:16.0588 1260 C:\Windows\System32\dnsrslvr.dll - ok
18:09:16.0588 1260 [ 8600142FA91C1B96367D3300AD0F3F3A ] C:\Windows\System32\eapsvc.dll
18:09:16.0588 1260 C:\Windows\System32\eapsvc.dll - ok
18:09:16.0588 1260 [ AF75DBA674E55221B7A055B0A4345F16 ] C:\Windows\System32\keyiso.dll
18:09:16.0588 1260 C:\Windows\System32\keyiso.dll - ok
18:09:16.0588 1260 [ D2A937964199F647B1C3BC435712E5D9 ] C:\Windows\System32\nrpsrv.dll
18:09:16.0588 1260 C:\Windows\System32\nrpsrv.dll - ok
18:09:16.0588 1260 [ 990A58A0B01720E419B55EFC5FF387F8 ] C:\Windows\System32\dhcpcore6.dll
18:09:16.0588 1260 C:\Windows\System32\dhcpcore6.dll - ok
18:09:16.0603 1260 [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\System32\FWPUCLNT.DLL
18:09:16.0603 1260 C:\Windows\System32\FWPUCLNT.DLL - ok
18:09:16.0603 1260 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\System32\dhcpcsvc.dll
18:09:16.0603 1260 C:\Windows\System32\dhcpcsvc.dll - ok
18:09:16.0603 1260 [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\System32\dhcpcsvc6.dll
18:09:16.0603 1260 C:\Windows\System32\dhcpcsvc6.dll - ok
18:09:16.0603 1260 [ 100103C6535C66265267F5EEA5F5846E ] C:\Windows\System32\dnsext.dll
18:09:16.0603 1260 C:\Windows\System32\dnsext.dll - ok
18:09:16.0603 1260 [ 9A892B3439884C62B04718F0303A49E9 ] C:\Windows\System32\eapphost.dll
18:09:16.0603 1260 C:\Windows\System32\eapphost.dll - ok
18:09:16.0603 1260 [ D33E95C0A2754061233B58DC41F8094C ] C:\Windows\System32\umb.dll
18:09:16.0603 1260 C:\Windows\System32\umb.dll - ok
18:09:16.0619 1260 [ 3C9035085141162416A0DD34DBF3F3C1 ] C:\Windows\System32\wlanmsm.dll
18:09:16.0619 1260 C:\Windows\System32\wlanmsm.dll - ok
18:09:16.0619 1260 [ 20C06A50DFC097E134BC6FA8444CA9BC ] C:\Windows\System32\wlansec.dll
18:09:16.0619 1260 C:\Windows\System32\wlansec.dll - ok
18:09:16.0619 1260 [ 666E57B6B51824D1D235F80A3DD70A13 ] C:\Windows\System32\eappprxy.dll
18:09:16.0619 1260 C:\Windows\System32\eappprxy.dll - ok
18:09:16.0619 1260 [ F748F53FE09D21D8ECBB6421E6792024 ] C:\Windows\System32\onex.dll
18:09:16.0619 1260 C:\Windows\System32\onex.dll - ok
18:09:16.0619 1260 [ 28CA821606669BB9215CE010767720FA ] C:\Windows\System32\cryptui.dll
18:09:16.0619 1260 C:\Windows\System32\cryptui.dll - ok
18:09:16.0619 1260 [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\System32\samlib.dll
18:09:16.0619 1260 C:\Windows\System32\samlib.dll - ok
18:09:16.0619 1260 [ F14A9B1778376D0B1788E402AC1F831A ] C:\Windows\System32\shacct.dll
18:09:16.0619 1260 C:\Windows\System32\shacct.dll - ok
18:09:16.0635 1260 [ 63BFDF555DA2075A77D677829C3CCCD0 ] C:\Windows\System32\uxtheme.dll
18:09:16.0635 1260 C:\Windows\System32\uxtheme.dll - ok
18:09:16.0635 1260 [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
18:09:16.0635 1260 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
18:09:16.0635 1260 [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\System32\dui70.dll
18:09:16.0635 1260 C:\Windows\System32\dui70.dll - ok
18:09:16.0635 1260 [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\System32\duser.dll
18:09:16.0635 1260 C:\Windows\System32\duser.dll - ok
18:09:16.0635 1260 [ 2CFA4569350B7F84F815E9EC34E85766 ] C:\Windows\System32\SndVolSSO.dll
18:09:16.0635 1260 C:\Windows\System32\SndVolSSO.dll - ok
18:09:16.0635 1260 [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\System32\dwmapi.dll
18:09:16.0635 1260 C:\Windows\System32\dwmapi.dll - ok
18:09:16.0650 1260 [ 63DF770DF74ACB370EF5A16727069AAF ] C:\Windows\System32\hid.dll
18:09:16.0650 1260 C:\Windows\System32\hid.dll - ok
18:09:16.0650 1260 [ 7BF5EA753D4CC056B9462A02AC51B160 ] C:\Windows\System32\xmllite.dll
18:09:16.0650 1260 C:\Windows\System32\xmllite.dll - ok
18:09:16.0650 1260 [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\System32\winmm.dll
18:09:16.0650 1260 C:\Windows\System32\winmm.dll - ok
18:09:16.0650 1260 [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\System32\ksuser.dll
18:09:16.0650 1260 C:\Windows\System32\ksuser.dll - ok
18:09:16.0650 1260 [ D205C24A9D069049FE2DF2A1B38726A7 ] C:\Windows\System32\wdmaud.drv
18:09:16.0650 1260 C:\Windows\System32\wdmaud.drv - ok
18:09:16.0650 1260 [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\System32\WindowsCodecs.dll
18:09:16.0650 1260 C:\Windows\System32\WindowsCodecs.dll - ok
18:09:16.0650 1260 [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\System32\winbrand.dll
18:09:16.0650 1260 C:\Windows\System32\winbrand.dll - ok
18:09:16.0666 1260 [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\System32\AudioSes.dll
18:09:16.0666 1260 C:\Windows\System32\AudioSes.dll - ok
18:09:16.0666 1260 [ 65BF13016A3C22775F3E17591AE5268A ] C:\Windows\System32\VaultCredProvider.dll
18:09:16.0666 1260 C:\Windows\System32\VaultCredProvider.dll - ok
18:09:16.0666 1260 [ 05BF975CA428E04B462FB90841B37C95 ] C:\Windows\System32\SmartcardCredentialProvider.dll
18:09:16.0666 1260 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
18:09:16.0666 1260 [ E59F08ED9D2A128CE436BBFC232247F6 ] C:\Windows\System32\BioCredProv.dll
18:09:16.0666 1260 C:\Windows\System32\BioCredProv.dll - ok
18:09:16.0666 1260 [ 3FAD263CE1E2A6FFF40D00043B2275E3 ] C:\Windows\System32\winbio.dll
18:09:16.0666 1260 C:\Windows\System32\winbio.dll - ok
18:09:16.0666 1260 [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\System32\netprofm.dll
18:09:16.0666 1260 C:\Windows\System32\netprofm.dll - ok
18:09:16.0666 1260 [ 9835584E999D25004E1EE8E5F3E3B881 ] C:\Windows\System32\MPSSVC.dll
18:09:16.0666 1260 C:\Windows\System32\MPSSVC.dll - ok
18:09:16.0681 1260 [ 7520EC808E0C35E0EE6F841294316653 ] C:\Windows\System32\drivers\fltMgr.sys
18:09:16.0681 1260 C:\Windows\System32\drivers\fltMgr.sys - ok
18:09:16.0681 1260 [ D93A937A2A9D2CBC06B3A615A197011F ] C:\Windows\System32\PSHED.DLL
18:09:16.0681 1260 C:\Windows\System32\PSHED.DLL - ok
18:09:16.0681 1260 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
18:09:16.0681 1260 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
18:09:16.0681 1260 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97 ] C:\Windows\System32\eappcfg.dll
18:09:16.0681 1260 C:\Windows\System32\eappcfg.dll - ok
18:09:16.0681 1260 [ 108C2CFA5527458C096A699929ECBD80 ] C:\Windows\System32\credui.dll
18:09:16.0681 1260 C:\Windows\System32\credui.dll - ok
18:09:16.0681 1260 [ 6D8CACF3B1B54943EFCF420C2D667B37 ] C:\Windows\System32\certCredProvider.dll
18:09:16.0681 1260 C:\Windows\System32\certCredProvider.dll - ok
18:09:16.0697 1260 [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\System32\netapi32.dll
18:09:16.0697 1260 C:\Windows\System32\netapi32.dll - ok
18:09:16.0697 1260 [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\System32\netutils.dll
18:09:16.0697 1260 C:\Windows\System32\netutils.dll - ok
18:09:16.0697 1260 [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\System32\samcli.dll
18:09:16.0697 1260 C:\Windows\System32\samcli.dll - ok
18:09:16.0697 1260 [ 36B8D5903CEEF0AA42A1EE002BD27FF1 ] C:\Windows\System32\vaultcli.dll
18:09:16.0697 1260 C:\Windows\System32\vaultcli.dll - ok
18:09:16.0697 1260 [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\System32\wkscli.dll
18:09:16.0697 1260 C:\Windows\System32\wkscli.dll - ok
18:09:16.0697 1260 [ FFE4BEC5C187C426A17AE76A773063A6 ] C:\Windows\System32\rasplap.dll
18:09:16.0697 1260 C:\Windows\System32\rasplap.dll - ok
18:09:16.0697 1260 [ C1585EAA67C37A05BF6F93726FAFC069 ] C:\Windows\System32\l2gpstore.dll
18:09:16.0697 1260 C:\Windows\System32\l2gpstore.dll - ok
18:09:16.0713 1260 [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\System32\wlanutil.dll
18:09:16.0713 1260 C:\Windows\System32\wlanutil.dll - ok
18:09:16.0713 1260 [ 749F9795F01C35EEBE100A87D82B9681 ] C:\Windows\System32\wlgpclnt.dll
18:09:16.0713 1260 C:\Windows\System32\wlgpclnt.dll - ok
18:09:16.0713 1260 [ 9419ABF3163B6F0E3AD3DD2B381C879F ] C:\Windows\System32\WinSCard.dll
18:09:16.0713 1260 C:\Windows\System32\WinSCard.dll - ok
18:09:16.0713 1260 [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\System32\msxml6.dll
18:09:16.0713 1260 C:\Windows\System32\msxml6.dll - ok
18:09:16.0713 1260 [ 414DA952A35BF5D50192E28263B40577 ] C:\Windows\System32\shsvcs.dll
18:09:16.0713 1260 C:\Windows\System32\shsvcs.dll - ok
18:09:16.0713 1260 [ A04BB13F8A72F8B6E8B4071723E4E336 ] C:\Windows\System32\schedsvc.dll
18:09:16.0713 1260 C:\Windows\System32\schedsvc.dll - ok
18:09:16.0728 1260 [ 6F44F5C0BC6B210FE5F5A1C8D899AD0A ] C:\Windows\System32\wlanext.exe
18:09:16.0728 1260 C:\Windows\System32\wlanext.exe - ok
18:09:16.0728 1260 [ 310E9119D0A1CFDF1DA897089B533D81 ] C:\Windows\System32\conhost.exe
18:09:16.0728 1260 C:\Windows\System32\conhost.exe - ok
18:09:16.0728 1260 [ 38B13C0DF479DBA23ECFA815159BA86E ] C:\Windows\System32\ktmw32.dll
18:09:16.0728 1260 C:\Windows\System32\ktmw32.dll - ok
18:09:16.0728 1260 [ 7E0AB74553476622FB6AE36F73D97D35 ] C:\Windows\System32\drivers\fastfat.sys
18:09:16.0728 1260 C:\Windows\System32\drivers\fastfat.sys - ok
18:09:16.0728 1260 [ E6D90DC604F407B3B5E0FD285E46B2A0 ] C:\Windows\System32\fveapi.dll
18:09:16.0728 1260 C:\Windows\System32\fveapi.dll - ok
18:09:16.0728 1260 [ C87F28A34B3840F4B40011D170B1A159 ] C:\Windows\System32\fvecerts.dll
18:09:16.0728 1260 C:\Windows\System32\fvecerts.dll - ok
18:09:16.0728 1260 [ EAFC149CD3BD78C443E31BB157841197 ] C:\Windows\System32\tbs.dll
18:09:16.0728 1260 C:\Windows\System32\tbs.dll - ok
18:09:16.0744 1260 [ 2340C5AF07B6C95C70803DBDFFBFE760 ] C:\Windows\System32\bcmihvsrv.dll
18:09:16.0744 1260 C:\Windows\System32\bcmihvsrv.dll - ok
18:09:16.0744 1260 [ B010CF886420EE29C2C276646721D255 ] C:\Windows\System32\wlanapi.dll
