Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Win7 Pro PC Infected w/ Rovnix.D - getting BSODs


  • This topic is locked This topic is locked
16 replies to this topic

#1 a4stetzer

a4stetzer

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 31 July 2013 - 04:34 PM

Hello BC Moderators:

I'm the Webmaster and all-around IT support person for a small company, and one of our employees managed to get her computer infected with the Rovnix.D Trojan (among others, but MSE and Malwarebyte's Anti-Malware are not detecting them anymore). Other infections that popped up before were Kelihos.F, an Obfuscator variant, Detplock, FakeRean, Trojan.FakeFlash.ED, and Exploit:Java/CVE-2013-0422.

This computer is a Dell Vostro with Win7 Pro and XP Mode. I began by removing FrostWire, a suspicious IE toolbar, and some other junk software that I came across. I also uninstalled Chrome, so IE 10.0.0.7 is the only browser on the machine.

I've run several anti-malware/anti-virus scanners and none have been able to remove Rovnix.D. I have a couple of the most recent MBAM log files that showed infections - subsequent scans have come up clean. I also took screen shots of MBAM Quarantine list as well as MSE showing Rovnix infection. If those will be of any use, let me know.

 

BSOD info is as follows:

*** STOP: 0x00000109 (0xA3039D89B612522,0xB3B7465EEDDF62E4,0XFFFFF80000B96BB0,0X0000000000000006)

 

*** ntoskrnl.exe - Address FFFFF80000B96BB0 base at FFFFF80000B95000, DateStamp 5149a99c.

 

I would like to get this resolved as quickly as possible, preferably without re-installing the OS, as this is the machine for our Receptionist/Bookkeeper. I do understand that this will be a long process and that the mods are very busy (and underpaid). Thank you in advance for any help anyone can offer on this.

Below is the required DDS log contents.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16635  BrowserJavaVersion: 10.25.2
Run by Kelly at 14:50:14 on 2013-07-31
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3944.3151 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
mWinlogon: Userinit = userinit.exe,
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Google] regsvr32.exe C:\Users\Kelly\AppData\Local\Google\htmsuhvl.dll
uRun: [Adobe CSS5.1 Manager] C:\Users\Kelly\AppData\Local\81647c1c-e240-4c96-bf0a-8f5211a7fe3dad\ccecbfafafedad.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [Run RunOnce] D:\RunOnce.exe C:\UPS\UOWS\ShipUPS.EXE
mRun: [NA1Messenger] C:\UPS\WSTD\UPSNA1Msgr.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UPSWOR~2.LNK - C:\UPS\WSTD\WSTDMessaging.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\UPSWOR~1.LNK - C:\UPS\WSTD\wstdPldReminder.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 64.33.128.10 64.33.128.210
TCP: Interfaces\{C887C719-39C1-45C2-933C-4FB1E4433855} : DHCPNameServer = 64.33.128.10 64.33.128.210
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} -
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-3-8 55856]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2012-3-8 406056]
S0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-1-20 230320]
S1 MpKsl334bc1bb;MpKsl334bc1bb;C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8BB9C245-96C4-4AFB-8A1B-15D2CE6CFCF3}\MpKsl334bc1bb.sys [2013-7-31 35664]
S2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2012-3-8 98208]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2013-6-25 196104]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-8 13592]
S2 MSSQL$UPSWSDBSERVER;SQL Server (UPSWSDBSERVER);c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe -sUPSWSDBSERVER --> c:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe -sUPSWSDBSERVER [?]
S2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 130008]
S2 NOBU;Dell DataSafe Online;C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe [2010-8-25 2823000]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2012-3-8 1692480]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-3-19 2886528]
S2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-3-8 317440]
S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-1-18 351136]
S3 LVUVC64;Logitech Webcam 250(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-1-18 4865568]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc60.sys [2010-11-21 168448]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 27136]
S3 SynthVid;SynthVid;C:\Windows\System32\drivers\VMBusVideoM.sys [2010-11-21 22528]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-3-21 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2013-07-31 19:09:29 76232 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8BB9C245-96C4-4AFB-8A1B-15D2CE6CFCF3}\offreg.dll
2013-07-31 18:25:34 35664 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8BB9C245-96C4-4AFB-8A1B-15D2CE6CFCF3}\MpKsl334bc1bb.sys
2013-07-31 18:21:32 9460976 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8BB9C245-96C4-4AFB-8A1B-15D2CE6CFCF3}\mpengine.dll
2013-07-30 19:44:35 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-07-30 19:44:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-30 16:45:43 9460976 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-30 15:43:04 -------- d-----w- C:\Windows\System32\appmgmt
2013-07-30 15:35:33 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-30 15:16:06 0 ----a-w- C:\Users\Kelly\teamviewer.exe
2013-07-30 13:56:55 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-07-30 13:55:26 -------- d-----w- C:\Users\Kelly\AppData\Local\Wajam
2013-07-30 13:55:23 -------- d-----w- C:\Users\Kelly\AppData\Local\Conduit
2013-07-30 13:54:45 -------- d-----w- C:\Users\Kelly\AppData\Local\CRE
2013-07-30 13:54:44 -------- d-----w- C:\Program Files (x86)\Conduit
2013-07-29 15:28:09 0 ----a-w- C:\Users\Kelly\msconfig.exe
2013-07-17 14:28:37 941720 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\gapaengine.dll
2013-07-11 08:18:31 -------- d-----w- C:\Program Files (x86)\Dell Digital Delivery
2013-07-10 20:22:58 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll
.
==================== Find3M  ====================
.
2013-07-30 15:35:27 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2013-07-30 15:35:27 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-23 17:11:56 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-23 17:11:56 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys
2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll
2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll
2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe
2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2013-05-10 07:57:38 27208 ----a-w- C:\Windows\System32\AdobePDFUI.dll
2013-05-10 07:57:34 55872 ----a-w- C:\Windows\System32\AdobePDF.dll
2013-05-10 05:49:27 30720 ----a-w- C:\Windows\System32\cryptdlg.dll
2013-05-10 03:20:54 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll
2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-08 06:10:12 770384 ----a-w- C:\Windows\SysWow64\msvcr100.dll
2013-05-08 06:10:12 421200 ----a-w- C:\Windows\SysWow64\msvcp100.dll
2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
.
============= FINISH: 14:51:00.99 ===============

 

 

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:18 AM

Posted 01 August 2013 - 10:05 PM

Hello a4stetzer,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.
1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    image000q.png
  • Put a checkmark beside loaded modules.
    2012081514h0118.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    2012081517h0349.png
  • Click the Start Scan button.
    19695967.jpg
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • RcAuto1.gif
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.
  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    whatnext.png
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


Things to include in your next reply::
TdssKiller log
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 02 August 2013 - 10:03 AM

  1. There were 3 TDSSKiller logs generated. Below is the largest (481kb) - the other 2 were only 4kb in size.
    09:11:47.0890 2260  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
    09:11:48.0404 2260  ============================================================
    09:11:48.0404 2260  Current date / time: 2013/08/02 09:11:48.0404
    09:11:48.0404 2260  SystemInfo:
    09:11:48.0404 2260 
    09:11:48.0404 2260  OS Version: 6.1.7601 ServicePack: 1.0
    09:11:48.0404 2260  Product type: Workstation
    09:11:48.0404 2260  ComputerName: FRONTDESK-PC
    09:11:48.0404 2260  UserName: Kelly
    09:11:48.0404 2260  Windows directory: C:\Windows
    09:11:48.0404 2260  System windows directory: C:\Windows
    09:11:48.0404 2260  Running under WOW64
    09:11:48.0404 2260  Processor architecture: Intel x64
    09:11:48.0404 2260  Number of processors: 4
    09:11:48.0404 2260  Page size: 0x1000
    09:11:48.0404 2260  Boot type: Normal boot
    09:11:48.0404 2260  ============================================================
    09:11:48.0404 2260  BG loaded
    09:11:51.0883 2260  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    09:11:51.0899 2260  ============================================================
    09:11:51.0899 2260  \Device\Harddisk0\DR0:
    09:11:51.0899 2260  MBR partitions:
    09:11:51.0899 2260  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x304E000
    09:11:51.0899 2260  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3062000, BlocksNum 0x37322000
    09:11:51.0899 2260  ============================================================
    09:11:52.0055 2260  C: <-> \Device\Harddisk0\DR0\Partition2
    09:11:52.0055 2260  ============================================================
    09:11:52.0055 2260  Initialize success
    09:11:52.0055 2260  ============================================================
    09:14:38.0942 8124  ============================================================
    09:14:38.0942 8124  Scan started
    09:14:38.0942 8124  Mode: Manual; SigCheck; TDLFS;
    09:14:38.0942 8124  ============================================================
    09:14:39.0878 8124  ================ Scan system memory ========================
    09:14:39.0878 8124  System memory - ok
    09:14:39.0878 8124  ================ Scan services =============================
    09:14:40.0019 8124  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    09:14:40.0066 8124  1394ohci - ok
    09:14:40.0097 8124  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    09:14:40.0112 8124  ACPI - ok
    09:14:40.0128 8124  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    09:14:40.0190 8124  AcpiPmi - ok
    09:14:40.0315 8124  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    09:14:40.0315 8124  AdobeARMservice - ok
    09:14:40.0424 8124  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    09:14:40.0440 8124  AdobeFlashPlayerUpdateSvc - ok
    09:14:40.0471 8124  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    09:14:40.0487 8124  adp94xx - ok
    09:14:40.0518 8124  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    09:14:40.0534 8124  adpahci - ok
    09:14:40.0549 8124  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    09:14:40.0565 8124  adpu320 - ok
    09:14:40.0596 8124  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    09:14:40.0705 8124  AeLookupSvc - ok
    09:14:40.0752 8124  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    09:14:40.0752 8124  AERTFilters - ok
    09:14:40.0799 8124  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
    09:14:40.0846 8124  AFD - ok
    09:14:40.0877 8124  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
    09:14:40.0892 8124  agp440 - ok
    09:14:40.0908 8124  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
    09:14:40.0955 8124  ALG - ok
    09:14:40.0970 8124  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
    09:14:40.0986 8124  aliide - ok
    09:14:41.0002 8124  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
    09:14:41.0002 8124  amdide - ok
    09:14:41.0033 8124  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
    09:14:41.0064 8124  AmdK8 - ok
    09:14:41.0080 8124  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
    09:14:41.0111 8124  AmdPPM - ok
    09:14:41.0126 8124  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    09:14:41.0142 8124  amdsata - ok
    09:14:41.0158 8124  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
    09:14:41.0173 8124  amdsbs - ok
    09:14:41.0189 8124  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    09:14:41.0204 8124  amdxata - ok
    09:14:41.0236 8124  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
    09:14:41.0345 8124  AppID - ok
    09:14:41.0392 8124  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    09:14:41.0454 8124  AppIDSvc - ok
    09:14:41.0501 8124  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
    09:14:41.0532 8124  Appinfo - ok
    09:14:41.0610 8124  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
    09:14:41.0641 8124  AppMgmt - ok
    09:14:41.0657 8124  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
    09:14:41.0672 8124  arc - ok
    09:14:41.0688 8124  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    09:14:41.0704 8124  arcsas - ok
    09:14:41.0782 8124  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
    09:14:41.0813 8124  aspnet_state - ok
    09:14:41.0828 8124  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    09:14:41.0860 8124  AsyncMac - ok
    09:14:41.0891 8124  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
    09:14:41.0906 8124  atapi - ok
    09:14:41.0953 8124  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    09:14:42.0000 8124  AudioEndpointBuilder - ok
    09:14:42.0016 8124  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    09:14:42.0031 8124  AudioSrv - ok
    09:14:42.0172 8124  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    09:14:42.0250 8124  AxInstSV - ok
    09:14:42.0281 8124  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
    09:14:42.0312 8124  b06bdrv - ok
    09:14:42.0343 8124  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    09:14:42.0374 8124  b57nd60a - ok
    09:14:42.0421 8124  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
    09:14:42.0452 8124  BDESVC - ok
    09:14:42.0484 8124  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
    09:14:42.0530 8124  Beep - ok
    09:14:42.0671 8124  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
    09:14:42.0718 8124  BFE - ok
    09:14:42.0764 8124  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
    09:14:42.0796 8124  BITS - ok
    09:14:42.0811 8124  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
    09:14:42.0827 8124  blbdrive - ok
    09:14:42.0889 8124  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    09:14:42.0936 8124  bowser - ok
    09:14:42.0967 8124  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
    09:14:42.0983 8124  BrFiltLo - ok
    09:14:43.0014 8124  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
    09:14:43.0030 8124  BrFiltUp - ok
    09:14:43.0092 8124  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
    09:14:43.0123 8124  Browser - ok
    09:14:43.0139 8124  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    09:14:43.0186 8124  Brserid - ok
    09:14:43.0201 8124  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    09:14:43.0233 8124  BrSerWdm - ok
    09:14:43.0248 8124  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    09:14:43.0264 8124  BrUsbMdm - ok
    09:14:43.0279 8124  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    09:14:43.0295 8124  BrUsbSer - ok
    09:14:43.0326 8124  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    09:14:43.0357 8124  BTHMODEM - ok
    09:14:43.0404 8124  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
    09:14:43.0435 8124  bthserv - ok
    09:14:43.0482 8124  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    09:14:43.0498 8124  cdfs - ok
    09:14:43.0591 8124  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    09:14:43.0638 8124  cdrom - ok
    09:14:43.0685 8124  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
    09:14:43.0763 8124  CertPropSvc - ok
    09:14:43.0794 8124  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
    09:14:43.0810 8124  circlass - ok
    09:14:43.0825 8124  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
    09:14:43.0841 8124  CLFS - ok
    09:14:43.0888 8124  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    09:14:43.0903 8124  clr_optimization_v2.0.50727_32 - ok
    09:14:43.0919 8124  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    09:14:43.0935 8124  clr_optimization_v2.0.50727_64 - ok
    09:14:43.0981 8124  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    09:14:44.0044 8124  clr_optimization_v4.0.30319_32 - ok
    09:14:44.0059 8124  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    09:14:44.0091 8124  clr_optimization_v4.0.30319_64 - ok
    09:14:44.0137 8124  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
    09:14:44.0153 8124  CmBatt - ok
    09:14:44.0153 8124  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    09:14:44.0169 8124  cmdide - ok
    09:14:44.0293 8124  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
    09:14:44.0340 8124  CNG - ok
    09:14:44.0340 8124  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
    09:14:44.0356 8124  Compbatt - ok
    09:14:44.0403 8124  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
    09:14:44.0418 8124  CompositeBus - ok
    09:14:44.0434 8124  COMSysApp - ok
    09:14:44.0465 8124  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
    09:14:44.0481 8124  cphs - ok
    09:14:44.0496 8124  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    09:14:44.0512 8124  crcdisk - ok
    09:14:44.0559 8124  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    09:14:44.0590 8124  CryptSvc - ok
    09:14:44.0668 8124  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
    09:14:44.0699 8124  CSC - ok
    09:14:44.0746 8124  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
    09:14:44.0777 8124  CscService - ok
    09:14:44.0824 8124  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    09:14:44.0871 8124  DcomLaunch - ok
    09:14:44.0917 8124  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
    09:14:44.0995 8124  defragsvc - ok
    09:14:45.0089 8124  [ 4C0419368943D1CF20A9FCEEC50D9846 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    09:14:45.0089 8124  DellDigitalDelivery - ok
    09:14:45.0105 8124  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    09:14:45.0136 8124  DfsC - ok
    09:14:45.0183 8124  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
    09:14:45.0229 8124  Dhcp - ok
    09:14:45.0245 8124  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
    09:14:45.0292 8124  discache - ok
    09:14:45.0307 8124  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
    09:14:45.0307 8124  Disk - ok
    09:14:45.0354 8124  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
    09:14:45.0385 8124  dmvsc - ok
    09:14:45.0417 8124  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    09:14:45.0448 8124  Dnscache - ok
    09:14:45.0479 8124  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    09:14:45.0541 8124  dot3svc - ok
    09:14:45.0541 8124  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
    09:14:45.0588 8124  DPS - ok
    09:14:45.0619 8124  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    09:14:45.0635 8124  drmkaud - ok
    09:14:45.0666 8124  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    09:14:45.0682 8124  DXGKrnl - ok
    09:14:45.0697 8124  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
    09:14:45.0744 8124  EapHost - ok
    09:14:45.0807 8124  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
    09:14:45.0900 8124  ebdrv - ok
    09:14:45.0931 8124  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
    09:14:45.0963 8124  EFS - ok
    09:14:46.0009 8124  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    09:14:46.0056 8124  ehRecvr - ok
    09:14:46.0072 8124  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
    09:14:46.0087 8124  ehSched - ok
    09:14:46.0119 8124  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    09:14:46.0150 8124  elxstor - ok
    09:14:46.0150 8124  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    09:14:46.0165 8124  ErrDev - ok
    09:14:46.0290 8124  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
    09:14:46.0321 8124  EventSystem - ok
    09:14:46.0353 8124  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
    09:14:46.0399 8124  exfat - ok
    09:14:46.0415 8124  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    09:14:46.0462 8124  fastfat - ok
    09:14:46.0477 8124  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
    09:14:46.0509 8124  Fax - ok
    09:14:46.0540 8124  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
    09:14:46.0555 8124  fdc - ok
    09:14:46.0587 8124  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
    09:14:46.0618 8124  fdPHost - ok
    09:14:46.0633 8124  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
    09:14:46.0680 8124  FDResPub - ok
    09:14:46.0696 8124  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    09:14:46.0711 8124  FileInfo - ok
    09:14:46.0727 8124  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    09:14:46.0758 8124  Filetrace - ok
    09:14:46.0774 8124  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
    09:14:46.0774 8124  flpydisk - ok
    09:14:46.0789 8124  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    09:14:46.0805 8124  FltMgr - ok
    09:14:46.0852 8124  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
    09:14:46.0883 8124  FontCache - ok
    09:14:46.0914 8124  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    09:14:46.0930 8124  FontCache3.0.0.0 - ok
    09:14:46.0930 8124  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    09:14:46.0945 8124  FsDepends - ok
    09:14:46.0977 8124  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    09:14:46.0992 8124  Fs_Rec - ok
    09:14:47.0039 8124  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    09:14:47.0055 8124  fvevol - ok
    09:14:47.0070 8124  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    09:14:47.0086 8124  gagp30kx - ok
    09:14:47.0117 8124  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
    09:14:47.0164 8124  gpsvc - ok
    09:14:47.0179 8124  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    09:14:47.0211 8124  hcw85cir - ok
    09:14:47.0242 8124  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
    09:14:47.0273 8124  HDAudBus - ok
    09:14:47.0273 8124  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
    09:14:47.0289 8124  HidBatt - ok
    09:14:47.0304 8124  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    09:14:47.0335 8124  HidBth - ok
    09:14:47.0351 8124  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
    09:14:47.0367 8124  HidIr - ok
    09:14:47.0382 8124  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
    09:14:47.0429 8124  hidserv - ok
    09:14:47.0460 8124  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    09:14:47.0476 8124  HidUsb - ok
    09:14:47.0507 8124  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    09:14:47.0569 8124  hkmsvc - ok
    09:14:47.0585 8124  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    09:14:47.0616 8124  HomeGroupListener - ok
    09:14:47.0647 8124  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    09:14:47.0663 8124  HomeGroupProvider - ok
    09:14:47.0694 8124  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    09:14:47.0710 8124  HpSAMD - ok
    09:14:47.0741 8124  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    09:14:47.0772 8124  HTTP - ok
    09:14:47.0788 8124  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    09:14:47.0788 8124  hwpolicy - ok
    09:14:47.0819 8124  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
    09:14:47.0835 8124  i8042prt - ok
    09:14:47.0881 8124  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
    09:14:47.0897 8124  iaStor - ok
    09:14:47.0959 8124  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    09:14:47.0975 8124  IAStorDataMgrSvc - ok
    09:14:47.0991 8124  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    09:14:48.0022 8124  iaStorV - ok
    09:14:48.0069 8124  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    09:14:48.0084 8124  idsvc - ok
    09:14:48.0271 8124  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
    09:14:48.0443 8124  igfx - ok
    09:14:48.0474 8124  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    09:14:48.0490 8124  iirsp - ok
    09:14:48.0521 8124  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
    09:14:48.0568 8124  IKEEXT - ok
    09:14:48.0615 8124  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
    09:14:48.0646 8124  IntcAzAudAddService - ok
    09:14:48.0677 8124  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
    09:14:48.0693 8124  IntcDAud - ok
    09:14:48.0724 8124  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
    09:14:48.0724 8124  intelide - ok
    09:14:48.0755 8124  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
    09:14:48.0771 8124  intelppm - ok
    09:14:48.0817 8124  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    09:14:48.0864 8124  IPBusEnum - ok
    09:14:48.0895 8124  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    09:14:48.0927 8124  IpFilterDriver - ok
    09:14:48.0973 8124  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    09:14:49.0005 8124  iphlpsvc - ok
    09:14:49.0020 8124  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    09:14:49.0051 8124  IPMIDRV - ok
    09:14:49.0051 8124  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    09:14:49.0098 8124  IPNAT - ok
    09:14:49.0114 8124  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    09:14:49.0129 8124  IRENUM - ok
    09:14:49.0145 8124  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    09:14:49.0161 8124  isapnp - ok
    09:14:49.0161 8124  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    09:14:49.0176 8124  iScsiPrt - ok
    09:14:49.0207 8124  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
    09:14:49.0207 8124  k57nd60a - ok
    09:14:49.0239 8124  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    09:14:49.0239 8124  kbdclass - ok
    09:14:49.0239 8124  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
    09:14:49.0254 8124  kbdhid - ok
    09:14:49.0270 8124  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
    09:14:49.0285 8124  KeyIso - ok
    09:14:49.0317 8124  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    09:14:49.0317 8124  KSecDD - ok
    09:14:49.0332 8124  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    09:14:49.0332 8124  KSecPkg - ok
    09:14:49.0363 8124  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    09:14:49.0395 8124  ksthunk - ok
    09:14:49.0426 8124  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
    09:14:49.0488 8124  KtmRm - ok
    09:14:49.0519 8124  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
    09:14:49.0551 8124  LanmanServer - ok
    09:14:49.0582 8124  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    09:14:49.0613 8124  LanmanWorkstation - ok
    09:14:49.0644 8124  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    09:14:49.0675 8124  lltdio - ok
    09:14:49.0707 8124  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    09:14:49.0738 8124  lltdsvc - ok
    09:14:49.0753 8124  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    09:14:49.0769 8124  lmhosts - ok
    09:14:49.0800 8124  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    09:14:49.0800 8124  LSI_FC - ok
    09:14:49.0831 8124  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    09:14:49.0831 8124  LSI_SAS - ok
    09:14:49.0863 8124  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
    09:14:49.0863 8124  LSI_SAS2 - ok
    09:14:49.0894 8124  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    09:14:49.0909 8124  LSI_SCSI - ok
    09:14:49.0925 8124  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
    09:14:49.0956 8124  luafv - ok
    09:14:50.0034 8124  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
    09:14:50.0050 8124  LVRS64 - ok
    09:14:50.0143 8124  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
    09:14:50.0206 8124  LVUVC64 - ok
    09:14:50.0253 8124  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    09:14:50.0268 8124  Mcx2Svc - ok
    09:14:50.0299 8124  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
    09:14:50.0315 8124  megasas - ok
    09:14:50.0331 8124  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
    09:14:50.0362 8124  MegaSR - ok
    09:14:50.0377 8124  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
    09:14:50.0377 8124  MEIx64 - ok
    09:14:50.0424 8124  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
    09:14:50.0471 8124  MMCSS - ok
    09:14:50.0487 8124  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
    09:14:50.0533 8124  Modem - ok
    09:14:50.0549 8124  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    09:14:50.0580 8124  monitor - ok
    09:14:50.0611 8124  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    09:14:50.0627 8124  mouclass - ok
    09:14:50.0627 8124  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    09:14:50.0643 8124  mouhid - ok
    09:14:50.0674 8124  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    09:14:50.0689 8124  mountmgr - ok
    09:14:50.0767 8124  [ E3252991298FB01B3D3B6433A5FBF8EE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    09:14:50.0783 8124  MozillaMaintenance - ok
    09:14:50.0799 8124  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
    09:14:50.0830 8124  MpFilter - ok
    09:14:50.0845 8124  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
    09:14:50.0845 8124  mpio - ok
    09:14:50.0861 8124  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    09:14:50.0892 8124  mpsdrv - ok
    09:14:50.0908 8124  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    09:14:50.0955 8124  MpsSvc - ok
    09:14:50.0970 8124  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    09:14:50.0986 8124  MRxDAV - ok
    09:14:51.0001 8124  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    09:14:51.0033 8124  mrxsmb - ok
    09:14:51.0048 8124  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    09:14:51.0064 8124  mrxsmb10 - ok
    09:14:51.0064 8124  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    09:14:51.0079 8124  mrxsmb20 - ok
    09:14:51.0095 8124  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
    09:14:51.0111 8124  msahci - ok
    09:14:51.0126 8124  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    09:14:51.0126 8124  msdsm - ok
    09:14:51.0157 8124  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
    09:14:51.0173 8124  MSDTC - ok
    09:14:51.0204 8124  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    09:14:51.0235 8124  Msfs - ok
    09:14:51.0251 8124  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    09:14:51.0282 8124  mshidkmdf - ok
    09:14:51.0298 8124  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    09:14:51.0313 8124  msisadrv - ok
    09:14:51.0345 8124  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    09:14:51.0391 8124  MSiSCSI - ok
    09:14:51.0391 8124  msiserver - ok
    09:14:51.0423 8124  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    09:14:51.0469 8124  MSKSSRV - ok
    09:14:51.0532 8124  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
    09:14:51.0532 8124  MsMpSvc - ok
    09:14:51.0563 8124  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    09:14:51.0594 8124  MSPCLOCK - ok
    09:14:51.0610 8124  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    09:14:51.0641 8124  MSPQM - ok
    09:14:51.0657 8124  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    09:14:51.0672 8124  MsRPC - ok
    09:14:51.0672 8124  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
    09:14:51.0688 8124  mssmbios - ok
    09:14:51.0766 8124  MSSQL$UPSWSDBSERVER - ok
    09:14:51.0828 8124  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
    09:14:51.0828 8124  MSSQLServerADHelper - ok
    09:14:51.0859 8124  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    09:14:51.0906 8124  MSTEE - ok
    09:14:51.0906 8124  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
    09:14:51.0922 8124  MTConfig - ok
    09:14:51.0937 8124  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
    09:14:51.0937 8124  Mup - ok
    09:14:51.0953 8124  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
    09:14:52.0015 8124  napagent - ok
    09:14:52.0031 8124  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    09:14:52.0062 8124  NativeWifiP - ok
    09:14:52.0125 8124  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
    09:14:52.0171 8124  NDIS - ok
    09:14:52.0187 8124  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    09:14:52.0218 8124  NdisCap - ok
    09:14:52.0234 8124  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    09:14:52.0249 8124  NdisTapi - ok
    09:14:52.0265 8124  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    09:14:52.0296 8124  Ndisuio - ok
    09:14:52.0296 8124  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    09:14:52.0343 8124  NdisWan - ok
    09:14:52.0359 8124  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    09:14:52.0374 8124  NDProxy - ok
    09:14:52.0390 8124  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    09:14:52.0421 8124  NetBIOS - ok
    09:14:52.0437 8124  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    09:14:52.0468 8124  NetBT - ok
    09:14:52.0483 8124  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
    09:14:52.0483 8124  Netlogon - ok
    09:14:52.0515 8124  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
    09:14:52.0561 8124  Netman - ok
    09:14:52.0639 8124  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:14:52.0655 8124  NetMsmqActivator - ok
    09:14:52.0655 8124  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:14:52.0671 8124  NetPipeActivator - ok
    09:14:52.0686 8124  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
    09:14:52.0717 8124  netprofm - ok
    09:14:52.0733 8124  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:14:52.0733 8124  NetTcpActivator - ok
    09:14:52.0733 8124  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    09:14:52.0749 8124  NetTcpPortSharing - ok
    09:14:52.0780 8124  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
    09:14:52.0795 8124  netvsc - ok
    09:14:52.0827 8124  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    09:14:52.0842 8124  nfrd960 - ok
    09:14:52.0889 8124  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
    09:14:52.0889 8124  NisDrv - ok
    09:14:52.0905 8124  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
    09:14:52.0920 8124  NisSrv - ok
    09:14:52.0951 8124  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    09:14:52.0983 8124  NlaSvc - ok
    09:14:53.0045 8124  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
    09:14:53.0076 8124  NOBU - ok
    09:14:53.0107 8124  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    09:14:53.0123 8124  Npfs - ok
    09:14:53.0170 8124  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
    09:14:53.0217 8124  nsi - ok
    09:14:53.0232 8124  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    09:14:53.0279 8124  nsiproxy - ok
    09:14:53.0326 8124  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    09:14:53.0388 8124  Ntfs - ok
    09:14:53.0404 8124  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
    09:14:53.0419 8124  Null - ok
    09:14:53.0435 8124  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    09:14:53.0451 8124  nvraid - ok
    09:14:53.0466 8124  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    09:14:53.0482 8124  nvstor - ok
    09:14:53.0497 8124  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    09:14:53.0513 8124  nv_agp - ok
    09:14:53.0513 8124  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    09:14:53.0529 8124  ohci1394 - ok
    09:14:53.0591 8124  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    09:14:53.0607 8124  ose - ok
    09:14:53.0747 8124  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    09:14:53.0872 8124  osppsvc - ok
    09:14:53.0887 8124  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    09:14:53.0919 8124  p2pimsvc - ok
    09:14:53.0950 8124  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
    09:14:53.0965 8124  p2psvc - ok
    09:14:53.0981 8124  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
    09:14:53.0997 8124  Parport - ok
    09:14:54.0028 8124  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    09:14:54.0028 8124  partmgr - ok
    09:14:54.0043 8124  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    09:14:54.0059 8124  PcaSvc - ok
    09:14:54.0090 8124  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
    09:14:54.0106 8124  pci - ok
    09:14:54.0137 8124  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
    09:14:54.0153 8124  pciide - ok
    09:14:54.0168 8124  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    09:14:54.0184 8124  pcmcia - ok
    09:14:54.0199 8124  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
    09:14:54.0215 8124  pcw - ok
    09:14:54.0231 8124  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    09:14:54.0277 8124  PEAUTH - ok
    09:14:54.0309 8124  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
    09:14:54.0371 8124  PeerDistSvc - ok
    09:14:54.0418 8124  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    09:14:54.0449 8124  PerfHost - ok
    09:14:54.0480 8124  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
    09:14:54.0543 8124  pla - ok
    09:14:54.0574 8124  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    09:14:54.0605 8124  PlugPlay - ok
    09:14:54.0621 8124  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    09:14:54.0636 8124  PNRPAutoReg - ok
    09:14:54.0652 8124  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    09:14:54.0667 8124  PNRPsvc - ok
    09:14:54.0699 8124  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    09:14:54.0745 8124  PolicyAgent - ok
    09:14:54.0761 8124  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
    09:14:54.0792 8124  Power - ok
    09:14:54.0823 8124  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    09:14:54.0870 8124  PptpMiniport - ok
    09:14:54.0886 8124  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
    09:14:54.0901 8124  Processor - ok
    09:14:54.0917 8124  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
    09:14:54.0964 8124  ProfSvc - ok
    09:14:54.0964 8124  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    09:14:54.0979 8124  ProtectedStorage - ok
    09:14:54.0995 8124  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    09:14:55.0042 8124  Psched - ok
    09:14:55.0089 8124  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
    09:14:55.0089 8124  PxHlpa64 - ok
    09:14:55.0151 8124  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    09:14:55.0198 8124  ql2300 - ok
    09:14:55.0213 8124  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    09:14:55.0229 8124  ql40xx - ok
    09:14:55.0245 8124  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
    09:14:55.0276 8124  QWAVE - ok
    09:14:55.0276 8124  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    09:14:55.0307 8124  QWAVEdrv - ok
    09:14:55.0307 8124  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    09:14:55.0338 8124  RasAcd - ok
    09:14:55.0369 8124  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    09:14:55.0401 8124  RasAgileVpn - ok
    09:14:55.0416 8124  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
    09:14:55.0463 8124  RasAuto - ok
    09:14:55.0479 8124  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    09:14:55.0510 8124  Rasl2tp - ok
    09:14:55.0525 8124  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
    09:14:55.0557 8124  RasMan - ok
    09:14:55.0588 8124  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    09:14:55.0603 8124  RasPppoe - ok
    09:14:55.0635 8124  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    09:14:55.0681 8124  RasSstp - ok
    09:14:55.0697 8124  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    09:14:55.0713 8124  rdbss - ok
    09:14:55.0744 8124  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
    09:14:55.0744 8124  rdpbus - ok
    09:14:55.0775 8124  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    09:14:55.0822 8124  RDPCDD - ok
    09:14:55.0853 8124  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
    09:14:55.0884 8124  RDPDR - ok
    09:14:55.0900 8124  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    09:14:55.0947 8124  RDPENCDD - ok
    09:14:55.0947 8124  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    09:14:55.0978 8124  RDPREFMP - ok
    09:14:56.0009 8124  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    09:14:56.0040 8124  RDPWD - ok
    09:14:56.0040 8124  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    09:14:56.0071 8124  rdyboost - ok
    09:14:56.0087 8124  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    09:14:56.0118 8124  RemoteAccess - ok
    09:14:56.0149 8124  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    09:14:56.0181 8124  RemoteRegistry - ok
    09:14:56.0227 8124  [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
    09:14:56.0243 8124  RimUsb - ok
    09:14:56.0305 8124  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
    09:14:56.0352 8124  RoxMediaDB12OEM - ok
    09:14:56.0368 8124  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
    09:14:56.0383 8124  RoxWatch12 - ok
    09:14:56.0399 8124  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    09:14:56.0430 8124  RpcEptMapper - ok
    09:14:56.0461 8124  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
    09:14:56.0477 8124  RpcLocator - ok
    09:14:56.0477 8124  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
    09:14:56.0508 8124  RpcSs - ok
    09:14:56.0524 8124  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    09:14:56.0571 8124  rspndr - ok
    09:14:56.0586 8124  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
    09:14:56.0602 8124  s3cap - ok
    09:14:56.0617 8124  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
    09:14:56.0633 8124  SamSs - ok
    09:14:56.0633 8124  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    09:14:56.0649 8124  sbp2port - ok
    09:14:56.0664 8124  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    09:14:56.0695 8124  SCardSvr - ok
    09:14:56.0695 8124  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    09:14:56.0727 8124  scfilter - ok
    09:14:56.0758 8124  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
    09:14:56.0789 8124  Schedule - ok
    09:14:56.0805 8124  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
    09:14:56.0836 8124  SCPolicySvc - ok
    09:14:56.0836 8124  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    09:14:56.0867 8124  SDRSVC - ok
    09:14:56.0883 8124  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    09:14:56.0929 8124  secdrv - ok
    09:14:56.0929 8124  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
    09:14:56.0961 8124  seclogon - ok
    09:14:56.0961 8124  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
    09:14:57.0023 8124  SENS - ok
    09:14:57.0023 8124  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    09:14:57.0054 8124  SensrSvc - ok
    09:14:57.0085 8124  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
    09:14:57.0101 8124  Serenum - ok
    09:14:57.0132 8124  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
    09:14:57.0148 8124  Serial - ok
    09:14:57.0179 8124  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    09:14:57.0195 8124  sermouse - ok
    09:14:57.0226 8124  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
    09:14:57.0257 8124  SessionEnv - ok
    09:14:57.0273 8124  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    09:14:57.0288 8124  sffdisk - ok
    09:14:57.0288 8124  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    09:14:57.0304 8124  sffp_mmc - ok
    09:14:57.0319 8124  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    09:14:57.0335 8124  sffp_sd - ok
    09:14:57.0335 8124  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    09:14:57.0351 8124  sfloppy - ok
    09:14:57.0413 8124  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
    09:14:57.0444 8124  SftService - ok
    09:14:57.0475 8124  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    09:14:57.0522 8124  SharedAccess - ok
    09:14:57.0538 8124  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    09:14:57.0600 8124  ShellHWDetection - ok
    09:14:57.0631 8124  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
    09:14:57.0647 8124  SiSRaid2 - ok
    09:14:57.0647 8124  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    09:14:57.0663 8124  SiSRaid4 - ok
    09:14:57.0756 8124  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
    09:14:57.0756 8124  SkypeUpdate - ok
    09:14:57.0772 8124  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    09:14:57.0819 8124  Smb - ok
    09:14:57.0865 8124  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    09:14:57.0897 8124  SNMPTRAP - ok
    09:14:57.0897 8124  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
    09:14:57.0912 8124  spldr - ok
    09:14:57.0943 8124  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
    09:14:57.0975 8124  Spooler - ok
    09:14:58.0021 8124  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
    09:14:58.0084 8124  sppsvc - ok
    09:14:58.0099 8124  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    09:14:58.0115 8124  sppuinotify - ok
    09:14:58.0177 8124  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
    09:14:58.0193 8124  SQLBrowser - ok
    09:14:58.0209 8124  [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    09:14:58.0224 8124  SQLWriter - ok
    09:14:58.0255 8124  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
    09:14:58.0302 8124  srv - ok
    09:14:58.0302 8124  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    09:14:58.0318 8124  srv2 - ok
    09:14:58.0333 8124  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    09:14:58.0349 8124  srvnet - ok
    09:14:58.0396 8124  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    09:14:58.0427 8124  SSDPSRV - ok
    09:14:58.0443 8124  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    09:14:58.0474 8124  SstpSvc - ok
    09:14:58.0489 8124  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
    09:14:58.0505 8124  stexstor - ok
    09:14:58.0521 8124  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
    09:14:58.0552 8124  stisvc - ok
    09:14:58.0583 8124  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
    09:14:58.0630 8124  stllssvr - ok
    09:14:58.0645 8124  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
    09:14:58.0677 8124  StorSvc - ok
    09:14:58.0708 8124  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
    09:14:58.0708 8124  storvsc - ok
    09:14:58.0739 8124  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
    09:14:58.0739 8124  swenum - ok
    09:14:58.0770 8124  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
    09:14:58.0817 8124  swprv - ok
    09:14:58.0833 8124  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
    09:14:58.0833 8124  SynthVid - ok
    09:14:58.0879 8124  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
    09:14:58.0926 8124  SysMain - ok
    09:14:58.0926 8124  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    09:14:58.0942 8124  TabletInputService - ok
    09:14:58.0957 8124  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    09:14:58.0989 8124  TapiSrv - ok
    09:14:58.0989 8124  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
    09:14:59.0020 8124  TBS - ok
    09:14:59.0067 8124  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    09:14:59.0129 8124  Tcpip - ok
    09:14:59.0176 8124  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    09:14:59.0191 8124  TCPIP6 - ok
    09:14:59.0223 8124  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    09:14:59.0238 8124  tcpipreg - ok
    09:14:59.0254 8124  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    09:14:59.0285 8124  TDPIPE - ok
    09:14:59.0301 8124  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    09:14:59.0316 8124  TDTCP - ok
    09:14:59.0332 8124  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    09:14:59.0363 8124  tdx - ok
    09:14:59.0425 8124  [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
    09:14:59.0472 8124  TeamViewer7 - ok
    09:14:59.0488 8124  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
    09:14:59.0503 8124  TermDD - ok
    09:14:59.0519 8124  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
    09:14:59.0566 8124  TermService - ok
    09:14:59.0581 8124  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
    09:14:59.0613 8124  Themes - ok
    09:14:59.0628 8124  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
    09:14:59.0644 8124  THREADORDER - ok
    09:14:59.0675 8124  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
    09:14:59.0722 8124  TrkWks - ok
    09:14:59.0753 8124  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    09:14:59.0784 8124  TrustedInstaller - ok
    09:14:59.0800 8124  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    09:14:59.0831 8124  tssecsrv - ok
    09:14:59.0847 8124  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    09:14:59.0862 8124  TsUsbFlt - ok
    09:14:59.0878 8124  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
    09:14:59.0893 8124  TsUsbGD - ok
    09:14:59.0925 8124  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    09:14:59.0956 8124  tunnel - ok
    09:14:59.0956 8124  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
    09:14:59.0971 8124  uagp35 - ok
    09:14:59.0987 8124  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    09:15:00.0018 8124  udfs - ok
    09:15:00.0034 8124  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    09:15:00.0049 8124  UI0Detect - ok
    09:15:00.0065 8124  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    09:15:00.0065 8124  uliagpkx - ok
    09:15:00.0081 8124  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
    09:15:00.0096 8124  umbus - ok
    09:15:00.0127 8124  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
    09:15:00.0159 8124  UmPass - ok
    09:15:00.0190 8124  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
    09:15:00.0221 8124  UmRdpService - ok
    09:15:00.0268 8124  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    09:15:00.0283 8124  UMVPFSrv - ok
    09:15:00.0315 8124  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
    09:15:00.0361 8124  upnphost - ok
    09:15:00.0377 8124  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
    09:15:00.0393 8124  usbaudio - ok
    09:15:00.0424 8124  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    09:15:00.0455 8124  usbccgp - ok
    09:15:00.0471 8124  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    09:15:00.0502 8124  usbcir - ok
    09:15:00.0517 8124  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
    09:15:00.0533 8124  usbehci - ok
    09:15:00.0564 8124  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    09:15:00.0595 8124  usbhub - ok
    09:15:00.0595 8124  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
    09:15:00.0611 8124  usbohci - ok
    09:15:00.0627 8124  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
    09:15:00.0642 8124  usbprint - ok
    09:15:00.0642 8124  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
    09:15:00.0673 8124  USBSTOR - ok
    09:15:00.0705 8124  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    09:15:00.0736 8124  usbuhci - ok
    09:15:00.0767 8124  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
    09:15:00.0783 8124  usbvideo - ok
    09:15:00.0798 8124  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
    09:15:00.0861 8124  UxSms - ok
    09:15:00.0861 8124  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
    09:15:00.0876 8124  VaultSvc - ok
    09:15:00.0892 8124  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    09:15:00.0907 8124  vdrvroot - ok
    09:15:00.0923 8124  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
    09:15:00.0954 8124  vds - ok
    09:15:00.0985 8124  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    09:15:00.0985 8124  vga - ok
    09:15:01.0001 8124  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
    09:15:01.0032 8124  VgaSave - ok
    09:15:01.0048 8124  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    09:15:01.0048 8124  vhdmp - ok
    09:15:01.0079 8124  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
    09:15:01.0079 8124  viaide - ok
    09:15:01.0095 8124  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
    09:15:01.0110 8124  VMBusHID - ok
    09:15:01.0126 8124  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    09:15:01.0141 8124  volmgr - ok
    09:15:01.0141 8124  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    09:15:01.0157 8124  volmgrx - ok
    09:15:01.0173 8124  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    09:15:01.0173 8124  volsnap - ok
    09:15:01.0204 8124  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
    09:15:01.0219 8124  vpcbus - ok
    09:15:01.0235 8124  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
    09:15:01.0266 8124  vpcnfltr - ok
    09:15:01.0282 8124  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
    09:15:01.0313 8124  vpcusb - ok
    09:15:01.0329 8124  [ 30D4243726A15A14F5C5E45898D14394 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
    09:15:01.0344 8124  vpcvmm - ok
    09:15:01.0360 8124  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
    09:15:01.0375 8124  vsmraid - ok
    09:15:01.0422 8124  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
    09:15:01.0485 8124  VSS - ok
    09:15:01.0516 8124  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
    09:15:01.0531 8124  vwifibus - ok
    09:15:01.0547 8124  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
    09:15:01.0594 8124  W32Time - ok
    09:15:01.0594 8124  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
    09:15:01.0609 8124  WacomPen - ok
    09:15:01.0625 8124  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    09:15:01.0656 8124  WANARP - ok
    09:15:01.0672 8124  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    09:15:01.0687 8124  Wanarpv6 - ok
    09:15:01.0750 8124  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    09:15:01.0797 8124  WatAdminSvc - ok
    09:15:01.0828 8124  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
    09:15:01.0875 8124  wbengine - ok
    09:15:01.0921 8124  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    09:15:01.0937 8124  WbioSrvc - ok
    09:15:01.0953 8124  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    09:15:01.0968 8124  wcncsvc - ok
    09:15:01.0984 8124  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    09:15:01.0999 8124  WcsPlugInService - ok
    09:15:02.0015 8124  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
    09:15:02.0031 8124  Wd - ok
    09:15:02.0062 8124  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    09:15:02.0093 8124  Wdf01000 - ok
    09:15:02.0093 8124  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    09:15:02.0171 8124  WdiServiceHost - ok
    09:15:02.0171 8124  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    09:15:02.0187 8124  WdiSystemHost - ok
    09:15:02.0202 8124  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
    09:15:02.0218 8124  WebClient - ok
    09:15:02.0233 8124  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    09:15:02.0280 8124  Wecsvc - ok
    09:15:02.0296 8124  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    09:15:02.0327 8124  wercplsupport - ok
    09:15:02.0343 8124  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
    09:15:02.0358 8124  WerSvc - ok
    09:15:02.0389 8124  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    09:15:02.0405 8124  WfpLwf - ok
    09:15:02.0436 8124  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
    09:15:02.0452 8124  WimFltr - ok
    09:15:02.0467 8124  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    09:15:02.0483 8124  WIMMount - ok
    09:15:02.0514 8124  WinDefend - ok
    09:15:02.0514 8124  WinHttpAutoProxySvc - ok
    09:15:02.0561 8124  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    09:15:02.0608 8124  Winmgmt - ok
    09:15:02.0639 8124  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
    09:15:02.0717 8124  WinRM - ok
    09:15:02.0748 8124  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
    09:15:02.0764 8124  WinUsb - ok
    09:15:02.0779 8124  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
    09:15:02.0811 8124  Wlansvc - ok
    09:15:02.0842 8124  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
    09:15:02.0857 8124  wlcrasvc - ok
    09:15:02.0920 8124  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    09:15:02.0951 8124  wlidsvc - ok
    09:15:02.0967 8124  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
    09:15:02.0982 8124  WmiAcpi - ok
    09:15:02.0998 8124  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    09:15:03.0029 8124  wmiApSrv - ok
    09:15:03.0045 8124  WMPNetworkSvc - ok
    09:15:03.0076 8124  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    09:15:03.0107 8124  WPCSvc - ok
    09:15:03.0123 8124  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    09:15:03.0138 8124  WPDBusEnum - ok
    09:15:03.0154 8124  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    09:15:03.0169 8124  ws2ifsl - ok
    09:15:03.0185 8124  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
    09:15:03.0201 8124  wscsvc - ok
    09:15:03.0201 8124  WSearch - ok
    09:15:03.0263 8124  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
    09:15:03.0310 8124  wuauserv - ok
    09:15:03.0325 8124  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    09:15:03.0357 8124  WudfPf - ok
    09:15:03.0403 8124  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    09:15:03.0419 8124  WUDFRd - ok
    09:15:03.0450 8124  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    09:15:03.0481 8124  wudfsvc - ok
    09:15:03.0497 8124  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
    09:15:03.0528 8124  WwanSvc - ok
    09:15:03.0528 8124  ================ Scan global ===============================
    09:15:03.0559 8124  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    09:15:03.0575 8124  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    09:15:03.0591 8124  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
    09:15:03.0606 8124  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    09:15:03.0622 8124  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    09:15:03.0637 8124  [Global] - ok
    09:15:03.0637 8124  ================ Scan MBR ==================================
    09:15:03.0637 8124  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
    09:15:03.0825 8124  \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - warning
    09:15:03.0825 8124  \Device\Harddisk0\DR0 - detected Rootkit.Win32.BackBoot.gen (1)
    09:15:03.0918 8124  ================ Scan VBR ==================================
    09:15:03.0918 8124  [ B65930B11BDC6CF2941B56F03CD50BB9 ] \Device\Harddisk0\DR0\Partition1
    09:15:03.0918 8124  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
    09:15:03.0918 8124  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b (0)
    09:15:03.0949 8124  [ AF7ABB00C1FC09CBF6066746282CA22F ] \Device\Harddisk0\DR0\Partition2
    09:15:03.0949 8124  \Device\Harddisk0\DR0\Partition2 - ok
    09:15:03.0949 8124  ================ Scan active images ========================
    09:15:03.0949 8124  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
    09:15:03.0949 8124  C:\Windows\System32\drivers\crashdmp.sys - ok
    09:15:03.0949 8124  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] C:\Windows\System32\drivers\iaStor.sys
    09:15:03.0949 8124  C:\Windows\System32\drivers\iaStor.sys - ok
    09:15:03.0965 8124  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
    09:15:03.0965 8124  C:\Windows\System32\drivers\dumpfve.sys - ok
    09:15:03.0965 8124  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
    09:15:03.0965 8124  C:\Windows\System32\drivers\beep.sys - ok
    09:15:03.0965 8124  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
    09:15:03.0965 8124  C:\Windows\System32\drivers\cdrom.sys - ok
    09:15:03.0965 8124  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
    09:15:03.0965 8124  C:\Windows\System32\drivers\afd.sys - ok
    09:15:03.0981 8124  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\msfs.sys - ok
    09:15:03.0981 8124  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\npfs.sys - ok
    09:15:03.0981 8124  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\RDPCDD.sys - ok
    09:15:03.0981 8124  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\RDPENCDD.sys - ok
    09:15:03.0981 8124  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\RDPREFMP.sys - ok
    09:15:03.0981 8124  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\tdi.sys - ok
    09:15:03.0981 8124  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
    09:15:03.0981 8124  C:\Windows\System32\drivers\tdx.sys - ok
    09:15:03.0996 8124  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\vga.sys - ok
    09:15:03.0996 8124  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\videoprt.sys - ok
    09:15:03.0996 8124  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\watchdog.sys - ok
    09:15:03.0996 8124  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\netbios.sys - ok
    09:15:03.0996 8124  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\netbt.sys - ok
    09:15:03.0996 8124  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\pacer.sys - ok
    09:15:03.0996 8124  [ E675FB2B48C54F09895482E2253B289C ] C:\Windows\System32\drivers\vpcnfltr.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\vpcnfltr.sys - ok
    09:15:03.0996 8124  [ 30D4243726A15A14F5C5E45898D14394 ] C:\Windows\System32\drivers\vpcvmm.sys
    09:15:03.0996 8124  C:\Windows\System32\drivers\vpcvmm.sys - ok
    09:15:04.0012 8124  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\wanarp.sys - ok
    09:15:04.0012 8124  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\wfplwf.sys - ok
    09:15:04.0012 8124  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\mssmbios.sys - ok
    09:15:04.0012 8124  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\nsiproxy.sys - ok
    09:15:04.0012 8124  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\rdbss.sys - ok
    09:15:04.0012 8124  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\termdd.sys - ok
    09:15:04.0012 8124  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\discache.sys - ok
    09:15:04.0012 8124  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
    09:15:04.0012 8124  C:\Windows\System32\drivers\csc.sys - ok
    09:15:04.0027 8124  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
    09:15:04.0027 8124  C:\Windows\System32\drivers\blbdrive.sys - ok
    09:15:04.0027 8124  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
    09:15:04.0027 8124  C:\Windows\System32\drivers\dfsc.sys - ok
    09:15:04.0027 8124  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
    09:15:04.0027 8124  C:\Windows\System32\drivers\tunnel.sys - ok
    09:15:04.0027 8124  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
    09:15:04.0027 8124  C:\Windows\System32\smss.exe - ok
    09:15:04.0027 8124  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
    09:15:04.0027 8124  C:\Windows\System32\ntdll.dll - ok
    09:15:04.0027 8124  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
    09:15:04.0027 8124  C:\Windows\System32\autochk.exe - ok
    09:15:04.0027 8124  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
    09:15:04.0027 8124  C:\Windows\System32\imagehlp.dll - ok
    09:15:04.0027 8124  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
    09:15:04.0027 8124  C:\Windows\System32\imm32.dll - ok
    09:15:04.0043 8124  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] C:\Windows\System32\drivers\igdkmd64.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\igdkmd64.sys - ok
    09:15:04.0043 8124  [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\dxgkrnl.sys - ok
    09:15:04.0043 8124  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\dxgmms1.sys - ok
    09:15:04.0043 8124  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\HECIx64.sys - ok
    09:15:04.0043 8124  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\usbport.sys - ok
    09:15:04.0043 8124  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\usbehci.sys - ok
    09:15:04.0043 8124  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
    09:15:04.0043 8124  C:\Windows\System32\drivers\hdaudbus.sys - ok
    09:15:04.0059 8124  [ 12E27942DBB7C91880163634B0D8A776 ] C:\Windows\System32\drivers\k57nd60a.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\k57nd60a.sys - ok
    09:15:04.0059 8124  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\agilevpn.sys - ok
    09:15:04.0059 8124  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\CompositeBus.sys - ok
    09:15:04.0059 8124  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\intelppm.sys - ok
    09:15:04.0059 8124  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\ndistapi.sys - ok
    09:15:04.0059 8124  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\rasl2tp.sys - ok
    09:15:04.0059 8124  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\ndiswan.sys - ok
    09:15:04.0059 8124  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
    09:15:04.0059 8124  C:\Windows\System32\drivers\raspppoe.sys - ok
    09:15:04.0074 8124  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\raspptp.sys - ok
    09:15:04.0074 8124  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\rassstp.sys - ok
    09:15:04.0074 8124  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\kbdclass.sys - ok
    09:15:04.0074 8124  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\mouclass.sys - ok
    09:15:04.0074 8124  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\rdpbus.sys - ok
    09:15:04.0074 8124  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\ks.sys - ok
    09:15:04.0074 8124  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
    09:15:04.0074 8124  C:\Windows\System32\drivers\swenum.sys - ok
    09:15:04.0090 8124  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\umbus.sys - ok
    09:15:04.0090 8124  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\usbd.sys - ok
    09:15:04.0090 8124  [ C3EC945DEC43C00E2AD4C98DDDD064C7 ] C:\Windows\System32\drivers\usbrpm.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\usbrpm.sys - ok
    09:15:04.0090 8124  [ 5FB42082B0D19A0268705F1DD343DF20 ] C:\Windows\System32\drivers\vpcusb.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\vpcusb.sys - ok
    09:15:04.0090 8124  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] C:\Windows\System32\drivers\vpchbus.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\vpchbus.sys - ok
    09:15:04.0090 8124  [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\usbhub.sys - ok
    09:15:04.0090 8124  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\ndproxy.sys - ok
    09:15:04.0090 8124  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
    09:15:04.0090 8124  C:\Windows\System32\drivers\drmk.sys - ok
    09:15:04.0105 8124  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
    09:15:04.0105 8124  C:\Windows\System32\drivers\ksthunk.sys - ok
    09:15:04.0105 8124  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
    09:15:04.0105 8124  C:\Windows\System32\drivers\portcls.sys - ok
    09:15:04.0105 8124  [ 235362D403D9D677514649D88DB31914 ] C:\Windows\System32\drivers\RTKVHD64.sys
    09:15:04.0105 8124  C:\Windows\System32\drivers\RTKVHD64.sys - ok
    09:15:04.0105 8124  [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
    09:15:04.0105 8124  C:\Windows\System32\drivers\IntcDAud.sys - ok
    09:15:04.0105 8124  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
    09:15:04.0105 8124  C:\Windows\System32\ole32.dll - ok
    09:15:04.0105 8124  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
    09:15:04.0105 8124  C:\Windows\System32\shlwapi.dll - ok
    09:15:04.0105 8124  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
    09:15:04.0105 8124  C:\Windows\System32\oleaut32.dll - ok
    09:15:04.0105 8124  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
    09:15:04.0105 8124  C:\Windows\System32\ws2_32.dll - ok
    09:15:04.0121 8124  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
    09:15:04.0121 8124  C:\Windows\System32\kernel32.dll - ok
    09:15:04.0121 8124  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
    09:15:04.0121 8124  C:\Windows\System32\rpcrt4.dll - ok
    09:15:04.0121 8124  [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
    09:15:04.0121 8124  C:\Windows\System32\iertutil.dll - ok
    09:15:04.0121 8124  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
    09:15:04.0121 8124  C:\Windows\System32\msctf.dll - ok
    09:15:04.0121 8124  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
    09:15:04.0121 8124  C:\Windows\System32\clbcatq.dll - ok
    09:15:04.0121 8124  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
    09:15:04.0121 8124  C:\Windows\System32\user32.dll - ok
    09:15:04.0121 8124  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
    09:15:04.0121 8124  C:\Windows\System32\sechost.dll - ok
    09:15:04.0121 8124  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
    09:15:04.0121 8124  C:\Windows\System32\advapi32.dll - ok
    09:15:04.0137 8124  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
    09:15:04.0137 8124  C:\Windows\System32\shell32.dll - ok
    09:15:04.0137 8124  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
    09:15:04.0137 8124  C:\Windows\System32\lpk.dll - ok
    09:15:04.0137 8124  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
    09:15:04.0137 8124  C:\Windows\System32\setupapi.dll - ok
    09:15:04.0137 8124  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
    09:15:04.0137 8124  C:\Windows\System32\usp10.dll - ok
    09:15:04.0137 8124  [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
    09:15:04.0137 8124  C:\Windows\System32\urlmon.dll - ok
    09:15:04.0137 8124  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
    09:15:04.0137 8124  C:\Windows\System32\comdlg32.dll - ok
    09:15:04.0137 8124  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
    09:15:04.0137 8124  C:\Windows\System32\gdi32.dll - ok
    09:15:04.0137 8124  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
    09:15:04.0137 8124  C:\Windows\System32\psapi.dll - ok
    09:15:04.0152 8124  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
    09:15:04.0152 8124  C:\Windows\System32\Wldap32.dll - ok
    09:15:04.0152 8124  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
    09:15:04.0152 8124  C:\Windows\System32\msvcrt.dll - ok
    09:15:04.0152 8124  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
    09:15:04.0152 8124  C:\Windows\System32\normaliz.dll - ok
    09:15:04.0152 8124  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
    09:15:04.0152 8124  C:\Windows\System32\nsi.dll - ok
    09:15:04.0152 8124  [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
    09:15:04.0152 8124  C:\Windows\System32\wininet.dll - ok
    09:15:04.0152 8124  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
    09:15:04.0152 8124  C:\Windows\System32\difxapi.dll - ok
    09:15:04.0152 8124  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
    09:15:04.0152 8124  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
    09:15:04.0152 8124  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
    09:15:04.0152 8124  C:\Windows\System32\devobj.dll - ok
    09:15:04.0168 8124  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
    09:15:04.0168 8124  C:\Windows\System32\KernelBase.dll - ok
    09:15:04.0168 8124  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
    09:15:04.0168 8124  C:\Windows\System32\wintrust.dll - ok
    09:15:04.0168 8124  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
    09:15:04.0168 8124  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
    09:15:04.0168 8124  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
    09:15:04.0168 8124  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
    09:15:04.0168 8124  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
    09:15:04.0168 8124  C:\Windows\System32\comctl32.dll - ok
    09:15:04.0168 8124  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
    09:15:04.0168 8124  C:\Windows\System32\cfgmgr32.dll - ok
    09:15:04.0168 8124  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
    09:15:04.0168 8124  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
    09:15:04.0183 8124  [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
    09:15:04.0183 8124  C:\Windows\System32\crypt32.dll - ok
    09:15:04.0183 8124  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
    09:15:04.0183 8124  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
    09:15:04.0183 8124  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
    09:15:04.0183 8124  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
    09:15:04.0183 8124  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
    09:15:04.0183 8124  C:\Windows\System32\msasn1.dll - ok
    09:15:04.0183 8124  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
    09:15:04.0183 8124  C:\Windows\SysWOW64\normaliz.dll - ok
    09:15:04.0183 8124  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
    09:15:04.0183 8124  C:\Windows\System32\drivers\hidclass.sys - ok
    09:15:04.0183 8124  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
    09:15:04.0183 8124  C:\Windows\System32\drivers\hidparse.sys - ok
    09:15:04.0183 8124  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
    09:15:04.0183 8124  C:\Windows\System32\drivers\hidusb.sys - ok
    09:15:04.0199 8124  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
    09:15:04.0199 8124  C:\Windows\System32\drivers\dxapi.sys - ok
    09:15:04.0199 8124  [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
    09:15:04.0199 8124  C:\Windows\System32\win32k.sys - ok
    09:15:04.0199 8124  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
    09:15:04.0199 8124  C:\Windows\System32\csrsrv.dll - ok
    09:15:04.0199 8124  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
    09:15:04.0199 8124  C:\Windows\System32\csrss.exe - ok
    09:15:04.0199 8124  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
    09:15:04.0199 8124  C:\Windows\System32\basesrv.dll - ok
    09:15:04.0199 8124  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
    09:15:04.0199 8124  C:\Windows\System32\winsrv.dll - ok
    09:15:04.0199 8124  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
    09:15:04.0199 8124  C:\Windows\System32\drivers\kbdhid.sys - ok
    09:15:04.0215 8124  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
    09:15:04.0215 8124  C:\Windows\System32\drivers\mouhid.sys - ok
    09:15:04.0215 8124  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
    09:15:04.0215 8124  C:\Windows\System32\drivers\monitor.sys - ok
    09:15:04.0215 8124  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
    09:15:04.0215 8124  C:\Windows\System32\drivers\usbprint.sys - ok
    09:15:04.0215 8124  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
    09:15:04.0215 8124  C:\Windows\System32\profapi.dll - ok
    09:15:04.0215 8124  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
    09:15:04.0215 8124  C:\Windows\System32\sxssrv.dll - ok
    09:15:04.0215 8124  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
    09:15:04.0215 8124  C:\Windows\System32\tsddd.dll - ok
    09:15:04.0215 8124  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
    09:15:04.0215 8124  C:\Windows\System32\wininit.exe - ok
    09:15:04.0215 8124  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
    09:15:04.0215 8124  C:\Windows\System32\cdd.dll - ok
    09:15:04.0230 8124  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
    09:15:04.0230 8124  C:\Windows\System32\KBDUS.DLL - ok
    09:15:04.0230 8124  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
    09:15:04.0230 8124  C:\Windows\System32\RpcRtRemote.dll - ok
    09:15:04.0230 8124  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
    09:15:04.0230 8124  C:\Windows\System32\WlS0WndH.dll - ok
    09:15:04.0230 8124  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
    09:15:04.0230 8124  C:\Windows\System32\apphelp.dll - ok
    09:15:04.0230 8124  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
    09:15:04.0230 8124  C:\Windows\System32\services.exe - ok
    09:15:04.0230 8124  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
    09:15:04.0230 8124  C:\Windows\System32\sxs.dll - ok
    09:15:04.0230 8124  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
    09:15:04.0230 8124  C:\Windows\System32\cryptbase.dll - ok
    09:15:04.0230 8124  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
    09:15:04.0230 8124  C:\Windows\System32\winlogon.exe - ok
    09:15:04.0246 8124  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
    09:15:04.0246 8124  C:\Windows\System32\winsta.dll - ok
    09:15:04.0246 8124  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
    09:15:04.0246 8124  C:\Windows\System32\lsass.exe - ok
    09:15:04.0246 8124  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
    09:15:04.0246 8124  C:\Windows\System32\sspicli.dll - ok
    09:15:04.0246 8124  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
    09:15:04.0246 8124  C:\Windows\System32\sspisrv.dll - ok
    09:15:04.0246 8124  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
    09:15:04.0246 8124  C:\Windows\System32\lsm.exe - ok
    09:15:04.0246 8124  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
    09:15:04.0246 8124  C:\Windows\System32\scesrv.dll - ok
    09:15:04.0246 8124  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
    09:15:04.0246 8124  C:\Windows\System32\scext.dll - ok
    09:15:04.0246 8124  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
    09:15:04.0246 8124  C:\Windows\System32\secur32.dll - ok
    09:15:04.0261 8124  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
    09:15:04.0261 8124  C:\Windows\System32\sysntfy.dll - ok
    09:15:04.0261 8124  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
    09:15:04.0261 8124  C:\Windows\System32\wmsgapi.dll - ok
    09:15:04.0261 8124  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
    09:15:04.0261 8124  C:\Windows\System32\lsasrv.dll - ok
    09:15:04.0261 8124  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
    09:15:04.0261 8124  C:\Windows\System32\srvcli.dll - ok
    09:15:04.0261 8124  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
    09:15:04.0261 8124  C:\Windows\System32\samsrv.dll - ok
    09:15:04.0261 8124  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
    09:15:04.0261 8124  C:\Windows\System32\cryptdll.dll - ok
    09:15:04.0261 8124  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
    09:15:04.0261 8124  C:\Windows\System32\wevtapi.dll - ok
    09:15:04.0261 8124  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
    09:15:04.0261 8124  C:\Windows\System32\cngaudit.dll - ok
    09:15:04.0277 8124  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
    09:15:04.0277 8124  C:\Windows\System32\authz.dll - ok
    09:15:04.0277 8124  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
    09:15:04.0277 8124  C:\Windows\System32\bcrypt.dll - ok
    09:15:04.0277 8124  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
    09:15:04.0277 8124  C:\Windows\System32\msprivs.dll - ok
    09:15:04.0277 8124  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
    09:15:04.0277 8124  C:\Windows\System32\ncrypt.dll - ok
    09:15:04.0277 8124  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
    09:15:04.0277 8124  C:\Windows\System32\negoexts.dll - ok
    09:15:04.0277 8124  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
    09:15:04.0277 8124  C:\Windows\System32\netjoin.dll - ok
    09:15:04.0277 8124  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
    09:15:04.0277 8124  C:\Windows\System32\kerberos.dll - ok
    09:15:04.0277 8124  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
    09:15:04.0277 8124  C:\Windows\System32\cryptsp.dll - ok
    09:15:04.0293 8124  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
    09:15:04.0293 8124  C:\Windows\System32\mswsock.dll - ok
    09:15:04.0293 8124  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
    09:15:04.0293 8124  C:\Windows\System32\atmfd.dll - ok
    09:15:04.0293 8124  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
    09:15:04.0293 8124  C:\Windows\System32\wship6.dll - ok
    09:15:04.0293 8124  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
    09:15:04.0293 8124  C:\Windows\System32\msv1_0.dll - ok
    09:15:04.0293 8124  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
    09:15:04.0293 8124  C:\Windows\System32\netlogon.dll - ok
    09:15:04.0293 8124  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
    09:15:04.0293 8124  C:\Windows\System32\dnsapi.dll - ok
    09:15:04.0293 8124  [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
    09:15:04.0293 8124  C:\Windows\System32\drivers\usbccgp.sys - ok
    09:15:04.0293 8124  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
    09:15:04.0293 8124  C:\Windows\System32\logoncli.dll - ok
    09:15:04.0308 8124  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
    09:15:04.0308 8124  C:\Windows\System32\schannel.dll - ok
    09:15:04.0308 8124  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
    09:15:04.0308 8124  C:\Windows\System32\wdigest.dll - ok
    09:15:04.0308 8124  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
    09:15:04.0308 8124  C:\Windows\System32\rsaenh.dll - ok
    09:15:04.0308 8124  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
    09:15:04.0308 8124  C:\Windows\System32\TSpkg.dll - ok
    09:15:04.0308 8124  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
    09:15:04.0308 8124  C:\Windows\System32\pku2u.dll - ok
    09:15:04.0308 8124  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
    09:15:04.0308 8124  C:\Windows\System32\bcryptprimitives.dll - ok
    09:15:04.0308 8124  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
    09:15:04.0308 8124  C:\Windows\System32\LIVESSP.DLL - ok
    09:15:04.0308 8124  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
    09:15:04.0308 8124  C:\Windows\System32\credssp.dll - ok
    09:15:04.0324 8124  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
    09:15:04.0324 8124  C:\Windows\System32\efslsaext.dll - ok
    09:15:04.0324 8124  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
    09:15:04.0324 8124  C:\Windows\System32\ubpm.dll - ok
    09:15:04.0324 8124  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
    09:15:04.0324 8124  C:\Windows\System32\scecli.dll - ok
    09:15:04.0324 8124  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
    09:15:04.0324 8124  C:\Windows\System32\svchost.exe - ok
    09:15:04.0324 8124  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
    09:15:04.0324 8124  C:\Windows\System32\umpnpmgr.dll - ok
    09:15:04.0324 8124  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
    09:15:04.0324 8124  C:\Windows\System32\SPInf.dll - ok
    09:15:04.0324 8124  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
    09:15:04.0324 8124  C:\Windows\System32\devrtl.dll - ok
    09:15:04.0324 8124  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
    09:15:04.0324 8124  C:\Windows\System32\gpapi.dll - ok
    09:15:04.0339 8124  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
    09:15:04.0339 8124  C:\Windows\System32\userenv.dll - ok
    09:15:04.0339 8124  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
    09:15:04.0339 8124  C:\Windows\System32\pcwum.dll - ok
    09:15:04.0339 8124  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
    09:15:04.0339 8124  C:\Windows\System32\umpo.dll - ok
    09:15:04.0339 8124  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
    09:15:04.0339 8124  C:\Windows\System32\powrprof.dll - ok
    09:15:04.0339 8124  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] C:\Windows\System32\drivers\lvuvc64.sys
    09:15:04.0339 8124  C:\Windows\System32\drivers\lvuvc64.sys - ok
    09:15:04.0339 8124  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
    09:15:04.0339 8124  C:\Windows\System32\drivers\luafv.sys - ok
    09:15:04.0339 8124  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
    09:15:04.0339 8124  C:\Windows\System32\drivers\USBAUDIO.sys - ok
    09:15:04.0339 8124  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
    09:15:04.0339 8124  C:\Windows\System32\drivers\WUDFPf.sys - ok
    09:15:04.0355 8124  [ 0C85B2B6FB74B36A251792D45E0EF860 ] C:\Windows\System32\drivers\lvrs64.sys
    09:15:04.0355 8124  C:\Windows\System32\drivers\lvrs64.sys - ok
    09:15:04.0355 8124  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
    09:15:04.0355 8124  C:\Windows\System32\rpcss.dll - ok
    09:15:04.0355 8124  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
    09:15:04.0355 8124  C:\Windows\System32\RpcEpMap.dll - ok
    09:15:04.0355 8124  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
    09:15:04.0355 8124  C:\Windows\System32\wshqos.dll - ok
    09:15:04.0355 8124  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
    09:15:04.0355 8124  C:\Windows\System32\WSHTCPIP.DLL - ok
    09:15:04.0355 8124  [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
    09:15:04.0355 8124  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
    09:15:04.0355 8124  [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
    09:15:04.0355 8124  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
    09:15:04.0371 8124  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
    09:15:04.0371 8124  C:\Windows\System32\FirewallAPI.dll - ok
    09:15:04.0371 8124  [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
    09:15:04.0371 8124  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
    09:15:04.0371 8124  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
    09:15:04.0371 8124  C:\Windows\System32\LogonUI.exe - ok
    09:15:04.0371 8124  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
    09:15:04.0371 8124  C:\Windows\System32\version.dll - ok
    09:15:04.0371 8124  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
    09:15:04.0371 8124  C:\Windows\System32\authui.dll - ok
    09:15:04.0371 8124  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
    09:15:04.0371 8124  C:\Windows\System32\wtsapi32.dll - ok
    09:15:04.0371 8124  [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
    09:15:04.0371 8124  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
    09:15:04.0371 8124  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
    09:15:04.0371 8124  C:\Windows\System32\ntmarta.dll - ok
    09:15:04.0386 8124  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
    09:15:04.0386 8124  C:\Windows\System32\cryptui.dll - ok
    09:15:04.0386 8124  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
    09:15:04.0386 8124  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
    09:15:04.0386 8124  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
    09:15:04.0386 8124  C:\Windows\System32\shacct.dll - ok
    09:15:04.0386 8124  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
    09:15:04.0386 8124  C:\Windows\System32\propsys.dll - ok
    09:15:04.0386 8124  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
    09:15:04.0386 8124  C:\Windows\System32\samlib.dll - ok
    09:15:04.0386 8124  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
    09:15:04.0386 8124  C:\Windows\System32\uxtheme.dll - ok
    09:15:04.0386 8124  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
    09:15:04.0386 8124  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
    09:15:04.0386 8124  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
    09:15:04.0386 8124  C:\Windows\System32\dui70.dll - ok
    09:15:04.0402 8124  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
    09:15:04.0402 8124  C:\Windows\System32\duser.dll - ok
    09:15:04.0402 8124  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
    09:15:04.0402 8124  C:\Windows\System32\hid.dll - ok
    09:15:04.0402 8124  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
    09:15:04.0402 8124  C:\Windows\System32\MMDevAPI.dll - ok
    09:15:04.0402 8124  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
    09:15:04.0402 8124  C:\Windows\System32\SndVolSSO.dll - ok
    09:15:04.0402 8124  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
    09:15:04.0402 8124  C:\Windows\System32\dwmapi.dll - ok
    09:15:04.0402 8124  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
    09:15:04.0402 8124  C:\Windows\System32\xmllite.dll - ok
    09:15:04.0402 8124  [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
    09:15:04.0402 8124  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
    09:15:04.0402 8124  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
    09:15:04.0402 8124  C:\Windows\System32\wevtsvc.dll - ok
    09:15:04.0417 8124  [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
    09:15:04.0417 8124  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
    09:15:04.0417 8124  [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
    09:15:04.0417 8124  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
    09:15:04.0417 8124  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
    09:15:04.0417 8124  C:\Windows\System32\fltLib.dll - ok
    09:15:04.0417 8124  [ 967BC3664DDC26959BD43A7B1681FF86 ] C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll
    09:15:04.0417 8124  C:\Program Files\Microsoft Security Client\NisIpsPlugin.dll - ok
    09:15:04.0417 8124  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
    09:15:04.0417 8124  C:\Windows\System32\drivers\MpFilter.sys - ok
    09:15:04.0417 8124  [ 5C00818741B2A76EB09AF08A5362277E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpengine.dll
    09:15:04.0417 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpengine.dll - ok
    09:15:04.0417 8124  [ B4E5B29CF31DF85DFEF25D41871DCEDC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpasbase.vdm
    09:15:04.0417 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpasbase.vdm - ok
    09:15:04.0433 8124  [ 14A769DFB1A34102D5B450A59D432C41 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpasdlta.vdm
    09:15:04.0433 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpasdlta.vdm - ok
    09:15:04.0433 8124  [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
    09:15:04.0433 8124  C:\Windows\System32\WindowsCodecs.dll - ok
    09:15:04.0433 8124  [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpavbase.vdm
    09:15:04.0433 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpavbase.vdm - ok
    09:15:04.0433 8124  [ 320FDB5C8C89FEDCE714C845B4775769 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpavdlta.vdm
    09:15:04.0433 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpavdlta.vdm - ok
    09:15:04.0433 8124  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
    09:15:04.0433 8124  C:\Windows\System32\winbrand.dll - ok
    09:15:04.0433 8124  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
    09:15:04.0433 8124  C:\Windows\System32\VaultCredProvider.dll - ok
    09:15:04.0433 8124  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
    09:15:04.0433 8124  C:\Windows\System32\BioCredProv.dll - ok
    09:15:04.0449 8124  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
    09:15:04.0449 8124  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
    09:15:04.0449 8124  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
    09:15:04.0449 8124  C:\Windows\System32\credui.dll - ok
    09:15:04.0449 8124  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
    09:15:04.0449 8124  C:\Windows\System32\winbio.dll - ok
    09:15:04.0449 8124  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
    09:15:04.0449 8124  C:\Windows\System32\netapi32.dll - ok
    09:15:04.0449 8124  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
    09:15:04.0449 8124  C:\Windows\System32\netutils.dll - ok
    09:15:04.0449 8124  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
    09:15:04.0449 8124  C:\Windows\System32\samcli.dll - ok
    09:15:04.0449 8124  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
    09:15:04.0449 8124  C:\Windows\System32\vaultcli.dll - ok
    09:15:04.0449 8124  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
    09:15:04.0449 8124  C:\Windows\System32\wkscli.dll - ok
    09:15:04.0464 8124  [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
    09:15:04.0464 8124  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
    09:15:04.0464 8124  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
    09:15:04.0464 8124  C:\Windows\System32\certCredProvider.dll - ok
    09:15:04.0464 8124  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
    09:15:04.0464 8124  C:\Windows\System32\rasplap.dll - ok
    09:15:04.0464 8124  [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
    09:15:04.0464 8124  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
    09:15:04.0464 8124  [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
    09:15:04.0464 8124  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
    09:15:04.0464 8124  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
    09:15:04.0464 8124  C:\Windows\System32\conhost.exe - ok
    09:15:04.0464 8124  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
    09:15:04.0464 8124  C:\Windows\System32\wscapi.dll - ok
    09:15:04.0480 8124  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
    09:15:04.0480 8124  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
    09:15:04.0480 8124  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
    09:15:04.0480 8124  C:\Windows\System32\rasapi32.dll - ok
    09:15:04.0480 8124  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
    09:15:04.0480 8124  C:\Windows\System32\rasman.dll - ok
    09:15:04.0480 8124  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
    09:15:04.0480 8124  C:\Windows\System32\rtutils.dll - ok
    09:15:04.0480 8124  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
    09:15:04.0480 8124  C:\Windows\System32\radardt.dll - ok
    09:15:04.0480 8124  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
    09:15:04.0480 8124  C:\Windows\System32\profsvc.dll - ok
    09:15:04.0480 8124  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
    09:15:04.0480 8124  C:\Windows\System32\adtschema.dll - ok
    09:15:04.0480 8124  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
    09:15:04.0480 8124  C:\Windows\System32\audiosrv.dll - ok
    09:15:04.0495 8124  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
    09:15:04.0495 8124  C:\Windows\System32\FntCache.dll - ok
    09:15:04.0495 8124  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
    09:15:04.0495 8124  C:\Windows\System32\oleacc.dll - ok
    09:15:04.0495 8124  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
    09:15:04.0495 8124  C:\Windows\System32\avrt.dll - ok
    09:15:04.0495 8124  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
    09:15:04.0495 8124  C:\Windows\System32\cabinet.dll - ok
    09:15:04.0495 8124  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
    09:15:04.0495 8124  C:\Windows\System32\mmcss.dll - ok
    09:15:04.0495 8124  [ 67A95B9D129ED5399E7965CD09CF30E7 ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
    09:15:04.0495 8124  C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe - ok
    09:15:04.0495 8124  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
    09:15:04.0495 8124  C:\Windows\SysWOW64\ntdll.dll - ok
    09:15:04.0495 8124  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
    09:15:04.0495 8124  C:\Windows\System32\p2pcollab.dll - ok
    09:15:04.0511 8124  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
    09:15:04.0511 8124  C:\Windows\System32\UIAutomationCore.dll - ok
    09:15:04.0511 8124  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
    09:15:04.0511 8124  C:\Windows\System32\wow64.dll - ok
    09:15:04.0511 8124  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
    09:15:04.0511 8124  C:\Windows\System32\wow64win.dll - ok
    09:15:04.0511 8124  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
    09:15:04.0511 8124  C:\Windows\System32\wow64cpu.dll - ok
    09:15:04.0511 8124  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
    09:15:04.0511 8124  C:\Windows\SysWOW64\kernel32.dll - ok
    09:15:04.0511 8124  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
    09:15:04.0511 8124  C:\Windows\SysWOW64\KernelBase.dll - ok
    09:15:04.0511 8124  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
    09:15:04.0511 8124  C:\Windows\SysWOW64\setupapi.dll - ok
    09:15:04.0527 8124  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\cfgmgr32.dll - ok
    09:15:04.0527 8124  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\msvcrt.dll - ok
    09:15:04.0527 8124  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\rpcrt4.dll - ok
    09:15:04.0527 8124  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\advapi32.dll - ok
    09:15:04.0527 8124  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\cryptbase.dll - ok
    09:15:04.0527 8124  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\sechost.dll - ok
    09:15:04.0527 8124  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\sspicli.dll - ok
    09:15:04.0527 8124  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
    09:15:04.0527 8124  C:\Windows\SysWOW64\gdi32.dll - ok
    09:15:04.0542 8124  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\user32.dll - ok
    09:15:04.0542 8124  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\lpk.dll - ok
    09:15:04.0542 8124  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\usp10.dll - ok
    09:15:04.0542 8124  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\oleaut32.dll - ok
    09:15:04.0542 8124  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\ole32.dll - ok
    09:15:04.0542 8124  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\devobj.dll - ok
    09:15:04.0542 8124  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\imm32.dll - ok
    09:15:04.0542 8124  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
    09:15:04.0542 8124  C:\Windows\SysWOW64\version.dll - ok
  2. To Be Continued...
     