18:09:16.0744 1260 C:\Windows\System32\wlanapi.dll - ok
18:09:16.0744 1260 [ 1C3E8371377E988B683797A132EFFE1B ] C:\Windows\System32\taskcomp.dll
18:09:16.0744 1260 C:\Windows\System32\taskcomp.dll - ok
18:09:16.0744 1260 [ 77EA11B065E0A8AB902D78145CA51E10 ] C:\Windows\System32\drivers\cdfs.sys
18:09:16.0744 1260 C:\Windows\System32\drivers\cdfs.sys - ok
18:09:16.0744 1260 [ E2D56AE1D40E3725084054CD8E9CFBB1 ] C:\Windows\System32\wiarpc.dll
18:09:16.0744 1260 C:\Windows\System32\wiarpc.dll - ok
18:09:16.0744 1260 [ D2958325C1AE1AE37A83334C6229E3BC ] C:\Windows\System32\actxprxy.dll
18:09:16.0744 1260 C:\Windows\System32\actxprxy.dll - ok
18:09:16.0744 1260 [ 871917B07A141BFF43D76D8844D48106 ] C:\Windows\System32\drivers\http.sys
18:09:16.0744 1260 C:\Windows\System32\drivers\http.sys - ok
18:09:16.0759 1260 [ 866A43013535DC8587C258E43579C764 ] C:\Windows\System32\spoolsv.exe
18:09:16.0759 1260 C:\Windows\System32\spoolsv.exe - ok
18:09:16.0759 1260 [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\System32\rasapi32.dll
18:09:16.0759 1260 C:\Windows\System32\rasapi32.dll - ok
18:09:16.0759 1260 [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\System32\rasman.dll
18:09:16.0759 1260 C:\Windows\System32\rasman.dll - ok
18:09:16.0759 1260 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\System32\rtutils.dll
18:09:16.0759 1260 C:\Windows\System32\rtutils.dll - ok
18:09:16.0759 1260 [ 5A12C364AD1D4FCC0AD0E56DBBC34462 ] C:\Windows\System32\midimap.dll
18:09:16.0759 1260 C:\Windows\System32\midimap.dll - ok
18:09:16.0759 1260 [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\System32\msacm32.dll
18:09:16.0759 1260 C:\Windows\System32\msacm32.dll - ok
18:09:16.0775 1260 [ 07393A09C46083588E751B63B03C8301 ] C:\Windows\System32\msacm32.drv
18:09:16.0775 1260 C:\Windows\System32\msacm32.drv - ok
18:09:16.0775 1260 [ 1FF7E4F548C7C372C804938F0D5B36AE ] C:\Windows\System32\netcfgx.dll
18:09:16.0775 1260 C:\Windows\System32\netcfgx.dll - ok
18:09:16.0775 1260 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] C:\Windows\System32\drivers\vwifimp.sys
18:09:16.0775 1260 C:\Windows\System32\drivers\vwifimp.sys - ok
18:09:16.0775 1260 [ A12829E9974F57E9B5DBFEA7C93190F6 ] C:\Windows\System32\UXInit.dll
18:09:16.0775 1260 C:\Windows\System32\UXInit.dll - ok
18:09:16.0775 1260 [ 1E2BAC209D184BB851E1A187D8A29136 ] C:\Windows\System32\BFE.DLL
18:09:16.0775 1260 C:\Windows\System32\BFE.DLL - ok
18:09:16.0775 1260 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] C:\Windows\System32\drivers\bowser.sys
18:09:16.0775 1260 C:\Windows\System32\drivers\bowser.sys - ok
18:09:16.0775 1260 [ BBA9D5A730D5E304117AD26923EBD8AA ] C:\Windows\System32\AudioEng.dll
18:09:16.0775 1260 C:\Windows\System32\AudioEng.dll - ok
18:09:16.0791 1260 [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\System32\imageres.dll
18:09:16.0791 1260 C:\Windows\System32\imageres.dll - ok
18:09:16.0791 1260 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] C:\Windows\System32\drivers\mpsdrv.sys
18:09:16.0791 1260 C:\Windows\System32\drivers\mpsdrv.sys - ok
18:09:16.0791 1260 [ 96F0F8F4DEE598C8D12AD9633E0CFE2A ] C:\Windows\System32\AUDIOKSE.dll
18:09:16.0791 1260 C:\Windows\System32\AUDIOKSE.dll - ok
18:09:16.0791 1260 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] C:\Windows\System32\drivers\mrxsmb.sys
18:09:16.0791 1260 C:\Windows\System32\drivers\mrxsmb.sys - ok
18:09:16.0791 1260 [ DE6D1F43385A5FAA031520EE88F8374A ] C:\Windows\System32\SFFXSAPO.dll
18:09:16.0791 1260 C:\Windows\System32\SFFXSAPO.dll - ok
18:09:16.0791 1260 [ 019C372B1A9DA73A22D0D35A4D40F5C9 ] C:\Windows\System32\wfapigp.dll
18:09:16.0791 1260 C:\Windows\System32\wfapigp.dll - ok
18:09:16.0791 1260 [ 6D17A4791ACA19328C685D256349FEFC ] C:\Windows\System32\drivers\mrxsmb10.sys
18:09:16.0791 1260 C:\Windows\System32\drivers\mrxsmb10.sys - ok
18:09:16.0806 1260 [ B3ABD0ADF7EE5A79A59105FD8CFE3623 ] C:\Windows\System32\SFFXProc.dll
18:09:16.0806 1260 C:\Windows\System32\SFFXProc.dll - ok
18:09:16.0806 1260 [ B81F204D146000BE76651A50670A5E9E ] C:\Windows\System32\drivers\mrxsmb20.sys
18:09:16.0806 1260 C:\Windows\System32\drivers\mrxsmb20.sys - ok
18:09:16.0806 1260 [ EB0A59F29C19B86479D36B35983DAADC ] C:\Windows\System32\drivers\parvdm.sys
18:09:16.0806 1260 C:\Windows\System32\drivers\parvdm.sys - ok
18:09:16.0806 1260 [ 58405E4F68BA8E4057C6E914F326ABA2 ] C:\Windows\System32\wkssvc.dll
18:09:16.0806 1260 C:\Windows\System32\wkssvc.dll - ok
18:09:16.0806 1260 [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\System32\mscms.dll
18:09:16.0806 1260 C:\Windows\System32\mscms.dll - ok
18:09:16.0806 1260 [ 358AB7956D3160000726574083DFC8A6 ] C:\Windows\System32\pcasvc.dll
18:09:16.0806 1260 C:\Windows\System32\pcasvc.dll - ok
18:09:16.0822 1260 [ 6A984831644ECA1A33FFEAE4126F4F37 ] C:\Windows\System32\snmptrap.exe
18:09:16.0822 1260 C:\Windows\System32\snmptrap.exe - ok
18:09:16.0822 1260 [ E223D2851906B84F52E1B75EA16198F9 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll
18:09:16.0822 1260 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ServiceModelEvents.dll - ok
18:09:16.0822 1260 [ 30DB37B14B0DDC4EC16193F8D0718B11 ] C:\Windows\System32\AEADIAPR.dll
18:09:16.0822 1260 C:\Windows\System32\AEADIAPR.dll - ok
18:09:16.0822 1260 [ A2F17346CC5C502D4E29EF986BD17D34 ] C:\Windows\System32\PeerDistSh.dll
18:09:16.0822 1260 C:\Windows\System32\PeerDistSh.dll - ok
18:09:16.0822 1260 [ D318F23BE45D5E3A107469EB64815B50 ] C:\Windows\System32\sstpsvc.dll
18:09:16.0822 1260 C:\Windows\System32\sstpsvc.dll - ok
18:09:16.0822 1260 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] C:\Windows\System32\provsvc.dll
18:09:16.0822 1260 C:\Windows\System32\provsvc.dll - ok
18:09:16.0822 1260 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:09:16.0822 1260 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
18:09:16.0837 1260 [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
18:09:16.0837 1260 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
18:09:16.0837 1260 [ 4DC6B0772D1698F04FC79053A21C8260 ] C:\Windows\System32\AEADISRV.EXE
18:09:16.0837 1260 C:\Windows\System32\AEADISRV.EXE - ok
18:09:16.0837 1260 [ A5299D04ED225D64CF07A568A3E1BF8C ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:09:16.0837 1260 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
18:09:16.0837 1260 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
18:09:16.0837 1260 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
18:09:16.0837 1260 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
18:09:16.0837 1260 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
18:09:16.0837 1260 [ 5937E46ECDCD514C7A74D64E4EF5E21D ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
18:09:16.0837 1260 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
18:09:16.0853 1260 [ D339D7F6E52AECCA9C0898CB547B2902 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
18:09:16.0853 1260 C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
18:09:16.0853 1260 [ 5F3347EBA403EE64780980A5BAF10304 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
18:09:16.0853 1260 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
18:09:16.0853 1260 [ 1F942930893ED98204AE67260E03EE26 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
18:09:16.0853 1260 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
18:09:16.0853 1260 [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\System32\wsock32.dll
18:09:16.0853 1260 C:\Windows\System32\wsock32.dll - ok
18:09:16.0853 1260 [ 26655CA3645C49DA4A79AC18FE84EE11 ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
18:09:16.0853 1260 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
18:09:16.0853 1260 [ 09B7E7CD6F202247B3CF2306108589C2 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
18:09:16.0869 1260 [ E5B6D88B36BDDAD5039764FBF80284DD ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
18:09:16.0869 1260 [ 1D75BC73585969F41BA7EF0C882DFF2B ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
18:09:16.0869 1260 [ FC7A868DECC3AB027F29178EC8A7F252 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
18:09:16.0869 1260 [ 24AA9776D6AB032071B61C88089AEA59 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
18:09:16.0869 1260 [ 4E4EDF9CA82E95BAB2977DD9F21B00F6 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
18:09:16.0869 1260 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
18:09:16.0869 1260 [ 062373995EAE5F0EAC9EAA9192136BFB ] C:\Windows\System32\dnssd.dll
18:09:16.0869 1260 C:\Windows\System32\dnssd.dll - ok
18:09:16.0884 1260 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] C:\Program Files\Bonjour\mDNSResponder.exe
18:09:16.0884 1260 C:\Program Files\Bonjour\mDNSResponder.exe - ok
18:09:16.0884 1260 [ 96C0E38905CFD788313BE8E11DAE3F2F ] C:\Windows\System32\cryptsvc.dll
18:09:16.0884 1260 C:\Windows\System32\cryptsvc.dll - ok
18:09:16.0884 1260 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] C:\Windows\System32\dps.dll
18:09:16.0884 1260 C:\Windows\System32\dps.dll - ok
18:09:16.0884 1260 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] C:\Windows\System32\FDResPub.dll
18:09:16.0884 1260 C:\Windows\System32\FDResPub.dll - ok
18:09:16.0884 1260 [ F95622F161474511B8D80D6B093AA610 ] C:\Windows\System32\IKEEXT.DLL
18:09:16.0884 1260 C:\Windows\System32\IKEEXT.DLL - ok
18:09:16.0884 1260 [ 5845B1C54380FB980F68024B3A8B1E66 ] C:\Windows\System32\vpnikeapi.dll
18:09:16.0884 1260 C:\Windows\System32\vpnikeapi.dll - ok
18:09:16.0900 1260 [ 73F6C5223F7E9B5780DD4A6C30FCF569 ] C:\Windows\System32\WSDApi.dll
18:09:16.0900 1260 C:\Windows\System32\WSDApi.dll - ok
18:09:16.0900 1260 [ 0E1B02C9CC352A1F61703B7D1A8A2C45 ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
18:09:16.0900 1260 C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
18:09:16.0900 1260 [ DB846EECA70EE9D2E2FF31147C57B0F4 ] C:\Windows\System32\webservices.dll
18:09:16.0900 1260 C:\Windows\System32\webservices.dll - ok
18:09:16.0900 1260 [ 837608240884733792DDAE81E50B802A ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
18:09:16.0900 1260 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok
18:09:16.0900 1260 [ CA79539D3D4C0BA66F0F051A5EE5E923 ] C:\Windows\System32\cryptnet.dll
18:09:16.0900 1260 C:\Windows\System32\cryptnet.dll - ok
18:09:16.0900 1260 [ 89D90579E5FB1469CB0464F6512E42B7 ] C:\Windows\System32\fundisc.dll
18:09:16.0900 1260 C:\Windows\System32\fundisc.dll - ok
18:09:16.0915 1260 [ 8195B745A9C3235E4715F0A1B59206CF ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
18:09:16.0915 1260 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
18:09:16.0915 1260 [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\System32\winhttp.dll
18:09:16.0915 1260 C:\Windows\System32\winhttp.dll - ok
18:09:16.0915 1260 [ E53B389AABC47A86A41884E94C9A3012 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
18:09:16.0915 1260 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
18:09:16.0915 1260 [ 240D42CBD1691C6B7D54AF4E3365BAAC ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
18:09:16.0915 1260 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
18:09:16.0915 1260 [ 282F84E0096499C42102D7234A4D14EF ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
18:09:16.0915 1260 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
18:09:16.0915 1260 [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\System32\webio.dll
18:09:16.0915 1260 C:\Windows\System32\webio.dll - ok
18:09:16.0915 1260 [ 8CD1DEE212E52B9C22E66DBA44991D32 ] C:\Windows\System32\httpapi.dll
18:09:16.0915 1260 C:\Windows\System32\httpapi.dll - ok
18:09:16.0931 1260 [ 13337A3FB17F2242487FD45488ED0485 ] C:\Windows\System32\vssapi.dll
18:09:16.0931 1260 C:\Windows\System32\vssapi.dll - ok
18:09:16.0931 1260 [ D6D4130C0BBC0D18C2DA703CC38260A9 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll
18:09:16.0931 1260 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlos.dll - ok
18:09:16.0931 1260 [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll
18:09:16.0931 1260 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\opends60.dll - ok
18:09:16.0931 1260 [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll
18:09:16.0931 1260 C:\Program Files\Microsoft SQL Server\90\Shared\instapi.dll - ok
18:09:16.0931 1260 [ 1AF54261C283BAFB021B3D84A7BAE978 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll
18:09:16.0931 1260 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok
18:09:16.0931 1260 [ 247FE8DEFBB95A4319C7B4B215F92891 ] C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll
18:09:16.0931 1260 C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
18:09:16.0947 1260 [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\System32\cscapi.dll
18:09:16.0947 1260 C:\Windows\System32\cscapi.dll - ok
18:09:16.0947 1260 [ B940289C83121046BD6A60ACC6028593 ] C:\Windows\System32\vsstrace.dll
18:09:16.0947 1260 C:\Windows\System32\vsstrace.dll - ok
18:09:16.0947 1260 [ 9E0104BA49F4E6973749A02BF41344ED ] C:\Windows\System32\drivers\PEAuth.sys
18:09:16.0947 1260 C:\Windows\System32\drivers\PEAuth.sys - ok
18:09:16.0947 1260 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\Windows\System32\drivers\secdrv.sys
18:09:16.0947 1260 C:\Windows\System32\drivers\secdrv.sys - ok
18:09:16.0947 1260 [ 75EA62927355189876081EF863064982 ] C:\Windows\System32\ncsi.dll
18:09:16.0947 1260 C:\Windows\System32\ncsi.dll - ok
18:09:16.0947 1260 [ 912084381D30D8B89EC4E293053F4710 ] C:\Windows\System32\nlasvc.dll
18:09:16.0947 1260 C:\Windows\System32\nlasvc.dll - ok
18:09:16.0962 1260 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
18:09:16.0962 1260 C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe - ok
18:09:16.0962 1260 [ 28E2231BD34A39C854BDF3923AB2FF86 ] C:\Windows\System32\ssdpapi.dll
18:09:16.0962 1260 C:\Windows\System32\ssdpapi.dll - ok
18:09:16.0962 1260 [ D89083C4EB02DACA8F944B0E05E57F9D ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:09:16.0962 1260 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
18:09:16.0962 1260 [ 0D77436DA61BE7338BC600F0D8773331 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
18:09:16.0962 1260 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
18:09:16.0962 1260 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] C:\Windows\System32\drivers\srvnet.sys
18:09:16.0962 1260 C:\Windows\System32\drivers\srvnet.sys - ok
18:09:16.0962 1260 [ CCA24162E055C3714CE5A88B100C64ED ] C:\Windows\System32\drivers\tcpipreg.sys
18:09:16.0962 1260 C:\Windows\System32\drivers\tcpipreg.sys - ok
18:09:16.0962 1260 [ 36650D618CA34C9D357DFD3D89B2C56F ] C:\Windows\System32\sysmain.dll
18:09:16.0962 1260 C:\Windows\System32\sysmain.dll - ok
18:09:16.0978 1260 [ E7C84A8A763C460FE182F4DCBC17B9DC ] C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
18:09:16.0978 1260 C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe - ok
18:09:16.0978 1260 [ F62E510B6AD4C21EB9FE8668ED251826 ] C:\Windows\System32\wbem\WMIsvc.dll
18:09:16.0978 1260 C:\Windows\System32\wbem\WMIsvc.dll - ok
18:09:16.0978 1260 [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
18:09:16.0978 1260 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
18:09:16.0978 1260 [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\System32\wbemcomn.dll
18:09:16.0978 1260 C:\Windows\System32\wbemcomn.dll - ok
18:09:16.0978 1260 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] C:\Windows\System32\trkwks.dll
18:09:16.0978 1260 C:\Windows\System32\trkwks.dll - ok
18:09:16.0978 1260 [ 881D9F2D6E04E1C323050CF1574870F7 ] C:\Windows\System32\wbem\WinMgmtR.dll
18:09:16.0978 1260 C:\Windows\System32\wbem\WinMgmtR.dll - ok
18:09:16.0993 1260 [ 701C9EB15E1E23D22F7C7184C0506673 ] C:\Windows\System32\wbem\WmiDcPrv.dll
18:09:16.0993 1260 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
18:09:16.0993 1260 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\System32\winspool.drv
18:09:16.0993 1260 C:\Windows\System32\winspool.drv - ok
18:09:16.0993 1260 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\System32\wbem\fastprox.dll
18:09:16.0993 1260 C:\Windows\System32\wbem\fastprox.dll - ok
18:09:16.0993 1260 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] C:\Windows\System32\drivers\srv2.sys
18:09:16.0993 1260 C:\Windows\System32\drivers\srv2.sys - ok
18:09:16.0993 1260 [ 533631FE7DB9FF2A1D456A3D15A2DD46 ] C:\Windows\System32\icmp.dll
18:09:16.0993 1260 C:\Windows\System32\icmp.dll - ok
18:09:16.0993 1260 [ 4D65A07B795D6674312F879D09AA7663 ] C:\Windows\System32\iphlpsvc.dll
18:09:16.0993 1260 C:\Windows\System32\iphlpsvc.dll - ok
18:09:16.0993 1260 [ D4736C399E642359740482AAE7AAF91F ] C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
18:09:16.0993 1260 C:\Program Files\NETGEAR\WNA3100\WifiLib.dll - ok
18:09:17.0009 1260 [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\System32\ntdsapi.dll
18:09:17.0009 1260 C:\Windows\System32\ntdsapi.dll - ok
18:09:17.0009 1260 [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\System32\wbem\wbemprox.dll
18:09:17.0009 1260 C:\Windows\System32\wbem\wbemprox.dll - ok
18:09:17.0009 1260 [ CE292C4C10B8DB6070F262EA2733F0DC ] C:\Windows\System32\sqmapi.dll
18:09:17.0009 1260 C:\Windows\System32\sqmapi.dll - ok
18:09:17.0009 1260 [ C82519398737215BF7B0406C36791220 ] C:\Program Files\NETGEAR\WNA3100\wps_api.dll
18:09:17.0009 1260 C:\Program Files\NETGEAR\WNA3100\wps_api.dll - ok
18:09:17.0009 1260 [ F19EF622B44422E5DDB75D0AE1ACB427 ] C:\Windows\System32\Packet.dll
18:09:17.0009 1260 C:\Windows\System32\Packet.dll - ok
18:09:17.0009 1260 [ A399514D3B28C9A3453A486BBAAFF1C7 ] C:\Windows\System32\wdscore.dll
18:09:17.0009 1260 C:\Windows\System32\wdscore.dll - ok
18:09:17.0025 1260 [ B9730495E0CF674680121E34BD95A73B ] C:\Windows\System32\drivers\npf.sys
18:09:17.0025 1260 C:\Windows\System32\drivers\npf.sys - ok
18:09:17.0025 1260 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] C:\Windows\System32\drivers\srv.sys
18:09:17.0025 1260 C:\Windows\System32\drivers\srv.sys - ok
18:09:17.0025 1260 [ 6383C60EC0133B14F5705F96369421B2 ] C:\Windows\System32\hnetcfg.dll
18:09:17.0025 1260 C:\Windows\System32\hnetcfg.dll - ok
18:09:17.0025 1260 [ 45D9F6CD2469CDB6A640DD4BD2B01471 ] C:\Windows\System32\nci.dll
18:09:17.0025 1260 C:\Windows\System32\nci.dll - ok
18:09:17.0025 1260 [ 585EB475E7AF55C9065256E8FFB751A1 ] C:\Windows\System32\wbem\wbemcore.dll
18:09:17.0025 1260 C:\Windows\System32\wbem\wbemcore.dll - ok
18:09:17.0025 1260 [ 5AE88135C6A86FCD67BA16AFBB1C8389 ] C:\Windows\System32\wbem\esscli.dll
18:09:17.0025 1260 C:\Windows\System32\wbem\esscli.dll - ok
18:09:17.0025 1260 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] C:\Windows\System32\browser.dll
18:09:17.0025 1260 C:\Windows\System32\browser.dll - ok
18:09:17.0040 1260 [ D64AF876D53ECA3668BB97B51B4E70AB ] C:\Windows\System32\srvsvc.dll
18:09:17.0040 1260 C:\Windows\System32\srvsvc.dll - ok
18:09:17.0040 1260 [ E4B72E71EC37A59FE574A998A0C0EB9B ] C:\Windows\System32\netmsg.dll
18:09:17.0040 1260 C:\Windows\System32\netmsg.dll - ok
18:09:17.0040 1260 [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\System32\wbem\wbemsvc.dll
18:09:17.0040 1260 C:\Windows\System32\wbem\wbemsvc.dll - ok