#4 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 02 August 2013 - 10:04 AM

Remainder of TDSSKiller log:

 

09:15:04.0558 8124  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
09:15:04.0558 8124  C:\Windows\SysWOW64\msctf.dll - ok
09:15:04.0558 8124  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
09:15:04.0558 8124  C:\Windows\SysWOW64\wintrust.dll - ok
09:15:04.0558 8124  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
09:15:04.0558 8124  C:\Windows\System32\audiodg.exe - ok
09:15:04.0558 8124  [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
09:15:04.0558 8124  C:\Windows\SysWOW64\crypt32.dll - ok
09:15:04.0558 8124  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
09:15:04.0558 8124  C:\Windows\SysWOW64\msasn1.dll - ok
09:15:04.0558 8124  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
09:15:04.0558 8124  C:\Windows\System32\cscsvc.dll - ok
09:15:04.0558 8124  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
09:15:04.0558 8124  C:\Windows\System32\gpsvc.dll - ok
09:15:04.0558 8124  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
09:15:04.0558 8124  C:\Windows\System32\PeerDist.dll - ok
09:15:04.0573 8124  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
09:15:04.0573 8124  C:\Windows\System32\netprofm.dll - ok
09:15:04.0573 8124  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
09:15:04.0573 8124  C:\Windows\System32\winmm.dll - ok
09:15:04.0573 8124  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
09:15:04.0573 8124  C:\Windows\System32\MPSSVC.dll - ok
09:15:04.0573 8124  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
09:15:04.0573 8124  C:\Windows\System32\taskschd.dll - ok
09:15:04.0573 8124  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
09:15:04.0573 8124  C:\Windows\System32\nlaapi.dll - ok
09:15:04.0573 8124  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
09:15:04.0573 8124  C:\Windows\System32\atl.dll - ok
09:15:04.0573 8124  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
09:15:04.0573 8124  C:\Windows\System32\dsrole.dll - ok
09:15:04.0573 8124  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
09:15:04.0573 8124  C:\Windows\System32\themeservice.dll - ok
09:15:04.0589 8124  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
09:15:04.0589 8124  C:\Windows\System32\es.dll - ok
09:15:04.0589 8124  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
09:15:04.0589 8124  C:\Windows\System32\comres.dll - ok
09:15:04.0589 8124  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
09:15:04.0589 8124  C:\Windows\System32\Sens.dll - ok
09:15:04.0589 8124  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
09:15:04.0589 8124  C:\Windows\System32\slc.dll - ok
09:15:04.0589 8124  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
09:15:04.0589 8124  C:\Windows\System32\UXInit.dll - ok
09:15:04.0589 8124  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
09:15:04.0589 8124  C:\Windows\System32\ksuser.dll - ok
09:15:04.0589 8124  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
09:15:04.0589 8124  C:\Windows\System32\wdmaud.drv - ok
09:15:04.0589 8124  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
09:15:04.0589 8124  C:\Windows\System32\QAGENTRT.DLL - ok
09:15:04.0605 8124  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
09:15:04.0605 8124  C:\Windows\System32\AudioSes.dll - ok
09:15:04.0605 8124  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
09:15:04.0605 8124  C:\Windows\System32\midimap.dll - ok
09:15:04.0605 8124  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
09:15:04.0605 8124  C:\Windows\System32\msacm32.dll - ok
09:15:04.0605 8124  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
09:15:04.0605 8124  C:\Windows\System32\msacm32.drv - ok
09:15:04.0605 8124  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
09:15:04.0605 8124  C:\Windows\System32\mstask.dll - ok
09:15:04.0605 8124  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
09:15:04.0605 8124  C:\Windows\System32\uxsms.dll - ok
09:15:04.0605 8124  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
09:15:04.0605 8124  C:\Windows\System32\WUDFPlatform.dll - ok
09:15:04.0605 8124  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
09:15:04.0605 8124  C:\Windows\System32\WUDFSvc.dll - ok
09:15:04.0620 8124  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
09:15:04.0620 8124  C:\Windows\System32\drivers\lltdio.sys - ok
09:15:04.0620 8124  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
09:15:04.0620 8124  C:\Windows\System32\drivers\rspndr.sys - ok
09:15:04.0620 8124  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
09:15:04.0620 8124  C:\Windows\System32\IPHLPAPI.DLL - ok
09:15:04.0620 8124  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
09:15:04.0620 8124  C:\Windows\System32\lmhsvc.dll - ok
09:15:04.0620 8124  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
09:15:04.0620 8124  C:\Windows\System32\nsisvc.dll - ok
09:15:04.0620 8124  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
09:15:04.0620 8124  C:\Windows\System32\dhcpcore.dll - ok
09:15:04.0620 8124  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
09:15:04.0620 8124  C:\Windows\System32\nrpsrv.dll - ok
09:15:04.0620 8124  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
09:15:04.0620 8124  C:\Windows\System32\winnsi.dll - ok
09:15:04.0636 8124  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
09:15:04.0636 8124  C:\Windows\System32\dhcpcore6.dll - ok
09:15:04.0636 8124  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
09:15:04.0636 8124  C:\Windows\System32\imageres.dll - ok
09:15:04.0636 8124  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
09:15:04.0636 8124  C:\Windows\System32\AudioEng.dll - ok
09:15:04.0636 8124  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
09:15:04.0636 8124  C:\Windows\System32\fveui.dll - ok
09:15:04.0636 8124  [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
09:15:04.0636 8124  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
09:15:04.0636 8124  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
09:15:04.0636 8124  C:\Windows\System32\slwga.dll - ok
09:15:04.0636 8124  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
09:15:04.0636 8124  C:\Windows\System32\sppc.dll - ok
09:15:04.0651 8124  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
09:15:04.0651 8124  C:\Windows\System32\dnsrslvr.dll - ok
09:15:04.0651 8124  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
09:15:04.0651 8124  C:\Windows\System32\drivers\fltMgr.sys - ok
09:15:04.0651 8124  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
09:15:04.0651 8124  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
09:15:04.0651 8124  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
09:15:04.0651 8124  C:\Windows\System32\FWPUCLNT.DLL - ok
09:15:04.0651 8124  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
09:15:04.0651 8124  C:\Windows\System32\PSHED.DLL - ok
09:15:04.0651 8124  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
09:15:04.0651 8124  C:\Windows\System32\dnsext.dll - ok
09:15:04.0651 8124  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
09:15:04.0651 8124  C:\Windows\System32\dhcpcsvc6.dll - ok
09:15:04.0651 8124  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
09:15:04.0651 8124  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
09:15:04.0667 8124  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
09:15:04.0667 8124  C:\Windows\System32\dhcpcsvc.dll - ok
09:15:04.0667 8124  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
09:15:04.0667 8124  C:\Windows\System32\shsvcs.dll - ok
09:15:04.0667 8124  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
09:15:04.0667 8124  C:\Windows\System32\schedsvc.dll - ok
09:15:04.0667 8124  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
09:15:04.0667 8124  C:\Windows\System32\ktmw32.dll - ok
09:15:04.0667 8124  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
09:15:04.0667 8124  C:\Windows\System32\AUDIOKSE.dll - ok
09:15:04.0667 8124  [ 5CD5919930841EB81C92FEF84C3721F6 ] C:\Windows\System32\MBWrp64.dll
09:15:04.0667 8124  C:\Windows\System32\MBWrp64.dll - ok
09:15:04.0667 8124  [ 25D74864274539330DCC4234140D11AF ] C:\Windows\System32\MBAPO64.dll
09:15:04.0667 8124  C:\Windows\System32\MBAPO64.dll - ok
09:15:04.0667 8124  [ EBB3AF12156D523A0581A143B546143F ] C:\Windows\System32\RtkAPO64.dll
09:15:04.0667 8124  C:\Windows\System32\RtkAPO64.dll - ok
09:15:04.0683 8124  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
09:15:04.0683 8124  C:\Windows\System32\nlasvc.dll - ok
09:15:04.0683 8124  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
09:15:04.0683 8124  C:\Windows\System32\NapiNSP.dll - ok
09:15:04.0683 8124  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
09:15:04.0683 8124  C:\Windows\System32\pnrpnsp.dll - ok
09:15:04.0683 8124  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
09:15:04.0683 8124  C:\Windows\System32\taskcomp.dll - ok
09:15:04.0683 8124  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
09:15:04.0683 8124  C:\Windows\System32\fveapi.dll - ok
09:15:04.0683 8124  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
09:15:04.0683 8124  C:\Windows\System32\fvecerts.dll - ok
09:15:04.0683 8124  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
09:15:04.0683 8124  C:\Windows\System32\tbs.dll - ok
09:15:04.0683 8124  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
09:15:04.0683 8124  C:\Windows\System32\drivers\http.sys - ok
09:15:04.0698 8124  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
09:15:04.0698 8124  C:\Windows\System32\wiarpc.dll - ok
09:15:04.0698 8124  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
09:15:04.0698 8124  C:\Windows\System32\WMALFXGFXDSP.dll - ok
09:15:04.0698 8124  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
09:15:04.0698 8124  C:\Windows\System32\spoolsv.exe - ok
09:15:04.0698 8124  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
09:15:04.0698 8124  C:\Windows\System32\BFE.DLL - ok
09:15:04.0698 8124  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
09:15:04.0698 8124  C:\Windows\System32\drivers\bowser.sys - ok
09:15:04.0698 8124  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
09:15:04.0698 8124  C:\Windows\System32\drivers\mpsdrv.sys - ok
09:15:04.0698 8124  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
09:15:04.0698 8124  C:\Windows\System32\drivers\mrxsmb.sys - ok
09:15:04.0714 8124  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
09:15:04.0714 8124  C:\Windows\System32\wfapigp.dll - ok
09:15:04.0714 8124  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
09:15:04.0714 8124  C:\Windows\System32\drivers\mrxsmb10.sys - ok
09:15:04.0714 8124  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
09:15:04.0714 8124  C:\Windows\System32\drivers\mrxsmb20.sys - ok
09:15:04.0714 8124  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
09:15:04.0714 8124  C:\Windows\System32\mscms.dll - ok
09:15:04.0714 8124  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
09:15:04.0714 8124  C:\Windows\System32\pcasvc.dll - ok
09:15:04.0714 8124  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
09:15:04.0714 8124  C:\Windows\System32\wkssvc.dll - ok
09:15:04.0714 8124  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:15:04.0714 8124  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
09:15:04.0714 8124  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
09:15:04.0714 8124  C:\Windows\System32\mfplat.dll - ok
09:15:04.0729 8124  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
09:15:04.0729 8124  C:\Windows\System32\snmptrap.exe - ok
09:15:04.0729 8124  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
09:15:04.0729 8124  C:\Windows\SysWOW64\shell32.dll - ok
09:15:04.0729 8124  [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
09:15:04.0729 8124  C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
09:15:04.0729 8124  [ 0BA4D8CE0C214F7208E72B3B8F8B7895 ] C:\Windows\System32\vpc.exe
09:15:04.0729 8124  C:\Windows\System32\vpc.exe - ok
09:15:04.0729 8124  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
09:15:04.0729 8124  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
09:15:04.0729 8124  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
09:15:04.0729 8124  C:\Windows\System32\PeerDistSh.dll - ok
09:15:04.0729 8124  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
09:15:04.0729 8124  C:\Windows\System32\sstpsvc.dll - ok
09:15:04.0729 8124  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
09:15:04.0729 8124  C:\Windows\System32\provsvc.dll - ok
09:15:04.0745 8124  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
09:15:04.0745 8124  C:\Windows\SysWOW64\shlwapi.dll - ok
09:15:04.0745 8124  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
09:15:04.0745 8124  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
09:15:04.0745 8124  [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
09:15:04.0745 8124  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
09:15:04.0745 8124  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
09:15:04.0745 8124  C:\Windows\System32\dps.dll - ok
09:15:04.0745 8124  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
09:15:04.0745 8124  C:\Windows\System32\FDResPub.dll - ok
09:15:04.0745 8124  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
09:15:04.0745 8124  C:\Windows\System32\cryptsvc.dll - ok
09:15:04.0745 8124  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
09:15:04.0745 8124  C:\Windows\System32\WSDApi.dll - ok
09:15:04.0761 8124  [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
09:15:04.0761 8124  C:\Windows\System32\cryptnet.dll - ok
09:15:04.0761 8124  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
09:15:04.0761 8124  C:\Windows\System32\vssapi.dll - ok
09:15:04.0761 8124  [ 837608240884733792DDAE81E50B802A ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
09:15:04.0761 8124  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok
09:15:04.0761 8124  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
09:15:04.0761 8124  C:\Windows\System32\webservices.dll - ok
09:15:04.0761 8124  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
09:15:04.0761 8124  C:\Windows\System32\fundisc.dll - ok
09:15:04.0761 8124  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
09:15:04.0761 8124  C:\Windows\System32\vsstrace.dll - ok
09:15:04.0761 8124  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
09:15:04.0761 8124  C:\Windows\System32\winhttp.dll - ok
09:15:04.0761 8124  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
09:15:04.0761 8124  C:\Windows\System32\webio.dll - ok
09:15:04.0776 8124  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
09:15:04.0776 8124  C:\Windows\System32\httpapi.dll - ok
09:15:04.0776 8124  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
09:15:04.0776 8124  C:\Windows\System32\msxml6.dll - ok
09:15:04.0776 8124  [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
09:15:04.0776 8124  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
09:15:04.0776 8124  [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
09:15:04.0776 8124  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
09:15:04.0776 8124  [ D6D4130C0BBC0D18C2DA703CC38260A9 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlos.dll
09:15:04.0776 8124  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlos.dll - ok
09:15:04.0776 8124  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
09:15:04.0776 8124  C:\Windows\SysWOW64\secur32.dll - ok
09:15:04.0776 8124  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
09:15:04.0776 8124  C:\Windows\SysWOW64\userenv.dll - ok
09:15:04.0776 8124  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\profapi.dll - ok
09:15:04.0792 8124  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\winmm.dll - ok
09:15:04.0792 8124  [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\opends60.dll
09:15:04.0792 8124  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\opends60.dll - ok
09:15:04.0792 8124  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\netapi32.dll - ok
09:15:04.0792 8124  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\netutils.dll - ok
09:15:04.0792 8124  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\srvcli.dll - ok
09:15:04.0792 8124  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\wkscli.dll - ok
09:15:04.0792 8124  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
09:15:04.0792 8124  C:\Windows\SysWOW64\logoncli.dll - ok
09:15:04.0807 8124  [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\instapi.dll
09:15:04.0807 8124  C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\instapi.dll - ok
09:15:04.0807 8124  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
09:15:04.0807 8124  C:\Windows\SysWOW64\psapi.dll - ok
09:15:04.0807 8124  [ 1AF54261C283BAFB021B3D84A7BAE978 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\SQLBOOT.dll
09:15:04.0807 8124  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok
09:15:04.0807 8124  [ 162100E0BC8377710F9D170631921C03 ] C:\Windows\System32\drivers\NisDrvWFP.sys
09:15:04.0807 8124  C:\Windows\System32\drivers\NisDrvWFP.sys - ok
09:15:04.0807 8124  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
09:15:04.0807 8124  C:\Windows\SysWOW64\cscapi.dll - ok
09:15:04.0807 8124  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
09:15:04.0807 8124  C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe - ok
09:15:04.0807 8124  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
09:15:04.0807 8124  C:\Windows\System32\ncsi.dll - ok
09:15:04.0807 8124  [ 247FE8DEFBB95A4319C7B4B215F92891 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll
09:15:04.0807 8124  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
09:15:04.0823 8124  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
09:15:04.0823 8124  C:\Windows\System32\ssdpapi.dll - ok
09:15:04.0823 8124  [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll
09:15:04.0823 8124  C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll - ok
09:15:04.0823 8124  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
09:15:04.0823 8124  C:\Windows\System32\wsock32.dll - ok
09:15:04.0823 8124  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
09:15:04.0823 8124  C:\Windows\System32\aepic.dll - ok
09:15:04.0823 8124  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
09:15:04.0823 8124  C:\Windows\System32\sfc.dll - ok
09:15:04.0823 8124  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
09:15:04.0823 8124  C:\Windows\System32\sfc_os.dll - ok
09:15:04.0823 8124  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
09:15:04.0823 8124  C:\Windows\System32\drivers\PEAuth.sys - ok
09:15:04.0839 8124  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
09:15:04.0839 8124  C:\Windows\System32\drivers\secdrv.sys - ok
09:15:04.0839 8124  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
09:15:04.0839 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe - ok
09:15:04.0839 8124  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
09:15:04.0839 8124  C:\Windows\SysWOW64\ws2_32.dll - ok
09:15:04.0839 8124  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
09:15:04.0839 8124  C:\Windows\SysWOW64\wtsapi32.dll - ok
09:15:04.0839 8124  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
09:15:04.0839 8124  C:\Windows\SysWOW64\nsi.dll - ok
09:15:04.0839 8124  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
09:15:04.0839 8124  C:\Windows\System32\aeevts.dll - ok
09:15:04.0839 8124  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
09:15:04.0839 8124  C:\Windows\SysWOW64\clbcatq.dll - ok
09:15:04.0839 8124  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
09:15:04.0839 8124  C:\Windows\SysWOW64\cryptsp.dll - ok
09:15:04.0854 8124  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
09:15:04.0854 8124  C:\Windows\SysWOW64\rsaenh.dll - ok
09:15:04.0854 8124  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
09:15:04.0854 8124  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
09:15:04.0854 8124  [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\offreg.dll
09:15:04.0854 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\offreg.dll - ok
09:15:04.0854 8124  [ 086B869003A203208E5BE8FA1B3D1957 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll
09:15:04.0854 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll - ok
09:15:04.0854 8124  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
09:15:04.0854 8124  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
09:15:04.0854 8124  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
09:15:04.0854 8124  C:\Windows\SysWOW64\wbemcomn.dll - ok
09:15:04.0854 8124  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
09:15:04.0854 8124  C:\Windows\System32\dllhost.exe - ok
09:15:04.0854 8124  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
09:15:04.0854 8124  C:\Windows\SysWOW64\msxml3.dll - ok
09:15:04.0870 8124  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
09:15:04.0870 8124  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
09:15:04.0870 8124  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
09:15:04.0870 8124  C:\Windows\System32\IDStore.dll - ok
09:15:04.0870 8124  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
09:15:04.0870 8124  C:\Windows\System32\mpr.dll - ok
09:15:04.0870 8124  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
09:15:04.0870 8124  C:\Windows\System32\taskhost.exe - ok
09:15:04.0870 8124  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
09:15:04.0870 8124  C:\Windows\System32\MsCtfMonitor.dll - ok
09:15:04.0870 8124  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
09:15:04.0870 8124  C:\Windows\System32\taskeng.exe - ok
09:15:04.0870 8124  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
09:15:04.0870 8124  C:\Windows\System32\msutb.dll - ok
09:15:04.0885 8124  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
09:15:04.0885 8124  C:\Windows\System32\userinit.exe - ok
09:15:04.0885 8124  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
09:15:04.0885 8124  C:\Windows\System32\dwm.exe - ok
09:15:04.0885 8124  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
09:15:04.0885 8124  C:\Windows\System32\dwmredir.dll - ok
09:15:04.0885 8124  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
09:15:04.0885 8124  C:\Windows\System32\dwmcore.dll - ok
09:15:04.0885 8124  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
09:15:04.0885 8124  C:\Windows\SysWOW64\winsta.dll - ok
09:15:04.0885 8124  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
09:15:04.0885 8124  C:\Windows\System32\HotStartUserAgent.dll - ok
09:15:04.0885 8124  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
09:15:04.0885 8124  C:\Windows\System32\PlaySndSrv.dll - ok
09:15:04.0885 8124  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
09:15:04.0885 8124  C:\Windows\System32\esent.dll - ok
09:15:04.0901 8124  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
09:15:04.0901 8124  C:\Windows\System32\TSChannel.dll - ok
09:15:04.0901 8124  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
09:15:04.0901 8124  C:\Windows\System32\d3d10_1.dll - ok
09:15:04.0901 8124  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
09:15:04.0901 8124  C:\Windows\explorer.exe - ok
09:15:04.0901 8124  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
09:15:04.0901 8124  C:\Windows\System32\d3d10_1core.dll - ok
09:15:04.0901 8124  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
09:15:04.0901 8124  C:\Windows\System32\dxgi.dll - ok
09:15:04.0901 8124  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
09:15:04.0901 8124  C:\Windows\SysWOW64\ntmarta.dll - ok
09:15:04.0901 8124  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
09:15:04.0901 8124  C:\Windows\SysWOW64\Wldap32.dll - ok
09:15:04.0901 8124  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
09:15:04.0901 8124  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
09:15:04.0917 8124  [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
09:15:04.0917 8124  C:\Windows\System32\d3d11.dll - ok
09:15:04.0917 8124  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
09:15:04.0917 8124  C:\Windows\System32\ExplorerFrame.dll - ok
09:15:04.0917 8124  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\sqlbrowser.exe
09:15:04.0917 8124  C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\sqlbrowser.exe - ok
09:15:04.0917 8124  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
09:15:04.0917 8124  C:\Windows\SysWOW64\wship6.dll - ok
09:15:04.0917 8124  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
09:15:04.0917 8124  C:\Windows\SysWOW64\wshqos.dll - ok
09:15:04.0917 8124  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
09:15:04.0917 8124  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
09:15:04.0917 8124  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
09:15:04.0917 8124  C:\Windows\SysWOW64\mswsock.dll - ok
09:15:04.0917 8124  [ 3C432A96363097870995E2A3C8B66ABD ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:15:04.0917 8124  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
09:15:04.0932 8124  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
09:15:04.0932 8124  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
09:15:04.0932 8124  [ D8EB517679EB142F011D2FD56EE94C68 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
09:15:04.0932 8124  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
09:15:04.0932 8124  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
09:15:04.0932 8124  C:\Windows\System32\drivers\srvnet.sys - ok
09:15:04.0932 8124  [ 1261A900CF73B8E3DC05EF8220282D8E ] C:\Windows\System32\igd10umd64.dll
09:15:04.0932 8124  C:\Windows\System32\igd10umd64.dll - ok
09:15:04.0932 8124  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
09:15:04.0932 8124  C:\Windows\System32\drivers\tcpipreg.sys - ok
09:15:04.0932 8124  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
09:15:04.0932 8124  C:\Windows\System32\sysmain.dll - ok
09:15:04.0932 8124  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
09:15:04.0932 8124  C:\Windows\System32\wiaservc.dll - ok
09:15:04.0948 8124  [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
09:15:04.0948 8124  C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe - ok
09:15:04.0948 8124  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
09:15:04.0948 8124  C:\Windows\System32\wiatrace.dll - ok
09:15:04.0948 8124  [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
09:15:04.0948 8124  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
09:15:04.0948 8124  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
09:15:04.0948 8124  C:\Windows\SysWOW64\apphelp.dll - ok
09:15:04.0948 8124  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
09:15:04.0948 8124  C:\Windows\SysWOW64\mpr.dll - ok
09:15:04.0948 8124  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
09:15:04.0948 8124  C:\Windows\SysWOW64\SensApi.dll - ok
09:15:04.0948 8124  [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
09:15:04.0948 8124  C:\Windows\SysWOW64\wininet.dll - ok
09:15:04.0948 8124  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
09:15:04.0948 8124  C:\Windows\System32\uDWM.dll - ok
09:15:04.0963 8124  [ 4CE5F7A4038000239E2773ADD8A71B33 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
09:15:04.0963 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe - ok
09:15:04.0963 8124  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
09:15:04.0963 8124  C:\Windows\System32\EhStorShell.dll - ok
09:15:04.0963 8124  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
09:15:04.0963 8124  C:\Windows\SysWOW64\uxtheme.dll - ok
09:15:04.0963 8124  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
09:15:04.0963 8124  C:\Windows\SysWOW64\dwmapi.dll - ok
09:15:04.0963 8124  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
09:15:04.0963 8124  C:\Windows\System32\cscui.dll - ok
09:15:04.0963 8124  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
09:15:04.0963 8124  C:\Windows\System32\cscdll.dll - ok
09:15:04.0963 8124  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
09:15:04.0963 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
09:15:04.0979 8124  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
09:15:04.0979 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
09:15:04.0979 8124  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
09:15:04.0979 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
09:15:04.0979 8124  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
09:15:04.0979 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
09:15:04.0979 8124  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
09:15:04.0979 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
09:15:04.0979 8124  [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
09:15:04.0979 8124  C:\Windows\SysWOW64\iertutil.dll - ok
09:15:04.0979 8124  [ 28968739C9027D8B7E8EBFE9898BA629 ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe
09:15:04.0979 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe - ok
09:15:04.0979 8124  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
09:15:04.0979 8124  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
09:15:04.0995 8124  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
09:15:04.0995 8124  C:\Windows\SysWOW64\winnsi.dll - ok
09:15:04.0995 8124  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
09:15:04.0995 8124  C:\Windows\SysWOW64\imagehlp.dll - ok
09:15:04.0995 8124  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
09:15:04.0995 8124  C:\Windows\SysWOW64\msimg32.dll - ok
09:15:04.0995 8124  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
09:15:04.0995 8124  C:\Windows\SysWOW64\shfolder.dll - ok
09:15:04.0995 8124  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
09:15:04.0995 8124  C:\Windows\System32\trkwks.dll - ok
09:15:04.0995 8124  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:15:04.0995 8124  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
09:15:04.0995 8124  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
09:15:04.0995 8124  C:\Windows\System32\wbem\WMIsvc.dll - ok
09:15:04.0995 8124  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
09:15:04.0995 8124  C:\Windows\System32\wbemcomn.dll - ok
09:15:05.0010 8124  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
09:15:05.0010 8124  C:\Windows\System32\wbem\WinMgmtR.dll - ok
09:15:05.0010 8124  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
09:15:05.0010 8124  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
09:15:05.0010 8124  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
09:15:05.0010 8124  C:\Windows\System32\wbem\wbemcore.dll - ok
09:15:05.0010 8124  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
09:15:05.0010 8124  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
09:15:05.0010 8124  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
09:15:05.0010 8124  C:\Windows\SysWOW64\comdlg32.dll - ok
09:15:05.0010 8124  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
09:15:05.0010 8124  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
09:15:05.0010 8124  [ 0243BBD8B67F716EE467E86B917DDD09 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
09:15:05.0010 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe - ok
09:15:05.0010 8124  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
09:15:05.0010 8124  C:\Windows\SysWOW64\winspool.drv - ok
09:15:05.0026 8124  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
09:15:05.0026 8124  C:\Windows\System32\SensApi.dll - ok
09:15:05.0026 8124  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
09:15:05.0026 8124  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
09:15:05.0026 8124  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
09:15:05.0026 8124  C:\Windows\System32\wer.dll - ok
09:15:05.0026 8124  [ F3F571288CDE445881102E385BF3471F ] C:\Windows\SysWOW64\Magnification.dll
09:15:05.0026 8124  C:\Windows\SysWOW64\Magnification.dll - ok
09:15:05.0026 8124  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
09:15:05.0026 8124  C:\Windows\SysWOW64\oleacc.dll - ok
09:15:05.0026 8124  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
09:15:05.0026 8124  C:\Windows\System32\WinSCard.dll - ok
09:15:05.0026 8124  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
09:15:05.0026 8124  C:\Windows\SysWOW64\d3d9.dll - ok
09:15:05.0041 8124  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
09:15:05.0041 8124  C:\Windows\AppPatch\AcLayers.dll - ok
09:15:05.0041 8124  [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
09:15:05.0041 8124  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
09:15:05.0041 8124  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
09:15:05.0041 8124  C:\Windows\System32\msxml3.dll - ok
09:15:05.0041 8124  [ 400B0812687086AEAEFF7D50673A4BFD ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe
09:15:05.0041 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe - ok
09:15:05.0041 8124  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
09:15:05.0041 8124  C:\Windows\System32\drivers\srv2.sys - ok
09:15:05.0041 8124  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
09:15:05.0041 8124  C:\Windows\System32\drivers\srv.sys - ok
09:15:05.0041 8124  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
09:15:05.0041 8124  C:\Windows\SysWOW64\browcli.dll - ok
09:15:05.0041 8124  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
09:15:05.0041 8124  C:\Windows\SysWOW64\d3d8thk.dll - ok
09:15:05.0057 8124  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\samcli.dll - ok
09:15:05.0057 8124  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\authz.dll - ok
09:15:05.0057 8124  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\mscoree.dll - ok
09:15:05.0057 8124  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
09:15:05.0057 8124  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
09:15:05.0057 8124  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\oledlg.dll - ok
09:15:05.0057 8124  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\propsys.dll - ok
09:15:05.0057 8124  [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\urlmon.dll - ok
09:15:05.0057 8124  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
09:15:05.0057 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
09:15:05.0073 8124  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
09:15:05.0073 8124  [ 02CB65DB3C16CB874B04F6B5BA734A7C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe
09:15:05.0073 8124  C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe - ok
09:15:05.0073 8124  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\ncrypt.dll - ok
09:15:05.0073 8124  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\bcrypt.dll - ok
09:15:05.0073 8124  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
09:15:05.0073 8124  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\gpapi.dll - ok
09:15:05.0073 8124  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
09:15:05.0073 8124  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
09:15:05.0088 8124  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
09:15:05.0088 8124  C:\Windows\SysWOW64\NapiNSP.dll - ok
09:15:05.0088 8124  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
09:15:05.0088 8124  C:\Windows\SysWOW64\nlaapi.dll - ok
09:15:05.0088 8124  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
09:15:05.0088 8124  C:\Windows\SysWOW64\pnrpnsp.dll - ok
09:15:05.0088 8124  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
09:15:05.0088 8124  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
09:15:05.0088 8124  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
09:15:05.0088 8124  C:\Windows\System32\cscapi.dll - ok
09:15:05.0088 8124  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
09:15:05.0088 8124  C:\Windows\SysWOW64\dnsapi.dll - ok
09:15:05.0088 8124  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
09:15:05.0088 8124  C:\Windows\System32\wbem\esscli.dll - ok
09:15:05.0088 8124  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
09:15:05.0088 8124  C:\Windows\System32\wbem\fastprox.dll - ok
09:15:05.0104 8124  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
09:15:05.0104 8124  C:\Windows\System32\wbem\wbemprox.dll - ok
09:15:05.0104 8124  [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
09:15:05.0104 8124  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
09:15:05.0104 8124  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
09:15:05.0104 8124  C:\Windows\SysWOW64\winrnr.dll - ok
09:15:05.0104 8124  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
09:15:05.0104 8124  C:\Windows\System32\ntshrui.dll - ok
09:15:05.0104 8124  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
09:15:05.0104 8124  C:\Windows\System32\IconCodecService.dll - ok
09:15:05.0104 8124  [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
09:15:05.0104 8124  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
09:15:05.0104 8124  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
09:15:05.0104 8124  C:\Windows\SysWOW64\credssp.dll - ok
09:15:05.0119 8124  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
09:15:05.0119 8124  C:\Windows\SysWOW64\msv1_0.dll - ok
09:15:05.0119 8124  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
09:15:05.0119 8124  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
09:15:05.0119 8124  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
09:15:05.0119 8124  C:\Windows\System32\drivers\fastfat.sys - ok
09:15:05.0119 8124  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
09:15:05.0119 8124  C:\Windows\System32\ntdsapi.dll - ok
09:15:05.0119 8124  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
09:15:05.0119 8124  C:\Windows\SysWOW64\cryptdll.dll - ok
09:15:05.0119 8124  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
09:15:05.0119 8124  C:\Windows\SysWOW64\rasadhlp.dll - ok
09:15:05.0119 8124  [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
09:15:05.0119 8124  C:\Windows\SysWOW64\kerberos.dll - ok
09:15:05.0119 8124  [ 780836BB63852990382DF27DE7FEFD20 ] C:\Windows\System32\bcdedit.exe
09:15:05.0119 8124  C:\Windows\System32\bcdedit.exe - ok
09:15:05.0135 8124  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
09:15:05.0135 8124  C:\Windows\System32\dssenh.dll - ok
09:15:05.0135 8124  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
09:15:05.0135 8124  C:\Windows\System32\iphlpsvc.dll - ok
09:15:05.0135 8124  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
09:15:05.0135 8124  C:\Windows\System32\wbem\wbemsvc.dll - ok
09:15:05.0135 8124  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
09:15:05.0135 8124  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
09:15:05.0135 8124  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
09:15:05.0135 8124  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
09:15:05.0135 8124  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
09:15:05.0135 8124  C:\Windows\System32\sqmapi.dll - ok
09:15:05.0135 8124  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
09:15:05.0135 8124  C:\Windows\SysWOW64\schannel.dll - ok
09:15:05.0135 8124  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
09:15:05.0135 8124  C:\Windows\System32\wdscore.dll - ok
09:15:05.0151 8124  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
09:15:05.0151 8124  C:\Windows\SysWOW64\security.dll - ok
09:15:05.0151 8124  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
09:15:05.0151 8124  C:\Windows\SysWOW64\ntdsapi.dll - ok
09:15:05.0151 8124  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
09:15:05.0151 8124  C:\Windows\System32\srvsvc.dll - ok
09:15:05.0151 8124  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
09:15:05.0151 8124  C:\Windows\System32\browser.dll - ok
09:15:05.0151 8124  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
09:15:05.0151 8124  C:\Windows\System32\netmsg.dll - ok
09:15:05.0151 8124  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
09:15:05.0151 8124  C:\Windows\System32\wbem\wmiutils.dll - ok
09:15:05.0151 8124  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
09:15:05.0151 8124  C:\Windows\System32\sscore.dll - ok
09:15:05.0151 8124  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
09:15:05.0151 8124  C:\Windows\System32\wbem\repdrvfs.dll - ok
09:15:05.0166 8124  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
09:15:05.0166 8124  C:\Windows\System32\clusapi.dll - ok
09:15:05.0166 8124  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
09:15:05.0166 8124  C:\Windows\System32\resutils.dll - ok
09:15:05.0166 8124  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
09:15:05.0166 8124  C:\Windows\System32\netcfgx.dll - ok
09:15:05.0166 8124  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
09:15:05.0166 8124  C:\Windows\System32\hnetcfg.dll - ok
09:15:05.0166 8124  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
09:15:05.0166 8124  C:\Windows\System32\nci.dll - ok
09:15:05.0166 8124  [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
09:15:05.0166 8124  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
09:15:05.0166 8124  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
09:15:05.0166 8124  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
09:15:05.0182 8124  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
09:15:05.0182 8124  C:\Windows\System32\ncobjapi.dll - ok
09:15:05.0182 8124  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
09:15:05.0182 8124  C:\Windows\System32\wbem\wbemess.dll - ok
09:15:05.0182 8124  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
09:15:05.0182 8124  C:\Windows\System32\winspool.drv - ok
09:15:05.0182 8124  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
09:15:05.0182 8124  C:\Windows\System32\rasadhlp.dll - ok
09:15:05.0182 8124  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
09:15:05.0182 8124  C:\Windows\System32\umb.dll - ok
09:15:05.0182 8124  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
09:15:05.0182 8124  C:\Windows\System32\localspl.dll - ok
09:15:05.0182 8124  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
09:15:05.0182 8124  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
09:15:05.0182 8124  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
09:15:05.0182 8124  C:\Windows\System32\spoolss.dll - ok
09:15:05.0197 8124  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
09:15:05.0197 8124  C:\Windows\System32\PrintIsolationProxy.dll - ok
09:15:05.0197 8124  [ B91BAB2B9086CF4B15DA08AA139C1A2F ] C:\Windows\System32\AdobePDF.dll
09:15:05.0197 8124  C:\Windows\System32\AdobePDF.dll - ok
09:15:05.0197 8124  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
09:15:05.0197 8124  C:\Windows\System32\FXSMON.dll - ok
09:15:05.0197 8124  [ 2E5353B4C22105C59484A927A3D064C7 ] C:\Windows\System32\PJLMON.DLL
09:15:05.0197 8124  C:\Windows\System32\PJLMON.DLL - ok
09:15:05.0197 8124  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
09:15:05.0197 8124  C:\Windows\System32\wbem\cimwin32.dll - ok
09:15:05.0197 8124  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
09:15:05.0197 8124  C:\Windows\System32\tcpmon.dll - ok
09:15:05.0197 8124  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
09:15:05.0197 8124  C:\Windows\System32\snmpapi.dll - ok
09:15:05.0197 8124  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
09:15:05.0197 8124  C:\Windows\System32\usbmon.dll - ok
09:15:05.0213 8124  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
09:15:05.0213 8124  C:\Windows\System32\wsnmp32.dll - ok
09:15:05.0213 8124  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
09:15:05.0213 8124  C:\Windows\System32\WSDMon.dll - ok
09:15:05.0213 8124  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
09:15:05.0213 8124  C:\Windows\System32\fdPnp.dll - ok
09:15:05.0213 8124  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
09:15:05.0213 8124  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
09:15:05.0213 8124  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
09:15:05.0213 8124  C:\Windows\System32\win32spl.dll - ok
09:15:05.0213 8124  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
09:15:05.0213 8124  C:\Windows\System32\framedynos.dll - ok
09:15:05.0213 8124  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
09:15:05.0213 8124  C:\Windows\System32\inetpp.dll - ok
09:15:05.0213 8124  [ 0A473BEFD39B78EDD82C2BDA84529ADA ] C:\Windows\System32\wbem\Win32_EncryptableVolume.dll
09:15:05.0213 8124  C:\Windows\System32\wbem\Win32_EncryptableVolume.dll - ok
09:15:05.0229 8124  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
09:15:05.0229 8124  C:\Windows\System32\wmi.dll - ok
09:15:05.0229 8124  [ E03082BF43266EAC72E2CD3BC1283F24 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
09:15:05.0229 8124  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
09:15:05.0229 8124  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
09:15:05.0229 8124  C:\Windows\System32\npmproxy.dll - ok
09:15:05.0229 8124  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
09:15:05.0229 8124  C:\Windows\System32\winrnr.dll - ok
09:15:05.0229 8124  [ C6E15F2F95F9C0A6098D43510B604E52 ] C:\Program Files\Microsoft Security Client\NisSrv.exe
09:15:05.0229 8124  C:\Program Files\Microsoft Security Client\NisSrv.exe - ok
09:15:05.0229 8124  [ 6BF27D309C6077F1E8A7747B49F7B17F ] C:\Program Files\Microsoft Security Client\NisLog.dll
09:15:05.0229 8124  C:\Program Files\Microsoft Security Client\NisLog.dll - ok
09:15:05.0229 8124  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
09:15:05.0229 8124  C:\Windows\System32\appinfo.dll - ok
09:15:05.0244 8124  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
09:15:05.0244 8124  C:\Windows\System32\aelupsvc.dll - ok
09:15:05.0244 8124  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
09:15:05.0244 8124  C:\Windows\System32\wdi.dll - ok
09:15:05.0244 8124  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
09:15:05.0244 8124  C:\Windows\System32\IPSECSVC.DLL - ok
09:15:05.0244 8124  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
09:15:05.0244 8124  C:\Windows\System32\perftrack.dll - ok
09:15:05.0244 8124  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
09:15:05.0244 8124  C:\Windows\System32\wpdbusenum.dll - ok
09:15:05.0244 8124  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
09:15:05.0244 8124  C:\Windows\System32\diagperf.dll - ok
09:15:05.0244 8124  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
09:15:05.0244 8124  C:\Windows\System32\PortableDeviceApi.dll - ok
09:15:05.0244 8124  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
09:15:05.0244 8124  C:\Windows\System32\FwRemoteSvr.dll - ok
09:15:05.0260 8124  [ 44C1FDD56432AEC7425A35EE0734BA4C ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\gapaengine.dll
09:15:05.0260 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\gapaengine.dll - ok
09:15:05.0260 8124  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
09:15:05.0260 8124  C:\Windows\System32\pnpts.dll - ok
09:15:05.0260 8124  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
09:15:05.0260 8124  C:\Windows\System32\runonce.exe - ok
09:15:05.0260 8124  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
09:15:05.0260 8124  C:\Windows\System32\wdiasqmmodule.dll - ok
09:15:05.0260 8124  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
09:15:05.0260 8124  C:\Windows\SysWOW64\runonce.exe - ok
09:15:05.0260 8124  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
09:15:05.0260 8124  C:\Windows\SysWOW64\cmd.exe - ok
09:15:05.0260 8124  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
09:15:05.0260 8124  C:\Windows\System32\dimsjob.dll - ok
09:15:05.0260 8124  [ 35CB97CBC3EDC463418ED4997AAB29B6 ] C:\Windows\System32\pautoenr.dll
09:15:05.0260 8124  C:\Windows\System32\pautoenr.dll - ok
09:15:05.0275 8124  [ 7B4A2F45FA65A2C88D7950168F26277B ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\nisfull.vdm
09:15:05.0275 8124  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\nisfull.vdm - ok
09:15:05.0275 8124  [ 662BA98309818AF2C17D4E48BF4021C4 ] C:\Program Files\Windows Defender\MpClient.dll
09:15:05.0275 8124  C:\Program Files\Windows Defender\MpClient.dll - ok
09:15:05.0275 8124  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
09:15:05.0275 8124  C:\Windows\System32\Apphlpdm.dll - ok
09:15:05.0275 8124  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
09:15:05.0275 8124  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
09:15:05.0275 8124  [ 94DFBB481BF51158B216E23C5C1C9D6E ] C:\Windows\System32\certcli.dll
09:15:05.0275 8124  C:\Windows\System32\certcli.dll - ok
09:15:05.0275 8124  [ 263B26106606A010CF877472B535E4BB ] C:\Windows\System32\CertEnroll.dll
09:15:05.0275 8124  C:\Windows\System32\CertEnroll.dll - ok
09:15:05.0275 8124  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
09:15:05.0275 8124  C:\Windows\SysWOW64\winbrand.dll - ok
09:15:05.0291 8124  [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\ieframe.dll - ok
09:15:05.0291 8124  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:15:05.0291 8124  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
09:15:05.0291 8124  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\shdocvw.dll - ok
09:15:05.0291 8124  [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\Kelly\AppData\Local\Temp\327161FB-A69B-491F-AF90-813456D4D885.exe
09:15:05.0291 8124  C:\Users\Kelly\AppData\Local\Temp\327161FB-A69B-491F-AF90-813456D4D885.exe - ok
09:15:05.0291 8124  [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\cryptnet.dll - ok
09:15:05.0291 8124  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
09:15:05.0291 8124  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
09:15:05.0291 8124  C:\Windows\SysWOW64\EhStorShell.dll - ok
09:15:05.0307 8124  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\ntshrui.dll - ok
09:15:05.0307 8124  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\imageres.dll - ok
09:15:05.0307 8124  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\slc.dll - ok
09:15:05.0307 8124  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\sfc.dll - ok
09:15:05.0307 8124  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\sfc_os.dll - ok
09:15:05.0307 8124  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\devrtl.dll - ok
09:15:05.0307 8124  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\winhttp.dll - ok
09:15:05.0307 8124  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
09:15:05.0307 8124  C:\Windows\SysWOW64\webio.dll - ok
09:15:05.0322 8124  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
09:15:05.0322 8124  C:\Windows\System32\timedate.cpl - ok
09:15:05.0322 8124  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
09:15:05.0322 8124  C:\Windows\System32\actxprxy.dll - ok
09:15:05.0322 8124  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
09:15:05.0322 8124  C:\Windows\System32\shdocvw.dll - ok
09:15:05.0322 8124  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
09:15:05.0322 8124  C:\Windows\System32\linkinfo.dll - ok
09:15:05.0322 8124  [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
09:15:05.0322 8124  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
09:15:05.0322 8124  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
09:15:05.0322 8124  C:\Windows\System32\msftedit.dll - ok
09:15:05.0322 8124  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
09:15:05.0322 8124  C:\Windows\System32\msls31.dll - ok
09:15:05.0338 8124  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
09:15:05.0338 8124  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
09:15:05.0338 8124  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
09:15:05.0338 8124  C:\Windows\System32\DeviceCenter.dll - ok
09:15:05.0338 8124  [ 8CB8E0C93C5459B45BE1FA628FB0D761 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:15:05.0338 8124  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
09:15:05.0338 8124  [ ABAEEE966953092F013902849495E588 ] C:\Windows\System32\igfxtray.exe
09:15:05.0338 8124  C:\Windows\System32\igfxtray.exe - ok
09:15:05.0338 8124  [ 6200A37004340CBC2BA7BD585285513D ] C:\Windows\System32\hkcmd.exe
09:15:05.0338 8124  C:\Windows\System32\hkcmd.exe - ok
09:15:05.0338 8124  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
09:15:05.0338 8124  C:\Windows\System32\networkexplorer.dll - ok
09:15:05.0338 8124  [ C0798E90F54A10E37001CE26E51D3793 ] C:\Windows\System32\igfxpers.exe
09:15:05.0338 8124  C:\Windows\System32\igfxpers.exe - ok
09:15:05.0338 8124  [ C4D30FAB57F1D68DE13DA93FDB5CA719 ] C:\Windows\System32\hccutils.dll
09:15:05.0338 8124  C:\Windows\System32\hccutils.dll - ok
09:15:05.0353 8124  [ 47CBC23DBA11B96DEB11288549FBA66F ] C:\Windows\System32\igfxsrvc.exe
09:15:05.0353 8124  C:\Windows\System32\igfxsrvc.exe - ok
09:15:05.0353 8124  [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
09:15:05.0353 8124  C:\Program Files\Microsoft Security Client\msseces.exe - ok
09:15:05.0353 8124  [ 760DF1D09A91781F25F178595E4FDC47 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
09:15:05.0353 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe - ok
09:15:05.0353 8124  [ 96155A8E11B042FF2CA75B67C3B561FD ] C:\Windows\System32\igfxsrvc.dll
09:15:05.0353 8124  C:\Windows\System32\igfxsrvc.dll - ok
09:15:05.0353 8124  [ 070753E47E04181DD440EA2FEFE3115C ] C:\Program Files (x86)\Skype\Phone\Skype.exe
09:15:05.0353 8124  C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
09:15:05.0353 8124  [ 9B0F7C94A71E4C781900B6C8F923682F ] C:\Windows\System32\igfxdev.dll
09:15:05.0353 8124  C:\Windows\System32\igfxdev.dll - ok
09:15:05.0353 8124  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
09:15:05.0353 8124  C:\Windows\System32\thumbcache.dll - ok
09:15:05.0353 8124  [ A5CB3D0F6A96136D2C96EB62A9BE47B1 ] C:\Windows\System32\igfxrenu.lrc
09:15:05.0353 8124  C:\Windows\System32\igfxrenu.lrc - ok
09:15:05.0369 8124  [ 59BCE9F07985F8A4204F4D6554CFF708 ] C:\Windows\System32\regsvr32.exe
09:15:05.0369 8124  C:\Windows\System32\regsvr32.exe - ok
09:15:05.0369 8124  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
09:15:05.0369 8124  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
09:15:05.0369 8124  [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
09:15:05.0369 8124  C:\Windows\System32\IccLibDll_x64.dll - ok
09:15:05.0369 8124  [ A58C7DF1C006A0A06B141087D8FD6292 ] C:\Windows\System32\igfxress.dll
09:15:05.0369 8124  C:\Windows\System32\igfxress.dll - ok
09:15:05.0369 8124  [ 0CFB90C28768E26498834D780FBBD754 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll
09:15:05.0369 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll - ok
09:15:05.0369 8124  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
09:15:05.0369 8124  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
09:15:05.0369 8124  [ 759D71FC9442AB5A9B5749C0F6C0C263 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll
09:15:05.0369 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll - ok
09:15:05.0385 8124  [ B6A17555D2CB159A47E910670DE6F7AF ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
09:15:05.0385 8124  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
09:15:05.0385 8124  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
09:15:05.0385 8124  C:\Windows\System32\gameux.dll - ok
09:15:05.0385 8124  [ FC3D4A55C23B2350BEE07CF5177BBC06 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll
09:15:05.0385 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll - ok
09:15:05.0385 8124  [ DC73E11DC27E7D9AEF884EBE816C4240 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
09:15:05.0385 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
09:15:05.0385 8124  [ EBE1962DC5EEFC13D20543013A891ABC ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
09:15:05.0385 8124  C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe - ok
09:15:05.0385 8124  [ E97140424C378ACBD47DF493A6AB7235 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
09:15:05.0385 8124  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
09:15:05.0385 8124  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
09:15:05.0385 8124  C:\Windows\SysWOW64\msi.dll - ok
09:15:05.0400 8124  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