18:09:17.0040 1260 [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\System32\NapiNSP.dll
18:09:17.0040 1260 C:\Windows\System32\NapiNSP.dll - ok
18:09:17.0040 1260 [ AE9898D5600A232CD8AE3298692162E5 ] C:\Windows\System32\clusapi.dll
18:09:17.0040 1260 C:\Windows\System32\clusapi.dll - ok
18:09:17.0040 1260 [ 89E783711AF91AF09E1EF30EF3107446 ] C:\Windows\System32\sscore.dll
18:09:17.0040 1260 C:\Windows\System32\sscore.dll - ok
18:09:17.0040 1260 [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\System32\wbem\wmiutils.dll
18:09:17.0040 1260 C:\Windows\System32\wbem\wmiutils.dll - ok
18:09:17.0056 1260 [ 2AF094C822BD6094F14A8E85FB51D52A ] C:\Windows\System32\resutils.dll
18:09:17.0056 1260 C:\Windows\System32\resutils.dll - ok
18:09:17.0056 1260 [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\System32\pnrpnsp.dll
18:09:17.0056 1260 C:\Windows\System32\pnrpnsp.dll - ok
18:09:17.0056 1260 [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\System32\winrnr.dll
18:09:17.0056 1260 C:\Windows\System32\winrnr.dll - ok
18:09:17.0056 1260 [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\System32\browcli.dll
18:09:17.0056 1260 C:\Windows\System32\browcli.dll - ok
18:09:17.0056 1260 [ 40947436A70E0034E41123DF5A0A7702 ] C:\Program Files\Bonjour\mdnsNSP.dll
18:09:17.0056 1260 C:\Program Files\Bonjour\mdnsNSP.dll - ok
18:09:17.0056 1260 [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\System32\rasadhlp.dll
18:09:17.0056 1260 C:\Windows\System32\rasadhlp.dll - ok
18:09:17.0071 1260 [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\System32\mscoree.dll
18:09:17.0071 1260 C:\Windows\System32\mscoree.dll - ok
18:09:17.0071 1260 [ A63DC5C2EA944E6657203E0C8EDEAF61 ] C:\Windows\System32\dllhost.exe
18:09:17.0071 1260 C:\Windows\System32\dllhost.exe - ok
18:09:17.0071 1260 [ 371E3B05894549113D07CD3081ED55EF ] C:\Windows\System32\wbem\repdrvfs.dll
18:09:17.0071 1260 C:\Windows\System32\wbem\repdrvfs.dll - ok
18:09:17.0071 1260 [ 0B31464B7B2D616BD5F7036673588EC1 ] C:\Windows\System32\IDStore.dll
18:09:17.0071 1260 C:\Windows\System32\IDStore.dll - ok
18:09:17.0071 1260 [ 7319102526BD11B45FD66335CF90CA12 ] C:\Windows\System32\HotStartUserAgent.dll
18:09:17.0071 1260 C:\Windows\System32\HotStartUserAgent.dll - ok
18:09:17.0071 1260 [ 72E953215CADE1A726C04AAFDF6B463D ] C:\Windows\System32\taskhost.exe
18:09:17.0071 1260 C:\Windows\System32\taskhost.exe - ok
18:09:17.0071 1260 [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\System32\mpr.dll
18:09:17.0071 1260 C:\Windows\System32\mpr.dll - ok
18:09:17.0087 1260 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD ] C:\Windows\System32\localspl.dll
18:09:17.0087 1260 C:\Windows\System32\localspl.dll - ok
18:09:17.0087 1260 [ 61AC3EFDFACFDD3F0F11DD4FD4044223 ] C:\Windows\System32\userinit.exe
18:09:17.0087 1260 C:\Windows\System32\userinit.exe - ok
18:09:17.0087 1260 [ 505BF4D1CADEB8D4F8BCD08D944DE25D ] C:\Windows\System32\dwm.exe
18:09:17.0087 1260 C:\Windows\System32\dwm.exe - ok
18:09:17.0087 1260 [ 754AFC50022C95DA7C86B7020DB78136 ] C:\Windows\System32\dwmredir.dll
18:09:17.0087 1260 C:\Windows\System32\dwmredir.dll - ok
18:09:17.0087 1260 [ B43687C534A49700BF4B3C9898763752 ] C:\Windows\System32\MsCtfMonitor.dll
18:09:17.0087 1260 C:\Windows\System32\MsCtfMonitor.dll - ok
18:09:17.0087 1260 [ 56CEED370508F69A1BA04939BD1BADDA ] C:\Windows\System32\msutb.dll
18:09:17.0087 1260 C:\Windows\System32\msutb.dll - ok
18:09:17.0087 1260 [ 497E59D9F01C6F247E72222A61835119 ] C:\Windows\System32\dwmcore.dll
18:09:17.0087 1260 C:\Windows\System32\dwmcore.dll - ok
18:09:17.0103 1260 [ F58516E2DC0D963EF70D6BFC21FD82C4 ] C:\Windows\System32\PlaySndSrv.dll
18:09:17.0103 1260 C:\Windows\System32\PlaySndSrv.dll - ok
18:09:17.0103 1260 [ 03CF941D031F30272D3063E5A4D686F5 ] C:\Windows\System32\PrintIsolationProxy.dll
18:09:17.0103 1260 C:\Windows\System32\PrintIsolationProxy.dll - ok
18:09:17.0103 1260 [ 629181C26A78EB66B0B4E774E5AC2882 ] C:\Windows\System32\spoolss.dll
18:09:17.0103 1260 C:\Windows\System32\spoolss.dll - ok
18:09:17.0103 1260 [ 126F8331BD023178C7F0EF2F5EDE16B3 ] C:\Windows\System32\FXSMON.dll
18:09:17.0103 1260 C:\Windows\System32\FXSMON.dll - ok
18:09:17.0103 1260 [ B390C1D825C7687493BEDE237C6C2F25 ] C:\Windows\System32\tcpmon.dll
18:09:17.0103 1260 C:\Windows\System32\tcpmon.dll - ok
18:09:17.0103 1260 [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\System32\snmpapi.dll
18:09:17.0103 1260 C:\Windows\System32\snmpapi.dll - ok
18:09:17.0118 1260 [ 6357E2B68753A1F5CF4A68A25C4FD14A ] C:\Windows\System32\wsnmp32.dll
18:09:17.0118 1260 C:\Windows\System32\wsnmp32.dll - ok
18:09:17.0118 1260 [ 6E05F39AF5B91CEE0D2A84501EEEDBD8 ] C:\Windows\System32\d3d10_1.dll
18:09:17.0118 1260 C:\Windows\System32\d3d10_1.dll - ok
18:09:17.0118 1260 [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\System32\d3d10_1core.dll
18:09:17.0118 1260 C:\Windows\System32\d3d10_1core.dll - ok
18:09:17.0118 1260 [ F34CFADA6C48DAA41B996D24C7D8D3CA ] C:\Windows\System32\fdPnp.dll
18:09:17.0118 1260 C:\Windows\System32\fdPnp.dll - ok
18:09:17.0118 1260 [ CD72C6406BA561BED6D42CB145E55307 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
18:09:17.0118 1260 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
18:09:17.0118 1260 [ 923CDD30092DB73EC4A0EBCDDD16C686 ] C:\Windows\System32\usbmon.dll
18:09:17.0118 1260 C:\Windows\System32\usbmon.dll - ok
18:09:17.0118 1260 [ A8EB761DE499242BECF153B2B34F020E ] C:\Windows\System32\WSDMon.dll
18:09:17.0118 1260 C:\Windows\System32\WSDMon.dll - ok
18:09:17.0134 1260 [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\System32\dxgi.dll
18:09:17.0134 1260 C:\Windows\System32\dxgi.dll - ok
18:09:17.0134 1260 [ 52CCA2E9FFD0653CACED1E808AADE4B6 ] C:\Windows\System32\win32spl.dll
18:09:17.0134 1260 C:\Windows\System32\win32spl.dll - ok
18:09:17.0134 1260 [ D27DDE7E0444C7F1819F958469EB7D93 ] C:\Windows\System32\inetpp.dll
18:09:17.0134 1260 C:\Windows\System32\inetpp.dll - ok
18:09:17.0134 1260 [ 40D777B7A95E00593EB1568C68514493 ] C:\Windows\explorer.exe
18:09:17.0134 1260 C:\Windows\explorer.exe - ok
18:09:17.0134 1260 [ C351F62A539D8725F7EF3216A3CD6B3B ] C:\Windows\System32\igd10umd32.dll
18:09:17.0134 1260 C:\Windows\System32\igd10umd32.dll - ok
18:09:17.0134 1260 [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\System32\ExplorerFrame.dll
18:09:17.0134 1260 C:\Windows\System32\ExplorerFrame.dll - ok
18:09:17.0134 1260 [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\System32\EhStorShell.dll
18:09:17.0134 1260 C:\Windows\System32\EhStorShell.dll - ok
18:09:17.0149 1260 [ 3EC541C196DE18ED9A0D0AC82A694D4C ] C:\Windows\System32\cscui.dll
18:09:17.0149 1260 C:\Windows\System32\cscui.dll - ok
18:09:17.0149 1260 [ 57A51217581614DE07F30E34D6BB4993 ] C:\Windows\System32\cscdll.dll
18:09:17.0149 1260 C:\Windows\System32\cscdll.dll - ok
18:09:17.0149 1260 [ EB77DB354791A5932CA559B6F6374E95 ] C:\Windows\System32\ntshrui.dll
18:09:17.0149 1260 C:\Windows\System32\ntshrui.dll - ok
18:09:17.0149 1260 [ 2100560AF3F7F2948F2676E44DFB4ECF ] C:\Windows\System32\uDWM.dll
18:09:17.0149 1260 C:\Windows\System32\uDWM.dll - ok
18:09:17.0149 1260 [ 523CF74A52C9A1762DA8B83AEE734498 ] C:\Windows\System32\IconCodecService.dll
18:09:17.0149 1260 C:\Windows\System32\IconCodecService.dll - ok
18:09:17.0149 1260 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
18:09:17.0149 1260 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
18:09:17.0165 1260 [ 99B9343280AF6A4C0F27CF2E28E94BBF ] C:\Windows\System32\dssenh.dll
18:09:17.0165 1260 C:\Windows\System32\dssenh.dll - ok
18:09:17.0165 1260 [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\System32\security.dll
18:09:17.0165 1260 C:\Windows\System32\security.dll - ok
18:09:17.0165 1260 [ 3CDE2911462FEC80064A409C07710C06 ] C:\Windows\System32\wbem\WmiPrvSD.dll
18:09:17.0165 1260 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
18:09:17.0165 1260 [ A4CC7227A452C4909F9499D91B184364 ] C:\Windows\System32\ncobjapi.dll
18:09:17.0165 1260 C:\Windows\System32\ncobjapi.dll - ok
18:09:17.0165 1260 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] C:\Windows\System32\wdi.dll
18:09:17.0165 1260 C:\Windows\System32\wdi.dll - ok
18:09:17.0165 1260 [ AA53356D60AF47EACC85BC617A4F3F66 ] C:\Windows\System32\wpdbusenum.dll
18:09:17.0165 1260 C:\Windows\System32\wpdbusenum.dll - ok
18:09:17.0181 1260 [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\System32\npmproxy.dll
18:09:17.0181 1260 C:\Windows\System32\npmproxy.dll - ok
18:09:17.0181 1260 [ ECF036299AA554B5E0455262857B39D0 ] C:\Windows\System32\diagperf.dll
18:09:17.0181 1260 C:\Windows\System32\diagperf.dll - ok
18:09:17.0181 1260 [ 7E82616BEE76BF5EAA5B30F681414E21 ] C:\Windows\System32\perftrack.dll
18:09:17.0181 1260 C:\Windows\System32\perftrack.dll - ok
18:09:17.0181 1260 [ E98278865E8DABA21CFE5FE4BE34210A ] C:\Windows\System32\PortableDeviceApi.dll
18:09:17.0181 1260 C:\Windows\System32\PortableDeviceApi.dll - ok
18:09:17.0181 1260 [ D99621C0735B21DCC8BC4FEF02F379EF ] C:\Windows\System32\Apphlpdm.dll
18:09:17.0181 1260 C:\Windows\System32\Apphlpdm.dll - ok
18:09:17.0181 1260 [ 590D5C506044FE02FF7643E32FF9BDAC ] C:\Windows\System32\wer.dll
18:09:17.0181 1260 C:\Windows\System32\wer.dll - ok
18:09:17.0181 1260 [ 8B794AE6D5C7D42092804BC39A2EB8F6 ] C:\Windows\System32\aepic.dll
18:09:17.0181 1260 C:\Windows\System32\aepic.dll - ok
18:09:17.0196 1260 [ F8E882C10AF4C29E378D1E28D4817CB1 ] C:\Windows\System32\pnpts.dll
18:09:17.0196 1260 C:\Windows\System32\pnpts.dll - ok
18:09:17.0196 1260 [ 7FFD52D73352806969D424EF327D10A7 ] C:\Windows\System32\radardt.dll
18:09:17.0196 1260 C:\Windows\System32\radardt.dll - ok
18:09:17.0196 1260 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\System32\sfc.dll
18:09:17.0196 1260 C:\Windows\System32\sfc.dll - ok
18:09:17.0196 1260 [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\System32\sfc_os.dll
18:09:17.0196 1260 C:\Windows\System32\sfc_os.dll - ok
18:09:17.0196 1260 [ F0016853FA3F38F55FD868FF74C0359B ] C:\Windows\System32\wdiasqmmodule.dll
18:09:17.0196 1260 C:\Windows\System32\wdiasqmmodule.dll - ok
18:09:17.0196 1260 [ C693E642ACFBDD76433AF6BE3C3EEE6F ] C:\Windows\System32\PortableDeviceConnectApi.dll
18:09:17.0196 1260 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
18:09:17.0196 1260 [ 1023EE888C9B47178C5293ED5336AB69 ] C:\Windows\System32\drivers\WUDFRd.sys
18:09:17.0196 1260 C:\Windows\System32\drivers\WUDFRd.sys - ok
18:09:17.0212 1260 [ 311A281F5199EC39711017530DC06B64 ] C:\Windows\System32\WUDFHost.exe
18:09:17.0212 1260 C:\Windows\System32\WUDFHost.exe - ok
18:09:17.0212 1260 [ 8549E6ABF8B270CC10C31B480239E116 ] C:\Windows\System32\WUDFx.dll
18:09:17.0212 1260 C:\Windows\System32\WUDFx.dll - ok
18:09:17.0212 1260 [ 7ABBDC3B08950992D218FA1E52D52A96 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
18:09:17.0212 1260 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
18:09:17.0212 1260 [ 0F416E23DD2EB4DEBE70608020CFD283 ] C:\Windows\System32\WMVCORE.DLL
18:09:17.0212 1260 C:\Windows\System32\WMVCORE.DLL - ok
18:09:17.0212 1260 [ A7DD56261518373F70F23079EB3CD0A2 ] C:\Windows\System32\WMASF.DLL
18:09:17.0212 1260 C:\Windows\System32\WMASF.DLL - ok
18:09:17.0212 1260 [ 81490FDAE27F0082E5CC2DC78DCA96FA ] C:\Windows\System32\PortableDeviceClassExtension.dll
18:09:17.0212 1260 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
18:09:17.0227 1260 [ C5C867CD7EFAC60D5021223E374DEEC5 ] C:\Windows\System32\dimsjob.dll
18:09:17.0227 1260 C:\Windows\System32\dimsjob.dll - ok
18:09:17.0227 1260 [ ADB45A977BD9E45790CA496DB84BA148 ] C:\Windows\System32\PortableDeviceTypes.dll
18:09:17.0227 1260 C:\Windows\System32\PortableDeviceTypes.dll - ok
18:09:17.0227 1260 [ 14486EB6AF542F2BD3239F7FC3E713F7 ] C:\Windows\System32\pautoenr.dll
18:09:17.0227 1260 C:\Windows\System32\pautoenr.dll - ok
18:09:17.0227 1260 [ 61B1ED5F429EFAC7E2036769870AB93E ] C:\Windows\System32\certcli.dll
18:09:17.0227 1260 C:\Windows\System32\certcli.dll - ok
18:09:17.0227 1260 [ 29BC473072568C072EC8B176498DE996 ] C:\Windows\System32\CertEnroll.dll
18:09:17.0227 1260 C:\Windows\System32\CertEnroll.dll - ok
18:09:17.0227 1260 [ B350509B6C9296529BC464C60FEEAEF1 ] C:\Windows\System32\wbem\wbemess.dll
18:09:17.0227 1260 C:\Windows\System32\wbem\wbemess.dll - ok
18:09:17.0227 1260 [ FB1959012294D6AD43E5304DF65E3C26 ] C:\Windows\System32\appinfo.dll
18:09:17.0227 1260 C:\Windows\System32\appinfo.dll - ok
18:09:17.0243 1260 [ D4191EFAB91E00FC09257AA5EBAF503B ] C:\Windows\System32\mprapi.dll
18:09:17.0243 1260 C:\Windows\System32\mprapi.dll - ok
18:09:17.0243 1260 [ 9A7B54D57594233EEB17892BAD309970 ] C:\Windows\System32\mprmsg.dll
18:09:17.0243 1260 C:\Windows\System32\mprmsg.dll - ok
18:09:17.0243 1260 [ F7FE730CE31B54145DEE1F1482BCCDD7 ] C:\Windows\System32\ndiscapCfg.dll
18:09:17.0243 1260 C:\Windows\System32\ndiscapCfg.dll - ok
18:09:17.0243 1260 [ 761A3A4038C1FD4F5795427907C28484 ] C:\Windows\System32\rascfg.dll
18:09:17.0243 1260 C:\Windows\System32\rascfg.dll - ok
18:09:17.0243 1260 [ CAFC0B884E5590B5E80D84F592388B3D ] C:\Windows\System32\tcpipcfg.dll
18:09:17.0243 1260 C:\Windows\System32\tcpipcfg.dll - ok
18:09:17.0243 1260 [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\System32\runonce.exe
18:09:17.0243 1260 C:\Windows\System32\runonce.exe - ok
18:09:17.0259 1260 [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\System32\cmd.exe
18:09:17.0259 1260 C:\Windows\System32\cmd.exe - ok
18:09:17.0259 1260 [ 78DE417B7921DACA072059E6BF410FC7 ] C:\Windows\System32\wshnetbs.dll
18:09:17.0259 1260 C:\Windows\System32\wshnetbs.dll - ok
18:09:17.0259 1260 [ 9E6AF823733C70E207D9FB6731A63B3D ] C:\Windows\System32\wlaninst.dll
18:09:17.0259 1260 C:\Windows\System32\wlaninst.dll - ok
18:09:17.0259 1260 [ D3EAB9BCB2B92EFCA615781C215644C0 ] C:\Windows\System32\ieframe.dll
18:09:17.0259 1260 C:\Windows\System32\ieframe.dll - ok
18:09:17.0259 1260 [ 5B6EF0861BB5AC0EC347548E85C24A1D ] C:\Windows\System32\wwaninst.dll
18:09:17.0259 1260 C:\Windows\System32\wwaninst.dll - ok
18:09:17.0259 1260 [ 51138BEEA3E2C21EC44D0932C71762A8 ] C:\Windows\System32\rundll32.exe
18:09:17.0259 1260 C:\Windows\System32\rundll32.exe - ok
18:09:17.0259 1260 [ 368B2BEE3F88BFB883D2C74A258DE6F6 ] C:\Windows\AppPatch\AcLayers.dll
18:09:17.0259 1260 C:\Windows\AppPatch\AcLayers.dll - ok
18:09:17.0274 1260 [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\System32\oleacc.dll
18:09:17.0274 1260 C:\Windows\System32\oleacc.dll - ok
18:09:17.0274 1260 [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\System32\shdocvw.dll
18:09:17.0274 1260 C:\Windows\System32\shdocvw.dll - ok
18:09:17.0274 1260 [ 178A34E5554DCE485E1262DDF027960C ] C:\Users\School #1\AppData\Local\Temp\8F81BB1C-6EAD-4452-8AB3-CA85BA85B5C9.exe
18:09:17.0274 1260 C:\Users\School #1\AppData\Local\Temp\8F81BB1C-6EAD-4452-8AB3-CA85BA85B5C9.exe - ok
18:09:17.0274 1260 [ C0B8B96D018849FD8CCF15FED84E8782 ] C:\Windows\System32\ie4uinit.exe
18:09:17.0274 1260 C:\Windows\System32\ie4uinit.exe - ok
18:09:17.0274 1260 [ F0FEFB0B5D25A75D478A4317139D937E ] C:\Windows\System32\iedkcs32.dll
18:09:17.0274 1260 C:\Windows\System32\iedkcs32.dll - ok
18:09:17.0274 1260 [ 83C9840CF87A0CA55526327801716D27 ] C:\Windows\System32\timedate.cpl
18:09:17.0274 1260 C:\Windows\System32\timedate.cpl - ok
18:09:17.0274 1260 [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\System32\linkinfo.dll
18:09:17.0274 1260 C:\Windows\System32\linkinfo.dll - ok
18:09:17.0290 1260 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] C:\Windows\System32\aelupsvc.dll
18:09:17.0290 1260 C:\Windows\System32\aelupsvc.dll - ok
18:09:17.0290 1260 [ 3A16EA01FCFAAB40882DB5BFEE632322 ] C:\Windows\System32\msftedit.dll
18:09:17.0290 1260 C:\Windows\System32\msftedit.dll - ok
18:09:17.0290 1260 [ 35AAE2E841AA1A949775168E119482C9 ] C:\Windows\System32\msls31.dll
18:09:17.0290 1260 C:\Windows\System32\msls31.dll - ok
18:09:17.0290 1260 [ 7896EFFDEE215C172BE724A64931EF1C ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
18:09:17.0290 1260 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
18:09:17.0290 1260 [ AFD15F701B550037FFDDE6B18171479D ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
18:09:17.0290 1260 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
18:09:17.0290 1260 [ 2A39F32E0067CBF221611FE1FA8C6D8F ] C:\Windows\System32\DeviceCenter.dll
18:09:17.0290 1260 C:\Windows\System32\DeviceCenter.dll - ok
18:09:17.0305 1260 [ 6581B52E133CC6D00661C58968C7E212 ] C:\Windows\System32\SearchFolder.dll
18:09:17.0305 1260 C:\Windows\System32\SearchFolder.dll - ok
18:09:17.0305 1260 [ 4B9E4CE667DF26ADA061AA81E9AA841D ] C:\Windows\System32\spfileq.dll
18:09:17.0305 1260 C:\Windows\System32\spfileq.dll - ok
18:09:17.0305 1260 [ 65C17199D33B35392124DC9A7CFCC49F ] C:\Program Files\Analog Devices\Core\smwdmif.dll
18:09:17.0305 1260 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
18:09:17.0305 1260 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:09:17.0305 1260 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
18:09:17.0305 1260 [ 5170D04359E5D54A06B084AA5D833115 ] C:\Program Files\Windows Photo Viewer\PhotoViewer.dll
18:09:17.0305 1260 C:\Program Files\Windows Photo Viewer\PhotoViewer.dll - ok
18:09:17.0305 1260 [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\System32\dsound.dll
18:09:17.0305 1260 C:\Windows\System32\dsound.dll - ok
18:09:17.0305 1260 [ 0CE4D3BD306DA6D1F6F233C403F5B667 ] C:\Windows\System32\msi.dll
18:09:17.0305 1260 C:\Windows\System32\msi.dll - ok
18:09:17.0321 1260 [ 19BC13711AC403FEB830522E4831701B ] C:\Windows\System32\gameux.dll
18:09:17.0321 1260 C:\Windows\System32\gameux.dll - ok
18:09:17.0321 1260 [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\System32\SensApi.dll
18:09:17.0321 1260 C:\Windows\System32\SensApi.dll - ok
18:09:17.0321 1260 [ C1648084C395152FBFA1B333D92056BC ] C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
18:09:17.0321 1260 C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe - ok
18:09:17.0321 1260 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F ] C:\Windows\System32\networkexplorer.dll
18:09:17.0321 1260 C:\Windows\System32\networkexplorer.dll - ok
18:09:17.0321 1260 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:09:17.0321 1260 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
18:09:17.0321 1260 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
18:09:17.0321 1260 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
18:09:17.0337 1260 [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
18:09:17.0337 1260 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
18:09:17.0337 1260 [ 672D7C5080ACB003343006405DA2E621 ] C:\Windows\System32\thumbcache.dll
18:09:17.0337 1260 C:\Windows\System32\thumbcache.dll - ok
18:09:17.0337 1260 [ F1278B3514EA6FA9BC39B20D26139AAC ] C:\Windows\System32\msiltcfg.dll
18:09:17.0337 1260 C:\Windows\System32\msiltcfg.dll - ok
18:09:17.0337 1260 [ F45ED8C4F9AF862CD9992849B5203C11 ] C:\Windows\System32\bitsigd.dll
18:09:17.0337 1260 C:\Windows\System32\bitsigd.dll - ok
18:09:17.0337 1260 [ 0552A8684BF7566F744D5B19FF6AEC6B ] C:\Windows\System32\bitsperf.dll