09:15:05.0400 8124  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
09:15:05.0400 8124  [ A7749965A3923D024922A86BAAECAFF4 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
09:15:05.0400 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe - ok
09:15:05.0400 8124  [ 4164A47F3A2DA7EA44572904C3DF44A4 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
09:15:05.0400 8124  C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe - ok
09:15:05.0400 8124  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
09:15:05.0400 8124  C:\Windows\SysWOW64\msvcp71.dll - ok
09:15:05.0400 8124  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
09:15:05.0400 8124  C:\Windows\SysWOW64\msvcr71.dll - ok
09:15:05.0400 8124  [ 53E81C75B3C260C8FE9FD9ED4D8DB8F0 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\AS_Storage_w32.dll
09:15:05.0400 8124  C:\Program Files (x86)\Roxio\OEM\Roxio Burn\AS_Storage_w32.dll - ok
09:15:05.0400 8124  [ B06B80A4C0324ACF89E73E9BEE2AD64D ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
09:15:05.0400 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
09:15:05.0416 8124  [ 57AF9F47253E53E94D22C790FA5D6024 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
09:15:05.0416 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe - ok
09:15:05.0416 8124  [ B9E362680ADB83F0E0134F4567DBF656 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll
09:15:05.0416 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll - ok
09:15:05.0416 8124  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
09:15:05.0416 8124  C:\Windows\System32\msiltcfg.dll - ok
09:15:05.0416 8124  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
09:15:05.0416 8124  C:\Windows\System32\msi.dll - ok
09:15:05.0416 8124  [ A916790060389ABE8CB043A7248DAEBF ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
09:15:05.0416 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
09:15:05.0416 8124  [ B44C5909CDA640DF61B07856470A2D28 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll
09:15:05.0416 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll - ok
09:15:05.0416 8124  [ A51A7D0C82C93827532DF3B8FE7804EA ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll
09:15:05.0416 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll - ok
09:15:05.0431 8124  [ 2E2C533592AC3C543DEFFE29770BCA8C ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe
09:15:05.0431 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe - ok
09:15:05.0431 8124  [ 3B1247FC09F82A1ECD1294EA13C79C3E ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll
09:15:05.0431 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll - ok
09:15:05.0431 8124  [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
09:15:05.0431 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
09:15:05.0431 8124  [ A6E69E7ABAF9815390C4E3F45836CE5B ] C:\Program Files\Internet Explorer\sqmapi.dll
09:15:05.0431 8124  C:\Program Files\Internet Explorer\sqmapi.dll - ok
09:15:05.0431 8124  [ 1BC8A289BFDE02DF0DA6C06689FA89C3 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig13.dll
09:15:05.0431 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig13.dll - ok
09:15:05.0431 8124  [ 837115C004022C7C9317848645D714FD ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll
09:15:05.0431 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
09:15:05.0431 8124  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
09:15:05.0431 8124  C:\Windows\SysWOW64\snmpapi.dll - ok
09:15:05.0447 8124  [ 6046C98205A35C2CEC330B15F88D4443 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
09:15:05.0447 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll - ok
09:15:05.0447 8124  [ 5BD85ABB12E057257D9D93C0838ABC0B ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll
09:15:05.0447 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
09:15:05.0447 8124  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
09:15:05.0447 8124  C:\Windows\SysWOW64\riched20.dll - ok
09:15:05.0447 8124  [ E325D1DB76B13B33692D6318F67DC4EC ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient13.dll
09:15:05.0447 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient13.dll - ok
09:15:05.0447 8124  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
09:15:05.0447 8124  C:\Windows\SysWOW64\wsock32.dll - ok
09:15:05.0447 8124  [ CF8D43B5CE132414CC0667E9C5EB5574 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll
09:15:05.0447 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll - ok
09:15:05.0447 8124  [ 8F17CA7CD61AF4602FC88647BAEA9F54 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager13.dll
09:15:05.0447 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager13.dll - ok
09:15:05.0463 8124  [ 72E6BB97A33137004FAC46CA43938F6C ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll
09:15:05.0463 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll - ok
09:15:05.0463 8124  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
09:15:05.0463 8124  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
09:15:05.0463 8124  [ 132AB9DB9A673FC20EE2D786E8CEC447 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll
09:15:05.0463 8124  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll - ok
09:15:05.0463 8124  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
09:15:05.0463 8124  C:\Windows\System32\qmgr.dll - ok
09:15:05.0463 8124  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
09:15:05.0463 8124  C:\Windows\SysWOW64\duser.dll - ok
09:15:05.0463 8124  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
09:15:05.0463 8124  C:\Windows\System32\stobject.dll - ok
09:15:05.0463 8124  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
09:15:05.0463 8124  C:\Windows\System32\dsound.dll - ok
09:15:05.0463 8124  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
09:15:05.0463 8124  C:\Windows\System32\batmeter.dll - ok
09:15:05.0478 8124  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
09:15:05.0478 8124  C:\Windows\SysWOW64\dui70.dll - ok
09:15:05.0478 8124  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
09:15:05.0478 8124  C:\Windows\System32\bitsperf.dll - ok
09:15:05.0478 8124  [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
09:15:05.0478 8124  C:\Windows\System32\opengl32.dll - ok
09:15:05.0478 8124  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
09:15:05.0478 8124  C:\Windows\System32\bitsigd.dll - ok
09:15:05.0478 8124  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
09:15:05.0478 8124  C:\Windows\System32\UIAnimation.dll - ok
09:15:05.0478 8124  [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
09:15:05.0478 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
09:15:05.0478 8124  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
09:15:05.0478 8124  C:\Windows\System32\upnp.dll - ok
09:15:05.0494 8124  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
09:15:05.0494 8124  C:\Windows\System32\prnfldr.dll - ok
09:15:05.0494 8124  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
09:15:05.0494 8124  C:\Windows\System32\browcli.dll - ok
09:15:05.0494 8124  [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
09:15:05.0494 8124  C:\Windows\System32\glu32.dll - ok
09:15:05.0494 8124  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
09:15:05.0494 8124  C:\Windows\System32\schedcli.dll - ok
09:15:05.0494 8124  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
09:15:05.0494 8124  C:\Windows\System32\ssdpsrv.dll - ok
09:15:05.0494 8124  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
09:15:05.0494 8124  C:\Windows\System32\ddraw.dll - ok
09:15:05.0494 8124  [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
09:15:05.0494 8124  C:\Windows\System32\dciman32.dll - ok
09:15:05.0494 8124  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
09:15:05.0494 8124  C:\Windows\System32\msimg32.dll - ok
09:15:05.0509 8124  [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
09:15:05.0509 8124  C:\Windows\SysWOW64\netbios.dll - ok
09:15:05.0509 8124  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
09:15:05.0509 8124  C:\Windows\System32\oledlg.dll - ok
09:15:05.0509 8124  [ 1AD33A0319062260064E1A36F8327922 ] C:\Windows\System32\RtkCfg64.dll
09:15:05.0509 8124  C:\Windows\System32\RtkCfg64.dll - ok
09:15:05.0509 8124  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
09:15:05.0509 8124  C:\Windows\System32\DXP.dll - ok
09:15:05.0509 8124  [ 5945DB41B87D0672713544BE2CDFD205 ] C:\UPS\WSTD\UPSNA1Msgr.exe
09:15:05.0509 8124  C:\UPS\WSTD\UPSNA1Msgr.exe - ok
09:15:05.0509 8124  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
09:15:05.0509 8124  C:\Windows\System32\Syncreg.dll - ok
09:15:05.0509 8124  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:15:05.0509 8124  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
09:15:05.0509 8124  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
09:15:05.0509 8124  C:\Windows\ehome\ehSSO.dll - ok
09:15:05.0525 8124  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
09:15:05.0525 8124  C:\Windows\System32\qmgrprxy.dll - ok
09:15:05.0525 8124  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\pdh.dll - ok
09:15:05.0525 8124  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\qmgrprxy.dll - ok
09:15:05.0525 8124  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
09:15:05.0525 8124  C:\Windows\System32\netshell.dll - ok
09:15:05.0525 8124  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\powrprof.dll - ok
09:15:05.0525 8124  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\msacm32.dll - ok
09:15:05.0525 8124  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\olepro32.dll - ok
09:15:05.0525 8124  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
09:15:05.0525 8124  C:\Windows\SysWOW64\wlanapi.dll - ok
09:15:05.0541 8124  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
09:15:05.0541 8124  C:\Windows\SysWOW64\avrt.dll - ok
09:15:05.0541 8124  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
09:15:05.0541 8124  C:\Windows\SysWOW64\wlanutil.dll - ok
09:15:05.0541 8124  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
09:15:05.0541 8124  C:\Windows\SysWOW64\cryptui.dll - ok
09:15:05.0541 8124  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
09:15:05.0541 8124  C:\Windows\System32\AltTab.dll - ok
09:15:05.0541 8124  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
09:15:05.0541 8124  C:\Windows\System32\WPDShServiceObj.dll - ok
09:15:05.0541 8124  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
09:15:05.0541 8124  C:\Windows\System32\pnidui.dll - ok
09:15:05.0541 8124  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
09:15:05.0541 8124  C:\Windows\SysWOW64\mapi32.dll - ok
09:15:05.0541 8124  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
09:15:05.0541 8124  C:\Windows\SysWOW64\sxs.dll - ok
09:15:05.0556 8124  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
09:15:05.0556 8124  C:\Windows\System32\QUTIL.DLL - ok
09:15:05.0556 8124  [ D37DC32D8D611BD154BC8FBA45D0A4FC ] C:\UPS\WSTD\WSTDMessaging.exe
09:15:05.0556 8124  C:\UPS\WSTD\WSTDMessaging.exe - ok
09:15:05.0556 8124  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
09:15:05.0556 8124  C:\Windows\System32\PortableDeviceTypes.dll - ok
09:15:05.0556 8124  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
09:15:05.0556 8124  C:\Windows\System32\ActionCenter.dll - ok
09:15:05.0556 8124  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
09:15:05.0556 8124  C:\Windows\System32\cscobj.dll - ok
09:15:05.0556 8124  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
09:15:05.0556 8124  C:\Windows\System32\bthprops.cpl - ok
09:15:05.0556 8124  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
09:15:05.0556 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
09:15:05.0572 8124  [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
09:15:05.0572 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
09:15:05.0572 8124  [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
09:15:05.0572 8124  C:\Windows\System32\ieframe.dll - ok
09:15:05.0572 8124  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
09:15:05.0572 8124  C:\Windows\SysWOW64\devenum.dll - ok
09:15:05.0572 8124  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
09:15:05.0572 8124  C:\Windows\SysWOW64\msdmo.dll - ok
09:15:05.0572 8124  [ 7AFA393DD161F37D678EC1677ECB32B0 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
09:15:05.0572 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
09:15:05.0572 8124  [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
09:15:05.0572 8124  C:\Windows\SysWOW64\avicap32.dll - ok
09:15:05.0572 8124  [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
09:15:05.0572 8124  C:\Windows\SysWOW64\msvfw32.dll - ok
09:15:05.0572 8124  [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
09:15:05.0572 8124  C:\Windows\SysWOW64\vfwwdm32.dll - ok
09:15:05.0587 8124  [ 96FAF00A7ADC61AF68192445623402FA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
09:15:05.0587 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll - ok
09:15:05.0587 8124  [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\SysWOW64\mshtml.dll
09:15:05.0587 8124  C:\Windows\SysWOW64\mshtml.dll - ok
09:15:05.0587 8124  [ 191EBD9CF58126D195817C3BEBCD20F6 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
09:15:05.0587 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
09:15:05.0587 8124  [ A9B36CAB809EF486D456FA1A3B204152 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
09:15:05.0587 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll - ok
09:15:05.0587 8124  [ 8038B5B580059E8BC9CB83D2841045E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\11c176470524e1843fbbcc571cd0aa88\IAStorUtil.ni.dll
09:15:05.0587 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\11c176470524e1843fbbcc571cd0aa88\IAStorUtil.ni.dll - ok
09:15:05.0587 8124  [ 110F647566806095CAE06344F3A007F3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll
09:15:05.0587 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll - ok
09:15:05.0587 8124  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
09:15:05.0587 8124  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
09:15:05.0603 8124  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
09:15:05.0603 8124  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
09:15:05.0603 8124  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
09:15:05.0603 8124  C:\Windows\System32\srchadmin.dll - ok
09:15:05.0603 8124  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
09:15:05.0603 8124  C:\Windows\System32\FXSST.dll - ok
09:15:05.0603 8124  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
09:15:05.0603 8124  C:\Windows\System32\SearchIndexer.exe - ok
09:15:05.0603 8124  [ 42251362E097134CCA9FC60A1B932EF8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
09:15:05.0603 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll - ok
09:15:05.0603 8124  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
09:15:05.0603 8124  C:\Windows\System32\FXSAPI.dll - ok
09:15:05.0603 8124  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
09:15:05.0603 8124  C:\Windows\System32\FXSRESM.dll - ok
09:15:05.0619 8124  [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
09:15:05.0619 8124  C:\Windows\SysWOW64\perfproc.dll - ok
09:15:05.0619 8124  [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
09:15:05.0619 8124  C:\Windows\SysWOW64\perfdisk.dll - ok
09:15:05.0619 8124  [ DA6A88689ECD2FC97983557D7C0BE100 ] C:\UPS\WSTD\wstdPldReminder.exe
09:15:05.0619 8124  C:\UPS\WSTD\wstdPldReminder.exe - ok
09:15:05.0619 8124  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
09:15:05.0619 8124  C:\Windows\System32\FXSSVC.exe - ok
09:15:05.0619 8124  [ 97EA663282E10C6306769FEAD4E76867 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll
09:15:05.0619 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll - ok
09:15:05.0619 8124  [ 06CABCD25920159660B4F73B8BE85D5A ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll
09:15:05.0619 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll - ok
09:15:05.0619 8124  [ 819EB5ABEAE5B1728EDFF0AC8B696769 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll
09:15:05.0619 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll - ok
09:15:05.0619 8124  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
09:15:05.0619 8124  C:\Windows\System32\tquery.dll - ok
09:15:05.0634 8124  [ 8CCCC9A53B6C8B781FBAFB17B6207125 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll
09:15:05.0634 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll - ok
09:15:05.0634 8124  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
09:15:05.0634 8124  C:\Windows\SysWOW64\perfos.dll - ok
09:15:05.0634 8124  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
09:15:05.0634 8124  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
09:15:05.0634 8124  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
09:15:05.0634 8124  C:\Windows\SysWOW64\MMDevAPI.dll - ok
09:15:05.0634 8124  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
09:15:05.0634 8124  C:\Windows\System32\mssrch.dll - ok
09:15:05.0634 8124  [ 4C90F8648B1D83651BF1430C199D95DA ] C:\Windows\SysWOW64\igdumd32.dll
09:15:05.0634 8124  C:\Windows\SysWOW64\igdumd32.dll - ok
09:15:05.0634 8124  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
09:15:05.0634 8124  C:\Windows\System32\msidle.dll - ok
09:15:05.0650 8124  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
09:15:05.0650 8124  C:\Windows\System32\mssprxy.dll - ok
09:15:05.0650 8124  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
09:15:05.0650 8124  C:\Windows\System32\netman.dll - ok
09:15:05.0650 8124  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
09:15:05.0650 8124  C:\Windows\System32\rasdlg.dll - ok
09:15:05.0650 8124  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
09:15:05.0650 8124  C:\Windows\System32\mprapi.dll - ok
09:15:05.0650 8124  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
09:15:05.0650 8124  C:\Windows\System32\dot3api.dll - ok
09:15:05.0650 8124  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
09:15:05.0650 8124  C:\Windows\System32\eappcfg.dll - ok
09:15:05.0650 8124  [ 05A321CF65AB46D8E29E717D13662519 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
09:15:05.0650 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll - ok
09:15:05.0650 8124  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
09:15:05.0650 8124  C:\Windows\System32\wlanhlp.dll - ok
09:15:05.0665 8124  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
09:15:05.0665 8124  C:\Windows\System32\wlanapi.dll - ok
09:15:05.0665 8124  [ 8DF354F0F7193C097620B04DE2D03093 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll
09:15:05.0665 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll - ok
09:15:05.0665 8124  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
09:15:05.0665 8124  C:\Windows\System32\wlanutil.dll - ok
09:15:05.0665 8124  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
09:15:05.0665 8124  C:\Windows\System32\onex.dll - ok
09:15:05.0665 8124  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
09:15:05.0665 8124  C:\Windows\System32\eappprxy.dll - ok
09:15:05.0665 8124  [ B05953F956EB87A02E62096EAAFA9C5F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll
09:15:05.0665 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll - ok
09:15:05.0665 8124  [ 30F03C23C5EBD9589C74D3775892C572 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll
09:15:05.0665 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll - ok
09:15:05.0681 8124  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
09:15:05.0681 8124  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
09:15:05.0681 8124  [ A3484A0159763330160FD820DE8C4624 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
09:15:05.0681 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll - ok
09:15:05.0681 8124  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
09:15:05.0681 8124  C:\Windows\System32\en-US\tquery.dll.mui - ok
09:15:05.0681 8124  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
09:15:05.0681 8124  C:\Windows\System32\WWanAPI.dll - ok
09:15:05.0681 8124  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
09:15:05.0681 8124  C:\Windows\SysWOW64\linkinfo.dll - ok
09:15:05.0681 8124  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
09:15:05.0681 8124  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
09:15:05.0681 8124  [ 9251961FA9E1838DB44E7B5160DF14D1 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.NA1MessengerServer.dll
09:15:05.0681 8124  C:\UPS\WSTD\POLICYMGR\UPS.Components.NA1MessengerServer.dll - ok
09:15:05.0681 8124  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
09:15:05.0681 8124  C:\Windows\System32\wwapi.dll - ok
09:15:05.0697 8124  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
09:15:05.0697 8124  C:\Windows\System32\QAGENT.DLL - ok
09:15:05.0697 8124  [ 12C3E07ADC706392618687659598E629 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyActions.dll
09:15:05.0697 8124  C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyActions.dll - ok
09:15:05.0697 8124  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
09:15:05.0697 8124  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
09:15:05.0697 8124  [ 916B2844749395DDCBA56029A72524F8 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.LANPolicyManager.dll
09:15:05.0697 8124  C:\UPS\WSTD\POLICYMGR\UPS.Components.LANPolicyManager.dll - ok
09:15:05.0697 8124  [ 432BE6CF7311062633459EEF6B242FB5 ] C:\Windows\SysWOW64\regsvr32.exe
09:15:05.0697 8124  C:\Windows\SysWOW64\regsvr32.exe - ok
09:15:05.0697 8124  [ DD502A2E7B85EA7A3814C1034E6C23D3 ] C:\Windows\AppPatch\AcGenral.dll
09:15:05.0697 8124  C:\Windows\AppPatch\AcGenral.dll - ok
09:15:05.0697 8124  [ 99FFE7C551CD6CF23F3881CEEC94A950 ] C:\UPS\WSTD\UPS.Interop.ManagedProxies.dll
09:15:05.0697 8124  C:\UPS\WSTD\UPS.Interop.ManagedProxies.dll - ok
09:15:05.0712 8124  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
09:15:05.0712 8124  C:\Windows\System32\drmv2clt.dll - ok
09:15:05.0712 8124  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
09:15:05.0712 8124  C:\Windows\System32\wmdrmdev.dll - ok
09:15:05.0712 8124  [ 52C7EC53A15A6FB5E9B85F5B72789DD2 ] C:\Users\Kelly\AppData\Local\Google\htmsuhvl.dll
09:15:05.0712 8124  C:\Users\Kelly\AppData\Local\Google\htmsuhvl.dll - ok
09:15:05.0712 8124  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
09:15:05.0712 8124  C:\Windows\System32\blackbox.dll - ok
09:15:05.0712 8124  [ C5413BC4F10CEB4C3070BBF04D324117 ] C:\Windows\SysWOW64\msisip.dll
09:15:05.0712 8124  C:\Windows\SysWOW64\msisip.dll - ok
09:15:05.0712 8124  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
09:15:05.0712 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
09:15:05.0712 8124  [ 88F161F0976B37F3FF0EDF9FFFC93837 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe
09:15:05.0712 8124  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe - ok
09:15:05.0712 8124  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
09:15:05.0712 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
09:15:05.0728 8124  [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
09:15:05.0728 8124  C:\Windows\SysWOW64\qcap.dll - ok
09:15:05.0728 8124  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
09:15:05.0728 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
09:15:05.0728 8124  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
09:15:05.0728 8124  C:\Windows\SysWOW64\quartz.dll - ok
09:15:05.0728 8124  [ CB7328C2A009C922C4D7A8367A6728C0 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll
09:15:05.0728 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll - ok
09:15:05.0728 8124  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
09:15:05.0728 8124  C:\Windows\System32\wmp.dll - ok
09:15:05.0728 8124  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
09:15:05.0728 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
09:15:05.0728 8124  [ 30E7CA4620500FE012EB464F0E1DE91E ] C:\Program Files (x86)\Internet Explorer\iexplore.exe
09:15:05.0728 8124  C:\Program Files (x86)\Internet Explorer\iexplore.exe - ok
09:15:05.0743 8124  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
09:15:05.0743 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
09:15:05.0743 8124  [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
09:15:05.0743 8124  C:\Windows\SysWOW64\ksproxy.ax - ok
09:15:05.0743 8124  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
09:15:05.0743 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
09:15:05.0743 8124  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
09:15:05.0743 8124  C:\Windows\SysWOW64\ksuser.dll - ok
09:15:05.0743 8124  [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
09:15:05.0743 8124  C:\Windows\SysWOW64\vidcap.ax - ok
09:15:05.0743 8124  [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
09:15:05.0743 8124  C:\Windows\SysWOW64\Kswdmcap.ax - ok
09:15:05.0743 8124  [ 220159496484D34009DE71CA1A68E0D4 ] C:\Windows\System32\wbem\NCProv.dll
09:15:05.0743 8124  C:\Windows\System32\wbem\NCProv.dll - ok
09:15:05.0743 8124  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
09:15:05.0743 8124  C:\Windows\SysWOW64\mfc42.dll - ok
09:15:05.0759 8124  [ 79BFC537A2D5005EDE7CBDE543B2C114 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll
09:15:05.0759 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll - ok
09:15:05.0759 8124  [ 19ADEF26D3D4EFDD2E5E2759A43EC5EE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
09:15:05.0759 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
09:15:05.0759 8124  [ 97D8AFF9E90DC489A86CBDDDEEEF13A9 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll
09:15:05.0759 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll - ok
09:15:05.0759 8124  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
09:15:05.0759 8124  C:\Windows\SysWOW64\odbc32.dll - ok
09:15:05.0759 8124  [ E699D325EFC2C4A760AA8D0EF95EFDD3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll
09:15:05.0759 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll - ok
09:15:05.0759 8124  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
09:15:05.0759 8124  C:\Windows\SysWOW64\odbcint.dll - ok
09:15:05.0759 8124  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
09:15:05.0759 8124  C:\Windows\SysWOW64\netprofm.dll - ok
09:15:05.0775 8124  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
09:15:05.0775 8124  C:\Windows\SysWOW64\npmproxy.dll - ok
09:15:05.0775 8124  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
09:15:05.0775 8124  C:\Windows\SysWOW64\AudioSes.dll - ok
09:15:05.0775 8124  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
09:15:05.0775 8124  C:\Windows\System32\wmploc.DLL - ok
09:15:05.0775 8124  [ B524DBF0EE9149C431CF23B896230D04 ] C:\UPS\WSTD\wstdCommon.dll
09:15:05.0775 8124  C:\UPS\WSTD\wstdCommon.dll - ok
09:15:05.0775 8124  [ D9C5A74A4F609BE65DB0403425F54821 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
09:15:05.0775 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll - ok
09:15:05.0775 8124  [ 5E4EE99635EF96B40FC52B893A876F50 ] C:\UPS\WSTD\UPSResourceManager.dll
09:15:05.0775 8124  C:\UPS\WSTD\UPSResourceManager.dll - ok
09:15:05.0775 8124  [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
09:15:05.0775 8124  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
09:15:05.0790 8124  [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
09:15:05.0790 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
09:15:05.0790 8124  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
09:15:05.0790 8124  C:\Windows\SysWOW64\mscms.dll - ok
09:15:05.0790 8124  [ 08BF49EFC9C64CCCF3AAFCFDB33BFC9C ] C:\UPS\WSTD\wstdDB.dll
09:15:05.0790 8124  C:\UPS\WSTD\wstdDB.dll - ok
09:15:05.0790 8124  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
09:15:05.0790 8124  C:\Windows\SysWOW64\msxml6.dll - ok
09:15:05.0790 8124  [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
09:15:05.0790 8124  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
09:15:05.0790 8124  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
09:15:05.0790 8124  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
09:15:05.0790 8124  [ 853E3E03808802D0DF7DCF844CD225A2 ] C:\UPS\WSTD\UPS.InteropFramework.Core.dll
09:15:05.0790 8124  C:\UPS\WSTD\UPS.InteropFramework.Core.dll - ok
09:15:05.0790 8124  [ 3ABDC4CCB3111BDC44591D40137A57E0 ] C:\UPS\WSTD\InteropFrameworkCore.dll
09:15:05.0790 8124  C:\UPS\WSTD\InteropFrameworkCore.dll - ok
09:15:05.0806 8124  [ BAB7CCA03C1F716B70EF61E3336B10AC ] C:\UPS\WSTD\UPS.InteropFramework.Util.dll
09:15:05.0806 8124  C:\UPS\WSTD\UPS.InteropFramework.Util.dll - ok
09:15:05.0806 8124  [ 990051955A7385D6B34F6011F84F1436 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyHolder.dll
09:15:05.0806 8124  C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyHolder.dll - ok
09:15:05.0806 8124  [ 9C6AFC5CCDED744FD887517F3EEBD0C8 ] C:\UPS\WSTD\Interop.DBSUPPORTENGINELib.dll
09:15:05.0806 8124  C:\UPS\WSTD\Interop.DBSUPPORTENGINELib.dll - ok
09:15:05.0806 8124  [ 916A020A8C88A48B7F67AEE1D8F9CECD ] C:\Program Files\Internet Explorer\ieproxy.dll
09:15:05.0806 8124  C:\Program Files\Internet Explorer\ieproxy.dll - ok
09:15:05.0806 8124  [ 9E91320932A08A7541F74295C0BAFED7 ] C:\UPS\WSTD\DBSupportEngine.ocx
09:15:05.0806 8124  C:\UPS\WSTD\DBSupportEngine.ocx - ok
09:15:05.0806 8124  [ 247EEA09AFCFB445FA9526FE1643FCDB ] C:\UPS\WSTD\wstdSubtle.dll
09:15:05.0806 8124  C:\UPS\WSTD\wstdSubtle.dll - ok
09:15:05.0806 8124  [ 8AA56D5E2355CF585D346FA14B18D013 ] C:\UPS\WSTD\AnsiCharacterConvertor.dll
09:15:05.0806 8124  C:\UPS\WSTD\AnsiCharacterConvertor.dll - ok
09:15:05.0806 8124  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
09:15:05.0806 8124  C:\Windows\System32\wmpps.dll - ok
09:15:05.0821 8124  [ DEC1426BF15A07E4B26DC7F479EDAA60 ] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
09:15:05.0821 8124  C:\Program Files (x86)\Common Files\System\ado\msado15.dll - ok
09:15:05.0821 8124  [ A99C4D1B5E7E794EC5779CF14F431932 ] C:\Windows\SysWOW64\msdart.dll
09:15:05.0821 8124  C:\Windows\SysWOW64\msdart.dll - ok
09:15:05.0821 8124  [ E2095C5CBE19CB17F8C6B07A5805B784 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
09:15:05.0821 8124  C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll - ok
09:15:05.0821 8124  [ 8859C0357D3C1499BEF65C7D5BBF7A40 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll
09:15:05.0821 8124  C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll - ok
09:15:05.0821 8124  [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll
09:15:05.0821 8124  C:\Windows\SysWOW64\comsvcs.dll - ok
09:15:05.0821 8124  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
09:15:05.0821 8124  C:\Windows\SysWOW64\atl.dll - ok
09:15:05.0821 8124  [ 736B8109F2E8A4FC1D7E2AEA9F48065E ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll
09:15:05.0821 8124  C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll - ok
09:15:05.0837 8124  [ 4C218B64C6ECB344240F16776012D200 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f95e6b6a92e3e28a3b553fe2998dd308\System.Data.ni.dll
09:15:05.0837 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f95e6b6a92e3e28a3b553fe2998dd308\System.Data.ni.dll - ok
09:15:05.0837 8124  [ 500D9F5057091945F1EA242C5EAEB7FD ] C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll
09:15:05.0837 8124  C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll - ok
09:15:05.0837 8124  [ 3EE82641D51AC10B4120ACBC515F6928 ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll
09:15:05.0837 8124  C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll - ok
09:15:05.0837 8124  [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
09:15:05.0837 8124  C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
09:15:05.0837 8124  [ 4470B0943469C4AF5B114E420DCB1AEF ] C:\Windows\SysWOW64\sqlsrv32.dll
09:15:05.0837 8124  C:\Windows\SysWOW64\sqlsrv32.dll - ok
09:15:05.0837 8124  [ FF2EF2ED43C4079F962627BC38418B37 ] C:\Windows\SysWOW64\sqlsrv32.rll
09:15:05.0837 8124  C:\Windows\SysWOW64\sqlsrv32.rll - ok
09:15:05.0837 8124  [ 66ABBF38123D3113BB55EBAFCF37AB92 ] C:\Windows\SysWOW64\odbccp32.dll
09:15:05.0837 8124  C:\Windows\SysWOW64\odbccp32.dll - ok
09:15:05.0853 8124  [ 8BCB9193C2FBCEDAF548A05A4514F6A4 ] C:\Windows\SysWOW64\dbnetlib.dll
09:15:05.0853 8124  C:\Windows\SysWOW64\dbnetlib.dll - ok
09:15:05.0853 8124  [ D4958A2160EDCDE5AF3D14CA750F663C ] C:\Windows\SysWOW64\dbnmpntw.dll
09:15:05.0853 8124  C:\Windows\SysWOW64\dbnmpntw.dll - ok
09:15:05.0853 8124  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
09:15:05.0853 8124  C:\Windows\SysWOW64\samlib.dll - ok
09:15:05.0853 8124  [ 534D84434D9DB1D1E1E865F64E52AA8E ] C:\Windows\System32\twext.dll
09:15:05.0853 8124  C:\Windows\System32\twext.dll - ok
09:15:05.0853 8124  [ D713FBECECD754FB7110CC5C4E0948F5 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll
09:15:05.0853 8124  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll - ok
09:15:05.0853 8124  [ 62B9022B4EA032A8303FAF6231A486E4 ] C:\Program Files\Roxio\Roxio Burn\RB_Contextmenu64.dll
09:15:05.0853 8124  C:\Program Files\Roxio\Roxio Burn\RB_Contextmenu64.dll - ok
09:15:05.0853 8124  [ 0E417DA494B3230C7BC48D1CA5A4E706 ] C:\UPS\WSTD\POLICYMGR\Microsoft.ApplicationBlocks.Data.dll
09:15:05.0853 8124  C:\UPS\WSTD\POLICYMGR\Microsoft.ApplicationBlocks.Data.dll - ok
09:15:05.0868 8124  [ 6B3E06734C8B6C267DE7C55E177304A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\dca6df8260d6c4c0bd66cb3be72eb73a\System.Transactions.ni.dll
09:15:05.0868 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\dca6df8260d6c4c0bd66cb3be72eb73a\System.Transactions.ni.dll - ok
09:15:05.0868 8124  [ 66C87DB880052104808507D6FA84D68E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
09:15:05.0868 8124  C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL - ok
09:15:05.0868 8124  [ 5F3F1BF5F5B43293953FC915845910C4 ] C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
09:15:05.0868 8124  C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
09:15:05.0868 8124  [ 0D7BE936A44E6B70F822D272A5CEBC22 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll
09:15:05.0868 8124  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4940_none_08e4299fa83d7e3c\msvcr90.dll - ok
09:15:05.0868 8124  [ C52E64AE4C813BED4E0E246A19E3910A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59a12d8db2a29bbe4e597124682cc4f7\System.EnterpriseServices.ni.dll
09:15:05.0868 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59a12d8db2a29bbe4e597124682cc4f7\System.EnterpriseServices.ni.dll - ok
09:15:05.0868 8124  [ A57FBE87B01C1383032ACA6793FF30B7 ] C:\PROGRA~1\MICROS~4\shellext.dll
09:15:05.0868 8124  C:\PROGRA~1\MICROS~4\shellext.dll - ok
09:15:05.0868 8124  [ A10B048B681C38E26CA90CD1BC123604 ] C:\Windows\System32\syncui.dll
09:15:05.0868 8124  C:\Windows\System32\syncui.dll - ok
09:15:05.0868 8124  [ 8699D17DFCFCD327784034DB6BD3A422 ] C:\Windows\System32\synceng.dll
09:15:05.0868 8124  C:\Windows\System32\synceng.dll - ok
09:15:05.0884 8124  [ 98C6F2A9A981A54222602B87C6310BDE ] C:\Program Files\Internet Explorer\iexplore.exe
09:15:05.0884 8124  C:\Program Files\Internet Explorer\iexplore.exe - ok
09:15:05.0884 8124  [ 17AD6A5E8A3E68D3F77894B02B88BF92 ] C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll
09:15:05.0884 8124  C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll - ok
09:15:05.0884 8124  [ 05F44FFCE9B6C2A5C4FD98ACD169414F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll
09:15:05.0884 8124  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll - ok
09:15:05.0884 8124  [ 8B22B0CF8912F810B28AFBFC8B42727F ] C:\Windows\System32\acppage.dll
09:15:05.0884 8124  C:\Windows\System32\acppage.dll - ok
09:15:05.0884 8124  [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
09:15:05.0884 8124  C:\Windows\System32\webcheck.dll - ok
09:15:05.0884 8124  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
09:15:05.0884 8124  C:\Windows\System32\mlang.dll - ok
09:15:05.0884 8124  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
09:15:05.0884 8124  C:\Windows\System32\SyncCenter.dll - ok
09:15:05.0899 8124  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
09:15:05.0899 8124  C:\Windows\System32\imapi2.dll - ok
09:15:05.0899 8124  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
09:15:05.0899 8124  C:\Windows\System32\hgcpl.dll - ok
09:15:05.0899 8124  [ 4B30321E02ACFB1E68F416E65297A5A5 ] C:\Program Files\Internet Explorer\IEShims.dll
09:15:05.0899 8124  C:\Program Files\Internet Explorer\IEShims.dll - ok
09:15:05.0899 8124  [ 17B4359BB4BD72F8EB4F92B1DC4E4EB5 ] C:\Windows\System32\ieui.dll
09:15:05.0899 8124  C:\Windows\System32\ieui.dll - ok
09:15:05.0899 8124  [ 739FD09D2F5829BEA6C1E9B7AD54C333 ] C:\Program Files (x86)\Internet Explorer\IEShims.dll
09:15:05.0899 8124  C:\Program Files (x86)\Internet Explorer\IEShims.dll - ok
09:15:05.0899 8124  [ 36BB38AA01998CD9CA35E3EDEECDD66D ] C:\Program Files (x86)\Internet Explorer\ieproxy.dll
09:15:05.0899 8124  C:\Program Files (x86)\Internet Explorer\ieproxy.dll - ok
09:15:05.0899 8124  [ 6A32A12A2C76B729D6485D04FCFB2175 ] C:\Windows\SysWOW64\ieui.dll
09:15:05.0899 8124  C:\Windows\SysWOW64\ieui.dll - ok
09:15:05.0899 8124  [ A51FA9427CFC53B8E4BD11A627C7E3BD ] C:\Program Files (x86)\Internet Explorer\sqmapi.dll
09:15:05.0899 8124  C:\Program Files (x86)\Internet Explorer\sqmapi.dll - ok
09:15:05.0915 8124  [ 9FF8F684BACF326082E5562F7C104A79 ] C:\Windows\SysWOW64\d2d1.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\d2d1.dll - ok
09:15:05.0915 8124  [ 1C0E369575F387460E2A5F28269B2CC4 ] C:\Windows\SysWOW64\DWrite.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\DWrite.dll - ok
09:15:05.0915 8124  [ D4F264FE23F8953D840904418220C15E ] C:\Windows\SysWOW64\dxgi.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\dxgi.dll - ok
09:15:05.0915 8124  [ 6DE66FE7C526637E74CD066461C7C871 ] C:\Windows\SysWOW64\d3d11.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\d3d11.dll - ok
09:15:05.0915 8124  [ 1E2C0AA71E7777423D2CA83FE82C44D4 ] C:\Windows\SysWOW64\igd10umd32.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\igd10umd32.dll - ok
09:15:05.0915 8124  [ 8EE6BDE1D572677AA35707C52C585F75 ] C:\Windows\SysWOW64\mlang.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\mlang.dll - ok
09:15:05.0915 8124  [ 9B921EE0B5D5ACF67583E3D4B6B829C5 ] C:\Windows\System32\Macromed\Flash\Flash64_11_8_800_94.ocx
09:15:05.0915 8124  C:\Windows\System32\Macromed\Flash\Flash64_11_8_800_94.ocx - ok
09:15:05.0915 8124  [ CB811C14C225DD07B98E676DFB0221E6 ] C:\Windows\SysWOW64\jscript9.dll
09:15:05.0915 8124  C:\Windows\SysWOW64\jscript9.dll - ok
09:15:05.0931 8124  [ 62A6EB5771580CAE445804389F3F7432 ] C:\Windows\SysWOW64\WindowsCodecsExt.dll
09:15:05.0931 8124  C:\Windows\SysWOW64\WindowsCodecsExt.dll - ok
09:15:05.0931 8124  [ 0F44172A5B34E8F208CD0F209EDD4A73 ] C:\Windows\SysWOW64\ieapfltr.dll
09:15:05.0931 8124  C:\Windows\SysWOW64\ieapfltr.dll - ok
09:15:05.0931 8124  [ 1D1EAA16D193C6A2D45981ED3914D22A ] C:\Windows\SysWOW64\msimtf.dll
09:15:05.0931 8124  C:\Windows\SysWOW64\msimtf.dll - ok
09:15:05.0931 8124  [ F045DF7AF127DC4BCC53421850114E15 ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
09:15:05.0931 8124  C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll - ok
09:15:05.0931 8124  [ CEEED6CF4B88683093D6563E2577EDBD ] C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\agcore.dll
09:15:05.0931 8124  C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\agcore.dll - ok
09:15:05.0931 8124  [ 4E87AFEC1327D2D71DCB837F8636F428 ] C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_94.ocx
09:15:05.0931 8124  C:\Windows\SysWOW64\Macromed\Flash\Flash32_11_8_800_94.ocx - ok
09:15:05.0931 8124  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
09:15:05.0931 8124  C:\Windows\SysWOW64\dsound.dll - ok
09:15:05.0946 8124  [ 5E08AC958BE05247FF1539E0D1CE7905 ] C:\Windows\SysWOW64\dinput8.dll
09:15:05.0946 8124  C:\Windows\SysWOW64\dinput8.dll - ok
09:15:05.0946 8124  [ 8C3D32A4A46326031309A43C52539D7F ] C:\Windows\SysWOW64\ieapfltr.dat
09:15:05.0946 8124  C:\Windows\SysWOW64\ieapfltr.dat - ok
09:15:05.0946 8124  [ 3E540298251F94ABE4DEAEC83192035C ] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe
09:15:05.0946 8124  C:\Windows\System32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe - ok
09:15:05.0946 8124  [ 4C3DAEE652B005B483F16B8E9131C99D ] C:\Windows\System32\d3d9.dll
09:15:05.0946 8124  C:\Windows\System32\d3d9.dll - ok
09:15:05.0946 8124  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65 ] C:\Windows\System32\d3d8thk.dll
09:15:05.0946 8124  C:\Windows\System32\d3d8thk.dll - ok
09:15:05.0946 8124  [ A7A8CA53D9C9FD90C07AB0EB38E5316B ] C:\Windows\System32\dbghelp.dll
09:15:05.0946 8124  C:\Windows\System32\dbghelp.dll - ok
09:15:05.0946 8124  [ C621FB6BF9741AA18E55377FDD2CE96F ] C:\Windows\System32\oleaccrc.dll
09:15:05.0946 8124  C:\Windows\System32\oleaccrc.dll - ok
09:15:05.0962 8124  [ 64DD45A18A065C207CDDC3549D157B13 ] C:\Windows\System32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.dll
09:15:05.0962 8124  C:\Windows\System32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.dll - ok
09:15:05.0962 8124  [ 6E42D6759EF29A36BA321823494CCB35 ] C:\Windows\System32\dinput8.dll
09:15:05.0962 8124  C:\Windows\System32\dinput8.dll - ok
09:15:05.0962 8124  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
09:15:05.0962 8124  C:\Windows\System32\NaturalLanguage6.dll - ok
09:15:05.0962 8124  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
09:15:05.0962 8124  C:\Windows\System32\NlsData0009.dll - ok
09:15:05.0962 8124  [ C225E5307D8D4982A1687F2702C37C78 ] C:\Windows\SysWOW64\msls31.dll
09:15:05.0962 8124  C:\Windows\SysWOW64\msls31.dll - ok
09:15:05.0962 8124  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
09:15:05.0962 8124  C:\Windows\System32\NlsLexicons0009.dll - ok
09:15:05.0962 8124  [ 96E0F0BED5D9EBABB899D8CA83C36A7E ] C:\Windows\SysWOW64\vbscript.dll
09:15:05.0962 8124  C:\Windows\SysWOW64\vbscript.dll - ok
09:15:05.0962 8124  [ 1B0EC94520CAB89A9CE1B2DA405166AF ] C:\Windows\SysWOW64\p2pcollab.dll
09:15:05.0962 8124  C:\Windows\SysWOW64\p2pcollab.dll - ok
09:15:05.0977 8124  [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
09:15:05.0977 8124  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
09:15:05.0977 8124  [ 8B285BDAB7735FDFB18E6F7122923B77 ] C:\Windows\SysWOW64\UIAnimation.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\UIAnimation.dll - ok
09:15:05.0977 8124  [ FD049C25A168D3DE310D9207B7B6367B ] C:\Windows\SysWOW64\UIAutomationCore.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\UIAutomationCore.dll - ok
09:15:05.0977 8124  [ 913666194A8AE833B5F353B6D87F318C ] C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll
09:15:05.0977 8124  C:\Program Files (x86)\Common Files\microsoft shared\VGX\VGX.dll - ok
09:15:05.0977 8124  [ DEFB55D4FF094673DF31FA89A8A8A2F0 ] C:\Windows\SysWOW64\dxtrans.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\dxtrans.dll - ok
09:15:05.0977 8124  [ BAB9EF9A340113666F678AA2474904B6 ] C:\Windows\SysWOW64\ddrawex.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\ddrawex.dll - ok
09:15:05.0977 8124  [ 198552AEFECA69D646867EC8D792DE95 ] C:\Windows\SysWOW64\ddraw.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\ddraw.dll - ok
09:15:05.0977 8124  [ 55E5B32AE8D1F51A63C82919656FD275 ] C:\Windows\SysWOW64\dciman32.dll
09:15:05.0977 8124  C:\Windows\SysWOW64\dciman32.dll - ok
09:15:05.0993 8124  [ C68FBBF01E86CB6CF0B797748FBD6C1A ] C:\Windows\SysWOW64\dxtmsft.dll
09:15:05.0993 8124  C:\Windows\SysWOW64\dxtmsft.dll - ok
09:15:05.0993 8124  [ EDF2A5E96BEC469DA3F64E9BDD386111 ] C:\Windows\SysWOW64\xmllite.dll
09:15:05.0993 8124  C:\Windows\SysWOW64\xmllite.dll - ok
09:15:05.0993 8124  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:15:05.0993 8124  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
09:15:05.0993 8124  [ E5F7C30EDF0892667933BE879F067D67 ] C:\Windows\SysWOW64\msvcr100_clr0400.dll
09:15:05.0993 8124  C:\Windows\SysWOW64\msvcr100_clr0400.dll - ok
09:15:05.0993 8124  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:15:05.0993 8124  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
09:15:05.0993 8124  [ CB21CD39637AC13F3455454B2F648257 ] C:\Windows\System32\msvcr100_clr0400.dll
09:15:05.0993 8124  C:\Windows\System32\msvcr100_clr0400.dll - ok
09:15:05.0993 8124  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
09:15:05.0993 8124  C:\Windows\System32\mscoree.dll - ok
09:15:06.0009 8124  [ 4C0419368943D1CF20A9FCEEC50D9846 ] C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
09:15:06.0009 8124  C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe - ok
09:15:06.0009 8124  [ 91EA5FF9F105D373216E8C96F57E88E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll
09:15:06.0009 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f752f8cf702b7c7eff6c659b2e0c760a\System.ServiceProcess.ni.dll - ok
09:15:06.0009 8124  [ 1A66F3A64BF7D90C4E5FE4224708D339 ] C:\Program Files (x86)\Dell Digital Delivery\Core.dll
09:15:06.0009 8124  C:\Program Files (x86)\Dell Digital Delivery\Core.dll - ok
09:15:06.0009 8124  [ CF3173A6D74A02081D9E42AA1E3BB1EF ] C:\Program Files (x86)\Dell Digital Delivery\log4net.dll
09:15:06.0009 8124  C:\Program Files (x86)\Dell Digital Delivery\log4net.dll - ok
09:15:06.0009 8124  [ D41861E56E7552C13674D7F147A02464 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:15:06.0009 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe - ok
09:15:06.0009 8124  [ DB3F3C23A040D22B7ABAEDD60B33846D ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll
09:15:06.0009 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgr.dll - ok
09:15:06.0009 8124  [ 1AD2E22597DF43F93CBB37DB39D29CA1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\f250e92252568a12d81f5e37ffc2eef2\IAStorDataMgrSvc.ni.exe
09:15:06.0009 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\f250e92252568a12d81f5e37ffc2eef2\IAStorDataMgrSvc.ni.exe - ok
09:15:06.0024 8124  [ E008CB84D5C9C130316B9FE0AE33F1D8 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
09:15:06.0024 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll - ok
09:15:06.0024 8124  [ 8FF90FA46AF9A1EB18DB5E9F308D82AF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ca389af4cf93f42f6d94fe55f80850c5\IAStorDataMgr.ni.dll
09:15:06.0024 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\ca389af4cf93f42f6d94fe55f80850c5\IAStorDataMgr.ni.dll - ok
09:15:06.0024 8124  [ 2B73088CC2CA757A172B425C9398E5BC ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
09:15:06.0024 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe - ok
09:15:06.0024 8124  [ CDE967A842224163FFA7AD4EE0B226E7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a0bcd45e021e725b136df43614e42f26\IsdiInterop.ni.dll
09:15:06.0024 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\a0bcd45e021e725b136df43614e42f26\IsdiInterop.ni.dll - ok
09:15:06.0024 8124  [ AAA0B3B32484156599B3BE5E3B88528A ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\LeResourceLoader.dll
09:15:06.0024 8124  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\LeResourceLoader.dll - ok
09:15:06.0024 8124  [ 16136783DD2C6D210BF8514379678F70 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
09:15:06.0024 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll - ok
09:15:06.0024 8124  [ E11AE58B6D040AE7E1E55741CB9C6694 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
09:15:06.0024 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll - ok
09:15:06.0040 8124  [ E17E0188BB90FAE42D83E98707EFA59C ] C:\Windows\System32\sppsvc.exe
09:15:06.0040 8124  C:\Windows\System32\sppsvc.exe - ok
09:15:06.0040 8124  [ EB8238F73AF33A974F9DE5CF76A9BEDF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll
09:15:06.0040 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\22d36f517c7545fdb65ccddae680a3eb\IAStorCommon.ni.dll - ok
09:15:06.0040 8124  [ FFF95479C7AB1550F0750A5D01744211 ] C:\Windows\System32\drivers\spsys.sys
09:15:06.0040 8124  C:\Windows\System32\drivers\spsys.sys - ok
09:15:06.0040 8124  [ E8B1FE6669397D1772D8196DF0E57A9E ] C:\Windows\System32\wscsvc.dll
09:15:06.0040 8124  C:\Windows\System32\wscsvc.dll - ok
09:15:06.0040 8124  [ 8637EE0160F32CC321A571F9D10E5E24 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll
09:15:06.0040 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll - ok
09:15:06.0040 8124  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] C:\Windows\System32\wuaueng.dll
09:15:06.0040 8124  C:\Windows\System32\wuaueng.dll - ok
09:15:06.0040 8124  [ C47F35CC6FA4F1BDBEF8F87AC1A46537 ] C:\Windows\System32\wuapi.dll
09:15:06.0040 8124  C:\Windows\System32\wuapi.dll - ok
09:15:06.0055 8124  [ E746ED90132C6B6313CE9179F56BD31D ] C:\Windows\System32\wups.dll
09:15:06.0055 8124  C:\Windows\System32\wups.dll - ok
09:15:06.0055 8124  [ 617F6EC0AC677C685479C1D0D1E76C6F ] C:\Windows\System32\mspatcha.dll
09:15:06.0055 8124  C:\Windows\System32\mspatcha.dll - ok
09:15:06.0055 8124  [ F6F22291024906E43D135A4B1705FEAC ] C:\Windows\System32\sppwinob.dll
09:15:06.0055 8124  C:\Windows\System32\sppwinob.dll - ok
09:15:06.0055 8124  [ EADE68C6F9875614568A5D1CA32B892B ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll
09:15:06.0055 8124  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUIHelper.dll - ok
09:15:06.0055 8124  [ FCE23E27F62989AD0BB88E256E847A41 ] C:\Windows\System32\CertPolEng.dll
09:15:06.0055 8124  C:\Windows\System32\CertPolEng.dll - ok
09:15:06.0055 8124  [ 2B373B5F7E36B5ED5DA176D4400EF091 ] C:\Windows\System32\sppobjs.dll
09:15:06.0055 8124  C:\Windows\System32\sppobjs.dll - ok
09:15:06.0055 8124  [ B84E2D174DC84916A536572BB8F691A8 ] C:\Windows\System32\wscisvif.dll
09:15:06.0055 8124  C:\Windows\System32\wscisvif.dll - ok
09:15:06.0055 8124  [ 6C1E3C43B35268C17833244C8ED96430 ] C:\Windows\System32\wscproxystub.dll
09:15:06.0055 8124  C:\Windows\System32\wscproxystub.dll - ok
09:15:06.0071 8124  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A ] C:\Windows\System32\wups2.dll
09:15:06.0071 8124  C:\Windows\System32\wups2.dll - ok
09:15:06.0071 8124  [ A018532EB2FC1759624AE196EC979B70 ] C:\Program Files (x86)\Dell Digital Delivery\Fulfillment.dll
09:15:06.0071 8124  C:\Program Files (x86)\Dell Digital Delivery\Fulfillment.dll - ok
09:15:06.0071 8124  [ A7A7F1959E8EB5DF93ECD05641106D5F ] C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll
09:15:06.0071 8124  C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll - ok
09:15:06.0071 8124  [ 5745C246EC19B2A2948E629E03B566BE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a7a3ebc76a454af37918211506e81e31\System.Management.ni.dll
09:15:06.0071 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\a7a3ebc76a454af37918211506e81e31\System.Management.ni.dll - ok
09:15:06.0071 8124  [ CBF785DC658EA55E9F1F5CD0E1EF3CF7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
09:15:06.0071 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll - ok
09:15:06.0071 8124  [ 972DCC74D4CDCB64086E7CFACBDB74CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll
09:15:06.0071 8124  C:\Windows\Microsoft.NET\Framework\v2.0.50727\WMINet_Utils.dll - ok
09:15:06.0071 8124  [ 5610B0425518D185331CB8E968D060E6 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
09:15:06.0071 8124  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
09:15:06.0087 8124  [ 298DEC5730416B60B84B7EFB80923F04 ] C:\Program Files (x86)\Dell Digital Delivery\ClientContracts.dll
09:15:06.0087 8124  C:\Program Files (x86)\Dell Digital Delivery\ClientContracts.dll - ok
09:15:06.0087 8124  [ C357BB8ED78B11104D30A52E432AAF39 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6e4f4fc116fe8faea929e840d74f8011\System.ServiceModel.Web.ni.dll
09:15:06.0087 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6e4f4fc116fe8faea929e840d74f8011\System.ServiceModel.Web.ni.dll - ok
09:15:06.0087 8124  [ B56D42EF64BA489C1E4A0C55E4C980C9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f00a8436d10d44f1829dea5f618b7f69\System.ServiceModel.ni.dll
09:15:06.0087 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f00a8436d10d44f1829dea5f618b7f69\System.ServiceModel.ni.dll - ok
09:15:06.0087 8124  [ DA7561B4DA9194E584FDF1CBDA1E3664 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\d84a4af2acd0a1489fb81d169a2ea00a\SMDiagnostics.ni.dll
09:15:06.0087 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\d84a4af2acd0a1489fb81d169a2ea00a\SMDiagnostics.ni.dll - ok
09:15:06.0087 8124  [ C24E86FD9E29EF61074AF3AC59B60FAE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
09:15:06.0087 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll - ok
09:15:06.0087 8124  [ 90245986C3630AF5898D0374B0276189 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\73475dd36b973802393888b87a0126e7\System.IdentityModel.ni.dll
09:15:06.0087 8124  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\73475dd36b973802393888b87a0126e7\System.IdentityModel.ni.dll - ok
09:15:06.0102 8124  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
09:15:06.0102 8124  C:\Windows\SysWOW64\rasapi32.dll - ok
09:15:06.0102 8124  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
09:15:06.0102 8124  C:\Windows\SysWOW64\rasman.dll - ok
09:15:06.0102 8124  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
09:15:06.0102 8124  C:\Windows\SysWOW64\rtutils.dll - ok
09:15:06.0102 8124  [ 85680BEDE36C58F4F4B7B3BED2B58618 ] C:\Program Files (x86)\Dell Digital Delivery\NamedPipe.dll
09:15:06.0102 8124  C:\Program Files (x86)\Dell Digital Delivery\NamedPipe.dll - ok
09:15:06.0102 8124  [ 270BC9972443083AADBA7679AB9AEAB1 ] C:\Program Files (x86)\Dell Digital Delivery\BackgroundCopyManager3_0.dll
09:15:06.0102 8124  C:\Program Files (x86)\Dell Digital Delivery\BackgroundCopyManager3_0.dll - ok
09:15:06.0102 8124  [ 0D893F8D145D3B125B0226727C243A69 ] C:\Windows\System32\security.dll
09:15:06.0102 8124  C:\Windows\System32\security.dll - ok
09:15:06.0102 8124  [ 5EA9A0950F322BFA382AF277801C0307 ] C:\Windows\System32\wbem\wmipcima.dll
09:15:06.0102 8124  C:\Windows\System32\wbem\wmipcima.dll - ok
09:15:06.0102 8124  [ 816B681CC308FAA128EDCB90643DCED7 ] C:\Windows\SysWOW64\icm32.dll
09:15:06.0102 8124  C:\Windows\SysWOW64\icm32.dll - ok
09:15:06.0118 8124  [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
09:15:06.0118 8124  C:\Windows\System32\StructuredQuery.dll - ok
09:15:06.0118 8124  [ 027675ED9B34EE1B91505C3B8752649F ] C:\Windows\System32\Wpc.dll
09:15:06.0118 8124  C:\Windows\System32\Wpc.dll - ok
09:15:06.0118 8124  [ 7CC7440BAF323AF4826EDD99CC9A3B4A ] C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL
09:15:06.0118 8124  C:\Program Files\Microsoft Office\Office14\MSOHEVI.DLL - ok
09:15:06.0118 8124  [ 81252AA3B13743020BCF2089A5A0D911 ] C:\Windows\System32\wscinterop.dll
09:15:06.0118 8124  C:\Windows\System32\wscinterop.dll - ok
09:15:06.0118 8124  [ DF50DAE4C547285E4997A0C61063B632 ] C:\Windows\System32\wscui.cpl
09:15:06.0118 8124  C:\Windows\System32\wscui.cpl - ok
09:15:06.0118 8124  [ F9959237F106F2B2609E61A290C0652E ] C:\Windows\System32\werconcpl.dll
09:15:06.0118 8124  C:\Windows\System32\werconcpl.dll - ok
09:15:06.0118 8124  [ 7E591867422DC788B9E5BD337A669A08 ] C:\Windows\System32\wercplsupport.dll
09:15:06.0118 8124  C:\Windows\System32\wercplsupport.dll - ok
09:15:06.0118 8124  [ 809AE7D4ACE06BBCF621E5C504BF6FC8 ] C:\Windows\System32\hcproviders.dll
09:15:06.0118 8124  C:\Windows\System32\hcproviders.dll - ok
09:15:06.0133 8124  [ C769A93C4FF7FE0E39DED35C649A0AEE ] C:\Windows\SysWOW64\mctres.dll
09:15:06.0133 8124  C:\Windows\SysWOW64\mctres.dll - ok
09:15:06.0133 8124  ============================================================
09:15:06.0133 8124  Scan finished
09:15:06.0133 8124  ============================================================
09:15:06.0133 7068  Detected object count: 2
09:15:06.0133 7068  Actual detected object count: 2
09:16:36.0223 7068  \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
09:16:36.0223 7068  \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip
09:16:36.0255 7068  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
09:16:36.0348 7068  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
09:16:36.0348 7068  \Device\Harddisk0\DR0\Partition1 - ok
09:16:36.0348 7068  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
09:16:46.0317 4724  Deinitialize success

 

ComboFix to follow...



#5 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 02 August 2013 - 10:05 AM

ComboFix log:

 

ComboFix 13-08-01.01 - Kelly 08/02/2013   9:28.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3944.2528 [GMT -5:00]
Running from: c:\users\Kelly\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6280\AddOnDownloaded\0d06f79c-d0e6-4610-9a2b-d8f1a48f4252.dll
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{0A948577-D026-4F25-B7DB-12F87C83CBE8}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{13A1D47B-5093-4524-A60F-9E8C139529EB}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{21E5B4A2-114B-4F4D-A676-E9F458DBB18B}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{6D309538-2FC9-4CE5-8CCC-DDA0E24A1180}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{81ADAFEE-A1FD-45BE-A68F-17A5776A264E}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{851B2333-7002-44CD-871E-46524CEBE3A0}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{A1F5F47C-4939-4527-8F0F-EB783A5B8CA5}.xps
c:\users\Kelly\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F0740957-DFC5-4B2C-9B41-17354B7BD5F9}.xps
c:\users\Kelly\msconfig.exe
c:\users\Kelly\teamviewer.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-02 to 2013-08-02  )))))))))))))))))))))))))))))))
.
.
2013-08-02 14:32 . 2013-08-02 14:32 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-02 14:17 . 2013-08-02 14:17 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\offreg.dll
2013-08-02 14:16 . 2013-08-02 14:16 -------- d-----w- C:\TDSSKiller_Quarantine
2013-08-02 13:05 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{99D08CDD-5869-4DF5-9705-5E508FA0FAB4}\mpengine.dll
2013-07-31 18:21 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-30 19:44 . 2013-07-30 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 19:44 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:21 . 2013-07-30 17:21 -------- d-----w- c:\users\Kelly\AppData\Roaming\Oracle
2013-07-30 17:21 . 2013-07-30 17:21 -------- d-----w- c:\windows\Sun
2013-07-30 15:43 . 2013-07-30 15:43 -------- d-----w- c:\windows\system32\appmgmt
2013-07-30 15:35 . 2013-07-30 15:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-30 15:35 . 2013-07-30 15:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-30 15:35 . 2013-07-30 15:35 -------- d-----w- c:\program files (x86)\Java
2013-07-30 13:56 . 2013-07-30 14:03 -------- d-----w- c:\program files (x86)\VideoLAN
2013-07-30 13:55 . 2013-07-30 13:55 -------- d-----w- c:\users\Kelly\AppData\Local\Wajam
2013-07-30 13:55 . 2013-07-30 15:21 -------- d-----w- c:\users\Kelly\AppData\Local\Conduit
2013-07-30 13:54 . 2013-07-30 13:54 -------- d-----w- c:\users\Kelly\AppData\Local\CRE
2013-07-30 13:54 . 2013-07-30 13:55 -------- d-----w- c:\program files (x86)\Conduit
2013-07-17 14:28 . 2013-07-17 14:28 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\gapaengine.dll
2013-07-11 08:18 . 2013-07-11 08:18 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2013-07-10 20:22 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-30 15:35 . 2012-03-19 16:20 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-07-30 15:35 . 2012-03-08 20:26 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-23 17:11 . 2012-05-08 16:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-23 17:11 . 2012-05-08 16:23 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-11 08:07 . 2012-07-09 19:37 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 13:01 . 2012-10-03 13:03 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-15 12:46 . 2010-06-24 17:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 12:33 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 12:33 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 12:33 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 12:33 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 12:33 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 12:33 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 12:33 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 12:33 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:33 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:33 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-10 05:49 . 2013-06-12 12:33 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 12:33 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 08:02 . 2013-05-08 08:02 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-08 08:02 . 2013-05-08 08:02 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-08 08:02 . 2013-05-08 08:02 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-08 08:02 . 2013-05-08 08:02 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-08 08:02 . 2013-05-08 08:02 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-08 08:02 . 2013-05-08 08:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-08 08:02 . 2013-05-08 08:02 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-08 08:02 . 2013-05-08 08:02 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-08 08:02 . 2013-05-08 08:02 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-08 08:02 . 2013-05-08 08:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-08 08:02 . 2013-05-08 08:02 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-08 08:02 . 2013-05-08 08:02 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-08 08:02 . 2013-05-08 08:02 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-08 08:02 . 2013-05-08 08:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-08 08:02 . 2013-05-08 08:02 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-08 08:02 . 2013-05-08 08:02 441856 ----a-w- c:\windows\system32\html.iec
2013-05-08 08:02 . 2013-05-08 08:02 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-08 08:02 . 2013-05-08 08:02 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-08 08:02 . 2013-05-08 08:02 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-08 08:02 . 2013-05-08 08:02 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-08 08:02 . 2013-05-08 08:02 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-08 08:02 . 2013-05-08 08:02 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-08 08:02 . 2013-05-08 08:02 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-08 08:02 . 2013-05-08 08:02 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-08 08:02 . 2013-05-08 08:02 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-08 08:02 . 2013-05-08 08:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-08 08:02 . 2013-05-08 08:02 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-08 08:02 . 2013-05-08 08:02 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-08 08:02 . 2013-05-08 08:02 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-08 08:02 . 2013-05-08 08:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-08 08:02 . 2013-05-08 08:02 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-08 08:02 . 2013-05-08 08:02 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-08 08:02 . 2013-05-08 08:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-08 08:02 . 2013-05-08 08:02 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-08 08:02 . 2013-05-08 08:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-08 08:02 . 2013-05-08 08:02 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-08 08:02 . 2013-05-08 08:02 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-08 08:02 . 2013-05-08 08:02 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-08 08:02 . 2013-05-08 08:02 235008 ----a-w- c:\windows\system32\url.dll
2013-05-08 08:02 . 2013-05-08 08:02 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-08 08:02 . 2013-05-08 08:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-08 08:02 . 2013-05-08 08:02 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-08 08:02 . 2013-05-08 08:02 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-08 08:02 . 2013-05-08 08:02 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-08 08:02 . 2013-05-08 08:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-08 08:02 . 2013-05-08 08:02 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-08 08:02 . 2013-05-08 08:02 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-08 08:02 . 2013-05-08 08:02 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-08 08:02 . 2013-05-08 08:02 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-08 06:39 . 2013-06-12 12:33 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-08 06:10 . 2011-01-07 20:39 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-05-08 06:10 . 2011-01-07 20:39 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2013-05-10 1272912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
"Google"="c:\users\Kelly\AppData\Local\Google\htmsuhvl.dll" [2013-07-26 944128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
"NA1Messenger"="c:\ups\WSTD\UPSNA1Msgr.exe" [2013-03-07 30744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UPS WorldShip Messaging Utility.lnk - c:\ups\WSTD\WSTDMessaging.exe [2012-12-5 415328]
UPS WorldShip PLD Reminder Utility.lnk - c:\ups\WSTD\wstdPldReminder.exe [2012-12-5 40472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MSSQL$UPSWSDBSERVER;SQL Server (UPSWSDBSERVER);c:\ups\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\ups\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 98051675
*Deregistered* - 98051675
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 17:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 64.33.128.10 64.33.128.210
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-Adobe CSS5.1 Manager - c:\users\Kelly\AppData\Local\81647c1c-e240-4c96-bf0a-8f5211a7fe3dad\ccecbfafafedad.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-Run RunOnce - D:\RunOnce.exe
SafeBoot-63934101.sys
SafeBoot-98051675.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-08-02  09:34:34
ComboFix-quarantined-files.txt  2013-08-02 14:34
.
Pre-Run: 410,926,043,136 bytes free
Post-Run: 410,702,479,360 bytes free
.
- - End Of File - - 204F5249398FD7D26293AAB0A055EDA2
D41D8CD98F00B204E9800998ECF8427E
 

How is your machine running now?
ComboFix did not resart the computer after completing and displaying log file. Upon opening IE, two security dialogs appeared stating, "You are about to leave a secure internet connection. It will be possible for others to view the information you send." I closed these with the red 'X' in the upper right corner. I have not re-activated MSE real-time protection, which generally gives me a green message box saying that detected items are being cleaned. Please let me know if I should turn on real-time protection again, or wait until the removal process is marked as complete. No BSOD has been encountered yet, but I will update this thread if one occurs.
***Please note: I will be unable to respond to this thread after 2:30PM U.S. Central Time today. I will return to work on Monday, August 5th at 8:00AM U.S. Central Time. Please do not close this thread in the meantime. Thank You - Adam
 



#6 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 02 August 2013 - 10:35 AM

**UPDATE: After closing all programs, numerous background processes seem to spawn - indicated by quick flashes of indistinguishable program windows. Checking Task Manager, several IE processes are spawning and persisting. Half are iexplore.exe, using 5-7k memory, the other half are iexplore.exe *32, using 60-125k memory. Current count is 6 iexplore/iexplore *32 processes.



#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:18 AM

Posted 02 August 2013 - 04:17 PM

1.

We need to run a CFScript.

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the codebox below into it:

File::
c:\users\Kelly\AppData\Local\Google\htmsuhvl.dll
Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Google"=-

Save this as CFScript.txt, in the same location as ComboFix.exe


CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

09:16:36.0223 7068  \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - skipped by user
09:16:36.0223 7068  \Device\Harddisk0\DR0 ( Rootkit.Win32.BackBoot.gen ) - User select action: Skip

 

Please run TdssKiller again and select move to quarantine for this also if it still exists

 

 

Things to include in your next reply::

Combofix.txt

TdssKiller log

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 05 August 2013 - 12:00 PM

ComboFix log:

 

ComboFix 13-08-05.01 - Kelly 08/05/2013  11:34:04.2.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.3944.2828 [GMT -5:00]
Running from: c:\users\Kelly\Desktop\ComboFix.exe
Command switches used :: c:\users\Kelly\Desktop\CFScript.txt.txt
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\users\Kelly\AppData\Local\Google\htmsuhvl.dll"
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Kelly\AppData\Local\Google\htmsuhvl.dll
.
.
(((((((((((((((((((((((((   Files Created from 2013-07-05 to 2013-08-05  )))))))))))))))))))))))))))))))
.
.
2013-08-05 16:38 . 2013-08-05 16:38 76232 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\offreg.dll
2013-08-05 16:37 . 2013-08-05 16:37 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-08-05 13:08 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpengine.dll
2013-08-02 14:16 . 2013-08-02 14:16 -------- d-----w- C:\TDSSKiller_Quarantine
2013-08-02 13:05 . 2013-07-02 08:34 9460976 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-07-30 19:44 . 2013-07-30 19:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2013-07-30 19:44 . 2013-04-04 19:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-07-30 17:21 . 2013-07-30 17:21 -------- d-----w- c:\users\Kelly\AppData\Roaming\Oracle
2013-07-30 17:21 . 2013-07-30 17:21 -------- d-----w- c:\windows\Sun
2013-07-30 15:43 . 2013-07-30 15:43 -------- d-----w- c:\windows\system32\appmgmt
2013-07-30 15:35 . 2013-07-30 15:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-07-30 15:35 . 2013-07-30 15:35 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-30 15:35 . 2013-07-30 15:35 -------- d-----w- c:\program files (x86)\Java
2013-07-30 13:56 . 2013-07-30 14:03 -------- d-----w- c:\program files (x86)\VideoLAN
2013-07-30 13:55 . 2013-07-30 13:55 -------- d-----w- c:\users\Kelly\AppData\Local\Wajam
2013-07-30 13:55 . 2013-07-30 15:21 -------- d-----w- c:\users\Kelly\AppData\Local\Conduit
2013-07-30 13:54 . 2013-07-30 13:54 -------- d-----w- c:\users\Kelly\AppData\Local\CRE
2013-07-30 13:54 . 2013-07-30 13:55 -------- d-----w- c:\program files (x86)\Conduit
2013-07-17 14:28 . 2013-07-17 14:28 941720 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3D79313C-E044-455C-B92F-FBF7808CEE63}\gapaengine.dll
2013-07-11 08:18 . 2013-07-11 08:18 -------- d-----w- c:\program files (x86)\Dell Digital Delivery
2013-07-10 20:22 . 2013-05-27 05:50 1011712 ----a-w- c:\program files\Windows Defender\MpSvc.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-30 15:35 . 2012-03-19 16:20 867240 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-07-30 15:35 . 2012-03-08 20:26 789416 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-07-23 17:11 . 2012-05-08 16:23 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-07-23 17:11 . 2012-05-08 16:23 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-11 08:07 . 2012-07-09 19:37 78185248 ----a-w- c:\windows\system32\MRT.exe
2013-06-21 13:01 . 2012-10-03 13:03 964552 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-05-15 12:46 . 2010-06-24 17:33 22240 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-13 05:51 . 2013-06-12 12:33 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-05-13 05:51 . 2013-06-12 12:33 1464320 ----a-w- c:\windows\system32\crypt32.dll
2013-05-13 05:51 . 2013-06-12 12:33 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-05-13 05:50 . 2013-06-12 12:33 52224 ----a-w- c:\windows\system32\certenc.dll
2013-05-13 04:45 . 2013-06-12 12:33 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-05-13 04:45 . 2013-06-12 12:33 1160192 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-05-13 04:45 . 2013-06-12 12:33 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-05-13 03:43 . 2013-06-12 12:33 1192448 ----a-w- c:\windows\system32\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:33 903168 ----a-w- c:\windows\SysWow64\certutil.exe
2013-05-13 03:08 . 2013-06-12 12:33 43008 ----a-w- c:\windows\SysWow64\certenc.dll
2013-05-10 07:57 . 2013-05-10 07:57 27208 ----a-w- c:\windows\system32\AdobePDFUI.dll
2013-05-10 07:57 . 2013-05-10 07:57 55872 ----a-w- c:\windows\system32\AdobePDF.dll
2013-05-10 05:49 . 2013-06-12 12:33 30720 ----a-w- c:\windows\system32\cryptdlg.dll
2013-05-10 03:20 . 2013-06-12 12:33 24576 ----a-w- c:\windows\SysWow64\cryptdlg.dll
2013-05-08 08:02 . 2013-05-08 08:02 719360 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-05-08 08:02 . 2013-05-08 08:02 523264 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-05-08 08:02 . 2013-05-08 08:02 226304 ----a-w- c:\windows\system32\elshyph.dll
2013-05-08 08:02 . 2013-05-08 08:02 185344 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-05-08 08:02 . 2013-05-08 08:02 158720 ----a-w- c:\windows\SysWow64\msls31.dll
2013-05-08 08:02 . 2013-05-08 08:02 150528 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-05-08 08:02 . 2013-05-08 08:02 138752 ----a-w- c:\windows\SysWow64\wextract.exe
2013-05-08 08:02 . 2013-05-08 08:02 137216 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-05-08 08:02 . 2013-05-08 08:02 1054720 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-05-08 08:02 . 2013-05-08 08:02 81408 ----a-w- c:\windows\system32\icardie.dll
2013-05-08 08:02 . 2013-05-08 08:02 762368 ----a-w- c:\windows\system32\ieapfltr.dll
2013-05-08 08:02 . 2013-05-08 08:02 73728 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-05-08 08:02 . 2013-05-08 08:02 61952 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-05-08 08:02 . 2013-05-08 08:02 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-05-08 08:02 . 2013-05-08 08:02 452096 ----a-w- c:\windows\system32\dxtmsft.dll
2013-05-08 08:02 . 2013-05-08 08:02 441856 ----a-w- c:\windows\system32\html.iec
2013-05-08 08:02 . 2013-05-08 08:02 38400 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-05-08 08:02 . 2013-05-08 08:02 361984 ----a-w- c:\windows\SysWow64\html.iec
2013-05-08 08:02 . 2013-05-08 08:02 281600 ----a-w- c:\windows\system32\dxtrans.dll
2013-05-08 08:02 . 2013-05-08 08:02 23040 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-05-08 08:02 . 2013-05-08 08:02 216064 ----a-w- c:\windows\system32\msls31.dll
2013-05-08 08:02 . 2013-05-08 08:02 197120 ----a-w- c:\windows\system32\msrating.dll
2013-05-08 08:02 . 2013-05-08 08:02 1441280 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-05-08 08:02 . 2013-05-08 08:02 1400416 ----a-w- c:\windows\system32\ieapfltr.dat
2013-05-08 08:02 . 2013-05-08 08:02 12800 ----a-w- c:\windows\SysWow64\mshta.exe
2013-05-08 08:02 . 2013-05-08 08:02 110592 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-05-08 08:02 . 2013-05-08 08:02 97280 ----a-w- c:\windows\system32\mshtmled.dll
2013-05-08 08:02 . 2013-05-08 08:02 92160 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-05-08 08:02 . 2013-05-08 08:02 905728 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-05-08 08:02 . 2013-05-08 08:02 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-05-08 08:02 . 2013-05-08 08:02 62976 ----a-w- c:\windows\system32\pngfilt.dll
2013-05-08 08:02 . 2013-05-08 08:02 599552 ----a-w- c:\windows\system32\vbscript.dll
2013-05-08 08:02 . 2013-05-08 08:02 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-05-08 08:02 . 2013-05-08 08:02 51200 ----a-w- c:\windows\system32\imgutil.dll
2013-05-08 08:02 . 2013-05-08 08:02 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-05-08 08:02 . 2013-05-08 08:02 27648 ----a-w- c:\windows\system32\licmgr10.dll
2013-05-08 08:02 . 2013-05-08 08:02 270848 ----a-w- c:\windows\system32\iedkcs32.dll
2013-05-08 08:02 . 2013-05-08 08:02 247296 ----a-w- c:\windows\system32\webcheck.dll
2013-05-08 08:02 . 2013-05-08 08:02 235008 ----a-w- c:\windows\system32\url.dll
2013-05-08 08:02 . 2013-05-08 08:02 173568 ----a-w- c:\windows\system32\ieUnatt.exe
2013-05-08 08:02 . 2013-05-08 08:02 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-05-08 08:02 . 2013-05-08 08:02 1509376 ----a-w- c:\windows\system32\inetcpl.cpl
2013-05-08 08:02 . 2013-05-08 08:02 149504 ----a-w- c:\windows\system32\occache.dll
2013-05-08 08:02 . 2013-05-08 08:02 144896 ----a-w- c:\windows\system32\wextract.exe
2013-05-08 08:02 . 2013-05-08 08:02 13824 ----a-w- c:\windows\system32\mshta.exe
2013-05-08 08:02 . 2013-05-08 08:02 136192 ----a-w- c:\windows\system32\iepeers.dll
2013-05-08 08:02 . 2013-05-08 08:02 135680 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-05-08 08:02 . 2013-05-08 08:02 12800 ----a-w- c:\windows\system32\msfeedssync.exe
2013-05-08 08:02 . 2013-05-08 08:02 102912 ----a-w- c:\windows\system32\inseng.dll
2013-05-08 06:39 . 2013-06-12 12:33 1910632 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-05-08 06:10 . 2011-01-07 20:39 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll
2013-05-08 06:10 . 2011-01-07 20:39 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Acrobat Synchronizer"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" [2013-05-10 1272912]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-04-19 18678376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-16 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2013-05-10 38984]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2013-05-10 840768]
"NA1Messenger"="c:\ups\WSTD\UPSNA1Msgr.exe" [2013-03-07 30744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UPS WorldShip Messaging Utility.lnk - c:\ups\WSTD\WSTDMessaging.exe [2012-12-5 415328]
UPS WorldShip PLD Reminder Utility.lnk - c:\ups\WSTD\wstdPldReminder.exe [2012-12-5 40472]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [x]
R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
S2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MSSQL$UPSWSDBSERVER;SQL Server (UPSWSDBSERVER);c:\ups\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\ups\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2013-08-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-08 17:11]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-23 10920552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-03-20 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-20 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-20 439064]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 64.33.128.10 64.33.128.210
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
.
**************************************************************************
.
Completion time: 2013-08-05  11:41:16 - machine was rebooted
ComboFix-quarantined-files.txt  2013-08-05 16:41
ComboFix2.txt  2013-08-02 14:34
.
Pre-Run: 410,331,271,168 bytes free
Post-Run: 410,057,433,088 bytes free
.
- - End Of File - - 4426B970D6186DA8257166FC3E2C85AD
D41D8CD98F00B204E9800998ECF8427E
 