18:09:17.0337 1260 C:\Windows\System32\bitsperf.dll - ok
18:09:17.0337 1260 [ E585445D5021971FAE10393F0F1C3961 ] C:\Windows\System32\qmgr.dll
18:09:17.0337 1260 C:\Windows\System32\qmgr.dll - ok
18:09:17.0337 1260 [ 954EA9B34F155C844B11F4047A8F6F89 ] C:\Windows\System32\upnp.dll
18:09:17.0337 1260 C:\Windows\System32\upnp.dll - ok
18:09:17.0352 1260 [ 6EA1BF3F6E6B0613351411A3EB6B85A2 ] C:\Program Files\Ask.com\Updater\Updater.exe
18:09:17.0352 1260 C:\Program Files\Ask.com\Updater\Updater.exe - ok
18:09:17.0352 1260 [ D887C9FD02AC9FA880F6E5027A43E118 ] C:\Windows\System32\ssdpsrv.dll
18:09:17.0352 1260 C:\Windows\System32\ssdpsrv.dll - ok
18:09:17.0352 1260 [ 175383778EB24D98C84E624021E3AA0B ] C:\Windows\System32\aeevts.dll
18:09:17.0352 1260 C:\Windows\System32\aeevts.dll - ok
18:09:17.0352 1260 [ 2DDEA2C345DA5BC589EFD398F220DB0E ] C:\Windows\System32\SyncCenter.dll
18:09:17.0352 1260 C:\Windows\System32\SyncCenter.dll - ok
18:09:17.0352 1260 [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:09:17.0352 1260 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
18:09:17.0352 1260 [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\System32\msimg32.dll
18:09:17.0352 1260 C:\Windows\System32\msimg32.dll - ok
18:09:17.0368 1260 [ 1CDEA9188899E76D4FFD54C9D512CCDB ] C:\Windows\System32\msxml3.dll
18:09:17.0368 1260 C:\Windows\System32\msxml3.dll - ok
18:09:17.0368 1260 [ 4AFFDCAADCB1DBBFFAF06C7F82E7F6FC ] C:\Program Files\iTunes\iTunesHelper.exe
18:09:17.0368 1260 C:\Program Files\iTunes\iTunesHelper.exe - ok
18:09:17.0368 1260 [ 5CEDF292F4573A1F36CC7DE598ECCFC7 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
18:09:17.0368 1260 C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
18:09:17.0368 1260 [ BC0DF782D8C5C446C2AC7D16D2F3312C ] C:\Users\School #1\AppData\Roaming\mjusbsp\cdloader2.exe
18:09:17.0368 1260 C:\Users\School #1\AppData\Roaming\mjusbsp\cdloader2.exe - ok
18:09:17.0368 1260 [ 7619D9ABB017DEBB29D0793A9C2B64A8 ] C:\Program Files\DAEMON Tools Lite\DTLite.exe
18:09:17.0368 1260 C:\Program Files\DAEMON Tools Lite\DTLite.exe - ok
18:09:17.0368 1260 [ 5F30686DC1E9950F0C62AD7BAB4A2F3C ] C:\Program Files\NETGEAR\WNA3100\WNA3100.exe
18:09:17.0368 1260 C:\Program Files\NETGEAR\WNA3100\WNA3100.exe - ok
18:09:17.0383 1260 [ 7B845BFE314509D08AB5865CB141E332 ] C:\Program Files\iTunes\iTunesHelper.dll
18:09:17.0383 1260 C:\Program Files\iTunes\iTunesHelper.dll - ok
18:09:17.0383 1260 [ A7146C0C90D7BA0F251AC073E655D4D2 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
18:09:17.0383 1260 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
18:09:17.0383 1260 [ 9DEE004269DADEE715BD572410AA6076 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
18:09:17.0383 1260 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
18:09:17.0383 1260 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\Windows\System32\drivers\60763133.sys
18:09:17.0383 1260 C:\Windows\System32\drivers\60763133.sys - ok
18:09:17.0383 1260 [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\System32\qmgrprxy.dll
18:09:17.0383 1260 C:\Windows\System32\qmgrprxy.dll - ok
18:09:17.0383 1260 [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\System32\riched20.dll
18:09:17.0383 1260 C:\Windows\System32\riched20.dll - ok
18:09:17.0383 1260 [ E94037020D973D8CE196ADAA264BB19E ] C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll
18:09:17.0383 1260 C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll - ok
18:09:17.0399 1260 [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\System32\oledlg.dll
18:09:17.0399 1260 C:\Windows\System32\oledlg.dll - ok
18:09:17.0399 1260 [ 912649A1B3F9E6ACB3899FBDABA2ED5F ] C:\Windows\System32\stobject.dll
18:09:17.0399 1260 C:\Windows\System32\stobject.dll - ok
18:09:17.0399 1260 [ AAE606B26B42AE596B2D9FBBD35A3A19 ] C:\Program Files\DAEMON Tools Lite\Engine.dll
18:09:17.0399 1260 C:\Program Files\DAEMON Tools Lite\Engine.dll - ok
18:09:17.0399 1260 [ AB781C0E4C09E08F464081D17C0F6184 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
18:09:17.0399 1260 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
18:09:17.0399 1260 [ BC0EA61246F8D940FBC5F652D337D6BD ] C:\Program Files\iPod\bin\iPodService.exe
18:09:17.0399 1260 C:\Program Files\iPod\bin\iPodService.exe - ok
18:09:17.0399 1260 [ 67C1B58706B47EEBA4E117AC197289E6 ] C:\Windows\System32\batmeter.dll
18:09:17.0399 1260 C:\Windows\System32\batmeter.dll - ok
18:09:17.0415 1260 [ 314EAF513DFDDDD78CFF4DDAF2702727 ] C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll
18:09:17.0415 1260 C:\Program Files\NETGEAR\WNA3100\WifiSvcLib.dll - ok
18:09:17.0415 1260 [ 0DCA6A11D09D4C2CBE6B898B897EA915 ] C:\Windows\System32\UIAnimation.dll
18:09:17.0415 1260 C:\Windows\System32\UIAnimation.dll - ok
18:09:17.0415 1260 [ 1C7F1C3EA5894995E6C563E9AE9F029F ] C:\Windows\System32\l3codeca.acm
18:09:17.0415 1260 C:\Windows\System32\l3codeca.acm - ok
18:09:17.0415 1260 [ C8333F1F77A1B2E25F2202E892CAF634 ] C:\Windows\System32\prnfldr.dll
18:09:17.0415 1260 C:\Windows\System32\prnfldr.dll - ok
18:09:17.0415 1260 [ ADDB05C93272A62606599B24730BD645 ] C:\Windows\System32\DXP.dll
18:09:17.0415 1260 C:\Windows\System32\DXP.dll - ok
18:09:17.0415 1260 [ 856CFFCD835528136367BB1A8FE1DB87 ] C:\Windows\System32\Syncreg.dll
18:09:17.0415 1260 C:\Windows\System32\Syncreg.dll - ok
18:09:17.0415 1260 [ F8F03D206F7D5811D630349A23E9B9B9 ] C:\Windows\ehome\ehSSO.dll
18:09:17.0415 1260 C:\Windows\ehome\ehSSO.dll - ok
18:09:17.0430 1260 [ EAB975DB4C2805927FE5BD047D05C9AA ] C:\Windows\System32\netshell.dll
18:09:17.0430 1260 C:\Windows\System32\netshell.dll - ok
18:09:17.0430 1260 [ B2B3DAE040F6B5AE1DF52B0CD7631A18 ] C:\Windows\System32\AltTab.dll
18:09:17.0430 1260 C:\Windows\System32\AltTab.dll - ok
18:09:17.0430 1260 [ 735263DA17BF5BAF9CCD483843BF9D5A ] C:\Windows\System32\WPDShServiceObj.dll
18:09:17.0430 1260 C:\Windows\System32\WPDShServiceObj.dll - ok
18:09:17.0430 1260 [ 622D95520182F6D3D05310D5810CA8B3 ] C:\Windows\System32\SearchIndexer.exe
18:09:17.0430 1260 C:\Windows\System32\SearchIndexer.exe - ok
18:09:17.0430 1260 [ 3D6F22551D422F97AACB0BB927E4C846 ] C:\Windows\System32\pnidui.dll
18:09:17.0430 1260 C:\Windows\System32\pnidui.dll - ok
18:09:17.0430 1260 [ 3CD99E5B2487A4018AACBCEB19EE65D0 ] C:\Windows\System32\tquery.dll
18:09:17.0430 1260 C:\Windows\System32\tquery.dll - ok
18:09:17.0430 1260 [ BD626EF05967D14C772B8096292731A3 ] C:\Windows\System32\QUTIL.DLL
18:09:17.0430 1260 C:\Windows\System32\QUTIL.DLL - ok
18:09:17.0446 1260 [ CF4274CEEA9F7791FB7FC40A066BC2C7 ] C:\Windows\System32\cscobj.dll
18:09:17.0446 1260 C:\Windows\System32\cscobj.dll - ok
18:09:17.0446 1260 [ 674B0C0F6A448EB185CAAB9C51D44032 ] C:\Windows\System32\srchadmin.dll
18:09:17.0446 1260 C:\Windows\System32\srchadmin.dll - ok
18:09:17.0446 1260 [ 9A39A2A5F443A756C568C6ED5748AFE4 ] C:\Windows\System32\ActionCenter.dll
18:09:17.0446 1260 C:\Windows\System32\ActionCenter.dll - ok
18:09:17.0446 1260 [ 240DBC4B5E382CA2F63A2562062E9A08 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
18:09:17.0446 1260 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
18:09:17.0446 1260 [ FC509EAAC8CFA34A961BB84147D66076 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
18:09:17.0446 1260 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
18:09:17.0446 1260 [ FBE743D60132CFA9982860C8E2D99154 ] C:\Windows\System32\mssrch.dll
18:09:17.0446 1260 C:\Windows\System32\mssrch.dll - ok
18:09:17.0461 1260 [ 256503028879103E9741A276FA24D65D ] C:\Windows\System32\esent.dll
18:09:17.0461 1260 C:\Windows\System32\esent.dll - ok
18:09:17.0461 1260 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] C:\Windows\System32\netman.dll
18:09:17.0461 1260 C:\Windows\System32\netman.dll - ok
18:09:17.0461 1260 [ 81600E2E27ED61427AAD865B9BCDDB9D ] C:\Windows\System32\msidle.dll
18:09:17.0461 1260 C:\Windows\System32\msidle.dll - ok
18:09:17.0461 1260 [ 1CBF15FDB0310345A68972EB5C5B948F ] C:\Windows\System32\mssprxy.dll
18:09:17.0461 1260 C:\Windows\System32\mssprxy.dll - ok
18:09:17.0461 1260 [ D39DA70FEA6BD713682F70635587DA9E ] C:\Windows\System32\rasdlg.dll
18:09:17.0461 1260 C:\Windows\System32\rasdlg.dll - ok
18:09:17.0461 1260 [ 04B88428A872390D235BE52D38A9D4EF ] C:\Windows\System32\dot3api.dll
18:09:17.0461 1260 C:\Windows\System32\dot3api.dll - ok
18:09:17.0461 1260 [ B63E24E9271E99FD4540E3CA22A937DA ] C:\Windows\System32\en-US\tquery.dll.mui
18:09:17.0461 1260 C:\Windows\System32\en-US\tquery.dll.mui - ok
18:09:17.0477 1260 [ 8063046AA70B97CA9985672B8848FB2E ] C:\Windows\System32\wlanhlp.dll
18:09:17.0477 1260 C:\Windows\System32\wlanhlp.dll - ok
18:09:17.0477 1260 [ B5506B451BFE7148ECA7056BDA2970BD ] C:\Windows\System32\riched32.dll
18:09:17.0477 1260 C:\Windows\System32\riched32.dll - ok
18:09:17.0477 1260 [ 53683A331F8A1BB20ADD0330F1DE6388 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
18:09:17.0477 1260 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
18:09:17.0477 1260 [ C02AA67276FEE0C15CC4D6D616BDE95E ] C:\Windows\System32\WWanAPI.dll
18:09:17.0477 1260 C:\Windows\System32\WWanAPI.dll - ok
18:09:17.0477 1260 [ 8F8AB20AA863EA95A421B9D54C74F20C ] C:\Program Files\Windows Media Player\wmpnssci.dll
18:09:17.0477 1260 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
18:09:17.0477 1260 [ F2ED6D00921CA138289E5E0CCB9ABF87 ] C:\Windows\System32\wwapi.dll
18:09:17.0477 1260 C:\Windows\System32\wwapi.dll - ok
18:09:17.0493 1260 [ 02530B0B7E048DD5AC8D52DAEACAEB2B ] C:\Windows\System32\QAGENT.DLL
18:09:17.0493 1260 C:\Windows\System32\QAGENT.DLL - ok