#9 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 05 August 2013 - 12:03 PM

TDSSKiller Log - no infections found:

 

11:55:53.0573 3844  TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
11:55:54.0025 3844  ============================================================
11:55:54.0025 3844  Current date / time: 2013/08/05 11:55:54.0025
11:55:54.0025 3844  SystemInfo:
11:55:54.0025 3844 
11:55:54.0025 3844  OS Version: 6.1.7601 ServicePack: 1.0
11:55:54.0025 3844  Product type: Workstation
11:55:54.0025 3844  ComputerName: FRONTDESK-PC
11:55:54.0025 3844  UserName: Kelly
11:55:54.0025 3844  Windows directory: C:\Windows
11:55:54.0025 3844  System windows directory: C:\Windows
11:55:54.0025 3844  Running under WOW64
11:55:54.0025 3844  Processor architecture: Intel x64
11:55:54.0025 3844  Number of processors: 4
11:55:54.0025 3844  Page size: 0x1000
11:55:54.0025 3844  Boot type: Normal boot
11:55:54.0025 3844  ============================================================
11:55:54.0041 3844  BG loaded
11:55:56.0986 3844  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:55:56.0986 3844  ============================================================
11:55:56.0986 3844  \Device\Harddisk0\DR0:
11:55:56.0986 3844  MBR partitions:
11:55:56.0986 3844  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x304E000
11:55:56.0986 3844  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3062000, BlocksNum 0x37322000
11:55:56.0986 3844  ============================================================
11:55:58.0297 3844  C: <-> \Device\Harddisk0\DR0\Partition2
11:55:58.0297 3844  ============================================================
11:55:58.0297 3844  Initialize success
11:55:58.0297 3844  ============================================================
11:56:09.0170 4804  ============================================================
11:56:09.0170 4804  Scan started
11:56:09.0170 4804  Mode: Manual; SigCheck; TDLFS;
11:56:09.0170 4804  ============================================================
11:56:10.0126 4804  ================ Scan system memory ========================
11:56:10.0126 4804  System memory - ok
11:56:10.0126 4804  ================ Scan services =============================
11:56:10.0373 4804  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:56:10.0421 4804  1394ohci - ok
11:56:10.0442 4804  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:56:10.0453 4804  ACPI - ok
11:56:10.0465 4804  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:56:10.0521 4804  AcpiPmi - ok
11:56:10.0673 4804  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:56:10.0680 4804  AdobeARMservice - ok
11:56:10.0777 4804  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:56:10.0790 4804  AdobeFlashPlayerUpdateSvc - ok
11:56:10.0817 4804  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:56:10.0831 4804  adp94xx - ok
11:56:10.0866 4804  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:56:10.0879 4804  adpahci - ok
11:56:10.0904 4804  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:56:10.0913 4804  adpu320 - ok
11:56:10.0927 4804  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:56:11.0003 4804  AeLookupSvc - ok
11:56:11.0070 4804  [ D1E343BC00136CE03C4D403194D06A80 ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:56:11.0076 4804  AERTFilters - ok
11:56:11.0115 4804  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
11:56:11.0145 4804  AFD - ok
11:56:11.0169 4804  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
11:56:11.0182 4804  agp440 - ok
11:56:11.0222 4804  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
11:56:11.0263 4804  ALG - ok
11:56:11.0283 4804  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:56:11.0290 4804  aliide - ok
11:56:11.0300 4804  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
11:56:11.0307 4804  amdide - ok
11:56:11.0334 4804  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:56:11.0356 4804  AmdK8 - ok
11:56:11.0376 4804  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
11:56:11.0397 4804  AmdPPM - ok
11:56:11.0412 4804  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:56:11.0422 4804  amdsata - ok
11:56:11.0440 4804  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:56:11.0449 4804  amdsbs - ok
11:56:11.0471 4804  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:56:11.0480 4804  amdxata - ok
11:56:11.0508 4804  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
11:56:11.0599 4804  AppID - ok
11:56:11.0630 4804  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:56:11.0672 4804  AppIDSvc - ok
11:56:11.0717 4804  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
11:56:11.0740 4804  Appinfo - ok
11:56:11.0829 4804  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
11:56:11.0891 4804  AppMgmt - ok
11:56:11.0923 4804  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
11:56:11.0923 4804  arc - ok
11:56:11.0969 4804  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:56:11.0985 4804  arcsas - ok
11:56:12.0047 4804  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:56:12.0079 4804  aspnet_state - ok
11:56:12.0094 4804  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:12.0125 4804  AsyncMac - ok
11:56:12.0172 4804  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
11:56:12.0172 4804  atapi - ok
11:56:12.0219 4804  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:56:12.0250 4804  AudioEndpointBuilder - ok
11:56:12.0250 4804  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:56:12.0281 4804  AudioSrv - ok
11:56:12.0344 4804  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:56:12.0422 4804  AxInstSV - ok
11:56:12.0469 4804  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:56:12.0500 4804  b06bdrv - ok
11:56:12.0593 4804  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:56:12.0656 4804  b57nd60a - ok
11:56:12.0687 4804  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:56:12.0703 4804  BDESVC - ok
11:56:12.0734 4804  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:56:12.0765 4804  Beep - ok
11:56:12.0812 4804  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
11:56:12.0859 4804  BFE - ok
11:56:12.0905 4804  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
11:56:12.0937 4804  BITS - ok
11:56:12.0952 4804  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:56:12.0968 4804  blbdrive - ok
11:56:12.0999 4804  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:56:13.0030 4804  bowser - ok
11:56:13.0046 4804  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:56:13.0061 4804  BrFiltLo - ok
11:56:13.0077 4804  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:56:13.0093 4804  BrFiltUp - ok
11:56:13.0155 4804  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:56:13.0202 4804  BridgeMP - ok
11:56:13.0327 4804  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
11:56:13.0358 4804  Browser - ok
11:56:13.0373 4804  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:56:13.0420 4804  Brserid - ok
11:56:13.0467 4804  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:56:13.0498 4804  BrSerWdm - ok
11:56:13.0514 4804  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:56:13.0529 4804  BrUsbMdm - ok
11:56:13.0545 4804  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:56:13.0576 4804  BrUsbSer - ok
11:56:13.0639 4804  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:56:13.0670 4804  BTHMODEM - ok
11:56:13.0717 4804  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
11:56:13.0748 4804  bthserv - ok
11:56:13.0841 4804  catchme - ok
11:56:13.0888 4804  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:56:13.0919 4804  cdfs - ok
11:56:13.0951 4804  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:56:13.0982 4804  cdrom - ok
11:56:14.0029 4804  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
11:56:14.0060 4804  CertPropSvc - ok
11:56:14.0107 4804  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
11:56:14.0138 4804  circlass - ok
11:56:14.0169 4804  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
11:56:14.0185 4804  CLFS - ok
11:56:14.0294 4804  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:14.0294 4804  clr_optimization_v2.0.50727_32 - ok
11:56:14.0325 4804  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:56:14.0325 4804  clr_optimization_v2.0.50727_64 - ok
11:56:14.0372 4804  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:14.0434 4804  clr_optimization_v4.0.30319_32 - ok
11:56:14.0465 4804  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:56:14.0481 4804  clr_optimization_v4.0.30319_64 - ok
11:56:14.0512 4804  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:56:14.0512 4804  CmBatt - ok
11:56:14.0528 4804  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:56:14.0528 4804  cmdide - ok
11:56:14.0575 4804  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
11:56:14.0590 4804  CNG - ok
11:56:14.0606 4804  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:56:14.0606 4804  Compbatt - ok
11:56:14.0637 4804  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:56:14.0653 4804  CompositeBus - ok
11:56:14.0668 4804  COMSysApp - ok
11:56:14.0715 4804  [ F08C6020E57F5E5BF2FD034DB10BEDFB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:56:14.0731 4804  cphs - ok
11:56:14.0746 4804  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:56:14.0762 4804  crcdisk - ok
11:56:14.0793 4804  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:56:14.0824 4804  CryptSvc - ok
11:56:14.0855 4804  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
11:56:14.0887 4804  CSC - ok
11:56:14.0953 4804  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
11:56:14.0977 4804  CscService - ok
11:56:15.0069 4804  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:56:15.0100 4804  DcomLaunch - ok
11:56:15.0131 4804  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
11:56:15.0178 4804  defragsvc - ok
11:56:15.0256 4804  [ 4C0419368943D1CF20A9FCEEC50D9846 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
11:56:15.0271 4804  DellDigitalDelivery - ok
11:56:15.0287 4804  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:56:15.0318 4804  DfsC - ok
11:56:15.0381 4804  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:56:15.0427 4804  Dhcp - ok
11:56:15.0443 4804  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
11:56:15.0459 4804  discache - ok
11:56:15.0474 4804  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
11:56:15.0490 4804  Disk - ok
11:56:15.0521 4804  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
11:56:15.0568 4804  dmvsc - ok
11:56:15.0583 4804  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:56:15.0615 4804  Dnscache - ok
11:56:15.0646 4804  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:56:15.0677 4804  dot3svc - ok
11:56:15.0693 4804  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
11:56:15.0724 4804  DPS - ok
11:56:15.0739 4804  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:56:15.0771 4804  drmkaud - ok
11:56:15.0802 4804  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:56:15.0817 4804  DXGKrnl - ok
11:56:15.0833 4804  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
11:56:15.0864 4804  EapHost - ok
11:56:15.0927 4804  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:56:16.0036 4804  ebdrv - ok
11:56:16.0067 4804  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
11:56:16.0098 4804  EFS - ok
11:56:16.0145 4804  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:56:16.0207 4804  ehRecvr - ok
11:56:16.0207 4804  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
11:56:16.0223 4804  ehSched - ok
11:56:16.0270 4804  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:56:16.0285 4804  elxstor - ok
11:56:16.0285 4804  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:56:16.0285 4804  ErrDev - ok
11:56:16.0363 4804  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
11:56:16.0395 4804  EventSystem - ok
11:56:16.0426 4804  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
11:56:16.0441 4804  exfat - ok
11:56:16.0473 4804  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:56:16.0519 4804  fastfat - ok
11:56:16.0551 4804  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
11:56:16.0582 4804  Fax - ok
11:56:16.0597 4804  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
11:56:16.0613 4804  fdc - ok
11:56:16.0644 4804  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
11:56:16.0675 4804  fdPHost - ok
11:56:16.0691 4804  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:56:16.0722 4804  FDResPub - ok
11:56:16.0753 4804  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:56:16.0753 4804  FileInfo - ok
11:56:16.0769 4804  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:56:16.0800 4804  Filetrace - ok
11:56:16.0816 4804  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:56:16.0831 4804  flpydisk - ok
11:56:16.0847 4804  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:56:16.0847 4804  FltMgr - ok
11:56:16.0894 4804  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
11:56:16.0909 4804  FontCache - ok
11:56:16.0956 4804  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:56:16.0956 4804  FontCache3.0.0.0 - ok
11:56:16.0972 4804  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:56:16.0972 4804  FsDepends - ok
11:56:17.0003 4804  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:56:17.0003 4804  Fs_Rec - ok
11:56:17.0050 4804  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:56:17.0065 4804  fvevol - ok
11:56:17.0081 4804  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:56:17.0097 4804  gagp30kx - ok
11:56:17.0128 4804  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
11:56:17.0159 4804  gpsvc - ok
11:56:17.0175 4804  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:56:17.0190 4804  hcw85cir - ok
11:56:17.0221 4804  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:17.0237 4804  HDAudBus - ok
11:56:17.0253 4804  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:56:17.0268 4804  HidBatt - ok
11:56:17.0284 4804  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:56:17.0299 4804  HidBth - ok
11:56:17.0331 4804  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:56:17.0331 4804  HidIr - ok
11:56:17.0346 4804  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
11:56:17.0393 4804  hidserv - ok
11:56:17.0409 4804  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:56:17.0409 4804  HidUsb - ok
11:56:17.0455 4804  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:56:17.0502 4804  hkmsvc - ok
11:56:17.0533 4804  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:56:17.0565 4804  HomeGroupListener - ok
11:56:17.0596 4804  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:56:17.0611 4804  HomeGroupProvider - ok
11:56:17.0627 4804  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:56:17.0643 4804  HpSAMD - ok
11:56:17.0674 4804  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:56:17.0705 4804  HTTP - ok
11:56:17.0721 4804  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:56:17.0721 4804  hwpolicy - ok
11:56:17.0752 4804  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:56:17.0767 4804  i8042prt - ok
11:56:17.0799 4804  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
11:56:17.0814 4804  iaStor - ok
11:56:17.0892 4804  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:56:17.0908 4804  IAStorDataMgrSvc - ok
11:56:17.0923 4804  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:56:17.0939 4804  iaStorV - ok
11:56:17.0986 4804  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:56:18.0001 4804  idsvc - ok
11:56:18.0376 4804  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:56:18.0532 4804  igfx - ok
11:56:18.0563 4804  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:56:18.0579 4804  iirsp - ok
11:56:18.0594 4804  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:56:18.0641 4804  IKEEXT - ok
11:56:18.0703 4804  [ 235362D403D9D677514649D88DB31914 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:56:18.0719 4804  IntcAzAudAddService - ok
11:56:18.0766 4804  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:56:18.0781 4804  IntcDAud - ok
11:56:18.0813 4804  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
11:56:18.0813 4804  intelide - ok
11:56:18.0828 4804  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:56:18.0859 4804  intelppm - ok
11:56:18.0875 4804  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:56:18.0922 4804  IPBusEnum - ok
11:56:18.0937 4804  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:56:18.0969 4804  IpFilterDriver - ok
11:56:19.0015 4804  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:56:19.0047 4804  iphlpsvc - ok
11:56:19.0062 4804  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:56:19.0078 4804  IPMIDRV - ok
11:56:19.0078 4804  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:56:19.0109 4804  IPNAT - ok
11:56:19.0125 4804  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:56:19.0140 4804  IRENUM - ok
11:56:19.0156 4804  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:56:19.0156 4804  isapnp - ok
11:56:19.0171 4804  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:56:19.0187 4804  iScsiPrt - ok
11:56:19.0218 4804  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
11:56:19.0218 4804  k57nd60a - ok
11:56:19.0234 4804  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:56:19.0249 4804  kbdclass - ok
11:56:19.0265 4804  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:56:19.0265 4804  kbdhid - ok
11:56:19.0296 4804  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
11:56:19.0296 4804  KeyIso - ok
11:56:19.0327 4804  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:56:19.0327 4804  KSecDD - ok
11:56:19.0343 4804  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:56:19.0343 4804  KSecPkg - ok
11:56:19.0359 4804  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:56:19.0390 4804  ksthunk - ok
11:56:19.0437 4804  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:56:19.0468 4804  KtmRm - ok
11:56:19.0530 4804  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:56:19.0561 4804  LanmanServer - ok
11:56:19.0593 4804  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:56:19.0624 4804  LanmanWorkstation - ok
11:56:19.0671 4804  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:56:19.0702 4804  lltdio - ok
11:56:19.0749 4804  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:56:19.0780 4804  lltdsvc - ok
11:56:19.0795 4804  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:56:19.0811 4804  lmhosts - ok
11:56:19.0842 4804  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:56:19.0858 4804  LSI_FC - ok
11:56:19.0873 4804  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:56:19.0889 4804  LSI_SAS - ok
11:56:19.0905 4804  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:56:19.0920 4804  LSI_SAS2 - ok
11:56:19.0936 4804  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:56:19.0951 4804  LSI_SCSI - ok
11:56:19.0967 4804  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
11:56:19.0998 4804  luafv - ok
11:56:20.0061 4804  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
11:56:20.0076 4804  LVRS64 - ok
11:56:20.0170 4804  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
11:56:20.0217 4804  LVUVC64 - ok
11:56:20.0248 4804  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:56:20.0248 4804  Mcx2Svc - ok
11:56:20.0263 4804  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:56:20.0279 4804  megasas - ok
11:56:20.0295 4804  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:56:20.0310 4804  MegaSR - ok
11:56:20.0357 4804  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:56:20.0357 4804  MEIx64 - ok
11:56:20.0388 4804  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
11:56:20.0685 4804  MMCSS - ok
11:56:20.0700 4804  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
11:56:20.0778 4804  Modem - ok
11:56:20.0794 4804  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:56:20.0809 4804  monitor - ok
11:56:20.0856 4804  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:56:20.0856 4804  mouclass - ok
11:56:20.0903 4804  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:56:20.0919 4804  mouhid - ok
11:56:20.0965 4804  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:56:20.0981 4804  mountmgr - ok
11:56:21.0106 4804  [ E3252991298FB01B3D3B6433A5FBF8EE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:56:21.0121 4804  MozillaMaintenance - ok
11:56:21.0168 4804  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
11:56:21.0168 4804  MpFilter - ok
11:56:21.0184 4804  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:56:21.0184 4804  mpio - ok
11:56:21.0199 4804  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:56:21.0231 4804  mpsdrv - ok
11:56:21.0387 4804  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:56:21.0433 4804  MpsSvc - ok
11:56:21.0465 4804  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:56:21.0511 4804  MRxDAV - ok
11:56:21.0558 4804  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:56:21.0589 4804  mrxsmb - ok
11:56:21.0652 4804  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:56:21.0652 4804  mrxsmb10 - ok
11:56:21.0683 4804  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:56:21.0683 4804  mrxsmb20 - ok
11:56:21.0730 4804  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:56:21.0745 4804  msahci - ok
11:56:21.0777 4804  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:56:21.0792 4804  msdsm - ok
11:56:21.0855 4804  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
11:56:21.0870 4804  MSDTC - ok
11:56:21.0901 4804  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:56:21.0964 4804  Msfs - ok
11:56:22.0011 4804  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:56:22.0057 4804  mshidkmdf - ok
11:56:22.0104 4804  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:56:22.0120 4804  msisadrv - ok
11:56:22.0182 4804  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:56:22.0229 4804  MSiSCSI - ok
11:56:22.0229 4804  msiserver - ok
11:56:22.0276 4804  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:56:22.0323 4804  MSKSSRV - ok
11:56:22.0463 4804  [ E07DEC52FF801841BA9B6878A60304FB ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
11:56:22.0463 4804  MsMpSvc - ok
11:56:22.0494 4804  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:56:22.0510 4804  MSPCLOCK - ok
11:56:22.0525 4804  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:56:22.0572 4804  MSPQM - ok
11:56:22.0619 4804  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:56:22.0666 4804  MsRPC - ok
11:56:22.0681 4804  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:56:22.0681 4804  mssmbios - ok
11:56:22.0947 4804  MSSQL$UPSWSDBSERVER - ok
11:56:23.0025 4804  [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
11:56:23.0040 4804  MSSQLServerADHelper - ok
11:56:23.0056 4804  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:56:23.0087 4804  MSTEE - ok
11:56:23.0103 4804  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:56:23.0118 4804  MTConfig - ok
11:56:23.0149 4804  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:56:23.0149 4804  Mup - ok
11:56:23.0259 4804  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
11:56:23.0305 4804  napagent - ok
11:56:23.0352 4804  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:56:23.0493 4804  NativeWifiP - ok
11:56:23.0711 4804  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:56:23.0742 4804  NDIS - ok
11:56:23.0773 4804  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:56:23.0805 4804  NdisCap - ok
11:56:23.0805 4804  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:56:23.0836 4804  NdisTapi - ok
11:56:23.0867 4804  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:56:23.0914 4804  Ndisuio - ok
11:56:23.0929 4804  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:56:23.0976 4804  NdisWan - ok
11:56:23.0992 4804  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:56:24.0023 4804  NDProxy - ok
11:56:24.0070 4804  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:56:24.0101 4804  NetBIOS - ok
11:56:24.0132 4804  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:56:24.0148 4804  NetBT - ok
11:56:24.0163 4804  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
11:56:24.0179 4804  Netlogon - ok
11:56:24.0226 4804  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
11:56:24.0257 4804  Netman - ok
11:56:24.0491 4804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:24.0569 4804  NetMsmqActivator - ok
11:56:24.0585 4804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:24.0600 4804  NetPipeActivator - ok
11:56:24.0741 4804  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
11:56:24.0803 4804  netprofm - ok
11:56:24.0834 4804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:24.0850 4804  NetTcpActivator - ok
11:56:24.0850 4804  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:24.0865 4804  NetTcpPortSharing - ok
11:56:24.0912 4804  [ 73CE12B8BDD747B0063CB0A7EF44CEA7 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
11:56:24.0943 4804  netvsc - ok
11:56:24.0990 4804  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:56:25.0006 4804  nfrd960 - ok
11:56:25.0068 4804  [ 162100E0BC8377710F9D170631921C03 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
11:56:25.0084 4804  NisDrv - ok
11:56:25.0131 4804  [ C6E15F2F95F9C0A6098D43510B604E52 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
11:56:25.0162 4804  NisSrv - ok
11:56:25.0240 4804  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:56:25.0287 4804  NlaSvc - ok
11:56:25.0583 4804  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] NOBU            C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
11:56:25.0614 4804  NOBU - ok
11:56:25.0645 4804  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:56:25.0661 4804  Npfs - ok
11:56:25.0708 4804  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
11:56:25.0770 4804  nsi - ok
11:56:25.0786 4804  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:56:25.0864 4804  nsiproxy - ok
11:56:26.0067 4804  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:56:26.0129 4804  Ntfs - ok
11:56:26.0160 4804  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
11:56:26.0176 4804  Null - ok
11:56:26.0223 4804  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:56:26.0238 4804  nvraid - ok
11:56:26.0301 4804  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:56:26.0332 4804  nvstor - ok
11:56:26.0347 4804  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:56:26.0363 4804  nv_agp - ok
11:56:26.0379 4804  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:56:26.0379 4804  ohci1394 - ok
11:56:26.0488 4804  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:56:26.0503 4804  ose - ok
11:56:27.0361 4804  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:56:27.0486 4804  osppsvc - ok
11:56:27.0642 4804  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:56:27.0720 4804  p2pimsvc - ok
11:56:27.0861 4804  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:56:27.0923 4804  p2psvc - ok
11:56:27.0954 4804  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
11:56:27.0954 4804  Parport - ok
11:56:28.0017 4804  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:56:28.0048 4804  partmgr - ok
11:56:28.0095 4804  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:56:28.0157 4804  PcaSvc - ok
11:56:28.0219 4804  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
11:56:28.0235 4804  pci - ok
11:56:28.0297 4804  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
11:56:28.0313 4804  pciide - ok
11:56:28.0407 4804  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:56:28.0453 4804  pcmcia - ok
11:56:28.0485 4804  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:56:28.0500 4804  pcw - ok
11:56:28.0656 4804  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:56:28.0719 4804  PEAUTH - ok
11:56:29.0031 4804  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
11:56:29.0124 4804  PeerDistSvc - ok
11:56:29.0296 4804  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:56:29.0311 4804  PerfHost - ok
11:56:29.0358 4804  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
11:56:29.0421 4804  pla - ok
11:56:29.0467 4804  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:56:29.0499 4804  PlugPlay - ok
11:56:29.0514 4804  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:56:29.0530 4804  PNRPAutoReg - ok
11:56:29.0545 4804  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:56:29.0561 4804  PNRPsvc - ok
11:56:29.0592 4804  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:56:29.0655 4804  PolicyAgent - ok
11:56:29.0670 4804  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] Power           C:\Windows\system32\umpo.dll
11:56:29.0686 4804  Power - ok
11:56:29.0701 4804  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:56:29.0733 4804  PptpMiniport - ok
11:56:29.0748 4804  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
11:56:29.0764 4804  Processor - ok
11:56:29.0779 4804  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:56:29.0811 4804  ProfSvc - ok
11:56:29.0826 4804  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:56:29.0842 4804  ProtectedStorage - ok
11:56:29.0857 4804  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:56:29.0904 4804  Psched - ok
11:56:29.0935 4804  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
11:56:29.0951 4804  PxHlpa64 - ok
11:56:29.0998 4804  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:56:30.0045 4804  ql2300 - ok
11:56:30.0060 4804  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:56:30.0060 4804  ql40xx - ok
11:56:30.0091 4804  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
11:56:30.0123 4804  QWAVE - ok
11:56:30.0123 4804  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:56:30.0138 4804  QWAVEdrv - ok
11:56:30.0154 4804  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:56:30.0185 4804  RasAcd - ok
11:56:30.0185 4804  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:56:30.0216 4804  RasAgileVpn - ok
11:56:30.0247 4804  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
11:56:30.0279 4804  RasAuto - ok
11:56:30.0294 4804  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:56:30.0325 4804  Rasl2tp - ok
11:56:30.0341 4804  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
11:56:30.0388 4804  RasMan - ok
11:56:30.0388 4804  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:56:30.0419 4804  RasPppoe - ok
11:56:30.0435 4804  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:56:30.0466 4804  RasSstp - ok
11:56:30.0481 4804  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:56:30.0497 4804  rdbss - ok
11:56:30.0528 4804  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:56:30.0528 4804  rdpbus - ok
11:56:30.0559 4804  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:56:30.0606 4804  RDPCDD - ok
11:56:30.0622 4804  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
11:56:30.0653 4804  RDPDR - ok
11:56:30.0669 4804  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:56:30.0715 4804  RDPENCDD - ok
11:56:30.0731 4804  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:56:30.0747 4804  RDPREFMP - ok
11:56:30.0793 4804  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:56:30.0825 4804  RDPWD - ok
11:56:30.0856 4804  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:56:30.0871 4804  rdyboost - ok
11:56:30.0887 4804  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:56:30.0934 4804  RemoteAccess - ok
11:56:30.0965 4804  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:56:30.0996 4804  RemoteRegistry - ok
11:56:31.0043 4804  [ 5790BCA445CC40DF8B38C2C48608AAC2 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
11:56:31.0059 4804  RimUsb - ok
11:56:31.0137 4804  [ 3C957189B31C34D3AD21967B12B6AED7 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
11:56:31.0183 4804  RoxMediaDB12OEM - ok
11:56:31.0199 4804  [ 2B73088CC2CA757A172B425C9398E5BC ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
11:56:31.0199 4804  RoxWatch12 - ok
11:56:31.0230 4804  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:56:31.0261 4804  RpcEptMapper - ok
11:56:31.0293 4804  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
11:56:31.0293 4804  RpcLocator - ok
11:56:31.0308 4804  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
11:56:31.0339 4804  RpcSs - ok
11:56:31.0371 4804  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:56:31.0386 4804  rspndr - ok
11:56:31.0402 4804  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
11:56:31.0433 4804  s3cap - ok
11:56:31.0433 4804  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
11:56:31.0449 4804  SamSs - ok
11:56:31.0464 4804  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:56:31.0464 4804  sbp2port - ok
11:56:31.0480 4804  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:56:31.0495 4804  SCardSvr - ok
11:56:31.0511 4804  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:56:31.0542 4804  scfilter - ok
11:56:31.0573 4804  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
11:56:31.0620 4804  Schedule - ok
11:56:31.0636 4804  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:56:31.0651 4804  SCPolicySvc - ok
11:56:31.0667 4804  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:56:31.0683 4804  SDRSVC - ok
11:56:31.0698 4804  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:56:31.0745 4804  secdrv - ok
11:56:31.0776 4804  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
11:56:31.0792 4804  seclogon - ok
11:56:31.0807 4804  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
11:56:31.0839 4804  SENS - ok
11:56:31.0854 4804  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:56:31.0885 4804  SensrSvc - ok
11:56:31.0917 4804  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:56:31.0932 4804  Serenum - ok
11:56:31.0963 4804  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
11:56:31.0979 4804  Serial - ok
11:56:32.0010 4804  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:56:32.0026 4804  sermouse - ok
11:56:32.0041 4804  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:56:32.0073 4804  SessionEnv - ok
11:56:32.0073 4804  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:56:32.0088 4804  sffdisk - ok
11:56:32.0088 4804  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:56:32.0104 4804  sffp_mmc - ok
11:56:32.0104 4804  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:56:32.0119 4804  sffp_sd - ok
11:56:32.0135 4804  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:56:32.0135 4804  sfloppy - ok
11:56:32.0229 4804  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] SftService      C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:56:32.0260 4804  SftService - ok
11:56:32.0322 4804  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:56:32.0353 4804  SharedAccess - ok
11:56:32.0400 4804  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:56:32.0447 4804  ShellHWDetection - ok
11:56:32.0478 4804  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:56:32.0478 4804  SiSRaid2 - ok
11:56:32.0494 4804  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:56:32.0509 4804  SiSRaid4 - ok
11:56:32.0587 4804  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:56:32.0603 4804  SkypeUpdate - ok
11:56:32.0619 4804  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:56:32.0665 4804  Smb - ok
11:56:32.0697 4804  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:56:32.0728 4804  SNMPTRAP - ok
11:56:32.0743 4804  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:56:32.0743 4804  spldr - ok
11:56:32.0790 4804  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
11:56:32.0806 4804  Spooler - ok
11:56:32.0868 4804  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
11:56:32.0977 4804  sppsvc - ok
11:56:32.0993 4804  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:56:33.0040 4804  sppuinotify - ok
11:56:33.0102 4804  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:56:33.0118 4804  SQLBrowser - ok
11:56:33.0133 4804  [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:56:33.0149 4804  SQLWriter - ok
11:56:33.0180 4804  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:56:33.0211 4804  srv - ok
11:56:33.0227 4804  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:56:33.0243 4804  srv2 - ok
11:56:33.0258 4804  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:56:33.0258 4804  srvnet - ok
11:56:33.0289 4804  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:56:33.0336 4804  SSDPSRV - ok
11:56:33.0352 4804  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:56:33.0367 4804  SstpSvc - ok
11:56:33.0399 4804  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:56:33.0399 4804  stexstor - ok
11:56:33.0430 4804  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
11:56:33.0461 4804  stisvc - ok
11:56:33.0477 4804  [ 7731F46EC0D687A931CBA063E8F90EF0 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
11:56:33.0492 4804  stllssvr - ok
11:56:33.0523 4804  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
11:56:33.0555 4804  StorSvc - ok
11:56:33.0586 4804  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
11:56:33.0586 4804  storvsc - ok
11:56:33.0601 4804  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:56:33.0601 4804  swenum - ok
11:56:33.0633 4804  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
11:56:33.0695 4804  swprv - ok
11:56:33.0711 4804  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
11:56:33.0711 4804  SynthVid - ok
11:56:33.0742 4804  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
11:56:33.0773 4804  SysMain - ok
11:56:33.0789 4804  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:56:33.0789 4804  TabletInputService - ok
11:56:33.0804 4804  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:56:33.0835 4804  TapiSrv - ok
11:56:33.0851 4804  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
11:56:33.0882 4804  TBS - ok
11:56:33.0929 4804  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:56:33.0991 4804  Tcpip - ok
11:56:34.0023 4804  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:56:34.0054 4804  TCPIP6 - ok
11:56:34.0085 4804  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:56:34.0085 4804  tcpipreg - ok
11:56:34.0116 4804  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:56:34.0163 4804  TDPIPE - ok
11:56:34.0163 4804  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:56:34.0194 4804  TDTCP - ok
11:56:34.0194 4804  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:56:34.0225 4804  tdx - ok
11:56:34.0475 4804  [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:56:34.0522 4804  TeamViewer7 - ok
11:56:34.0553 4804  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:56:34.0553 4804  TermDD - ok
11:56:34.0584 4804  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
11:56:34.0631 4804  TermService - ok
11:56:34.0647 4804  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
11:56:34.0662 4804  Themes - ok
11:56:34.0678 4804  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
11:56:34.0709 4804  THREADORDER - ok
11:56:34.0725 4804  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
11:56:34.0756 4804  TrkWks - ok
11:56:34.0787 4804  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:56:34.0818 4804  TrustedInstaller - ok
11:56:34.0849 4804  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:56:34.0896 4804  tssecsrv - ok
11:56:34.0912 4804  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:56:34.0927 4804  TsUsbFlt - ok
11:56:34.0943 4804  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:56:34.0959 4804  TsUsbGD - ok
11:56:34.0974 4804  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:56:35.0021 4804  tunnel - ok
11:56:35.0037 4804  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:56:35.0037 4804  uagp35 - ok
11:56:35.0052 4804  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:56:35.0083 4804  udfs - ok
11:56:35.0099 4804  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:56:35.0115 4804  UI0Detect - ok
11:56:35.0130 4804  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:56:35.0146 4804  uliagpkx - ok
11:56:35.0146 4804  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:56:35.0177 4804  umbus - ok
11:56:35.0193 4804  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:56:35.0224 4804  UmPass - ok
11:56:35.0255 4804  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
11:56:35.0271 4804  UmRdpService - ok
11:56:35.0317 4804  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
11:56:35.0333 4804  UMVPFSrv - ok
11:56:35.0380 4804  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
11:56:35.0427 4804  upnphost - ok
11:56:35.0442 4804  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
11:56:35.0458 4804  usbaudio - ok
11:56:35.0489 4804  [ 19AD7990C0B67E48DAC5B26F99628223 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:56:35.0505 4804  usbccgp - ok
11:56:35.0536 4804  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:56:35.0551 4804  usbcir - ok
11:56:35.0583 4804  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:56:35.0598 4804  usbehci - ok
11:56:35.0614 4804  [ 8B892002D7B79312821169A14317AB86 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:56:35.0645 4804  usbhub - ok
11:56:35.0645 4804  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:56:35.0676 4804  usbohci - ok
11:56:35.0692 4804  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:56:35.0723 4804  usbprint - ok
11:56:35.0723 4804  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:56:35.0754 4804  USBSTOR - ok
11:56:35.0801 4804  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:56:35.0817 4804  usbuhci - ok
11:56:35.0848 4804  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:56:35.0863 4804  usbvideo - ok
11:56:35.0879 4804  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
11:56:35.0926 4804  UxSms - ok
11:56:35.0941 4804  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
11:56:35.0941 4804  VaultSvc - ok
11:56:35.0973 4804  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:56:35.0988 4804  vdrvroot - ok
11:56:36.0019 4804  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
11:56:36.0066 4804  vds - ok
11:56:36.0097 4804  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:56:36.0113 4804  vga - ok
11:56:36.0113 4804  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:56:36.0144 4804  VgaSave - ok
11:56:36.0160 4804  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:56:36.0175 4804  vhdmp - ok
11:56:36.0191 4804  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:56:36.0207 4804  viaide - ok
11:56:36.0222 4804  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
11:56:36.0238 4804  VMBusHID - ok
11:56:36.0253 4804  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:56:36.0269 4804  volmgr - ok
11:56:36.0285 4804  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:56:36.0300 4804  volmgrx - ok
11:56:36.0316 4804  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:56:36.0316 4804  volsnap - ok
11:56:36.0347 4804  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
11:56:36.0347 4804  vpcbus - ok
11:56:36.0378 4804  [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
11:56:36.0409 4804  vpcnfltr - ok
11:56:36.0425 4804  [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
11:56:36.0456 4804  vpcusb - ok
11:56:36.0487 4804  [ 30D4243726A15A14F5C5E45898D14394 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
11:56:36.0503 4804  vpcvmm - ok
11:56:36.0519 4804  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:56:36.0519 4804  vsmraid - ok
11:56:36.0565 4804  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
11:56:36.0628 4804  VSS - ok
11:56:36.0643 4804  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:56:36.0675 4804  vwifibus - ok
11:56:36.0690 4804  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
11:56:36.0737 4804  W32Time - ok
11:56:36.0753 4804  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:56:36.0768 4804  WacomPen - ok
11:56:36.0784 4804  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:56:36.0815 4804  WANARP - ok
11:56:36.0846 4804  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:56:36.0862 4804  Wanarpv6 - ok
11:56:36.0940 4804  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:56:36.0971 4804  WatAdminSvc - ok
11:56:37.0002 4804  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
11:56:37.0065 4804  wbengine - ok
11:56:37.0065 4804  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:56:37.0080 4804  WbioSrvc - ok
11:56:37.0096 4804  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:56:37.0127 4804  wcncsvc - ok
11:56:37.0127 4804  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:56:37.0143 4804  WcsPlugInService - ok
11:56:37.0158 4804  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
11:56:37.0174 4804  Wd - ok
11:56:37.0190 4804  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:56:37.0205 4804  Wdf01000 - ok
11:56:37.0221 4804  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:56:37.0283 4804  WdiServiceHost - ok
11:56:37.0283 4804  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:56:37.0299 4804  WdiSystemHost - ok
11:56:37.0314 4804  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
11:56:37.0346 4804  WebClient - ok
11:56:37.0361 4804  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:56:37.0424 4804  Wecsvc - ok
11:56:37.0424 4804  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:56:37.0455 4804  wercplsupport - ok
11:56:37.0470 4804  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:56:37.0486 4804  WerSvc - ok
11:56:37.0533 4804  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:56:37.0564 4804  WfpLwf - ok
11:56:37.0595 4804  [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
11:56:37.0611 4804  WimFltr - ok
11:56:37.0611 4804  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:56:37.0626 4804  WIMMount - ok
11:56:37.0642 4804  WinDefend - ok
11:56:37.0658 4804  WinHttpAutoProxySvc - ok
11:56:37.0689 4804  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:56:37.0720 4804  Winmgmt - ok
11:56:37.0751 4804  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
11:56:37.0829 4804  WinRM - ok
11:56:37.0876 4804  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:56:37.0892 4804  WinUsb - ok
11:56:37.0923 4804  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:56:37.0954 4804  Wlansvc - ok
11:56:37.0985 4804  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:56:38.0001 4804  wlcrasvc - ok
11:56:38.0063 4804  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:56:38.0094 4804  wlidsvc - ok
11:56:38.0110 4804  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:56:38.0126 4804  WmiAcpi - ok
11:56:38.0141 4804  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:56:38.0172 4804  wmiApSrv - ok
11:56:38.0188 4804  WMPNetworkSvc - ok
11:56:38.0219 4804  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:56:38.0235 4804  WPCSvc - ok
11:56:38.0250 4804  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:56:38.0266 4804  WPDBusEnum - ok
11:56:38.0282 4804  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:56:38.0313 4804  ws2ifsl - ok
11:56:38.0313 4804  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
11:56:38.0344 4804  wscsvc - ok
11:56:38.0344 4804  WSearch - ok
11:56:38.0406 4804  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:56:38.0469 4804  wuauserv - ok
11:56:38.0484 4804  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:56:38.0516 4804  WudfPf - ok
11:56:38.0562 4804  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:56:38.0578 4804  WUDFRd - ok
11:56:38.0609 4804  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:56:38.0625 4804  wudfsvc - ok
11:56:38.0656 4804  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:56:38.0672 4804  WwanSvc - ok
11:56:38.0672 4804  ================ Scan global ===============================
11:56:38.0703 4804  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
11:56:38.0734 4804  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:56:38.0734 4804  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
11:56:38.0765 4804  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
11:56:38.0828 4804  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
11:56:38.0828 4804  [Global] - ok
11:56:38.0828 4804  ================ Scan MBR ==================================
11:56:38.0874 4804  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
11:56:43.0258 4804  \Device\Harddisk0\DR0 - ok
11:56:43.0258 4804  ================ Scan VBR ==================================
11:56:43.0289 4804  [ 133DD0A272C42A5FBFA44A6C45BE3213 ] \Device\Harddisk0\DR0\Partition1
11:56:43.0289 4804  \Device\Harddisk0\DR0\Partition1 - ok
11:56:43.0305 4804  [ AF7ABB00C1FC09CBF6066746282CA22F ] \Device\Harddisk0\DR0\Partition2
11:56:43.0320 4804  \Device\Harddisk0\DR0\Partition2 - ok
11:56:43.0320 4804  ================ Scan active images ========================
11:56:43.0320 4804  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
11:56:43.0320 4804  C:\Windows\System32\drivers\crashdmp.sys - ok
11:56:43.0320 4804  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
11:56:43.0320 4804  C:\Windows\System32\drivers\dumpfve.sys - ok
11:56:43.0320 4804  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] C:\Windows\System32\drivers\iaStor.sys
11:56:43.0320 4804  C:\Windows\System32\drivers\iaStor.sys - ok
11:56:43.0336 4804  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
11:56:43.0336 4804  C:\Windows\System32\drivers\beep.sys - ok
11:56:43.0336 4804  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
11:56:43.0336 4804  C:\Windows\System32\drivers\cdrom.sys - ok
11:56:43.0336 4804  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
11:56:43.0336 4804  C:\Windows\System32\drivers\null.sys - ok
11:56:43.0336 4804  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
11:56:43.0336 4804  C:\Windows\System32\drivers\vga.sys - ok
11:56:43.0352 4804  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\videoprt.sys - ok
11:56:43.0352 4804  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\watchdog.sys - ok
11:56:43.0352 4804  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\RDPCDD.sys - ok
11:56:43.0352 4804  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\RDPENCDD.sys - ok
11:56:43.0352 4804  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\RDPREFMP.sys - ok
11:56:43.0352 4804  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\msfs.sys - ok
11:56:43.0352 4804  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\npfs.sys - ok
11:56:43.0352 4804  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
11:56:43.0352 4804  C:\Windows\System32\drivers\tdi.sys - ok
11:56:43.0367 4804  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\tdx.sys - ok
11:56:43.0367 4804  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\afd.sys - ok
11:56:43.0367 4804  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\netbt.sys - ok
11:56:43.0367 4804  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\pacer.sys - ok
11:56:43.0367 4804  [ E675FB2B48C54F09895482E2253B289C ] C:\Windows\System32\drivers\vpcnfltr.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\vpcnfltr.sys - ok
11:56:43.0367 4804  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\wfplwf.sys - ok
11:56:43.0367 4804  [ 6BCC1D7D2FD2453957C5479A32364E52 ] C:\Windows\System32\drivers\ws2ifsl.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\ws2ifsl.sys - ok
11:56:43.0367 4804  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
11:56:43.0367 4804  C:\Windows\System32\drivers\netbios.sys - ok
11:56:43.0383 4804  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\wanarp.sys - ok
11:56:43.0383 4804  [ 30D4243726A15A14F5C5E45898D14394 ] C:\Windows\System32\drivers\vpcvmm.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\vpcvmm.sys - ok
11:56:43.0383 4804  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\termdd.sys - ok
11:56:43.0383 4804  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\discache.sys - ok
11:56:43.0383 4804  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\mssmbios.sys - ok
11:56:43.0383 4804  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\nsiproxy.sys - ok
11:56:43.0383 4804  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
11:56:43.0383 4804  C:\Windows\System32\drivers\rdbss.sys - ok
11:56:43.0398 4804  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] C:\Windows\System32\drivers\csc.sys
11:56:43.0398 4804  C:\Windows\System32\drivers\csc.sys - ok
11:56:43.0398 4804  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
11:56:43.0398 4804  C:\Windows\System32\drivers\dfsc.sys - ok
11:56:43.0398 4804  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
11:56:43.0398 4804  C:\Windows\System32\drivers\blbdrive.sys - ok
11:56:43.0398 4804  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
11:56:43.0398 4804  C:\Windows\System32\drivers\tunnel.sys - ok
11:56:43.0398 4804  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
11:56:43.0398 4804  C:\Windows\System32\ntdll.dll - ok
11:56:43.0398 4804  [ F0371DE302FFFF8F086661611BE60848 ] C:\Windows\System32\smss.exe
11:56:43.0398 4804  C:\Windows\System32\smss.exe - ok
11:56:43.0398 4804  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
11:56:43.0398 4804  C:\Windows\System32\autochk.exe - ok
11:56:43.0398 4804  [ 371D7F91C0D2314EB984A4A6CBEABC92 ] C:\Windows\System32\drivers\igdkmd64.sys
11:56:43.0398 4804  C:\Windows\System32\drivers\igdkmd64.sys - ok
11:56:43.0414 4804  [ AF2E16242AA723F68F461B6EAE2EAD3D ] C:\Windows\System32\drivers\dxgkrnl.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\dxgkrnl.sys - ok
11:56:43.0414 4804  [ 1F04CFB79DD5FB7694468CE3FB3DCC31 ] C:\Windows\System32\drivers\dxgmms1.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\dxgmms1.sys - ok
11:56:43.0414 4804  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] C:\Windows\System32\drivers\HECIx64.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\HECIx64.sys - ok
11:56:43.0414 4804  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\usbehci.sys - ok
11:56:43.0414 4804  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\usbport.sys - ok
11:56:43.0414 4804  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\hdaudbus.sys - ok
11:56:43.0414 4804  [ 12E27942DBB7C91880163634B0D8A776 ] C:\Windows\System32\drivers\k57nd60a.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\k57nd60a.sys - ok
11:56:43.0414 4804  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
11:56:43.0414 4804  C:\Windows\System32\drivers\agilevpn.sys - ok
11:56:43.0430 4804  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\CompositeBus.sys - ok
11:56:43.0430 4804  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\intelppm.sys - ok
11:56:43.0430 4804  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\ndistapi.sys - ok
11:56:43.0430 4804  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\rasl2tp.sys - ok
11:56:43.0430 4804  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\ndiswan.sys - ok
11:56:43.0430 4804  [ DBF99FD9CAF75CA66D042BD8D050FF71 ] C:\Windows\System32\usp10.dll
11:56:43.0430 4804  C:\Windows\System32\usp10.dll - ok
11:56:43.0430 4804  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\raspppoe.sys - ok
11:56:43.0430 4804  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
11:56:43.0430 4804  C:\Windows\System32\drivers\raspptp.sys - ok
11:56:43.0445 4804  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\rassstp.sys - ok
11:56:43.0445 4804  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] C:\Windows\System32\drivers\rdpbus.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\rdpbus.sys - ok
11:56:43.0445 4804  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\kbdclass.sys - ok
11:56:43.0445 4804  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\mouclass.sys - ok
11:56:43.0445 4804  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\ks.sys - ok
11:56:43.0445 4804  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\swenum.sys - ok
11:56:43.0445 4804  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\umbus.sys - ok
11:56:43.0445 4804  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
11:56:43.0445 4804  C:\Windows\System32\drivers\usbd.sys - ok
11:56:43.0461 4804  [ C3EC945DEC43C00E2AD4C98DDDD064C7 ] C:\Windows\System32\drivers\usbrpm.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\usbrpm.sys - ok
11:56:43.0461 4804  [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] C:\Windows\System32\drivers\vpchbus.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\vpchbus.sys - ok
11:56:43.0461 4804  [ 5FB42082B0D19A0268705F1DD343DF20 ] C:\Windows\System32\drivers\vpcusb.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\vpcusb.sys - ok
11:56:43.0461 4804  [ 8B892002D7B79312821169A14317AB86 ] C:\Windows\System32\drivers\usbhub.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\usbhub.sys - ok
11:56:43.0461 4804  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\ndproxy.sys - ok
11:56:43.0461 4804  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\drmk.sys - ok
11:56:43.0461 4804  [ FC727061C0F47C8059E88E05D5C8E381 ] C:\Windows\System32\drivers\IntcDAud.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\IntcDAud.sys - ok
11:56:43.0461 4804  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
11:56:43.0461 4804  C:\Windows\System32\drivers\ksthunk.sys - ok
11:56:43.0476 4804  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
11:56:43.0476 4804  C:\Windows\System32\drivers\portcls.sys - ok
11:56:43.0476 4804  [ 235362D403D9D677514649D88DB31914 ] C:\Windows\System32\drivers\RTKVHD64.sys
11:56:43.0476 4804  C:\Windows\System32\drivers\RTKVHD64.sys - ok
11:56:43.0476 4804  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
11:56:43.0476 4804  C:\Windows\System32\msctf.dll - ok
11:56:43.0476 4804  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
11:56:43.0476 4804  C:\Windows\System32\oleaut32.dll - ok
11:56:43.0476 4804  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
11:56:43.0476 4804  C:\Windows\System32\msvcrt.dll - ok
11:56:43.0476 4804  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
11:56:43.0476 4804  C:\Windows\System32\clbcatq.dll - ok
11:56:43.0476 4804  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
11:56:43.0476 4804  C:\Windows\System32\sechost.dll - ok
11:56:43.0476 4804  [ 1BFC94665BCA35F9001ADC7BFB167C63 ] C:\Windows\System32\shell32.dll
11:56:43.0476 4804  C:\Windows\System32\shell32.dll - ok
11:56:43.0476 4804  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
11:56:43.0476 4804  C:\Windows\System32\user32.dll - ok
11:56:43.0492 4804  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
11:56:43.0492 4804  C:\Windows\System32\Wldap32.dll - ok
11:56:43.0492 4804  [ 65C113214F7B05820F6D8A65B1485196 ] C:\Windows\System32\kernel32.dll
11:56:43.0492 4804  C:\Windows\System32\kernel32.dll - ok
11:56:43.0492 4804  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
11:56:43.0492 4804  C:\Windows\System32\advapi32.dll - ok
11:56:43.0492 4804  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
11:56:43.0492 4804  C:\Windows\System32\imm32.dll - ok
11:56:43.0492 4804  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
11:56:43.0492 4804  C:\Windows\System32\ole32.dll - ok
11:56:43.0492 4804  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
11:56:43.0492 4804  C:\Windows\System32\difxapi.dll - ok
11:56:43.0492 4804  [ 9E0D8010D7368856617D3FE0FA5DA58F ] C:\Windows\System32\iertutil.dll
11:56:43.0492 4804  C:\Windows\System32\iertutil.dll - ok
11:56:43.0492 4804  [ 792685A9538424CC1F3FA6A816FE147C ] C:\Windows\System32\urlmon.dll
11:56:43.0492 4804  C:\Windows\System32\urlmon.dll - ok
11:56:43.0508 4804  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
11:56:43.0508 4804  C:\Windows\System32\gdi32.dll - ok
11:56:43.0508 4804  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
11:56:43.0508 4804  C:\Windows\System32\rpcrt4.dll - ok
11:56:43.0508 4804  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
11:56:43.0508 4804  C:\Windows\System32\psapi.dll - ok
11:56:43.0508 4804  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
11:56:43.0508 4804  C:\Windows\System32\shlwapi.dll - ok
11:56:43.0508 4804  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
11:56:43.0508 4804  C:\Windows\System32\ws2_32.dll - ok
11:56:43.0508 4804  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
11:56:43.0508 4804  C:\Windows\System32\setupapi.dll - ok
11:56:43.0508 4804  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
11:56:43.0508 4804  C:\Windows\System32\comdlg32.dll - ok
11:56:43.0508 4804  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
11:56:43.0508 4804  C:\Windows\System32\normaliz.dll - ok
11:56:43.0523 4804  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
11:56:43.0523 4804  C:\Windows\System32\nsi.dll - ok
11:56:43.0523 4804  [ FAF6EC2460AD5FBBD38D8E1AE28B0D77 ] C:\Windows\System32\wininet.dll
11:56:43.0523 4804  C:\Windows\System32\wininet.dll - ok
11:56:43.0523 4804  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
11:56:43.0523 4804  C:\Windows\System32\cfgmgr32.dll - ok
11:56:43.0523 4804  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
11:56:43.0523 4804  C:\Windows\System32\imagehlp.dll - ok
11:56:43.0523 4804  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
11:56:43.0523 4804  C:\Windows\System32\lpk.dll - ok
11:56:43.0523 4804  [ F49E92B50CED5C9F1725D3C0329FD933 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
11:56:43.0523 4804  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
11:56:43.0523 4804  [ 64A4AB126E24FD3F58EBE64852773DB5 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
11:56:43.0523 4804  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
11:56:43.0523 4804  [ 0E6FBF19D9DFBB77316C23DF91F8A101 ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
11:56:43.0523 4804  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
11:56:43.0539 4804  [ 72723D3E4781BADC62C3180C137E7B23 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
11:56:43.0539 4804  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
11:56:43.0539 4804  [ 9094039A00485F71C4DE64BF51F64C46 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
11:56:43.0539 4804  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
11:56:43.0539 4804  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
11:56:43.0539 4804  C:\Windows\System32\comctl32.dll - ok
11:56:43.0539 4804  [ 1F56F209585F350A5666E3CC7931FD67 ] C:\Windows\System32\KernelBase.dll
11:56:43.0539 4804  C:\Windows\System32\KernelBase.dll - ok
11:56:43.0539 4804  [ AA06902362B1422D7A7DA7061E07C624 ] C:\Windows\System32\wintrust.dll
11:56:43.0539 4804  C:\Windows\System32\wintrust.dll - ok
11:56:43.0539 4804  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11:56:43.0539 4804  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
11:56:43.0539 4804  [ A96D5ECA5742603E0E345C4F6B801F5E ] C:\Windows\System32\crypt32.dll
11:56:43.0539 4804  C:\Windows\System32\crypt32.dll - ok
11:56:43.0539 4804  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
11:56:43.0539 4804  C:\Windows\System32\devobj.dll - ok
11:56:43.0554 4804  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
11:56:43.0554 4804  C:\Windows\System32\drivers\hidclass.sys - ok
11:56:43.0554 4804  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
11:56:43.0554 4804  C:\Windows\System32\drivers\hidparse.sys - ok
11:56:43.0554 4804  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
11:56:43.0554 4804  C:\Windows\System32\drivers\hidusb.sys - ok
11:56:43.0554 4804  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
11:56:43.0554 4804  C:\Windows\System32\msasn1.dll - ok
11:56:43.0554 4804  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
11:56:43.0554 4804  C:\Windows\SysWOW64\normaliz.dll - ok
11:56:43.0554 4804  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
11:56:43.0554 4804  C:\Windows\System32\drivers\dxapi.sys - ok
11:56:43.0554 4804  [ 73601028E7C44154318AE91D2EB2EDB3 ] C:\Windows\System32\win32k.sys
11:56:43.0554 4804  C:\Windows\System32\win32k.sys - ok
11:56:43.0554 4804  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
11:56:43.0554 4804  C:\Windows\System32\drivers\kbdhid.sys - ok
11:56:43.0570 4804  [ CEC1EDF4022DC4DCA40384DCEC672B0E ] C:\Windows\System32\csrsrv.dll
11:56:43.0570 4804  C:\Windows\System32\csrsrv.dll - ok
11:56:43.0570 4804  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
11:56:43.0570 4804  C:\Windows\System32\csrss.exe - ok
11:56:43.0570 4804  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
11:56:43.0570 4804  C:\Windows\System32\basesrv.dll - ok
11:56:43.0570 4804  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\System32\winsrv.dll
11:56:43.0570 4804  C:\Windows\System32\winsrv.dll - ok
11:56:43.0570 4804  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
11:56:43.0570 4804  C:\Windows\System32\drivers\mouhid.sys - ok
11:56:43.0570 4804  [ 73188F58FB384E75C4063D29413CEE3D ] C:\Windows\System32\drivers\usbprint.sys
11:56:43.0570 4804  C:\Windows\System32\drivers\usbprint.sys - ok
11:56:43.0570 4804  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
11:56:43.0570 4804  C:\Windows\System32\drivers\monitor.sys - ok
11:56:43.0570 4804  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
11:56:43.0570 4804  C:\Windows\System32\profapi.dll - ok
11:56:43.0586 4804  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
11:56:43.0586 4804  C:\Windows\System32\sxssrv.dll - ok
11:56:43.0586 4804  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
11:56:43.0586 4804  C:\Windows\System32\tsddd.dll - ok
11:56:43.0586 4804  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
11:56:43.0586 4804  C:\Windows\System32\wininit.exe - ok
11:56:43.0586 4804  [ 943F527DF79E6B400104341AA7023C75 ] C:\Windows\System32\cdd.dll
11:56:43.0586 4804  C:\Windows\System32\cdd.dll - ok
11:56:43.0586 4804  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
11:56:43.0586 4804  C:\Windows\System32\KBDUS.DLL - ok
11:56:43.0586 4804  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
11:56:43.0586 4804  C:\Windows\System32\RpcRtRemote.dll - ok
11:56:43.0586 4804  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
11:56:43.0586 4804  C:\Windows\System32\WlS0WndH.dll - ok
11:56:43.0586 4804  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
11:56:43.0586 4804  C:\Windows\System32\sxs.dll - ok
11:56:43.0601 4804  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
11:56:43.0601 4804  C:\Windows\System32\cryptbase.dll - ok
11:56:43.0601 4804  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
11:56:43.0601 4804  C:\Windows\System32\apphelp.dll - ok
11:56:43.0601 4804  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
11:56:43.0601 4804  C:\Windows\System32\winlogon.exe - ok
11:56:43.0601 4804  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
11:56:43.0601 4804  C:\Windows\System32\winsta.dll - ok
11:56:43.0601 4804  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
11:56:43.0601 4804  C:\Windows\System32\lsasrv.dll - ok
11:56:43.0601 4804  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
11:56:43.0601 4804  C:\Windows\System32\lsass.exe - ok
11:56:43.0601 4804  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
11:56:43.0601 4804  C:\Windows\System32\lsm.exe - ok
11:56:43.0601 4804  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
11:56:43.0601 4804  C:\Windows\System32\services.exe - ok
11:56:43.0617 4804  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
11:56:43.0617 4804  C:\Windows\System32\sspisrv.dll - ok
11:56:43.0617 4804  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
11:56:43.0617 4804  C:\Windows\System32\sspicli.dll - ok
11:56:43.0617 4804  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
11:56:43.0617 4804  C:\Windows\System32\sysntfy.dll - ok
11:56:43.0617 4804  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
11:56:43.0617 4804  C:\Windows\System32\wmsgapi.dll - ok
11:56:43.0617 4804  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
11:56:43.0617 4804  C:\Windows\System32\scesrv.dll - ok
11:56:43.0617 4804  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
11:56:43.0617 4804  C:\Windows\System32\scext.dll - ok
11:56:43.0617 4804  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
11:56:43.0617 4804  C:\Windows\System32\secur32.dll - ok
11:56:43.0617 4804  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
11:56:43.0617 4804  C:\Windows\System32\srvcli.dll - ok
11:56:43.0617 4804  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
11:56:43.0617 4804  C:\Windows\System32\samsrv.dll - ok
11:56:43.0632 4804  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
11:56:43.0632 4804  C:\Windows\System32\cngaudit.dll - ok
11:56:43.0632 4804  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
11:56:43.0632 4804  C:\Windows\System32\cryptdll.dll - ok
11:56:43.0632 4804  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
11:56:43.0632 4804  C:\Windows\System32\wevtapi.dll - ok
11:56:43.0632 4804  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
11:56:43.0632 4804  C:\Windows\System32\authz.dll - ok
11:56:43.0632 4804  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
11:56:43.0632 4804  C:\Windows\System32\bcrypt.dll - ok
11:56:43.0632 4804  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
11:56:43.0632 4804  C:\Windows\System32\msprivs.dll - ok
11:56:43.0632 4804  [ 5F3307352216618221A17CFEF273EEE2 ] C:\Windows\System32\ncrypt.dll
11:56:43.0632 4804  C:\Windows\System32\ncrypt.dll - ok
11:56:43.0632 4804  [ 19AD7990C0B67E48DAC5B26F99628223 ] C:\Windows\System32\drivers\usbccgp.sys
11:56:43.0632 4804  C:\Windows\System32\drivers\usbccgp.sys - ok
11:56:43.0648 4804  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
11:56:43.0648 4804  C:\Windows\System32\netjoin.dll - ok
11:56:43.0648 4804  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
11:56:43.0648 4804  C:\Windows\System32\negoexts.dll - ok
11:56:43.0648 4804  [ 44E1A196DFCB53B01FE4B855C3B56A15 ] C:\Windows\System32\kerberos.dll
11:56:43.0648 4804  C:\Windows\System32\kerberos.dll - ok
11:56:43.0648 4804  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
11:56:43.0648 4804  C:\Windows\System32\cryptsp.dll - ok
11:56:43.0648 4804  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
11:56:43.0648 4804  C:\Windows\System32\mswsock.dll - ok
11:56:43.0648 4804  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
11:56:43.0648 4804  C:\Windows\System32\wship6.dll - ok
11:56:43.0648 4804  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
11:56:43.0648 4804  C:\Windows\System32\msv1_0.dll - ok
11:56:43.0648 4804  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
11:56:43.0648 4804  C:\Windows\System32\netlogon.dll - ok
11:56:43.0664 4804  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
11:56:43.0664 4804  C:\Windows\System32\dnsapi.dll - ok
11:56:43.0664 4804  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
11:56:43.0664 4804  C:\Windows\System32\logoncli.dll - ok
11:56:43.0664 4804  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
11:56:43.0664 4804  C:\Windows\System32\schannel.dll - ok
11:56:43.0664 4804  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
11:56:43.0664 4804  C:\Windows\System32\wdigest.dll - ok
11:56:43.0664 4804  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
11:56:43.0664 4804  C:\Windows\System32\rsaenh.dll - ok
11:56:43.0664 4804  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
11:56:43.0664 4804  C:\Windows\System32\TSpkg.dll - ok
11:56:43.0664 4804  [ CB2ABB2DA1E9C977302A78D86D4AE3B0 ] C:\Windows\System32\atmfd.dll
11:56:43.0664 4804  C:\Windows\System32\atmfd.dll - ok
11:56:43.0664 4804  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
11:56:43.0664 4804  C:\Windows\System32\pku2u.dll - ok
11:56:43.0664 4804  [ 55C892560C1B42BC57FB61AEFCED2F22 ] C:\Windows\System32\LIVESSP.DLL
11:56:43.0664 4804  C:\Windows\System32\LIVESSP.DLL - ok
11:56:43.0679 4804  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
11:56:43.0679 4804  C:\Windows\System32\bcryptprimitives.dll - ok
11:56:43.0679 4804  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
11:56:43.0679 4804  C:\Windows\System32\credssp.dll - ok
11:56:43.0679 4804  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
11:56:43.0679 4804  C:\Windows\System32\efslsaext.dll - ok
11:56:43.0679 4804  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
11:56:43.0679 4804  C:\Windows\System32\scecli.dll - ok
11:56:43.0679 4804  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
11:56:43.0679 4804  C:\Windows\System32\ubpm.dll - ok
11:56:43.0679 4804  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
11:56:43.0679 4804  C:\Windows\System32\svchost.exe - ok
11:56:43.0679 4804  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
11:56:43.0679 4804  C:\Windows\System32\umpnpmgr.dll - ok
11:56:43.0695 4804  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
11:56:43.0695 4804  C:\Windows\System32\devrtl.dll - ok
11:56:43.0695 4804  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
11:56:43.0695 4804  C:\Windows\System32\SPInf.dll - ok
11:56:43.0695 4804  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
11:56:43.0695 4804  C:\Windows\System32\gpapi.dll - ok
11:56:43.0695 4804  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
11:56:43.0695 4804  C:\Windows\System32\userenv.dll - ok
11:56:43.0695 4804  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] C:\Windows\System32\drivers\lvuvc64.sys
11:56:43.0695 4804  C:\Windows\System32\drivers\lvuvc64.sys - ok
11:56:43.0695 4804  [ A2CCA4FB273E6050F17A0A416CFF2FCD ] C:\Windows\System32\umpo.dll
11:56:43.0695 4804  C:\Windows\System32\umpo.dll - ok
11:56:43.0695 4804  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
11:56:43.0695 4804  C:\Windows\System32\pcwum.dll - ok
11:56:43.0695 4804  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
11:56:43.0695 4804  C:\Windows\System32\powrprof.dll - ok
11:56:43.0695 4804  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
11:56:43.0695 4804  C:\Windows\System32\drivers\luafv.sys - ok
11:56:43.0710 4804  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
11:56:43.0710 4804  C:\Windows\System32\drivers\USBAUDIO.sys - ok
11:56:43.0710 4804  [ 0C85B2B6FB74B36A251792D45E0EF860 ] C:\Windows\System32\drivers\lvrs64.sys
11:56:43.0710 4804  C:\Windows\System32\drivers\lvrs64.sys - ok
11:56:43.0710 4804  [ AB886378EEB55C6C75B4F2D14B6C869F ] C:\Windows\System32\drivers\WUDFPf.sys
11:56:43.0710 4804  C:\Windows\System32\drivers\WUDFPf.sys - ok
11:56:43.0710 4804  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
11:56:43.0710 4804  C:\Windows\System32\rpcss.dll - ok
11:56:43.0710 4804  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
11:56:43.0710 4804  C:\Windows\System32\RpcEpMap.dll - ok
11:56:43.0710 4804  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
11:56:43.0710 4804  C:\Windows\System32\wshqos.dll - ok
11:56:43.0710 4804  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
11:56:43.0710 4804  C:\Windows\System32\WSHTCPIP.DLL - ok
11:56:43.0710 4804  [ 905601FFF40D8DA9FA82CBE77D1F5EB1 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
11:56:43.0710 4804  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
11:56:43.0726 4804  [ E07DEC52FF801841BA9B6878A60304FB ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
11:56:43.0726 4804  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
11:56:43.0726 4804  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
11:56:43.0726 4804  C:\Windows\System32\FirewallAPI.dll - ok
11:56:43.0726 4804  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
11:56:43.0726 4804  C:\Windows\System32\LogonUI.exe - ok
11:56:43.0726 4804  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
11:56:43.0726 4804  C:\Windows\System32\version.dll - ok
11:56:43.0726 4804  [ 2D4230F2F1D204A523998DF93F9DF066 ] C:\Program Files\Microsoft Security Client\MpClient.dll
11:56:43.0726 4804  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
11:56:43.0726 4804  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
11:56:43.0726 4804  C:\Windows\System32\wtsapi32.dll - ok
11:56:43.0726 4804  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
11:56:43.0726 4804  C:\Windows\System32\ntmarta.dll - ok
11:56:43.0742 4804  [ 3EF480BFED1B5947A32585E30A58D4ED ] C:\Windows\System32\authui.dll
11:56:43.0742 4804  C:\Windows\System32\authui.dll - ok
11:56:43.0742 4804  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
11:56:43.0742 4804  C:\Windows\System32\cryptui.dll - ok
11:56:43.0742 4804  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
11:56:43.0742 4804  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
11:56:43.0742 4804  [ 9121C2E2507AD0BCBF9A7438051BEF34 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
11:56:43.0742 4804  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
11:56:43.0742 4804  [ 2F034150ECCBC498C53B61F98C5378AC ] C:\Program Files\Microsoft Security Client\MpRTP.dll
11:56:43.0742 4804  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
11:56:43.0742 4804  [ F3D202F53A222D5F6944D459B73CF967 ] C:\Windows\System32\fltLib.dll
11:56:43.0742 4804  C:\Windows\System32\fltLib.dll - ok
11:56:43.0742 4804  [ C4C1947985144721A809965A19D616BC ] C:\Program Files\Microsoft Security Client\MsMpLics.dll
11:56:43.0742 4804  C:\Program Files\Microsoft Security Client\MsMpLics.dll - ok
11:56:43.0742 4804  [ 6011714C8C5C55CBFFAD24D61E879FBD ] C:\Windows\System32\wevtsvc.dll
11:56:43.0742 4804  C:\Windows\System32\wevtsvc.dll - ok
11:56:43.0757 4804  [ F8A10560B35C66F9DE212F03DAD5BFA7 ] C:\Windows\System32\drivers\MpFilter.sys
11:56:43.0757 4804  C:\Windows\System32\drivers\MpFilter.sys - ok
11:56:43.0757 4804  [ 5C00818741B2A76EB09AF08A5362277E ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpengine.dll
11:56:43.0757 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpengine.dll - ok
11:56:43.0757 4804  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
11:56:43.0757 4804  C:\Windows\System32\samlib.dll - ok
11:56:43.0757 4804  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
11:56:43.0757 4804  C:\Windows\System32\shacct.dll - ok
11:56:43.0757 4804  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
11:56:43.0757 4804  C:\Windows\System32\propsys.dll - ok
11:56:43.0757 4804  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
11:56:43.0757 4804  C:\Windows\System32\uxtheme.dll - ok
11:56:43.0757 4804  [ 18CAAF21CBA3EAEE17BBA5D3807F29B8 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
11:56:43.0757 4804  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
11:56:43.0757 4804  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
11:56:43.0757 4804  C:\Windows\System32\dui70.dll - ok
11:56:43.0773 4804  [ F23FEF6D569FCE88671949894A8BECF1 ] C:\Windows\System32\audiosrv.dll
11:56:43.0773 4804  C:\Windows\System32\audiosrv.dll - ok
11:56:43.0773 4804  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
11:56:43.0773 4804  C:\Windows\System32\avrt.dll - ok
11:56:43.0773 4804  [ C4C183E6551084039EC862DA1C945E3D ] C:\Windows\System32\FntCache.dll
11:56:43.0773 4804  C:\Windows\System32\FntCache.dll - ok
11:56:43.0773 4804  [ E40E80D0304A73E8D269F7141D77250B ] C:\Windows\System32\mmcss.dll
11:56:43.0773 4804  C:\Windows\System32\mmcss.dll - ok
11:56:43.0773 4804  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
11:56:43.0773 4804  C:\Windows\System32\MMDevAPI.dll - ok
11:56:43.0773 4804  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
11:56:43.0773 4804  C:\Windows\System32\profsvc.dll - ok
11:56:43.0773 4804  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67 ] C:\Windows\System32\adtschema.dll
11:56:43.0773 4804  C:\Windows\System32\adtschema.dll - ok
11:56:43.0773 4804  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
11:56:43.0773 4804  C:\Windows\System32\duser.dll - ok
11:56:43.0773 4804  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
11:56:43.0773 4804  C:\Windows\System32\SndVolSSO.dll - ok
11:56:43.0788 4804  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
11:56:43.0788 4804  C:\Windows\System32\hid.dll - ok
11:56:43.0788 4804  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
11:56:43.0788 4804  C:\Windows\System32\dwmapi.dll - ok
11:56:43.0788 4804  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
11:56:43.0788 4804  C:\Windows\System32\xmllite.dll - ok
11:56:43.0788 4804  [ 3D7BB6DD7A87B3E36E44CA94444247A8 ] C:\Windows\System32\WindowsCodecs.dll
11:56:43.0788 4804  C:\Windows\System32\WindowsCodecs.dll - ok
11:56:43.0788 4804  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
11:56:43.0788 4804  C:\Windows\System32\winbrand.dll - ok
11:56:43.0788 4804  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
11:56:43.0788 4804  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
11:56:43.0788 4804  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
11:56:43.0788 4804  C:\Windows\System32\VaultCredProvider.dll - ok
11:56:43.0804 4804  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
11:56:43.0804 4804  C:\Windows\System32\BioCredProv.dll - ok
11:56:43.0804 4804  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
11:56:43.0804 4804  C:\Windows\System32\credui.dll - ok
11:56:43.0804 4804  [ EEEA40F0EDB0A6E5359E539E15D0BC77 ] C:\Windows\System32\netapi32.dll
11:56:43.0804 4804  C:\Windows\System32\netapi32.dll - ok
11:56:43.0804 4804  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
11:56:43.0804 4804  C:\Windows\System32\netutils.dll - ok
11:56:43.0804 4804  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
11:56:43.0804 4804  C:\Windows\System32\vaultcli.dll - ok
11:56:43.0804 4804  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
11:56:43.0804 4804  C:\Windows\System32\winbio.dll - ok
11:56:43.0804 4804  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
11:56:43.0804 4804  C:\Windows\System32\wkscli.dll - ok
11:56:43.0804 4804  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
11:56:43.0804 4804  C:\Windows\System32\certCredProvider.dll - ok
11:56:43.0804 4804  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
11:56:43.0804 4804  C:\Windows\System32\samcli.dll - ok
11:56:43.0820 4804  [ 7097425051CE67B450EBF2B1390AE492 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
11:56:43.0820 4804  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
11:56:43.0820 4804  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
11:56:43.0820 4804  C:\Windows\System32\rasplap.dll - ok
11:56:43.0820 4804  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
11:56:43.0820 4804  C:\Windows\System32\rasapi32.dll - ok
11:56:43.0820 4804  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
11:56:43.0820 4804  C:\Windows\System32\rasman.dll - ok
11:56:43.0820 4804  [ 67A95B9D129ED5399E7965CD09CF30E7 ] C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
11:56:43.0820 4804  C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe - ok
11:56:43.0820 4804  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
11:56:43.0820 4804  C:\Windows\SysWOW64\ntdll.dll - ok
11:56:43.0820 4804  [ 259EB5F7D95A29842B476C5B3EB6E186 ] C:\Windows\System32\wow64.dll
11:56:43.0820 4804  C:\Windows\System32\wow64.dll - ok
11:56:43.0820 4804  [ 3EE3AA76D8AB6D5644C4C8F34471CEB3 ] C:\Windows\System32\wow64cpu.dll
11:56:43.0820 4804  C:\Windows\System32\wow64cpu.dll - ok
11:56:43.0835 4804  [ 5674E21E82CFBEA36DDAD5DB285D6DBC ] C:\Windows\System32\wow64win.dll
11:56:43.0835 4804  C:\Windows\System32\wow64win.dll - ok
11:56:43.0835 4804  [ AC0B6F41882FC6ED186962D770EBF1D2 ] C:\Windows\SysWOW64\kernel32.dll
11:56:43.0835 4804  C:\Windows\SysWOW64\kernel32.dll - ok
11:56:43.0835 4804  [ E954A79D6A754A5475582CACED1565E6 ] C:\Windows\SysWOW64\KernelBase.dll
11:56:43.0835 4804  C:\Windows\SysWOW64\KernelBase.dll - ok
11:56:43.0835 4804  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
11:56:43.0835 4804  C:\Windows\SysWOW64\setupapi.dll - ok
11:56:43.0835 4804  [ B4E5B29CF31DF85DFEF25D41871DCEDC ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpasbase.vdm
11:56:43.0835 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpasbase.vdm - ok
11:56:43.0835 4804  [ D1F8E396C0EF1E981EED2E338062846D ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpasdlta.vdm
11:56:43.0835 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpasdlta.vdm - ok
11:56:43.0835 4804  [ 00000000000000000000000000000000 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpavbase.vdm
11:56:43.0835 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpavbase.vdm - ok
11:56:43.0851 4804  [ 20CF0DD2F73E6BB51A5FE48015FE00F7 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpavdlta.vdm
11:56:43.0851 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\mpavdlta.vdm - ok
11:56:43.0851 4804  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
11:56:43.0851 4804  C:\Windows\System32\rtutils.dll - ok
11:56:43.0851 4804  [ 46863C4CC5B68EB09EA2D5EEF0F1193A ] C:\Windows\System32\radardt.dll
11:56:43.0851 4804  C:\Windows\System32\radardt.dll - ok
11:56:43.0851 4804  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
11:56:43.0851 4804  C:\Windows\System32\netprofm.dll - ok
11:56:43.0851 4804  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
11:56:43.0851 4804  C:\Windows\SysWOW64\cfgmgr32.dll - ok
11:56:43.0851 4804  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
11:56:43.0851 4804  C:\Windows\SysWOW64\msvcrt.dll - ok
11:56:43.0851 4804  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
11:56:43.0851 4804  C:\Windows\SysWOW64\advapi32.dll - ok
11:56:43.0851 4804  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
11:56:43.0851 4804  C:\Windows\SysWOW64\cryptbase.dll - ok
11:56:43.0851 4804  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
11:56:43.0851 4804  C:\Windows\SysWOW64\rpcrt4.dll - ok
11:56:43.0866 4804  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\sechost.dll - ok
11:56:43.0866 4804  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\sspicli.dll - ok
11:56:43.0866 4804  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\gdi32.dll - ok
11:56:43.0866 4804  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\user32.dll - ok
11:56:43.0866 4804  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\lpk.dll - ok
11:56:43.0866 4804  [ B7230010D97787AF3D25E4C82F2B06B9 ] C:\Windows\SysWOW64\usp10.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\usp10.dll - ok
11:56:43.0866 4804  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\oleaut32.dll - ok
11:56:43.0866 4804  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
11:56:43.0866 4804  C:\Windows\SysWOW64\ole32.dll - ok
11:56:43.0882 4804  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
11:56:43.0882 4804  C:\Windows\System32\oleacc.dll - ok
11:56:43.0882 4804  [ 019BDD35DE269CB98B22DE8923C2AA3B ] C:\Windows\System32\UIAutomationCore.dll
11:56:43.0882 4804  C:\Windows\System32\UIAutomationCore.dll - ok
11:56:43.0882 4804  [ 50544D04AD845C43130B70212EC05CCD ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
11:56:43.0882 4804  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
11:56:43.0882 4804  [ DA6B67270FD9DB3697B20FCE94950741 ] C:\Windows\System32\drivers\fltMgr.sys
11:56:43.0882 4804  C:\Windows\System32\drivers\fltMgr.sys - ok
11:56:43.0882 4804  [ A3DB3C17EE6CAE65D53602B4E80BCCBC ] C:\Windows\System32\PSHED.DLL
11:56:43.0882 4804  C:\Windows\System32\PSHED.DLL - ok
11:56:43.0882 4804  [ B0945E538CF906BBDDC5A11C8EE868CC ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
11:56:43.0882 4804  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
11:56:43.0882 4804  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] C:\Windows\System32\MPSSVC.dll
11:56:43.0882 4804  C:\Windows\System32\MPSSVC.dll - ok
11:56:43.0882 4804  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
11:56:43.0882 4804  C:\Windows\SysWOW64\devobj.dll - ok
11:56:43.0898 4804  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\imm32.dll - ok
11:56:43.0898 4804  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\version.dll - ok
11:56:43.0898 4804  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\msctf.dll - ok
11:56:43.0898 4804  [ 92245C959E5BC378809D2CC5E9F6E9C7 ] C:\Windows\SysWOW64\crypt32.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\crypt32.dll - ok
11:56:43.0898 4804  [ 17448AF0BBA9E7AB5EC955AF93F271BD ] C:\Windows\SysWOW64\wintrust.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\wintrust.dll - ok
11:56:43.0898 4804  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
11:56:43.0898 4804  C:\Windows\SysWOW64\msasn1.dll - ok
11:56:43.0898 4804  [ D5CCA1453B98A5801E6D5FF0FF89DC6C ] C:\Windows\System32\audiodg.exe
11:56:43.0898 4804  C:\Windows\System32\audiodg.exe - ok
11:56:43.0898 4804  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] C:\Windows\System32\cscsvc.dll
11:56:43.0898 4804  C:\Windows\System32\cscsvc.dll - ok
11:56:43.0913 4804  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
11:56:43.0913 4804  C:\Windows\System32\winmm.dll - ok
11:56:43.0913 4804  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
11:56:43.0913 4804  C:\Windows\System32\gpsvc.dll - ok
11:56:43.0913 4804  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
11:56:43.0913 4804  C:\Windows\System32\ksuser.dll - ok
11:56:43.0913 4804  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
11:56:43.0913 4804  C:\Windows\System32\wdmaud.drv - ok
11:56:43.0913 4804  [ 29910D50542B1AA0F162EF3339C61B6D ] C:\Windows\System32\PeerDist.dll
11:56:43.0913 4804  C:\Windows\System32\PeerDist.dll - ok
11:56:43.0913 4804  [ DC220AE6F64819099F7EBD6F137E32E7 ] C:\Windows\System32\AudioSes.dll
11:56:43.0913 4804  C:\Windows\System32\AudioSes.dll - ok
11:56:43.0913 4804  [ 0BEB0C931BC24F610EE87179F31A8A42 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
11:56:43.0913 4804  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
11:56:43.0913 4804  [ 1BCDB508143B517F21BBDAC10F5777BF ] C:\Windows\System32\conhost.exe
11:56:43.0913 4804  C:\Windows\System32\conhost.exe - ok
11:56:43.0929 4804  [ CA2A0750ED830678997695FF61B04C30 ] C:\Windows\System32\midimap.dll
11:56:43.0929 4804  C:\Windows\System32\midimap.dll - ok
11:56:43.0929 4804  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A ] C:\Windows\System32\msacm32.dll
11:56:43.0929 4804  C:\Windows\System32\msacm32.dll - ok
11:56:43.0929 4804  [ 1B7C3A37362C7B2890168C5FC61C8D9B ] C:\Windows\System32\msacm32.drv
11:56:43.0929 4804  C:\Windows\System32\msacm32.drv - ok
11:56:43.0929 4804  [ 46BB91A169B9B31FF44EB04C48EC1D41 ] C:\Windows\System32\nlaapi.dll
11:56:43.0929 4804  C:\Windows\System32\nlaapi.dll - ok
11:56:43.0929 4804  [ E3BF12C68F844E689D1A9D7E6B54742A ] C:\Program Files\Microsoft Security Client\MpAsDesc.dll
11:56:43.0929 4804  C:\Program Files\Microsoft Security Client\MpAsDesc.dll - ok
11:56:43.0929 4804  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
11:56:43.0929 4804  C:\Windows\System32\atl.dll - ok
11:56:43.0929 4804  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
11:56:43.0929 4804  C:\Windows\System32\dsrole.dll - ok
11:56:43.0929 4804  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
11:56:43.0929 4804  C:\Windows\System32\es.dll - ok
11:56:43.0929 4804  [ F0344071948D1A1FA732231785A0664C ] C:\Windows\System32\themeservice.dll
11:56:43.0929 4804  C:\Windows\System32\themeservice.dll - ok
11:56:43.0944 4804  [ 1A47D52E303B7543E4E6026595B95422 ] C:\Windows\System32\comres.dll
11:56:43.0944 4804  C:\Windows\System32\comres.dll - ok
11:56:43.0944 4804  [ 218A400108F280428FA22282D3268BBC ] C:\Windows\System32\wscapi.dll
11:56:43.0944 4804  C:\Windows\System32\wscapi.dll - ok
11:56:43.0944 4804  [ C32AB8FA018EF34C0F113BD501436D21 ] C:\Windows\System32\Sens.dll
11:56:43.0944 4804  C:\Windows\System32\Sens.dll - ok
11:56:43.0944 4804  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
11:56:43.0944 4804  C:\Windows\System32\slc.dll - ok
11:56:43.0944 4804  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
11:56:43.0944 4804  C:\Windows\System32\UXInit.dll - ok
11:56:43.0944 4804  [ F5CEF064C7E6D95DA86B9D064A56A969 ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
11:56:43.0944 4804  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
11:56:43.0944 4804  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
11:56:43.0944 4804  C:\Windows\System32\taskschd.dll - ok
11:56:43.0944 4804  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
11:56:43.0944 4804  C:\Windows\System32\mstask.dll - ok
11:56:43.0960 4804  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] C:\Windows\System32\uxsms.dll
11:56:43.0960 4804  C:\Windows\System32\uxsms.dll - ok
11:56:43.0960 4804  [ FA43D418BC945D27D0625B697B8442B5 ] C:\Windows\System32\cabinet.dll
11:56:43.0960 4804  C:\Windows\System32\cabinet.dll - ok
11:56:43.0960 4804  [ 92E0508D924512F63FFEEFE498CBD11F ] C:\Windows\System32\p2pcollab.dll
11:56:43.0960 4804  C:\Windows\System32\p2pcollab.dll - ok
11:56:43.0960 4804  [ 582AC6D9873E31DFA28A4547270862DD ] C:\Windows\System32\QAGENTRT.DLL
11:56:43.0960 4804  C:\Windows\System32\QAGENTRT.DLL - ok
11:56:43.0960 4804  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B ] C:\Windows\System32\fveui.dll
11:56:43.0960 4804  C:\Windows\System32\fveui.dll - ok
11:56:43.0960 4804  [ 577D0DC85524A16FE29D7956B22974C4 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
11:56:43.0960 4804  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
11:56:43.0960 4804  [ B6D6886149573278CBA6ABD44C4317F5 ] C:\Windows\System32\slwga.dll
11:56:43.0960 4804  C:\Windows\System32\slwga.dll - ok
11:56:43.0960 4804  [ DB76DB15EFC6E4D1153A6C5BC895948D ] C:\Windows\System32\sppc.dll
11:56:43.0960 4804  C:\Windows\System32\sppc.dll - ok
11:56:43.0976 4804  [ B20F051B03A966392364C83F009F7D17 ] C:\Windows\System32\WUDFSvc.dll
11:56:43.0976 4804  C:\Windows\System32\WUDFSvc.dll - ok
11:56:43.0976 4804  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
11:56:43.0976 4804  C:\Windows\System32\imageres.dll - ok
11:56:43.0976 4804  [ 5EDBB34736DD7AC1A73CF8792A835E10 ] C:\Windows\System32\AudioEng.dll
11:56:43.0976 4804  C:\Windows\System32\AudioEng.dll - ok
11:56:43.0976 4804  [ C1395286B822E306B4FE1568A8A77813 ] C:\Windows\System32\AUDIOKSE.dll
11:56:43.0976 4804  C:\Windows\System32\AUDIOKSE.dll - ok
11:56:43.0976 4804  [ 5CD5919930841EB81C92FEF84C3721F6 ] C:\Windows\System32\MBWrp64.dll
11:56:43.0976 4804  C:\Windows\System32\MBWrp64.dll - ok
11:56:43.0976 4804  [ 25D74864274539330DCC4234140D11AF ] C:\Windows\System32\MBAPO64.dll
11:56:43.0976 4804  C:\Windows\System32\MBAPO64.dll - ok
11:56:43.0976 4804  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
11:56:43.0976 4804  C:\Windows\System32\IPHLPAPI.DLL - ok
11:56:43.0976 4804  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
11:56:43.0976 4804  C:\Windows\System32\winnsi.dll - ok
11:56:43.0991 4804  [ EBB3AF12156D523A0581A143B546143F ] C:\Windows\System32\RtkAPO64.dll
11:56:43.0991 4804  C:\Windows\System32\RtkAPO64.dll - ok
11:56:43.0991 4804  [ 6F3C559B82F2912354BE5B098744CC8C ] C:\Windows\System32\WMALFXGFXDSP.dll
11:56:43.0991 4804  C:\Windows\System32\WMALFXGFXDSP.dll - ok
11:56:43.0991 4804  [ 54B5DCD55B223BC5DF50B82E1E9E86B1 ] C:\Windows\System32\mfplat.dll
11:56:43.0991 4804  C:\Windows\System32\mfplat.dll - ok
11:56:43.0991 4804  [ B1DF2D87DC8BF6072699AC8301B37796 ] C:\Windows\System32\WUDFPlatform.dll
11:56:43.0991 4804  C:\Windows\System32\WUDFPlatform.dll - ok
11:56:43.0991 4804  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
11:56:43.0991 4804  C:\Windows\System32\drivers\lltdio.sys - ok
11:56:43.0991 4804  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] C:\Windows\System32\dhcpcore.dll
11:56:43.0991 4804  C:\Windows\System32\dhcpcore.dll - ok
11:56:43.0991 4804  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
11:56:43.0991 4804  C:\Windows\System32\drivers\rspndr.sys - ok
11:56:43.0991 4804  [ F993A32249B66C9D622EA5592A8B76B8 ] C:\Windows\System32\lmhsvc.dll
11:56:43.0991 4804  C:\Windows\System32\lmhsvc.dll - ok
11:56:44.0007 4804  [ B73A6E4B319AFFE64582AC5C1801BB3F ] C:\Windows\System32\nrpsrv.dll
11:56:44.0007 4804  C:\Windows\System32\nrpsrv.dll - ok
11:56:44.0007 4804  [ D54BFDF3E0C953F823B3D0BFE4732528 ] C:\Windows\System32\nsisvc.dll
11:56:44.0007 4804  C:\Windows\System32\nsisvc.dll - ok
11:56:44.0007 4804  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] C:\Windows\System32\dnsrslvr.dll
11:56:44.0007 4804  C:\Windows\System32\dnsrslvr.dll - ok
11:56:44.0007 4804  [ 0040C486584A8E582C861CFB57AB5387 ] C:\Windows\System32\FWPUCLNT.DLL
11:56:44.0007 4804  C:\Windows\System32\FWPUCLNT.DLL - ok
11:56:44.0007 4804  [ 3CC16A849E6092E43909F48EF0E60306 ] C:\Windows\System32\dhcpcore6.dll
11:56:44.0007 4804  C:\Windows\System32\dhcpcore6.dll - ok
11:56:44.0007 4804  [ 885D0942E0F28DB90919BE3129ECF279 ] C:\Windows\System32\dnsext.dll
11:56:44.0007 4804  C:\Windows\System32\dnsext.dll - ok

 

...continued...
 



TDSSKiller (con't)

 

11:56:44.0007 4804  [ 3C06D5A929B798D0B13F6481242A0FD2 ] C:\Windows\System32\dhcpcsvc6.dll
11:56:44.0007 4804  C:\Windows\System32\dhcpcsvc6.dll - ok
11:56:44.0007 4804  [ F568F7C08458D69E4FCD8675BBB107E4 ] C:\Windows\System32\dhcpcsvc.dll
11:56:44.0007 4804  C:\Windows\System32\dhcpcsvc.dll - ok
11:56:44.0022 4804  [ AAF932B4011D14052955D4B212A4DA8D ] C:\Windows\System32\shsvcs.dll
11:56:44.0022 4804  C:\Windows\System32\shsvcs.dll - ok
11:56:44.0022 4804  [ 262F6592C3299C005FD6BEC90FC4463A ] C:\Windows\System32\schedsvc.dll
11:56:44.0022 4804  C:\Windows\System32\schedsvc.dll - ok
11:56:44.0022 4804  [ BC414631876B2F28B8DAB08E849C12C5 ] C:\Windows\System32\ktmw32.dll
11:56:44.0022 4804  C:\Windows\System32\ktmw32.dll - ok
11:56:44.0022 4804  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7 ] C:\Windows\System32\taskcomp.dll
11:56:44.0022 4804  C:\Windows\System32\taskcomp.dll - ok
11:56:44.0022 4804  [ 945E54F23C72D37B8CD1987AF0DB63BF ] C:\Windows\System32\fveapi.dll
11:56:44.0022 4804  C:\Windows\System32\fveapi.dll - ok
11:56:44.0022 4804  [ 891ECFD08E2C538B7948CBC45106D697 ] C:\Windows\System32\fvecerts.dll
11:56:44.0022 4804  C:\Windows\System32\fvecerts.dll - ok
11:56:44.0022 4804  [ 694865362F0965779F92BCFE97712323 ] C:\Windows\System32\tbs.dll
11:56:44.0022 4804  C:\Windows\System32\tbs.dll - ok
11:56:44.0022 4804  [ 8269210DAF3B12BC8300631B28A2A442 ] C:\Windows\System32\wiarpc.dll
11:56:44.0022 4804  C:\Windows\System32\wiarpc.dll - ok
11:56:44.0038 4804  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] C:\Windows\System32\drivers\http.sys
11:56:44.0038 4804  C:\Windows\System32\drivers\http.sys - ok
11:56:44.0038 4804  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] C:\Windows\System32\spoolsv.exe
11:56:44.0038 4804  C:\Windows\System32\spoolsv.exe - ok
11:56:44.0038 4804  [ 82974D6A2FD19445CC5171FC378668A4 ] C:\Windows\System32\BFE.DLL
11:56:44.0038 4804  C:\Windows\System32\BFE.DLL - ok
11:56:44.0038 4804  [ 6C02A83164F5CC0A262F4199F0871CF5 ] C:\Windows\System32\drivers\bowser.sys
11:56:44.0038 4804  C:\Windows\System32\drivers\bowser.sys - ok
11:56:44.0038 4804  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] C:\Windows\System32\drivers\mpsdrv.sys
11:56:44.0038 4804  C:\Windows\System32\drivers\mpsdrv.sys - ok
11:56:44.0038 4804  [ A5D9106A73DC88564C825D317CAC68AC ] C:\Windows\System32\drivers\mrxsmb.sys
11:56:44.0038 4804  C:\Windows\System32\drivers\mrxsmb.sys - ok
11:56:44.0038 4804  [ C67F8A962B2534224D5908D16D2AD3CE ] C:\Windows\System32\wfapigp.dll
11:56:44.0038 4804  C:\Windows\System32\wfapigp.dll - ok
11:56:44.0038 4804  [ D711B3C1D5F42C0C2415687BE09FC163 ] C:\Windows\System32\drivers\mrxsmb10.sys
11:56:44.0038 4804  C:\Windows\System32\drivers\mrxsmb10.sys - ok
11:56:44.0054 4804  [ 1834B31C749B86DAC233BBBA1C03BC48 ] C:\Windows\System32\mscms.dll
11:56:44.0054 4804  C:\Windows\System32\mscms.dll - ok
11:56:44.0054 4804  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] C:\Windows\System32\drivers\mrxsmb20.sys
11:56:44.0054 4804  C:\Windows\System32\drivers\mrxsmb20.sys - ok
11:56:44.0054 4804  [ 851A1382EED3E3A7476DB004F4EE3E1A ] C:\Windows\System32\wkssvc.dll
11:56:44.0054 4804  C:\Windows\System32\wkssvc.dll - ok
11:56:44.0054 4804  [ 3AEAA8B561E63452C655DC0584922257 ] C:\Windows\System32\pcasvc.dll
11:56:44.0054 4804  C:\Windows\System32\pcasvc.dll - ok
11:56:44.0054 4804  [ 6313F223E817CC09AA41811DAA7F541D ] C:\Windows\System32\snmptrap.exe
11:56:44.0054 4804  C:\Windows\System32\snmptrap.exe - ok
11:56:44.0054 4804  [ 10EAB90C1AE8271B5FE5A8930987EE5C ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
11:56:44.0054 4804  C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
11:56:44.0054 4804  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:56:44.0054 4804  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
11:56:44.0054 4804  [ 565D78187494FB5F08B5A52DEB2AEA7A ] C:\Windows\SysWOW64\shell32.dll
11:56:44.0054 4804  C:\Windows\SysWOW64\shell32.dll - ok
11:56:44.0069 4804  [ 0BA4D8CE0C214F7208E72B3B8F8B7895 ] C:\Windows\System32\vpc.exe
11:56:44.0069 4804  C:\Windows\System32\vpc.exe - ok
11:56:44.0069 4804  [ 7C00C608FE4C8EDE9E30940837B9AC8B ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
11:56:44.0069 4804  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
11:56:44.0069 4804  [ 91A8E32B00BF7899EDAB6783287DDDA6 ] C:\Windows\System32\PeerDistSh.dll
11:56:44.0069 4804  C:\Windows\System32\PeerDistSh.dll - ok
11:56:44.0069 4804  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] C:\Windows\System32\sstpsvc.dll
11:56:44.0069 4804  C:\Windows\System32\sstpsvc.dll - ok
11:56:44.0069 4804  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
11:56:44.0069 4804  C:\Windows\System32\provsvc.dll - ok
11:56:44.0069 4804  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
11:56:44.0069 4804  C:\Windows\SysWOW64\shlwapi.dll - ok
11:56:44.0069 4804  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
11:56:44.0069 4804  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
11:56:44.0069 4804  [ D1E343BC00136CE03C4D403194D06A80 ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:56:44.0069 4804  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
11:56:44.0085 4804  [ 802496CB59A30349F9A6DD22D6947644 ] C:\Windows\System32\FDResPub.dll
11:56:44.0085 4804  C:\Windows\System32\FDResPub.dll - ok
11:56:44.0085 4804  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] C:\Windows\System32\dps.dll
11:56:44.0085 4804  C:\Windows\System32\dps.dll - ok
11:56:44.0085 4804  [ F1B205F932F62F94506A5F332C895DAF ] C:\Windows\System32\WSDApi.dll
11:56:44.0085 4804  C:\Windows\System32\WSDApi.dll - ok
11:56:44.0085 4804  [ 837608240884733792DDAE81E50B802A ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe
11:56:44.0085 4804  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlservr.exe - ok
11:56:44.0085 4804  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] C:\Windows\System32\cryptsvc.dll
11:56:44.0085 4804  C:\Windows\System32\cryptsvc.dll - ok
11:56:44.0085 4804  [ 2C4C22EA1735F21F355EB1A39832F7DF ] C:\Windows\System32\cryptnet.dll
11:56:44.0085 4804  C:\Windows\System32\cryptnet.dll - ok
11:56:44.0085 4804  [ C55516D98DD5D8F0153C2A9B4227DA86 ] C:\Windows\System32\webservices.dll
11:56:44.0085 4804  C:\Windows\System32\webservices.dll - ok
11:56:44.0085 4804  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567 ] C:\Windows\System32\vssapi.dll
11:56:44.0085 4804  C:\Windows\System32\vssapi.dll - ok
11:56:44.0085 4804  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
11:56:44.0085 4804  C:\Windows\System32\fundisc.dll - ok
11:56:44.0100 4804  [ 287923557447D7E4BDD7E65B1F0F5428 ] C:\Windows\System32\vsstrace.dll
11:56:44.0100 4804  C:\Windows\System32\vsstrace.dll - ok
11:56:44.0100 4804  [ 58F4493BF748A3A89689997B7BD00E95 ] C:\Windows\System32\winhttp.dll
11:56:44.0100 4804  C:\Windows\System32\winhttp.dll - ok
11:56:44.0100 4804  [ 603EBD34E216C5654A2D774EAC98D278 ] C:\Windows\System32\webio.dll
11:56:44.0100 4804  C:\Windows\System32\webio.dll - ok
11:56:44.0100 4804  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF ] C:\Windows\System32\httpapi.dll
11:56:44.0100 4804  C:\Windows\System32\httpapi.dll - ok
11:56:44.0100 4804  [ 99B91C5D2FCEF218CAD3600ECB62A799 ] C:\Windows\System32\msxml6.dll
11:56:44.0100 4804  C:\Windows\System32\msxml6.dll - ok
11:56:44.0100 4804  [ 5FF5E12F28725D14CAA3B408848ADFFC ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll
11:56:44.0100 4804  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcr80.dll - ok
11:56:44.0100 4804  [ A3C190D644E88DE5872FC7FEC7377E35 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll
11:56:44.0100 4804  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_d08cc06a442b34fc\msvcp80.dll - ok
11:56:44.0116 4804  [ D6D4130C0BBC0D18C2DA703CC38260A9 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlos.dll
11:56:44.0116 4804  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\sqlos.dll - ok
11:56:44.0116 4804  [ F93674263F6B07C77956E966953242D9 ] C:\Windows\SysWOW64\secur32.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\secur32.dll - ok
11:56:44.0116 4804  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\profapi.dll - ok
11:56:44.0116 4804  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\userenv.dll - ok
11:56:44.0116 4804  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\winmm.dll - ok
11:56:44.0116 4804  [ E111CED19D6A9FF9BBA5C219D0C5A3CE ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\opends60.dll
11:56:44.0116 4804  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\opends60.dll - ok
11:56:44.0116 4804  [ 2FCA0D2C59A855C54BAFA22AA329DF0F ] C:\Windows\SysWOW64\netapi32.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\netapi32.dll - ok
11:56:44.0116 4804  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
11:56:44.0116 4804  C:\Windows\SysWOW64\netutils.dll - ok
11:56:44.0132 4804  [ 8EA53101FF2B15BDFF934B62A8FB326D ] C:\Windows\SysWOW64\logoncli.dll
11:56:44.0132 4804  C:\Windows\SysWOW64\logoncli.dll - ok
11:56:44.0132 4804  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
11:56:44.0132 4804  C:\Windows\SysWOW64\srvcli.dll - ok
11:56:44.0132 4804  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
11:56:44.0132 4804  C:\Windows\SysWOW64\wkscli.dll - ok
11:56:44.0132 4804  [ 7B193BA3F0245D5867B71AD1CF631474 ] C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\instapi.dll
11:56:44.0132 4804  C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\instapi.dll - ok
11:56:44.0132 4804  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
11:56:44.0132 4804  C:\Windows\SysWOW64\psapi.dll - ok
11:56:44.0132 4804  [ 1AF54261C283BAFB021B3D84A7BAE978 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\SQLBOOT.dll
11:56:44.0132 4804  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\SQLBOOT.dll - ok
11:56:44.0132 4804  [ 847D3AE376C0817161A14A82C8922A9E ] C:\Windows\System32\netman.dll
11:56:44.0132 4804  C:\Windows\System32\netman.dll - ok
11:56:44.0132 4804  [ 8AD77806D336673F270DB31645267293 ] C:\Windows\System32\nlasvc.dll
11:56:44.0132 4804  C:\Windows\System32\nlasvc.dll - ok
11:56:44.0147 4804  [ B9B72FAAAA41D59B73B88FE3DD737ED1 ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
11:56:44.0147 4804  C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe - ok
11:56:44.0147 4804  [ D4FAC263861BAE06971C7F7D0A8EBF15 ] C:\Windows\System32\ncsi.dll
11:56:44.0147 4804  C:\Windows\System32\ncsi.dll - ok
11:56:44.0147 4804  [ 465BEA35F7ED4A4A57686DEA7EA10F47 ] C:\Windows\SysWOW64\cscapi.dll
11:56:44.0147 4804  C:\Windows\SysWOW64\cscapi.dll - ok
11:56:44.0147 4804  [ 247FE8DEFBB95A4319C7B4B215F92891 ] C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll
11:56:44.0147 4804  C:\UPS\WSTD\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
11:56:44.0147 4804  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE ] C:\Windows\System32\ssdpapi.dll
11:56:44.0147 4804  C:\Windows\System32\ssdpapi.dll - ok
11:56:44.0147 4804  [ 5672C775FAB584EB5BABBB79C74C530E ] C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll
11:56:44.0147 4804  C:\Program Files (x86)\Dell\Dell Datasafe Online\BuEng.dll - ok
11:56:44.0147 4804  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
11:56:44.0147 4804  C:\Windows\SysWOW64\ntmarta.dll - ok
11:56:44.0147 4804  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
11:56:44.0147 4804  C:\Windows\SysWOW64\Wldap32.dll - ok
11:56:44.0163 4804  [ E36112A8A6C7F840169A7E92C12F4203 ] C:\Windows\System32\wsock32.dll
11:56:44.0163 4804  C:\Windows\System32\wsock32.dll - ok
11:56:44.0163 4804  [ 1727B2A2F379A32B864C096FA794AADC ] C:\Windows\System32\aepic.dll
11:56:44.0163 4804  C:\Windows\System32\aepic.dll - ok
11:56:44.0163 4804  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
11:56:44.0163 4804  C:\Windows\System32\sfc.dll - ok
11:56:44.0163 4804  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
11:56:44.0163 4804  C:\Windows\System32\sfc_os.dll - ok
11:56:44.0163 4804  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
11:56:44.0163 4804  C:\Windows\System32\drivers\PEAuth.sys - ok
11:56:44.0163 4804  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
11:56:44.0163 4804  C:\Windows\System32\drivers\secdrv.sys - ok
11:56:44.0163 4804  [ BC617A4E1B4FA8DF523A061739A0BD87 ] C:\Windows\System32\seclogon.dll
11:56:44.0163 4804  C:\Windows\System32\seclogon.dll - ok
11:56:44.0163 4804  [ 29DDEA72C5BDF61D62F4D438DC0E497C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
11:56:44.0163 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe - ok
11:56:44.0178 4804  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\cryptsp.dll - ok
11:56:44.0178 4804  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\rsaenh.dll - ok
11:56:44.0178 4804  [ 72910F1DEB838E6E08A9017BFB7D4F0B ] C:\Windows\SysWOW64\browcli.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\browcli.dll - ok
11:56:44.0178 4804  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\samcli.dll - ok
11:56:44.0178 4804  [ FB4EB9352B7D698E6B3C2AA2ED724DAD ] C:\Windows\SysWOW64\authz.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\authz.dll - ok
11:56:44.0178 4804  [ D83947A58613E9091B4C9CC0F1546A8D ] C:\Windows\SysWOW64\mscoree.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\mscoree.dll - ok
11:56:44.0178 4804  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\wtsapi32.dll - ok
11:56:44.0178 4804  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
11:56:44.0178 4804  C:\Windows\SysWOW64\ws2_32.dll - ok
11:56:44.0194 4804  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:56:44.0194 4804  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:56:44.0194 4804  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\clbcatq.dll - ok
11:56:44.0194 4804  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\nsi.dll - ok
11:56:44.0194 4804  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files (x86)\Skype\Updater\Updater.exe
11:56:44.0194 4804  C:\Program Files (x86)\Skype\Updater\Updater.exe - ok
11:56:44.0194 4804  [ CE71B9119A258EDD0A05B37D7B0F92E3 ] C:\Windows\SysWOW64\bcrypt.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\bcrypt.dll - ok
11:56:44.0194 4804  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\credssp.dll - ok
11:56:44.0194 4804  [ 4C1E16B9A53102C8D6FBA587CBCB95DE ] C:\Windows\SysWOW64\msv1_0.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\msv1_0.dll - ok
11:56:44.0194 4804  [ 1128637CAD49A8E3C8B5FA5D0A061525 ] C:\Windows\SysWOW64\cryptdll.dll
11:56:44.0194 4804  C:\Windows\SysWOW64\cryptdll.dll - ok
11:56:44.0210 4804  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
11:56:44.0210 4804  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
11:56:44.0210 4804  [ 086B869003A203208E5BE8FA1B3D1957 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll
11:56:44.0210 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\SDSSmartRepairTools.dll - ok
11:56:44.0210 4804  [ BDA0B954A30498B5A7EDC6204CBA07ED ] C:\Windows\SysWOW64\kerberos.dll
11:56:44.0210 4804  C:\Windows\SysWOW64\kerberos.dll - ok
11:56:44.0210 4804  [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\sqlbrowser.exe
11:56:44.0210 4804  C:\Program Files (x86)\MICROSOFT SQL SERVER\90\Shared\sqlbrowser.exe - ok
11:56:44.0210 4804  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
11:56:44.0210 4804  C:\Windows\SysWOW64\wship6.dll - ok
11:56:44.0210 4804  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
11:56:44.0210 4804  C:\Windows\SysWOW64\wshqos.dll - ok
11:56:44.0210 4804  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
11:56:44.0210 4804  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
11:56:44.0210 4804  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
11:56:44.0210 4804  C:\Windows\SysWOW64\mswsock.dll - ok
11:56:44.0225 4804  [ 3D3CBD1847F980FB03343A63671E7886 ] C:\Windows\SysWOW64\schannel.dll
11:56:44.0225 4804  C:\Windows\SysWOW64\schannel.dll - ok
11:56:44.0225 4804  [ 4F6E72B34ED3DC53DCC5E8708E60B61F ] C:\Windows\SysWOW64\security.dll
11:56:44.0225 4804  C:\Windows\SysWOW64\security.dll - ok
11:56:44.0225 4804  [ 704314FD398C81D5F342CAA5DF7B7F21 ] C:\Windows\SysWOW64\wbemcomn.dll
11:56:44.0225 4804  C:\Windows\SysWOW64\wbemcomn.dll - ok
11:56:44.0225 4804  [ C5B0324DB461559ADD070E632A6919FA ] C:\Windows\SysWOW64\wbem\wbemprox.dll
11:56:44.0225 4804  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
11:56:44.0225 4804  [ F11A57E91FDAECFB41A5CB21EB1EBC8E ] C:\Windows\System32\dssenh.dll
11:56:44.0225 4804  C:\Windows\System32\dssenh.dll - ok
11:56:44.0225 4804  [ 21D3A18769EC2C4E56756D04E989A221 ] C:\Windows\SysWOW64\msxml3.dll
11:56:44.0225 4804  C:\Windows\SysWOW64\msxml3.dll - ok
11:56:44.0225 4804  [ 3C432A96363097870995E2A3C8B66ABD ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:56:44.0225 4804  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
11:56:44.0241 4804  [ 06A754FE28A06F780A099703CFCAAA22 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
11:56:44.0241 4804  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
11:56:44.0241 4804  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
11:56:44.0241 4804  C:\Windows\SysWOW64\winsta.dll - ok
11:56:44.0241 4804  [ D8EB517679EB142F011D2FD56EE94C68 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
11:56:44.0241 4804  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
11:56:44.0241 4804  [ 27E461F0BE5BFF5FC737328F749538C3 ] C:\Windows\System32\drivers\srvnet.sys
11:56:44.0241 4804  C:\Windows\System32\drivers\srvnet.sys - ok
11:56:44.0241 4804  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] C:\Windows\System32\drivers\tcpipreg.sys
11:56:44.0241 4804  C:\Windows\System32\drivers\tcpipreg.sys - ok
11:56:44.0241 4804  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] C:\Windows\System32\sysmain.dll
11:56:44.0241 4804  C:\Windows\System32\sysmain.dll - ok
11:56:44.0241 4804  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] C:\Windows\System32\wiaservc.dll
11:56:44.0241 4804  C:\Windows\System32\wiaservc.dll - ok
11:56:44.0241 4804  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] C:\Windows\System32\tapisrv.dll
11:56:44.0241 4804  C:\Windows\System32\tapisrv.dll - ok
11:56:44.0256 4804  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5 ] C:\Windows\System32\wiatrace.dll
11:56:44.0256 4804  C:\Windows\System32\wiatrace.dll - ok
11:56:44.0256 4804  [ 74FC70AE64A7B7DABEC9697CE0A1F4FA ] C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
11:56:44.0256 4804  C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe - ok
11:56:44.0256 4804  [ 7AE92C896AF9ABFBDB18C1D055B6EBA7 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
11:56:44.0256 4804  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
11:56:44.0256 4804  [ 210FCACAF902B2CD47CF9FD17D846146 ] C:\Windows\System32\aeevts.dll
11:56:44.0256 4804  C:\Windows\System32\aeevts.dll - ok
11:56:44.0256 4804  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
11:56:44.0256 4804  C:\Windows\SysWOW64\mpr.dll - ok
11:56:44.0256 4804  [ 6F8E3B7B70E1BBA871212940C1FBDF60 ] C:\Windows\SysWOW64\SensApi.dll
11:56:44.0256 4804  C:\Windows\SysWOW64\SensApi.dll - ok
11:56:44.0256 4804  [ 9BF7C7654EFD098EE3A27B49492A382A ] C:\Windows\SysWOW64\wininet.dll
11:56:44.0256 4804  C:\Windows\SysWOW64\wininet.dll - ok
11:56:44.0256 4804  [ 6A13B4F3B3F575F1E24B877B9359AABA ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
11:56:44.0272 4804  [ 589CBC4989F750E1DA35625AB481CF43 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
11:56:44.0272 4804  [ 2E33DFD10F28F86C3FC40EE123CC3904 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
11:56:44.0272 4804  [ 6951562DC4625EEFC6EACD52AD165866 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
11:56:44.0272 4804  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
11:56:44.0272 4804  [ FE29131E35902038066C924CF9C59DF8 ] C:\Windows\SysWOW64\iertutil.dll
11:56:44.0272 4804  C:\Windows\SysWOW64\iertutil.dll - ok
11:56:44.0272 4804  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
11:56:44.0272 4804  C:\Windows\System32\dllhost.exe - ok
11:56:44.0272 4804  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
11:56:44.0272 4804  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
11:56:44.0288 4804  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
11:56:44.0288 4804  C:\Windows\System32\IDStore.dll - ok
11:56:44.0288 4804  [ 639774C9ACD063F028F6084ABF5593AD ] C:\Windows\System32\taskhost.exe
11:56:44.0288 4804  C:\Windows\System32\taskhost.exe - ok
11:56:44.0288 4804  [ 94EEAC26F57811BD1AEFC164412F7FCE ] C:\Windows\System32\PlaySndSrv.dll
11:56:44.0288 4804  C:\Windows\System32\PlaySndSrv.dll - ok
11:56:44.0288 4804  [ 65EA57712340C09B1B0C427B4848AE05 ] C:\Windows\System32\taskeng.exe
11:56:44.0288 4804  C:\Windows\System32\taskeng.exe - ok
11:56:44.0288 4804  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
11:56:44.0288 4804  C:\Windows\System32\mpr.dll - ok
11:56:44.0288 4804  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
11:56:44.0288 4804  C:\Windows\System32\userinit.exe - ok
11:56:44.0288 4804  [ F162D5F5E845B9DC352DD1BAD8CEF1BC ] C:\Windows\System32\dwm.exe
11:56:44.0288 4804  C:\Windows\System32\dwm.exe - ok
11:56:44.0288 4804  [ FCFCD1101C5DA23B4B95F93D02B2C169 ] C:\Windows\System32\dwmredir.dll
11:56:44.0288 4804  C:\Windows\System32\dwmredir.dll - ok
11:56:44.0303 4804  [ 9BB99503D6A4DD62569EDE9E5E2672A5 ] C:\Windows\System32\HotStartUserAgent.dll
11:56:44.0303 4804  C:\Windows\System32\HotStartUserAgent.dll - ok
11:56:44.0303 4804  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
11:56:44.0303 4804  C:\Windows\System32\MsCtfMonitor.dll - ok
11:56:44.0303 4804  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
11:56:44.0303 4804  C:\Windows\System32\msutb.dll - ok
11:56:44.0303 4804  [ 522B0466ED967A0762E9AF5B37D8F40A ] C:\Windows\System32\esent.dll
11:56:44.0303 4804  C:\Windows\System32\esent.dll - ok
11:56:44.0303 4804  [ 4BA77A5EF71C14C764B0ED4701683E3E ] C:\Windows\System32\dwmcore.dll
11:56:44.0303 4804  C:\Windows\System32\dwmcore.dll - ok
11:56:44.0303 4804  [ B2DB6ABA2E292235749B80A9C3DFA867 ] C:\Windows\SysWOW64\imagehlp.dll
11:56:44.0303 4804  C:\Windows\SysWOW64\imagehlp.dll - ok
11:56:44.0303 4804  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
11:56:44.0303 4804  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
11:56:44.0303 4804  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
11:56:44.0303 4804  C:\Windows\SysWOW64\winnsi.dll - ok
11:56:44.0319 4804  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
11:56:44.0319 4804  C:\Windows\SysWOW64\dwmapi.dll - ok
11:56:44.0319 4804  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
11:56:44.0319 4804  C:\Windows\SysWOW64\msimg32.dll - ok
11:56:44.0319 4804  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:56:44.0319 4804  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
11:56:44.0319 4804  [ 19B07E7E8915D701225DA41CB3877306 ] C:\Windows\System32\wbem\WMIsvc.dll
11:56:44.0319 4804  C:\Windows\System32\wbem\WMIsvc.dll - ok
11:56:44.0319 4804  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
11:56:44.0319 4804  C:\Windows\SysWOW64\apphelp.dll - ok
11:56:44.0319 4804  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
11:56:44.0319 4804  C:\Windows\explorer.exe - ok
11:56:44.0319 4804  [ 7E7AFD841694F6AC397E99D75CEAD49D ] C:\Windows\System32\trkwks.dll
11:56:44.0319 4804  C:\Windows\System32\trkwks.dll - ok
11:56:44.0319 4804  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
11:56:44.0319 4804  C:\Windows\SysWOW64\uxtheme.dll - ok
11:56:44.0334 4804  [ 805A52C5AE26C28E88FDD9BCCFE6F312 ] C:\Windows\System32\TSChannel.dll
11:56:44.0334 4804  C:\Windows\System32\TSChannel.dll - ok
11:56:44.0334 4804  [ 539C49CEBB3C50957AC8A09D95ECD880 ] C:\Windows\SysWOW64\shfolder.dll
11:56:44.0334 4804  C:\Windows\SysWOW64\shfolder.dll - ok
11:56:44.0334 4804  [ 4CE5F7A4038000239E2773ADD8A71B33 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe
11:56:44.0334 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe - ok
11:56:44.0334 4804  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
11:56:44.0334 4804  C:\Windows\System32\wbemcomn.dll - ok
11:56:44.0334 4804  [ 5EB55F661DEBF156E126160BCD4D89F8 ] C:\Windows\System32\wbem\wbemcore.dll
11:56:44.0334 4804  C:\Windows\System32\wbem\wbemcore.dll - ok
11:56:44.0334 4804  [ 0255C22D99602534F15CBB8D9B6F152F ] C:\Windows\System32\wbem\WinMgmtR.dll
11:56:44.0334 4804  C:\Windows\System32\wbem\WinMgmtR.dll - ok
11:56:44.0334 4804  [ 9AE80F6A66B30E3ED8CDF858CF28B11B ] C:\Windows\System32\d3d10_1.dll
11:56:44.0334 4804  C:\Windows\System32\d3d10_1.dll - ok
11:56:44.0334 4804  [ 0C52762C606BCF6A377D5E4688191A6B ] C:\Windows\System32\wbem\WmiDcPrv.dll
11:56:44.0334 4804  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
11:56:44.0350 4804  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
11:56:44.0350 4804  C:\Windows\SysWOW64\propsys.dll - ok
11:56:44.0350 4804  [ A3F5E8EC1316C3E2562B82694A251C9E ] C:\Windows\System32\wbem\fastprox.dll
11:56:44.0350 4804  C:\Windows\System32\wbem\fastprox.dll - ok
11:56:44.0350 4804  [ 63F72417CA38D8FC8F53709649B589E3 ] C:\Windows\System32\d3d10_1core.dll
11:56:44.0350 4804  C:\Windows\System32\d3d10_1core.dll - ok
11:56:44.0350 4804  [ BF6D6ED5FADCEEE885BD0144ECF1BA27 ] C:\Windows\SysWOW64\ncrypt.dll
11:56:44.0350 4804  C:\Windows\SysWOW64\ncrypt.dll - ok
11:56:44.0350 4804  [ E70DCE3B68FDF6D8CF85DF853A63D223 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
11:56:44.0350 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe - ok
11:56:44.0350 4804  [ E3E811471DE781900FF21C1FD84E941E ] C:\Windows\SysWOW64\ntdsapi.dll
11:56:44.0350 4804  C:\Windows\SysWOW64\ntdsapi.dll - ok
11:56:44.0350 4804  [ 8DFB5752FCE145A6B295093C0A8BE131 ] C:\Windows\System32\dxgi.dll
11:56:44.0350 4804  C:\Windows\System32\dxgi.dll - ok
11:56:44.0350 4804  [ 28968739C9027D8B7E8EBFE9898BA629 ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe
11:56:44.0350 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\RPLauncher.exe - ok
11:56:44.0366 4804  [ 087D8668C71634A3A3761135ABF16EEE ] C:\Windows\System32\wbem\esscli.dll
11:56:44.0366 4804  C:\Windows\System32\wbem\esscli.dll - ok
11:56:44.0366 4804  [ EE26D130808D16C0E417BBBED0451B34 ] C:\Windows\System32\ntdsapi.dll
11:56:44.0366 4804  C:\Windows\System32\ntdsapi.dll - ok
11:56:44.0366 4804  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
11:56:44.0366 4804  C:\Windows\System32\wbem\wbemprox.dll - ok
11:56:44.0366 4804  [ 4C92EB7535CAA1681A77D928FBF9771F ] C:\Windows\System32\d3d11.dll
11:56:44.0366 4804  C:\Windows\System32\d3d11.dll - ok
11:56:44.0366 4804  [ 718B6F51AB7F6FE2988A36868F9AD3AB ] C:\Windows\System32\wbem\wbemsvc.dll
11:56:44.0366 4804  C:\Windows\System32\wbem\wbemsvc.dll - ok
11:56:44.0366 4804  [ 0143DB80DACFB7C2B5B7009ED9063353 ] C:\Windows\System32\wbem\wmiutils.dll
11:56:44.0366 4804  C:\Windows\System32\wbem\wmiutils.dll - ok
11:56:44.0366 4804  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
11:56:44.0366 4804  C:\Windows\System32\ExplorerFrame.dll - ok
11:56:44.0366 4804  [ 84174CA0E190BB9D1EFD0F005FE13B35 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll
11:56:44.0366 4804  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_72d2e82386681b36\GdiPlus.dll - ok
11:56:44.0381 4804  [ 776AE0564F8B1C282E331FD95A1BDC5F ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
11:56:44.0381 4804  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
11:56:44.0381 4804  [ B837D1528CE2E3CB79F09496BC08DDC6 ] C:\Windows\System32\SensApi.dll
11:56:44.0381 4804  C:\Windows\System32\SensApi.dll - ok
11:56:44.0381 4804  [ D1DE1EAFDE97BE41CF6585027FF3E732 ] C:\Windows\SysWOW64\comdlg32.dll
11:56:44.0381 4804  C:\Windows\SysWOW64\comdlg32.dll - ok
11:56:44.0381 4804  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A ] C:\Windows\SysWOW64\wbem\fastprox.dll
11:56:44.0381 4804  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
11:56:44.0381 4804  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
11:56:44.0381 4804  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
11:56:44.0381 4804  [ 0AB34456654C283DAA13B8D2BA21439B ] C:\Windows\System32\wbem\repdrvfs.dll
11:56:44.0381 4804  C:\Windows\System32\wbem\repdrvfs.dll - ok
11:56:44.0381 4804  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
11:56:44.0381 4804  C:\Windows\System32\wer.dll - ok
11:56:44.0381 4804  [ 7D5645EE0EA77D539828433D9B95F5EB ] C:\Windows\System32\WinSCard.dll
11:56:44.0381 4804  C:\Windows\System32\WinSCard.dll - ok
11:56:44.0397 4804  [ DC1BBA01FFB5745B8862931E7DE7304A ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
11:56:44.0397 4804  C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
11:56:44.0397 4804  [ 371948BC5911ABA06168FAC91ED25F06 ] C:\Windows\System32\msxml3.dll
11:56:44.0397 4804  C:\Windows\System32\msxml3.dll - ok
11:56:44.0397 4804  [ 0243BBD8B67F716EE467E86B917DDD09 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
11:56:44.0397 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe - ok
11:56:44.0397 4804  [ 1261A900CF73B8E3DC05EF8220282D8E ] C:\Windows\System32\igd10umd64.dll
11:56:44.0397 4804  C:\Windows\System32\igd10umd64.dll - ok
11:56:44.0397 4804  [ BDAC1AA64495D0F7E1FF810EBBF1F018 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
11:56:44.0397 4804  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
11:56:44.0397 4804  [ 08C2957BB30058E663720C5606885653 ] C:\Windows\System32\iphlpsvc.dll
11:56:44.0397 4804  C:\Windows\System32\iphlpsvc.dll - ok
11:56:44.0397 4804  [ 27B9E163740A226B65E4B9E186117911 ] C:\Windows\System32\sqmapi.dll
11:56:44.0397 4804  C:\Windows\System32\sqmapi.dll - ok
11:56:44.0397 4804  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] C:\Windows\System32\drivers\srv2.sys
11:56:44.0397 4804  C:\Windows\System32\drivers\srv2.sys - ok
11:56:44.0412 4804  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
11:56:44.0412 4804  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
11:56:44.0412 4804  [ F3F571288CDE445881102E385BF3471F ] C:\Windows\SysWOW64\Magnification.dll
11:56:44.0412 4804  C:\Windows\SysWOW64\Magnification.dll - ok
11:56:44.0412 4804  [ 6EF5F3F18413C367195F06E503AB86A6 ] C:\Windows\SysWOW64\d3d9.dll
11:56:44.0412 4804  C:\Windows\SysWOW64\d3d9.dll - ok
11:56:44.0412 4804  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8 ] C:\Windows\SysWOW64\winspool.drv
11:56:44.0412 4804  C:\Windows\SysWOW64\winspool.drv - ok
11:56:44.0412 4804  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
11:56:44.0412 4804  C:\Windows\SysWOW64\oleacc.dll - ok
11:56:44.0412 4804  [ 7B38D7916A7CD058C16A0A6CA5077901 ] C:\Windows\System32\wdscore.dll
11:56:44.0412 4804  C:\Windows\System32\wdscore.dll - ok
11:56:44.0412 4804  [ 936F728E04ACCF3F38801CFFCF1E3F40 ] C:\Windows\SysWOW64\oledlg.dll
11:56:44.0412 4804  C:\Windows\SysWOW64\oledlg.dll - ok
11:56:44.0412 4804  [ 70A176BF2ED362862944C371838262F8 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
11:56:44.0412 4804  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
11:56:44.0428 4804  [ 96C70BD48D49B87475F4572DEDC62EB9 ] C:\Windows\AppPatch\AcLayers.dll
11:56:44.0428 4804  C:\Windows\AppPatch\AcLayers.dll - ok
11:56:44.0428 4804  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] C:\Windows\System32\drivers\srv.sys
11:56:44.0428 4804  C:\Windows\System32\drivers\srv.sys - ok
11:56:44.0428 4804  [ EE867A0870FC9E4972BA9EAAD35651E2 ] C:\Windows\System32\rasmans.dll
11:56:44.0428 4804  C:\Windows\System32\rasmans.dll - ok
11:56:44.0428 4804  [ CC3FD6DEEE458D0BE9A69241E0749717 ] C:\Windows\SysWOW64\ieframe.dll
11:56:44.0428 4804  C:\Windows\SysWOW64\ieframe.dll - ok
11:56:44.0428 4804  [ 77B1471A490B53B24EFE136F09F76550 ] C:\Windows\SysWOW64\d3d8thk.dll
11:56:44.0428 4804  C:\Windows\SysWOW64\d3d8thk.dll - ok
11:56:44.0428 4804  [ 65522E77A1360DBC8D199DA3BF5EFFE4 ] C:\Windows\System32\eappprxy.dll
11:56:44.0428 4804  C:\Windows\System32\eappprxy.dll - ok
11:56:44.0428 4804  [ 28AD5E311996A34025CFB07E131058DD ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
11:56:44.0428 4804  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
11:56:44.0428 4804  [ 88351B29B622B30962D2FEB6CA8D860B ] C:\Windows\System32\rasadhlp.dll
11:56:44.0428 4804  C:\Windows\System32\rasadhlp.dll - ok
11:56:44.0444 4804  [ 9FCA3A84338ADEF2AFF67CDA46EF8539 ] C:\Windows\System32\umb.dll
11:56:44.0444 4804  C:\Windows\System32\umb.dll - ok
11:56:44.0444 4804  [ 400B0812687086AEAEFF7D50673A4BFD ] C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe
11:56:44.0444 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\RPLaunch.exe - ok
11:56:44.0444 4804  [ D9F42719019740BAA6D1C6D536CBDAA6 ] C:\Windows\System32\srvsvc.dll
11:56:44.0444 4804  C:\Windows\System32\srvsvc.dll - ok
11:56:44.0444 4804  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] C:\Windows\System32\browser.dll
11:56:44.0444 4804  C:\Windows\System32\browser.dll - ok
11:56:44.0444 4804  [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051 ] C:\Windows\System32\localspl.dll
11:56:44.0444 4804  C:\Windows\System32\localspl.dll - ok
11:56:44.0444 4804  [ 44C96B48112EB24AE7764EBF1C527000 ] C:\Windows\System32\rastapi.dll
11:56:44.0444 4804  C:\Windows\System32\rastapi.dll - ok
11:56:44.0444 4804  [ 37B6EBA4E783A0B25F3FE05EF86722CB ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
11:56:44.0444 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
11:56:44.0444 4804  [ FAFAE01E889DC9C05A6CA2138CFC220B ] C:\Windows\System32\tapi32.dll
11:56:44.0444 4804  C:\Windows\System32\tapi32.dll - ok
11:56:44.0459 4804  [ 03706015DB44368375AEBE6339490E66 ] C:\Windows\System32\netcfgx.dll
11:56:44.0459 4804  C:\Windows\System32\netcfgx.dll - ok
11:56:44.0459 4804  [ 225D276C730DF08CC83EABAC407F0D75 ] C:\Windows\SysWOW64\urlmon.dll
11:56:44.0459 4804  C:\Windows\SysWOW64\urlmon.dll - ok
11:56:44.0459 4804  [ 3285481F5C12305CA104A6C493CA5A0B ] C:\Windows\System32\spoolss.dll
11:56:44.0459 4804  C:\Windows\System32\spoolss.dll - ok
11:56:44.0459 4804  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
11:56:44.0459 4804  C:\Windows\System32\winspool.drv - ok
11:56:44.0459 4804  [ 1C60E09CA1C3A045BC4D367F67C915B7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
11:56:44.0459 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
11:56:44.0459 4804  [ CFEFA40DDE34659BE5211966EAD86437 ] C:\Windows\System32\netmsg.dll
11:56:44.0459 4804  C:\Windows\System32\netmsg.dll - ok
11:56:44.0459 4804  [ C5AC93CF3BA30D367FB49148A2B673B9 ] C:\Windows\System32\PrintIsolationProxy.dll
11:56:44.0459 4804  C:\Windows\System32\PrintIsolationProxy.dll - ok
11:56:44.0459 4804  [ 3B367397320C26DBA890B260F80D1B1B ] C:\Windows\System32\hnetcfg.dll
11:56:44.0459 4804  C:\Windows\System32\hnetcfg.dll - ok
11:56:44.0475 4804  [ 49ACA548B2423F1C67898E6AC719A9A6 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11:56:44.0475 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
11:56:44.0475 4804  [ B91BAB2B9086CF4B15DA08AA139C1A2F ] C:\Windows\System32\AdobePDF.dll
11:56:44.0475 4804  C:\Windows\System32\AdobePDF.dll - ok
11:56:44.0475 4804  [ 19E41CCCEE697CC9465396B370929792 ] C:\Windows\System32\FXSMON.dll
11:56:44.0475 4804  C:\Windows\System32\FXSMON.dll - ok
11:56:44.0475 4804  [ 2E5353B4C22105C59484A927A3D064C7 ] C:\Windows\System32\PJLMON.DLL
11:56:44.0475 4804  C:\Windows\System32\PJLMON.DLL - ok
11:56:44.0475 4804  [ 32A3C8600AF124CBAAD845F13CFAE3CB ] C:\Windows\System32\tcpmon.dll
11:56:44.0475 4804  C:\Windows\System32\tcpmon.dll - ok
11:56:44.0475 4804  [ 93518C6EDE0B61BCBD02BDB02BD05FEE ] C:\Windows\System32\snmpapi.dll
11:56:44.0475 4804  C:\Windows\System32\snmpapi.dll - ok
11:56:44.0475 4804  [ DDD0357A92FA843EFF8915ED17253D6C ] C:\Windows\System32\wbem\WmiPrvSD.dll
11:56:44.0475 4804  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
11:56:44.0475 4804  [ 33A77D477EF9D7A5C65A950129DF2E47 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
11:56:44.0475 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll - ok
11:56:44.0490 4804  [ 49E5753D923F1AC63B22D3DCB0B47E00 ] C:\Windows\System32\uDWM.dll
11:56:44.0490 4804  C:\Windows\System32\uDWM.dll - ok
11:56:44.0490 4804  [ DF72A9936D0C3F517083119648814B09 ] C:\Windows\System32\usbmon.dll
11:56:44.0490 4804  C:\Windows\System32\usbmon.dll - ok
11:56:44.0490 4804  [ FFF9D00CF16397C64317F213484F94BD ] C:\Windows\System32\wsnmp32.dll
11:56:44.0490 4804  C:\Windows\System32\wsnmp32.dll - ok
11:56:44.0490 4804  [ 02CB65DB3C16CB874B04F6B5BA734A7C ] C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe
11:56:44.0490 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\SetMUILanguage.exe - ok
11:56:44.0490 4804  [ D41FEBD098234F02485A4EA98D4730A4 ] C:\Windows\System32\ncobjapi.dll
11:56:44.0490 4804  C:\Windows\System32\ncobjapi.dll - ok
11:56:44.0490 4804  [ A1D7E3ADCDB07DDB6F423862DCB1A52B ] C:\Windows\System32\WSDMon.dll
11:56:44.0490 4804  C:\Windows\System32\WSDMon.dll - ok
11:56:44.0490 4804  [ E8449FE262D7406BCB2AC2A45C53EC5F ] C:\Windows\SysWOW64\bcryptprimitives.dll
11:56:44.0490 4804  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
11:56:44.0490 4804  [ FEB91B4DA0D540865260A33838654FA3 ] C:\Windows\System32\nci.dll
11:56:44.0490 4804  C:\Windows\System32\nci.dll - ok
11:56:44.0506 4804  [ 1097F3035BAF46CED8B332B3564C5108 ] C:\Windows\SysWOW64\gpapi.dll
11:56:44.0506 4804  C:\Windows\SysWOW64\gpapi.dll - ok
11:56:44.0506 4804  [ 4581716B4BF76ACFD8E167EB0B26D82A ] C:\Windows\System32\fdPnp.dll
11:56:44.0506 4804  C:\Windows\System32\fdPnp.dll - ok
11:56:44.0506 4804  [ 1D626FE2E13C1CE49CA0136CFF214E93 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
11:56:44.0506 4804  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
11:56:44.0506 4804  [ 60F4AEFA103D421EA4A40E31409B4756 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11:56:44.0506 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
11:56:44.0506 4804  [ 007863E45F25AA47A4C30D0930BBFD85 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11:56:44.0506 4804  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
11:56:44.0506 4804  [ 6F40D6FB05E0C1E5402812B426971AF0 ] C:\Windows\System32\wbem\wbemess.dll
11:56:44.0506 4804  C:\Windows\System32\wbem\wbemess.dll - ok
11:56:44.0506 4804  [ 67CF11E00D026A5C0C88EA5F84D501E5 ] C:\Windows\System32\win32spl.dll
11:56:44.0506 4804  C:\Windows\System32\win32spl.dll - ok
11:56:44.0506 4804  [ D2A0FFA75AB181B19B5EB93BB29C7686 ] C:\Windows\System32\unimdm.tsp
11:56:44.0506 4804  C:\Windows\System32\unimdm.tsp - ok
11:56:44.0522 4804  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
11:56:44.0522 4804  C:\Windows\System32\EhStorShell.dll - ok
11:56:44.0522 4804  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
11:56:44.0522 4804  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
11:56:44.0522 4804  [ 507BF2D933EE0C115924695230C15E05 ] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
11:56:44.0522 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe - ok
11:56:44.0522 4804  [ 32802C0F6FC7C8F561B9D91F52A46421 ] C:\Windows\System32\cscui.dll
11:56:44.0522 4804  C:\Windows\System32\cscui.dll - ok
11:56:44.0522 4804  [ FF80CAD87555E8E4D2CFD7B9058343F8 ] C:\Windows\System32\sscore.dll
11:56:44.0522 4804  C:\Windows\System32\sscore.dll - ok
11:56:44.0522 4804  [ 507D5567A0A4EE86C4B0CE2CE1777025 ] C:\Windows\System32\inetpp.dll
11:56:44.0522 4804  C:\Windows\System32\inetpp.dll - ok
11:56:44.0522 4804  [ 81749E073AC5857B044A686B406E5244 ] C:\Windows\System32\clusapi.dll
11:56:44.0522 4804  C:\Windows\System32\clusapi.dll - ok
11:56:44.0522 4804  [ 7EE5F17A21D9A9101207DF4BC37B085D ] C:\Windows\System32\cscdll.dll
11:56:44.0522 4804  C:\Windows\System32\cscdll.dll - ok
11:56:44.0537 4804  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
11:56:44.0537 4804  C:\Windows\System32\cscapi.dll - ok
11:56:44.0537 4804  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
11:56:44.0537 4804  C:\Windows\SysWOW64\sfc.dll - ok
11:56:44.0537 4804  [ 0BA65122FFA7E37564EE86422DBF7AE8 ] C:\Windows\SysWOW64\nlaapi.dll
11:56:44.0537 4804  C:\Windows\SysWOW64\nlaapi.dll - ok
11:56:44.0537 4804  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
11:56:44.0537 4804  C:\Windows\System32\drivers\fastfat.sys - ok
11:56:44.0537 4804  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
11:56:44.0537 4804  C:\Windows\System32\ntshrui.dll - ok
11:56:44.0537 4804  [ 94B7DF336815B47236724019FAB24B7C ] C:\Windows\System32\uniplat.dll
11:56:44.0537 4804  C:\Windows\System32\uniplat.dll - ok
11:56:44.0537 4804  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
11:56:44.0537 4804  C:\Windows\SysWOW64\NapiNSP.dll - ok
11:56:44.0537 4804  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
11:56:44.0537 4804  C:\Windows\SysWOW64\pnrpnsp.dll - ok
11:56:44.0537 4804  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
11:56:44.0537 4804  C:\Windows\SysWOW64\sfc_os.dll - ok
11:56:44.0553 4804  [ 41326DD08ACC0CDC5F8177AF96C066E8 ] C:\Windows\System32\kmddsp.tsp
11:56:44.0553 4804  C:\Windows\System32\kmddsp.tsp - ok
11:56:44.0553 4804  [ 344FCC9850C3A8A3B4D3C65151AF8E4C ] C:\Windows\System32\resutils.dll
11:56:44.0553 4804  C:\Windows\System32\resutils.dll - ok
11:56:44.0553 4804  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
11:56:44.0553 4804  C:\Windows\SysWOW64\dnsapi.dll - ok
11:56:44.0553 4804  [ 1D6BC2769DA66C1145F4DA5A65F52E61 ] C:\Windows\System32\ndptsp.tsp
11:56:44.0553 4804  C:\Windows\System32\ndptsp.tsp - ok
11:56:44.0553 4804  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
11:56:44.0553 4804  C:\Windows\System32\IconCodecService.dll - ok
11:56:44.0553 4804  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
11:56:44.0553 4804  C:\Windows\SysWOW64\devrtl.dll - ok
11:56:44.0553 4804  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
11:56:44.0553 4804  C:\Windows\SysWOW64\winrnr.dll - ok
11:56:44.0553 4804  [ 9D4A1690AF93F233E15380398BEC7431 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
11:56:44.0553 4804  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
11:56:44.0568 4804  [ 7C1BAE7D23D4874FEE256A2B9C00E019 ] C:\Windows\System32\hidphone.tsp
11:56:44.0568 4804  C:\Windows\System32\hidphone.tsp - ok
11:56:44.0568 4804  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
11:56:44.0568 4804  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
11:56:44.0568 4804  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
11:56:44.0568 4804  C:\Windows\SysWOW64\rasadhlp.dll - ok
11:56:44.0568 4804  [ A717A35120DBAB5AB707AB40662AF9DD ] C:\Windows\System32\rasppp.dll
11:56:44.0568 4804  C:\Windows\System32\rasppp.dll - ok
11:56:44.0568 4804  [ 0D753307D274F3688BD21C377B616700 ] C:\Windows\System32\eappcfg.dll
11:56:44.0568 4804  C:\Windows\System32\eappcfg.dll - ok
11:56:44.0568 4804  [ 0FE5CD5F9C9248F42D1EF56E495B182E ] C:\Windows\System32\vpnike.dll
11:56:44.0568 4804  C:\Windows\System32\vpnike.dll - ok
11:56:44.0568 4804  [ 6A84E68B538B8B04608BF2F0D426CE6F ] C:\Windows\System32\raschap.dll
11:56:44.0568 4804  C:\Windows\System32\raschap.dll - ok
11:56:44.0568 4804  [ B95F6501A2F8B2E78C697FEC401970CE ] C:\Windows\System32\ipnathlp.dll
11:56:44.0568 4804  C:\Windows\System32\ipnathlp.dll - ok
11:56:44.0584 4804  [ 96FAF00A7ADC61AF68192445623402FA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll
11:56:44.0584 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\187c13e8967097d2ed1e5f123e7d890a\System.ni.dll - ok
11:56:44.0584 4804  [ 2DF29664ED261F0FC448E58F338F0671 ] C:\Windows\System32\mprapi.dll
11:56:44.0584 4804  C:\Windows\System32\mprapi.dll - ok
11:56:44.0584 4804  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
11:56:44.0584 4804  C:\Windows\System32\netshell.dll - ok
11:56:44.0584 4804  [ FDC385A0F7D7DD880C4622D1DF08ABE9 ] C:\Windows\System32\ntprint.dll
11:56:44.0584 4804  C:\Windows\System32\ntprint.dll - ok
11:56:44.0584 4804  [ 9D2A2369AB4B08A4905FE72DB104498F ] C:\Windows\System32\appinfo.dll
11:56:44.0584 4804  C:\Windows\System32\appinfo.dll - ok
11:56:44.0584 4804  [ BF1FC3F79B863C914687A737C2F3D681 ] C:\Windows\System32\wdi.dll
11:56:44.0584 4804  C:\Windows\System32\wdi.dll - ok
11:56:44.0584 4804  [ 93221146D4EBBF314C29B23CD6CC391D ] C:\Windows\System32\wpdbusenum.dll
11:56:44.0584 4804  C:\Windows\System32\wpdbusenum.dll - ok
11:56:44.0584 4804  [ 4449D23E8F197862F1B16F1E6C89C36C ] C:\Windows\System32\diagperf.dll
11:56:44.0584 4804  C:\Windows\System32\diagperf.dll - ok
11:56:44.0600 4804  [ BF4AC709BE5BF64F331F5D67773A0C82 ] C:\Windows\System32\perftrack.dll
11:56:44.0600 4804  C:\Windows\System32\perftrack.dll - ok
11:56:44.0600 4804  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
11:56:44.0600 4804  C:\Windows\System32\PortableDeviceApi.dll - ok
11:56:44.0600 4804  [ 619A67C9F617B7E69315BB28ECD5E1DF ] C:\Windows\System32\wbem\WmiPrvSE.exe
11:56:44.0600 4804  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
11:56:44.0600 4804  [ F7073C962C4FB7C415565DDE109DE49F ] C:\Windows\System32\npmproxy.dll
11:56:44.0600 4804  C:\Windows\System32\npmproxy.dll - ok
11:56:44.0600 4804  [ E11AE58B6D040AE7E1E55741CB9C6694 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll
11:56:44.0600 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c25666b99761bc42322bae2e59968df8\WindowsBase.ni.dll - ok
11:56:44.0600 4804  [ 9719E3D834F5C8C43F56A93DFA497023 ] C:\Windows\System32\pnpts.dll
11:56:44.0600 4804  C:\Windows\System32\pnpts.dll - ok
11:56:44.0600 4804  [ E811F8510B133E70CF6E509FB809824F ] C:\Windows\System32\wdiasqmmodule.dll
11:56:44.0600 4804  C:\Windows\System32\wdiasqmmodule.dll - ok
11:56:44.0600 4804  [ E1B22739C933BE33F53DB58C5393ADD3 ] C:\Windows\System32\Apphlpdm.dll
11:56:44.0600 4804  C:\Windows\System32\Apphlpdm.dll - ok
11:56:44.0615 4804  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] C:\Windows\System32\IPSECSVC.DLL
11:56:44.0615 4804  C:\Windows\System32\IPSECSVC.DLL - ok
11:56:44.0615 4804  [ AFA79C343F9D1555F7E5D5FA70BB2A14 ] C:\Windows\System32\PortableDeviceConnectApi.dll
11:56:44.0615 4804  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
11:56:44.0615 4804  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
11:56:44.0615 4804  C:\Windows\System32\runonce.exe - ok
11:56:44.0615 4804  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
11:56:44.0615 4804  C:\Windows\SysWOW64\runonce.exe - ok
11:56:44.0615 4804  [ 6E9E439517D89EDC9A6CB1E94489620A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
11:56:44.0615 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
11:56:44.0615 4804  [ 6607C2182C6A53ED983813AFE2F85768 ] C:\Windows\System32\wbem\cimwin32.dll
11:56:44.0615 4804  C:\Windows\System32\wbem\cimwin32.dll - ok
11:56:44.0615 4804  [ E629F1A051C82795DDFFD3E8D4855811 ] C:\Windows\System32\dimsjob.dll
11:56:44.0615 4804  C:\Windows\System32\dimsjob.dll - ok
11:56:44.0631 4804  [ AAB33D004B74EE052F65A414E7D87F7E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll
11:56:44.0631 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\ef17be93e209cc95b9768c7822530432\PresentationCore.ni.dll - ok
11:56:44.0631 4804  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
11:56:44.0631 4804  C:\Windows\SysWOW64\cmd.exe - ok
11:56:44.0631 4804  [ 1484B9EBF567346582DE571B0E164AE0 ] C:\Windows\System32\framedynos.dll
11:56:44.0631 4804  C:\Windows\System32\framedynos.dll - ok
11:56:44.0631 4804  [ 0A473BEFD39B78EDD82C2BDA84529ADA ] C:\Windows\System32\wbem\Win32_EncryptableVolume.dll
11:56:44.0631 4804  C:\Windows\System32\wbem\Win32_EncryptableVolume.dll - ok
11:56:44.0631 4804  [ C00DB14550E4BD49737F311C644E45FF ] C:\Windows\System32\wmi.dll
11:56:44.0631 4804  C:\Windows\System32\wmi.dll - ok
11:56:44.0631 4804  [ 4B78B431F225FD8624C5655CB1DE7B61 ] C:\Windows\System32\aelupsvc.dll
11:56:44.0631 4804  C:\Windows\System32\aelupsvc.dll - ok
11:56:44.0631 4804  [ 58A0CDABEA255616827B1C22C9994466 ] C:\Windows\System32\NapiNSP.dll
11:56:44.0631 4804  C:\Windows\System32\NapiNSP.dll - ok
11:56:44.0631 4804  [ 9BC93C9ACFA34DB5A41B89357B31E4ED ] C:\Windows\System32\FwRemoteSvr.dll
11:56:44.0631 4804  C:\Windows\System32\FwRemoteSvr.dll - ok
11:56:44.0631 4804  [ 613C8CE10A5FDE582BA5FA64C4D56AAA ] C:\Windows\System32\pnrpnsp.dll
11:56:44.0631 4804  C:\Windows\System32\pnrpnsp.dll - ok
11:56:44.0646 4804  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
11:56:44.0646 4804  C:\Windows\SysWOW64\riched20.dll - ok
11:56:44.0646 4804  [ 2E2072EB48238FCA8FBB7A9F5FABAC45 ] C:\Windows\System32\winrnr.dll
11:56:44.0646 4804  C:\Windows\System32\winrnr.dll - ok
11:56:44.0646 4804  [ 8A8B277067C22F4BF6AA9A31692FC4D3 ] C:\Windows\SysWOW64\cryptnet.dll
11:56:44.0646 4804  C:\Windows\SysWOW64\cryptnet.dll - ok
11:56:44.0646 4804  [ 09A116FB06C5E362EF8938D29CDAB27B ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
11:56:44.0646 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
11:56:44.0646 4804  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
11:56:44.0646 4804  C:\Windows\SysWOW64\winbrand.dll - ok