18:09:17.0493 1260 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] C:\Program Files\Windows Media Player\wmpnetwk.exe
18:09:17.0493 1260 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
18:09:17.0493 1260 [ E3D5E244807AD655787FCD25477CC1BC ] C:\Windows\System32\bthprops.cpl
18:09:17.0493 1260 C:\Windows\System32\bthprops.cpl - ok
18:09:17.0493 1260 [ 5CF15474FFDB5005E54958DF6EDD97AB ] C:\Windows\System32\wmdrmdev.dll
18:09:17.0493 1260 C:\Windows\System32\wmdrmdev.dll - ok
18:09:17.0493 1260 [ 47D052D9EE1FD3BA2A55D13F61E3EF24 ] C:\Windows\System32\drmv2clt.dll
18:09:17.0493 1260 C:\Windows\System32\drmv2clt.dll - ok
18:09:17.0493 1260 [ 40B82688907A7DBA4DB3B5ADDE3EAB3B ] C:\Windows\System32\mfplat.dll
18:09:17.0493 1260 C:\Windows\System32\mfplat.dll - ok
18:09:17.0493 1260 [ 263963D93A3CA8F685EFA5966F1E6581 ] C:\Windows\System32\mshtml.dll
18:09:17.0493 1260 C:\Windows\System32\mshtml.dll - ok
18:09:17.0508 1260 [ 1957D49A9613FAAD1C73B508CCE02AA5 ] C:\Windows\System32\wmp.dll
18:09:17.0508 1260 C:\Windows\System32\wmp.dll - ok
18:09:17.0508 1260 [ 4DE1EBB2314E2F10AC9EC83138193F8B ] C:\Program Files\DAEMON Tools Lite\imgengine.dll
18:09:17.0508 1260 C:\Program Files\DAEMON Tools Lite\imgengine.dll - ok
18:09:17.0508 1260 [ 0FBC74AA20FE0AE6884279F893169C60 ] C:\Windows\System32\wmploc.DLL
18:09:17.0508 1260 C:\Windows\System32\wmploc.DLL - ok
18:09:17.0508 1260 [ C2D6A4475B87651D5909E364439FDA52 ] C:\Windows\System32\FXSST.dll
18:09:17.0508 1260 C:\Windows\System32\FXSST.dll - ok
18:09:17.0508 1260 [ 942E57152F1CD0533644AB30EF1A4728 ] C:\Windows\System32\FXSAPI.dll
18:09:17.0508 1260 C:\Windows\System32\FXSAPI.dll - ok
18:09:17.0508 1260 [ C4096CA42199428B3D63DC206C197F0E ] C:\Windows\System32\FXSRESM.dll
18:09:17.0508 1260 C:\Windows\System32\FXSRESM.dll - ok
18:09:17.0508 1260 [ 967EA5B213E9984CBE270205DF37755B ] C:\Windows\System32\FXSSVC.exe
18:09:17.0508 1260 C:\Windows\System32\FXSSVC.exe - ok
18:09:17.0524 1260 [ 5193DE33F3284C447E0D31DAFBF92570 ] C:\Windows\System32\webcheck.dll
18:09:17.0524 1260 C:\Windows\System32\webcheck.dll - ok
18:09:17.0524 1260 [ 89ED7C028A487340B7D93D5A38FDCB54 ] C:\Windows\System32\SearchProtocolHost.exe
18:09:17.0524 1260 C:\Windows\System32\SearchProtocolHost.exe - ok
18:09:17.0524 1260 [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\System32\mlang.dll
18:09:17.0524 1260 C:\Windows\System32\mlang.dll - ok
18:09:17.0524 1260 [ A5D237B8673025B052C0E6FDB6A883E8 ] C:\Windows\System32\msshooks.dll
18:09:17.0524 1260 C:\Windows\System32\msshooks.dll - ok
18:09:17.0524 1260 [ 2D11BC8B460957E62E4420373A0D8BDA ] C:\Windows\System32\imapi2.dll
18:09:17.0524 1260 C:\Windows\System32\imapi2.dll - ok
18:09:17.0539 1260 [ 8A674F9AB20B4937357BF6F5A0938EBF ] C:\Windows\System32\SearchFilterHost.exe
18:09:17.0539 1260 C:\Windows\System32\SearchFilterHost.exe - ok
18:09:17.0539 1260 [ 32AAEABFF6299834E5D38C3A442CCF36 ] C:\Windows\System32\mssph.dll
18:09:17.0539 1260 C:\Windows\System32\mssph.dll - ok
18:09:17.0539 1260 [ C7952D0A4C43A965A1741916BB134751 ] C:\Windows\System32\hgcpl.dll
18:09:17.0539 1260 C:\Windows\System32\hgcpl.dll - ok
18:09:17.0539 1260 [ F3222C893BD2F5821A0179E5C71E88FB ] C:\Windows\System32\fdPHost.dll
18:09:17.0539 1260 C:\Windows\System32\fdPHost.dll - ok
18:09:17.0539 1260 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\System32\mapi32.dll
18:09:17.0539 1260 C:\Windows\System32\mapi32.dll - ok
18:09:17.0539 1260 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48 ] C:\Windows\System32\fdWSD.dll
18:09:17.0539 1260 C:\Windows\System32\fdWSD.dll - ok
18:09:17.0539 1260 [ EA2B00551F3E7B3D5F7FB730A55F8246 ] C:\Windows\System32\blackbox.dll
18:09:17.0539 1260 C:\Windows\System32\blackbox.dll - ok
18:09:17.0555 1260 [ 674611721264013DB169EC12AFC9C3B6 ] C:\Windows\System32\fdSSDP.dll
18:09:17.0555 1260 C:\Windows\System32\fdSSDP.dll - ok
18:09:17.0555 1260 [ 3FF0FA0A81910617739644A06D06D016 ] C:\Windows\System32\fdProxy.dll
18:09:17.0555 1260 C:\Windows\System32\fdProxy.dll - ok
18:09:17.0555 1260 [ 2C105439AA27DC150511D90F3B6B1EC5 ] C:\Program Files\Internet Explorer\ieproxy.dll
18:09:17.0555 1260 C:\Program Files\Internet Explorer\ieproxy.dll - ok
18:09:17.0555 1260 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] C:\Windows\System32\ListSvc.dll
18:09:17.0555 1260 C:\Windows\System32\ListSvc.dll - ok
18:09:17.0555 1260 [ 3F2B83695E5BF11930C16AF50E991F96 ] C:\Windows\System32\wmpps.dll
18:09:17.0555 1260 C:\Windows\System32\wmpps.dll - ok
18:09:17.0555 1260 [ 08DF1B8C9C0754A7069E80A986373F52 ] C:\Windows\System32\P2P.dll
18:09:17.0555 1260 C:\Windows\System32\P2P.dll - ok
18:09:17.0555 1260 [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\System32\p2pcollab.dll
18:09:17.0555 1260 C:\Windows\System32\p2pcollab.dll - ok
18:09:17.0571 1260 [ 7B97346CE563B74BBCC120FC83E5A6D9 ] C:\Windows\System32\wmpmde.dll
18:09:17.0571 1260 C:\Windows\System32\wmpmde.dll - ok
18:09:17.0571 1260 [ 82A8521DDC60710C3D3D3E7325209BEC ] C:\Windows\System32\pnrpsvc.dll
18:09:17.0571 1260 C:\Windows\System32\pnrpsvc.dll - ok
18:09:17.0571 1260 [ 9DC23ACF360AEA7DF55AD7A8D3FBF4E6 ] C:\Windows\System32\IdListen.dll
18:09:17.0571 1260 C:\Windows\System32\IdListen.dll - ok
18:09:17.0571 1260 [ F059EB4C9C256F62F196EAA439E28F74 ] C:\Windows\System32\hgprint.dll
18:09:17.0571 1260 C:\Windows\System32\hgprint.dll - ok
18:09:17.0571 1260 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E ] C:\Windows\System32\WinSATAPI.dll
18:09:17.0571 1260 C:\Windows\System32\WinSATAPI.dll - ok
18:09:17.0571 1260 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9 ] C:\Windows\System32\MSMPEG2ENC.DLL
18:09:17.0571 1260 C:\Windows\System32\MSMPEG2ENC.DLL - ok
18:09:17.0571 1260 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\System32\devenum.dll
18:09:17.0571 1260 C:\Windows\System32\devenum.dll - ok
18:09:17.0586 1260 [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\System32\msdmo.dll
18:09:17.0586 1260 C:\Windows\System32\msdmo.dll - ok
18:09:17.0586 1260 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] C:\Windows\System32\QAGENTRT.DLL
18:09:17.0586 1260 C:\Windows\System32\QAGENTRT.DLL - ok
18:09:17.0586 1260 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2 ] C:\Windows\System32\fveui.dll
18:09:17.0586 1260 C:\Windows\System32\fveui.dll - ok
18:09:17.0586 1260 [ 59C3DDD501E39E006DAC31BF55150D91 ] C:\Windows\System32\p2psvc.dll
18:09:17.0586 1260 C:\Windows\System32\p2psvc.dll - ok
18:09:17.0586 1260 [ 833FBB672460EFCE8011D262175FAD33 ] C:\Windows\System32\upnphost.dll
18:09:17.0586 1260 C:\Windows\System32\upnphost.dll - ok
18:09:17.0586 1260 [ 1372E8E8FD066002131E3D509275E697 ] C:\Windows\System32\P2PGraph.dll
18:09:17.0586 1260 C:\Windows\System32\P2PGraph.dll - ok
18:09:17.0586 1260 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7 ] C:\Windows\System32\wbem\WmiPrvSE.exe
18:09:17.0586 1260 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
18:09:17.0602 1260 [ C6B0509AA89F656247694E2D6ABF7255 ] C:\Windows\System32\wbem\wmiprov.dll
18:09:17.0602 1260 C:\Windows\System32\wbem\wmiprov.dll - ok
18:09:17.0602 1260 [ A5B31A4397B880EF5A27544E14653DE3 ] C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll
18:09:17.0602 1260 C:\Program Files\NETGEAR\WNA3100\NtgrAdapterUpdate.dll - ok
18:09:17.0602 1260 [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\System32\msimtf.dll
18:09:17.0602 1260 C:\Windows\System32\msimtf.dll - ok
18:09:17.0602 1260 [ 69F42E40A0C4344939437D86A8893DA6 ] C:\Windows\System32\jscript9.dll
18:09:17.0602 1260 C:\Windows\System32\jscript9.dll - ok
18:09:17.0602 1260 [ 64CA3862D74EA610CD64DC6AD652DB5E ] C:\Windows\System32\d2d1.dll
18:09:17.0602 1260 C:\Windows\System32\d2d1.dll - ok
18:09:17.0602 1260 [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\System32\DWrite.dll
18:09:17.0602 1260 C:\Windows\System32\DWrite.dll - ok
18:09:17.0617 1260 [ FA6C66E4364D7DA57AADE5DCC03BB999 ] C:\Windows\System32\FntCache.dll
18:09:17.0617 1260 C:\Windows\System32\FntCache.dll - ok
18:09:17.0617 1260 [ 78B7A3BDA25C90DAA50D36A56A8D1351 ] C:\Windows\System32\d3d10warp.dll
18:09:17.0617 1260 C:\Windows\System32\d3d10warp.dll - ok
18:09:17.0617 1260 [ 230EA9ABBC3432CDE388F4891E76E867 ] C:\Windows\System32\udhisapi.dll
18:09:17.0617 1260 C:\Windows\System32\udhisapi.dll - ok
18:09:17.0617 1260 [ FDF8F16AEBF9B24B68281A2703061F4F ] C:\Windows\System32\igdumd32.dll
18:09:17.0617 1260 C:\Windows\System32\igdumd32.dll - ok
18:09:17.0617 1260 [ D6692338B985D4A0CA52B828314D897D ] C:\Windows\System32\drprov.dll
18:09:17.0617 1260 C:\Windows\System32\drprov.dll - ok
18:09:17.0617 1260 [ D7B7159BC8374E87D8C45A30377A3440 ] C:\Windows\System32\ntlanman.dll
18:09:17.0617 1260 C:\Windows\System32\ntlanman.dll - ok
18:09:17.0617 1260 [ 284B59D7B56FC76C80E622AB856B1FAB ] C:\Windows\System32\davclnt.dll
18:09:17.0617 1260 C:\Windows\System32\davclnt.dll - ok
18:09:17.0633 1260 [ 179BECE8D1A4C488DDB7191FF9BE3FB0 ] C:\Windows\System32\davhlpr.dll
18:09:17.0633 1260 C:\Windows\System32\davhlpr.dll - ok
18:09:17.0633 1260 [ EE29FCC244C8033E2F748D863DCBF378 ] C:\Windows\System32\drt.dll
18:09:17.0633 1260 C:\Windows\System32\drt.dll - ok
18:09:17.0633 1260 [ AA3B91B70E79BCE70AD3B190789B9574 ] C:\Windows\System32\drttransport.dll
18:09:17.0633 1260 C:\Windows\System32\drttransport.dll - ok
18:09:17.0633 1260 ============================================================
18:09:17.0633 1260 Scan finished
18:09:17.0633 1260 ============================================================
18:09:17.0633 2716 Detected object count: 0
18:09:17.0633 2716 Actual detected object count: 0
18:09:52.0156 2648 Deinitialize success