11:56:44.0646 4804  [ 1F05F5A16881CD928C82D53CEFCF4477 ] C:\Windows\SysWOW64\shdocvw.dll
11:56:44.0646 4804  C:\Windows\SysWOW64\shdocvw.dll - ok
11:56:44.0646 4804  [ 80A9ADB30ABDF99A8B5A6C233DB3F1D8 ] C:\Users\Kelly\AppData\Local\Temp\85C6287E-70B3-4E6F-A648-53B5B05A9F68.exe
11:56:44.0646 4804  C:\Users\Kelly\AppData\Local\Temp\85C6287E-70B3-4E6F-A648-53B5B05A9F68.exe - ok
11:56:44.0646 4804  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
11:56:44.0646 4804  C:\Windows\SysWOW64\winhttp.dll - ok
11:56:44.0662 4804  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
11:56:44.0662 4804  C:\Windows\SysWOW64\webio.dll - ok
11:56:44.0662 4804  [ 81F6C1AE23B1C493D9E996C3103915D7 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
11:56:44.0662 4804  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
11:56:44.0662 4804  [ 21DDC4F742DE59B1BB761C57DD2EECF3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll
11:56:44.0662 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc4a8709f71eba20cc71c7905bba3dee\PresentationFramework.ni.dll - ok
11:56:44.0662 4804  [ 7A6986DD659B96398A11AF5173892715 ] C:\Windows\SysWOW64\cabinet.dll
11:56:44.0662 4804  C:\Windows\SysWOW64\cabinet.dll - ok
11:56:44.0662 4804  [ 8DFB5078508924FA725C203CE179B10C ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
11:56:44.0662 4804  C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
11:56:44.0662 4804  [ E0E5BB58A4C43F7DBB83352785F32DEF ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
11:56:44.0662 4804  C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
11:56:44.0662 4804  [ 5B2E4E90C04FB9AE9F2C5E99FF59B283 ] C:\Windows\SysWOW64\WindowsCodecs.dll
11:56:44.0662 4804  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
11:56:44.0678 4804  [ A0617B5753E31126AD29C03154F4F329 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
11:56:44.0678 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
11:56:44.0678 4804  [ 846D0E4DB261CFAF363902E41498E961 ] C:\Windows\SysWOW64\EhStorShell.dll
11:56:44.0678 4804  C:\Windows\SysWOW64\EhStorShell.dll - ok
11:56:44.0678 4804  [ 9625F047365883513508A3DE36E19321 ] C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
11:56:44.0678 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll - ok
11:56:44.0678 4804  [ 03F3B770DFBED6131653CEDA8CA780F0 ] C:\Windows\SysWOW64\ntshrui.dll
11:56:44.0678 4804  C:\Windows\SysWOW64\ntshrui.dll - ok
11:56:44.0678 4804  [ A3484A0159763330160FD820DE8C4624 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll
11:56:44.0678 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\32066405eb9ab14056b2af3115d2a6de\System.Xml.ni.dll - ok
11:56:44.0678 4804  [ 8B74CEC6980D4816B0037AE9A27E538F ] C:\Windows\SysWOW64\slc.dll
11:56:44.0678 4804  C:\Windows\SysWOW64\slc.dll - ok
11:56:44.0678 4804  [ 827CB0D6C3F8057EA037FF271F8E9795 ] C:\Windows\SysWOW64\imageres.dll
11:56:44.0678 4804  C:\Windows\SysWOW64\imageres.dll - ok
11:56:44.0678 4804  [ 05A321CF65AB46D8E29E717D13662519 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll
11:56:44.0678 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\9e24b9ffd816c0c90efc4d3fc9fd745f\System.Configuration.ni.dll - ok
11:56:44.0693 4804  [ 3D7D2E825C63FF501E896CF008C70D75 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
11:56:44.0693 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
11:56:44.0693 4804  [ C1B5307377C98F87E0152C44E9FF8DEE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
11:56:44.0693 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
11:56:44.0693 4804  [ 24FCC3CDAE327F632CB8696E1E40F772 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
11:56:44.0693 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
11:56:44.0693 4804  [ E955300DF949977878C705EC8681009A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
11:56:44.0693 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
11:56:44.0693 4804  [ ED797D8DC2C92401985D162E42FFA450 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
11:56:44.0693 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
11:56:44.0693 4804  [ 63B3A70901366314E02D9741D12FE7FB ] C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll
11:56:44.0693 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\DsProtectionIndex.dll - ok
11:56:44.0693 4804  [ B56D42EF64BA489C1E4A0C55E4C980C9 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f00a8436d10d44f1829dea5f618b7f69\System.ServiceModel.ni.dll
11:56:44.0693 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\f00a8436d10d44f1829dea5f618b7f69\System.ServiceModel.ni.dll - ok
11:56:44.0709 4804  [ C24E86FD9E29EF61074AF3AC59B60FAE ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\c476801f82f0b0cff48afcafce7e919d\System.Runtime.Serialization.ni.dll - ok
11:56:44.0709 4804  [ DA7561B4DA9194E584FDF1CBDA1E3664 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\d84a4af2acd0a1489fb81d169a2ea00a\SMDiagnostics.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\d84a4af2acd0a1489fb81d169a2ea00a\SMDiagnostics.ni.dll - ok
11:56:44.0709 4804  [ CBF785DC658EA55E9F1F5CD0E1EF3CF7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\2c5c86bb5156ff508ca8045aff50a482\System.Core.ni.dll - ok
11:56:44.0709 4804  [ 012CFB87BAFA5488DFDEF1131FEDB520 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\83083fc40714f1ff675eb7b34387ed4f\System.Xml.Linq.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\83083fc40714f1ff675eb7b34387ed4f\System.Xml.Linq.ni.dll - ok
11:56:44.0709 4804  [ 8637EE0160F32CC321A571F9D10E5E24 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\dcc781ebbddf98a9cf6dd4f3b17f1063\System.Web.ni.dll - ok
11:56:44.0709 4804  [ 51DA12DCF8A18DACE30A42A9F4F886F1 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d8680f346175e7024d71b868404743f7\System.WorkflowServices.ni.dll
11:56:44.0709 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\d8680f346175e7024d71b868404743f7\System.WorkflowServices.ni.dll - ok
11:56:44.0724 4804  [ C357BB8ED78B11104D30A52E432AAF39 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6e4f4fc116fe8faea929e840d74f8011\System.ServiceModel.Web.ni.dll
11:56:44.0724 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\6e4f4fc116fe8faea929e840d74f8011\System.ServiceModel.Web.ni.dll - ok
11:56:44.0724 4804  [ 90245986C3630AF5898D0374B0276189 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\73475dd36b973802393888b87a0126e7\System.IdentityModel.ni.dll
11:56:44.0724 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\73475dd36b973802393888b87a0126e7\System.IdentityModel.ni.dll - ok
11:56:44.0724 4804  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
11:56:44.0724 4804  C:\Windows\SysWOW64\rasapi32.dll - ok
11:56:44.0724 4804  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
11:56:44.0724 4804  C:\Windows\SysWOW64\rasman.dll - ok
11:56:44.0724 4804  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
11:56:44.0724 4804  C:\Windows\SysWOW64\rtutils.dll - ok
11:56:44.0724 4804  [ 7B46A076184B73AEDC1A66A71D9131E8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
11:56:44.0724 4804  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
11:56:44.0724 4804  [ 4C90F8648B1D83651BF1430C199D95DA ] C:\Windows\SysWOW64\igdumd32.dll
11:56:44.0724 4804  C:\Windows\SysWOW64\igdumd32.dll - ok
11:56:44.0724 4804  [ A9B36CAB809EF486D456FA1A3B204152 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll
11:56:44.0724 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\bfa7a95284aec941f4b03bae0debe07c\System.Drawing.ni.dll - ok
11:56:44.0740 4804  [ 42251362E097134CCA9FC60A1B932EF8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll
11:56:44.0740 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\178644ab40108f3becd8b91049a254c3\System.Windows.Forms.ni.dll - ok
11:56:44.0740 4804  [ 93404139C96D29853338CA68F26513CA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll
11:56:44.0740 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a2920ed81e097f8551231a9350697bbd\PresentationFramework.Aero.ni.dll - ok
11:56:44.0740 4804  [ 04DD04F1C6DE2777DB89B774F22A019C ] C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll
11:56:44.0740 4804  C:\Program Files (x86)\Dell DataSafe Local Backup\STUICore.dll - ok
11:56:44.0740 4804  [ EF4248D28C2940AE6D46470AC2479A4F ] C:\Windows\System32\msisip.dll
11:56:44.0740 4804  C:\Windows\System32\msisip.dll - ok
11:56:44.0740 4804  [ 6E74D0AE00231D87CD213CD7BDC27E37 ] C:\Windows\System32\wshext.dll
11:56:44.0740 4804  C:\Windows\System32\wshext.dll - ok
11:56:44.0740 4804  [ 1908FFADF1D45F0EEB0FFA541B677AEB ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
11:56:44.0740 4804  C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
11:56:44.0740 4804  [ 8B44697FE98909DE503F66A3B00C82FA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
11:56:44.0740 4804  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
11:56:44.0756 4804  [ B2DFFEA8FB6B8DA0501F53C9F2112612 ] C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\offreg.dll
11:56:44.0756 4804  C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{36D2CBDF-2005-42F6-BCD6-6F78593EF824}\offreg.dll - ok
11:56:44.0756 4804  [ E03082BF43266EAC72E2CD3BC1283F24 ] C:\Program Files\Microsoft Security Client\MpCommu.dll
11:56:44.0756 4804  C:\Program Files\Microsoft Security Client\MpCommu.dll - ok
11:56:44.0756 4804  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
11:56:44.0756 4804  C:\Windows\System32\timedate.cpl - ok
11:56:44.0756 4804  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
11:56:44.0756 4804  C:\Windows\System32\actxprxy.dll - ok
11:56:44.0756 4804  [ 22A0AE97360C1B146FDD9AA55AC0E989 ] C:\Windows\System32\shdocvw.dll
11:56:44.0756 4804  C:\Windows\System32\shdocvw.dll - ok
11:56:44.0756 4804  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
11:56:44.0756 4804  C:\Windows\System32\linkinfo.dll - ok
11:56:44.0756 4804  [ FA752544EE1EE59E8AD938CBB43CAC93 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
11:56:44.0756 4804  C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
11:56:44.0756 4804  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
11:56:44.0756 4804  C:\Windows\System32\msftedit.dll - ok
11:56:44.0771 4804  [ 112183DF91C9BAECB498E4A86ECDE598 ] C:\Windows\System32\msls31.dll
11:56:44.0771 4804  C:\Windows\System32\msls31.dll - ok
11:56:44.0771 4804  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
11:56:44.0771 4804  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
11:56:44.0771 4804  [ 2BCBA6052374959A30BD7948444DBB79 ] C:\Windows\System32\gameux.dll
11:56:44.0771 4804  C:\Windows\System32\gameux.dll - ok
11:56:44.0771 4804  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
11:56:44.0771 4804  C:\Windows\System32\msiltcfg.dll - ok
11:56:44.0771 4804  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
11:56:44.0771 4804  C:\Windows\System32\msi.dll - ok
11:56:44.0771 4804  [ 8CB8E0C93C5459B45BE1FA628FB0D761 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:56:44.0771 4804  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
11:56:44.0771 4804  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
11:56:44.0771 4804  C:\Windows\System32\DeviceCenter.dll - ok
11:56:44.0771 4804  [ ABAEEE966953092F013902849495E588 ] C:\Windows\System32\igfxtray.exe
11:56:44.0771 4804  C:\Windows\System32\igfxtray.exe - ok
11:56:44.0787 4804  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
11:56:44.0787 4804  C:\Windows\System32\networkexplorer.dll - ok
11:56:44.0787 4804  [ C4D30FAB57F1D68DE13DA93FDB5CA719 ] C:\Windows\System32\hccutils.dll
11:56:44.0787 4804  C:\Windows\System32\hccutils.dll - ok
11:56:44.0787 4804  [ 47CBC23DBA11B96DEB11288549FBA66F ] C:\Windows\System32\igfxsrvc.exe
11:56:44.0787 4804  C:\Windows\System32\igfxsrvc.exe - ok
11:56:44.0787 4804  [ 96155A8E11B042FF2CA75B67C3B561FD ] C:\Windows\System32\igfxsrvc.dll
11:56:44.0787 4804  C:\Windows\System32\igfxsrvc.dll - ok
11:56:44.0787 4804  [ 6200A37004340CBC2BA7BD585285513D ] C:\Windows\System32\hkcmd.exe
11:56:44.0787 4804  C:\Windows\System32\hkcmd.exe - ok
11:56:44.0787 4804  [ 9B0F7C94A71E4C781900B6C8F923682F ] C:\Windows\System32\igfxdev.dll
11:56:44.0787 4804  C:\Windows\System32\igfxdev.dll - ok
11:56:44.0787 4804  [ A5CB3D0F6A96136D2C96EB62A9BE47B1 ] C:\Windows\System32\igfxrenu.lrc
11:56:44.0787 4804  C:\Windows\System32\igfxrenu.lrc - ok
11:56:44.0787 4804  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
11:56:44.0787 4804  C:\Windows\System32\thumbcache.dll - ok
11:56:44.0802 4804  [ 3911917B93DD9023DAA8258147AA7BCF ] C:\Program Files\Microsoft Security Client\msseces.exe
11:56:44.0802 4804  C:\Program Files\Microsoft Security Client\msseces.exe - ok
11:56:44.0802 4804  [ C0798E90F54A10E37001CE26E51D3793 ] C:\Windows\System32\igfxpers.exe
11:56:44.0802 4804  C:\Windows\System32\igfxpers.exe - ok
11:56:44.0802 4804  [ 760DF1D09A91781F25F178595E4FDC47 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
11:56:44.0802 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe - ok
11:56:44.0802 4804  [ A58C7DF1C006A0A06B141087D8FD6292 ] C:\Windows\System32\igfxress.dll
11:56:44.0802 4804  C:\Windows\System32\igfxress.dll - ok
11:56:44.0802 4804  [ 070753E47E04181DD440EA2FEFE3115C ] C:\Program Files (x86)\Skype\Phone\Skype.exe
11:56:44.0802 4804  C:\Program Files (x86)\Skype\Phone\Skype.exe - ok
11:56:44.0802 4804  [ D37DC32D8D611BD154BC8FBA45D0A4FC ] C:\UPS\WSTD\WSTDMessaging.exe
11:56:44.0802 4804  C:\UPS\WSTD\WSTDMessaging.exe - ok
11:56:44.0802 4804  [ DA6A88689ECD2FC97983557D7C0BE100 ] C:\UPS\WSTD\wstdPldReminder.exe
11:56:44.0802 4804  C:\UPS\WSTD\wstdPldReminder.exe - ok
11:56:44.0802 4804  [ 105CFE016CCB20175BEACEC146F175AB ] C:\Windows\System32\IccLibDll_x64.dll
11:56:44.0802 4804  C:\Windows\System32\IccLibDll_x64.dll - ok
11:56:44.0818 4804  [ DC73E11DC27E7D9AEF884EBE816C4240 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
11:56:44.0818 4804  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
11:56:44.0818 4804  [ EBE1962DC5EEFC13D20543013A891ABC ] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
11:56:44.0818 4804  C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe - ok
11:56:44.0818 4804  [ E97140424C378ACBD47DF493A6AB7235 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
11:56:44.0818 4804  C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
11:56:44.0818 4804  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
11:56:44.0818 4804  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
11:56:44.0818 4804  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
11:56:44.0818 4804  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
11:56:44.0818 4804  [ 7AFA393DD161F37D678EC1677ECB32B0 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
11:56:44.0818 4804  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
11:56:44.0818 4804  [ A905E156A7D52B55892C3255670FE97B ] C:\Program Files\Microsoft Security Client\MsMpRes.dll
11:56:44.0818 4804  C:\Program Files\Microsoft Security Client\MsMpRes.dll - ok
11:56:44.0818 4804  [ 08BF49EFC9C64CCCF3AAFCFDB33BFC9C ] C:\UPS\WSTD\wstdDB.dll
11:56:44.0818 4804  C:\UPS\WSTD\wstdDB.dll - ok
11:56:44.0834 4804  [ A7749965A3923D024922A86BAAECAFF4 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
11:56:44.0834 4804  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe - ok
11:56:44.0834 4804  [ 4164A47F3A2DA7EA44572904C3DF44A4 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
11:56:44.0834 4804  C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe - ok
11:56:44.0834 4804  [ 0CFB90C28768E26498834D780FBBD754 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll
11:56:44.0834 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AXE8SharedExpat.dll - ok
11:56:44.0834 4804  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
11:56:44.0834 4804  C:\Windows\SysWOW64\msi.dll - ok
11:56:44.0834 4804  [ 759D71FC9442AB5A9B5749C0F6C0C263 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll
11:56:44.0834 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIB.dll - ok
11:56:44.0834 4804  [ 191EBD9CF58126D195817C3BEBCD20F6 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
11:56:44.0834 4804  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
11:56:44.0834 4804  [ FC3D4A55C23B2350BEE07CF5177BBC06 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll
11:56:44.0834 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\sqlite.dll - ok
11:56:44.0849 4804  [ 8038B5B580059E8BC9CB83D2841045E8 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\11c176470524e1843fbbcc571cd0aa88\IAStorUtil.ni.dll
11:56:44.0849 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\11c176470524e1843fbbcc571cd0aa88\IAStorUtil.ni.dll - ok
11:56:44.0849 4804  [ B06B80A4C0324ACF89E73E9BEE2AD64D ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe
11:56:44.0849 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrobat_sl.exe - ok
11:56:44.0849 4804  [ 57AF9F47253E53E94D22C790FA5D6024 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
11:56:44.0849 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe - ok
11:56:44.0849 4804  [ 5945DB41B87D0672713544BE2CDFD205 ] C:\UPS\WSTD\UPSNA1Msgr.exe
11:56:44.0849 4804  C:\UPS\WSTD\UPSNA1Msgr.exe - ok
11:56:44.0849 4804  [ D63797E8E7781EE1500A810CB6194FA6 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:56:44.0849 4804  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
11:56:44.0849 4804  [ 93812FDC01AA864195816CD814445F95 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
11:56:44.0849 4804  C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
11:56:44.0849 4804  [ 19ADEF26D3D4EFDD2E5E2759A43EC5EE ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
11:56:44.0849 4804  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
11:56:44.0865 4804  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Windows\SysWOW64\msvcp71.dll
11:56:44.0865 4804  C:\Windows\SysWOW64\msvcp71.dll - ok
11:56:44.0865 4804  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Windows\SysWOW64\msvcr71.dll
11:56:44.0865 4804  C:\Windows\SysWOW64\msvcr71.dll - ok
11:56:44.0865 4804  [ B44C5909CDA640DF61B07856470A2D28 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll
11:56:44.0865 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Esl\Aiod.dll - ok
11:56:44.0865 4804  [ 2E2C533592AC3C543DEFFE29770BCA8C ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe
11:56:44.0865 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodist.exe - ok
11:56:44.0865 4804  [ A916790060389ABE8CB043A7248DAEBF ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
11:56:44.0865 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe - ok
11:56:44.0865 4804  [ B9E362680ADB83F0E0134F4567DBF656 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll
11:56:44.0865 4804  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\LayoutDLL12OEM.dll - ok
11:56:44.0865 4804  [ 487F44B08EFEAF5AD087878357B9403D ] C:\Windows\SysWOW64\pdh.dll
11:56:44.0865 4804  C:\Windows\SysWOW64\pdh.dll - ok
11:56:44.0865 4804  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
11:56:44.0865 4804  C:\Windows\SysWOW64\powrprof.dll - ok
11:56:44.0880 4804  [ A51A7D0C82C93827532DF3B8FE7804EA ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll
11:56:44.0880 4804  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\CPSCommonTools12OEM.dll - ok
11:56:44.0880 4804  [ 85683DF1F917E4D7F6BE1A04986BF1C8 ] C:\Windows\SysWOW64\msacm32.dll
11:56:44.0880 4804  C:\Windows\SysWOW64\msacm32.dll - ok
11:56:44.0880 4804  [ 3B1247FC09F82A1ECD1294EA13C79C3E ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll
11:56:44.0880 4804  C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\DLLShared\roxippEMC12.dll - ok
11:56:44.0880 4804  [ 703FFD301AB900B047337C5D40FD6F96 ] C:\Windows\SysWOW64\olepro32.dll
11:56:44.0880 4804  C:\Windows\SysWOW64\olepro32.dll - ok
11:56:44.0880 4804  [ A6E69E7ABAF9815390C4E3F45836CE5B ] C:\Program Files\Internet Explorer\sqmapi.dll
11:56:44.0880 4804  C:\Program Files\Internet Explorer\sqmapi.dll - ok
11:56:44.0880 4804  [ D9C5A74A4F609BE65DB0403425F54821 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll
11:56:44.0880 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\c8ea295fd4dce110b32c3c4f0e3807b2\System.Runtime.Remoting.ni.dll - ok
11:56:44.0880 4804  [ 139D3AB6AA920C34C50CBFFB9EB7D222 ] C:\Windows\SysWOW64\avrt.dll
11:56:44.0880 4804  C:\Windows\SysWOW64\avrt.dll - ok
11:56:44.0896 4804  [ B010CF886420EE29C2C276646721D255 ] C:\Windows\SysWOW64\wlanapi.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\wlanapi.dll - ok
11:56:44.0896 4804  [ 1D6A771D1D702AE07919DB52C889A249 ] C:\Windows\SysWOW64\wlanutil.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\wlanutil.dll - ok
11:56:44.0896 4804  [ 28CA821606669BB9215CE010767720FA ] C:\Windows\SysWOW64\cryptui.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\cryptui.dll - ok
11:56:44.0896 4804  [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6 ] C:\Windows\SysWOW64\mapi32.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\mapi32.dll - ok
11:56:44.0896 4804  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\sxs.dll - ok
11:56:44.0896 4804  [ E24FE90E9DE8D8AE70E59F7B01675DEF ] C:\Windows\SysWOW64\avicap32.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\avicap32.dll - ok
11:56:44.0896 4804  [ 5BB8C06EB5EA4BA22EE8A678F2D79B25 ] C:\Windows\SysWOW64\devenum.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\devenum.dll - ok
11:56:44.0896 4804  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
11:56:44.0896 4804  C:\Windows\SysWOW64\msdmo.dll - ok
11:56:44.0912 4804  [ C335EC1182AC10B188705554E0BC1186 ] C:\Windows\SysWOW64\msvfw32.dll
11:56:44.0912 4804  C:\Windows\SysWOW64\msvfw32.dll - ok
11:56:44.0912 4804  [ 24498D084FAA7A459C91066EC241E1CE ] C:\Windows\SysWOW64\vfwwdm32.dll
11:56:44.0912 4804  C:\Windows\SysWOW64\vfwwdm32.dll - ok
11:56:44.0912 4804  [ AF31E7D2C385F647ADFD5F5736B3BA64 ] C:\Windows\SysWOW64\mshtml.dll
11:56:44.0912 4804  C:\Windows\SysWOW64\mshtml.dll - ok
11:56:44.0912 4804  [ CF8D43B5CE132414CC0667E9C5EB5574 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll
11:56:44.0912 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig12OEM.dll - ok
11:56:44.0912 4804  [ 837115C004022C7C9317848645D714FD ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll
11:56:44.0912 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
11:56:44.0912 4804  [ B524DBF0EE9149C431CF23B896230D04 ] C:\UPS\WSTD\wstdCommon.dll
11:56:44.0912 4804  C:\UPS\WSTD\wstdCommon.dll - ok
11:56:44.0912 4804  [ 6046C98205A35C2CEC330B15F88D4443 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll
11:56:44.0912 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll - ok
11:56:44.0912 4804  [ 1220595CABA75AB91A6B3FA3B89483CC ] C:\Windows\SysWOW64\snmpapi.dll
11:56:44.0912 4804  C:\Windows\SysWOW64\snmpapi.dll - ok
11:56:44.0927 4804  [ 5E4EE99635EF96B40FC52B893A876F50 ] C:\UPS\WSTD\UPSResourceManager.dll
11:56:44.0927 4804  C:\UPS\WSTD\UPSResourceManager.dll - ok
11:56:44.0927 4804  [ 5963633010616B25503EE126F55E8DE4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll
11:56:44.0927 4804  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90.dll - ok
11:56:44.0927 4804  [ 53E81C75B3C260C8FE9FD9ED4D8DB8F0 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\AS_Storage_w32.dll
11:56:44.0927 4804  C:\Program Files (x86)\Roxio\OEM\Roxio Burn\AS_Storage_w32.dll - ok
11:56:44.0927 4804  [ 5BD85ABB12E057257D9D93C0838ABC0B ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll
11:56:44.0927 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
11:56:44.0927 4804  [ 9251961FA9E1838DB44E7B5160DF14D1 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.NA1MessengerServer.dll
11:56:44.0927 4804  C:\UPS\WSTD\POLICYMGR\UPS.Components.NA1MessengerServer.dll - ok
11:56:44.0927 4804  [ 916B2844749395DDCBA56029A72524F8 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.LANPolicyManager.dll
11:56:44.0927 4804  C:\UPS\WSTD\POLICYMGR\UPS.Components.LANPolicyManager.dll - ok
11:56:44.0927 4804  [ 12C3E07ADC706392618687659598E629 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyActions.dll
11:56:44.0927 4804  C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyActions.dll - ok
11:56:44.0943 4804  [ 9110FFAD124283F37D38771BB60556AF ] C:\Windows\System32\dsound.dll
11:56:44.0943 4804  C:\Windows\System32\dsound.dll - ok
11:56:44.0943 4804  [ 99FFE7C551CD6CF23F3881CEEC94A950 ] C:\UPS\WSTD\UPS.Interop.ManagedProxies.dll
11:56:44.0943 4804  C:\UPS\WSTD\UPS.Interop.ManagedProxies.dll - ok
11:56:44.0943 4804  [ 72E6BB97A33137004FAC46CA43938F6C ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll
11:56:44.0943 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient12OEM.dll - ok
11:56:44.0943 4804  [ 585FED4CDB8034B8B58AEB8008255817 ] C:\Windows\System32\opengl32.dll
11:56:44.0943 4804  C:\Windows\System32\opengl32.dll - ok
11:56:44.0943 4804  [ 132AB9DB9A673FC20EE2D786E8CEC447 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll
11:56:44.0943 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager12OEM.dll - ok
11:56:44.0943 4804  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
11:56:44.0943 4804  C:\Windows\SysWOW64\wsock32.dll - ok
11:56:44.0943 4804  [ 012787CEB35505EB78DF82E0A0072888 ] C:\Windows\System32\browcli.dll
11:56:44.0943 4804  C:\Windows\System32\browcli.dll - ok
11:56:44.0943 4804  [ C4BFE4B61086416B0529212F92BCE081 ] C:\Windows\System32\schedcli.dll
11:56:44.0943 4804  C:\Windows\System32\schedcli.dll - ok
11:56:44.0958 4804  [ 807B6562009E5858C93E1C0F435C0382 ] C:\Windows\SysWOW64\netbios.dll
11:56:44.0958 4804  C:\Windows\SysWOW64\netbios.dll - ok
11:56:44.0958 4804  [ F2967C0A97C0EA67D79D7F557213950D ] C:\Windows\System32\glu32.dll
11:56:44.0958 4804  C:\Windows\System32\glu32.dll - ok
11:56:44.0958 4804  [ 247EEA09AFCFB445FA9526FE1643FCDB ] C:\UPS\WSTD\wstdSubtle.dll
11:56:44.0958 4804  C:\UPS\WSTD\wstdSubtle.dll - ok
11:56:44.0958 4804  [ D34A527493F39AF4491B3E909DC697CA ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
11:56:44.0958 4804  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll - ok
11:56:44.0958 4804  [ 7D34AF98A706230CC2DEDFE0CABF87AB ] C:\Windows\SysWOW64\odbc32.dll
11:56:44.0958 4804  C:\Windows\SysWOW64\odbc32.dll - ok
11:56:44.0958 4804  [ 8AA56D5E2355CF585D346FA14B18D013 ] C:\UPS\WSTD\AnsiCharacterConvertor.dll
11:56:44.0958 4804  C:\UPS\WSTD\AnsiCharacterConvertor.dll - ok
11:56:44.0958 4804  [ A6C09924C6730DE8DEED9890A12AA691 ] C:\Windows\System32\ddraw.dll
11:56:44.0958 4804  C:\Windows\System32\ddraw.dll - ok
11:56:44.0958 4804  [ 29C22748937F45C26590909E9F8E7137 ] C:\Windows\System32\dciman32.dll
11:56:44.0958 4804  C:\Windows\System32\dciman32.dll - ok
11:56:44.0974 4804  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
11:56:44.0974 4804  C:\Windows\System32\msimg32.dll - ok
11:56:44.0974 4804  [ 263E9A047D17CD50BAA9D3C02910D18D ] C:\Windows\System32\oledlg.dll
11:56:44.0974 4804  C:\Windows\System32\oledlg.dll - ok
11:56:44.0974 4804  [ 110F647566806095CAE06344F3A007F3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll
11:56:44.0974 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrodistdll.dll - ok
11:56:44.0974 4804  [ 97EA663282E10C6306769FEAD4E76867 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll
11:56:44.0974 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ahclient.dll - ok
11:56:44.0974 4804  [ 06CABCD25920159660B4F73B8BE85D5A ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll
11:56:44.0974 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeXMP.dll - ok
11:56:44.0974 4804  [ 819EB5ABEAE5B1728EDFF0AC8B696769 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll
11:56:44.0974 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ACE.dll - ok
11:56:44.0974 4804  [ 8CCCC9A53B6C8B781FBAFB17B6207125 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll
11:56:44.0974 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobePDFL.dll - ok
11:56:44.0990 4804  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
11:56:44.0990 4804  C:\Windows\System32\stobject.dll - ok
11:56:44.0990 4804  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
11:56:44.0990 4804  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
11:56:44.0990 4804  [ 1BC8A289BFDE02DF0DA6C06689FA89C3 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig13.dll
11:56:44.0990 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\homepermitsconfig13.dll - ok
11:56:44.0990 4804  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
11:56:44.0990 4804  C:\Windows\System32\batmeter.dll - ok
11:56:44.0990 4804  [ 1EA7969E3271CBC59E1730697DC74682 ] C:\Windows\System32\qmgr.dll
11:56:44.0990 4804  C:\Windows\System32\qmgr.dll - ok
11:56:44.0990 4804  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
11:56:44.0990 4804  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
11:56:44.0990 4804  [ ABA457BFC7EC0B5E130B2F1E0F549DFF ] C:\Windows\SysWOW64\odbcint.dll
11:56:44.0990 4804  C:\Windows\SysWOW64\odbcint.dll - ok
11:56:44.0990 4804  [ E325D1DB76B13B33692D6318F67DC4EC ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient13.dll
11:56:44.0990 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicHTTPClient13.dll - ok
11:56:45.0005 4804  [ D9431DCF90B0253773F51FDEFE7FD42F ] C:\Windows\System32\bitsigd.dll
11:56:45.0005 4804  C:\Windows\System32\bitsigd.dll - ok
11:56:45.0005 4804  [ 29409ED7400CA5BCCC30C0EE5147A60D ] C:\Windows\System32\bitsperf.dll
11:56:45.0005 4804  C:\Windows\System32\bitsperf.dll - ok
11:56:45.0005 4804  [ 96DB78C9C50CEED9DA5050EFFEE272A2 ] C:\Windows\System32\upnp.dll
11:56:45.0005 4804  C:\Windows\System32\upnp.dll - ok
11:56:45.0005 4804  [ 1AD33A0319062260064E1A36F8327922 ] C:\Windows\System32\RtkCfg64.dll
11:56:45.0005 4804  C:\Windows\System32\RtkCfg64.dll - ok
11:56:45.0005 4804  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] C:\Windows\System32\ssdpsrv.dll
11:56:45.0005 4804  C:\Windows\System32\ssdpsrv.dll - ok
11:56:45.0005 4804  [ DEC1426BF15A07E4B26DC7F479EDAA60 ] C:\Program Files (x86)\Common Files\System\ado\msado15.dll
11:56:45.0005 4804  C:\Program Files (x86)\Common Files\System\ado\msado15.dll - ok
11:56:45.0005 4804  [ 9E91320932A08A7541F74295C0BAFED7 ] C:\UPS\WSTD\DBSUPP~1.OCX
11:56:45.0005 4804  C:\UPS\WSTD\DBSUPP~1.OCX - ok
11:56:45.0005 4804  [ 853E3E03808802D0DF7DCF844CD225A2 ] C:\UPS\WSTD\UPS.InteropFramework.Core.dll
11:56:45.0005 4804  C:\UPS\WSTD\UPS.InteropFramework.Core.dll - ok
11:56:45.0021 4804  [ 3ABDC4CCB3111BDC44591D40137A57E0 ] C:\UPS\WSTD\InteropFrameworkCore.dll
11:56:45.0021 4804  C:\UPS\WSTD\InteropFrameworkCore.dll - ok
11:56:45.0021 4804  [ BAB7CCA03C1F716B70EF61E3336B10AC ] C:\UPS\WSTD\UPS.InteropFramework.Util.dll
11:56:45.0021 4804  C:\UPS\WSTD\UPS.InteropFramework.Util.dll - ok
11:56:45.0021 4804  [ 9C6AFC5CCDED744FD887517F3EEBD0C8 ] C:\UPS\WSTD\Interop.DBSUPPORTENGINELib.dll
11:56:45.0021 4804  C:\UPS\WSTD\Interop.DBSUPPORTENGINELib.dll - ok
11:56:45.0021 4804  [ 990051955A7385D6B34F6011F84F1436 ] C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyHolder.dll
11:56:45.0021 4804  C:\UPS\WSTD\POLICYMGR\UPS.Components.PolicyHolder.dll - ok
11:56:45.0021 4804  [ 8F17CA7CD61AF4602FC88647BAEA9F54 ] C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager13.dll
11:56:45.0021 4804  C:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SonicLicenseManager13.dll - ok
11:56:45.0021 4804  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
11:56:45.0021 4804  C:\Windows\SysWOW64\duser.dll - ok
11:56:45.0021 4804  [ A99C4D1B5E7E794EC5779CF14F431932 ] C:\Windows\SysWOW64\msdart.dll
11:56:45.0021 4804  C:\Windows\SysWOW64\msdart.dll - ok
11:56:45.0021 4804  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
11:56:45.0021 4804  C:\Windows\SysWOW64\dui70.dll - ok
11:56:45.0036 4804  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
11:56:45.0036 4804  C:\Windows\System32\prnfldr.dll - ok
11:56:45.0036 4804  [ 8DF354F0F7193C097620B04DE2D03093 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll
11:56:45.0036 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\JP2KLib.dll - ok
11:56:45.0036 4804  [ 4C218B64C6ECB344240F16776012D200 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f95e6b6a92e3e28a3b553fe2998dd308\System.Data.ni.dll
11:56:45.0036 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f95e6b6a92e3e28a3b553fe2998dd308\System.Data.ni.dll - ok
11:56:45.0036 4804  [ B05953F956EB87A02E62096EAAFA9C5F ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll
11:56:45.0036 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\BIBUtils.dll - ok
11:56:45.0036 4804  [ 04CB7C8FDC6D9640DD82A527208F72C4 ] C:\Windows\System32\UIAnimation.dll
11:56:45.0036 4804  C:\Windows\System32\UIAnimation.dll - ok
11:56:45.0036 4804  [ 30F03C23C5EBD9589C74D3775892C572 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll
11:56:45.0036 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AGM.dll - ok
11:56:45.0036 4804  [ 35CAB7CF3754C41AEB69DCE1D5ACA5A4 ] C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
11:56:45.0036 4804  C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll - ok
11:56:45.0052 4804  [ 5987EA8A82C53359BCD2C29D6588583E ] C:\Windows\SysWOW64\linkinfo.dll
11:56:45.0052 4804  C:\Windows\SysWOW64\linkinfo.dll - ok
11:56:45.0052 4804  [ B92E9318F7E4AEF633B8EC3A873565AF ] C:\Windows\SysWOW64\perfdisk.dll
11:56:45.0052 4804  C:\Windows\SysWOW64\perfdisk.dll - ok
11:56:45.0052 4804  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF ] C:\Windows\SysWOW64\perfos.dll
11:56:45.0052 4804  C:\Windows\SysWOW64\perfos.dll - ok
11:56:45.0052 4804  [ 752F8E96BAB993517838315508FB82CB ] C:\Windows\SysWOW64\perfproc.dll
11:56:45.0052 4804  C:\Windows\SysWOW64\perfproc.dll - ok
11:56:45.0052 4804  [ AC5DF873913B00E554D8F553459BC431 ] C:\Windows\System32\qmgrprxy.dll
11:56:45.0052 4804  C:\Windows\System32\qmgrprxy.dll - ok
11:56:45.0052 4804  [ 85B45B4B285B159ACDB355FC8C1E8925 ] C:\Windows\SysWOW64\qmgrprxy.dll
11:56:45.0052 4804  C:\Windows\SysWOW64\qmgrprxy.dll - ok
11:56:45.0052 4804  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
11:56:45.0052 4804  C:\Windows\System32\DXP.dll - ok
11:56:45.0052 4804  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
11:56:45.0052 4804  C:\Windows\System32\Syncreg.dll - ok
11:56:45.0068 4804  [ 0E417DA494B3230C7BC48D1CA5A4E706 ] C:\UPS\WSTD\POLICYMGR\Microsoft.ApplicationBlocks.Data.dll
11:56:45.0068 4804  C:\UPS\WSTD\POLICYMGR\Microsoft.ApplicationBlocks.Data.dll - ok
11:56:45.0068 4804  [ 6B3E06734C8B6C267DE7C55E177304A0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\dca6df8260d6c4c0bd66cb3be72eb73a\System.Transactions.ni.dll
11:56:45.0068 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\dca6df8260d6c4c0bd66cb3be72eb73a\System.Transactions.ni.dll - ok
11:56:45.0068 4804  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
11:56:45.0068 4804  C:\Windows\ehome\ehSSO.dll - ok
11:56:45.0068 4804  [ 5F3F1BF5F5B43293953FC915845910C4 ] C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
11:56:45.0068 4804  C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
11:56:45.0068 4804  [ C52E64AE4C813BED4E0E246A19E3910A ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59a12d8db2a29bbe4e597124682cc4f7\System.EnterpriseServices.ni.dll
11:56:45.0068 4804  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\59a12d8db2a29bbe4e597124682cc4f7\System.EnterpriseServices.ni.dll - ok
11:56:45.0068 4804  [ C30A3E5DEEEBA22E782AC54C5AF5F352 ] C:\Windows\SysWOW64\samlib.dll
11:56:45.0068 4804  C:\Windows\SysWOW64\samlib.dll - ok
11:56:45.0068 4804  [ CB7328C2A009C922C4D7A8367A6728C0 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll
11:56:45.0068 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\CoolType.dll - ok
11:56:45.0083 4804  [ 79BFC537A2D5005EDE7CBDE543B2C114 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll
11:56:45.0083 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ARE.dll - ok
11:56:45.0083 4804  [ 97D8AFF9E90DC489A86CBDDDEEEF13A9 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll
11:56:45.0083 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Adist.dll - ok
11:56:45.0083 4804  [ E699D325EFC2C4A760AA8D0EF95EFDD3 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll
11:56:45.0083 4804  C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\adistres.dll - ok
11:56:45.0083 4804  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
11:56:45.0083 4804  C:\Windows\System32\AltTab.dll - ok
11:56:45.0083 4804  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
11:56:45.0083 4804  C:\Windows\SysWOW64\mscms.dll - ok
11:56:45.0083 4804  [ EAADD6E47ED2A7003ACE1793B98CF63F ] C:\Windows\SysWOW64\msxml6.dll
11:56:45.0083 4804  C:\Windows\SysWOW64\msxml6.dll - ok
11:56:45.0083 4804  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
11:56:45.0083 4804  C:\Windows\System32\WPDShServiceObj.dll - ok
11:56:45.0083 4804  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
11:56:45.0083 4804  C:\Windows\System32\PortableDeviceTypes.dll - ok
11:56:45.0099 4804  [ E0B340996A41C9A75DFA3B99BBA9C500 ] C:\Windows\System32\SearchIndexer.exe
11:56:45.0099 4804  C:\Windows\System32\SearchIndexer.exe - ok
11:56:45.0099 4804  [ CC5BF60E9D3F181C0B62AC91AD8634B8 ] C:\Windows\SysWOW64\qcap.dll
11:56:45.0099 4804  C:\Windows\SysWOW64\qcap.dll - ok
11:56:45.0099 4804  [ 0AE0C4955E1DE29CCDC9DA1B816FE5EE ] C:\Windows\SysWOW64\quartz.dll
11:56:45.0099 4804  C:\Windows\SysWOW64\quartz.dll - ok
11:56:45.0099 4804  [ 589DF683A6C81424A6CECE52ABF98A50 ] C:\Windows\System32\tquery.dll
11:56:45.0099 4804  C:\Windows\System32\tquery.dll - ok
11:56:45.0099 4804  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
11:56:45.0099 4804  C:\Windows\System32\pnidui.dll - ok
11:56:45.0099 4804  [ C140F86932B5B61F54A4D836E2D34AB2 ] C:\Windows\SysWOW64\ksproxy.ax
11:56:45.0099 4804  C:\Windows\SysWOW64\ksproxy.ax - ok
11:56:45.0099 4804  [ 9C67F6BBDA3881CFD02095160CF91576 ] C:\Windows\SysWOW64\ksuser.dll
11:56:45.0099 4804  C:\Windows\SysWOW64\ksuser.dll - ok
11:56:45.0099 4804  [ 630A31F277349109299E590856A4B004 ] C:\Windows\SysWOW64\Kswdmcap.ax
11:56:45.0099 4804  C:\Windows\SysWOW64\Kswdmcap.ax - ok
11:56:45.0099 4804  [ 4DDACA8A66B95ABA02812FF3C13DE198 ] C:\Windows\SysWOW64\vidcap.ax
11:56:45.0099 4804  C:\Windows\SysWOW64\vidcap.ax - ok
11:56:45.0114 4804  [ DC6612A9EE015A36BA2A27BC9CC12537 ] C:\Windows\SysWOW64\mfc42.dll
11:56:45.0114 4804  C:\Windows\SysWOW64\mfc42.dll - ok
11:56:45.0114 4804  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
11:56:45.0114 4804  C:\Windows\System32\QUTIL.DLL - ok
11:56:45.0114 4804  [ 234AFA322624B3203A2E720F08292B03 ] C:\Windows\System32\cscobj.dll
11:56:45.0114 4804  C:\Windows\System32\cscobj.dll - ok
11:56:45.0114 4804  [ 7568CC720ACE4D03B84AF97817E745EF ] C:\Windows\System32\mssrch.dll
11:56:45.0114 4804  C:\Windows\System32\mssrch.dll - ok
11:56:45.0114 4804  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
11:56:45.0114 4804  C:\Windows\System32\srchadmin.dll - ok
11:56:45.0114 4804  [ E2095C5CBE19CB17F8C6B07A5805B784 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll
11:56:45.0114 4804  C:\Program Files (x86)\Common Files\System\Ole DB\oledb32.dll - ok
11:56:45.0114 4804  [ 8859C0357D3C1499BEF65C7D5BBF7A40 ] C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll
11:56:45.0114 4804  C:\Program Files (x86)\Common Files\System\Ole DB\oledb32r.dll - ok
11:56:45.0114 4804  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
11:56:45.0114 4804  C:\Windows\System32\bthprops.cpl - ok
11:56:45.0130 4804  [ 3121A79D13A61562BE9CC902CD46B542 ] C:\Windows\System32\msidle.dll
11:56:45.0130 4804  C:\Windows\System32\msidle.dll - ok
11:56:45.0130 4804  [ ACE1BB07E0377E37A2C514CD2EC119B1 ] C:\Windows\System32\mssprxy.dll
11:56:45.0130 4804  C:\Windows\System32\mssprxy.dll - ok
11:56:45.0130 4804  [ ED12110CD5BFE686F645E145A7DD28C5 ] C:\Windows\SysWOW64\comsvcs.dll
11:56:45.0130 4804  C:\Windows\SysWOW64\comsvcs.dll - ok
11:56:45.0130 4804  [ C9FB9038B15036CA28CF0B4BE2BED9BD ] C:\Windows\System32\en-US\tquery.dll.mui
11:56:45.0130 4804  C:\Windows\System32\en-US\tquery.dll.mui - ok
11:56:45.0130 4804  [ 391CD109EF28629644C267C855314DEE ] C:\Windows\System32\ieframe.dll
11:56:45.0130 4804  C:\Windows\System32\ieframe.dll - ok
11:56:45.0130 4804  [ 736B8109F2E8A4FC1D7E2AEA9F48065E ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll
11:56:45.0130 4804  C:\Program Files (x86)\Common Files\System\Ole DB\msdasql.dll - ok
11:56:45.0130 4804  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
11:56:45.0130 4804  C:\Windows\SysWOW64\atl.dll - ok
11:56:45.0130 4804  [ 3EE82641D51AC10B4120ACBC515F6928 ] C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll
11:56:45.0130 4804  C:\Program Files (x86)\Common Files\System\Ole DB\msdasqlr.dll - ok
11:56:45.0146 4804  [ 500D9F5057091945F1EA242C5EAEB7FD ] C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll
11:56:45.0146 4804  C:\Program Files (x86)\Common Files\System\Ole DB\msdatl3.dll - ok
11:56:45.0146 4804  [ 4470B0943469C4AF5B114E420DCB1AEF ] C:\Windows\SysWOW64\sqlsrv32.dll
11:56:45.0146 4804  C:\Windows\SysWOW64\sqlsrv32.dll - ok
11:56:45.0146 4804  [ 66ABBF38123D3113BB55EBAFCF37AB92 ] C:\Windows\SysWOW64\odbccp32.dll
11:56:45.0146 4804  C:\Windows\SysWOW64\odbccp32.dll - ok
11:56:45.0146 4804  [ FF2EF2ED43C4079F962627BC38418B37 ] C:\Windows\SysWOW64\sqlsrv32.rll
11:56:45.0146 4804  C:\Windows\SysWOW64\sqlsrv32.rll - ok
11:56:45.0146 4804  [ 8BCB9193C2FBCEDAF548A05A4514F6A4 ] C:\Windows\SysWOW64\dbnetlib.dll
11:56:45.0146 4804  C:\Windows\SysWOW64\dbnetlib.dll - ok
11:56:45.0146 4804  [ D4958A2160EDCDE5AF3D14CA750F663C ] C:\Windows\SysWOW64\dbnmpntw.dll
11:56:45.0146 4804  C:\Windows\SysWOW64\dbnmpntw.dll - ok
11:56:45.0146 4804  [ 17AD6A5E8A3E68D3F77894B02B88BF92 ] C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll
11:56:45.0146 4804  C:\Program Files (x86)\Common Files\System\ado\msadrh15.dll - ok
11:56:45.0161 4804  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
11:56:45.0161 4804  C:\Windows\System32\ActionCenter.dll - ok
11:56:45.0161 4804  [ 9108540E866F75C7AF2B91DD921A8091 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
11:56:45.0161 4804  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
11:56:45.0161 4804  [ FB4045578F5180BDB1963AB352B78548 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11:56:45.0161 4804  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
11:56:45.0161 4804  [ D2155709E336C3BC15729EB87FEC6064 ] C:\Windows\System32\rasdlg.dll
11:56:45.0161 4804  C:\Windows\System32\rasdlg.dll - ok
11:56:45.0161 4804  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2 ] C:\Windows\System32\dot3api.dll
11:56:45.0161 4804  C:\Windows\System32\dot3api.dll - ok
11:56:45.0161 4804  [ 73FCB7919DEE80EE556F2E498594EBAE ] C:\Windows\System32\onex.dll
11:56:45.0161 4804  C:\Windows\System32\onex.dll - ok
11:56:45.0161 4804  [ 357BE883C5236BFC7341CB9E82308908 ] C:\Windows\System32\wlanapi.dll
11:56:45.0161 4804  C:\Windows\System32\wlanapi.dll - ok
11:56:45.0161 4804  [ E4FCA0F99A41E460C84016DEFD31E6EF ] C:\Windows\System32\wlanhlp.dll
11:56:45.0161 4804  C:\Windows\System32\wlanhlp.dll - ok
11:56:45.0177 4804  [ 7F1B4C6FF3B85F9ADF74055187B8A22C ] C:\Windows\System32\wlanutil.dll
11:56:45.0177 4804  C:\Windows\System32\wlanutil.dll - ok
11:56:45.0177 4804  [ 6699A112A3BDC9B52338512894EBA9D6 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
11:56:45.0177 4804  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
11:56:45.0177 4804  [ 5DA219F57A9076FB6FBD3C9C3713A672 ] C:\Windows\System32\WWanAPI.dll
11:56:45.0177 4804  C:\Windows\System32\WWanAPI.dll - ok
11:56:45.0177 4804  [ 6B851E682A36453E1B1EE297FFB6E2AB ] C:\Windows\System32\QAGENT.DLL
11:56:45.0177 4804  C:\Windows\System32\QAGENT.DLL - ok
11:56:45.0177 4804  [ 62C7AACC746C9723468A8F2169ED3E85 ] C:\Windows\System32\wwapi.dll
11:56:45.0177 4804  C:\Windows\System32\wwapi.dll - ok
11:56:45.0177 4804  [ C7494C67A6BF6FE914808E42F8265FEF ] C:\Program Files\Windows Media Player\wmpnssci.dll
11:56:45.0177 4804  C:\Program Files\Windows Media Player\wmpnssci.dll - ok
11:56:45.0177 4804  [ A9F3BFC9345F49614D5859EC95B9E994 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
11:56:45.0177 4804  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
11:56:45.0177 4804  [ 2C1055E2C6D42753241FB2A129136994 ] C:\Windows\System32\drmv2clt.dll
11:56:45.0177 4804  C:\Windows\System32\drmv2clt.dll - ok
11:56:45.0192 4804  [ 423982DD851406A52B6399DDB196C606 ] C:\Windows\System32\wmdrmdev.dll
11:56:45.0192 4804  C:\Windows\System32\wmdrmdev.dll - ok
11:56:45.0192 4804  [ 97A891E2BF7FDA830BCFC6269DA3F5E9 ] C:\Windows\System32\blackbox.dll
11:56:45.0192 4804  C:\Windows\System32\blackbox.dll - ok
11:56:45.0192 4804  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
11:56:45.0192 4804  C:\Windows\SysWOW64\MMDevAPI.dll - ok
11:56:45.0192 4804  [ 1EB82516F21F27EED1833B4F9FD9614E ] C:\Windows\System32\wmp.dll
11:56:45.0192 4804  C:\Windows\System32\wmp.dll - ok
11:56:45.0192 4804  [ E19AD0D49BFF5938B3E374873AC174DE ] C:\Windows\System32\wmploc.DLL
11:56:45.0192 4804  C:\Windows\System32\wmploc.DLL - ok
11:56:45.0192 4804  [ 916A020A8C88A48B7F67AEE1D8F9CECD ] C:\Program Files\Internet Explorer\ieproxy.dll
11:56:45.0192 4804  C:\Program Files\Internet Explorer\ieproxy.dll - ok
11:56:45.0192 4804  [ 355A138ABDFD43FBABCAE3A1B06AB93D ] C:\Windows\System32\wmpps.dll
11:56:45.0192 4804  C:\Windows\System32\wmpps.dll - ok
11:56:45.0192 4804  [ 8C338238C16777A802D6A9211EB2BA50 ] C:\Windows\SysWOW64\netprofm.dll
11:56:45.0192 4804  C:\Windows\SysWOW64\netprofm.dll - ok
11:56:45.0208 4804  [ 15E298B5EC5B89C5994A59863969D9FF ] C:\Windows\SysWOW64\npmproxy.dll
11:56:45.0208 4804  C:\Windows\SysWOW64\npmproxy.dll - ok
11:56:45.0208 4804  [ C940F2F5C60B3727C5F18840735B229C ] C:\Windows\SysWOW64\AudioSes.dll
11:56:45.0208 4804  C:\Windows\SysWOW64\AudioSes.dll - ok
11:56:45.0208 4804  [ BC0D4AFBE94D8E1F81C8926D805C3366 ] C:\Windows\System32\webcheck.dll
11:56:45.0208 4804  C:\Windows\System32\webcheck.dll - ok
11:56:45.0208 4804  [ 81E7E920312D372CF57A817049AC7C76 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
11:56:45.0208 4804  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL - ok
11:56:45.0208 4804  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
11:56:45.0208 4804  C:\Windows\System32\mlang.dll - ok
11:56:45.0208 4804  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
11:56:45.0208 4804  C:\Windows\System32\SyncCenter.dll - ok
11:56:45.0208 4804  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
11:56:45.0208 4804  C:\Windows\System32\imapi2.dll - ok
11:56:45.0208 4804  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
11:56:45.0208 4804  C:\Windows\System32\hgcpl.dll - ok
11:56:45.0224 4804  [ D9E21CBF9E6A87847AFFD39EA3FA28EE ] C:\Windows\System32\SearchProtocolHost.exe
11:56:45.0224 4804  C:\Windows\System32\SearchProtocolHost.exe - ok
11:56:45.0224 4804  [ D2A5B2B09F2AF5ED13BF494508B09788 ] C:\Windows\System32\msshooks.dll
11:56:45.0224 4804  C:\Windows\System32\msshooks.dll - ok
11:56:45.0224 4804  [ 49A3AD5CE578CD77F445F3D244AEAB2D ] C:\Windows\System32\SearchFilterHost.exe
11:56:45.0224 4804  C:\Windows\System32\SearchFilterHost.exe - ok
11:56:45.0224 4804  [ A08C010D859F8EB42BDD7E1D55B8CA27 ] C:\Windows\System32\mscoree.dll
11:56:45.0224 4804  C:\Windows\System32\mscoree.dll - ok
11:56:45.0224 4804  [ AA794B099F776B37ACCDEAD00E0FBFC9 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
11:56:45.0224 4804  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
11:56:45.0224 4804  [ E503E15C88B4BBDA3F6345E34FED3E92 ] C:\Windows\System32\mssvp.dll
11:56:45.0224 4804  C:\Windows\System32\mssvp.dll - ok
11:56:45.0224 4804  [ 8F4BB0CFECED925D440ABC2481278360 ] C:\Windows\System32\mapi32.dll
11:56:45.0224 4804  C:\Windows\System32\mapi32.dll - ok
11:56:45.0224 4804  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
11:56:45.0224 4804  C:\Windows\System32\NaturalLanguage6.dll - ok
11:56:45.0239 4804  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
11:56:45.0239 4804  C:\Windows\System32\NlsData0009.dll - ok
11:56:45.0239 4804  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
11:56:45.0239 4804  C:\Windows\System32\NlsLexicons0009.dll - ok
11:56:45.0239 4804  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
11:56:45.0239 4804  C:\Windows\System32\FXSST.dll - ok
11:56:45.0239 4804  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
11:56:45.0239 4804  C:\Windows\System32\FXSAPI.dll - ok
11:56:45.0239 4804  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
11:56:45.0239 4804  C:\Windows\System32\FXSRESM.dll - ok
11:56:45.0239 4804  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
11:56:45.0239 4804  C:\Windows\System32\FXSSVC.exe - ok
11:56:45.0239 4804  ============================================================
11:56:45.0239 4804  Scan finished
11:56:45.0239 4804  ============================================================
11:56:45.0255 4796  Detected object count: 0
11:56:45.0255 4796  Actual detected object count: 0
11:57:54.0851 3804  Deinitialize success