 


==== End of Fixlog ====

 

SECOND NOTEPAD ENTRY

 

 

18:06:01.0319 1976 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:06:01.0803 1976 ============================================================
18:06:01.0803 1976 Current date / time: 2013/04/19 18:06:01.0803
18:06:01.0803 1976 SystemInfo:
18:06:01.0803 1976
18:06:01.0803 1976 OS Version: 6.1.7601 ServicePack: 1.0
18:06:01.0803 1976 Product type: Workstation
18:06:01.0803 1976 ComputerName: SCHOOL1-PC
18:06:01.0803 1976 UserName: School #1
18:06:01.0803 1976 Windows directory: C:\Windows
18:06:01.0803 1976 System windows directory: C:\Windows
18:06:01.0803 1976 Processor architecture: Intel x86
18:06:01.0803 1976 Number of processors: 2
18:06:01.0803 1976 Page size: 0x1000
18:06:01.0803 1976 Boot type: Normal boot
18:06:01.0803 1976 ============================================================
18:06:03.0441 1976 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:06:03.0441 1976 Drive \Device\Harddisk1\DR3 - Size: 0x3D76FE00 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:06:03.0441 1976 ============================================================
18:06:03.0441 1976 \Device\Harddisk0\DR0:
18:06:03.0441 1976 MBR partitions:
18:06:03.0441 1976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x18000
18:06:03.0441 1976 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18800, BlocksNum 0x1D1AD000
18:06:03.0441 1976 \Device\Harddisk1\DR3:
18:06:03.0441 1976 MBR partitions:
18:06:03.0441 1976 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x6, StartLBA 0xEF, BlocksNum 0x1EE191
18:06:03.0441 1976 ============================================================
18:06:03.0456 1976 C: <-> \Device\Harddisk0\DR0\Partition2
18:06:03.0456 1976 ============================================================
18:06:03.0456 1976 Initialize success
18:06:03.0456 1976 ============================================================
18:06:42.0721 1372 Deinitialize success

 

18:06:01.0319 1976 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:06:01.0803 1976 ============================================================
18:06:01.0803 1976 Current date / time: 2013/04/19 18:06:01.0803
18:06:01.0803 1976 SystemInfo:
18:06:01.0803 1976
18:06:01.0803 1976 OS Version: 6.1.7601 ServicePack: 1.0
18:06:01.0803 1976 Product type: Workstation
18:06:01.0803 1976 ComputerName: SCHOOL1-PC
18:06:01.0803 1976 UserName: School #1
18:06:01.0803 1976 Windows directory: C:\Windows
18:06:01.0803 1976 System windows directory: C:\Windows
18:06:01.0803 1976 Processor architecture: Intel x86
18:06:01.0803 1976 Number of processors: 2
18:06:01.0803 1976 Page size: 0x1000
18:06:01.0803 1976 Boot type: Normal boot
18:06:01.0803 1976 ============================================================
18:06:03.0441 1976 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:06:03.0441 1976 Drive \Device\Harddisk1\DR3 - Size: 0x3D76FE00 (0.96 Gb), SectorSize: 0x200, Cylinders: 0x7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:06:03.0441 1976 ============================================================
18:06:03.0441 1976 \Device\Harddisk0\DR0:
18:06:03.0441 1976 MBR partitions:
18:06:03.0441 1976 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x18000
18:06:03.0441 1976 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18800, BlocksNum 0x1D1AD000
18:06:03.0441 1976 \Device\Harddisk1\DR3:
18:06:03.0441 1976 MBR partitions:
18:06:03.0441 1976 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x6, StartLBA 0xEF, BlocksNum 0x1EE191
18:06:03.0441 1976 ============================================================
18:06:03.0456 1976 C: <-> \Device\Harddisk0\DR0\Partition2
18:06:03.0456 1976 ============================================================
18:06:03.0456 1976 Initialize success
18:06:03.0456 1976 ============================================================
18:06:42.0721 1372 Deinitialize success



#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:14 PM

Posted 19 April 2013 - 08:56 PM

I am glad all is clear. Lets scan for remnants:

 

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

AdwCleaner.GIF

Once done it will ask to reboot, allow this
On reboot a log will be produced at C:\ADWCleaner[XX].txt please post it in your next reply.

 

Update and launch Malwarebytes Antimalware and perform a quick scan. Post its report.

 

 

 

  • Download  RogueKiller (by tigzy) on the desktop
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan. Once finished, click on Report

Please post the contents of the RKreport.txt in your next Reply.
 

 

Close RogueKiller.

 

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 Rollick

Rollick
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:01:14 PM

Posted 22 April 2013 - 10:00 PM

AdwCleaner report: - ran, couldn't find report, did next two recommended steps, ran again (after next two) this time I caught the report which is posted below.

 

# AdwCleaner v2.202 - Logfile created 04/22/2013 at 20:40:22
# Updated 23/04/2013 by Xplode
# Operating system : Windows 7 Professional Service Pack 1 (32 bits)
# User : School #1 - SCHOOL1-PC
# Boot Mode : Normal
# Running from : F:\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\Browser Manager

***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

-\\ Mozilla Firefox v20.0.1 (en-US)

File : C:\Users\School #1\AppData\Roaming\Mozilla\Firefox\Profiles\prrh9omh.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1984 octets] - [22/04/2013 19:54:59]
AdwCleaner[S2].txt - [771 octets] - [22/04/2013 20:40:22]

########## EOF - C:\AdwCleaner[S2].txt - [830 octets] ##########

 

____

 

Ran Malwarebyte's - report

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.22.10

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
School #1 :: SCHOOL1-PC [administrator]

Protection: Disabled

4/22/2013 8:06:10 PM
mbam-log-2013-04-22 (20-06-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 209363
Time elapsed: 7 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{8EBA1B69-99D8-4135-BD43-729BA79D5CC4} (PUP.PlayTopus) -> Quarantined and deleted successfully.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

____

 

Ran RogueKiller - report 1

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : School #1 [Admin rights]
Mode : Scan -- Date : 04/22/2013 20:28:54
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDP725025GLA380 ATA Device +++++
--- User ---
[MBR] 304007a95ec7cb5d258e719fdc15c59a
[BSP] f9a257e7fa5f4b411472b3b4f5259ebf : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 48 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 100352 | Size: 238426 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SanDisk U3 Cruzer Micro USB Device +++++
--- User ---
[MBR] da979fee9f2ddab9c8a641682578f7c6
[BSP] 788470fe12ec57aabe933cfdd9c84885 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 239 | Size: 988 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[1]_S_04222013_02d2028.txt >>
RKreport[1]_S_04222013_02d2028.txt


Report 2

 

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : School #1 [Admin rights]
Mode : Remove -- Date : 04/22/2013 20:30:34
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJ SMENU] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: Hitachi HDP725025GLA380 ATA Device +++++
--- User ---
[MBR] 304007a95ec7cb5d258e719fdc15c59a
[BSP] f9a257e7fa5f4b411472b3b4f5259ebf : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 48 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 100352 | Size: 238426 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: SanDisk U3 Cruzer Micro USB Device +++++
--- User ---
[MBR] da979fee9f2ddab9c8a641682578f7c6
[BSP] 788470fe12ec57aabe933cfdd9c84885 : Empty MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x06) [VISIBLE] Offset (sectors): 239 | Size: 988 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_04222013_02d2030.txt >>
RKreport[1]_S_04222013_02d2028.txt ; RKreport[2]_D_04222013_02d2030.txt


Computer running normally with a few exceptions.  Upon start up today (my son) he entered the normal user name and a box came up with a "winlogon.exe" error - he clicked OK and it shut down.  He then tried to restart and it did and worked normally.  Later this evening it did "dump" and went into a "safe mode" screen.  We shut it down over dinner and when I turned it back on, it acted normal and is "normal" at this time.

 

thanks, Jim Rollick



#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,438 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:03:14 PM

Posted 22 April 2013 - 10:22 PM

Lets try Combofix.

Please download ComboFix from Here or Here to your Desktop.

**Note:  In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

  • Please, never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link or this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combofix.exe & follow the prompts.
  • Install the Recovery Console if prompted.
  • When finished, it will produce a report for you.  
  • Please post the "C:\ComboFix.txt" .

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything (always allow your antivirus/antispyware to update) unless told to do so while we are fixing your problem. If combofix alerts to a new version and offers to update, please let it. It is essential we always use the latest version.

 

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users