#10 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 05 August 2013 - 12:10 PM

How is your computer running now?

 

Upon reboot after ComboFix ran, I tried opening several programs (IE, Windows Explorer, TDSSKiller) and was met with the same messages each time:

 

"Illegal operation attempted on a registry key that has been marked for deletion." [OK button]

 

Next dialog was: "Can't open this item. It might have been moved, renamed, or deleted. Do you want to remove this item? [YES] [NO] - I chose NO each time.

 

I was able to run these programs by searching for them in the Start Menu and then choosing 'Run As Administrator'. Did so to run TDSSKiller as instructed. After rebooting as prompted by TDSSKiller, the program ran, finding no infections. Have since been able to open programs normally.



#11 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:18 AM

Posted 05 August 2013 - 02:11 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#12 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 06 August 2013 - 02:04 PM

Programs seem to be running normally, and have not experienced any BSODs lately, but then again, I am not able to continuously monitor this computer, and have advised the usual user to work on another PC. Each time I have come to check this PC I have awakened it from sleep mode, I presume.

 

I turned MSE real-time protection back on. Running a quick scan found nothing. Rebooted PC and MSE said "detected threats are being cleaned." MSE History log (All Detected Items) shows Rovnix.D being 'Quarantined' numerous times - the most recent of which are today (8/6) at 10:20 AM, 1:51 PM and 1:52 PM. Exploit:Java/CVE-2013-1493 was also 'Quarantined' at 10:20 AM today.

 

It seems odd that MSE was able to quarantine these items this morning, since I only JUST enabled real-time protection minutes before writing this update.

 

Please advise how to proceed.

 

Thanks,

Adam



#13 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:04:18 AM

Posted 06 August 2013 - 05:33 PM

Lets run a couple more scans to make sure there are no leftovers.

 

1.

  • Download Malwarebytes Anti-Rootkit from HERE

      
  • Unzip the contents to a folder in a convenient location.
      
  • Open the folder where the contents were unzipped and run mbar.exe
      
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
      
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
      
  • Wait while the system shuts down and the cleanup process is performed.
      
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
      
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log.txt and system-log.txt

 

 

2.

I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
       icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

 

Things to include in your next reply::

mbar-log .txt

system-log.txt

Eset log

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#14 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 08 August 2013 - 11:00 AM

mbar-log:

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.08.08.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16635
Kelly :: FRONTDESK-PC [administrator]

8/8/2013 9:36:48 AM
mbar-log-2013-08-08 (09-36-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 246062
Time elapsed: 7 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

system-log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004

© Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16635

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 4136046592, free: 3225206784

Downloaded database version: v2013.08.08.04
Downloaded database version: v2013.08.06.01
Initializing...
------------ Kernel report ------------
     08/08/2013 09:36:45
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\iaStor.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vpcnfltr.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\vpcvmm.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\k57nd60a.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\vpcusb.sys
\SystemRoot\system32\DRIVERS\usbrpm.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\vpchbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\lvuvc64.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\lvrs64.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\cdd.dll
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\usp10.dll
\Windows\System32\shlwapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\setupapi.dll
\Windows\System32\shell32.dll
\Windows\System32\psapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\normaliz.dll
\Windows\System32\lpk.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\wininet.dll
\Windows\System32\msctf.dll
\Windows\System32\nsi.dll
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\urlmon.dll
\Windows\System32\user32.dll
\Windows\System32\sechost.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ole32.dll
\Windows\System32\imm32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\difxapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\comdlg32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8006ca8060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa80047c1050
Lower Device Driver Name: \Driver\iaStor\
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8006ca8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8006ca8b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8006ca8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80047c1050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 3
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 8EACE8D7

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 80262

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 81920  Numsec = 50651136
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 50733056  Numsec = 926031872

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)...
Done!
Scan finished
=======================================

Removal queue found; removal started
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\bootstrap_0_1_81920_i.mbam...
Removing c:\programdata\malwarebytes' anti-malware (portable)\mbr_0_r.mbam...
Removal finished

 

ESETScan

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Users\Kelly\AppData\Local\Google\htmsuhvl.dll.vir a variant of Win32/Packed.Themida.AAI trojan cleaned by deleting - quarantined
C:\Users\Kelly\.frostwire5\updates\frostwire-5.6.2.windows.exe multiple threats cleaned by deleting - quarantined
 



#15 a4stetzer

a4stetzer
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:18 AM

Posted 08 August 2013 - 11:10 AM

How is your computer running now?

 

 

Rebooted computer - again greeted by MSE "detected threats are being cleaned".

Info for Rovnix.D (found/quarantined 8/8/2013 at 11:05 AM:

Security Essentials encountered the following error: Error code 0x800704ec. This program is blocked by group policy. For more information, contact your system administrator.

 

Category: Trojan

 

Description: This program is dangerous and executes commands from an attacker.

Recommended action: Remove this software immediately.

Items:

file:C:\TDSSKiller_Quarantine\02.08.2013_09.11.48\boot0000\boot0000\tsk0000.dta

Get more information about this item online.

 

Otherwise, have not experienced any BSODs, programs seem to run normally.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users